Skip to main content

Manually run or update MyDeeploy license registration

Deeploy Support
  • Updated

The first time you install the Deeploy helm chart your cluster will be registered in MyDeeploy. Only usage data will be shared to apply usage based billing. Without this registration step, your installation cannot be completed successfully. In rare cases you can run or update the license registration manually. Make sure to adjust the text within <> with your own values.

 

Prerequisite:

  • Make sure to remove any existing database record in the database: deeploy, schema: usage, table: account_secret_entity.
  • Check if the following secret exists in the Deeploy namespace: image-registry. If not, create it as following: 
    kubectl create secret docker-registry image_registry \
      --docker-server=docker.io --docker-username=<your-name> \
      --docker-password=<your-pword>
  • Check if the following ServiceAccount exists in the Deeploy namespace: deeploy-registration. If not, create it as following:
    kubectl apply -f - <<EOF
apiVersion: v1
kind: ServiceAccount
metadata: 
      name: deeploy-registration 
      namespace: deeploy
EOF
  • Check if the following ClusterRole exists: namespace-tracker. If not, create it as following:
    kubectl apply -f - <<EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata: 
      name: namespace-tracker
    rules: 
    - verbs: 
      - get 
      - list 
      - watch 
      apiGroups: 
      - '' 
      resources: 
      - namespaces
EOF
  • Check if the following ClusterRole exists: read-namespaces-global. If not, create it as following:
    kubectl apply -f - <<EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata: 
      name: read-namespaces-global
    subjects: 
      - kind: ServiceAccount 
        name: deeploy-registration 
        namespace: deeploy 
    roleRef: 
      kind: ClusterRole 
      name: namespace-tracker 
      apiGroup: rbac.authorization.k8s.io
EOF

Apply

Apply the following yaml on the cluster that contains your Deeploy installation (kubectl apply -f <your-yaml>.yaml):

 

For AWS installations:

apiVersion: batch/v1
kind: Job
metadata:
  name: "deeploy-cluster-registration"
  namespace: deeploy
spec:
  template:
    metadata:
      name: deeploy
    spec:
      restartPolicy: Never
      serviceAccountName: deeploy-registration
      imagePullSecrets:
        - name: image-registry
      containers:
      - name: pre-install-job
        image: "docker.io/deeployml/deeploy:<IMAGE_TAG>"
        command:
          - "/bin/sh"
          - "./start.sh"
          - "registration"
        envFrom:
        - secretRef:
            name: registration
---
apiVersion: v1
kind: Secret
metadata:
  name: registration
  namespace: deeploy
type: Opaque
stringData:
  ACCOUNTS_URL: "europe-west3-deeploy-accounts.cloudfunctions.net"
  ACCOUNTS_PORT: "443"
  ACCOUNTS_TLS: "true"
  DOMAIN: "<YOUR-DEEPLOY-DOMAIN>" # (e.g. "deeploy.example.com")
  LICENSE_TYPE: "DEEPLOY"
  DEEPLOY_LICENSE_KEY: "<YOUR-DEEPLOY-LICENSE-KEY>" # (e.g. "xyz123eample")
  DEEPLOY_VERSION: "<YOUR-DEEPLOY-VERSION-TAG>" # (e.g. "1.24")
  KMS_TYPE: "aws"
  AWS_KMS_KEY_ID: <YOUR-KMS-KEY-ID> # (e.g. 123exam-ple321)
  AWS_KMS_ACCESS_KEY: <YOUR-ACCESS-KEY>
  AWS_KMS_SECRET_KEY: <YOUR-SECRET-KEY>
  AWS_KMS_REGION: <YOUR-KMS-REGION> # (e.g. eu-central-1)
  DB_NAME: deeploy
  DB_HOST: <YOUR-DB-HOST>
  DB_PORT: <YOUR-DB-PORT>
  DB_USER: <YOUR-DB-USER>
  DB_PASSWORD: <YOUR-DB-PASSWORD>
  DB_SSL_ENABLED: TRUE / FALSE
  DB_CA: <CERTIFICATE> (only if SSL_ENABLED is TRUE)
  DB_SYNCHRONIZE: "false"
  DB_LOGGING: "false"
  DB_MIGRATIONS: "true"

 

