POC URLS

gistfile1.txt

test

May_18

Harbor Proxy Cache Configuration:

- [ ] Configure Caching for docker hub

---------------------------------------------------------------------------------------------------------

Configure TKGs Clusters  to trust the Harbor Instance

	- [ ] openssl s_client -connect 10.173.13.84:443               
		1. CONNECTED(00000003)
	
	- [ ] Copy the -----BEGIN CERTIFICATE----- to  -----END CERTIFICATE-----
	- [ ] https://base64.guru/converter/encode/text
	- [ ] Now Switch to the Namespace CONTEXT of the Namespace you want to configure.
		- [ ] k config use-context first-alb
			- [ ] Switched to context "first-alb".
		- [ ] k edit tkgServiceConfiguration           
			- [ ] 
			- [ ] tkgserviceconfiguration.run.tanzu.vmware.com/tkg-service-configuration edited
		- [ ] This will ONLY Take effect for NEW CLUSTERS deployed not existing.
		
		- [ ] To have it take effect, create a new cluster and test
			- [ ] k apply -f tkg-small-7u2.yaml
				- [ ] tanzukubernetescluster.run.tanzu.vmware.com/tkg-cluster-2 created
			- [ ] docker pull harbor.tpmlab.vmware.com/library/nginx:stable-alpine
---------------------------------------------------------------------------------------------------------

TEST Proxy Cache
	- [ ] For Single level Repositories like elasticsearch in the root (not in an ORG in Docker Hub)
		- [ ] kubectl run harbor-elastic-2 --image=harbor.tpmlab.vmware.com/proxy/library/elasticsearch:7.12.0
			
	- [ ] For Repositories inside an ORG or multilevel you can omit the "library" in the pull or run statement
	
		- [ ] kubectl run redis1 --image=harbor.tpmlab.vmware.com/proxy/bitnami/redis:5.0.12-debian-10-r42
			
Setup helm
	1. curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get-helm-3 > get_helm.sh
	2. chmod 700 get_helm.sh
	3. ./get_helm.sh

---------------------------------------------------------------------------------------------------------

IBM DataPower - Installed through helm CLI HELM Chart
https://hub.kubeapps.com/charts/ibm-charts/ibm-datapower-dev/3.1.5

- [ ] helm repo add ibm-charts https://raw.githubusercontent.com/IBM/charts/master/repo/stable/
- [ ] cd  ~/github/k8s-manifests/pacific/applications/ibm-datapower
- [ ] helm install datapower ibm-charts/ibm-datapower-dev -f values.yaml
- [ ] values.yaml. (Same as Kubeapps installation)
```
datapower:
  env:
    defaultLogFormat: json-icp
    workerThreads: 3
  gatewaySshLocalAddress: 0.0.0.0
  gatewaySshPort: 9022
  gatewaySshState: enabled
  image:
    pullPolicy: IfNotPresent
    pullSecret: null
    repository: harbor.tpmlab.vmware.com/proxy/ibmcom/datapower
    tag: 2018.4.1.16.330899
  replicaCount: 1
  resources:
    limits:
      cpu: 8
      memory: 64Gi
    requests:
      cpu: 3
      memory: 6Gi
  restManagementLocalAddress: 0.0.0.0
  restManagementPort: 5554
  restManagementState: enabled
  snmpLocalAddress: 0.0.0.0
  snmpPort: 1161
  snmpState: enabled
  webGuiManagementLocalAddress: 0.0.0.0
  webGuiManagementPort: 9090
  webGuiManagementState: enabled
  xmlManagementLocalAddress: 0.0.0.0
  xmlManagementPort: 5550
  xmlManagementState: disabled
crypto:
  frontsideSecret: null
health:
  livenessPort: 7879
  readinessPort: 7878
patternName: restProxy
restProxy:
  backendURL: https://www.ibm.com
  containerPort: 8443
service:
  name: datapower
  type: LoadBalancer
```

- [ ] k get po              # To get the pod name for Data Power
- [ ] k expose po datapower-ibm-datapower-dev-6fb5c98955-jkgdg --port=9090 --target-port=9090 --type=LoadBalancer
- [ ] k get svc
	- [ ] NAME                                                                                              TYPE                      CLUSTER-IP     EXTERNAL-IP       PORT(S)          AGE
	- [ ] datapower-ibm-datapower-dev                                         LoadBalancer   10.96.87.70     192.168.100.131   8443:31367/TCP   5m33s
	- [ ] datapower-ibm-datapower-dev-6fb5c98955-jkgdg   LoadBalancer   10.96.143.254   192.168.100.133   9090:30201/TCP   81s
- [ ] Login and TEST
	- [ ] CHROME --> https://<ExTERNAL -IP> :9090
		- [ ] admin  /. admin

---------------------------------------------------------------------------------------------------------

SETUP & Configure Kubeapps

1. helm repo add bitnami https://charts.bitnami.com/bitnami
2. kubectl create namespace kubeapps
3. NOTE: 
4. Setup values.yaml file
	1. cd /root/github/k8s-manifests/pacific/applications/kubeapps
	2. vi values.yaml
		1. TO Change Image Locations -(use the caching Harbor proxy server )
			1. sed -i 's/docker.io/harbor.tpmlab.vmware.com\/proxy/g' values.yaml
		2. To Change to SVC type LoadBalancer
			1. service:
			2.     ## @param frontend.service.type Frontend service type
			3.     ##
			4.     type: LoadBalancer
5. helm install kubeapps --namespace kubeapps bitnami/kubeapps --set useHelm3=true -f ./values.yaml
6. kubectl create serviceaccount kubeapps-operator
7. kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=default:kubeapps-operator
8. kubectl get secret $(kubectl get serviceaccount kubeapps-operator -o jsonpath='{range .secrets[*]}{.name}{"\n"}{end}' | grep kubeapps-operator-token) -o jsonpath='{.data.token}' -o go-template='{{.data.token | base64decode}}' && echo
9. k edit svc kubeapps -n kubeapps
	1. Change type: ClusterIP
		1. to
	2. type: LoadBalancer
10. k get svc -A                                 
	1. NAMESPACE     NAME                   TYPE                   CLUSTER-IP       EXTERNAL-IP            PORT(S)                    AGE
	2. kubeapps                                        LoadBalancer     10.105.82.122     10.193.166.68            80:32724/TCP           101s
11. Login to Web Interface
	1. Chrome   —>    http://192.168.40.201
		1. Copy Paste Bearer Token from Step 6 above. ( kubectl get secret )
12. ADD TAC to your KubeApps Dashboard as a repository
	1. Login to Local kubeapps
		1. Chrome   —>    http://192.168.40.201
	2. Configuration —>  App Repositories —>Add App Repository
		1. Name:     trial-tac-demo
		2. URL:       https://charts.trials.tac.bitnami.com/demo/
			1. —>   Install Repo