Helm Tomcat

We would like to show you a description here but the site won’t allow us. This may means there is an overhead of an extra L4 LoadBalancer cost. This is purely due to current limitations on Kubernetes for TCP/UDP services and not related to Content Services helm setup. So, for example if your Content Services Helm chart is enabled with Inbound/Outbound email in domain.example.com, then the service endpoints would be. Mar 22, 2021 Therefore, platform release certification is of utmost importance to the application platform team. This article describes how we have used Kubernetes operators, Helm Charts and Jenkins Pipelines, to achieve full automation of software quality certification and automated test result comparison.

The following sections help you to understand what containerized deployment is, and the deployment options available for Content Services when using containers.

Deployment concepts

Content Services deployment introduces a number of concepts.

The way you deploy and run Content Services has changed significantly since version 6.0. Traditionally, you’d download an installer that installed Java, Tomcat, Database, WARs, tools, etc. and everything was configured to work together out-of-the-box. Then you’d use a script to start things off. That’s no longer the case and there are no installers available. We’ll be working with Docker containers instead.

You can start Content Services from a number of Docker images. These images are available in the Docker Hub and Quay repositories. However, starting individual Docker containers based on these images, and configuring them to work together might not be the most productive way to get up and running. To make things easier, and achieve a single-step deploy and run solution, a Docker Compose file is available to quickly start Content Services when you need to test something or work on a proof-of-concept (PoC).

There are also Helm charts available to deploy Content Services in a Kubernetes cluster, for example, on Amazon Web Services (AWS). These charts are a deployment template which can be used as the basis for your specific deployment needs. The Helm charts are undergoing continual development and improvement and should not be used “as-is” for a production deployment, but should help you save time and effort deploying Content Services for your organization.

The following is a list of concepts and technologies that you’ll need to understand as part of deploying and using Content Services. If you know all about Docker, then you can skip this part.

Virtual Machine Monitor (Hypervisor)

A Hypervisor is used to run other OS instances on your local host machine. Typically it’s used to run a different OS on your machine, such as Windows on a Mac. When you run another OS on your host it is called a guest OS, and it runs in a Virtual Machine (VM).

Image

An image is a number of layers that can be used to instantiate a container. This could be, for example, Java and Apache Tomcat. You can find all kinds of Docker images on the public repository Docker Hub. There are also private image repositories (for things like commercial enterprise images), such as the one Alfresco uses called Quay.

Container

An instance of an image is called a container. If you start this image, you have a running container of this image. You can have many running containers of the same image.

Docker

Docker is one of the most popular container platforms. Docker provides functionality for deploying and running applications in containers based on images.

Docker Compose

When you have many containers making up your solution, such as with Content Services, and you need to configure each individual container so that they all work well together, then you need a tool for this. Docker Compose is such a tool for defining and running multi-container Docker applications locally. With Compose, you use a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration.

Dockerfile

A Dockerfile is a script containing a successive series of instructions, directions, and commands which are run to form a new Docker image. Each command translates to a new layer in the image, forming the end product. The Dockerfile replaces the process of doing everything manually and repeatedly. When a Dockerfile finishes building, the end result is a new image, which you can use to start a new Docker container.

Difference between containers and virtual machines

It’s important to understand the difference between using containers and using VMs. Here’s a comparison from the Docker site - What is a Container:

The main difference is that when you run a container, you are not starting a complete new OS instance. This makes containers much more lightweight and quicker to start. A container also takes up much less space on your hard-disk as it doesn’t have to ship the whole OS.

Alfresco Docker images

The public Alfresco Docker images are available in the Docker Hub registry. There are also private Enterprise-only images in the Quay.io registry.

Go to Docker Hub to see a list of images belonging to the alfresco user or, alternatively, search for alfresco from the Docker Hub home page:

Note: This shows a snippet from Docker Hub - not all images are visible.

The following Docker images relate to Content Services:

  • alfresco/alfresco-share - the Share web interface (i.e. share.war) running on Apache Tomcat
  • alfresco/alfresco-search-services - the Solr 6 based search service running on Jetty
  • alfresco/alfresco-content-repository - the repository app (i.e. alfresco.war) running on Apache Tomcat
  • alfresco/alfresco-activemq - the Alfresco ActiveMQ image

There are also other supporting features available, such as Docker images for image and document transformation:

  • alfresco/alfresco-imagemagick
  • alfresco/alfresco-libreoffice
  • alfresco/alfresco-pdf-renderer
  • alfresco/alfresco-tika

Helm Tomcat Game

To build the alfresco/alfresco-content-repository image, Alfresco uses the Alfresco/acs-packaging GitHub project. This project doesn’t include any deployment templates. The Alfresco/acs-deployment GitHub project contains deployment templates and instructions. It includes a Docker Compose script that’s used to launch a demo, test, or PoC of Content Services. You can customize this script, if you like, in order to run with different versions than those set by default (which are usually the latest versions).

