Installing Appian on Kubernetes Share Share via LinkedIn Reddit Email Copy Link Print On This Page Overview This page walks through how to install Appian on Kubernetes for self managed customers. The instructions show how to install on a server-based cluster. It is aimed at platform engineers with experience with Kubernetes, Helm, and container images. Appian is installed on Kubernetes using a custom resource definition (CRD) and an operator. Before performing the install you should be familiar with these concepts. To read about them, see What is the Appian Operator? Note: These documents specifically deal with deployment, maintenance, and configuration tasks that are unique to Appian on Kubernetes. For installing Appian on machine-based servers, see the Installation Guide. Prerequisites Make sure you have the following prerequisites and system requirements before installing Appian on Kubernetes. Note: These instructions are to configure a single node instance of Appian on Kubernetes. Refer to our high availability docs for more information if you would like a multi-node (HA) instance of Appian to setup an HA deployment of Appian using the Appian operator. Supported Environments Appian on Kubernetes supports the following Kubernetes platforms: Azure Kubernetes Service Amazon EKS Red Hat OpenShift Google GKE Appian on Kubernetes does not support AWS Fargate, GKE Autopilot, Azure ACI, or similar "serverless" virtualized environments. Request licenses You need to request license files specifically for Appian on Kubernetes. There are two types of licenses: temporary and long-term. Note: Generating the long-term license files can take up to 4-5 business days. You'll want to request temporary license files first, or both the temporary and long-term licenses in the same request. Temporary license files are valid for 6 days. Request temporary license files when a new Appian instance is being set up for the first time or a long-term license has expired and you want to renew it. Long-term license files are valid for an extended period of time, and only valid for the site URL for which they were requested. Request long-term license files when you've already obtained temporary license files to set up an Appian instance, or your existing license files are about to expire and you want to proactively request replacements. Note: We now require submitting both an Appian site name (custom resource name) and a valid site URL before we generate license files, as detailed in the steps below. If you have not requested a license in this manner before, you must do so at your earliest convenience. You can request temporary and long-term licenses by creating a new support case on Forum. In the Case Title, enter Self-Managed Kubernetes License Request. Enter your Appian site name. This should be what you intend to use when creating the Appian custom resource. It must contain only lowercase alphanumeric characters or the symbols - or . and must be no more than 16 characters. For example, company-name. Enter the URL you intend to use for your Appian site, following the same pattern as above. For example, company-name.com. This will be the URL you use in your configured .spec.url. For Severity, select 4 - Questions, Licenses, Forum Accounts, and Support Accounts. For long-term licenses, the request is fulfilled as follows: If you are your organization's primary POC (point of contact), then the Appian license administrators will review your request and provide you with the license files or the next steps required to generate the long-term license files. If you are not your organization's primary POC, then the request will first go to your organization's POC who will have to approve this request. If the POC approves the request, the Appian license administrators will review the request and provide you the license files or the next steps required to generate the long-term license files. Download artifacts You'll need to download the Appian operator Helm chart, pull the Appian operator and Appian container images, and push the images to your organization's registry. Kubernetes This release has been explicitly tested against Kubernetes v1.26-v1.30. To check your server version, run kubectl version. Exposing Appian Appian needs to be exposed outside of Kubernetes to allow access to Apache Web Server (httpd) and webapp components. See Exposing Appian