domino logo
About DominoArchitecture
Kubernetes
Cluster RequirementsDomino on EKSDomino Kubernetes Version CompatibilityDomino on GKEDomino on AKSDomino on OpenShiftNVIDIA DGX in DominoDomino in Multi-Tenant Kubernetes ClusterEncryption in Transit
Installation
Installation ProcessConfiguration ReferenceInstaller Configuration ExamplesPrivate or Offline InstallationCustom Certificatesfleetcommand-agent release notes
Azure Deployments
Prepare for InstallationProvision Infrastructure and Runtime EnvironmentDeploy Domino
Google Cloud Deployments
Prepare for InstallationProvision Infrastructure and Runtime EnvironmentDeploy Domino
Amazon Web Services Deployments
Prepare for InstallationProvision Infrastructure and Runtime EnvironmentDeploy Domino
Configuration
Central ConfigurationNotificationsFeature FlagsChange The Default Project For New UsersProject Stage ConfigurationDomino Integration With Atlassian Jira
Compute
Manage Domino Compute ResourcesHardware Tier Best PracticesModel Resource QuotasPersistent Volume ManagementAdding a Node Pool to your Domino ClusterRemove a Node from Service
Keycloak Authentication Service
Operations
Domino Application LoggingDomino MonitoringSizing Infrastructure for Domino
Data Management
Data in DominoData Flow In DominoExternal Data VolumesConfigure Data Source AuthenticationDatasets AdministrationSubmit GDPR Requests
User Management
RolesManage UsersView User InformationRun a User Activity ReportSchedule a User Activity Report
Environments
Environment Management Best PracticesCache Environment Images in EKSImages From Authenticated External Registries
Backup and Restore
Backup StructureBackup LocationCustomize BackupsRun a Manual, On-Demand BackupRestore backups
Control Center
Control Center OverviewExport Control Center Data with The API
Troubleshooting
domino logo
About Domino
Domino Data LabKnowledge BaseData Science BlogTraining
Admin Guide
>
Installation
>
Azure Deployments
>
Deploy Domino

Deploy Domino

Use the information in this section to deploy Domino components in the Azure infrastructure.

  1. Use the environment variables to set the values of IDs, names, and labels in your Azure environment. This simplifies the commands that you will use when installing the Domino components.

    export SUB_ID=<ID of the subscription where AKS was deployed>
    export RG_NAME=<Name of the resource group where AKS was deployed>
    export CLUSTER_NAME=<AKS cluster name>
    export DOMINO_VER=<Domino version to deploy>
    export QUAY_USERNAME=<quay.io username provided by Domino>
    export QUAY_PASSWORD=<quay.io password provided by Domino>
    Note
  2. To retrieve credentials for the Kubernetes cluster, run the following command to add the AKS credentials to your kubectl config file:

    az aks get-credentials --subscription $SUB_ID --resource-group $RG_NAME --name $CLUSTER_NAME
  3. To create the domino-platform namespace, run:

    kubectl create namespace domino-platform
  4. To set up your HTTPS certificate, run the following command to create a secret that uses the certificate for the domain name. This domain name allows the Domino management plane to be accessible through HTTPS:

    kubectl -n domino-platform create secret tls my-cert --key=<path to your private key> --cert=<path to your cert>

The fleetcommand-agent runs as a container. It installs and configures Domino components. The fleetcommand-agent uses an installation template to gather the required parameters for the environment and sets them when installing Domino components.

The installation process with fleetcommand-agent generates a blank installation template where you enter your environment parameters and then provide them to fleetcommand-agent to perform the installation tasks.

Generate a blank installation template with fleetcommand-agent:
  1. If you aren’t logged into quay.io, execute: docker login -u $QUAY_USERNAME -p $QUAY_PASSWORD quay.io

  2. Run the following command to generate a domino.yml template configuration file in the current working directory.

    Note
    docker run --rm -it \
      -v $(pwd):/install \
      quay.io/domino/fleetcommand-agent:v55 \
      init --file /install/domino.yml --version $DOMINO_VER
    Note
Enter your environment parameters into the configuration template
  1. Open the domino.yml file and edit the attributes as follows:

    • name: The name of the deployment. This can’t be changed post-deployment.

