1. Operating StreamNative Platform
  2. Deploy

Deploy StreamNative Platform on Red Hat OpenShift

This page describes how to deploy StreamNative Platform as a cloud-native, stateful container application on Red Hat OpenShift.

Deploy Pulsar Operators

Pulsar Operators include the BookKeeper Operator, Pulsar Operator, and ZooKeeper Operator, which can bring up a Pulsar cluster easily on Openshift.

  • BookKeeper Operator: provides a full management lifecycle for BookKeeper clusters.
  • Pulsar Operator: manages the deployment of the Pulsar Broker and Pulsar Proxy to run Pulsar clusters.
  • ZooKeeper Operator: provides a full management lifecycle for ZooKeeper clusters.

You can deploy Pulsar Operators with either cluster-scoped permissions or namespace-scoped permissions. With cluster-scoped permissions, the Pulsar Operators can watch resources across all namespaces in the cluster. With namespace-scoped permissions, the Pulsar Operators can watch resources in a particular namespace.

OpenShift Web Console

This section describes how to deploy Pulsar Operators using the OpenShift Web Console.

Note

Currently, you can only deploy Pulsar Operators with cluster-scoped permissions.

Prerequisites

Steps

  1. Navigate to your OpenShift Web Console and click OperatorHub.

  2. Enter "StreamNative" or "Pulsar" in the search box. There are three tiles: BookKeeper Operator, Pulsar Operator, and ZooKeeper Operator.

    screenshot of Operator Hub in OpenShift Web Console

  3. Click the BookKeeper Operator tile, and then click Install. This step shows the BookKeeper Operator as an example.

    screenshot of installing BookKeeper Operator in OpenShift Web Console

  4. Customize the configurations.

    • Installation mode
      • All namespaces on the cluster(default): deploy the Pulsar Operators with cluster-scoped permissions.
      • A specific namespace on the cluster: deploy the Pulsar Operators with namespace-scoped permissions. Currently, this option is not supported because it needs to pass the parameter through an environment variable.
    • Updated Approval
      • Automatic: automatically install or update the Pulsar Operators.
      • Manual: manually install or update the Pulsar Operators.

    screenshot of customizing Operators' configurations

  5. Click Install. A page displays, showing the BookKeeper Operator installation process.

    screenshot of Operator's installation process

  6. After the BookKeeper Operator is installed, you can see the new status Installed operator - ready for use.

    screenshot of Operator's installation process completion

  7. Repeat Steps 3 through 6 to install the Pulsar Operator, and then repeat the steps for the ZooKeeper Operator.

  8. Confirm that all Pulsar Operators are running. You can find the Pods in the openshift-operators namespace.

    kubectl -n openshift-operators get pods
    NAME                                                      READY   STATUS    RESTARTS   AGE
    bookkeeper-operator-controller-manager-85df68b588-7pblp   2/2     Running   0          4m53s
    pulsar-operator-controller-manager-5ff697757c-2pnl2       2/2     Running   0          96s
    zookeeper-operator-controller-manager-7655ff7ff6-8mn2z    2/2     Running   0          13s
    

CLI

This section describes how to deploy Pulsar Operators using the Command Line Interface (CLI) tool.

Note

You can deploy Pulsar Operators with either cluster-scoped permissions or namespace-scoped permissions.

Prerequisites

Steps

To deploy Pulsar Operators using the CLI tool, you can define the following options in your values.yaml YAML file.

watchNamespace: # --- [1]
<component>: # --- [2]
  serviceAccount: # --- [3]
    clusterRole: # --- [4]
  • [1] watchNamespace: describe the namespace where the Controllers watch updates to Pulsar components.
  • [2] <component>: represent the component to configure, such as the Pulsar broker, Pulsar Proxy, and so on.
  • [3] serviceAccount: provide an identity for processes that run in a Pod.
  • [4] clusterRole: describe whether to grant cluster-scoped permissions to the service account. By default, it is set to true.

