Mach5 Search Helmcharts
Installation instructions for all helmcharts required for setting up Mach5 Search.
Cluster Autoscaler For AWS EKS environment
Not needed for an Azure Kubernetes Service cluster deployment, and its native autoscaler can be used.
Run the following commands to install the cluster-autoscaler helm chart:
helm repo add autoscaler https://kubernetes.github.io/autoscaler
helm install m5-cas autoscaler/cluster-autoscaler \ --set 'autoDiscovery.clusterName'=<CLUSTER NAME> \
-f values_ca.yaml
Contents of values_ca.yaml:
extraArgs:
logtostderr: true
stderrthreshold: info
v: 4
ignore-daemonsets-utilization: true
skip-nodes-with-system-pods: false
daemonset-eviction-for-empty-nodes: true
daemonset-eviction-for-occupied-nodes: true
skip-nodes-with-local-storage: false
scale-down-delay-after-add: 2m
scale-down-unneeded-time: 2m
unremovable-node-recheck-timeout: 2m
expander: priority
max-node-provision-time: 2m
Mach5 Cache Proxy
Run the following commands to install the mach5 cache proxy helm chart:
(Note: reader-key.json file has the json key for the service account for accessing Mach5 Search Artifact Registry. Contact Mach5 Search Administrator to get a copy of your reader-key.json file)
kubectl create namespace cert-manager
helm repo add jetstack https://charts.jetstack.io --force-update
helm repo update
helm install cm jetstack/cert-manager --version v1.5.3 -n cert-manager -f values_cm.yaml
kubectl create namespace cache-proxy
cat reader-key.json | helm registry login https://us-central1-docker.pkg.dev -u _json_key
--password-stdin
helm pull oci://us-central1-docker.pkg.dev/mach5-dev/mach5-docker-registry/mach5-cache-proxy
--version 1.13.1
helm install m5-cache mach5-cache-proxy-1.13.1.tgz -n cache-proxy -f values_cp.yaml
Contents of values_cm.yaml
prometheus:
enabled: false
installCRDs: true
Contents of values_cp.yaml
mach5ImagePullSecret:
dockerconfigjson: "CHANGE_ME" # Contact Mach5 Search Administrator for this value (image-pull-secret file)
kube-image-keeper:
registry:
env:
- name: blobdescriptorsize
value: 1000
persistence:
accessModes: ReadWriteOnce
enabled: true
storageClass: gp2
size: 75Gi
nodeSelector:
mach5-main-role: "true"
controllers:
nodeSelector:
mach5-main-role: "true"
proxy:
podAnnotations:
"cluster-autoscaler.kubernetes.io/enable-ds-eviction": "true"
fullnameOverride: "cache-proxy"
Mach5 Search
-
A license token is required to install Mach5. Please follow the instructions in this document: License Token Setup Guide and provide the requested details to the Mach5 Administrator to obtain your license.
-
Once you have the license token, create a mach5 namespace
kubectl create namespace mach5
- Run the following commands to install the mach5-search helm chart:
(Note: reader-key.json file has the json key for the service account for accessing Mach5 Search Artifact Registry. Contact Mach5 Search Administrator to get a copy of your reader-key.json file and for the version of Mach5 to be used - $version)
cat reader-key.json | helm registry login https://us-central1-docker.pkg.dev -u _json_key --password-stdin
helm pull oci://us-central1-docker.pkg.dev/mach5-dev/mach5-docker-registry/mach5-search --version $version
helm upgrade --install m5s $version -nmach5 -f values.yaml
The contents of the values.yaml
file, tailored to the deployment environment, are provided in the section below.