For Azure installations:

apiVersion: batch/v1
kind: Job
metadata:
  name: "deeploy-cluster-registration"
  namespace: deeploy
spec:
  template:
    metadata:
      name: deeploy
    spec:
      restartPolicy: Never
      serviceAccountName: deeploy-registration
      imagePullSecrets:
        - name: image-registry
      containers:
      - name: pre-install-job
        image: "docker.io/deeployml/deeploy:<IMAGE_TAG>"
        command:
          - "/bin/sh"
          - "./start.sh"
          - "registration"
        envFrom:
        - secretRef:
            name: registration
---
apiVersion: v1
kind: Secret
metadata:
  name: registration
  namespace: deeploy
type: Opaque
stringData:
  ACCOUNTS_URL: "europe-west3-deeploy-accounts.cloudfunctions.net" 
  ACCOUNTS_PORT: "443" 
  ACCOUNTS_TLS: "true" 
  DOMAIN: "<YOUR-DEEPLOY-DOMAIN>" # (e.g. "deeploy.example.com")
  LICENSE_TYPE: "DEEPLOY" 
  DEEPLOY_LICENSE_KEY: "<YOUR-DEEPLOY-LICENSE-KEY>" # (e.g. "xyz123eample") 
  DEEPLOY_VERSION: "<YOUR-DEEPLOY-VERSION-TAG>" # (e.g. "1.24")
  KMS_TYPE: "azure"
  AZURE_VAULT_KEY_ID: <YOUR-VAULT-KEY-ID>
  AZURE_VAULT_NAME: <YOUR-VAULT-NAME>
  AZURE_CLIENT_ID: <YOUR-VAULT-CLIENT-ID>
  AZURE_CLIENT_SECRET: <YOUR-VAULT-CLIENT-SECRET>
  AZURE_TENANT_ID: <YOUR-AZURE-TENANT-ID>
  DB_NAME: deeploy 
  DB_HOST: <YOUR-DB-HOST> 
  DB_PORT: <YOUR-DB-PORT> 
  DB_USER: <YOUR-DB-USER> 
  DB_PASSWORD: <YOUR-DB-PASSWORD> 
  DB_SSL_ENABLED: TRUE / FALSE 
  DB_CA: <CERTIFICATE> (only if SSL_ENABLED is TRUE)
  DB_SYNCHRONIZE: 'false'
  DB_LOGGING: 'false'
  DB_MIGRATIONS: 'true'

 

For GCP installations:

apiVersion: batch/v1
kind: Job
metadata:
  name: "deeploy-cluster-registration"
  namespace: deeploy
spec:
  template:
    metadata:
      name: deeploy
    spec:
      restartPolicy: Never
      serviceAccountName: deeploy-registration
      imagePullSecrets:
        - name: image-registry
      containers:
      - name: pre-install-job
        image: "docker.io/deeployml/deeploy:<IMAGE_TAG>"
        command:
          - "/bin/sh"
          - "./start.sh"
          - "registration"
        envFrom:
        - secretRef:
            name: registration
        env:
        - name: GCP_SERVICE_ACCOUNT_KEY_FILE
          value: "/usr/src/app/config/gcp-service-account-credentials.json"
        volumeMounts: 
        - mountPath: /usr/src/app/config
          name: gcp-service-account-credentials-volume
          readOnly: true
      volumes:
      - name: gcp-service-account-credentials-volume
        secret: 
          secretName: registration
          items: 
          - key: GCP_SERVICE_ACCOUNT_KEY_FILE_JSON
            path: gcp-service-account-credentials.json
---
apiVersion: v1
kind: Secret
metadata:
  name: registration
  namespace: deeploy
type: Opaque
stringData:
  ACCOUNTS_URL: "europe-west3-deeploy-accounts.cloudfunctions.net" 
  ACCOUNTS_PORT: "443" 
  ACCOUNTS_TLS: "true" 
  DOMAIN: "<YOUR-DEEPLOY-DOMAIN>" # (e.g. "deeploy.example.com") LICENSE_TYPE: "DEEPLOY" 
  DEEPLOY_LICENSE_KEY: "<YOUR-DEEPLOY-LICENSE-KEY>" # (e.g. "xyz123eample") 
  DEEPLOY_VERSION: "<YOUR-DEEPLOY-VERSION-TAG>" # (e.g. "1.24")
  KMS_TYPE: "gcp"
  GCP_PROJECT_ID: <YOUR-PROJECT-ID>
  GCP_LOCATION_ID: <YOUR-LOCATION-ID>
  GCP_KEYRING_ID: <YOUR-KEYRING-ID>
  GCP_KEY_ID: <YOUR-KEY-KEY-ID>
  GCP_VERSION_ID: "<YOUR-KEY-VERSION-ID>"
  GCP_SERVICE_ACCOUNT_KEY_FILE_JSON: | 
    <YOUR-KEY-FILE-JSON>
  DB_NAME: {{ .Values.database.name }}
  DB_HOST: {{ .Values.database.host | quote }}
  DB_PORT: "5432"
  DB_USER: {{ .Values.database.username }}
  DB_PASSWORD: {{ .Values.database.password }}
  DB_SSL_ENABLED: {{ .Values.database.ssl.enabled | quote }}
  {{ if .Values.database.ssl.enabled -}}
  DB_CA: {{ .Values.database.ssl.ca | quote}}
  {{- end }}
  DB_SYNCHRONIZE: 'false'
  DB_LOGGING: 'false'
  DB_MIGRATIONS: 'true'

 

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk