omera install - HackMD

# 3.Omera install Name Space and Chart install ## 3.1 create name sapce dapr-system and omera login Rancher UI with the password from step 2 ![image](https://hackmd.io/_uploads/r14s_CukC.png) ### new name space in not in a project - dapr-system - omera ![image](https://hackmd.io/_uploads/BJZKaduJ0.png) new dapr-system ![image](https://hackmd.io/_uploads/B1Mop_ukA.png) create new name space omera in not in a project input name omera , click create ![image](https://hackmd.io/_uploads/SJAbRuO1A.png) ![image](https://hackmd.io/_uploads/rkVdOqO10.png) Then the next ### 3.2 Added Apps Chart from the manual Apps ==> Repositories ![image](https://hackmd.io/_uploads/r1ByyYOy0.png) Create - dapr https://dapr.github.io/helm-charts ![image](https://hackmd.io/_uploads/S1v3JFO1R.png) - omerachar https://registry.lamtacloud.com/chartrepo/omera ![image](https://hackmd.io/_uploads/HkwAkKdkR.png) after done show as this ![image](https://hackmd.io/_uploads/B1OxlFd1C.png) ### 3.3 Dapr install Apps Charts filter dapr an omerachart only ![image](https://hackmd.io/_uploads/HkN7eY_y0.png) select v1.10.0 then install ![image](https://hackmd.io/_uploads/BJ9LgFuyC.png) input namespace and name dapr-system. dapr ![image](https://hackmd.io/_uploads/r1hL1Cu1C.png) NEXT==> INSTALL waiting for it done ![image](https://hackmd.io/_uploads/BkB0lK_k0.png) ### 3.4 Omera install Apps ==>. Charts select Charts: omera-dell-chart (1.1.97) ![image](https://hackmd.io/_uploads/SJVEZt_JR.png) ![image](https://hackmd.io/_uploads/BJBHZY_JA.png) click install input namespace and name omera. v99. ![image](https://hackmd.io/_uploads/ByresAuJC.png) ![image](https://hackmd.io/_uploads/HyUOWY_yA.png) NEXT ===>. INSTALL WATCH for installation done. ![image](https://hackmd.io/_uploads/Bkn4TF_kR.png) ![image](https://hackmd.io/_uploads/S1tQCptJA.png) ssl 生成harbor https证书，注意修改域名信息，参考自harbor官方文档 Comment Edit from here mkdir -p /opt/harbor/cert cd /opt/harbor/cert openssl genrsa -out ca.key 4096 openssl req -x509 -new -nodes -sha512 -days 3650 \ -subj "/C=CA/ST=ON/L=Toronto/O=omera/OU=Personal/CN=registry.omera.com" \ -key ca.key \ -out ca.crt openssl genrsa -out registry.omera.com.key 4096 openssl req -sha512 -new \ -subj "/C=CA/ST=ON/L=Toronto/O=omera/OU=Personal/CN=registry.omera.com" \ -key registry.omera.com.key \ -out registry.omera.com.csr cat > v3.ext <<-EOF authorityKeyIdentifier=keyid,issuer basicConstraints=CA:FALSE keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment extendedKeyUsage = serverAuth subjectAltName = @alt_names [alt_names] DNS.1=registry.omera.com DNS.2=registry.omera DNS.3=registry EOF openssl x509 -req -sha512 -days 3650 \ -extfile v3.ext \ -CA ca.crt -CAkey ca.key -CAcreateserial \ -in registry.omera.com.csr \ -out registry.omera.com.crt 查看生成的证书 root@bastion:/opt/harbor/cert# ll total 28 drwxr-xr-x 2 root root 158 Apr 3 21:51 ./ drwxr-xr-x 3 root root 19 Apr 3 21:39 ../ -rw-r--r-- 1 root root 2069 Apr 3 21:49 ca.crt -rw------- 1 root root 3243 Apr 3 21:49 ca.key -rw-r--r-- 1 root root 41 Apr 3 21:51 ca.srl -rw-r--r-- 1 root root 2151 Apr 3 21:51 registry.omera.com.crt -rw-r--r-- 1 root root 1716 Apr 3 21:50 registry.omera.com.csr -rw------- 1 root root 3243 Apr 3 21:50 registry.omera.com.key -rw-r--r-- 1 root root 277 Apr 3 21:50 v3.ext 复制证书到操作系统目录 cp ca.crt registry.omera.com.crt /usr/local/share/ca-certificates/ update-ca-certificates 复制证书到harbor运行目录 mkdir -p /data/cert/ cp registry.omera.com.crt /data/cert/ cp registry.omera.com.key /data/cert/ 将证书提供给docker openssl x509 -inform PEM -in registry.omera.com.crt -out registry.omera.com.cert mkdir -p /etc/docker/certs.d/registry.omera.com:8443 cp registry.omera.com.cert /etc/docker/certs.d/registry.omera.com:8443/ cp registry.omera.com.key /etc/docker/certs.d/registry.omera.com:8443/ cp ca.crt /etc/docker/certs.d/registry.omera.com:8443/ Then to next step init the Mongo Database