Core Services

Edit | Report


This page explains the jobs to be run to bring up the Core services.


1.Create a container in the Azure blob and make it public to publish content. The container name must be the same as the variable sunbird_content_azure_storage_container specified in the common.yml file present in the core inventory.

2.Switch to the Build folder and run all jobs. Set the value for github_release_tag according to the details mentioned in this page - Current Release Tags and Jenkins Jobs Reference

Running the Jobs

Note: Adhere to the following sequence when running the jobs.

DevOps Administration

Operation Name Function
Bootstrap Creates Deployer User


Build Name Function (Builds) CURRENT RELEASE TAG
Adminutils Adminutils docker image release-3.5.0
API MANAGER API manager docker image release-3.5.0
API MANAGER Echo API manager echo docker image master
Badger Badger docker image  
Cassandra Jar for migration release-3.5.0
Lms LMS service docker image release-3.5.0
Content Content service docker image release-3.5.0
Search search service docker image release-3.5.0
KnowledgeMW Knowledge-mw service docker image release-3.5.0
Learner Learner service docker image release-3.5.0
Player Player service docker image. release-3.5.0
Cert Cert service docker image release-1.1.1
EncService Envservice docker image release-1.1.1
Proxy Proxy docker image release-3.5.0
Telemetry Telemetry docker image release-2.1.0
Keycloak Keycloak zip file release-1.15_RC9
Analytics Analytics service docker image release-3.5.0
Taxonomy Taxonomy service docker image release-3.5.0


Ensure that all Artifacts are uploaded


Operation Name Function Description CURRENT RELEASE TAG
(Deploy) ApplicationES( Kubernetes folder) Provisions Elasticsearch 6.2.3 version used by core services From the Deploy Folder, Deploy ApplicationES provisions for the Elasticsearch and creates indices necessary for Sunbird Core release-3.5.0
ESMapping (Under OpsAdministarion. Provide the value as all for job parameter indices_name) Creates Elasticsearch indexes Creates the specific index with its mapping or all indices which will be used by our sunbird app release-3.5.0
Postgres Provisions for Postgres Provisions the Postgres instance release-3.5.0
PostgresDbUpdate Creates the databases, assigns roles and creates users Creates a schema with DB’s, Tables release-3.5.0 Perform Kong migration once db update is done, steps are mentioned in the kong migration section
EsReindexing (Under OpsAdministario, parameters should be esHost: es ip, oldIndex: certreg, newIndex: certv2, aliasName: certs, indexFileLocation: sunbird-es-utils/src/main/resources/reindexing/indices/certreg_indices.json, mappingFileLocation: sunbird-es-utils/src/main/resources/reindexing/mappings/certreg_mappings.json) release-3.5.0


Operation Name Function Description CURRENT RELEASE TAG
BootstrapMinimal creating the namespace for kubernetes orchestration and also Bootstrap minimal create docker registry secrets and nginx ssls also Creates namespace for the core service release-3.5.0
nginx-private-ingress xxxx xxxx release-3.5.0
API Manager Deploys the API manager Kong and API manager Echo Manages consumers and APIs of sunbird release-3.5.0
OnboardAPIS Onboards all API’s to Sunbird onboards sunbird API’s release-3.5.0
OnboardConsumers Onboards sunbird consumers onboards sunbird consumers release-3.5.0
Update core_vault_sunbird_api_auth_token, core_vault_kong__test_jwt and core_vault_sunbird_ekstep_api_key with the jwt token from the Jenkins output of api-management-test-user if you are using the Knowledge Platform and Data Pipeline along with core Generates user specific key Onboards new consumer to Sunbird and generates the consumer specific API key  
(Provision) Cassandra Provisions Cassandra and create keyspaces required for Sunbird Core Provisions Cassandra and creates keyspaces and performs migration release-3.5.0
Cassandra Performs keyspace schema migration Performs migration if required. Deploy this thrice by choosing different zip files using the build_number parameter. Ensure that you get a success message for the Cassandra migration on the Jenkins console output. Do not rely only on the red or green status indicator on Jenkins job release-3.5.0
(Provision) Keycloak Install dependencies for keycloak Provisions Keycloak by installing prerequisites like Java and environment variables release-3.5.0
Keycloak Deploys Keycloak service to VM Centralized user management for sunbird release-3.5.0
KeycloakRealm(Core folder) User management -Creates sunbird realm Creates a Sunbird Realm. After the Sunbird realm is created, configure Keycloak by using the steps mentioned in the Keycloak Configuration section release-3.5.0
Adminutil Deploys the Adminutil container Creates tokens for the sunbird devices release-3.5.0
Player UI for sunbird Deploys portal UI release-3.5.0
Learner Deploys the Learner Service Handles user management and helps to search org release-3.5.0 before deploying learner service Create root org by using the steps mentioned in the Create Org section below
Content Deploys content service Helps to create content release-3.5.0
Search Deploys the search service artefacts and starts the search service   release-3.5.0
KnowledgeMW Deploys knowledgemw service Deploys the knowledgemw service release-3.5.0
Lms Deploys LMS Service Provides the APIs for LMS functionality of Sunbird release-3.5.0
EncService Deploys enc service Encrypts and decrypt the keys to generate certificate release-3.5.0
Cert Deploys cert services Issues certificates release-3.1.0
Telemetry Aggregates and send telemetry data to kafka Telemetry management service release-3.5.0
Analytics Deploys Analytics service Deploys Analytics service release-3.5.0
Taxonomy Deploys Taxonomy service Deploys Taxonomy service release-3.5.0 after deploying taxonomy service create master category and run definition scripts by using the steps mentioned in Create master category section
nginx-public-ingress Deploys Proxy service Deploys Nginx release-3.5.0
BootstrapMinimal creating the namespace for kubernetes orchestration and also Bootstrap minimal create docker registry secrets and nginx ssls also Creates namespace for the core service release-3.5.0