Outside Kubernetes to learn about different ways of exposing Appian. How you choose to expose Appian will affect the configuration of the Appian custom resource; we’ll remind you of this configuration during that step. Installing NGINX ingress controller (optional) To expose Appian via Ingress, you can optionally do a new install of NGINX Ingress Controller on Kubernetes. If you are exposing Appian using a different method or are already using an ingress controller on your Kubernetes cluster, you can ignore this step. Install ingress-nginx using Helm. Be sure to verify the install. Relational database Appian on Kubernetes does not install a relational database. You need to provide your own relational database for each site to serve as its Appian data source. Ensure you provide at least one business data source to make use of data stores. Your database can either run within the Kubernetes cluster or outside of it. If you want to connect directly to a database outside the cluster, ensure that the database is accessible from within the cluster. Appian RPA database configuration To use Appian RPA, you must also create and configure multiple databases on the MariaDB server, ensuring the URL, username, and password are correctly set in the configuration files. RDBMS/JDBC drivers Appian supports the following relational databases. If you'd like to use Aurora MySQL, MySQL or IBM Db2 as the Appian data source or a business data source, you’ll need to use the Appian CRD's support for specifying init containers. The same goes for older supported versions of other relational databases that require different driver versions. Installation Once all your prerequisites are in order, the following steps will install Appian on Kubernetes. 1. Install the Appian operator The following steps will install the Appian operator in the appian-operator namespace from the downloaded Appian operator Helm chart: Create the appian-operator namespace: 1 kubectl create namespace appian-operator Before you install the Appian operator Helm chart in the next step, decide how you want CA certificates to be provisioned as described here. Note: Our steps below follow our preferred option of using a generated self-signed certificate with cert-manager. Install the Appian operator Helm chart: 1 2 3 4 helm --namespace appian-operator install appian-operator-<APPIAN_OPERATOR_VERSION>.tgz \ --set image.repository=<REGISTRY_HOSTNAME>/appian/appian-operator:<APPIAN_OPERATOR_VERSION> \ ... \ --wait Self-signed certificate using cert-manager install Make sure to specify the appropriate values to set the webhooks’ secret to the secret created by cert-manager and an annotation that we specified in our self-signed certificate instructions. If you changed the certificate name or secret name during the certificate creation steps, use those names here instead of appian-operator-webhooks and appian-operator-webhooks-certificate. For the mutating and validating admission webhooks, add the annotation cert-manager.io/inject-ca-from:appian-operator/<your certificate name> to webhooks.webhookConfiguration.annotations when you run helm install or helm upgrade using --set or --values options. It is also necessary to annotate the mutating and validating webhook configuration objects using the following flags, which will cause the caBundle field to be populated from a cert-manager certificate: 1 --set webhooks.webhookConfiguration.annotations."cert-manager\.io/inject-ca-from"=appian-operator/appian-operator-webhooks --set webhooks.secret=appian-operator-webhooks-certificate Here’s an example of the full Helm command that you might run: 1 2 3 4 5 helm --namespace appian-operator install appian-operator appian-operator-v0.117.0.tgz \ --set image.repository=registry.example.com/appian/appian-operator \ --set webhooks.secret=appian-operator-webhooks-certificate \ --set webhooks.webhookConfiguration.annotations."cert-manager\.io/inject-ca-from"=appian-operator/appian-operator-webhooks \ --wait Note: If the container registry where your Appian operator image resides is private, follow the instructions here to create a Secret of type docker-registry and provide the name of the Secret via the option --set imagePullSecrets={<NAME>} in the command above. If you’ve pushed the operator image with a different tag that doesn’t match the version / app version of the chart, you’ll want to include the option --set image.tag=<TAG>. This command may take a minute or two to complete. When complete, check that the correct Appian operator Deployments, ReplicaSets, and Pods were created. 