#2 Write down prerequisites for MBBox deployment
Merged 9 months ago by lrossett. Opened 9 months ago by zlopez.
centos/ zlopez/stream-team-docs mbbox  into  master

Write down prerequisites for MBBox deployment
Michal Konečný • 9 months ago  
file added
+63

@@ -0,0 +1,63 @@ 

+ # MBBox deployment guide

+ 

+ ## Description

+ 

+ This guide will describe the deployment of [MBBox](https://github.com/fedora-infra/mbbox) operator in OpenShift 4 cluster and it's prerequisites.

+ 

+ ## Prerequisites

+ 

+ ### Persistent Volumes

+ 

+ The MBBox needs several Persistent Volumes created in prior to deployment:

+ 

+ * mbox-registry (Recommended: 100 Gi) - Used as image registry

+ * httpd (Recommended: 1Gi) - Used by koji-hub httpd server

+ * koji (Recommended: 50Gi) - Used for shared koji space

+ * postgres (Recommended: 5Gi) - Used by postgreSQL database

+ 

+ ### Postgres

+ 

+ MBBox needs PostgreSQL database for various tasks.

+ 

+ * Version: 10.4

+ * Volumes: postgredb:/var/lib/postgresql

+ 

+ ### Secrets

+ 

+ MBBox needs plenty of secrets to be created for the components. Following is the list of secrets.

+ 

+ * ca-cert  

+ Description: Certificate for Certification Authority  

+ Key/value: cert/CA certificate

+ * koji-builder-client-cert  

+ Description: Koji builder client certificate (must have the CN: koji builder host name)  

+ Key/value: tls.pem/Combined certificate with key signed by CA

+ * koji-hub-service-cert  

+ Description: Server certificate for koji-hub  

+ Key/value: tls.crt/Koji server certificate signed by CA  

+ Key/value: tls.key/Private key for the tls.crt

+ * koji-hub-admin-cert  

+ Description: Certificate for koji admin user (must have the CN: koji admin username)  

+ Key/value: client.pem/Combined certificate with key signed by CA

+ * koji-hub-web-client-cert  

+ Description: Certificate for koji web client user (must have the CN: koji web client username)  

+ Key/value: client.pem/Combined certificate with key signed by CA

+ * koji-hub-msg  

+ Description: Koji hub messaging certificate for fedora messaging  

+ Key/value: koji.ca/CA certificate for messaging  

+ Key/value: koji.crt/Messaging certificate  

+ Key/value: koji.key/Private key for messaging certificate

+ * kojira-client-cert  

+ Description: Kojira client certificate to communicate with koji-hub (must have the CN: koji hub username for kojira)  

+ Key/value: client.pem/Combined certificate with key signed by CA

+ * mbs-client-cert  

+ Description: MBS backend client certificate to communicate with koji-hub (must have the CN: koji hub username for MBS)  

+ Key/value: client.pem/Combined certificate with key signed by CA

+ * mbs-frontend-client-cert  

+ Description: MBS frontend client certificate to communicate with koji-hub (must have the CN: koji hub hostname)  

+ Key/value: client.pem/Combined certificate with key signed by CA

+ * mbs-frontend-client-cert  

+ Description: MBS frontend server certificate  

+ Key/value: tls.crt/MBS server certificate signed by CA  

+ Key/value: tls.key/Private key for server certificate

+  

This PR adds guide for MBBox deployment. For now it's containing only the prerequisites, that are needed prior to the deployment.

Pull-Request has been merged by lrossett

9 months ago
Metadata