Skip to main content

Post Deployment Steps

Check Cluster Components

After deployment completes, verify that all pods are running:

# Single namespace mode
kubectl get pods -n <instanceSlug>

Check that all Helm releases are deployed:

helm list -n <instanceSlug> -a

Or using helmfile:

helmfile -f deployment/helmfile.yaml status -e local

Check Ingress

Check that ingress resources are created and have addresses assigned:

kubectl get ingress -n <instanceSlug>

Verify linkerd

linkerd viz

You can use linkerd viz to check the status of the service mesh.

If you installed linkerd with the linkerd install command, you can enable the viz extension with:

linkerd viz install | kubectl apply -f -
linkerd viz check

# get stats for all pods in the instance namespace
linkerd viz stat pods -n <instanceslug>

# open linkerd viz dashboard in browser
linkerd viz dashboard

Of course, you can install linkerd viz as helm chart as well. After that you can check the dashboard with port forwarding:

kubectl -n linkerd-viz port-forward svc/web 8084:8084

# open http://localhost:8084/ in browser to access the dashboard

without linkerd viz

If you don't want to use linkerd viz, you can also check the existence of linkerd sidecars with kubectl:

# check if all pods have the linkerd proxy sidecar injected
kubectl -n <instanceslug> get pods -o custom-columns=NAME:.metadata.name,PROXY:.spec.containers[*].name

Access the Platform

Once deployment is verified, access the platform services:

ServiceURL
Portalhttps://portal.<domain>
Keycloak Adminhttps://idm.<domain>/admin

Retrieve initial credentials

tip

During installation, two users are created in Keycloak:

  • the global admin user in the master realm with the username admin. Please do not change or delete this user as it is required for managing the platform realm and all other realms.
  • an admin user in the platform realm (defined as instanceSlug) with the username admin@{{domain}} and the same password. This user is created initially and can then be modified, deactivated or deleted as desired. If you delete this user, it will not be created again during the next deployment.

The secrets component auto-generates passwords for services. You can access the admin password with the following command:

kubectl get secret -n dev keycloak-admin-user -o jsonpath='{.data.password}' | base64 --decode

Access Keycloak Admin Console

  • URL: http://idm.<domain>/admin
  • Username: admin
  • Password: see above command to get the password

Access Portal

  • URL: http://portal.<domain>/
  • Username: admin@<domain>
  • Password: see above command to get the password