1 kubectl -n appian-operator get deployments,replicasets,pods The output should be similar to: 1 2 3 4 5 6 7 8 9 10 11 NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/appian-operator-controllers 1/1 1 1 90s deployment.apps/appian-operator-webhooks 1/1 1 1 90s NAME DESIRED CURRENT READY AGE replicaset.apps/appian-operator-controllers-55cfcf74f 1 1 1 90s replicaset.apps/appian-operator-webhooks-5bd6588b95 1 1 1 90s NAME READY STATUS RESTARTS AGE pod/appian-operator-controllers-55cfcf74f-sr4jd 1/1 Running 0 90s pod/appian-operator-webhooks-5bd6588b95-7lggk 1/1 Running 0 90s For each of the operator’s controllers and webhooks, you should see a single Deployment, ReplicaSet, and Pod. Once the Pods’ STATUS are all Running, the READY column should show 1/1 within 1 minute. Note: Please note that the usage of appians below, and elsewhere, refers to multiple instances of Appian in a cluster. This pluralization follows Kubernetes conventions on resource naming. Validate that the Appian CRD installed successfully by running: 1 kubectl get crd appians.crd.k8s.appian.com The output should be similar to: 1 2 NAME CREATED AT appians.crd.k8s.appian.com 2022-03-04T12:00:00Z If you have any trouble installing the operator, see Troubleshooting Appian on Kubernetes. 2. Create the Appian site namespace If you haven’t done so already, create a new namespace in Kubernetes for your Appian site and all of its components. The namespace can have any name, though the rest of our instructions will use my-site-namespace. 1 kubectl create namespace my-site-namespace 3. Load licenses Having requested your licenses, you’ll have received a zip with two files: k3.lic and k4.lic, and a third file called appian.lic. The first two will be installed as secrets on Kubernetes, and appian.lic will be installed as a config map. Unzip the product license files. Load the product license files as secrets into Kubernetes. 1 kubectl -n my-site-namespace create secret generic k3lic --from-file=<PATH TO LICENSE>/k3.lic 1 kubectl -n my-site-namespace create secret generic k4lic --from-file=<PATH TO LICENSE>/k4.lic Create a config map for the appian.lic file via kubectl create configmap. You can name the config map as you wish: 1 kubectl -n my-site-namespace create configmap appian-lic --from-file=<PATH TO LICENSE>/appian.lic When you configure your Appian YAML below, be certain to define the name of your license config map with appianLicConfigMapName. 4. Create an Appian YAML file Note: If migrating a server-based installation of Appian into Kubernetes, use the YAML file generated by the Migration Tool's merge command instead of the one below. We’ll now configure a YAML file used as the spec to deploy the Appian CR. Download the appian.yaml file (it can also be copied from the code block below). This will serve as a template for the Appian CR spec. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 apiVersion: crd.k8s.appian.com/v1beta1 kind: Appian metadata: # USER ACTION REQUIRED - If using long-term licenses, update to match the # wildcard pattern of the licenses you were provided # https://docs.appian.com/suite/help/latest/k8s/install-appian-on-k8s.html#request-licenses name: appian spec: # https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ imagePullSecrets: [] # []string # - regcred # USER ACTION REQUIRED - Update to the Version of Low code platform that Appian runs on version: 22.1.190.0 k3LicSecretName: k3lic k4LicSecretName: k4lic appianLicConfigMapName: appian-lic # USER ACTION REQUIRED - Update to match the scheme, host, and, optionally, # port of your site # https://docs.appian.com/suite/help/latest/Post-Install_Configurations.html#configure-your-site-url url: http://myappiansite.com # https://docs.appian.com/suite/help/latest/Custom_Configurations.html#custom-properties customProperties: # map[string]string # https://docs.appian.com/suite/help/latest/resource-requests-and-limits.html#webapp conf.appserver.maxHeapSize: 3072m zookeeper: # USER ACTION REQUIRED - Update to match the coordinates of the Appian # Zookeeper container image as you pushed it to your registry image: repository: registry.example.com/appian/zookeeper replicas: 1 volumeClaimTemplateSpec: # corev1.PersistentVolumeClaimSpec # storageClassName: "" accessModes: - ReadWriteOnce resources: requests: # Configure based on your expected Zookeeper storage needs storage: 5Gi env: # []corev1.EnvVar # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#zookeeper - name: ZK_HEAP_MIN value: 128m - name: ZK_HEAP_MAX value: 256m # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#zookeeper resources: # corev1.ResourceRequirements requests: cpu: 100m memory: 307Mi # ZK_HEAP_MAX * 1.2 to account for non-heap memory limits: cpu: 200m memory: 448Mi # ZK_HEAP_MAX * 1.75 to account for non-heap memory kafka: # USER ACTION REQUIRED - Update to match the coordinates of the Appian Kafka # container image as you pushed it to your registry image: repository: registry.example.com/appian/kafka replicas: 1 volumeClaimTemplateSpec: # corev1.PersistentVolumeClaimSpec # storageClassName: "" accessModes: - ReadWriteOnce resources: requests: # Configure based on your expected Kafka storage needs storage: 5Gi env: # []corev1.EnvVar # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#kafka - name: KAFKA_HEAP_MIN value: 512m - name: KAFKA_HEAP_MAX value: 1024m # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#kafka resources: # corev1.ResourceRequirements requests: cpu: 500m memory: 1229Mi # KAFKA_HEAP_MAX * 1.2 to account for non-heap memory limits: cpu: 2000m memory: 1792Mi # KAFKA_HEAP_MAX * 1.75 to account for non-heap memory searchServer: # USER ACTION REQUIRED - Update to match the coordinates of the Appian # Search Server container image as you pushed it to your registry image: repository: registry.example.com/appian/search-server replicas: 1 volumeClaimTemplateSpec: # corev1.PersistentVolumeClaimSpec # storageClassName: "" accessModes: - ReadWriteOnce resources: requests: # Configure based on your expected Search Server storage needs storage: 5Gi env: # []corev1.EnvVar # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#search-server - name: SS_HEAP value: 1280m # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#search-server resources: # corev1.ResourceRequirements requests: cpu: 100m memory: 1.5Gi # SS_HEAP + 256Mi to account for non-heap memory limits: cpu: 200m memory: 3Gi # Double requests.memory dataServer: # USER ACTION REQUIRED - Update to match the coordinates of the Appian Data # Server container image as you pushed it to your registry image: repository: registry.example.com/appian/data-server replicas: 1 topology: rtsCount: 2 volumeClaimTemplateSpec: # corev1.PersistentVolumeClaimSpec # storageClassName: "" accessModes: - ReadWriteOnce resources: requests: # Configure based on your expected Data Server storage needs storage: 5Gi # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#data-server resources: # corev1.ResourceRequirements requests: cpu: 100m memory: 512Mi limits: cpu: 200m memory: 1Gi serviceManager: # USER ACTION REQUIRED - Update to match the coordinates of the Appian # Service Manager container image as you pushed it to your registry image: repository: registry.example.com/appian/service-manager replicas: 1 topology: analyticsExecShardCount: 3 volumeClaimTemplateSpec: # corev1.PersistentVolumeClaimSpec # storageClassName: "" accessModes: - ReadWriteOnce resources: requests: # Configure based on your expected Service Manager storage needs storage: 5Gi # https://docs.appian.com/suite/help/latest/k8s/high-availability.html # haExistingClaim: "" env: # []corev1.EnvVar # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#service-manager - name: KOMODO_DIRECT_MEM_MAX value: 512m - name: KOMODO_HEAP_MAX value: 1g # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#service-manager resources: # corev1.ResourceRequirements requests: cpu: 200m memory: 2.5Gi limits: cpu: 2000m memory: 32Gi webapp: # USER ACTION REQUIRED - Update to match the coordinates of the Appian # Webapp container image as you pushed it to your registry image: repository: registry.example.com/appian/webapp replicas: 1 # https://docs.appian.com/suite/help/latest/Post-Install_Configurations.html#configure-your-static-and-dynamic-content-urls # staticUrl: http://myappiansite-static.com # dynamicUrl: http://myappiansite-dynamic.com # Configuration for connecting to the Appian and business data sources. If # connecting to MySQL or IBM Db2, use an init container to add the # appropriate RDBMS/JDBC driver JAR to Tomcat's