Installation under Kubernetes & Helm (Python 2.7)

This image includes the last Zato version with an entrypoint script that can be used for every Zato component.

Requirements

  • Kubernetes
  • Helm
  • kubectl

Start a local Kubernetes with Minikube

host$ minikube start

Install Helm

Download a binary release of the Helm client. You can use tools like Homebrew, or look at the official releases page.

For more details, or for other options, see the installation guide.

Deploy Zato to local Kubernetes

  • Clone GitHub repository to access the Helm Charts
host$ git clone https://github.com/zatosource/zato-build.git
host$ cd zato-build/docker/kubernetes/
  • Specify the Python 2.7 Docker images tag

Edit the file helm/Chart.yaml and change the value of appVersion from 3.1 to 3.1-py27.

  • Create an environment file and customize the environment variables. For example:
host$ cat myoptions.yml
# Some customization variables:
secretKey: "<secret>"
jwt_secretKey: "<secret>"
zatoWebAdminPassword: "zato"
zatoIdePublisherPassword: "zato"
zatoAdminInvokePassword: "<secret>"
odbPassword: "zato"
ingress:
    enabled: true
    hosts:
        - host: zato.minikube.local
          paths:
            - /
  • Deploy Zato to Kubernetes using Helm

When the services are deployed a corresponding message is shown in the output with instructions of how to connect to web-admin.

When Kubernetes’ ingress is enabled, like in the previous configuration variables in myoptions.yml, the output message will be like this:

host$ helm install -f myoptions.yml --generate-name helm/
NAME: helm-1583114280
LAST DEPLOYED: Sun Mar  1 20:58:07 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Ingress is enabled and the specified application URL is:
http://zato.minikube.local/

The parameter –set can be used to override values too. In this case, it disabled Kubernetes’ ingress and a different message is displayed:

host$ helm install -f myoptions.yml --generate-name --set ingress.enabled=false helm/
NAME: helm-1583115498
LAST DEPLOYED: Sun Mar  1 21:18:24 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Get the application URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace default svc -w webadmin'
export SERVICE_IP=$(kubectl get svc --namespace default webadmin --template "{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}")
echo http://$SERVICE_IP:8183

If using minikube just run:
minikube service webadmin --url
  • Check if components are running:
host$ kubectl get pods
NAME                         READY   STATUS    RESTARTS   AGE
bootstrap-6b5d68f465-j6b6k   1/1     Running   0          58s
postgres-8584dfd574-8tp27    1/1     Running   0          58s
redis-75d6d79f84-cmjxd       1/1     Running   0          58s
scheduler-55dd5575b9-4wqrf   1/1     Running   0          58s
server-598d74cdb-dtnzm       1/1     Running   0          58s
webadmin-6bb7fd9c58-8zj7g    1/1     Running   0          58s
  • Check Zato server logs (pod name will be different)
host$ kubectl logs server-598d74cdb-dtnzm
*** Downloading updates ***
Already up to date.
WARNING: Skipping sec-wall as it is not installed.
WARNING: Skipping springpython as it is not installed.
WARNING: Skipping zato-apitest as it is not installed.
*** Installing updates ***
Obtaining file:///opt/zato/current/zato-cy

Environment variables available

The Zato image uses several environment variables which can be used to fine-tune the resulting installation.

They are not required to use, and default values will be substituted if any is missing, but they may be employed to configure particular details of each of the components.

Variable Notes
clusterName Cluster name.
zatoWebAdminPassword Password for the web-admin’s technical account user to connect with. If not defined, the value is generated automatically at runtime.
zatoIdePublisherPassword Password for user ide_publisher, used for IDE integration. If not defined, the value has to be set manually.
zatoAdminInvokePassword Password used for internal communication. If not defined, the value has to be set manually.
zatoEnmasseFile Full path to a file or URL to an enmasse file with object definitions to been imported. If the value is a path to a file, make sure the file available to the Pod in the server.
redisHostname Redis service hostname. Default value is localhost.
redisPort Redis service port. Default value is 6379.
odbType ODB type to use. Must be one of: mysql or postgresql.
odbHostname ODB hostname.
odbPort ODB port.
odbName ODB database.
odbUsername ODB username.
odbPassword ODB password.
secretKey A random secret key previously generated with zato crypto create-secret-key. It is used to encrypt passwords and other sensitive data in ODB. Must be the same for all servers in a single cluster. If not provided, a new key will be generated automatically.
jwtSecretKey A random secret key previously generated with zato crypto create-secret-key. Used by JWT security definitions. If JWT is used, must be the same for all servers in a single cluster. If not provided, a new key will be generated automatically.
ingress.hosts[0].host Hostname used to access web-admin through Kubernetes’ ingress.

To access the full list of options, you can check the values.yml file.