Helm Umbrella Chart for Bahmni India Distro
- Install docker
- Install minikube >=1.25.2
- Install Helm-3
- Increase resources of your docker to a memory of atleast 8GB. (Mac / Windows)
Note: You can also run minikube without using docker. Look here.
minikube start --driver=docker --memory 7000 --cpus=4
you should see
😄 minikube v1.25.2 on Darwin 10.15.7
✨ Using the docker driver based on user configuration
👍 Starting control plane node minikube in cluster minikube
🚜 Pulling base image ...
🔥 Creating docker container (CPUs=4, Memory=7000MB) ...\
Ingress would act as a controller to route between various applicaitons
minikube addons enable ingress
MacOS / Linux
sudo vi /etc/hosts
# bahmni kubernetes nginx-ingress
127.0.0.1 bahmni.local
# bahmni crater kubernetes nginx-ingress
127.0.0.1 payments-bahmni.local
Windows
Press the Windows key.
Type Notepad in the search field.
In the search results, right-click Notepad and select Run as administrator.
From Notepad, open the following file:
c:\Windows\System32\Drivers\etc\hosts
Make the necessary changes to the file.
Select File > Save to save your changes.
minikube tunnel runs as a process, creating a network route on the host to the service CIDR of the cluster using the cluster’s IP address as a gateway. The tunnel command exposes the external IP directly to any program running on the host operating system.
sudo minikube tunnel --alsologtostderr -v=1
Note: Run this in a seperate terminal and keep it open
helm install --repo https://charts.bitnami.com/bitnami mysql mysql --set auth.rootPassword=root --set image.tag=5.7
helm install db-setup db-setup --repo https://bahmni.github.io/helm-charts --devel --wait --wait-for-jobs --atomic --timeout 1m \
--set DB_HOST=mysql \
--set DB_ROOT_USERNAME=root \
--set DB_ROOT_PASSWORD=root \
--set databases.openmrs.DB_NAME=openmrs \
--set databases.openmrs.USERNAME=openmrs-user \
--set databases.openmrs.PASSWORD=password \
--set databases.crater.DB_NAME=crater \
--set databases.crater.USERNAME=crater-user \
--set databases.crater.PASSWORD=password \
--set databases.reports.DB_NAME=bahmni_reports \
--set databases.reports.USERNAME=reports-user \
--set databases.reports.PASSWORD=password
This command takes a while to complete. Once it is completed run the following command to remove datbase root credentials from the cluster.
helm uninstall db-setup
Navigate to the directory where you cloned this repository
helm dependency update
helm upgrade bahmni-local . --values=values/local.yaml --install
- Toggle on the services in local.yaml based on your local setup requirements. Add any missing environment variables either in local.yaml or
--set
. Checkhelm upgrade ...
for list of variable needed by each service. - To uninstall a release use
helm uninstall [release name]
which will uninstall all the resources under that release e.g.helm uninstall db-setup
- Your local might be setup to query cloud K8s clusters e.g. aws. You need to ensure that you are in the minikube context for local development. Minikube bootstrap should take care of updating the kubectl current-context. You can verify and update the context using
//verify current context
$ kubectl config current-context
(or)
$ kubectl config view --minify
//Update current context to minikube
$ minikube update-context
- Minikube runs in a VM (such as docker) and wont see your local built docker images. If you need to use your local docker images to be picked up while provisioning the pods on minikube you can use
eval $(minikube docker-env)
to actually configure your environment to utilise minikube's docker daemon for docker images. docs
Once the pods and servies are running you can access it from the browser on
- Bahmni EMR --> https://bahmni.local/bahmni/home
- OpenMRS --> https://bahmni.local/openmrs
- Crater --> https://payments-bahmni.local/
Create a new IAM group for developers
aws iam create-group --group-name bahmni_eks_developers
When IAM users are added to this group then they will get full access to resources in the EKS cluster.
Create Role with trust policy (first time)
aws iam create-role --role-name BahmniEKSDeveloperRoleForIAMUsers --assume-role-policy-document file://aws/roles/BahmniEKSDeveloperRoleForIAMUsers.json
The next step (Put Role Policy) Adds/Updates an inline policy document that is embedded in the role created.
aws iam put-role-policy --role-name BahmniEKSDeveloperRoleForIAMUsers --policy-name BahmniEKSDeveloperAccess --policy-document file://aws/policies/BahmniEKSDeveloperInlinePolicy.json
aws/policies
folder contains all custom policies applied to the AWS account.
Create a AssumeRole
policy:
aws iam create-policy --policy-name BahmniEKSDeveloperAssumeRolePolicy --policy-document file://aws/policies/BahmniEKSDeveloperAssumeRolePolicy.json
Note the policy arn
Next, Attach the BahmniEKSDeveloperAssumeRolePolicy
to bahmni_eks_developers
group.
aws iam attach-group-policy --group-name bahmni_eks_developers --policy-arn <POLICY_ARN>
aws eks update-kubeconfig --name bahmni-cluster-dev
kubectl apply -f k8s-rbac/eks-developer.yaml
eksctl create iamidentitymapping \
--cluster bahmni-cluster-nonprod \
--arn arn:aws:iam::{YourAccountNumber}:role/BahmniEKSDeveloperRoleForIAMUsers \
--group eks-developer-group \
--username assume-role-user \
--no-duplicate-arns