Instructions: Self-Managed Install

PREVIEW FEATURE

This is a preview feature that may have incomplete functionality.

A Self-Managed Install requires extensive end-user customization and advanced knowledge of Kubernetes.

A Yellowbrick self-managed installation is one where the installation of each component is managed by the user. This installation method provides control of every aspect of the installation process. Once installed, the user assumes full lifecycle management of the kubernetes cluster and installed components.

The self-managed installation process involves:

• Using the Yellowbrick Deployer to push assets to your private registry
• Create cloud infrastructure
• Install Helm charts
• Create a Yellowbrick Instance

INFO

Yellowbrick workloads are compatible upto Kuberentes version 1.30.

Yellowbrick maintained Kubernetes Node AMI for Kubernetes include Kubelet version 1.30.

Pushing Assets

Installation assets include Helm charts and container images. These assets are pushed into private registries by the user with the Yellowbrick Deployer. Follow the instructions to create the Deployer in your respective environment:

• AWS installation instructions
• Azure installation instructions
• GCP installation instructions

To push assets with the Deployer: - Gain access to the Deployer instance via SSH - Use /opt/ybd/yb-install push to copy Helm charts and container images - See the CLI reference for details on the push subcommand.

If you choose to not use the Deployer to push assets, you must ensure those components are available to the installation process described below.

Deploying

To quickly get started using Terraform in a self-managed installation, see the Terraform reference architecture.

To cover other deployment methods, please see the following section that lists individual components for each cloud provider environment. The components listed are required deployment dependencies unless stated as optional. Some of these may already be deployed in your environment. Review each to ensure they meet the requirements to perform a successful deployment.

AWS Install Instructions

When installing into an AWS cloud environment, the following components are required:

AWS Add-ons

• AWS Add-on: Amazon VPC CNI plugin for Kubernetes
• AWS Add-on: Amazon EBS CSI Driver
• AWS Add-on: CoreDNS
• AWS Add-on: kube-proxy
• Community Add-on: Kubernetes Metrics Server

Infra

A reference Node Group is required for the Yellowbrick Operator to function, instructions can be found below.

• Infra: Node Group

Helm Charts

The following Helm charts are required. In each section, there may be instructions for installing Helm chart, creating cloud insfrastructure, or both.

Authenticating with ECR

You will need to authenticate helm with ECR to be able to install the helm charts. Replace {account_id} with your AWS account ID and {region} with the AWS region.

aws ecr get-login-password --region {region} | helm registry login --username AWS --password-stdin {account_id}.dkr.ecr.{region}.amazonaws.com

• Helm: cert-manager
• Helm: cluster-autoscaler
• Helm: node-local-dns
• Helm: yb-storageclass
• Helm: yb-operator
• Helm: yb-resources
• Helm: yb-monitoring

Create Yellowbrick Instance

Upon deploying all the required components, the final step is to create a YBInstance Custom Resource in Kubernetes. This will instruct the Yellowbrick Operator to proceed to create your first instance.

This example uses kubectl to create a YBInstance of version 7.2.0-68613.33955ce9. Refer to YBInstance CRD Spec for more customizations.

# Setup Initial Admin Password, secret name must be of pattern ybinst-{instance_name}-intial-admin
cat <<EOF >secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: ybinst-firstinstance-initial-admin 
  namespace: yb-firstinstance
type: Opaque
stringData:
  username: myuser
  password: mypassword
EOF

kubectl apply -f secret.yaml

# Create YBInstance
cat <<EOF >instance.yaml
apiVersion: cluster.yellowbrick.io/v1
kind: YBInstance
metadata:
  name: firstinstance
  namespace: yb-firstinstance
spec:
  requestedState: Running
  sharedServicesType: standard
  storageManaged: true
  version: 7.2.0-68613.33955ce9
EOF

kubectl apply -f instance.yml

You can then login to Yellowbrick Manager using the credentials as setup in the secret. The URL may be found using the following command:

kubectl get service -n {namespace} yb-manager-service \
  -o jsonpath='{.status.loadBalancer.ingress[0].hostname}'

INFO

In case the credentials are not setup properly, you can run the following command to shell into the database pod and reset the password using ALTER ROLE/USER command. If the intial user itself is not set, assume the first user to be ybdadmin.

kubectl exec -it -n {namespace} ybinst-{instance_name}-0 ybinst-pg -- ybsql yellowbrick --command="ALTER ROLE ybdadmin with password '{password}';"