Kratix commands scratch pad

kratix-scratch.md

Misc

• Promise building notes: https://gist.github.com/syntassodev/54ba656925b40e3fbf78a8f9aa550e34

Preparing Kratix for Compound Promises with Backstage plugins

🚨 VERSIONS

This doc is only for

• Kratix commit SHA d0b1cb5af8ba0bee172bb4fc69dd39e8ea9c8dd3 (image sha 26e0fad65c212b0e08b156ecebe2c6358ac7daf9)
• Kratix Marketplace commit SHA 92eaefadf5e1973857069911c78cc032b3ee73ab

Initial setup

Create platform and worker clusters on Minikube

• Add ports on the platform for MinIO and Backstage

export PLATFORM="kind-platform"
export WORKER="kind-worker"

minikube start -p $WORKER
minikube start -p $PLATFORM --ports=31337:31337,31338:31338

Set up the platform cluster

• Install Kratix on the platform cluster

kubectl --context $PLATFORM apply --filename distribution/kratix.yaml

• Install MinIO on the platform cluster

kubectl --context $PLATFORM apply --filename config/samples/minio-install.yaml

• Register MinIO with Kratix to be the local BucketStateStore

cat << EOF | kubectl --context $PLATFORM apply -f -
apiVersion: platform.kratix.io/v1alpha1
kind: BucketStateStore
metadata:
  name: minio-store
spec:
  endpoint: minio.kratix-platform-system.svc.cluster.local
  insecure: true
  bucketName: kratix
  secretRef:
    name: minio-credentials
    namespace: default
EOF

Set up the worker cluster

• Install Flux on the worker cluster for GitOps reconciliation

kubectl --context $WORKER \
  apply -f \
  hack/destination/gitops-tk-install.yaml

• Configure Flux with the MinIO storage information

cat <<EOF | kubectl --context $WORKER apply -f -
---
apiVersion: v1
kind: Secret
metadata:
  name: minio-credentials
  namespace: flux-system
type: Opaque
stringData:
  accesskey: minioadmin
  secretkey: minioadmin
---
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: Bucket
metadata:
  name: kratix-bucket
  namespace: flux-system
spec:
  interval: 10s
  provider: generic
  bucketName: kratix
  endpoint: host.minikube.internal:31337
  insecure: true
  secretRef:
    name: minio-credentials
EOF

• Create Flux Kustomizations so resources in the bucket get created on the worker cluster.

cat <<EOF | kubectl --context $WORKER apply --filename -
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
  name: kratix-workload-dependencies
  namespace: flux-system
spec:
  interval: 8s
  prune: true
  sourceRef:
    kind: Bucket
    name: kratix-bucket
  path: ./worker-cluster/dependencies
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
  name: kratix-workload-resources
  namespace: flux-system
spec:
  interval: 3s
  prune: true
  dependsOn:
  - name: kratix-workload-dependencies
  sourceRef:
    kind: Bucket
    name: kratix-bucket
  path: ./worker-cluster/resources
EOF

• Register the worker cluster with Kratix
• Tell Kratix to write to the MinIO bucket when communicating with the cluster

cat <<EOF | kubectl --context $PLATFORM apply --filename -
apiVersion: platform.kratix.io/v1alpha1
kind: Destination
metadata:
   name: worker-cluster
   labels:
    environment: dev
spec:
   stateStoreRef:
      name: minio-store
      kind: BucketStateStore
EOF

Configure Kratix to accept Compound Promise installations

• Install Flux on the platform cluster

kubectl --context $PLATFORM \
    apply -f \
    hack/destination/gitops-tk-install.yaml

• Configure Flux for the platform cluster

cat <<EOF | kubectl --context $PLATFORM apply -f -
---
apiVersion: v1
kind: Secret
metadata:
  name: minio-credentials
  namespace: flux-system
type: Opaque
stringData:
  accesskey: minioadmin
  secretkey: minioadmin
---
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: Bucket
metadata:
  name: kratix-bucket
  namespace: flux-system
spec:
  interval: 10s
  provider: generic
  bucketName: kratix
  endpoint: host.minikube.internal:31337
  insecure: true
  secretRef:
    name: minio-credentials
EOF

• Create Flux kustomizations for the platform cluster

cat <<EOF | kubectl --context $PLATFORM apply --filename -
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
  name: kratix-workload-dependencies
  namespace: flux-system
spec:
  interval: 8s
  prune: true
  sourceRef:
    kind: Bucket
    name: kratix-bucket
  path: ./platform-cluster/dependencies
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
  name: kratix-workload-resources
  namespace: flux-system
spec:
  interval: 3s
  prune: true
  dependsOn:
  - name: kratix-workload-dependencies
  sourceRef:
    kind: Bucket
    name: kratix-bucket
  path: ./platform-cluster/resources
EOF

• Register the platform cluster to also be a worker cluster with Kratix

cat <<EOF | kubectl --context $PLATFORM apply --filename -
apiVersion: platform.kratix.io/v1alpha1
kind: Destination
metadata:
  name: platform-cluster
  labels:
    environment: platform
spec:
  stateStoreRef:
    name: minio-store
    kind: BucketStateStore
EOF

Configure Backstage

• Create storage for Backstage documents

cat <<EOF | kubectl --context $PLATFORM apply --filename -
apiVersion: platform.kratix.io/v1alpha1
kind: Destination
metadata:
   name: backstage
   labels:
    environment: backstage
spec:
   stateStoreRef:
      name: minio-store
      kind: BucketStateStore
EOF

Dockerfile

FROM "mikefarah/yq:4"
RUN [ "mkdir", "/tmp/transfer" ]

ADD execute-pipeline execute-pipeline

CMD [ "sh", "-c", "./execute-pipeline"]
ENTRYPOINT []

execute-pipeline

#!/bin/sh

set -x

# Read current values from the provided resource request
export NAME=$(yq eval '.metadata.name' /input/object.yaml)

cat <<EOF > /output/backstage-component.yaml
apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
  name: namespace-${NAME}
  title: "Namespace ${NAME}"
  description: Namespace created via Namespace Promise
  annotations:
    backstage.io/kubernetes-label-selector: namespace-cr=${NAME}
  links:
  - url: https://github.com/syntasso/kratix-backstage
    title: Support
    icon: help
spec:
  type: service
  lifecycle: production
  owner: kratix-worker
  dependsOn:
    - component:default/namespace
  providesApis:
    - namespace-server-api
EOF