search string side menu

BRIX On-Premises > BRIX On-Premises Enterprise / Install BRIX Enterprise

Install BRIX Enterprise

BRIX On-Premises is installed in a Kubernetes cluster. It uses PostgreSQL, MongoDB, Redis database management systems, RabbitMQ service bus, and an S3 compatible object storage (MinIO). For more details, refer to the Architecture article.

 

The installation consists of five steps:

  1. Prepare infrastructure (optional).
  2. Download the Helm chart and the configuration file.
  3. Fill out the configuration file.
  4. Install BRIX using helm in a Kubernetes cluster.
  5. Install add-ons for BRIX (optional).

Before starting the installation, read the system requirements of BRIX On-Premises Enterprise.

Step 1: Prepare infrastructure (optional)

By infrastructure we mean the necessary components for the operation of the BRIX On-Premises application.

начало внимание

It is assumed that the dependent components should be deployed by the client independently. All work related to organizing a high-availability local architecture and setting up the high availability of dependent components is also done by the client.

конец внимание

Components necessary for BRIX On-Premises operation:

  • Kubernetes cluster.
  • PostgreSQL.
  • MongoDB.
  • RabbitMQ.
  • Redis.
  • S3 (MinIO).

In this article, databases and the S3 storage are installed in the Kubernetes cluster as per the Prepare embedded databases article and use standard connection strings and passwords.

Requirements for component configuration

Kubernetes configuration requirements

The installed version of the Kubernetes cluster should support Kubernetes API v.2 (Kubernetes version 1.21 - 1.30) and contain the following components: ingress-nginx controller, coredns, rbac, storageclass.

The installation is done using Helm v.3.

Proxying from pods to the external network should be allowed.

If you need to deploy a Kubernetes cluster, refer to the articles in the Kubernetes section.

Data storage

You can use your existing databases and S3 storage as components for BRIX On-Premises. There is also an option to combine your components with those deployed using the elma365-dbs or elma365-stack charts. In the next installation steps, you will need to specify the connection strings to the databases and the S3 storage.

If there's a need to deploy all or just the missing components, refer to the articles in the Databases section.

 

High availability

To ensure continuous operation of BRIX on Bare-metal servers, it is necessary to build a high-availability Kubernetes cluster and ensure the operation of the used databases and S3 storage. For more details on building a high-availability environment for BRIX, refer to Prepare infrastructure.

 

Offline installation (Air-gap)

You can install BRIX in a closed-loop environment without direct access to the external container image storage. For this, on a computer with internet access, you need to download the BRIX application images and import them into a local image repository. Read more in Download BRIX images.

You can skip this section if the component configuration requirements are met and there's no need to deploy components necessary for the operation of BRIX On-Premises.

 

Step 2: Download the Helm chart and configuration file

Obtain the configuration file values-elma365.yaml for installation via the internet by executing the following command:

helm repo add elma365 https://charts.elma365.tech
helm repo update
helm show values elma365/elma365 > values-elma365.yaml

Obtaining the configuration file for installation in a closed loop without internet access

  1. On a computer with internet access, download BRIX images and upload them to the local image registry. Read more in the Download BRIX images article.
  2. Download the archive of the latest version of the BRIX On-Premises chart from the elma365 repository by executing the following command:

helm repo add elma365 https://charts.elma365.tech
helm repo update
helm pull elma365/elma365

  1. Copy the received chart archive elma365-X.Y.Z.tgz to the server where the installation will take place.
  2. Unpack the obtained chart on the server and copy the default configuration file values.yaml to values-elma365.yaml. To do this, run the following command:

tar -xf elma365-X.Y.Z.tgz
cp elma365/values.yaml values-elma365.yaml

You can also download a .tar.gz file with a specific BRIX version using the links provided in Links for downloading BRIX distribution packages.

Step 3: Fill out the configuration file

For a quick start of the app, fill out the main parameters:

  • global.host — domain (FQDN) or IP address by which the system will be accessible.
  • bootstrapCompany.email — administrator’s email.
  • bootstrapCompany.password — administrator’s password.
  • db.psqlUrl — connection string to the PostgreSQL DB.
  • db.mongoUrl — connection string to the MongoDB for the app.
  • db.vahterMongoUrl — connection string to the MongoDB for the authorization server.
  • db.redisUrl — connection string to Redis.
  • db.amqpUrl — connection string to RabbitMQ.
  • db.s3.method — request method to S3.
  • db.s3.accesskeyid — S3 username.
  • db.s3.secretaccesskey — password for the S3 user.
  • db.s3.bucket — S3 bucket.
  • db.s3.backend.address — S3 address.
  • db.s3.backend.region — S3 region.
  • db.s3.ssl.enabled — enabling S3 SSL.

Fill in the variables in the values-elma365.yaml file by performing the following actions:

  1. Set the FQDN domain or IP address through which the system will be accessible in the global.host parameter.

In the article Prepare embedded databases, on step 1, you should have prepared an S3 MinIO storage, which is accessible via the FQDN domain elma365_server.your_domain. When using the built-in S3 storage accessible by the FQDN, BRIX should be accessible under the same domain name. To do this, in global.host specify elma365_server.your_domain and enable the ingress binding to the domain elma365_server.your_domain. To do this, set the value true for the ingress.hostEnabled parameter.

global:
  ## domain (FQDN) or IP address where the system will be available
  host: 'elma365_server.your_domain'
  ingress:
    hostEnabled: true

  1. Complete the company creation parameters in the bootstrapCompany section. The company will be created during the BRIX installation.
  2. Set the administrator's email address in the bootstrapCompany.email parameter. This address will serve as the login for the main administrator.

The main administrator's login cannot be changed after the system installation.

  1. Indicate, according to your security policy, the password for the main administrator's login in the bootstrapCompany.password parameter.
  2. Set the company language in the bootstrapCompany.locale parameter, for example, en-US:

bootstrapCompany:
  ## Admin email
  email: "admin@mail.com"
  ## Admin password
  password: "test"
  ## Installed system language, possible options: "ru-RU", "en-US", "sk-SK"
  locale: "en-US"

  1. Set the installed system language in the language.default parameter, for example, en-US:

language:
  ## Installed system language, possible options: "ru-RU", "en-US", "sk-SK"
  default: "en-US"

  1. Fill in the connection strings for the PostgreSQL, MongoDB, RabbitMQ, Redis databases. To do this, you need to fill in the following parameters: db.psqlUrl, db.mongoUrl, db.vahterMongoUrl, db.redisUrl, db.amqpUrl.

db:
 ## Connection string for Postgres DB, format:
postgresql://user:password@hostname:5432/databaseName
 psqlUrl: 'postgres://postgres:pgpassword@postgres.elma365-dbs.svc.cluster.local:5432/elma365?sslmode=disable'
 ## Connection string for read-only Postgres DB, format:
postgresql://user:password@hostname:5432/databaseName
 roPsqlUrl: ''
 ## Connection string for the MongoDB for the application, format:
mongodb://user:password@hostname:27017/databaseName
 mongoUrl: 'mongodb://elma365:mongopassword@mongo.elma365-dbs.svc.cluster.local:27017/elma365?ssl=false&replicaSet=rs0&readPreference=secondaryPreferred'
 ## Connection string for MongoDB for the authorization server, format:
mongodb://user:password@hostname:27017/databaseName
 vahterMongoUrl: 'mongodb://elma365:mongopassword@mongo.elma365-dbs.svc.cluster.local:27017/elma365?ssl=false&replicaSet=rs0&readPreference=secondaryPreferred'
 ## Connection string for Redis, format:
redis://user:password@redis.local:6379/databaseName
 redisUrl: 'redis://redis.elma365-dbs.svc.cluster.local:6379/0'
 ## Connection string for Rabbit, format:
amqp://user:password@hostname:5672/vhost
 amqpUrl: 'amqp://elma365:rmqpassword@rabbitmq.elma365-dbs.svc.cluster.local:5672/elma365'

