Privacera deployment using AKS and Helm

Azure Kubernetes Service (AKS) offers serverless Kubernetes, an integrated continuous integration and continuous delivery (CI/CD) experience, and enterprise-grade security and governance. Unite your development and operations teams on a single platform to rapidly build, deliver, and scale applications with confidence. Source

Privacera provides an enterprise solution to provide centralized data governance and access management across all of enterprise data services.

This article is divided into 3 different parts.

Part 1 — Prerequisites

Part 2 — Setting up AKS, K8 and Helm

Part 3 — Privacera installation

Part 1

Prerequisites:

Azure Client

az login → configure azure cli with your account

Kubectl

Helm

brew install helm (I used brew in my mac)

Helm version is important.

Image for post
Image for post
Verify az cli, kubectl and helm version

Privacera installation components:

1 — MariaDB

2 — Zookeeper

3 — Solr

4 — Portal

5 — Ranger

Part 2

Set up AKS, Kubernetes and Helm then we will install Privacera

Image for post
Image for post
portal.azure.com → click or search Kubernetes Services
Image for post
Image for post
Create Kubernetes Cluster

You can follow the standard settings to create Azure Kubernetes Cluster.

az aks get-credentials — resource-group ${RESOURCE_GROUP_NAME} — name ${CLUSTER_NAME}

Run the above command to get credentials of your new AKS

Image for post
Image for post

kubectl get nodes

Image for post
Image for post

doc_uname= docker hub username
dock_password= docker hub password
helm_repo_url=
helm_repo_uname=
helm_repo_pwd=
helm_config_path=

You would need the above details from Privacera team.

Image for post
Image for post
Copy and paste the above parameters in your shell

Add privacera repo to helm.

helm repo add privacera ${helm_repo_url} — username ${helm_repo_uname} — password ${helm_repo_pwd}
“privacera” has been added to your repositories

helm search repo privacera/

Image for post
Image for post

neeraj_mac:~ neerajsab$ kubectl get namespace
NAME STATUS AGE
default Active 15m
kube-node-lease Active 15m
kube-public Active 15m
kube-system Active 15m
neeraj_mac:~ neerajsab$ NS=ns-blog-namespace
neeraj_mac:~ neerajsab$ kubectl create namespace $NS
namespace/ns-blog-namespace created
neeraj_mac:~ neerajsab$ kubectl get namespace
NAME STATUS AGE
default Active 16m
kube-node-lease Active 16m
kube-public Active 16m
kube-system Active 16m
ns-blog-namespace Active 4s
neeraj_mac:~ neerajsab$

Create a secret for Privacera’s Docker Registry

neeraj_mac:~ neerajsab$ kubectl create secret -n $NS docker-registry regcred — docker-server=<get this from privacera> — docker-username=${doc_uname} — docker-password=${doc_password}
secret/regcred created
neeraj_mac:~ neerajsab$

Install stakater to enable auto restart of containers on any change to configmaps

helm repo add stable https://kubernetes-charts.storage.googleapis.com/

helm repo update

helm install stakater stable/reloader — set reloader.watchGlobally=false — namespace $NS

Image for post
Image for post

Part 3

You would need portal.yml, ranger.yml, solr.yml and zk.yml from the Privacera team.

Let’s setup zookeeper:

helm -n $NS install zk privacera/zookeeper -f $helm_config_path/zk.yml

kubectl -n $NS get pods

Image for post
Image for post

Let’s setup MariaDB

helm -n $NS install mariadb privacera/mariadb

Image for post
Image for post

Let’s deploy Solr

helm search repo privacera/solr

helm -n $NS install solr privacera/solr -f $helm_config_path/solr.yml

Image for post
Image for post

We would need to create a solr collection for ranger auditing.

kubectl exec -it -n $NS solr-1 -- bash -c "/opt/solr/bin/solr create -c ranger_audits -n ranger_audits -s 1 -rf 1"

Let’s execute the next step which is Privacera portal installation.

helm search repo privacera/portal

helm -n $NS install portal privacera/portal -f ${helm_config_path}/portal.yml

Image for post
Image for post

Let’s execute the last step — Ranger installation

helm search repo privacera/ranger

helm -n $NS install ranger privacera/ranger -f ${helm_config_path}/ranger.yml

Image for post
Image for post

Let’s find the IP addresses to access the portal.

kubectl -n $NS get svc

Image for post
Image for post
Image for post
Image for post
Image for post
Image for post

If you are interested to learn how to deploy the platform and integrate with AWS, Azure, Databricks, Snowflake, Google Cloud then reach out to us on www.privacera.com

Written by

Director of Sales Engineering @Privacera

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store