Quantotto Predictive Surveillance Platform

View on GitHub

Creating Customer

Video guide for this section

Quantotto is designed with multi-tenancy in mind. In distributed deployment, you can deploy services for multiple customers using the same procedure described in this section.

To configure a new customer deployment, run:

  qtok8s customer config

and respond to the displayed prompts. Here is the list of options:

qtok8s customer config --help
Usage: qtok8s customer config [OPTIONS]

  Creates new customer environment

Options:
  --customer-id TEXT        New customer ID  [required]
  --customer-name TEXT      New customer name  [required]
  --admin-email TEXT        Email address of admin user  [required]
  --admin-login TEXT        Login of admin user  [required]
  --admin-first-name TEXT   First name of admin user  [required]
  --admin-middle-name TEXT  Middle name of admin user  [default: ; required]
  --admin-last-name TEXT    Last name of admin user  [required]
  --admin-password TEXT     Admin user password
  --superadmin-secret TEXT  Super admin secret  [required]
  --help                    Show this message and exit.

NOTE:
There is no need to configure encryption settings; those from server configuration will be re-used.

Let’s assume the following values for our new customer:

Customer id: acme
Customer name: Acme Inc.
Admin email: acme@example.com
Admin login: acmeuser
Admin first name: Jane
Admin middle name []:
Admin last name: Doe
Admin password: ******
Superadmin secret: ******

Entering these values, will produce the below output (if successful):

Encrypting customer/acme/acme_customer_secrets.yaml
[PGP]    time="2021-01-25T16:53:35-08:00" level=warning msg="Deprecation Warning: GPG key fetching from a keyserver witihin sops will be removed in a future version of sops. See https://github.com/mozilla/sops/issues/727 for more information."
Encrypted acme_customer_secrets.yaml
Customer acme environment configuration was written successfully.

Run 'helmfile -f /opt/quantotto/install/helmfile/acme_customer_helmfile.yaml sync' to deploy

Feel free to ignore PGP warning at this point.

Now, you can deploy Acme customer services using the given helmfile command above.

NOTE: At this point, we place customer pods into server namespace (quantotto). We will consider namespaces separation
for next releases. It requires some work on shared storage across namespaces.

While helmfile command is running or after it is complete, you can watch customer pods being deployed with:

watch "kubectl get pods -n quantotto | grep acme"

Substitute acme with your customer ID. Example output:

Every 2.0s: kubectl get pods -n quantotto | grep acme                      Thu Jan 28 20:38:29 2021

faces-recognizer-acme-5bcf55757b-zcqxx    1/1     Running   0          55s
portal-acme-5b8749ccdb-9jg5b              1/1     Running   0          56s
real-time-data-acme-6499b7bdd-vkxwp       1/1     Running   0          55s
training-scheduler-acme-d94ffb49b-9k7sj   1/1     Running   0          55s
triggers-runner-acme-74f7d55d79-vt5ld     1/1     Running   0          55s