Ctrlk
opencrvs.orgGithub

Deploy OpenCRVS with external data stores

General information

OpenCRVS can be deployed on decoupled infrastructure with clear permissions and responsibilities segregation. Default environment configuration script doesn't support advanced deployment scenario.

Only full backup and restore process jobs have support for decoupled data stores. Please refer to official Postgres and MinIO documentation how to configure backup/restore.

Supported data stores:

  • MinIO

  • Elasticsearch

  • Postgres

Postgres

This guide doesn't cover Postgres installation and configuration

Assumptions made:

  • Database server port 5432 is available from Kubernetes nodes

  • OpenCRVS DevOps/Sysadmin has Postgres admin user credentials

Configure OpenCRVS to use external Postgres

  1. Modify GitHub secrets for your environment:

    1. POSTGRES_USER

    2. POSTGRES_PASSWORD

  2. Modify Dependencies helm chart configuration:

    1. Open environments/<environment>/dependencies/values.override.yaml and add following lines to disable postgres:

      postgres:
  enabled: false

    2. Open environments/<environment>/opencrvs-services/values.override.yaml and add following lines to point OpenCRVS to external database server: 

      postgres:
  host: <hostname or IP address>

  3. Commit your changes to GitHub

  4. Deploy Dependencies

  5. Deploy OpenCRVS

Postgres admin user configuration

Suppose you want your admin user to be called adminuser:

Copy

Explanation:

  • WITH LOGIN: Allows the user to log in.

  • PASSWORD 'your_secure_password': Sets the password (replace this with a strong password).

  • SUPERUSER: Grants all access; the user can create roles, databases, schemas, tables, etc.

  • CREATEDB: Allows creating new databases.

  • CREATEROLE: Allows creating new roles.

  • REPLICATION: Not necessary unless you want replication privileges (optional).

MinIO

Assumptions made:

  • MinIO internal server ports 9000 and 9001 are available from Kubernetes cluster nodes

  • OpenCRVS DevOps/Sysadmin has MinIO admin user credentials

  • MinIO frontend is exposed as subdomain of OpenCRVS domain. E/g If OpenCRVS is deployed as opencrvs.example.com then MinIO may have any URL under opencrvs.example.com (my-minio.opencrvs.example.com).

Configure OpenCRVS to use external MinIO

  1. Modify GitHub secrets for your environment:

    1. MINIO_ROOT_USER

    2. MINIO_ROOT_PASSWORD

  2. Modify Dependencies helm chart configuration:

    1. Open environments/<environment>/dependencies/values.override.yaml and add following lines to disable MinIO:

    2. Open environments/<environment>/opencrvs-services/values.override.yaml and add following lines to point OpenCRVS to external MinIO server:

  3. Commit your changes to GitHub

  4. Deploy Dependencies

  5. Deploy OpenCRVS

Elasticsearch

Assumptions made:

  • Elasticsearch server port 9200 is available from Kubernetes nodes

  • Elasticsearch admin user name is elastic and OpenCRVS DevOps/Sysadmin has password.

Configure OpenCRVS to use external Elasticsearch

  1. Modify GitHub secret for your environment:

    1. ELASTICSEARCH_SUPERUSER_PASSWORD

  2. Modify Dependencies helm chart configuration:

    1. Open environments/<environment>/dependencies/values.override.yaml and add following lines to disable Elasticsearch:

    2. Open environments/<environment>/opencrvs-services/values.override.yaml and add following lines to point OpenCRVS to external Elasticsearch server:

  3. Commit your changes to GitHub

  4. Deploy Dependencies

  5. Deploy OpenCRVS

PreviousDisk space managementNextConfiguration

Last updated