Banzai Cloud Pipeline is an application platform with many services, some of which are optional. The quick start guides use the default configuration of the platform’s components, but you may need to configure the system to your specific requirements.

Edit your Pipeline configuration πŸ”—︎

To customize your Banzai Cloud Pipeline platform configuration, complete the following steps.

  1. Find the configuration file of your Banzai Cloud Pipeline installation. By default, it is the ~/.banzai/pipeline/<workspace>/values.yaml file. The name of the workspace is default by default.
  2. Open the configuration file. You can customize settings and enable or disable components and services by editing this file. To customize the configuration of a component, add a section with the name of the component to the file. The banzai cli tool automatically passes any parameters in this section to the related component, overriding its default settings.
  3. For your changes to take effect, run the banzai pipeline up [--workspace=default] command and confirm the deployment plan offered.

Let’s take a look at the components and their essential configuration.

Cloudinfo πŸ”—︎

Cloudinfo collects and organizes the offers of popular cloud providers. It maintains an up-to-date and region-aware list of services (compute, network, and so on) from the configured cloud providers and the company-specific data centers. Its configuration makes decisions about which providers and offers are available at the given site. Cloudinfo serves data essential for other components, like the available instance types, regions, endpoints, or the costs associated with the available resources.

Open source installations and the Banzai Cloud Pipeline developer preview use the publicly available Cloudinfo service hosted by Banzai Cloud. Banzai Cloud Enterprise installations can run Cloudinfo locally.

Recommender πŸ”—︎

Telescopes is a recommender, it recommends optimal cluster layouts for the user requirements based on the information collected by Cloudinfo. Telescopes takes generic requirements like number of CPUs and amount of memory, and recommends cluster layouts of different cloud providers based on overall price and value.

Open source installations and the Banzai Cloud Pipeline developer preview use the publicly available Telescopes service hosted by Banzai Cloud. Banzai Cloud Enterprise installations can run Telescopes locally.

Secret store πŸ”—︎

Secrets are used everywhere in Banzai Cloud Pipeline: for interactions with cloud providers, Kubernetes clusters, or for applications deployed to the clusters. The platform uses a central Vault service to securely store and manage secrets.

By default, the Vault service uses the database backend of the platform.

Authentication πŸ”—︎

Banzai Cloud Pipeline uses the Dex OpenID Connect gateway (maintained by Banzai Cloud) to authenticate and authorize users connecting to Pipeline or the clusters’ API servers. It supports SAML 2.0.

The default Banzai Cloud Pipeline installation accepts a static credential (with a random generated password), which is good for a test drive. Production deployments should set up an authentication provider, or alternatively use an existing instance of Dex within the organization.

Another popular authentication provider is Github: see GitHub OAuth based authentication. For enterprise authentication provider integrations, contact us.

CI/CD πŸ”—︎

Pipeline can integrate to external CI/CD engines to run jobs on clusters managed by Pipeline. If you are interested in integrating Pipeline to your CI/CD solution, contact us.

Image scan πŸ”—︎

The image vulnerability scan service can scan Docker images for vulnerabilities before they are deployed, and prevent the deployment of images containing vulnerabilities. Pipeline uses the Anchore engine for vulnerability scans.

Open source installations and the Banzai Cloud Pipeline developer preview use a publicly available Anchore Open Source installation. Banzai Cloud Enterprise installations can run Anchore locally, or use an external Anchore engine, for example, Anchore Enterprise.

You can enable the security scan feature with the following values.yaml snippet:

anchore:
  enabled: true
ui:
  featureSet:
    menuSecurityScan: true
    menuGroupSecurity: true

Web UI πŸ”—︎

The web user interface of the Pipeline platform, which uses the APIs exposed by Pipeline.

Note: The web interface supports recent releases of the Apple Safari, Google Chrome, Mozilla Firefox browsers. Use the desktop edition.

Database backend πŸ”—︎

Pipeline components store all non-reproducible data Pipeline in a relational databases for persistence. The default setup deploys and configures a PostgreSQL instance to the cluster that runs Banzai Cloud Pipeline.

The platform also supports MySQL, as well as other external database services, including, Amazon RDS and Aurora.