Deployment Guide¶

This section provides step-by-step instructions for deploying each Orcastra platform component across four virtual machines.

Deployment Order¶

Sequential Deployment Required

Deploy in the order below. Each VM depends on configuration values generated by the previous VM.

graph LR
    A["VM 1<br/>Authentik"] -->|Client ID, Secret,<br/>API Token| D["VM 4<br/>Dashboard"]
    B["VM 2<br/>Vault"] -->|Dashboard Token| D
    B -->|Audit Logs| C["VM 3<br/>OpenSearch"]
    C -->|Fluent Bit Password| D

VM Overview¶

Guide	Component	Purpose
VM 1 - Authentik	Authentik SSO	Identity provider, OAuth2/OIDC, role groups
VM 2 - Vault	HashiCorp Vault	Secret engine, PKI CA, audit logging
VM 3 - OpenSearch	OpenSearch	Log aggregation, dashboards, index templates
VM 4 - Dashboard	Orcastra Dashboard	Web application, API, Fluent Bit sidecar

Common: Docker Installation¶

VMs 1, 3, and 4 require Docker. The installation steps below are referenced by each guide.

Add Docker Repository¶

# Add Docker's official GPG key
sudo apt update
sudo apt install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg \
  -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources
sudo tee /etc/apt/sources.list.d/docker.sources <<EOF
Types: deb
URIs: https://download.docker.com/linux/ubuntu
Suites: $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}")
Components: stable
Signed-By: /etc/apt/keyrings/docker.asc
EOF

Install Docker Engine¶

sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io \
  docker-buildx-plugin docker-compose-plugin

Verify Installation¶

sudo systemctl status docker

Network Issues

If you see curl: (6) Could not resolve host: download.docker.com, retry the command. DNS resolution in LXD containers may take a moment after boot.

LXD Overlay Storage Fix

If docker compose up -d fails with a mount error, install fuse-overlayfs and configure Docker:

apt-get update && apt-get install fuse-overlayfs -y
cat > /etc/docker/daemon.json <<EOF
{
  "storage-driver": "fuse-overlayfs"
}
EOF
systemctl restart docker

Found an issue or have a suggestion? Open an issue on GitHub →