Fuzzball Documentation
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  2. /
  3. Cluster Administrator Guides
  4. /
  5. Deploy, Configure, and Test Fuzzball on Kubernetes
  6. /
  7. Server Node Deployment
  8. /
  9. Server Node Fuzzball Orchestrate Configuration

Server Node Fuzzball Orchestrate Configuration

Now that the K8s Fuzzball Operator is installed on the Server node, we are ready to use it to deploy Fuzzball! The first step is to generate a suitable fuzzball.yaml file to configure the new deployment. Here is an example. (This assumes you have already set $ACCESS_KEY to the CIQ Depot key obtained from the sales/support team with your Fuzzball subscription.)

# DEPOT_USER="" # populate with your username for CIQ Depot

# ACCESS_KEY="" # populate with the Depot key obtained from the CIQ sales/support team

# IP1="" # populate with the first IP address in your metallb pool (e.g. 10.0.0.99)

# NFS_SERVER_IP="" # populate with the IP address of you NFS server

# REALM_ID=$(uuidgen --random)

# cat >fuzzball.yaml<<EOF
apiVersion: deployment.ciq.com/v1alpha1
kind: FuzzballOrchestrate
metadata:
  labels:
    app.kubernetes.io/name: fuzzball-orchestrate
    app.kubernetes.io/part-of: fuzzball
  name: fuzzball-orchestrate
spec:
  image:
    repository: depot.ciq.com/fuzzball/fuzzball-images
    username: ${DEPOT_USER}
    password: ${ACCESS_KEY}
    exclusive: false
  fuzzball:
    substrate:
      nfs:
        destination: /fuzzball/shared
        path: /srv/fuzzball/shared
        server: ${NFS_SERVER_IP}
    audit:
      storage:
        class: local-path
      localStorage: true
    log:
      storage:
        class: local-path
    schedule:
      storage:
        class: local-path
      gossipService:
        type: NodePort
    dns:
      externalService:
        type: NodePort
    kube:
      backendGatewayService:
        type: LoadBalancer
        annotations:
          "metallb.universe.tf/allow-shared-ip": "ingress-and-fuzzball"
          metallb.universe.tf/loadBalancerIPs: ${IP1}
    storage:
      gossipService:
        type: NodePort
    workflow:
      callbackService:
        type: LoadBalancer
        annotations:
          "metallb.universe.tf/allow-shared-ip": "ingress-and-fuzzball"
          metallb.universe.tf/loadBalancerIPs: ${IP1}
  database:
    create:
      enableDebugPod: true
      storage:
        class: local-path
  kyverno:
    create: {}
  tls:
    certManager:
      create: {}
    trustManager:
      create: {}
  ingress:
    create:
      domain: ${IP1}.nip.io
      proxy:
        type: LoadBalancer
        annotations:
          "metallb.universe.tf/allow-shared-ip": "ingress-and-fuzzball"
          metallb.universe.tf/loadBalancerIPs: ${IP1}
  keycloak:
    create:
      createDatabase: true
      realmId: ${REALM_ID}
      username: keycloak
      password: keycloak
      ingress:
        hostname: auth.${IP1}.nip.io
EOF

Because of the environment variables you’ve set, this command will automatically populate the field spec.image.password with a CIQ Depot access key and spec.keycloak.create.realmId with a v4 UUID. It will also set the domain and hostname with the appropriate IP addresses for your setup. There are a few more customizations you may want to make before proceeding.

  • It is recommended that you update spec.ingress.create.domain with a site-specific domain.
  • You can optionally update spec.database.create.credentials.password with a unique password for the internal database.
  • Optionally update spec.keycloak.create.password with a unique password for the Keycloak admin user.
  • Optionally define spec.keycloak.create.ingress.hostname with a site-specific domain name.

Once you have the fuzzball.yaml file created and customized to your liking, you are ready to use it to deploy Fuzzball Orchestrate.

gdoc_arrow_left_alt Server Node Operator Installation Server Node Fuzzball Orchestrate Deployment gdoc_arrow_right_alt