classpath # https://docs.appian.com/suite/help/latest/Configuring_Relational_Databases.html#provide-data-source-connection-information # https://docs.appian.com/suite/help/latest/k8s/init-and-sidecar-containers.html#using-init-containers-to-add-jars-to-tomcat's-classpath dataSources: primary: name: jdbc/AppianDS type: javax.sql.DataSource factory: org.apache.tomcat.jdbc.pool.DataSourceFactory driverClassName: org.mariadb.jdbc.Driver url: "jdbc:mariadb://mariadb-appian.my-site-namespace.svc.cluster.local:3306/AppianDS?useOldAliasMetadataBehavior=true" username: username # USER ACTION REQUIRED - Create a secret containing the password used to # connect to the data source and reference it here passwordSecretKeyRef: name: "" key: "" attributes: initialSize: "5" maxActive: "200" defaultTransactionIsolation: "READ_COMMITTED" maxWait: "30000" minIdle: "5" minEvictableIdleTimeMillis: "90000" timeBetweenEvictionRunsMillis: "450000" validationQuery: "SELECT 1" testOnBorrow: "true" business: [] # https://docs.appian.com/suite/help/latest/k8s/email.html # passwordsPropertiesSecretName: "" volumeClaimTemplateSpec: # corev1.PersistentVolumeClaimSpec # storageClassName: "" accessModes: - ReadWriteOnce resources: requests: # Configure based on your expected Webapp storage needs storage: 5Gi # https://docs.appian.com/suite/help/latest/k8s/high-availability.html # haExistingClaim: "" # https://docs.appian.com/suite/help/latest/k8s/health-check-k8s.html # healthCheckExistingClaim: "" # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#webapp resources: # corev1.ResourceRequirements requests: cpu: 100m memory: 4.5Gi limits: cpu: 1000m memory: 6Gi httpd: # USER ACTION REQUIRED - Update to match the coordinates of the Appian httpd # container image as you pushed it to your registry image: repository: registry.example.com/appian/httpd replicas: 2 # https://docs.appian.com/suite/help/latest/k8s/exposing-appian-on-k8s.html service: annotations: {} # map[string]string # https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: ClusterIP # https://docs.appian.com/suite/help/latest/k8s/exposing-appian-on-k8s.html#ingress ingress: enabled: true # USER ACTION REQUIRED - Use either the ingressClassName field or the # deprecated kubernetes.io/ingress.class annotation to refer to your desired # ingress class # https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class annotations: {} # map[string]string # kubernetes.io/ingress.class: "" # ingressClassName: "" # USER ACTION REQUIRED - Uncomment the rpa section below if you are deploying Appian RPA # rpa: # # USER ACTION REQUIRED - Update to match the version of the Appian RPA image # # that you pulled for deployment # version: 9.9.0 # # USER ACTION REQUIRED - Update to match the coordinates of the Appian # # RPA container image as you pushed it to your registry # # that you pulled for deployment # image: # repository: registry.example.com/appian/rpa # volumeClaimTemplateSpec: # accessModes: # - "ReadWriteOnce" # resources: # requests: # storage: "5Gi" # # USER ACTION REQUIRED - Update to match the hostname and port for your Appian RPA MariaDB # database: # hostname: my-rpa-mariadb # port: 3306 # schema: Rpa # # USER ACTION REQUIRED - Create a secret containing the password used to # # connect to the rpa data source and reference it here # # https://docs.appian.com/suite/help/latest/k8s/rpa-setup-on-k8s.html # credentialsSecretName: rpa-data-source-credentials # # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#rpa # properties: # # [OPTIONAL] This represents the max memory (Xmx) allocated to the JVM. If omitted, this will default to 2048 # rpa.max.memory: 4096 # # [OPTIONAL] RPA expects to have unrestricted internet access by default, set this to "offline" if that is not the case. # # If omitted, this will default to "online" # rpa.artifact.resolution: "online" # # USER ACTION REQUIRED - Update to match the url and port for your Appian RPA MariaDB # rtdo: # dataSource: # url: jdbc:mariadb://my-rpa-mariadb:3306/Rtdo # username: my-rpa-mariadb-username # passwordSecretName: rpa-data-source-credentials # # USER ACTION REQUIRED - Update to match the url and port for your Appian RPA MariaDB # rpdo: # dataSource: # url: jdbc:mariadb://my-rpa-mariadb:3306/Rpdo # username: my-rpa-mariadb-username # passwordSecretName: rpa-data-source-credentials # # USER ACTION REQUIRED - Update to match the