As a normal (non-privileged) user, I need to be able to deploy/manage the Acumos platform using the system-integration toolset without depending upon the ability to do things that only a host or cluster-admin can do, or that would typically not be allowed for normal users or cluster tenants. In this case I may have the role of an Acumos platform admin, without the role of being a host or k8s cluster admin. Examples include: users with role as a developer on a VM where the AIO will be tested, who do not have sudo permission; users with role as a k8s cluster tenant and project/namespace admin, but not a cluster-admin role.
Examples to be delivered as sub-tasks of this story:
- consider developer instance vs production instance "modes" recommendations in the following, and add documentation for them
- document host/VM ports that need to be opened for use of the Acumos platform in a developer/production mode
- separate privileged/prerequisite operations from unprivileged operations, e.g.
- host package installs or other configuration is factored out into a admin prerequisite script
- docker should be runnable by users (add user to "docker" group)
- provide a set of umbrella scripts that serve developers and admins, allowing
- admin to run the prequisites script only, or both it and the platform deployment script
- developer to run the platform deployment script
- for k8s
- authenticate under my assigned namespace for the k8s cluster
- use persistent volumes vs host-mapped volumes
- avoid any host customizations
- tools to create a pre-built, ready-to-use AIO VM image with each release
- developers can just launch the VM e.g. using virsh