From 792f396e43a0ab3f06f0749a0c4c283790992271 Mon Sep 17 00:00:00 2001 From: adam Date: Mon, 23 Dec 2024 13:36:29 -0700 Subject: [PATCH 1/2] Update installation docs with redeployment lessons learned. --- docs/admin/installation.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/admin/installation.rst b/docs/admin/installation.rst index 92e9924eb8..d2474cb5ff 100644 --- a/docs/admin/installation.rst +++ b/docs/admin/installation.rst @@ -26,6 +26,8 @@ These can be run repeatedly to reinstall Phalanx over an existing deployment. Be aware that this will invalidate any existing AppRole for that environment. #. Set the environment variables ``VAULT_ROLE_ID`` and ``VAULT_SECRET_ID`` to the Role ID and Secret ID printed out by that command. + Don't store these anywhere + If you repeat the installation from scratch, just generate new role and secret IDs. #. Ensure that your default Kubernetes cluster for :command:`kubectl` and :command:`helm` is set to point to the Kubernetes cluster into which you want to install the Phalanx environment. You can verify this with :command:`kubectl config current-context`. @@ -50,10 +52,15 @@ These can be run repeatedly to reinstall Phalanx over an existing deployment. #. If you are deploying on Google Cloud Platform, consider converting the dynamically-assigned IP address to a static IP. You can do this in the GCP console under :menuselection:`VPC Network -> IP addresses`. +#. If you are doing a complete reinstallation of a Phalanx instance (e.g. Kubernetes has been completely destroyed and the cluster recreated), you may wish to run ``phalanx secrets sync --regenerate`` in order to recreate any randomly-generated secrets, rather than using the set from the previous installation. + #. Debug any problems during installation. The most common source of problems are errors or missing configuration in the :file:`values-{environment}.yaml` files you created for each application. You can safely run the installer repeatedly as you debug and fix issues. + * If you get a message indicating that ``argocd`` plaintext login has failed, the actual error is that your local ``argocd`` executable is obsolete. + Update ``argocd`` and try again. + Using a Vault token rather than AppRole ======================================= From faa44c91b28e72ccb748a8f74647ea07f2d789fb Mon Sep 17 00:00:00 2001 From: adam Date: Mon, 23 Dec 2024 14:00:38 -0700 Subject: [PATCH 2/2] Repeat how-to-find-proper-argocd-version instructions --- docs/admin/installation.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/admin/installation.rst b/docs/admin/installation.rst index d2474cb5ff..69bdb9004a 100644 --- a/docs/admin/installation.rst +++ b/docs/admin/installation.rst @@ -26,7 +26,7 @@ These can be run repeatedly to reinstall Phalanx over an existing deployment. Be aware that this will invalidate any existing AppRole for that environment. #. Set the environment variables ``VAULT_ROLE_ID`` and ``VAULT_SECRET_ID`` to the Role ID and Secret ID printed out by that command. - Don't store these anywhere + Don't store these anywhere. If you repeat the installation from scratch, just generate new role and secret IDs. #. Ensure that your default Kubernetes cluster for :command:`kubectl` and :command:`helm` is set to point to the Kubernetes cluster into which you want to install the Phalanx environment. @@ -60,6 +60,7 @@ These can be run repeatedly to reinstall Phalanx over an existing deployment. * If you get a message indicating that ``argocd`` plaintext login has failed, the actual error is that your local ``argocd`` executable is obsolete. Update ``argocd`` and try again. + To see the version of the client that is currently tested, search for ``argocd-linux`` in `.github/workflows/ci.yaml `__. Using a Vault token rather than AppRole =======================================