    • hostname: The hostname for the Domino install (for example, domino.example.com).

    • pod_cidr: The default network range is 10.0.0.0/8, but this must match the full IP range that your cluster uses.

    • storage_classes.block.type: azure-disk

    • storage_classes.shared.type: azure-file

    • blob_storage.projects.type: shared

    • blob_storage.logs.type: shared

    • blob_storage.backups.type: shared

    • blob_storage.backups.azure.account_name: STORAGE_ACCOUNT_NAME value

    • blob_storage.backups.azure.account_key: STORAGE_ACCOUNT_KEY value

    • blob_storage.backups.azure.container: STORAGE_ACCOUNT_CONTAINER_NAME value

    • helm.cache_path: /app/charts

    • private_docker_registry.username: Your quay.io username.

    • private_docker_registry.password: Your quay.io password.

    • internal_docker_registry.enabled: false

    • external_docker_registry: The container registry DNS name.

  2. Add the following code to the end of the file. Replace <TENANT_ID value> and <AAD_CLIENT_ID value> with the values for your Azure account and cluster.

    services:
      nginx_ingress:
        version: 1.30.0-0.5.3
        chart_values:
          controller:
            kind: Deployment
            hostNetwork: false
            service:
              enabled: true
              type: LoadBalancer
            extraArgs:
              default-ssl-certificate: domino-platform/my-cert
      forge:
        version: 0.19.4
        install_timeout: 300
        chart_values:
          config:
            azure:
              tenantId: <TENANT_ID value>
              aadClientId: <AAD_CLIENT_ID value>
    Note
Use fleetcommand-agent to install:

Run the fleetcommand-agent-install.sh script from the same folder where the domino.yml file is located.

Tip
Setup DNS:

Use kubectl -n domino-platform get svc nginx-ingress-controller to get the external IP to access your instance’s Domino management plane so that you can update your DNS records accordingly.

Validate your installation:
  1. To perform basic validation, go to https://\<YOUR DOMAIN\>/auth/.

  2. Login with the username keycloak and the password from the keycloak-http secret in the domino-platform namespace.

  3. Use the following command to get the password:

    echo -e "\nyour password is: $(kubectl get secret keycloak-http  -n domino-platform --template={{.data.password}} | base64 -d)\n"
  4. Go to Users in the navigation pane and click Add User.

  5. Enter the username, first name, last name, email address, and then click Save.

  6. Go to the Credentials tab and add a password.

  7. Optional: Disable Temporary.

  8. Click Set Password.

  9. Go to Role Mappings.

  10. From Client Roles, select domino-play.

  11. Select the User role and add it to your user.

  12. Go to the main page for your Domino deployment (for example, https://\<YOUR DOMAIN\>) and sign in with your new Domino user.

  13. Go to Environments > Domino Standard Environment Py3.8 R4.1 > Revisions and make sure the revision is active. If not, use Build Logs to try to solve the problem.

  14. Go to Projects > Quick-start > Workspaces and launch a new workspace using Jupyter (this can take a while).

  15. When the new workspace is created open main.ipynb and confirm that you can execute the script without errors.

Enable user registration

Use Keycloak to enable user registration, so users can access your fresh Domino install. Keycloak is a user authentication service that runs on a pod in your cluster.

  1. Sign in to Keycloak on your Domino instance.

  2. In the Keycloak sidebar menu, select Realm Settings.

  3. Select the Login tab, and toggle User registration to On.

  4. Click Save to confirm your changes.

Domino Data LabKnowledge BaseData Science BlogTraining
Copyright © 2022 Domino Data Lab. All rights reserved.