Deploy OpenCRVS with external data stores
General information
OpenCRVS can be deployed on decoupled infrastructure with clear permissions and responsibilities segregation. Default environment configuration script doesn't support advanced deployment scenario.
Only full backup and restore process jobs have support for decoupled data stores. Please refer to official Postgres and MinIO documentation how to configure backup/restore.
Supported data stores:
MinIO
Elasticsearch
Postgres
Postgres
This guide doesn't cover Postgres installation and configuration
Assumptions made:
Database server port 5432 is available from Kubernetes nodes
OpenCRVS DevOps/Sysadmin has Postgres admin user credentials
Configure OpenCRVS to use external Postgres
Modify GitHub secrets for your environment:
POSTGRES_USERPOSTGRES_PASSWORD
Modify Dependencies helm chart configuration:
Open
environments/<environment>/dependencies/values.override.yamland add following lines to disable postgres:postgres: enabled: falseOpen
environments/<environment>/opencrvs-services/values.override.yamland add following lines to point OpenCRVS to external database server:postgres: host: <hostname or IP address>
Commit your changes to GitHub
Deploy Dependencies
Deploy OpenCRVS
Postgres admin user configuration
Suppose you want your admin user to be called adminuser:
Copy
Explanation:
WITH LOGIN: Allows the user to log in.PASSWORD 'your_secure_password': Sets the password (replace this with a strong password).SUPERUSER: Grants all access; the user can create roles, databases, schemas, tables, etc.CREATEDB: Allows creating new databases.CREATEROLE: Allows creating new roles.REPLICATION: Not necessary unless you want replication privileges (optional).
MinIO
Assumptions made:
MinIO internal server ports 9000 and 9001 are available from Kubernetes cluster nodes
OpenCRVS DevOps/Sysadmin has MinIO admin user credentials
MinIO frontend is exposed as subdomain of OpenCRVS domain. E/g If OpenCRVS is deployed as opencrvs.example.com then MinIO may have any URL under opencrvs.example.com (my-minio.opencrvs.example.com).
Configure OpenCRVS to use external MinIO
Modify GitHub secrets for your environment:
MINIO_ROOT_USERMINIO_ROOT_PASSWORD
Modify Dependencies helm chart configuration:
Open
environments/<environment>/dependencies/values.override.yamland add following lines to disable MinIO:Open
environments/<environment>/opencrvs-services/values.override.yamland add following lines to point OpenCRVS to external MinIO server:
Commit your changes to GitHub
Deploy Dependencies
Deploy OpenCRVS
Elasticsearch
Assumptions made:
Elasticsearch server port 9200 is available from Kubernetes nodes
Elasticsearch admin user name is
elasticand OpenCRVS DevOps/Sysadmin has password.
Configure OpenCRVS to use external Elasticsearch
Modify GitHub secret for your environment:
ELASTICSEARCH_SUPERUSER_PASSWORD
Modify Dependencies helm chart configuration:
Open
environments/<environment>/dependencies/values.override.yamland add following lines to disable Elasticsearch:Open
environments/<environment>/opencrvs-services/values.override.yamland add following lines to point OpenCRVS to external Elasticsearch server:
Commit your changes to GitHub
Deploy Dependencies
Deploy OpenCRVS
Last updated