Spinnaker.md

Create Ubuntu 16.04 VM

Install Docker with specific version 18.06 (That is supported by minikube)

sudo apt-get update

sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg-agent \
    software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

sudo apt-key fingerprint 0EBFCD88

sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) \
   stable"

apt-get update && apt-get install docker-ce=18.06.0~ce~3-0~ubuntu

• Install kubectl

apt-get update && apt-get install -y apt-transport-https
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update 
apt-get install -y kubectl socat

Install Minikube 0.32.0.

curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.32.0/minikube-linux-amd64 && chmod +x minikube && sudo cp minikube /usr/local/bin/ && rm minikube

• Start Minikube

minikube config set embed-certs true
minikube start --vm-driver none

• Check the status of Minikube and list nodes

minikube status

minikube: Running
cluster: Running
kubectl: Correctly Configured: pointing to minikube-vm at 158.88.151.123

kubectl get nodes

NAME       STATUS   ROLES    AGE   VERSION
minikube   Ready    master   7m    v1.12.0

• Later, in the tutorial we would need to attach volumes to our pods. Kubernetes can do dynamic volume provisioning using StorageClass, which gets setup to hostPath with minikube. Let's verify that.

kubectl get storageclass

NAME                 PROVISIONER                AGE
standard (default)   k8s.io/minikube-hostpath   41s

Step 2: Copy the kubeconfig file of your k8s cluster (Minikube ruining on Do) to your local workstation. and follow all the following steps on your local workstation at $HOME/.kube/config location. Install kubectl your local workstation.

Install kubectl on your local workstation using this reference https://kubernetes.io/docs/tasks/tools/install-kubectl/

Step 3: Install Helm on your local Workstation and init the tiller pod. [Follow these steps on your Local Workstation]

• Setup Helm Package Manager for Kubernetes

• Also later in the article, we will use Helm; which is a package manager for Kubernetes. So lets setup the Helm, as we did in the earlier webinar.

• Download Helm installation script. Change the permission of the script and execute the script using following commands.

curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > get_helm.sh
chmod 700 get_helm.sh
./get_helm.sh

• Lets create Service account tiller and RBAC rule for tiller service account.

Service Accounts Kubernetes enables access control for workloads by providing Service Accounts. A service account represents an identity for processes that run in a pod. When a process is authenticated through a service account, it can contact the API server and access cluster resources. If a pod doesn’t have an assigned service account, it gets the default service account.

cat rbac_helm.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system

  - kind: User
    name: "admin"
    apiGroup: rbac.authorization.k8s.io

  - kind: User
    name: "kubelet"
    apiGroup: rbac.authorization.k8s.io

  - kind: Group
    name: system:serviceaccounts
    apiGroup: rbac.authorization.k8s.io

• Deploy above configuration.

kubectl apply -f rbac_helm.yaml 

• Initialize the Helm.

helm init --service-account tiller 

• Verify tiller pod is running in the kube-system namespace.

kubectl --namespace kube-system get pods | grep tiller