Updated idpbuilder install document
This commit is contained in:
parent
d14bbf9a94
commit
a847eea426
1 changed files with 76 additions and 15 deletions
|
|
@ -7,17 +7,17 @@ weight = 1
|
|||
|
||||
The idpbuilder uses KIND as Kubernetes cluster. It is suggested to use a virtual machine for the installation. MMS Linux clients are unable to execute KIND natively on the local machine because of network problems. Pods for example can't connect to the internet.
|
||||
|
||||
Windows and Mac users already utilize a virtual machine for the Linux environment.
|
||||
Windows and Mac users already utilize a virtual machine for the Docker Linux environment.
|
||||
|
||||
### Prerequisites
|
||||
|
||||
- Docker
|
||||
- Docker Engine
|
||||
- Go
|
||||
- kubectl
|
||||
|
||||
### Build process
|
||||
|
||||
To build idpbuilder the source code can be downloaded and compiled:
|
||||
For building idpbuilder the source code needs to be downloaded and compiled:
|
||||
|
||||
```
|
||||
git clone https://github.com/cnoe-io/idpbuilder.git
|
||||
|
|
@ -37,7 +37,7 @@ To start the idpbuilder binary execute the following command:
|
|||
|
||||
### Logging into ArgoCD
|
||||
|
||||
At the end of the idpbuilder execution a link is shown to of the installed ArgoCD. The credentianls for access can be obtained by executing:
|
||||
At the end of the idpbuilder execution a link of the installed ArgoCD is shown. The credentianls for access can be obtained by executing:
|
||||
|
||||
```
|
||||
./idpbuilder get secrets
|
||||
|
|
@ -74,7 +74,7 @@ CNOE provides two implementations of an IDP:
|
|||
- Amazon AWS implementation
|
||||
- KIND implementation
|
||||
|
||||
Both are not useable to run on bare metal or an OSC instance. The Amazon implementation is complex and make suse of Terraform which is currently not supported by either base metal or OSC. Therefore the KIND implementation is used and customized to support the idpbuilder installation. The idpbuilder is doing some magic which needs to be replicated.
|
||||
Both are not useable to run on bare metal or an OSC instance. The Amazon implementation is complex and makes use of Terraform which is currently not supported by either base metal or OSC. Therefore the KIND implementation is used and customized to support the idpbuilder installation. The idpbuilder is also doing some network magic which needs to be replicated.
|
||||
|
||||
Several prerequisites have to be provided to support the idpbuilder on bare metal or the OSC:
|
||||
|
||||
|
|
@ -84,11 +84,11 @@ Several prerequisites have to be provided to support the idpbuilder on bare meta
|
|||
|
||||
### Prerequisites
|
||||
|
||||
Talos Linux is choosen for an bare metal Kubernetes instance.
|
||||
Talos Linux is choosen for a bare metal Kubernetes instance.
|
||||
|
||||
- talosctl
|
||||
- Go
|
||||
- Docker
|
||||
- Docker Engine
|
||||
- kubectl
|
||||
- kustomize
|
||||
- helm
|
||||
|
|
@ -142,9 +142,9 @@ sudo systemctl enable nginx
|
|||
sudo systemctl restart nginx
|
||||
```
|
||||
|
||||
#### VS Code launch settings for idpbuilder
|
||||
#### Building idpbuilder
|
||||
|
||||
First build idpbuilder from source code:
|
||||
For building idpbuilder the source code needs to be downloaded and compiled:
|
||||
|
||||
```
|
||||
git clone https://github.com/cnoe-io/idpbuilder.git
|
||||
|
|
@ -154,11 +154,12 @@ go build
|
|||
|
||||
The idpbuilder binary will be created in the current directory.
|
||||
|
||||
Then open the folder in VS Code:
|
||||
#### Configure VS Code launch settings
|
||||
|
||||
Open the idpbuilder folder in VS Code:
|
||||
|
||||
```
|
||||
code .
|
||||
cd ..
