Privacera deployment using AKS and Helm
Azure Kubernetes Service (AKS) offers serverless Kubernetes, an integrated continuous integration and continuous delivery (CI/CD) experience, and enterprise-grade security and governance. Unite your development and operations teams on a single platform to rapidly build, deliver, and scale applications with confidence. Source
Privacera provides an enterprise solution to provide centralized data governance and access management across all of enterprise data services.
This article is divided into 3 different parts.
Part 1 — Prerequisites
Part 2 — Setting up AKS, K8 and Helm
Part 3 — Privacera installation
Part 1
Prerequisites:
az login → configure azure cli with your account
brew install helm (I used brew in my mac)
Helm version is important.
Privacera installation components:
1 — MariaDB
2 — Zookeeper
3 — Solr
4 — Portal
5 — Ranger
Part 2
Set up AKS, Kubernetes and Helm then we will install Privacera
You can follow the standard settings to create Azure Kubernetes Cluster.
az aks get-credentials — resource-group ${RESOURCE_GROUP_NAME} — name ${CLUSTER_NAME}
Run the above command to get credentials of your new AKS
kubectl get nodes
doc_uname= docker hub username
dock_password= docker hub password
helm_repo_url=
helm_repo_uname=
helm_repo_pwd=
helm_config_path=
You would need the above details from Privacera team.
Add privacera repo to helm.
helm repo add privacera ${helm_repo_url} — username ${helm_repo_uname} — password ${helm_repo_pwd}
“privacera” has been added to your repositorieshelm search repo privacera/
Create new namespace
neeraj_mac:~ neerajsab$ kubectl get namespace
NAME STATUS AGE
default Active 15m
kube-node-lease Active 15m
kube-public Active 15m
kube-system Active 15m
neeraj_mac:~ neerajsab$ NS=ns-blog-namespace
neeraj_mac:~ neerajsab$ kubectl create namespace $NS
namespace/ns-blog-namespace created
neeraj_mac:~ neerajsab$ kubectl get namespace
NAME STATUS AGE
default Active 16m
kube-node-lease Active 16m
kube-public Active 16m
kube-system Active 16m
ns-blog-namespace Active 4s
neeraj_mac:~ neerajsab$
Create a secret for Privacera’s Docker Registry
neeraj_mac:~ neerajsab$ kubectl create secret -n $NS docker-registry regcred — docker-server=<get this from privacera> — docker-username=${doc_uname} — docker-password=${doc_password}
secret/regcred created
neeraj_mac:~ neerajsab$
Install stakater to enable auto restart of containers on any change to configmaps
helm repo add stable https://kubernetes-charts.storage.googleapis.com/
helm repo update
helm install stakater stable/reloader — set reloader.watchGlobally=false — namespace $NS
Part 3
You would need portal.yml, ranger.yml, solr.yml and zk.yml from the Privacera team.
Let’s setup zookeeper:
helm -n $NS install zk privacera/zookeeper -f $helm_config_path/zk.yml
kubectl -n $NS get pods
Let’s setup MariaDB
helm -n $NS install mariadb privacera/mariadb
Let’s deploy Solr
helm search repo privacera/solr
helm -n $NS install solr privacera/solr -f $helm_config_path/solr.yml
We would need to create a solr collection for ranger auditing.
kubectl exec -it -n $NS solr-1 -- bash -c "/opt/solr/bin/solr create -c ranger_audits -n ranger_audits -s 1 -rf 1"
Let’s execute the next step which is Privacera portal installation.
helm search repo privacera/portal
helm -n $NS install portal privacera/portal -f ${helm_config_path}/portal.yml
Let’s execute the last step — Ranger installation
helm search repo privacera/ranger
helm -n $NS install ranger privacera/ranger -f ${helm_config_path}/ranger.yml
Let’s find the IP addresses to access the portal.
kubectl -n $NS get svc
If you are interested to learn how to deploy the platform and integrate with AWS, Azure, Databricks, Snowflake, Google Cloud then reach out to us on www.privacera.com
