Installing Privacy Dynamics

Select Cloud Provider

Helm Chart Considerations

If using only the Privacy Dynamics Installer, it is not necessary to use Helm on your own. The core Privacy Dynamics software can only be installed from the official Installer, but bundled auxiliary software is from publicly available Helm charts and the user can opt out of using the Installer for those. This may be a good choice if your organization has infrastructure requirements that differ from our defaults. We recommend any manual Helm charts be installed before using the Privacy Dynamics Installer. The auxiliary software we install is listed below, along with links to our manual installation instructions.

kube-prometheus-stack, loki, and promtail - Installing Observability Tools
external-dns - Configure DNS records
cert-manager - Create TLS Certificates

We also recommend installing kube-prometheus-stack and ingress-nginx before other charts, as they contain CRDs that other charts often utilize (e.g. ServiceMonitor, Ingress).

Install Privacy Dynamics

At first login to the KOTS Admin Console, a configuration screen will appear to gather information for installing the application and associated software. A description of each configuration option is provided below.

Privacy Dynamics Configuration

This first section configures how the Privacy Dynamics application itself will be configured.

UI Fully Qualified Domain Name
The URL for the application's user interface, it generally follows the form app.pvcy.customer.com
API Fully Qualified Domain Name
The URL for the application's API, it generally follows the form api.pvcy.customer.com

Use External PostgreSQL Database
The application is configured to use an on-cluster database for its internal settings. To use an off-cluster database instead (see instructions), check this box and supply the following connection information in the boxes that appear:
- Postgres Host
- Postgres User
- Postgres Password
- Postgres Port
- Postgres Database

Temporary storage volume size
The application will store some data temporarily during the anonymization process. All temporary data is deleted when the process completes. This specifies the amount of storage space available for that process. The default is 100 GB.
Name of the storage class used for data volume
The temporary storage must be available to all nodes simultaneously, so it must be managed by a Kubernetes StorageClass with Read-Write-Many (RWX) capabilities. This much be backed by an appropriate cloud storage provider, such as AWS EFS or Azure Files.
Number of worker CPUs to request
The number of vCPUs to allocate to the worker pod for the anonymization process. The default is 2, but can be increased to scale up your cluster's processing capacity.
Amount of RAM to allocate to the job worker (in gigabytes)
The amount of memory to allocate to the worker pod for the anonymization process. The defaul is 22 GB, but can be increased to scale up your cluster's processing capacity.

Encryption Keys

These keys are generated automatically, but can be overwrriten.

Dataframe Upload Secret
An alphanumeric encryption secret used to protect data.
Dataframe Encryption Key
32 random bytes, base-64 encoded. Also used to protect data.
Profile Upload Secret
An alphanumeric encryption secret used to encrypt data connection credentials. Changing the secret will invalidate historical job information.

Auxiliary Software

To make the install process easier, it is possible to install auxiliary software that will assist in the functioning of Privacy Dynamics software. Installation through this method is entirely optional.

Install NGINX Ingress Controller
Privacy Dynamics software assumes an NGINX ingress controller is present, this will install the standard ingress-nginx Helm chart, which will create an IngressClass called nginx and, for public clouds, can provision a load balancer. Manual instructions are available.
Install ExternalDNS
ExternalDNS connects to a public cloud DNS provider (e.g. Route 53 or Cloud DNS) to create DNS records when a new ingress is created. It uses the external-dns Helm chart from the Kubernetes SIGs community. DNS records can also be created manually, or the chart can be manually installed
Install Certificate Manager
This installs the cert-manager Helm chart from Jetstack to provision certificates from a public CA for ingresses on your cluster. The option only installs the cert-manager Operator. It can also be installed manually.
Install Loki
This is a log aggregator from Grafana Labs. It uses the loki and promtail Helm charts from Grafana. Manual installation instructions are also available.
Install Prometheus, Alertmanager, and Grafana
This installs the kube-prometheus-stack Helm chart, which will install and configure a working instance of Prometheus/Alertmanager and Grafana using the Prometheus Operator. Manual installation instructions are also available.

Auxiliary Settings

Depending on the options chosen above, various choices will appear in this next section.

Configure cert-manager ClusterIssuer
We have included the capability to create a ClusterIssuer using the ACME Issuer type with a DNS01 challenge (see the cert-manager docs for details). The default Certificate Authority is Let's Encrypt. You can decline creating the ClusterIssuer if you have different requirements, such as a preferred Certificate Authority.
Subdomain to be managed by ExternalDNS or cert-manager
This subdomain is used to configure ExternalDNS, the cert-manager ClusterIssuer, and observability Ingresses

E-mail address for correspondence with Let's Encrypt
This is used by our default ClusterIssuer and is sent to Let's Encrypt as a point of contact.
Allow Prometheus metric collection
This creates ServiceMonitors and PodMonitors to allow Prometheus to scrape metrics from auxiliary software. At present, the Privacy Dynamics application does not generate any custom metrics, though general pod metrics are available through kubelet.
Grafana Admin Password
The admin password for the Grafana instance. The defaul username is admin.
Specify custom Alertmanager notification settings
Check this box to configure Alertmanager to treat one AlertmanagerConfig object as a global (rather than namespaced) configuration. When this option is selected, another box with appear asking for the name of the AlertmanagerConfig to be marked as a global configuration.
DO NOT check this box on initial installation. An AlertmanagerConfig resource can only be created after installing the Prometheus Operator, and specifying a value here will stop Alertmanager from launching.
Automatically create Ingresses
If you are using cert-manager and our ClusterIssuer, the installer can also attempt to create the ingresses for the Privacy Dynamics application, API, KOTS Admin Console, Alertmanager, and Grafana.
Name of ingress controller
As an ingress controller is required, if you are not installing an ingress controller through the Installer, but chose to automatically create Ingresses, the name of the IngressClass to use for the Ingresses must be specified here.

Verify the application is running

Once the application is deployed, its pods will be running on the cluster. You can view them by running the command kubectl get pods -n pvcy.

analyzer-app is the front-end application.
privacy-api is the back-end application.
celery are the data-processing containers.
nginx-privacy-api is a proxy server for the back-end (privacy-api).
redis task queue.
reloader synchronizes the state of the pods if any config values are changed.
postgres-1 and postgres-2 are the internal application database.

View the application logs using: kubectl logs api-[XXX] -n pvcy. You may see migrations run on the pvcydb.

Verify API endpoint

You can make a basic HTTP request to verify that the API ingress has been setup right. This call does not need authentication.

curl https://api.pvcy.customer.com/v1/ping --insecure

{
  "result": "Ping succeeded",
  "request_id": "590ffb9d72f3230e316dd3b7cbe5a553",
  "processing_time": "0.00026s",
  "request_timestamp": 1667912466
}