To deploy Pulsar Operators with cluster-scoped permissions, you can set an empty string to the watchNamespace option and set the clusterRole option to true.

This example shows how to deploy Pulsar Operators with cluster-scoped permissions.

  1. Create a Kubernetes namespace.

    kubectl create namespace <kubernetes_namespace>
    
  2. Install the Pulsar Operators.

    Note

    The pulsar-operator chart provides default values for options that are used to install the Pulsar Operators with cluster-scoped permissions. You can customize the file according to your configuration.

    helm upgrade pulsar-operators streamnative/pulsar-operator \
      --install \
      -n <k8s_namespace>
    
  3. Confirm that all Pulsar Operators are running.

    kubectl get pods -n <kubernetes_namespace>
    NAME                                                      READY   STATUS    RESTARTS   AGE
    bookkeeper-operator-controller-manager-85df68b588-7pblp   2/2     Running   0          4m53s
    pulsar-operator-controller-manager-5ff697757c-2pnl2       2/2     Running   0          96s
    zookeeper-operator-controller-manager-7655ff7ff6-8mn2z    2/2     Running   0          13s
    

Deploy StreamNative Platform Chart

Before deploying StreamNative Platform on OpenShift, you need to install the Vault Operator, configure the Security Context Constraints (SCCs), and disable Pulsar monitoring components (including Prometheus, Grafana, and so on).

Enable OpenShift Security Context Constraints

SCCs allow you to control permissions for the Pulsar Pods. You can either use the default SCC or use an existing SCC.

If you do not have a SCC yet, a SCC is automatically created when you deploy StreamNative Platform using the Helm Chart. You can set the openshift.scc.create option to true in your values.yaml YAML file and then update the resources.

openshift:
  enabled: true
  scc:
    enabled: true # --- [1]
    create: true # --- [2]
  • [1] scc.enabled: enable SCC for StreamNative Platform.
  • [2] scc.create: create a SCC automatically.

Disable monitoring components

OpenShift is shipped with monitoring components. Therefore, you must disable Pulsar monitoring components by using the monitoring.<component> option.

monitoring:
  prometheus: false
  grafana: false
  node_exporter: false
  alert_manager: false
  loki: false
  datadog: false

Examples

This example shows how to deploy StreamNative Platform on OpenShift with the default SCC and namespace-scoped permissions.

  1. Create a Kubernetes namespace for your Pulsar cluster.

    This example shows how to create a Kubernetes namespace app-sn for your Pulsar cluster.

    kubectl create namespace app-sn
    
  2. Define a YAML file.

    This is a sample YAML file. You should customize the file according to your configuration.

    openshift:
      enabled: true
      scc:
        enabled: true
        create: true
    
    zookeeper:
      customTools:
      serviceAccount:
        clusterRole: false
      securityContext:
        runAsUser: 0
    bookkeeper:
      serviceAccount:
        clusterRole: false
      securityContext:
        runAsUser: 0
    broker:
      serviceAccount:
        clusterRole: false
      securityContext:
        runAsUser: 0
    
    proxy:
      securityContext:
        runAsUser: 0
    
    vault:
      securityContext:
        runAsUser: 0
    streamnative_console:
      securityContext:
        runAsUser: 0
      serviceAccount:
        use: true
        create: true
    
    toolset:
      securityContext:
        runAsUser: 0
    functions:
      serviceAccount:
        clusterRole: false
    prometheus:
      serviceAccount:
        clusterRole: false
    
    monitoring:
      prometheus: false
      grafana: false
      node_exporter: false
      alert_manager: false
      loki: false
      datadog: false
    
  3. Apply the YAML file to deploy StreamNative Platform.

    helm install -f /path/to/values.yaml <release_name> streamnative/sn-platform --set initialize=true -n app-sn
    

Cleanup

Remember to destroy any resources you create after are finished with StreamNative Platform and the Pulsar cluster.

helm uninstall <release-name> -n <k8s_namespace>
Previous
AWS EKS Cluster