Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
===========
Customizing
===========
In this guide we show how to customize your cluster installation, i.e. if you
want to install additional applications, or change the configuration of extisting
apps installed by OAS this is the right place. Customizing other parts of your
cluster is possible but not yet covered by this guide.
This guide is written for users with advanced knowledge of the tools behind
Openappstack, most importantly: Kubernetes, Helm, Ansible and Flux 2.
.. warning::
Customizing your OAS cluster could break your cluster in a way that it's not
easy to recover. Please be aware of the potential risk when proceeding.
Prerequisites
=============
* A functional OAS cluster installed following the
`Openappstack installation instructions <installation_instructions.html>`__
Customize OAS applications
==========================
Apps deployed by OAS are configured using helm values from templates in
``flux2/apps/<application>/release.yaml``. It is possible to override values
from the helmrelease by adding a custom ``ConfigMap`` or ``Secret`` to the
cluster. The secret or configmap name is specified in the ``valuesFrom`` section
of the ``release.yaml`` file. Read more in the `Flux documentation
<https://fluxcd.io/docs/migration/helm-operator-migration/#values-from-sources>`__
Example: Customize Nextcloud to work with staging certificates
--------------------------------------------------------------
Our CI pipeline works with staging certificates from Let's Encrypt, for that
reason we need to allow insecure connections for the integration with
ONLYOFFICE. You can find the file at ``install/overrides/oas-nextcloud-override.yaml``.
To apply it, run the following commands:
.. code:: bash
# If you want to run this on your provisioning machine, tell kubectl to use
# your cluster:
export KUBECONFIG=$PWD/clusters/oas.example.org/kube_config_cluster.yml
# Check the current state of the helmrelease you want to modify:
flux get helmrelease -A
# If all is OK, make sure to apply your override configmap or secret in the
# same namespace as your helmrelease with the '-n' argument
kubectl apply \
-n oas-apps \
-f ./install/overrides/oas-nextcloud-override.yaml
Adding custom apps to the cluster
=================================
OpenAppStack uses Flux 2 to install and auto-update applications. If you want to
install extra applications or other things into the Kubernetes cluster, our
advice would be to set up your own GitRepository and add it to the Flux system.
When you do this, you are fully responsible for keeping those applications
secure and updated. If any of those applications is insecure, that can also
invalidate the security of your OpenAppStack applications, because they are part
of the same cluster and VPS.
Refer to the `Flux 2 documentation <https://fluxcd.io/docs>`__ for more
information.