Installing on Kubernetes

HCL DevOps Velocity (Velocity) is designed as a containerized application and can be installed in a Kubernetes cluster, which is a supported platform for production instances of Velocity.

Because of extensive variability of Kubernetes environments and versions, careful consideration and planning should be performed in preparation for installing Velocity for your enterprise use.

Velocity installation should occurs in 3 phases.
  1. Prerequisites
  2. Helm chart generation
  3. Helm chart Installation

Running the Velocity installer produces a Helm chart customized for your environment that is then applied to the Kubernetes instance for creating the Kubernetes resources. Complete product installation requires a separately administered and installed MongoDB database for data persistence.

Note:

Secure values stored in a JSON file are automatically added to the home directory of the user during Helm Chart Configuration. The directory is hidden and should not be modified or removed by the user. Because the values are located in the user's home directory, future upgrades must be performed by the user of the original installation. The encryption key encrypts the secure values in the JSON file. If a user uses the default encryption key when installing the product, future upgrades should proceed normally. If a non-default encryption key is provided for the initial installation, the user must also provide that encryption key for future upgrades. The values stored in the hidden directory are accessed by the installer on any future upgrades, and changes to the secure values will prevent upgraded instances from accessing existing data.

Prerequisites

This phase ensures your environment is prepared to perform the complete Velocity install with required permissions, physical resources, and installation artifacts.
  1. Consult the system requirements and ensure you have identified an environment that meets Velocity expectations. See system requirements.

  2. Kubernetes Cluster-level permissions: Velocity's Helm chart require cluster-level permissions to create a few CustomResourceDefinitions. To get permissions for authorization, consult your Kubernetes administator to help complete the final Helm chart installation phase. See cluster-level permissions FAQs.

  3. MongoDB: It is the customer's responsibility to provide enterprise database administration of the MongoDB database in production scenarios. Consult the system requirements for further details. Velocity supports MongoDB Enterprise and Community Edition. Install the MongoDB database for the required environment.

    For Kubernetes installation, we recommend Bitnami's MongoDB image. We recommend to allocate a dedicated resource for MongoDB database for the better performance of Velocity.

    Sample commands for installing Bitnami's MongoDB as follows:

    helm repo add bitnami https://charts.bitnami.com/bitnami

    
         helm install velocity-mongo\
           --set persistence.enabled=true\
           --set auth.rootPassword=<custom_root_password>\
           --set image.tag=<mongodb_version_number>\
           bitnami/mongodb
    Note: See Bitnami documentation for complete configuration details.
    Note: Ensure the MongoDB user you plan to use for authorization has full permission privileges.
  4. Ingress Controller: You have a pre-installed ingress controller, skip this step else install the ingress controller by performing the following procedure. Enable ingress controller for accessing the server outside the Kubernetes cluster. Verify the default installation of ingress controller on cluster of Kubernetes platform.

    We recommend Bitnami's Nginx Ingress controller image for Velocity installation.

    Below are sample commands for installing Bitnami's Nginx Ingress controller

    helm repo add bitnami https://charts.bitnami.com/bitnami

    
       helm install velocity-ingress\
         bitnami/nginx-ingress-controller 
    Note: See Bitnami documentation for complete configuration details.
  5. Download the installation file for your environment and access key to authorize the configuration and installation. You can download the installation file by using anyone of the following options,
    • FlexNet Operations Download Center

      Visit the FlexNet download center, navigate to the Velocity product and select the required version. Download Velocity installer for your local environment and access key.

    • Free trial edition

      Complete the form and click Get HCL DevOps Velocity Today. After few minutes, you will receive an email containing download links and an access key for free trial edition.

    Note: Velocity does not perform malware scanning on the installed files. It is recommended that end users implement malware scanning as appropriate for their environment before installing and running the Velocity in their environment.

Helm chart generation

The Helm chart generation is a phase to run Velocity installer and generate the customized Helm chart to run on your Kubernetes cluster.

Copy the Velocity installer and access key to a directory where you want to run the executable file and generate the Helm chart. As mentioned earlier, we strongly recommend to store the details of the installation directory and the user performs installation for the future upgrades.

Download the file that needs for your environment.

  • Linux: velocity-hcl-install-<version>-linux
  • Windows: velocity-hcl-install-<version>-win.exe
  • Mac OS: velocity-hcl-install-<version>-macos
Note: For macOS and Linux installations, set the appropriate permissions before running the file: sudo chmod +x.

Run the installed executable file and respond to the prompts as described in the following steps:

  1. At the Please enter your DevOps Velocity access key prompt, enter the randomly generated access key.

  2. At the Do you accept the license? [Y,n] prompt, enter Y to accept the license, Otherwise, the installer will immediately terminate.

  3. At the Enter your encryption key or leave blank to use the default. Key must be at least 8 characters prompt, enter your encryption key or leave blank to use the default encryption key.
    Note: The encryption key must be at least 8 characters. Save the encryption key to use for further upgrades.
  4. At the Choose the platform prompt, select Helm.

  5. At the Enter the location where the DevOps Velocity files will be installed prompt, enter the location where you want to install the product files.

    Files are copied to the specified directory in a subdirectory named product_version_number.

  6. At the What version of MongoDB are you using? prompt, select the version of the MongoDB that you want to use as database for Velocity installation.

  7. At the Enter the initial password for the admin user prompt, enter your admin password.

  8. At the Please enter the hostname where you will run DevOps Velocity prompt, enter the host name where users can access the Web UI.The host name must resolve to a name on your DNS server, or in the server's hosts file. On Linux, the file location is etc/hosts; on Windows, the location is C:\Windows\System32\drivers\etc\hosts.

