Install Linksight with Helm
The Linksight software can be easily installed on a Kubernetes cluster with the Linksight Helm chart. The chart deploys the Linksight components automatically, and allows ingress setup with custom annotations.
Components
The Linksight software consists of two components:
- Data station: The core where the datasets are managed and protocols are run together with other data stations across organizations.
- Analysis Hub: The component (frontend and backend) where users interact with the data station and Linksight platform to run data analyses.
Prerequisites
- Kubernetes cluster 1.20+
- Minimum specifications: Single node cluster with a node with 4(v)CPUs and 16 GB memory.
info
Optimal configuration depends on use-case and size of datasets. In general, more is better; the MPC compute node utilizes all CPU cores available during computation.
- The cluster should have a storage class which offers SSD storage, preferably disk storage instead of file/block/SMB/NFS storage. The Helm chart will assign one PVC of 16 GB and one of 1 GB.
- Minimum specifications: Single node cluster with a node with 4(v)CPUs and 16 GB memory.
- Helm 3 (see https://helm.sh/docs/intro/install/)
- A user account on the Governance Hub (https://linksight.network) with the
IT adminorOrganization adminrole.- No user account? Ask your organization administrator to invite you to the organization, or create a new organization after signing in.
- (Optional) A TLS certificate to secure the Analysis Hub.
- Using a TLS certificate is optional, however it is recommended to secure the connection between the user and the backend.
- An ingress with TLS can also be used to configure secure connections to the Analysis Hub.
If there is a firewall enabled for the Kubernetes cluster, please review the Connections & firewall rules page and apply the listed firewall rules to be able to connect to the services of Linksight.
Installation
Follow the Helm chart README from the latest chart. The README contains instructions on how to configure the chart with required and optional values.
The README can also be found in the chart of the respective version.
helm show readme oci://registry.linksight.network/charts/linksight [--version x.x.x]
The following points may provide some clarification:
- It is recommended to create a new
values.yamlfile, where you can define configuration to override the defaultvalues.yamlfile. It is not recommended to copy all values from the defaultvalues.yamland make modifications, as that might result in issues during an upgrade. - The interface that should be accessible for end users is located on port
8000of theanalysis-hub-frontendservice.- These can be directly exposed by setting
analysisHub.frontend.service.typetoLoadBalancer. - Another option is to use an ingress controller, such as ingress-nginx.
- Then, the
analysisHub.frontend.ingressconfiguration can be set as described in the chart description. - TLS can then also be configured in the ingress configuration, by storing the TLS certificates in a secret and referencing the name of this secret in
analysisHub.frontend.ingress.tlsSecretName.
- Then, the
- These can be directly exposed by setting
Pod security
For security reasons, we do not provided a shell in our images. To copy files onto the persistent volume of the data station, you can either:
-
Copy the files directly to the persistent volume.
-
Create a pod with the same persistent volume claim attached to this pod as the one that is used by the
datastationpod (datastation-pv-claim).An example of a manifest that can be used to create a pod to access the persistent volume claim under
/mnt:---
apiVersion: v1
kind: Pod
metadata:
name: data-upload-pod
namespace: <NAMESPACE>
spec:
containers:
- image: alpine:3
name: data-upload
command: ["sleep", "3600"]
volumeMounts:
- name: vol
mountPath: /mnt
restartPolicy: Never
volumes:
- name: vol
persistentVolumeClaim:
claimName: <RELEASE_NAME>-datastation-pv-claim
Next steps
- Register the nodes. Follow the instructions on the page
Register nodes.