Overview
Version
| Report Server Version | Functional Change |
|---|---|
11.0.10 | / |
Application Scenario
Kubernetes, an open-source container orchestration platform, is widely used for containerized workload management and deployment with multiple clouds and regions. It provides high availability and scalability.
After deploying FanRuan's applications on K8s, you need to register the applications. This document introduces how to perform container private cloud registrations for FanRuan's applications deployed on K8s.
This document (only a reference) takes the Cloud Container Engine (CCE) service of Huawei Cloud as the example environment. For other K8s cloud platforms, you can adjust operation steps accordingly.
Image Preparation
Authorized Image Obtaining
Use the email address specified in the contract and send the registration information to FineReport business personnel (business@fanruan.com). The email format is shown as follows.
After receiving the email and verifying the information, the business personnel will generate an image file named fanruan_license_server.tar of the authentication server and send the file to you by email.
Note:| Needed Information | Requirement | Note | |
|---|---|---|---|
Contact | Contact FanRuan sales personnel in advance to confirm relevant matters and sign the contract. | / | |
Sender | Use the email address specified in the contract. | If not, the registration will be rejected. | |
Recipient | business@fanruan.com | / | |
Title | Official Authorization Document of Company Name's Registration for FineReport | If you do not indicate the company name in the email, the registration will be rejected. | |
Body | Basic Information | Company name: Company Name Project name: Project Name Contract signing date: YYYY/MM/DD | / |
Registration Method | Container Private Cloud Authentication | / | |
Maximum Number of Registrations | Number of nodes in the cluster project | If this item is not provided, the default value is 1. You do not need to provide this item in the standalone mode. | |
Project Version | Provide the project's minor version and JAR package information. Check the above information under System Management > Registration Management > Version Information. | / | |
Image Uploading
Upload the authorized image package fanruan_license_server.tar (obtained in section "Authorized Image Obtaining") to an image repository, as shown in the following figure.
You are advised to save the authorized image and the FanRuan application component image in the same image repository. (You can skip this section if already have an image repository.)
Image Information Viewing
Record the repository address and version of the image (such as swr.cn-north-1.myhuaweicloud.com/fanruan/fanruan_license_server_amd64:1.0.0 in the following figure).
Authorized Application Creation
Namespace Selection/Creation
You can set multiple namespaces in a Kubernetes cluster. Each namespace is a relatively independent virtual space. Resources in different namespaces are also independent.
You are advised to install authorized applications and FanRuan's to-be-authorized applications in the same namespace (in which no other components are installed) of the same Huawei Cloud cluster, to achieve resource isolation in multiple applications.
Record the name (such as fanruan-test in the following figure) of the namespace.
Storage Creation
Storage in the K8s cluster is an important component for storing business data. You need to first create a static storage, which will be used in the following YAML file.
Create a static storage in the namespace selected in section "Namespace Selection/Creation."
Record the PersistentVolumeClaim (PVC) name (such as data-fr-0 in the following figure) of the static storage.
YAML File Modification
You can download and decompress the YAML file lic_example.zip.
Modify the following content as needed.
| Settings | Description |
|---|---|
namespace | Modify the value of namespace to the namespace name in section "Namespace Selection/Creation." |
claimName | Modify the value of claimName to the storage name in section "Storage Creation." |
image | Modify the value of image to the image information in section "Image Information Viewing." (If image pulling requires a key for authentication, you need to include the key in the value.) |
Resource Creation from YAML
Create an authorized application in the namespace selected in section "Namespace Selection/Creation" through the YAML file in section "YAML File Modification."
Authorization Authentication
Authentication Submission
1. Access the address (https://<host>:<Port number>/license/qrcode) of the authorized application to scan the QR code for authentication.
Protocol: the HTTPS protocol
host: the domain name fanruan-license-server.<namespace> (such as fanruan-license-server.fanruan-test), rather than an IP address. <namespace> is the one selected in section "Namespace Selection/Creation."
Port number: 8081
2. Scan the generated QR code through a mobile browser, enter the returned 6-digit verification code in the system, and click Submit, as shown in the following figure.
Note:1. The QR code is valid for five minutes. Ensure that the registration is completed in the specified time. You need to refresh the QR code manually if the registration is more than five minutes.
2. You'd better register the project immediately after obtaining the verification code. Do not restart the project until the registration is successful.
3. If the number of incorrect verification code attempts exceeds five times, the system will be locked for 15 minutes to prevent brute force attacks and high-frequency accesses to the interface.
Verification and Authorization in the Report Project
Log in to the decision-making platform as the admin, choose System Management > Registration Management, and click Register Now, as shown in the following figure.
Set Authentication Method to Private Cloud, set Server Address (https://<host>:<Port number>) to the domain name and listening port number of the authorized application in section "Authentication Submission", and click Submit, as shown in the following figure.
Note:
The following figure shows the effect of the successful authentication.
Note:1. The maximum number of connections represents the maximum number of projects that can apply for authorization registrations to the authorization server at the same time.
2. If the authentication fails, you need to check the firewall setting (open the corresponding port or disable the firewall).