    Note: You cannot use localhost as the hostname. If you do not have any host names defined, for testing purposes you can use 127.0.0.1.nip.io. This location will redirect back to 127.0.0.1, which is typically used by localhost.
  9. At the Enter the desired port where DevOps Velocity will run prompt, enter the port number for the Web UI.

  10. (Applicable for Offline only) At the Choose how to receive offline Docker images for DevOps Velocity prompt, specify the remote registry where the images will be uploaded.
    Note: If your remote registry requires authorization, follow the silent install directions in the advanced usage section.
Completion of the installer will generate a Helm chart that you will run on your Kubernetes cluster's master node in the next steps.
Note: Use settings values.yaml to modify the Helm charts.

Helm chart installation

Helm chart installation is a phase for finalizing the installation of Velocity and running the appropriate Helm install command.
  1. Copy the generated Helm chart to the master Kubernetes node.

  2. Optional At this point, we recommend customizing Helm chart as necessary for advanced configuration, such as SSL certificate, node affinity or resource limit configuration. For additional directions, see Advanced Usage section.

  3. Run the following command to install Velocity:

    
         helm install velocity
           ./accelerate-<version>-helm.tgz\
            --set license=accept\
            --set access.key=access_key\
            --set mongo.url=mongodb url
        

    After running the command, Kubernetes displays the installation status. Installation is completed when the status of all containers is running. To refresh the status of container, run kubectl get pods command.

  4. In browser, navigate to Velocity at the URL, you specified in the helm chart.

    The default username is admin and the default password is what you specified in installer.

Advanced usage

Required Helm parameters

The following parameters are required to be specified during the Helm install:
Table 1. Required Helm parameters
Parameter Comments
license Specify accept to agree to the HCL License Agreement.
access.key Specify the product access key obtained from FlexNet
Mongo.url username The user ID to authenticate with the MongoDB database. For example, mongo.
password The password to authenticate with the MongoDB database. For example, mongo.
authSource If you connect to an authenticated MongoDB database, you can use authSource to specify the database where authenticated users are defined. For example, if the admin user is defined in the admin database, you can use authSource=admin.
port The port number for the MongoDB database. Use the value shown in the example, which is 27017.
service_name The MongoDB URL or the MongoDB service name if it is running within the Kubernetes cluster. For example, velocity-mongo.
database_name The name of the database to be used by Velocity. For example, velocity.
The sample MongoDB URL ismongodb://<username>:<password>@<service_name>:<port>/<authSource>
Note: If you used the install command in the previous step to install the MongoDB, use the following values for the mongo.url property.
--set mongo.url=mongodb://mongo:mongo@velocity-mongo:27017

Optional Helm parameters

You can use the optional Helm parameters to perform advanced functionality and silent installs. To identify optional parameters run the helm show values accelerate-<version>-helm.tgz

The following additional properties are common and it can be specified optional during the helm install:
Table 2.
Parameter Description Comments
loglevel The level of Log4j messages to display in the log file. Possible values are ALL, DEBUG, INFO, WARN, ERROR, FATAL, OFF. The default value is ALL.

SSL certificates

If your organization required an SSL certificate, create an SSL certificate and key. Store the SSL certificate and key in velocity-custom-tls-secret.yaml file.

  1. Generate a public key and a private certificate: For Linux operating system, you can use OpenSSL to generate the certificate and key. For Windows operating system, use Git to get OpenSSL. Git installs a copy in Program Files\Git\usr\bin directory. The following example creates a certificate with name certificate.pem.

  2. With the SSL certificate and key available, run the following command:

    kubectl create secret tls velocity-custom-tls --key <key.pem>\ --cert certificate.crt
  3. Run kubectl apply -f velocity-custom-tls-secret.yaml command to apply velocity-custom-tls-secret.yaml to Velocity installation.

After the successful process, the following message is displayed.

secret/velocity-custom-tls created

Node allocation

Kubernetes can allocate resources in multiple nodes. Kubernetes can orchestrate the deployment of application in multiple nodes. We recommend to allocate four nodes for production installation of Velocity.
  • Node 1: Inter-service communication media like RabbitMQ with dedicated memory to save your data.

  • Node 2: Value stream metrics calculations such as cycle time, lead time, throughput, and deployment count.

  • Node 3: Plugin to fetch new data for keeping Velocity in sync with different tool chains.

  • Node 4: MongoDB deployment (provided and managed by the user) which is shared by all services and for better performance in handling heavy workload.

The four node distribution is to ensure resource-intensive actions not impact UI and API which may cause performance issues. You can add the “workload-class” labels (background, transactional, and external) to any one node. On startup. Kubernetes will automatically schedule each service across the available nodes in a way to minimize resource competition and maximize performance.

We recommend allocating the node properly improves performance and provides stability to the application, Proper node allocations support 30% increase in the performance and stability across the value streams, pipeline, and release functional areas.

Resource limits

To enforce limits on Argo resources, modify the executor parameter in the velocity/templates/workflow-controller-configmap.yaml

For example, to limit ephemeral Argo pods, you can use the following parameter values:
 
data:
   config: |
     containerRuntimeExecutor: kubelet
     namespace: velocity
     executor:
       resources:
         limits:
           cpu: 1
           memory: 2Gi
         requests:
           cpu: 50m 
           memory: 512Mi