13650: Merge branch 'master' into 13650-document-arvados-kubernetes

[arvados.git] / doc / install / arvados-on-kubernetes.html.textile.liquid

---
layout: default
navsection: installguide
title: Arvados on Kubernetes
...
{% comment %}
Copyright (C) The Arvados Authors. All rights reserved.

SPDX-License-Identifier: CC-BY-SA-3.0
{% endcomment %}

Arvados on Kubernetes is implemented as a Helm chart.

{% include 'notebox_begin_warning' %}
This Helm chart does not retain any state after it is deleted. An Arvados cluster spun up with this Helm Chart is entirely ephemeral, and all data stored on the cluster will be deleted when it is shut down. This will be fixed in a future version.
{% include 'notebox_end' %}

h2. Requirements

* Kubernetes 1.10+ cluster with at least 3 nodes, 2 or more cores per node
* @kubectl@ and @helm@ installed locally, and able to connect to your Kubernetes cluster

If you do not have a Kubernetes cluster already set up, you can use "Google Kubernetes Engine":/install/arvados-on-kubernetes-GKE.html for multi-node development and testing, "Minikube":/install/arvados-on-kubernetes-minikube.html for single node development and testing or "another Kubernetes solution":https://kubernetes.io/docs/setup/pick-right-solution/.

h2(#helm). Initialize helm on the Kubernetes cluster

If you already have helm running on the Kubernetes cluster, proceed directly to "Start the Arvados cluster":#Start below.

<pre>
$ helm init
$ kubectl create serviceaccount --namespace kube-system tiller
$ kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
$ kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
</pre>

Test @helm@ by running

<pre>
$ helm ls
</pre>

There should be no errors. The command will return nothing.

h2(#Start). Start the Arvados cluster

First, determine the IP address that the Arvados cluster will use to expose its API, Workbench, etc. If you want this Arvados cluster to be reachable from places other than the local machine, the IP address will need to be routable as appropriate.

<pre>
$ git clone https://github.com/curoverse/arvados-kubernetes.git
$ cd arvados-kubernetes/charts/arvados
$ ./cert-gen.sh <IP ADDRESS>
</pre>

The @values.yaml@ file contains a number of variables that can be modified. At a minimum, review and/or modify the values for

<pre>
  adminUserEmail
  adminUserPassword
  superUserSecret
  anonymousUserSecret
</pre>

Now start the Arvados cluster:

<pre>
$ helm install --name arvados . --set externalIP=<IP ADDRESS>
</pre>

At this point, you can use kubectl to see the Arvados cluster boot:

<pre>
$ kubectl get pods
$ kubectl get svc
</pre>

After a few minutes, you can access Arvados Workbench at the IP address specified

* https://&lt;IP ADDRESS&gt;

with the username and password specified in the @values.yaml@ file.

Alternatively, use the Arvados cli tools or SDKs:

Set the environment variables:

<pre>
$ export ARVADOS_API_TOKEN=<superUserSecret from values.yaml>
$ export ARVADOS_API_HOST=<STATIC IP>:444
$ export ARVADOS_API_HOST_INSECURE=true
</pre>

Test access with:

<pre>
$ arv user current
</pre>

h2. Reload

If you make changes to the Helm chart (e.g. to @values.yaml@), you can reload Arvados with

<pre>
$ helm upgrade arvados .
</pre>

h2. Shut down

{% include 'notebox_begin_warning' %}
This Helm chart does not retain any state after it is deleted. An Arvados cluster spun up with this Helm Chart is entirely ephemeral, and <strong>all data stored on the Arvados cluster will be deleted</strong> when it is shut down. This will be fixed in a future version.
{% include 'notebox_end' %}

<pre>
$ helm del arvados --purge
</pre>