url and port for your Appian RPA MariaDB # robotRDO: # dataSource: # url: jdbc:mariadb://my-rpa-mariadb:3306/RobotRDO # username: my-rpa-mariadb-username # passwordSecretName: rpa-data-source-credentials # # https://docs.appian.com/suite/help/latest/k8s/resource-requests-and-limits.html#rpa # resources: # requests: # cpu: 1000m # memory: 2.5Gi # limits: # cpu: 2000m At minimum, change the following field values in appian.yaml with custom values. Save the file. Key Current Value Your Value .metadata.name appian This should be the same Appian site name specified when requesting your long-term license. If you are using a temporary license, you can specify any name here, lower-case, all one word. If you intend to upgrade the temporary license on an install to a long-term license, it is easiest to keep this same name for the long-term license request. .spec.appianLicConfigMapName appian-lic Name of the ConfigMap associated with the appian.lic file. This is required for your site to start. .spec.webapp.url http://myappiansite.com Fully qualified domain name of the Appian site's URL including the scheme, host, and, optionally, port. For example: http://www.example.com:8080. For more info, see SERVER_AND_PORT in Configure your Site URL. .spec.webapp.dataSources.primary.driverClassName org.mariadb.jdbc.Driver Driver class name for your RDBMS. For examples of each of the supported databases, see Configuring Data Sources. .spec.webapp.dataSources.primary.url jdbc:mariadb://mariadb-appian.my-site-namespace.svc.cluster.local:3306/AppianDS?useOldAliasMetadataBehavior=true Appian data source connection URL of your RDBMS. For URL examples of each of the supported databases, see Configuring Data Sources. .spec.webapp.dataSources.primary.username username Plain-text username for your RDBMS connection. If you installed a new copy of MariaDB in earlier steps, this will be the username created in that step. For example: username. .spec.webapp.dataSources.primary.password password Plain-text password for your RDBMS connection. If you installed a new copy of MariaDB in earlier steps, this will be the password created in that step. For example: password. .spec.webapp.dataSources.primary.attributes.validationQuery "SELECT 1" Validation query for your RDBMS connection. For examples of each of the supported databases, see Configuring Data Sources. If you installed a new copy of MariaDB in earlier steps, this will be "SELECT 1". .spec.[COMPONENT].image.repository (Multiple fields - one field per component) registry.example.com/appian/<COMPONENT> Image location on your Docker registry of each Appian component. If you are using a custom registry, change this image for each Appian component. If you did not re-tag your images and push to a custom registry, use the current values that include registry.example.com. .spec.[COMPONENT].image.tag (Multiple fields - one field per component) Various tag values for each Appian component. The image version number for each Appian component. You can find these tags with the command: docker images <MY DOCKER REGISTRY>/appian/* For example: docker images registry.example.com/appian/* Note: It is highly recommended to configure application logging to your needs with Log4j. Instructions are located on the Customizing Application Logging page. Be sure to change any other custom values in appian.yaml spec. For a detailed reference of all allowable fields, refer to the custom resource definitions API documentation. Here are some configuration settings to consider. The Apache Web Server (httpd) component is specified in the spec, though it is optional and can be taken out if you are using another web server or don't require one. We are only specifying an Appian data source in the spec. To use Data Store Objects, you'll also want to provide at least one business data store. This is defined in the .spec.webapp.dataSources.business field. Since we use NGINX ingress controller for Appian on Kubernetes, we are setting .spec.ingress.enabled to true in the spec. See Exposing Appian Outside Kubernetes for configuration details. The .spec.[COMPONENT].resources fields in the appian.yaml spec are suggested resource values. For more on tuning these fields, see Resource Requests and Limits. As most Appian components are StatefulSets that rely on persistent storage, the .spec.[STATEFUL_COMPONENT].volumeClaimTemplateSpec fields have suggested values that define this storage. For more on these fields, see PersistentVolumeClaimSpec. The appian.yaml specifies one Pod replica per Appian component. Refer to our high availability docs for setting up multiple replicas in an HA instance of Appian. You may want to set up Horizontal Pod Autoscaling on the Apache Web Server (httpd). You may want to define custom properties for Appian using the .spec.customProperties field. Note: You will need to set the Search Server kernel settings either using an init container in the CR spec or using admin commands after the install. 5. Create the Appian site Note: If migrating a server-based installation of Appian into Kubernetes, run the Migration Tool's import command instead of creating the Appian custom resource directly. Run kubectl create to create the Appian site based on the appian.yaml: 1 kubectl create -n my-site-namespace -f <PATH TO APPIAN.YAML> It will take about 20-30 minutes for the Appian site to fully start. Check progress on the various Appian component pods with the following command. 1 kubectl -n my-site-namespace get pods The STATUS of the Appian component pods will transition from Pending to Running. When the Appian site is ready, you should see all pods have READY of 1/1 and STATUS of Running, similar to the following. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 NAME READY STATUS RESTARTS AGE appian-data-server-0 1/1 Running 0 25m appian-httpd-8658f7fdb7-k9f6j 1/1 Running 0 25m appian-httpd-bf56974d4-crv4g 1/1 Running 0 25m appian-kafka-0 1/1 Running 0 25m appian-search-server-0 1/1 Running 0 25m appian-service-manager-analytics00-0 1/1 Running 0 25m appian-service-manager-analytics01-0 1/1 Running 0 25m appian-service-manager-analytics02-0 1/1 Running 0 25m appian-service-manager-channels-0 1/1 Running 0 25m appian-service-manager-content-0 1/1 Running 0 25m appian-service-manager-download-stats-0 1/1 Running 0 25m appian-service-manager-execution00-0 1/1 Running 0 25m appian-service-manager-execution01-0 1/1 Running 0 25m appian-service-manager-execution02-0 1/1 Running 0 25m appian-service-manager-forums-0 1/1 Running 0 25m appian-service-manager-groups-0 1/1 Running 0 25m appian-service-manager-notifications-0 1/1 Running 0 25m appian-service-manager-notifications-email-0 1/1 Running 0 25m appian-service-manager-portal-0 1/1 Running 0 25m appian-service-manager-process-design-0 1/1 Running 0 25m appian-webapp-0 1/1 Running 0 25m appian-zookeeper-0 1/1 Running 0 25m Get the appians custom resource to check the status of your Appian site. 1 kubectl get -n my-site-namespace appians The STATUS of a starting site will transition from not set to Creating to Starting to Ready. The transition from not set to Creating to Starting should happen within seconds. The transition from Starting to Ready should happen within 20 to 30 minutes. Make sure the STATUS is Ready before accessing your site, similar to: 1 2 NAME URL STATUS AGE appian http://myappiansite.com Ready 25m If you have any trouble with creating the Appian site, see Troubleshooting Appian on Kubernetes. If you need to edit the Appian CR and restart, see Editing, Stopping, and Restarting. 6. Access your Appian site Newly created sites are bootstrapped with a system administrator user. This user cannot access the Admin Console. The steps below detail how to login, then create a new system administrator user that can access the Admin Console. In a browser, navigate to <URL>/suite/design/users where <URL> is the value you set in the .spec.webapp.url field of the Appian custom resource. Login as the bootstrap system administrator user with username Administrator and temporary password admin. Change the user’s password when prompted to do so. Click on the CREATE USER button to create the new user. Under Security > User Type, select System Administrator. If you haven’t configured your site to send email, make sure to manually assign a temporary password. If a temporary password is omitted, Appian will attempt to send an email to the specified email address with a randomly generated temporary password. Since the site has not yet been configured to send email, this will fail and there will be no way to recover the user’s password. Logout and login as the newly created user. Tip: To stop the Appian site, see Stopping the Appian site. Feedback Was this page helpful? SHARE FEEDBACK Loading...