bgrant0607/simplens-helm-fork

## simplens-helm-fork
Fork https://github.com/nghnam/kube-common-setup
git clone https://github.com/<user>/kube-common-setup
git remote add upstream https://github.com/nghnam/kube-common-setup
git remote set-url --push upstream no-push
git checkout -b patched –no-track
cd templates
vi namespace.yaml
Copy 6 labels lines and change to annotations: .,$s/labels/annotations/
git commit -a
git push origin patched
Create new repo ns-values
git clone https://github.com/<user>/ns-values
cd ns-values
git remote -v
cp ../kube-common-setup/values.yaml .
more values.yaml
What does isolated mean? dockerconfigjson?
grep isolated templates/*.yaml
grep dockerconfigjson templates/*.yaml
cd ..
helm template test kube-common-setup -f ns-values/values.yaml --output-dir test
ls test/k8s-common/templates/
cat test/k8s-common/templates/isolate-network-policies.yaml
cat test/k8s-common/templates/regcreds.yaml
rm -rf test
Change ns-values/values.yaml to backend[123] with label istio-injection: enabled and annotation network-type: mesh. Also 3 service accounts, 1 for each namespace and rolebinding
helm template test kube-common-setup -f ns-values/values.yaml --output-dir test
ls test/k8s-common/templates/
cat test/k8s-common/templates/namespaces.yaml
cat test/k8s-common/templates/role-bindings.yaml
There’s a bug – refers to the iam namespace in the subject. That was hardcoded in the template. Also, the name is app-admin-app-admin. Redundant. Fixing that would require more significant changes. For now, will just change to same namespace as the RoleBinding. Also, the chart uses an old API version for the RoleBinding. Update it to v1.
cd kube-common-setup/templates
vi role-bindings.yaml
Change iam to {{ .namespace }}
git commit -a
git push origin patched
cd ../..
rm -rf test
helm template test kube-common-setup -f ns-values/values.yaml --output-dir test
cd test/k8s-common/templates/
cat role-bindings.yaml
cd -
cd ns-values
git status
git add values.yaml
git commit
git push origin main
cd ..
helm install mysetup kube-common-setup -f ns-values/values.yaml
Could set up GitOps instead. For now, will have to helm upgrade by hand.
Can see the namespaces in the dashboard.
cd ns-values
Remove all namespaces and SAs from values.yaml by making empty lists
git commit -a
git push origin main
cd ..
helm upgrade mysetup kube-common-setup -f ns-values/values.yaml
helm uninstall mysetup
	Fork https://github.com/nghnam/kube-common-setup
	git clone https://github.com/<user>/kube-common-setup
	git remote add upstream https://github.com/nghnam/kube-common-setup
	git remote set-url --push upstream no-push
	git checkout -b patched –no-track
	cd templates
	vi namespace.yaml
	Copy 6 labels lines and change to annotations: .,$s/labels/annotations/
	git commit -a
	git push origin patched
	Create new repo ns-values
	git clone https://github.com/<user>/ns-values
	cd ns-values
	git remote -v
	cp ../kube-common-setup/values.yaml .
	more values.yaml
	What does isolated mean? dockerconfigjson?
	grep isolated templates/*.yaml
	grep dockerconfigjson templates/*.yaml
	cd ..
	helm template test kube-common-setup -f ns-values/values.yaml --output-dir test
	ls test/k8s-common/templates/
	cat test/k8s-common/templates/isolate-network-policies.yaml
	cat test/k8s-common/templates/regcreds.yaml
	rm -rf test
	Change ns-values/values.yaml to backend[123] with label istio-injection: enabled and annotation network-type: mesh. Also 3 service accounts, 1 for each namespace and rolebinding
	helm template test kube-common-setup -f ns-values/values.yaml --output-dir test
	ls test/k8s-common/templates/
	cat test/k8s-common/templates/namespaces.yaml
	cat test/k8s-common/templates/role-bindings.yaml
	There’s a bug – refers to the iam namespace in the subject. That was hardcoded in the template. Also, the name is app-admin-app-admin. Redundant. Fixing that would require more significant changes. For now, will just change to same namespace as the RoleBinding. Also, the chart uses an old API version for the RoleBinding. Update it to v1.
	cd kube-common-setup/templates
	vi role-bindings.yaml
	Change iam to {{ .namespace }}
	git commit -a
	git push origin patched
	cd ../..
	rm -rf test
	helm template test kube-common-setup -f ns-values/values.yaml --output-dir test
	cd test/k8s-common/templates/
	cat role-bindings.yaml
	cd -
	cd ns-values
	git status
	git add values.yaml
	git commit
	git push origin main
	cd ..
	helm install mysetup kube-common-setup -f ns-values/values.yaml
	Could set up GitOps instead. For now, will have to helm upgrade by hand.
	Can see the namespaces in the dashboard.
	cd ns-values
	Remove all namespaces and SAs from values.yaml by making empty lists
	git commit -a
	git push origin main
	cd ..
	helm upgrade mysetup kube-common-setup -f ns-values/values.yaml
	helm uninstall mysetup