Since for kubectl to access gke, now gke-gcloud-auth-plugin also needs to be installed.
I am using jenkins to deploy the changes to gke using the kubectl plugin but now after this change, not able to use the same plugin.
Can anyone suggest any jenkins plugin that can help to access gke after this change is rolled out in kubectl.
https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke
You could use google/cloud-sdk image, which has gke-gcloud-auth-plugin already pre-installed. But now before gcloud container clusters get-credentials you should run:
export USE_GKE_GCLOUD_AUTH_PLUGIN=True
Related
Refering to https://docs.gitlab.com/ee/user/clusters/agent/ci_cd_workflow.html
I installed Gitlab Agent by using helm,and the kubernetes clusters is connected,but
there is only one context when I execute
kubectl config get-contexts
* 270285107419715523-c34f80xxxxx647c08c49f1e550887388 kubernetes 27xxxx419715523
besides the Gitlab CI/CD failed
I have three questions basically.
How to create an HA rancher cluster with custom CA.
How to create kubernetes cluster using the same rancher and custom CA.
How to get etcd certificated from etc machines to monitor it on Prometheus kubertnetes over SSL.
I tried multiple forums and rancher documentation. I also tried generating certificates from rke.
I have two different problems
How to use custom certificates
How to get certificates from ectd to run this rancher kubectl -n monitoring create secret generic etcd-certs --from-file=/tmp/etcdcerts/kube-etcd.pem --from-file=/tmp/etcdcerts/kube-etcd-key.pem --from-file=/tmp/etcdcerts/kube-ca.pem
Right now I am doing scp on ectd machines to get those certificates after rancher agent runs. I want to create certificates and create a cluster with them.
You can bring in your own certificates when installing Rancher. See here for more info: https://rancher.com/docs/rancher/v2.x/en/installation/ha/helm-rancher/
When you create a Cluster in Rancher, the certificates are automatically managed for you.
Starting Rancher v2.2.x, Prometheus is integrated into Rancher. You just have to enable it in Settings. After the installation, you can access the etcd metrics by clicking the Grafana icon in the UI on the cluster page.
I saw that Opereto can be installed on a single node using docker-compose. However, I would like to scale by installing Opereto on Kubernetes. Is it supported as well?
Thanks
Opereto is now released in two delivery methods: docker-compose for a small footprint single node installation and Kubernetes cluster.
https://docs.opereto.com/installation-get-started/
You can install Opereto on any environment that supports Kubernetes vanilla. There might be some differences in the deployment commands if you use OC command instead of kubectl but it should be straight forward to work it out.
Please note, however, that Opereto requires an HTTPs ingress to be configured. Ingress configuration may be different from one K8s provided to another.
I'm having question about spinnaker-Halyard installation, Can spinnaker manage AWS cloud provider without being installed on EC2 instance?. meaning that can I install spinnaker locally and add aws account and manage pipelines
Can spinnaker manage AWS cloud provider without being installed on EC2 instance?
Spinnaker can be installed on any Ubuntu server - for example, you could run a Spinnaker instance from Google's Click to Deploy image and have it manage your EC2 account.
Spinnaker is comprised of a bunch of microservices, so running it on a local workstation may be cumbersome. I suggest dedicating a specific machine to it. Alternatively, if you're set on running it locally, you could install Halyard locally and point it to a Minikube installation on your machine.
You can setup the these many providers under your spinnaker setup
https://www.spinnaker.io/setup/install/providers/
App Engine
Amazon Web Services
Azure
Cloud Foundry
DC/OS Google
Compute Engine
Kubernetes (legacy)
Kubernetes V2 (manifest based)
Openstack Oracle
You just need to integrate your service accounts into spinnaker to authorize resource creation.
Yes It will work just you need to create service account and Need to pass kubeconfig file to spinnaker, then spinnaker handle Deployment part automatically, you need to configure spinnaker for that.
Some useful link
https://www.spinnaker.io/setup/security/authorization/service-accounts/
https://www.spinnaker.io/setup/
I have deployed the individual spinnaker components to kubernetes and when I am trying to access spinnaker through http://localhost:9000 I get an empty response from the server. I verified the configuration for clouddriver-local.yml, spinnaker-local.yml and everything seems good. Am i missing anything here? when I am trying to curl localhost:9000, I get an empty response from the server
here is the kubernetes setup info
Hi Spinnaker has evolved by this time and it should be easier to set up by now. If you want to do PoC only or deploy to small enterprise projects then i suggest you use Armory's Minnaker
Now if you want to deploy large projects to a robust and fully enhanced kubernetes cluster then that is a different story and the steps are as it follows:
Minimum 4 CPUs and 12 GB of memory
Access to an existing object storage bucket
Access to an IAM role or user with access to the bucket. (AWS IAM for AWS S3)
An existing Kubernetes Ingress controller or the permissions to install the NGINX Ingress Controller (ForDeck UI access)
Installation
Create a Kubernetes namespace for Spinnaker and Halyard
Grant the default ServiceAccount in the namespace access to the cluster-admin ClusterRole in the namespace.
Run Halyard (Spinnaker installer) as a Pod in the created namespace (with a StatefulSet).
Create a storage bucket for Spinnaker to store persistent configuration in.
Create an user (AWS IAM in case of AWS deployment) that Spinnaker will use to access the bucket (or alternately, granting access to the bucket via roles).
Rung hal client interactively in the Kubernetes Pod:
Build out the hal config YAML file (.hal/config)
Configure Spinnaker with the IAM credentials and bucket information
Turn on other recommended settings (artifacts and http artifact providers: github, bitbucket, etc)
Install Spinnaker hal deploy
Expose Spinnaker (Deck through ingress)
For more details refer to
Armory's doc
Spinnaker Distributed installation in Kubernetes
Hope the guideline helps