Getting Started
Who Is This For?
- This document is for System Integrators looking to create a single-node demo instance of SmoothGlue in AWS.
What Is the Goal of This Guide?
- To familiarize you with how to deploy SmoothGlue in a single-node demo context.
Prerequisites
Before you run SmoothGlue Enterprise, ensure you have the following:
- Access to an AWS account with permissions to create EC2 instances.
- A copy of the SmoothGlue Enterprise package provided by BrainGu engineers.
- The Zarf bin for your OS.
- For more information on Zarf and what it does, please visit our glossary.
Single-Node Demo Environment
This portion of the guide will briefly walk you through setting up a single-node demo environment for the SmoothGlue Enterprise. Following these instructions will result in a single EC2 instance, running K3s, and using the local-path storage provisioner. This demo environment is not suitable for hosting production workloads, but could be used as an "edge" deployment or for development/assessment scenarios.
Deploy an EC2 Instance:
To run a single-node deployment of the SmoothGlue Enterprise, we need an EC2 Instance with a minimum 8 CPUs, 32 GB of memory, and 50 GB of storage.
The following steps will guide you on deploying an instance via the AWS EC2 console:
- Log into the AWS console to create EC2 Instances.
Only users with permissions can access the AWS console.
Navigate to the EC2 Service.
Locate and click the "Launch instance" button.
Provide a name for your instance, such as
smoothglue-demo.Select Amazon Linux from the Quick Start AMI list. Note: You must select 64-bit (x86) for the architecture.
Select
t3a.2xlarge,t3.2xlarge,t2.2xlargeor any other instance with 8 vCPU and 32 GiB memory available in your Region.Click the "Create new key pair" link.
a. Name the link, e.g.,
smoothglue-demo.b. Ensure that "Key pair type" is RSA and "Private key file format" is .pem.
c. Click the "Create key pair" button. Store the resulting private key in a safe place.
Verify you have a proper VPC and Subnet selected.
Verify you have a proper security group selected, or alternatively create a new one allowing SSH and HTTPS inbound from your workstation.
In the Configure Storage block, set the root volume to: 50 GiB.
Click the "Launch instance" button and wait for the instance to start.
Get the Zarf Bin:
Connect to your new instance via SSH. If you need assistance, refer to the AWS documentation.
Execute the following curl commands to download the correct Zarf bin and Zarf init package.
curl -C - -LO https://github.com/zarf-dev/zarf/releases/download/v0.32.6/zarf_v0.32.6_Linux_amd64
curl -C - -LO https://github.com/zarf-dev/zarf/releases/download/v0.32.6/zarf-init-amd64-v0.32.6.tar.zstExecute the following command to install the bin on your system.
sudo install zarf_v0.32.6_Linux_amd64 /usr/local/bin/zarfExecute the following command to test the Zarf bin. It should output
v0.32.6.zarf versionInitialize Zarf by executing the following command. Note: This may take some time. Ensure you are running this command with sudo.
```bash
sudo zarf init --no-progress --confirm --components k3s,git-server
```
Deploy SmoothGlue Enterprise
Obtain a copy of the SmoothGlue Enterprise deployment package. This package consists of several parts and should be copied to the deployment system. The package can be deployed by issuing the following command. For a full install reference, refer to the installation-options document.
For this single node install, we will rely on nip.io for DNS. It's a convenient way to give a DNS name to any arbitrary IP address, and will allow us to focus on getting SmoothGlue up and running quickly.
Although the nip.io service will give a DNS name to any IP address, it will not allow you to route to private IP addresses (such as those starting with 10. or 192.168.) over the public Internet. As such, if you are not able to access the EC2 instance from within the same VPC (using a VPN or another method), then this should be the public IPv4 address of the EC2 instance.
The following command assumes an EC2 instance with a private IP address of
10.32.39.24:
sudo zarf package deploy zarf-package-smoothglue-amd64-v5.0.0.tar.zst.part000 --no-progress --confirm --set DOMAIN=10-32-39-24.nip.io
Accessing SmoothGlue Enterprise Web Applications
When deployment is complete, the web applications (apps) should be accessible. The URLs for each app will be different for every deployment, as the DNS domain is either provided as an argument or auto-discovered by the installation process. You can list these hostnames by issuing the following command:
sudo kubectl get VirtualService -A
The output in the HOSTS column can be used to construct the URL simply by prepending https:// to the hostname. The HOSTS column will reflect the hostname of the EC2 instance that it is being run on.
For example, the Grafana web app can be accessed via https://grafana.10-32-39-24.nip.io, as determined by the output shown below.
NAMESPACE NAME GATEWAYS HOSTS AGE
monitoring monitoring-monitoring-kube-grafana ["istio-system/public"] ["grafana.10-32-39-24.nip.io"] 9m16s
monitoring monitoring-monitoring-kube-alertmanager ["istio-system/public"] ["alertmanager.10-32-39-24.nip.io"] 9m16s
monitoring monitoring-monitoring-kube-prometheus ["istio-system/public"] ["prometheus.10-32-39-24.nip.io"] 9m16s
neuvector neuvector-neuvector ["istio-system/public"] ["neuvector.10-32-39-24.nip.io"] 6m4s
argocd argocd-argocd-server ["istio-system/public"] ["argocd.10-32-39-24.nip.io"] 5m47s
The following sections will walk you through authenticating to each web app. It is highly recommended that you log into these immediately after deploying and update with a secure password that adheres to your organizational policy. Alternatively, you can set up Single Sign-On (SSO) for your deployment.
Grafana
The default username for Grafana is admin, and the default password is a randomly generated string stored inside the monitoring-grafana secret within the monitoring namespace.
Alertmanager
No credentials are required to access Alertmanager. To configure authentication for Alertmanager, please see the SSO configuration documentation.
Prometheus
No credentials are required to access Prometheus. To configure authentication for Prometheus, please see the SSO configuration documentation.
Argo CD
The default username for Argo CD is admin. The initial password can be obtained by executing the following command:
sudo kubectl get secret -n argocd argocd-initial-admin-secret -o go-template='{{ index .data "password" | base64decode }}'
NeuVector
Before logging into NeuVector, you will be required to accept the End User Agreement. The default username for NeuVector is admin. The password is a randomly generated string held within the neuvector-init secret inside of the neuvector namespace under the userinitcfg.yaml.users.password field for the admin user.
Uninstall
To uninstall the SmoothGlue Enterprise, issue the following command:
sudo zarf destroy --confirm
Please note that this will remove all SmoothGlue Enterprise managed workloads and data from your Kubernetes cluster. It will also remove any Zarf related workloads from your cluster. If you initialized K3s using Zarf, it will stop and uninstall K3s, as well.