Installing CCC using Azure
This guide provides step-by-step instructions for deploying CCC using Azure, covering two key approaches: private connections and public connections. Each method provides a secure, reliable setup, allowing CCC to take full advantage of Azure’s performance capabilities. Carefully follow these steps to complete a successful CCC installation in your Azure environment.
Installing CCC using Azure private connections
Here are the steps for deploying CCC using Azure private connections:
Create an Azure Virtual Network by going to Azure and setting up a new Virtual Network with the necessary details such as subscription, resource group, name, and region. Add subnets for Azure Kubernetes Service (AKS) and the PostgreSQL database. Review the details and click Create.
Set up an Azure PostgreSQL Flexible Server for the CCC database. Fill in the required information in the Basics tab and ensure PostgreSQL version 14 is selected. In the Networking tab, set connectivity to Private Access, choose the virtual network created earlier, and select the PostgreSQL subnet. Review and click Create. After creation, connect to the PostgreSQL server and create a user named lunadirector and a database named lunadirectordb. Note that both must have the same name for CCC to function properly.
Create an Azure Kubernetes Service (AKS) cluster for CCC. In the Networking tab, enable Private Cluster to restrict public access, select Bring your own Azure virtual network, choose the previously created virtual network, and designate the subnet for AKS. Review and click Create to deploy the AKS cluster.
Unzip the folder containing the deployment files for CCC.
Load the CCC image into Docker:
docker load -i ccc 4.3.0.tar
Tag and push the image to your Azure Container Registry (ACR). For example:
docker tag ccc:4.3.0 [registry_name].azurecr.io/ccc:4.3.0 docker push [registry_name].azurecr.io/ccc:4.3.0
Open the deployment.yaml file and update the image name to match the one pushed to your ACR.
Open the configmap.yaml file and configure the necessary options for CCC. In the CCC_DB_LISTEN_IP field, enter your Azure PostgreSQL DNS name. Save the updated file.
Create Kubernetes Secrets for CCC passwords by executing the following command in your terminal:
kubectl create secret generic ccc-password \ --from-literal=CCC_TRUSTSTORE_PASSWORD='password' \ --from-literal=CCC_KEYSTORE_PASSWORD='password' \ --from-literal=CCC_CREDENTIALSTORE_PASSWORD='password' \ --from-literal=HSM_PASSWORD1='password' \ --from-literal=CRYPTO_OFFICER_PASSWORD='password' \ --from-literal=HSM_PASSWORD2='password' \ --from-literal=CCC_ADMIN_PASSWORD='password' \ --from-literal=CA_CERTIFICATE_PASSWORD='password' \ --from-literal=CCC_DB_PASSWORD='password'
Create Kubernetes Secrets for CCC certificates by running:
kubectl create secret generic ccc-certificate --from-file="certificate_path"
Run the following command to create the CCC service by applying the necessary deployment configurations defined in service.yaml:
kubectl apply -f service.yaml
Use the command below to fetch the external IP address of the service, which will be required in Step 13. This command provides detailed information about all resources in the cluster:
kubectl get all -o wide
Launch the CCC server by running the following command:
sh start-ccc-server.sh
Input the external IP address that will host the CCC server.
If you use LDAPS, refer to the steps for configuring LDAPS for CCC on the Installing CCC page.
Installing CCC using Azure public connections
Here are the steps for deploying CCC using Azure public connections:
Create an Azure PostgreSQL Flexible Server for the CCC database by providing the necessary details like resource group, server name, and region in the Basics tab. Ensure PostgreSQL version 14 is selected.
In the Networking tab, set connectivity to Public Access, enabling both Allow public access and Allow access from any Azure service within Azure.
Review the details and click Create to establish the PostgreSQL server.
Once the server is created, connect to PostgreSQL and create a user named lunadirector and a database named lunadirectordb.
Set up an Azure Kubernetes Service (AKS) cluster for CCC deployment in your Azure environment.
Unzip the folder containing the deployment files for CCC.
Load the CCC image into Docker:
docker load -i ccc 4.3.0.tar
Tag and push the image to your Azure Container Registry (ACR). For example:
docker tag ccc:4.3.0 [registry_name].azurecr.io/ccc:4.3.0 docker push [registry_name].azurecr.io/ccc:4.3.0
Open the deployment.yaml file and update the image name to match the one pushed to your ACR.
Open the configmap.yaml file and configure the necessary options for CCC. In the CCC_DB_LISTEN_IP field, enter your Azure PostgreSQL DNS name. Save the updated file.
Create Kubernetes Secrets for CCC passwords by executing the following command:
kubectl create secret generic ccc-password \ --from-literal=CCC_TRUSTSTORE_PASSWORD='password' \ --from-literal=CCC_KEYSTORE_PASSWORD='' \ --from-literal=CCC_CREDENTIALSTORE_PASSWORD='password' \ --from-literal=HSM_PASSWORD1='password' \ --from-literal=CRYPTO_OFFICER_PASSWORD='password' \ --from-literal=HSM_PASSWORD2='password' \ --from-literal=CCC_ADMIN_PASSWORD='password' \ --from-literal=CA_CERTIFICATE_PASSWORD='password' \ --from-literal=CCC_DB_PASSWORD='password'
Create Kubernetes Secrets for CCC certificates by running:
kubectl create secret generic ccc-certificate --from-file="certificate_path"
Run the following command to create the CCC service by applying the necessary deployment configurations defined in service.yaml:
kubectl apply -f service.yaml
Use the command below to fetch the external IP address of the service, which will be required in Step 15. This command provides detailed information about all resources in the cluster:
kubectl get all -o wide
Launch the CCC server by running the following command:
sh start-ccc-server.sh
Input the external IP address that will host the CCC server.
If you are an LDAPS user, follow the steps to configure LDAPS for CCC on the Installing CCC page.