  1. Fill in the parameters for connecting to the S3 file storage:
  • db.s3.method — S3 request method.
  • db.s3.accesskeyid — S3 username.
  • db.s3.secretaccesskey — password for the S3 user.
  • db.s3.secretaccdb.s3.bucket — S3 bucket.
  • db.s3.backend.address — S3 address.
  • db.s3.backend.region — S3 region.
  • db.s3.ssl.enabled — enable S3 SSL.

db:
 s3:
   method: PUT
   accesskeyid: PZSF73JG72Ksd955JKU1HIA
   secretaccesskey: aFDkj28Jbs2JKbnvJH678MNwiz88zKjsuNBHHs
   bucket: s3elma365
   backend:
     address: elma365_server.your_domain
     region: us-east-1
   ssl:
     enabled: "false"

 

Filling in the connection parameters to a private registry for installation in a closed-loop without internet access

To connect to a private registry in a closed loop, do the following:

  • Set the address and path in the global.image.repository parameter.
  • Indicate the name of the secret with access rights to the private registry in the global.image.pullSecret parameter. The private registry should be manually created and encrypted in Base64 global:

 ## address and path for private registry
 image:
   repository: registry.example.com/images/elma365
   ## secret with access permissions for the private registry must be created manually, 
   encoded in Base64 
   pullSecret:
     - name: myRegistryKeySecretName

 

 

Where format of repository is:

registry.example.com — address.

/images/elma365 — path.

 

The configuration file values-elma365.yaml contains a large number of parameters for the BRIX On-Premises application.

Step 4: Install BRIX using helm in the Kubernetes cluster

  1. Install  BRIX Enterprise using the configuration file values-elma365.yaml. If you need to install the application in a separate namespace, specify it in the installation command:

helm upgrade --install elma365 elma365/elma365 \
-f values-elma365.yaml \
--timeout=30m --wait [-n namespace]

To install the BRIX Enterprise application in an isolated environment without internet access, run the following command:

helm upgrade --install elma365 ./elma365 \
-f values-elma365.yaml \
--timeout=30m --wait [-n namespace]

The installation time for the BRIX Enterprise application takes 10-30 minutes. Wait for the update of the BRIX Enterprise application parameters.

  1. Open a browser and navigate to the BRIX Enterprise login page at http://global.host. The global.host parameter was specified in the values-elma365.yaml configuration file in the step of downloading the helm chart and configuration file.

In the given example, the following login page address for the BRIX Enterprise application is used: http://example.com

  1. Use the administrator's email address as the login and the password you used in the values-elma365.yaml configuration file for the parameters bootstrapCompany.email and bootstrapCompany.password.

In the given example, the following are used:

  • Login — admin@mail.com;
  • Password — test.
  1. Click the Login to the system button.

Then, the BRIX application window will open.

  1. Activate the system. For more details, see Activate On-Premises.

The installation of the BRIX Enterprise edition application has been successfully completed.

начало внимание

Save the values-elma365.yaml configuration file for future updates.

конец внимание

 

Step 5: Install add-ons for the BRIX application (optional)

Under add-ons for the BRIX application, components are understood that extend the functional and infrastructure capabilities of the BRIX application, which include:

  • Linkerd routing system (Service Mesh).
  • Prometheus + Grafana monitoring system.
  • Descheduler.
  • NodeLocal DNSCache.
  • Kyverno.
  • KEDA.
  • The Security Audit module.

Add-ons are installed as needed, considering the existing infrastructure. Articles in the Administering BRIX Enterprise section will help decide whether you should to install an add-on component.

elma365-enterprise.html change-settings-enterprise.html