Once the installation is complete, initialize Mach5 Search by following the instructions based on cloud providers:
AKS: Initialize Mach5 Search in AKS
EKS: Initialize Mach5 Search in EKS
GKE: Initialize Mach5 Search in GKE
AKS (Azure Kubernetes Service Cluster)
Contents of values.yaml: (Edit fields marked CHANGE_ME)
mach5ImagePullSecret:
dockerconfigjson: "CHANGE_ME" # Contact Mach5 Search Administrator for this value (image-pull-secret file)
license:w
metered: false
token: "CHANGE_ME" # Contact Mach5 Search Administrator for this value
metadatadb: #Azure Database for PostgreSQL flexible server details
name: "postgres" #CHANGE_ME
host: "postgreshost" #CHANGE_ME
port: "5432" #CHANGE_ME
sslmode: "disable"
user: "postgres" #CHANGE_ME
password: "Password123" #CHANGE_ME
externalPostgresdb: true
pvc:
storageclass: "managed"
pvc:
storageclass: "managed"
mediator:
replicaCount: 1
existingClaim: false
cstoreSegmentCache:
enabled: true
loglevel: info
useGcpInstanceMetadata: false
cstoreCachefs:
rcachepvsize: "483183820800" #450GB
pvsize: "485331304448" #452GB
resourceLimit:
enabled: false
cstorecacheserver:
env:
enableEviction: true
mediatorcompactorcontroller:
cstoreCachefs:
rcachepvsize: "10737418240" #10GB
pvsize: "12884901888" #12GB
compaction_resources:
#enabled: true
max_compaction_memory:
enabled: true
value: "536870912" # 512M
mediatoringestorcontroller:
cstoreCachefs:
mountroot: /cachefs
rcachepv: /ingest
rcachepvsize: "10737418240" #10GB
pvsize: "12884901888" #12GB
ingestion_resources:
limits:
memory:
enabled: true
value: "4096Mi"
mediatorwarehousecontroller:
customnode:
enabled: true
workerresource:
mediator:
memory: "59055800320" #55GB
headresource:
ir:
memory: "1073741824" #1GB
os:
memory: "25769803776" #24GB
osd:
memory: "1073741824" #1GB
nginx:
azure:
enabled: true
loadBalancerInternal: "true"
argo-workflows:
# -- Keep CRDs on chart uninstall
crds:
install: true
keep: false
prometheus:
enabled: false
EKS
Contents of values.yaml: (Edit fields marked CHANGE_ME)
mach5ImagePullSecret:
createSecretResources: true
dockerconfigjson: "CHANGE_ME" # Contact Mach5 Search Administrator for this value
metadatadb:
name: "postgres"
host: "postgresdb"
port: "5432"
sslmode: "disable"
user: "postgres"
password: "" #CHANGE_ME
externalPostgresdb: false
pvc:
storageclass: "gp2"
mediator:
replicaCount: 1
existingClaim: false
cstoreSegmentCache:
enabled: true
loglevel: info
useGcpInstanceMetadata: false
cstoreCachefs:
rcachepvsize: "483183820800" #450GB
pvsize: "485331304448" #452GB
resourceLimit:
enabled: false
cstorecacheserver:
env:
enableEviction: true
pvc:
storageclass: "gp2"
teleportcollector:
useGcpInstanceMetadata: "false"
mediatorwarehousecontroller:
customnode:
enabled: true
workerresource:
mediator:
memory: "59055800320" #55GB
headresource:
ir:
memory: "1073741824" #1GB
os:
memory: "25769803776" #24GB
osd:
memory: "1073741824" #1GB
mediatorcompactorcontroller:
cstoreCachefs:
rcachepvsize: "10737418240" #10GB
pvsize: "12884901888" #12GB
compaction_resources:
#enabled: true
max_compaction_memory:
enabled: true
value: "536870912" # 512M
mediatoringestorcontroller:
cstoreCachefs:
mountroot: /cachefs
rcachepv: /ingest
rcachepvsize: "10737418240" #10GB
pvsize: "12884901888" #12GB
ingestion_resources:
limits:
cpu:
enabled: false
value: "1000m"
memory:
enabled: true
value: "4096Mi"
requests:
cpu:
enabled: false
value: "500m"
memory:
enabled: false
value: "1024Mi"
nginx:
loadBalancerInternal: "true"
loadBalancerSourceRanges:
- "0.0.0.0/0"
awsElbHttps:
enabled: false
sslCertARN: arn:aws:iam::user:server-certificate/id # Add ACM's ARN
argo-workflows:
# -- Keep CRDs on chart uninstall
crds:
install: true
keep: false
prometheus:
enabled: false
server:
persistentVolume:
enabled: true
size: 8Gi
service:
type: LoadBalancer
loadBalancerSourceRanges: ["0.0.0.0/0"] # Change this to your CIDR
annotations:
service.beta.kubernetes.io/aws-load-balancer-internal: "true"
EKS Shared Cluster with Taint Configuration
- Apply the following taint to your node to mark it as a Mach5-Search node:
kubectl taint nodes \<nodename\> mach5\=true:NoSchedule
Contents of values.yaml: (Edit fields marked CHANGE_ME)
mach5ImagePullSecret:
createSecretResources: true
dockerconfigjson: "CHANGE_ME" # Contact Mach5 Search Administrator for this value
metadatadb:
name: "postgres"
host: "postgresdb"
port: "5432"
sslmode: "disable"
user: "postgres"
password: "" #CHANGE_ME
externalPostgresdb: false
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
pvc:
storageclass: "gp2"
mdserver:
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
msearchserver:
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
meteringserver:
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
metricsserver:
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