What’s deployed in Content Services

When you deploy Content Services, a number of containers are started.

  • Alfresco repository with:
    • Alfresco Share Services AMP
    • Alfresco Office Services (AOS) AMP
    • Alfresco vti-bin war - that helps with AOS integration
    • Alfresco Google Docs Integration repository AMP
  • Alfresco Share with:
    • Alfresco Google Docs Integration Share AMP
  • Alfresco Search Services (Solr 6)
  • A PostgreSQL database

GitHub projects

Below are links to various GitHub projects that are used to deploy Content Services, build the repository artifacts, or provide supporting services.

Deployment project

The deployment project contains the Docker Compose file to start up a Content Services environment locally. You’ll find the relevant files in the docker-compose folder. To look at the project in more detail, just browse to:

  • https://github.com/Alfresco/acs-deployment for Enterprise deployment

If you’re interested in the Helm charts to deploy Content Services with Kubernetes, you’ll find the relevant files in the helm/alfresco-content-services folder.

Packaging project

The packaging project is used to build the repository artifacts, such as the Docker image for the repository. To look at the project in more detail, just browse to:

  • https://github.com/Alfresco/acs-packaging for Enterprise packaging

Other projects

Note that the Docker files for Alfresco Share and Alfresco Search Services are in their own projects:

  • Alfresco Share: https://github.com/Alfresco/share/tree/support/HF/6.1.1
  • Alfresco Search Services: https://github.com/Alfresco/SearchServices

Prerequisites

There are a number of software requirements for installing (or deploying) Content Services when using containerized deployment.

Note that the VERSIONS.md file in GitHub lists the supported versions.

Note: The images downloaded directly from Docker Hub, or Quay.io are for a limited trial of the Enterprise version of Content Services that goes into read-only mode after 2 days. For a longer (30-day) trial, get the Alfresco Content Services Download Trial by following the steps in the Content Services 6.2 documentation: Deploy using Docker Compose.

Note: Alfresco customers can request Quay.io credentials by logging a ticket at Alfresco Support. These credentials are required to pull private (Enterprise-only) Docker images from Quay.io.

You can review the requirements for your chosen deployment method below.

Helm charts

To deploy Content Services using Helm charts, you need to install the following software:

  • AWS CLI - the command line interface for Amazon Web Services.
  • Kubectl - the command line tool for Kubernetes.
  • Helm - the tool for installing and managing Kubernetes applications.
    • There are Helm charts that allow you to deploy Content Services in a Kubernetes cluster, for example, on AWS.

See Install using Helm for more.

Docker Compose (recommended for evaluations only)

  • Docker (latest stable version)
    • This allows you to run Docker images and docker-compose on a single computer.
  • Docker Compose
    • Docker Compose is included as part of some Docker installers. If it’s not part of your installation, then install it separately after you’ve installed Docker.

Note: Check the prerequisites for your operating system, for Docker and Docker Compose, using the links provided.

See Install using Docker Compose for more.

Kubernetes, the popular container orchestration system, is used extensively in DevOps. However, it can become very complex: you have to handle all of the objects (ConfigMaps, pods, etc.), and you also have to manage your releases. Both can be accomplished with Kubernetes Helm, the Kubernetes packaging solution.

This article discusses Helm packages (aka Helm charts), how they are created, and what you should be aware of when you create them for maximum reusability, code quality, and efficient deployments.

In a nutshell: How does Kubernetes work?

Kubernetes is an open-source container orchestration system. The containers that make up an application are grouped into logical units. To set up a single application, you have to create multiple independent resources – such as pods, services and deployments. Each requires you to write a YAML manifest file.

Helm: the Kubernetes Package Manager

Helm is a Kubernetes package manager designed to easily package, configure, and deploy applications and services onto Kubernetes clusters — it’s the apt/yum/homebrew for Kubernetes. It contains the resource definitions necessary to run an application, tool, or service inside of a Kubernetes cluster.

What is a Helm chart?

Charts are packages of Kubernetes resources. A Helm chart is basically a collection of files inside a directory. The directory name is the name of the chart (without the versioning information). Helm charts consist of a self-descriptor file – yaml file – and one or more Kubernetes manifest files called templates. The YAML file describes the default configuration data for the templates in a structured format. Helm Chart templates are written in the Go template language.

All template files are stored in a chart’s templates/ folder. When Helm renders the charts, it will pass every file in that directory through the template engine.

The values for the templates can be supplied in one of two ways:

  • Chart developers can supply a file called values.yaml inside of a chart. This file may contain default values.
  • Chart users can supply a YAML file that contains values. This can be provided in the command line with the helm install-command.

When a user supplies custom values, these values will override the values in the chart’s values.yaml file.

Here is the basic directory structure of a Helm chart:

Helm charts are very useful when deploying your Kubernetes application. If you can’t find an existing chart for the application that you are deploying in the Helm catalog, you may want to create your own.

How do you create a Helm chart?

You can create your first Helm chart very easily with the Helm create command:

This will create a folder with the files and directories seen above, which gives you a base for developing your charts further.

As we noted earlier, the templates are the manifests of the Helm package, with configuration data that is either derived by default from the YAML file or customized by the author.

Best practices when creating Helm Charts:

Let’s review some of the key tips that you should be aware of when creating your Helm templates in order to ensure maximum reusability, code quality, and efficient deployments.

Respect the general conventions

Always be aware of the Helm rules to be applied when working with Helm charts. The chart name should be lower case letters and numbers. The words can be separated with dashes (-); for example:

When the directory contains a chart, the directory name must be the same as the chart name.

When versioning is applied, the version numbers follow the SemVer format.

YAML files should be indented using two spaces.

Helm refers to the project as a whole and the client-side command. The term “chart” should not be capitalized (with the exception of Chart.yaml), because the filename is case-sensitive.

Take care of the values

The name of a variable should begin with a lowercase letter, and words should be separated using camel case:

Due to YAML’s flexible format, values can be deeply nested or flattened. Flat is better for development because of its simplicity. On the other hand, you have to perform an existence check for every layer of nesting, and you should do a check for every nested value at every level. This is not recommended with flattening, because it will make the template less readable.

You should quote all strings for type conversion; that way, a code reader won’t be confused about whether or not it’s a string.

Every property defined in values.yaml should be documented. The documentation string should start with the property’s name and a one-sentence description.

Mind the template structure

The templates/ directory should be structured as follows:

  1. Template files should have the extension .yaml if they produce YAML output. The extension .tpl can be used for template files that produce no formatted content.
  2. Template file names should use dash notation, not camel case.
  3. Each resource definition should be in its own template file.
  4. Template file names should have the resource type in the name: test-pod.yaml, test2-svc.yaml

Dependencies

For a chart, you should use version ranges instead of referring to an exact version:
>code>

If there are optional dependencies, you should add conditions or tags. The same tags can be applied to subcharts that contain features (optional).

Using labels and annotations

The metadata of an item should be used as a label when it is:

Tomcat
  • used by Kubernetes to identify this resource.
  • useful to expose to operators for the purpose of querying the system.

For example:

If an item of metadata is not used for querying, it should be set as an annotation. Helm hooks are always annotations.

Working with CRD

Kubernetes Helm Tomcat

When working with Custom Resource Definitions (CRD), keep in mind that the CRD is declared for your chart (see the YAML file called CustomResourceDefinition).

If your CRD defines test.example.com/v2, every resource with apiVersion: test.example.com/v2 is a resource using the CRD.

RBAC

Role-Based Access Control is important for the following resources in chart manifests:

  • ServiceAccount (namespaced)
  • Role (namespaced)
  • ClusterRole
  • RoleBinding (namespaced)
  • ClusterRoleBinding

Helms Tomatoes Richland In

Keep in mind that the RBAC and ServiceAccount configurations should be done under separate keys in YAML, because they represent different functionality:

The RBAC resources should always be created by default (set to true).

Wrap-Up

We have discussed some of the main best practices for creating Helm charts, but there are many more that can help ensure maximum reusability, code quality, and efficient deployment. See the Chart Best Practices Guide for Helm for more tips.

Container orchestration is all about managing the lifecycles of containers, especially in large, dynamic environments. Through container orchestration, DevOps teams can control and automate many tasks such as the provisioning and deployment of containers.

Kubernetes is a very popular container orchestration system, but it can become very complex when handling objects and releases. Helm is a very useful packaging solution for making Kubernetes more manageable.

  • How Content Delivery Networks (CDNs) Can Use Kubernetes at the edge for Less Latency and Better Livestream - July 21, 2020
  • Edge Computing and Video Streaming: Improving User Experience - July 19, 2020
  • Edge Analytics Enables New Retail Solutions with Value and Efficiency - July 17, 2020