Alfresco Content Services Helm Deployment with external Hazelcast cluster

• Alfresco Content Services Helm Deployment with external Hazelcast cluster.
  • Prerequisites
  • Known issues
  • Step by step guide
  • Tests

Prerequisites

• Having installed either of:
  • Rancher for Desktop. Includes kubectl and Helm, ready to use right after installation.
  • Docker for Desktop. Requires separate install of kubectl and Helm.

Known issues

This feature won’t be showing proper server details on Alfresco UI in Repository Server Clustering under section Cluster Members. Alfresco repository pod will be still present after scaling it down. Pod with new name will be added to list but the older will still remain. To verify that the solution is working you can check management center or do manual test described in Tests

Step by step guide

1. Deploy alfresco-content-services. See desktop deployment section. Remember to stick to one namespace in next steps.

2. Prepare a valid Hazelcast xml configuration, which also must include different cache definitions depending on the ACS version. You can generate it by following the steps in Alfresco docs. For testing you can use config generated by us on 23.2.0-M1 and skip to 7th step.
   • Example file: caches.properties

3. Replace the <cluster-name> within the alfresco-hazelcast-config.xmlfile with a secure value that is hard to guess. For all intents and purposes this field should be treated as a password, as if matching it allows client-server / member-member connection.

4. Add appropriate configuration for kubernetes autodiscovery feature and rest api groups depending on your choice.

    <network>
        <join>
            <kubernetes enabled="true">
                <service-name>hazelcast</service-name>
            </kubernetes>
        </join>
        <rest-api enabled="true">
            <endpoint-group name="DATA" enabled="true"/>
        </rest-api>
    </network>
    <jet enabled="true">
    </jet>
   

5. Optionally change the values for management center. Either enter the internal network address of your k8s or delete the whole section.

    <management-center data-access-enabled="true">
        <trusted-interfaces>
            <interface>10.42.0.*</interface>
        </trusted-interfaces>
    </management-center>
   

6. Now preparation of the xml configuration is finished. Next step is to create configmap manifest. Add below section to newly created file:

    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: manual-hazelcast-configuration
      labels:
        app.kubernetes.io/name: hazelcast
    data:
      hazelcast.xml: |
   

   Now copy generated xml configuration into manifest file. (Remember to correctly indent copied text)

7. Deploy created manifest

    kubectl apply -f configmap-hazelcast.yaml
   

8. Deploy hazelcast with values presented below

    hazelcast:
      javaOpts: -Dhazelcast.config=/data/hazelcast/hazelcast.xml
      existingConfigMap: manual-hazelcast-configuration
    mancenter:
      enabled: true
        yaml:
          hazelcast-client:
            cluster-name: test
   

    helm repo add hazelcast https://hazelcast-charts.s3.amazonaws.com/
    helm repo update
    helm install hazelcast hazelcast/hazelcast -f hazelcast.yaml
   

9. Now change the config of alfresco-repository by adding another values file. In below file specify properties that will make repository use external hazelcast cluster deployed in previous step. Remember to accordingly change the values if needed.

    alfresco-repository:
      replicaCount: 3
      config:
        repository:
          additionalGlobalProperties:
            alfresco.hazelcast.embedded: false
            alfresco.hazelcast.client.address: hazelcast:5701
            alfresco.cluster.name: test
   

    helm upgrade acs helm/alfresco-content-services \
    --values local-dev_values.yaml \
    --set global.search.sharedSecret=$(openssl rand -hex 24) \
    --atomic \
    --timeout 10m0s \
    --values acs-hazelcast.yaml
   

Tests

1. Make sure that you have installed fresh environment. Do not login into Alfresco UI yet.

2. Get into a shell of container created by previous commands.

    kubectl run -i --tty --rm --image ubuntu test-shell -- /bin/bash
   

3. Execute curl command against all hazelcast nodes.

    curl http://hazelcast-0.hazelcast.default.svc.cluster.local:5701/hazelcast/rest/maps/cache.usernameToTicketIdCache/admin -o -
   

    curl http://hazelcast-1.hazelcast.default.svc.cluster.local:5701/hazelcast/rest/maps/cache.usernameToTicketIdCache/admin -o -
   

    curl http://hazelcast-2.hazelcast.default.svc.cluster.local:5701/hazelcast/rest/maps/cache.usernameToTicketIdCache/admin -o -
   

   You should get empty response.

4. Login into Alfresco UI on http://localhost/alfresco/s/enterprise/admin/admin-clustering and after that repeat commands from previous step. You should see response from all nodes similar to this:

    ????????admin????(92023d8ea10294a2e32b238963e67d8013342e30