Installation and upgrade

The Delphix Kubernetes (K8s) Driver is made available for download through the Delphix Download Portal. It is composed of two components: the plugin and the driver. The plugin is a typical Delphix Continuous Data plugin that supports the communication between the Kubernetes application and the virtualized dataset. The driver is a Helm Chart with five Docker images to support the Kubernetes application deployment and is also made available through a Helm repository. Installation of both components is required for the use of the Delphix K8s Driver. An HTTPS connection must also be established from the Kubernetes cluster to DCT, as all interactions between the K8s driver and Continuous Data are mediated through DCT’s API endpoints.

Plugin Installation

The Kubernetes Plugin is installed and managed like any other external Continuous Data connector (plugin). Refer to Delphix Engine plugin management for plugin and upgrade instructions.

Download the plugin by logging in to the Delphix Download Portal, navigate to Delphix Product Releases > Kubernetes Driver > Continuous Data Plugin, and download the latest K8s plugin .zip.

Prerequisites for Postgre SQLworkflow and Oracle:

For the PostgreSQL workflow, a PostgreSQL plugin version 4.3.1 or later is required.
Oracle does not require an external connector, as the solution works with its built-in connector.
Surrogate hosts with the respective database installations are required for both PostgreSQL and Oracle.

Installation

Perform the below steps to install each component of the Delphix Kubernetes (K8s) driver and Operator.

If your runtime location has access to the public internet then follow the “Installation (Online)” procedure. If your runtime location does not have access to the public internet and cannot reach the Delphix and Docker repositories, then follow the “Installation (Offline)” procedure.

Installation (Online) K8s Driver

Install a supported version of Helm. See Installing Helm for instructions.
Add the K8s Helm repository with the following, which will link the K8s Helm repository to the local client Helm repository.
```
helm repo add delphix-k8s-helm-repo https://dlpx-helm-kubernetes.s3.amazonaws.com/
```
Update the added repositories with the following, which will update the local Helm charts metadata (index.yaml).
```
helm repo update
```
Pull the Helm chart that is used to download the .tgz file.
Note: X.0.0 should be changed to the version of the K8s driver being installed.

helm pull delphix-k8s-helm-repo/delphix-k8s-driver --version vX.0.0
The downloaded file is then extracted using the following command:

tar -xvf delphix-k8s-driver-vX.0.0.tgz

Navigate to the extracted delphix-k8s-driver folder and provide the Docker Registry Authentication credentials in the values.yaml file to pull images from Delphix’s Docker Registry.

dockerRegistry:
    imageCredentials:
        registry: kubernetes.download.delphix.com/delphix-kubernetes
        username: <retrieved from download.delphix.com>
        password: <retrieved from download.delphix.com>

To get the credentials for the Driver, visit Kubernetes Driver Download page and log in with your customer log in credentials. Once logged in, select the Kubernetes Driver Helm Repository link and accept the Terms and Conditions. Use the username and password from the popup screen, as shown below:

Provide Data Control Tower Connectivity credentials in the values.yaml file to authenticate with Data Control Tower to perform the provision, enable, disable, and destroy actions.

dctCreds:
    dctUrl: <dct-url e.g. mycompany.dct.com>
    dctKey: <dct-key e.g. 1.abcyxz...>default:
    scheme: <default-scheme e.g. https>
    tlsInsecureSkipVerify: <default-tlsInsecureSkipVerify-flag e.g. false>

[Optional] Provide Virtual Dataset parameters in the values.yaml file to define the default virtual dataset. These values may be overwritten in the PVC’s values.yaml file during the provision step.

default:
    Annotations:
        sourceDBName: <default-source-db-name>
        envName: <default-env-name>
        vdbGroupName: <default-group-name>
        vdbRepositoryName: <default-repository-name>
        vdbStageMountpath: <default-stage-mount-path>

Run the Helm chart.

$ helm install delphix-k8s-driver delphix-k8s-driver-vX.0.0.tgz -n <namespace> -f values.yaml

Once installed, you should be able to verify the container pods, storage class, and the config map as shown below:

Installation (Online) K8s Operator

Install a supported version of Helm. See Installing Helm for instructions.
Add the K8s Helm repository with the following, which will link the K8s Helm repository to the local client Helm repository:
```
helm repo add delphix-k8s-helm-repo https://dlpx-helm-kubernetes.s3.amazonaws.com/
```
Update the added repositories with the following, which will update the local Helm charts metadata (index.yaml).
```
helm repo update
```
Pull the Helm chart that is used to download the .tgz file.
Note: X.0.0 should be changed to the version of the K8s Operator being installed.
helm pull delphix-k8s-helm-repo/delphix-operator --version vX.0.0
The downloaded file is then extracted using the following command:

tar -xvf delphix-operator-vX.0.0.tgz

Navigate to the extracted delphix-operator folder and provide the Docker Registry Authentication credentials in the values.yaml file to pull images from Delphix’s Docker Registry.

image: 
  repository: k8s-pgsql-operator.download.delphix.com/delphix-kubernetes-operator 
  pullPolicy: Always 
  tag: "1.0.0"


# Private registry configuration 
privateRegistry: 
  enabled: true 
  registry: k8s-pgsql-operator.download.delphix.com/delphix-kubernetes-operator 
  username: <retrieved from download.delphix.com> 
  password: <retrieved from download.delphix.com>

To get the credentials for the Operator, visit Kubernetes Operator Download and log in with your customer log in credentials. Once logged in, select the Kubernetes Operator for PostgreSQL link and accept the Terms and Conditions. Use the username and password displayed in the pop-up window.
For the list of Helm chart parameters, see Kubernetes Helm chart parameters

Configure the DCT URL and API key by using an existing Kubernetes secret, or alternatively, you can provide all required values directly in values.yaml.

Option 1: Create the DCT credentials secret:
```
kubectl create secret generic dct-credentials \ 
--from-literal=ENGINE_HOST=<DCT_HOST_ADDRESS> \ 
--from-literal=API_KEY=<DCT_API_KEY> \ 
 		--from-literal=SKIP_SSL_VERIFY=true \ 
		-n <namespace> 
```
Then reference the secret in your values.yaml file:
```
dct:  
 existingSecret: "dct-credentials" 
```
Option 2: Alternatively, you can provide all the required values directly in values.yaml. The Helm chart stores the values in a Kubernetes secret during installation.
```
dct:  
 url: <dct-url>  
 apiKey: <dct-api-key> 
 skipSSLVerify: true 
```
Refer to the Kubernetes Operator Helm chart parameters for additional configuration options, then install the Delphix K8s Operator via Helm:
```
helm install delphix-operator delphix-operator-1.0.0.tgz -f values.yaml -n <namespace>
```
The operator must be installed in the same namespace as the Kubernetes Driver to ensure it has access to the driver’s resources. In the examples throughout this document, this namespace is assumed to be pg-operator.

Verify the Operator is running:

kubectl get pods -n pg-operator 
kubectl logs -n pg-operator -l app.kubernetes.io/name=delphix-operator -f

Verify the CRDs are installed:

kubectl get crds | grep delphix

Re-installing/ upgrading the operator does not update the CRDs that are already present. To update/apply new CRDs, go to the extracted folder named ‘delphix-operator’ from step number 5 above and apply the CRD manifests directly using kubectl apply –f crds/ <manifest>.yaml

Installation (Offline) K8s Driver

Install a supported version of Helm. See Installing Helm for instructions.
Navigate to the Delphix Download Portal and then Delphix Product Releases > Kubernetes Driver. Find the desired version folder (e.g. 1.0.0) and download the .tar.gz.
The downloaded file, which contains a Helm chart and Docker images, is extracted using the following commands:
```
tar -xvf delphix-k8s-driver-vX.0.0.tar.gz
tar -xvf delphix-k8s-driver-vX.0.0.tgz
```

The first command extracts the five *.tar Docker images in the current directory. The second command extracts the K8s Driver’s Helm chart into a folder called delphix-k8s-driver.

In the current directory, load the extracted Docker images using the following command:
```
for image in *tar; do sudo docker load --input $image; done
```

Tag and push Docker images in your local repository. For example, tag images using the following commands:

docker tag delphixplugin:latest <local registry url>/dlpx-k8s-csi:v1.0.0
docker push <local registry url>/dlpx-k8s-csi:vX.0.0
	
docker tag registry.k8s.io/sig-storage/csi-provisioner:v3.5.0 <local registry url>/csi-provisioner:v3.5.0
docker push <local registry url>/csi-provisioner:v3.5.0
	
docker tag registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0 <local registry url>/csi-node-driver-registrar:v2.8.0
docker push <local registry url>/csi-node-driver-registrar:v2.8.0
	
docker tag registry.k8s.io/sig-storage/csi-attacher:v4.3.0 <local registry url>/csi-attacher:v4.3.0
docker push <local registry url>/csi-attacher:v4.3.0
	
docker tag registry.k8s.io/sig-storage/csi-resizer:v1.8.0 <local registry url>/csi-resizer:v1.8.0
docker push <local registry url>/csi-resizer:v1.8.0

docker tag registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3 <local registry url>/csi-snapshotter:v6.3.3
docker push <local registry url>/csi-snapshotter:v6.3.3

docker tag registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 <local registry url>/snapshot-controller:v6.3.3
docker push <local registry url>snapshot-controller:v6.3.3

docker tag registry.k8s.io/sig-storage/snapshot-controller:v6.3.3 <local registry url>/snapshot-controller:v6.3.3
docker push <local registry url>snapshot-controller:v6.3.3

Next, navigate to the delphix-k8s-driver folder to find the extracted Helm chart's values.yaml file. Open it in a text editor and update the five Image Repository ( image.*) parameters to pull the required Docker images from a local registry. If your local registry is protected, then the Docker Registry Authentication (dockerRegistry.imageCredentials.*) parameters must be updated too.

