Skip to main content
Version: 3.9.0

Install KubeRocketCI

Inspect the main steps to install KubeRocketCI. Please check the Prerequisites Overview page before starting the installation. Also, to authenticate each of the release artifacts, please refer to the Verification of KubeRocketCI Artifacts guide. There are multiple ways to deploy KubeRocketCI:

note

The installation process below is given for a Kubernetes cluster. The steps that differ for an OpenShift cluster are indicated in the notes.

warning

KubeRocketCI is aligned with industry standards for storing and managing sensitive data, ensuring optimal security. However, the use of custom solutions introduces uncertainties, thus the responsibility for the safety of your data is fully covered by the platform administrator.

  1. (Optional) KubeRocketCI manages secrets via External Secret Operator to integrate with a variety of tools. For more information about the secrets being used and how they are utilized, please refer to the External Secrets Operator Integration guide.

  2. (Optional) Deploy and configure Keycloak to enable Single Sign-On approach. To see the details on how to configure Keycloak correctly, please refer to the Install Keycloak page.

  3. Add the Helm charts repository:

    helm repo add epamedp https://epam.github.io/edp-helm-charts/stable

  4. Choose the required Helm chart version:

    helm search repo epamedp/edp-install
    NAME                    CHART VERSION   APP VERSION     DESCRIPTION
    epamedp/edp-install     3.9.0           3.9.0           A Helm chart for EDP Install
    note

    It is highly recommended to use the latest released version.

  5. KubeRocketCI can be integrated with the following version control systems:

    This integration implies in what system the development of the application will be or is already being carried out. The global.gitProviders flag in the edp-install controls this integration:

    Global VCS configuration (can be multiple values):

    values.yaml
    ...
    global:
      gitProviders:
        - gerrit
        - github
        - gitlab
    ...

    Tekton event listner configuration:

    values.yaml
    ...
    edp-tekton:
      gitServers:
        github:
          gitProvider: github
          host: github.com
          webhook:
            skipWebhookSSLVerification: false
          eventListener:
            enabled: true
            resources:
              requests:
                memory: "64Mi"
                cpu: "50m"
              limits:
                memory: "128Mi"
                cpu: "500m"
            ingress:
              enabled: true
    ...

    Gerrit server can be deployed as a part of KubeRocketCI platform when the Gerrit is enabled. For more details on how to integrate KubeRocketCI with GitLab or GitHub, please refer to the Add GitServer page.

  6. Configure Container Registry.

    KubeRocketCI supports integration with multiple container registries, providing flexibility for projects using either OpenShift or Kubernetes clusters. The supported container registries include AWS ECR, DockerHub, Harbor, OpenShift (OCR), Nexus, and GitHub (GHCR). This integration simplifies the process of storing and managing container images across various environments.

    For more details on integrating these container registries with KubeRocketCI, refer to the following documentation: Container Registries Integration Guide and Manage Container Registries

    For example, to enable Harbor as a registry storage, use the values below:

    global:
      dockerRegistry:
        type: "harbor"
        url: "harbor.example.com"

  7. Install platform in the edp namespace with the Helm tool:

    Check the parameters in the installation chart values.yaml file.

    helm install edp epamedp/edp-install --wait --timeout=900s \
    --version 3.9.0 \
    --values values.yaml \
    --namespace edp

    See the example on the parameters below:

    Example values.yaml file
    global:
      # -- platform type that can be either "kubernetes" or "openshift"
      platform: "kubernetes"
      # DNS wildcard for routing in the Kubernetes cluster;
      dnsWildCard: "example.com"
      # -- Administrators of your tenant
      # -- Can be gerrit, github or gitlab. By default: github
      gitProviders:
        - github
      dockerRegistry:
        # -- Docker Registry endpoint
        url: "<AWS_ACCOUNT_ID>.dkr.ecr.<AWS_REGION>.amazonaws.com"
        type: "ecr"

    sso:
      enabled: false
      # Keycloak address with which the platform will be integrated
      keycloakUrl: "https://keycloak.example.com"
      admins:
        - "stub_user_one@example.com"
      developers:
        - "stub_user_one@example.com"
        - "stub_user_two@example.com"

    edp-tekton:
      # Tekton Kaniko configuration section
      kaniko:
        # -- AWS IAM role to be used for kaniko pod service account (IRSA). Format: arn:aws:iam::<AWS_ACCOUNT_ID>:role/<AWS_IAM_ROLE_NAME>
        roleArn:
      gitServers:
        github:
          gitProvider: github
          host: github.com
          webhook:
            skipWebhookSSLVerification: false
          eventListener:
            enabled: true
            resources:
              requests:
                memory: "64Mi"
                cpu: "50m"
              limits:
                memory: "128Mi"
                cpu: "500m"
            ingress:
              enabled: true

    edp-headlamp:
      config:
        oidc:
          enabled: false
    note

    Set global.platform=openshift while deploying EDP in OpenShift.

    info

    The full installation with integration between tools will take at least 10 minutes.

  8. To check if the installation is successful, run the command below:

    helm status edp -n edp

    You can also check ingress endpoints to get the Portal endpoint to enter Portal UI:

    kubectl describe ingress -n edp

  9. Once KubeRocketCI is successfully installed, you can explore our Use Cases to try out the functionality of the KubeRocketCI platform.