Deploying on bare metal

In order to make it possible to run Drogue Cloud in other environments, we provide a drogue-cloud-server binary to run a single or multiple Drogue Cloud services. This does not require Kubernetes or containers to run.

You do need to have running instances of Kafka, Keycloak and PostgreSQL in order to use this form of deployment.

Pre-requisites

The binary assumes the following services being available locally by default:

  • Kafka bootstrap: localhost:9092

  • Keycloak:

  • PostgreSQL

    • Database name: drogue

    • Database user: admin

    • Database password: admin123456

Have a look at the --help options for other ways to configure it.

(Optional) Starting pre-requisites

You thought you didn’t need containers, HAH! Well, to make it simpler to get the prerequisites running, here is a docker compose file for running them and making them available at the above ports:

version: "3.9"
services:
  postgres:
    image: docker.io/bitnami/postgresql:15
    environment:
      - POSTGRESQL_USERNAME=admin
      - POSTGRESQL_PASSWORD=admin123456
      - POSTGRESQL_DATABASE=drogue
    ports:
      - "5432:5432"
    volumes:
      - type: bind
        source: ./initdb
        target: /docker-entrypoint-initdb.d

  kafka:
    image: docker.io/bitnami/kafka:3.3.1
    ports:
      - "9092:9092"
    environment:
      - KAFKA_ENABLE_KRAFT=yes
      - ALLOW_PLAINTEXT_LISTENER=yes
      - KAFKA_CFG_BROKER_ID=1
      - KAFKA_CFG_PROCESS_ROLES=broker,controller
      - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=1@127.0.0.1:9093
      - KAFKA_CFG_LISTENERS=PLAINTEXT://:9092,CONTROLLER://:9093
      - KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT
      - KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER
      - KAFKA_CFG_ADVERTISED_LISTENERS=PLAINTEXT://127.0.0.1:9092

  keycloak:
    image: quay.io/keycloak/keycloak:20.0.0
    command: start-dev
    environment:
      - KEYCLOAK_ADMIN=admin
      - KEYCLOAK_ADMIN_PASSWORD=admin123456
      - KEYCLOAK_DB=dev-file
    ports:
      - "8081:8080"
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8080"]
      interval: 10s
      timeout: 5s
      retries: 5

Running

Make sure all dependencies are running correctly. To start the drogue server, run:

drogue-cloud-server run --enable-all

This will perform the following steps:

  • Migrate database schema

  • Create Keycloak OIDC clients

  • Start all drogue services

You should be able to connect to the local drogue instance using the drg client:

drg login http://localhost:10001

Enabling TLS

To enable TLS for the protocol endpoints, you can pass the certificate and key using --server-cert and --server-key.