Keycloak Configuration

Note: From release-2.0.0 keycloak admin portal is disabled from public internet. You must tunnel the port in to the local machine via ssh tunnelling.
ssh -L 8080:localhost:8080 ops@~keycloak-ip-address~
You can access keycloak via localhost:8080

Step Action
1 Login to Keycloak using the user name admin and password as given in the private secrets.yml file. Or, login to keycloak using <localhost:8080>/auth
2 Navigate to Sunbird Realm > Realm Settings > Keys. Click Public Key. Copy the key value that you see and update the variable core_vault_sso_public_key
3 Creating keycloak federation Deployment Steps for Keycloak User Federation
4 Creating keycloak lms client Creation Steps for Keycloak lms client
5 Create Keycloak Password policy: navigate to Authentication > Password Policy > from add policy drop down select Hashing Iterations, Minimum Length, Special Characters, Uppercase Characters, Lowercase Characters
6 Get the value for variable adminutil_refresh_token_public_key_kid Steps to get the value for variable

Note: If the Cassandra migration fails, run the query manually to set the corresponding version for the failed migration to True


SELECT * from sunbird.cassandra_migration_version;

Check the rows for which the value in the success column is False. The following is an example -

1.80 | 180685665 | cassandra | 4 | null | 2019-12-01 13:58:52.401000+0000 | 136 | V1.80_cassandra.cql | False | CQL | 80

Run the update query for each row separately

update sunbird.cassandra_migration_version set success=True where version ='1.80';

Verify that all the values in the success column are True and rerun the Jenkins job again with same zip file and tag

Once this succeeds, use the second zip file and tag to deploy again

The current migration version is 1.88. The output of the Jenkins job should be as follows -

Migrating keyspace Sunbird to version 1.88 - Cassandra Successfully applied 3 migrations to keyspace sunbird (execution time 00:20.547s). Migration Completed at ==1571996508540

Create Root org

     # Create root org
      # cqlsh
      INSERT INTO sunbird.organisation (id,channel,orgname,hashtagid,isrootorg) values ('1234567890','default', 'default','1234567890',true);
      # from Elastic search
      # Sync to es
      curl -X PUT "localhost:9200/org/_doc/1234567890?pretty" -H 'Content-Type: application/json' -d'
        "id": "1234567890",
        "channel": "default",
        "orgname": "default",
        "hashtagid": "1234567890",
        "isrootorg": true
      # Insert in to system settings
      INSERT INTO sunbird.system_settings (id,field,value) values ('custodianOrgId','custodianOrgId','1234567890');
      INSERT INTO sunbird.system_settings (id,field,value) values ('custodianOrgChannel','custodianOrgChannel','1234567890');

Knong migration

     set or export postgres variables
   export PG_HOST="postgres ip"         
   export PG_USER="postgres"                    
   export PGPASSWORD="pgpassword"   #  copy value from core_vault_postgres_password variable       
   export PG_DB="kong db name"   # by default db name will be api_manager_, verify in postgres database for knong db name              
   docker run --name kong-migration \
   -e ""KONG_DATABASE=postgres"" \
   -e ""KONG_PG_HOST=$PG_HOST"" \
   -e ""KONG_PG_USER=$PG_USER"" \
   -e ""KONG_PROXY_ACCESS_LOG=/dev/stdout"" \
   -e ""KONG_ADMIN_ACCESS_LOG=/dev/stdout"" \
   -e ""KONG_PROXY_ERROR_LOG=/dev/stderr"" \
   -e ""KONG_ADMIN_ERROR_LOG=/dev/stderr"" \
   -e ""KONG_ADMIN_LISTEN="" \
   -p 8000:8000 \
   -p 8001:8001 \
   kong:0.14.1 kong migrations up --vv

Create master category

1.login to taxonomy service container and execute the curl commands to create master category. curl commands are availabe in the file master_category_create

2.Replace the host to http://localhost:9000 while running

3.Run other defintion scripts from taxonomy service definition-scripts Since master_category_create is already ran do not run again.

Edit | Report