Kubernetes install

SUSE Observability Self-hosted

Before you start

Extra notes for installing on:

Before you start the installation of SUSE Observability:

  • Check the requirements to make sure that your Kubernetes environment fits the setup that you will use (recommended, minimal or non- high availability).

  • Check that you have the required permissions.

  • Add the SUSE Observability helm repository to the local helm client:

helm repo add suse-observability https://charts.rancher.com/server-charts/prime/suse-observability
helm repo update

Install SUSE Observability

For environments without internet access, also known as air-gapped environments, first follow these extra instructions.

Also make sure to follow the air-gapped instalaltion instructions whenever those are present for a step.

Create namespace

Start by creating the namespace where you want to install SUSE Observability and deploy the secret in that namespace. In our walkthrough we will use the namespace suse-observability:

kubectl create namespace suse-observability

Generate values.yaml

The values.yaml file is required to deploy SUSE Observability with Helm. It contains your SUSE Observability license key, SUSE Observability Receiver API key and other important information.

Before you continue: Make sure you have the latest version of the Helm charts with helm repo update.

The SUSE Observability values.yaml file can be generated by running a separate Helm Chart, the suse-observability/suse-observability-values chart. A sample command line is:

> helm template \
  --set license='<your license>' \
  --set baseUrl='<suse-observability-base-url>' \
  sts-values \
  suse-observability/suse-observability-values > values.yaml

This command will generate a values.yaml file which contains the necessary configuration for installing the SUSE Observability Helm Chart.

The SUSE Observability administrator passwords will be autogenerated by the above command and are output as comments in the generated values.yaml file. The actual values contain the bcrypt hashes of those passwords so that they're securely stored in the Helm release in the cluster.

The values that can be passed to this chart are:

ConfigurationValueDescription

Receiver API Key

receiverApiKey

The API key used by SUSE Observability to receive data from agents. This is a secret key that should be kept private. If you omit this, a random key will be generated for you.

Base URL

baseUrl

The <STACKSTATE_BASE_URL>. The external URL for SUSE Observability that users and agents will use to connect. For example https://suse-observability.internal. If you haven't decided on an Ingress configuration yet, use http://localhost:8080. This can be updated later in the generated file.

Username and password**

-u -p

The username and password used by SUSE Observability to pull images. For air-gapped environments these need to be the username and password for the local contaier registry.

License key

license

The SUSE Observability license key.

Admin API password

adminApiPassword

The password for the admin API. Note that this API contains system maintenance functionality and should only be accessible by the maintainers of the SUSE Observability installation. If you omit this, a random password will be generated for you. If you do pass this value and it's not bcrypt hashed, the chart will hash it for you.

Default password

adminPassword

The password for the default user (admin) to access SUSE Observability's UI. If you omit this, a random password will be generated for you. If you do pass this value and it's not bcrypt hashed, the chart will hash it for you.

Image Registry

imageRegistry

The registry where the SUSE Observability images are hosted. If not provided, the default value will be 'quay.io'

Pull Secret Username

pullSecret.username

The username used to pull images from the Docker registry where the SUSE Observability images are hosted. Only needed for custom registries.

Pull Secret Password

pullSecret.password

The password used to pull images from the Docker registry where the SUSE Observability images are hosted. Only needed for custom registries.

Store the generated values.yaml file somewhere safe. You can reuse this file for upgrades, which will save time and (more importantly) will ensure that SUSE Observability continues to use the same API key. This is desirable as it means Agents and other data providers for SUSE Observability won't need to be updated.

Deploy SUSE Observability with Helm

The recommended deployment of SUSE Observability is a production ready, high availability setup with many services running redundantly. If required, it's also possible to run SUSE Observability in a non-redundant setup, where each service has only a single replica. This setup is only recommended for a test environment.

For air-gapped environments follow the instructions for the air-gapped installations.

To deploy SUSE Observability in a high availability setup on Kubernetes:

  1. (Optionally) Create a small_values.yaml if you want to deploy a small profile setup. Add the --values small_values.yaml flag to the command below.

  2. Deploy the latest SUSE Observability version to the suse-observability namespace with the following command:

helm upgrade \
  --install \
  --namespace suse-observability \
  --values values.yaml \
suse-observability \
suse-observability/suse-observability

After the install, the SUSE Observability release should be listed in the SUSE Observability namespace and all pods should be running:

# Check the release is listed
helm list --namespace suse-observability

# Check pods are running
# It may take some time for all pods to be installed or available
kubectl get pods --namespace suse-observability

Access the SUSE Observability UI

After SUSE Observability has been deployed you can check if all pods are up and running:

kubectl get pods --namespace suse-observability

When all pods are up, you can enable a port-forward:

kubectl port-forward service/<helm-release-name>-suse-observability-router 8080:8080 --namespace suse-observability

SUSE Observability will now be available in your browser at https://localhost:8080. Log in with the username admin and the default password provided in the values.yaml file.

Next steps are

Last updated