dataexplorer:
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
mediator:
replicaCount: 1
existingClaim: false
cstoreSegmentCache:
enabled: true
loglevel: info
useGcpInstanceMetadata: false
cstoreCachefs:
rcachepvsize: "483183820800" #450GB
pvsize: "485331304448" #452GB
resourceLimit:
enabled: false
cstorecacheserver:
nodeassignment:
enabled: true
nodeSelector:
mach5-ccs-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
env:
enableEviction: true
cstoretxnrelayserver:
nodeassignment:
enabled: true
nodeSelector:
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
pvc:
storageclass: "gp2"
teleportcollector:
useGcpInstanceMetadata: "false"
mediatorwarehousecontroller:
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
headnodeselector:
enabled: true
nodeSelector:
mach5-warehouse-head-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
workernodeselector:
enabled: true
nodeSelector:
mach5-warehouse-worker-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
customnode:
enabled: true
workerresource:
mediator:
memory: "59055800320" #55GB
headresource:
ir:
memory: "1073741824" #1GB
os:
memory: "25769803776" #24GB
osd:
memory: "1073741824" #1GB
mediatorcompactorcontroller:
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
compactornodeselector:
enabled: true
nodeSelector:
mach5-compactor-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
cstoreCachefs:
rcachepvsize: "10737418240" #10GB
pvsize: "12884901888" #12GB
compaction_resources:
#enabled: true
max_compaction_memory:
enabled: true
value: "536870912" # 512M
mediatormaterializedviewcontroller:
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
ingestornodeselector:
enabled: true
nodeSelector:
mach5-ingestor-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
mediatoringestorcontroller:
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
ingestornodeselector:
enabled: true
nodeSelector:
mach5-ingestor-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
cstoreCachefs:
mountroot: /cachefs
rcachepv: /ingest
rcachepvsize: "10737418240" #10GB
pvsize: "12884901888" #12GB
ingestion_resources:
limits:
cpu:
enabled: false
value: "1000m"
memory:
enabled: true
value: "4096Mi"
requests:
cpu:
enabled: false
value: "500m"
memory:
enabled: false
value: "1024Mi"
nginx:
nodeassignment:
enabled: true
nodeSelector:
mach5-main-role: "true"
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
loadBalancerInternal: "true"
loadBalancerSourceRanges:
- "0.0.0.0/0"
awsElbHttps:
enabled: false
sslCertARN: arn:aws:iam::user:server-certificate/id # Add ACM's ARN
argo-workflows:
controller:
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
server:
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
# -- Keep CRDs on chart uninstall
crds:
install: true
keep: false
otel:
nodeassignment:
enabled: true
nodeSelector:
tolerations:
- key: "mach5"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
prometheus:
enabled: false
server:
persistentVolume:
enabled: true
size: 8Gi
service:
type: LoadBalancer
loadBalancerSourceRanges: ["0.0.0.0/0"] # Change this to your CIDR
annotations:
service.beta.kubernetes.io/aws-load-balancer-internal: "true"
GKE
Contents of values.yaml: (Edit fields marked CHANGE_ME)
mach5ImagePullSecret:
createSecretResources: true
dockerconfigjson: "CHANGE_ME" # Contact Mach5 Search Administrator for this value
metadatadb:
name: "postgres"
host: "postgresdb"
port: "5432"
sslmode: "disable"
user: "postgres"
password: "" #CHANGE_ME
externalPostgresdb: false
pvc:
storageclass: "standard"
mediator:
replicaCount: 1
existingClaim: false
cstoreSegmentCache:
enabled: true
loglevel: info
useGcpInstanceMetadata: false
cstoreCachefs:
rcachepvsize: "483183820800" #450GB
pvsize: "485331304448" #452GB
resourceLimit:
enabled: false
cstorecacheserver:
env:
enableEviction: true
pvc:
storageclass: "standard"
mediatorwarehousecontroller:
customnode:
enabled: true
workerresource:
mediator:
memory: "59055800320"
headresource:
ir:
memory: "536870912" # in bytes
os:
memory: "25769803776"
osd:
memory: "1073741824"
mediatorcompactorcontroller:
cstoreCachefs:
rcachepvsize: "10737418240" #10GB
pvsize: "12884901888" #12GB
compaction_resources:
#enabled: true
max_compaction_memory:
enabled: true
value: "536870912" # 512M
mediatoringestorcontroller:
cstoreCachefs:
mountroot: /cachefs
rcachepv: /ingest
rcachepvsize: "10737418240" #10GB
pvsize: "12884901888" #12GB
ingestion_resources:
limits:
cpu:
enabled: false
value: "1000m"
memory:
enabled: true
value: "4096Mi"
requests:
cpu:
enabled: false
value: "500m"
memory:
enabled: false
value: "1024Mi"
nginx:
loadBalancerInternal: "true"
loadBalancerSourceRanges:
- "0.0.0.0/0"
argo-workflows:
# -- Keep CRDs on chart uninstall
crds:
install: true
keep: false
resourcecontrol:
enabled: false
prometheus:
enabled: false