Install a cluster for APPUiO Cloud

Starting situation and prerequisites

See the APPUiO Managed OpenShift 4 install guide for your cloud provider
- cloudscale.ch
- Exoscale

Cluster installation

Register the new cluster in Lieutenant.
Configure the desired zone name
```
export APPUIO_CLOUD_ZONE="<zone name>" (1)
```
1 Replace with the desired zone name
Work through the following sections of the install guide for your cloud provider
- cloudscale.ch
- Exoscale

Adjust the installer config for APPUiO Cloud

yq -i eval -i ".metadata.name = \"${APPUIO_CLOUD_ZONE}\"" \
  "${INSTALLER_DIR}/install-config.yaml"

Work through the following sections of the install guide for your cloud provider
- cloudscale.ch
  - Run the OpenShift Installer
  - Terraform Cluster Config
- Exoscale
  - Run the OpenShift Installer
  - Terraform Cluster Config

Adjust the Terraform cluster config

yq -i eval '.classes += ["global.apps.appuio-cloud-zone"]' "${CLUSTER_ID}.yml"
yq -i eval ".parameters.openshift4_terraform.terraform_variables.cluster_name = \"${APPUIO_CLOUD_ZONE}\"" \
  "${CLUSTER_ID}.yml"

For cloudscale.ch

yq -i eval ".parameters.openshift4_terraform.terraform_variables.infra_flavor = \"plus-32-4\"" \
  "${CLUSTER_ID}.yml"

For Exoscale

yq -i eval ".parameters.openshift4_terraform.terraform_variables.infra_size = \"Huge\"" \
  "${CLUSTER_ID}.yml"

Storage node sizing is predefined for Exoscale in the global.apps.appuio-cloud-zone class.

If you want to change the size of the storage node, you can do so with the following commands:

yq -i eval ".parameters.openshift4_terraform.terraform_variables.storage_cluster_disk_size = 680 \ (1)
  "${CLUSTER_ID}.yml"

yq -i eval ".parameters.openshift4_terraform.terraform_variables.storage_count = 4 \ (2)
  "${CLUSTER_ID}.yml"

1	Size in GB
2	Nodes

Prepare APPUiO Cloud Agent Certificates

# Adjust the lifetime as necessary
lifetime=3650

servicename=webhook-service.appuio-cloud.svc
openssl req -x509 -newkey rsa:4096 -nodes -keyout webhook.key -out webhook.crt -days ${lifetime} -subj "/CN=$servicename" -addext "subjectAltName = DNS:$servicename"

Store keys in Vault

instance=appuio-cloud
parent="clusters/kv/${TENANT_ID}/${CLUSTER_ID}"

vault kv put "${parent}/${instance}" webhook-key=@webhook.key

Add certificates to cluster config

webhookcert=$(cat webhook.crt)
yq eval -i ".parameters.appuio_cloud.agent.webhook.tls.certificate = \"${webhookcert}\"" \
  inventory/classes/${TENANT_ID}/${CLUSTER_ID}.yml
yq eval -i '.parameters.appuio_cloud.agent.webhook.tls.caCertificate = "${appuio_cloud:agent:webhook.tls:certificate}"' \
  inventory/classes/${TENANT_ID}/${CLUSTER_ID}.yml

Work through the rest of the install guide for your cloud provider
- cloudscale.ch
- Exoscale

Add APPUiO Cloud specific CNAMES.

For cloudscale.ch

Directly add the following CNAMES to the cluster’s zone.

cname     IN CNAME ingress.${CLUSTER_DOMAIN}.
console   IN CNAME ingress.${CLUSTER_DOMAIN}.
registry  IN CNAME ingress.${CLUSTER_DOMAIN}.
logging   IN CNAME ingress.${CLUSTER_DOMAIN}.

For Exoscale

We use Exoscale’s managed DNS offering. To add the APPUiO Cloud specific CNAMES run the following commands.

exo dns add CNAME ${CLUSTER_DOMAIN} -n cname -a ingress.${CLUSTER_DOMAIN}
exo dns add CNAME ${CLUSTER_DOMAIN} -n console -a ingress.${CLUSTER_DOMAIN}
exo dns add CNAME ${CLUSTER_DOMAIN} -n registry -a ingress.${CLUSTER_DOMAIN}
exo dns add CNAME ${CLUSTER_DOMAIN} -n logging -a ingress.${CLUSTER_DOMAIN}