On-premise Installation Guide

Requirements:

  • Kubernetes cluster:
    • It must be able to use OpenEBS Cstor. Disks have to be attached to Kubernetes nodes and must not be mounted or formatted.
    • If there is no internet access, each node should have a busybox:latest image preloaded.
  • A linux VM:
    • Must be accessible by the Kubernetes cluster (this VM will host the docker registry along with the chartmuseum and devpi services, which are needed to run the Neu.ro platform).
    • Must have access to the Kubernetes cluster.
    • The following utilities have to be installed: docker, kubectl, jq.

Archive Structure

/chartmuseum
  • A directory with all required helm charts. It will be mounted as a volume to the chartmuseum container.
/registry
  • A directory with all required docker images. It will be mounted as a volume to the registry container.
/devpi
  • A directory with the neuro-cli python package and all its dependencies. It will be mounted as a volume to the devpi container.
registry.tar
  • Saved registry:2 image.
chartmuseum.tar
  • Saved chartmuseum/chartmuseum:latest image.
devpi.tar
  • Saved devpi image.
jq.tar
  • Saved imega/jq:latest image, command-line JSON processor.
yq.tar
  • Saved mikefarah/yq:latest image, command-line YAML processor.
k8s/*.yaml
  • Kubernetes resources that will be created in the cluster.
*.sh
  • Installation scripts.

Platform Setup

Connect to the Linux VM and ensure that kubectl can connect to the Kubernetes cluster:
1
kubectl get nodes
Copied!
Mount the USB (or external storage) device and extract the neuro.tar archive:
1
mkdir –p $HOME/neuro
2
tar -xvf neuro.tar -C $HOME/neuro
Copied!
Prepare the config file (see example below), run the installation script, and wait until all pods are in the Running state:
1
$HOME/neuro/install.sh $CONFIG_FILE_PATH
Copied!
By default, if there is no Ingress certificate specified in the config file, the installation script will generate a self-signed certificate. This self-signed certificate has to be added to the certificate trust store in the platform user's development environment.

Configure the DNS Server

Set up A records to the platform domains *.neu.ro, default.org.neu.ro, *.default.org.neu.ro, *.jobs.default.org.neu.ro in such a way that they point to all Kubernetes cluster IPv4 addresses.

Config File Example

1
server:
2
ip: "10.240.0.8"
3
ui:
4
type: minzdrav
5
ingress_ssl:
6
cert_path: "/path/to/ingress.crt" # optional
7
cert_key_path: "/path/to/ingress.key" # optional
8
postgres:
9
password: changeme
10
size: 10Gi
11
redis:
12
password: changeme
13
size: 10Gi
14
keycloak:
15
username: admin
16
password: changeme
17
auth:
18
jwt_secret: changeme
19
registry:
20
size: 10Gi
21
storage:
22
size: 10Gi
23
blob_storage:
24
size: 10Gi
25
metrics:
26
size: 10Gi
27
node_pools:
28
- name: cpu
29
cpu: 8
30
memory_gb: 6
31
disk_size_gb: 6
32
nodes:
33
- aks-agentpool-36699122-vmss000002
34
- name: gpu
35
cpu: 8
36
memory_gb: 6
37
disk_size_gb: 6
38
gpu: 1
39
gpu_model: nvidia-tesla-k80
40
nodes:
41
- aks-agentpool-36699122-vmss000002
Copied!

Development Environment Setup

Add the certificate to the trust store (in case a self-signed certificate was generated during setup)

  • Download the Ingress certificate:
1
openssl s_client -connect app.neu.ro:443 -showcerts </dev/null > ingress.crt
Copied!
  • Add it to your machine's trust store.

Install Neuro CLI

Run the following command to install Neuro CLI:
1
pip install -i http://$SERVER_IP/root/pypi neuro-cli
Copied!