image:
    csiDePlugin:
        repository: <local registry url>/dlpx-k8s-csi
        tag: v1.2.0
        pullPolicy: Always
    csiProvisioner:
        repository: <local registry url>/csi-provisioner
        tag: v3.5.0
        pullPolicy: Always
    csiAttacher:
        repository: <local registry url>/csi-attacher
        tag: v4.3.0
        pullPolicy: Always
    csiResizer:
        repository: <local registry url>/csi-resizer
        tag: v1.8.0
        pullPolicy: Always
    nodeDriverRegistrar:
       repository: <local registry url>/csi-node-driver-registrar
       tag: v2.8.0
       pullPolicy: Always
    csiSnapshotter:
        repository: registry.k8s.io/sig-storage/csi-snapshotter
        tag: v6.3.3
        pullPolicy: IfNotPresent
     externalSnapshotter:
        repository: registry.k8s.io/sig-storage/snapshot-controller
        tag: v6.3.3
        pullPolicy: IfNotPresent
        customResourceDefinitions:
			 #if set true, VolumeSnapshot,     VolumeSnapshotContent and   #VolumeSnapshotClass CRDs will be created. Set it false, If they already exist in #cluster.
            enabled: true

Refer to the second half of the Installation (Online) directions and the Helm chart parameterslists for information and guidance on the other configurable parameters, such as the Data Control Tower Authentication and Virtual Dataset.

Run the Helm chart using the following command:

helm install delphix-k8s-driver delphix-k8s-driver-vX.0.0.tgz -n <namespace> -f values.yaml

Installation (Offline) K8s Operator

Install a supported version of Helm. See Installing Helm for instructions.
Navigate to the Delphix Download Portal and then Delphix Product Releases > Integrations > K8s Operator for PostgreSQL. Find the folder pertaining to the desired version (v1.0.0)_ folder and download the .tar.gz.
The downloaded file, which contains Docker images, is extracted using the following commands:
tar -xvf delphix-operator-vX.0.0.tgz
This command extracts the *.tar Docker image in the current directory.

In the current directory, load the extracted Docker images using the following command:
for image in *tar; do sudo docker load --input $image; done
Tag and push Docker images in your local repository. For example, tag images using the following commands:
docker tag delphixplugin:latest <local registry url>/delphix-operator:v1.0.0
docker push <local registry url>/delphix-operator:vX.0.0

Next, navigate to the delphix-operator folder to find the extracted Helm chart's values.yaml file. Open it in a text editor and update the Image Repository ( image.*) parameters to pull the required Docker image from a local registry. If your local registry is protected, then the Docker Registry Authentication (privateRegistry.registry.*) parameters must be updated also.
```
 image:
  repository: delphix/delphix-operator
  pullPolicy: Always
  tag: "v1.0.0"

# Private registry configuration
privateRegistry:
  enabled: true
  registry: "<local registry url>/delphix-operator”
  username: ""
  password: ""
```

Refer to the second half of the Installation (Online) directions and the Kubernetes Operator Helm chart parameters lists for information and guidance on the other configurable parameters, such as the Data Control Tower Authentication and Virtual Dataset.
Run the Helm chart using the following command:
helm install delphix-operator delphix-operator-vX.0.0.tgz -n <namespace> -f values.yaml

Uninstall

Run the following command to uninstall the Delphix K8s driver and/or the operator from the cluster.

helm uninstall delphix-k8s-driver -n <namespace>

helm uninstall delphix-operator –n <namespace>

It's important to note, uninstalling the Operator does not remove the CRDs. These have to manually removed using ‘kubectl delete’ commands.

Driver Upgrade

Starting with v1.1.0, you can upgrade using the following command:

helm upgrade delphix-k8s-driver delphix-k8s-driver-vX.Y.Z.tgz -n <namespace> -f values-X.Y.Z.yaml

You must upgrade through every intermediate version. For example, starting from v1.1 and upgrading to v1.5, you must follow v1.1 to v1.2 to v1.3 to v1.4 to v1.5.

If on v1.0.0, an upgrade is not supported. You must uninstall and install a newer driver version. Aftward, follow the improved upgrade path.

Troubleshooting

If you encounter any error, run the following command to view the pod logs:

kubectl logs <pod> -c <container> -n <namespace>

You can gather additional information using the describe command:

kubectl describe <pod> -n <namespace>

Kubernetes secrets

The Delphix K8s Driver can leverage Kubernetes Secrets to store the DCT URL and API Key. These values establish a connection with Data Control Tower to run the virtual dataset actions: provision, enable, disable, etc. Each secret is namespaced and its values are Base64 encoded. Only the driver’s Controller ServiceAccount is given the GET permission to access the Secret resource.

For more information on Kubernetes Secrets, refer to the CSI Driver Secrets documentation.