|
||||
```
|
||||
|
||||
Create a new launch setting. Add the `"args"` parameter to the launch setting:
|
||||
|
|
@ -190,9 +191,49 @@ talosctl cluster create
|
|||
#### Install local path privisioning (storage)
|
||||
|
||||
```
|
||||
mkdir -p localpathprovisioning
|
||||
cd localpathprovisioning
|
||||
cat > localpathprovisioning.yaml <<EOF
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- github.com/rancher/local-path-provisioner/deploy?ref=v0.0.26
|
||||
patches:
|
||||
- patch: |-
|
||||
kind: ConfigMap
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: local-path-config
|
||||
namespace: local-path-storage
|
||||
data:
|
||||
config.json: |-
|
||||
{
|
||||
"nodePathMap":[
|
||||
{
|
||||
"node":"DEFAULT_PATH_FOR_NON_LISTED_NODES",
|
||||
"paths":["/var/local-path-provisioner"]
|
||||
}
|
||||
]
|
||||
}
|
||||
- patch: |-
|
||||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
name: local-path
|
||||
annotations:
|
||||
storageclass.kubernetes.io/is-default-class: "true"
|
||||
- patch: |-
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: local-path-storage
|
||||
labels:
|
||||
pod-security.kubernetes.io/enforce: privileged
|
||||
EOF
|
||||
kustomize build | kubectl apply -f -
|
||||
rm localpathprovisioning.yaml kustomization.yaml
|
||||
cd ..
|
||||
rmdir localpathprovisioning
|
||||
```
|
||||
|
||||
#### Install an external load balancer
|
||||
|
|
@ -200,8 +241,28 @@ cd ..
|
|||
```
|
||||
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.14.8/config/manifests/metallb-native.yaml
|
||||
sleep 50
|
||||
kubectl -n metallb-system apply -f pool-1.yml
|
||||
kubectl -n metallb-system apply -f l2advertisement.yml
|
||||
|
||||
cat <<EOF | kubectl apply -f -
|
||||
apiVersion: metallb.io/v1beta1
|
||||
kind: IPAddressPool
|
||||
metadata:
|
||||
name: first-pool
|
||||
namespace: metallb-system
|
||||
spec:
|
||||
addresses:
|
||||
- 10.5.0.20-10.5.0.130
|
||||
EOF
|
||||
|
||||
cat <<EOF | kubectl apply -f -
|
||||
apiVersion: metallb.io/v1beta1
|
||||
kind: L2Advertisement
|
||||
metadata:
|
||||
name: homelab-l2
|
||||
namespace: metallb-system
|
||||
spec:
|
||||
ipAddressPools:
|
||||
- first-pool
|
||||
EOF
|
||||
```
|
||||
|
||||
#### Install an ingress controller which uses the external load balancer
|
||||
|
|
@ -238,7 +299,7 @@ Then, in VS Code, switch to main.go in the root directory of the idpbuilder and
|
|||
|
||||
#### Logging into ArgoCD
|
||||
|
||||
At the end of the idpbuilder execution a link is shown to of the installed ArgoCD. The credentianls for access can be obtained by executing:
|
||||
At the end of the idpbuilder execution a link of the installed ArgoCD is shown. The credentianls for access can be obtained by executing:
|
||||
|
||||
```
|
||||
./idpbuilder get secrets
|
||||
|
|
@ -274,7 +335,7 @@ Required:
|
|||
|
||||
- Add *.cnoe.localtest.me to the Talos cluster DNS, pointing to the host device IP address, which runs nginx.
|
||||
|
||||
- Create a SSL certificate with `cnoe.localtest.me` as common name. Edit the nginx config to load this certificate. Configure idpbuilder to distribute this certificate instead of the one idpbuilder distributed by idefault.
|
||||
- Create a SSL certificate with `cnoe.localtest.me` as common name. Edit the nginx config to load this certificate. Configure idpbuilder to distribute this certificate instead of the one idpbuilder distributes by idefault.
|
||||
|
||||
Optimizations:
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue