AWS installation guide
If you are deploying Prophecy with the private SaaS option, you need to install Prophecy in your Virtual Private Cloud (VPC). Use this guide to help when installing Prophecy on AWS.
Get started
In this guide, we'll walk you through how to install Prophecy on an EKS cluster in AWS. Note that this is just one recommended way to perform the installation.
Connect to your Kubernetes cluster
Let's start by connecting to the Kubernetes cluster where you will install Prophecy.
Throughout this guide, you'll need to interact with the command line interface. Make sure you have these command line tools:
Configure your AWS CLI if you have not already.
Configure
kubectlto connect to your cluster using the following command.aws eks --region <aws-region> update-kubeconfig --name <cluster-name> --alias <alias>
Now, your EKS cluster should be included in your local Kubernetes configuration.
Validate your Kubernetes configurations
The Kubernetes cluster on which you will install Prophecy must meet a set of requirements.
Kubernetes must be version 1.21 or later. Check your Kubernetes server version using the following command.
kubectl versionYour Kubernetes cluster must have persistant storage with dynamic provisioning. To make sure you have at least one StorageClass that has a provisioner and reclaimPolicy set, run:
kubectl get storageclassYou must have permission to install custom resources, or CRDs, to your Kubernetes cluster. CRDs will be installed during installation with the Helm command. You can check if you have this permission with the following command.
kubectl auth can-i create customresourcedefinitions --all-namespacesIf you do not have this permission, contact your Kubernetes admin or EKS owner to grant you
cluster-adminor equivalent permissions. Alternatively, you can deploy a single Helm chart instead that can be shared on request.You need a namespace in your Kubernetes cluster where you will install Prophecy. Create a namespace using the command:
kubectl create namespace <namespace>A common namespace to use is
prophecy. To check if you namespace was created, run:kubectl get namespaces
Define network configurations
There are certain configurations that control how Prophecy's services are exposed, secured, and accessed in a networked environment. Network configurations can be managed by Prophecy, or they can be self-managed.
Ingress controller
Prophecy can install its own Nginx ingress controller to expose services externally. However, you can also use an Nginx ingress controller already installed on your Kubernetes cluster if it supports external service exposure via a LoadBalancer. You'll have to specify a ingress controller during the Helm installation if you are not using the Prophecy ingress controller.
Hostname resolution
If you use a Prophecy domain in the format *.cloud.prophecy.io, Prophecy handles the hostname resolution. SSL certificates are managed using Let's Encrypt, and the DNS configuration is done for you.
If you want to use your own domain:
- Obtain SSL certificates for your domain.
- Install the certificates in your Kubernetes cluster.
- Add DNS entries for the services in your domain's DNS zone.
- Ensure the entries point to the external IP address of the Nginx ingress controller LoadBalancer.
Install Prophecy with Helm
At this point, you should be ready to install Prophecy using Helm.
Add the Prophecy Helm chart repository:
helm repo add prophecy https://prophecy-chart.s3.us-west-2.amazonaws.comRun the Helm install command. Below is the most basic configuration command that only includes required Helm chart values:
helm -n <namespace> install prophecy prophecy/prophecy-installer --version <version-number>
--set global.customer.name=<customer-name> --set global.prophecy.rootUrl=<base-url>
For a full list of Helm chart values that you can set during the installation, visit Helm chart values.