Helm Umbrella Chart for Bahmni India Distro
NOTE: Below details are only relevant for cluster running on AWS EKS
Create a new IAM group for developers
aws iam create-group --group-name bahmni_eks_developers
When IAM users are added to this group then they will get full access to resources in the EKS cluster.
Create Role with trust policy (first time)
aws iam create-role --role-name BahmniEKSDeveloperRoleForIAMUsers --assume-role-policy-document file://aws/roles/BahmniEKSDeveloperRoleForIAMUsers.json
aws/policies
folder contains all custom policies applied to the AWS account.
Create a AssumeRole
policy:
aws iam create-policy --policy-name BahmniEKSDeveloperAssumeRolePolicy --policy-document file://aws/policies/BahmniEKSDeveloperAssumeRolePolicy.json
Create a BahmniEKSDeveloper
policy:
aws iam create-policy --policy-name BahmniEKSDeveloper --policy-document file://aws/policies/BahmniEKSDeveloper.json
Note the policy arns
Next, Attach the BahmniEKSDeveloperAssumeRolePolicy
to bahmni_eks_developers
group.
aws iam attach-group-policy --group-name bahmni_eks_developers --policy-arn <POLICY_ARN>
Attach the BahmniEKSDeveloper
to BahmniEKSDeveloperRoleForIAMUsers
role.
aws iam attach-role-policy --policy-arn <POLICY_ARN> --role-name BahmniEKSDeveloperRoleForIAMUsers
aws eks update-kubeconfig --name bahmni-cluster-dev
kubectl apply -f k8s-rbac/eks-developer.yaml
eksctl create iamidentitymapping \
--cluster bahmni-cluster-nonprod \
--arn arn:aws:iam::{YourAccountNumber}:role/BahmniEKSDeveloperRoleForIAMUsers \
--group eks-developer-group \
--username assume-role-user \
--no-duplicate-arns
NOTE: Below details are only relevant for cluster using database on AWS RDS
This is a one time setup. Configure your AWS CLI by following the steps here.
- Navigate to the project root directory
- Set your AWS Profile:
export AWS_PROFILE=bahmni-eks-developers
(Change the profile name if you have configured aws credentials with a different profile) - Set your AWS Region:
export AWS_REGION=ap-south-1
- Run the script
connectmysqlrds.sh
./connectmysqlrds.sh <environment-name> <application-name>
e.g
./connectmysqlrds.sh dev openmrs
The JVM metrics for OpenMRS is fetched and displayed on route /metrics
in port 8280
with the help of jmx-exporter. Information related to heap space, GC count CPU load are provided in this route, which is visualised in Grafana with the help of JVM dashboard.
- Sign in to monitoring environment
- Open Dashboards → Import
- Add the following ID (
8563
) to use JVM dashboard - Click
load
button - This would bring up the JVM dashboard containing visualised information of the JVM metrices.