Containerized Deployment
If your organization uses Kubernetes or Red Hat OpenShift, OpenNMS makes a Helm chart available to simplify Meridian deployment. For information on deploying in a Docker environment, see the Docker tabs in installation and configuration.
The OpenNMS Helm Chart is based and tested against the latest Meridian. The minimum version available is
Meridian 2023.x.
Before you begin
You must have a deep understanding of containerized environments (Kubernetes, Red Hat OpenShift) and Helm, which is the package manager for Kubernetes.
You should also be familiar with Meridian, its components, and how the environment works.
Requirements
External dependencies
Meridian requires the following as part of its monitoring environment. Make sure to set them up, with SSL enabled, before deploying Meridian.
-
PostgreSQL server as the central database for OpenNMS and Grafana.
-
For Google Cloud, the solution was tested using Google SQL for PostgreSQL with SSL and a private IP.
-
-
Elasticsearch cluster for flow persistence
-
Grafana Loki server for log aggregation
-
logcli helps extract OpenNMS logs from the command line for troubleshooting purposes.
-
-
cert-manager to provide HTTPS/TLS support to the web-based services the ingress controller manages.
-
A
ClusterIssuer
to use it across multiple independent Meridian installations.
-
-
Nginx Ingress Controller, as the solution has not been tested with other Ingress implementations.
Deployment on Kubernetes
Once you have set up Helm properly, use the following commands to deploy Meridian on Kubernetes:
helm repo add opennms https://opennms.github.io/helm-charts
helm install monms opennms/horizon --set domain=domain1.com --create-namespace
Update configuration values in the values.yml
file, as required, for your environment.
These values include various passwords (Kafka, database, PostgreSQL), timezone, CPU limits, and so on.
For a list of values and their defaults, see Values in the project’s readme file on GitHub.
Installation on OpenShift
There are a few known issues and limitations with installation on OpenShift, related to user permissions:
-
If you set
allowPrivilegeEscalation
to false, you cannot use ICMP and the auto discovery feature from the Meridian core. Make sure to removeCAP_NET_RAW
fromallowedCapabilities
when you setallowPrivilegeEscalation
to false. -
By default, OpenNMS will create a ClusterRole, ClusterRoleBinding, Route, SecurityContextConstraints, and ServiceAccount. The user who installs OpenNMS must have the required permissions to make these modifications to the OpenShift cluster, including admin access. Disabling ClusterRole, ClusterRoleBinding, Route, SecurityContextConstraints, and ServiceAccount along with setting
allowPrivilegeEscalation
to false will run the Meridian core in unprivileged mode.
To install Meridian on OpenShift, follow these steps:
-
Log in to OpenShift and switch to Developer view.
-
Create a project with a unique name.
-
Go to the Helm section.
-
In the Create drop-down menu, select Repository.
-
In the Create Repository page,
-
Add a unique name and display name.
-
Use https://opennms.github.io/helm-charts/ for the URL.
-
Save the changes.
-
-
In the Create drop-down menu, select Helm Release.
-
Under Repository, select the newly created repository entry.
-
Click on Horizon.
-
Make sure that the project name matches the name you set in step 2.
-
Skip this step if you are setting “CreateNamespace” option to true.
-
-
Make the required modifications (for example, set the PostgreSQL information).
-
Click Create.
-
Wait for the pods to come up. This may take a few minutes.
The process to install the Minion is similar. |