Last active
May 18, 2021 16:06
-
-
Save tkrausjr/66040f8d3c7fd8e6a3a2d3c47af329dd to your computer and use it in GitHub Desktop.
POC URLS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
test |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Harbor Proxy Cache Configuration: | |
- [ ] Configure Caching for docker hub | |
--------------------------------------------------------------------------------------------------------- | |
Configure TKGs Clusters to trust the Harbor Instance | |
- [ ] openssl s_client -connect 10.173.13.84:443 | |
1. CONNECTED(00000003) | |
- [ ] Copy the -----BEGIN CERTIFICATE----- to -----END CERTIFICATE----- | |
- [ ] https://base64.guru/converter/encode/text | |
- [ ] Now Switch to the Namespace CONTEXT of the Namespace you want to configure. | |
- [ ] k config use-context first-alb | |
- [ ] Switched to context "first-alb". | |
- [ ] k edit tkgServiceConfiguration | |
- [ ] | |
- [ ] tkgserviceconfiguration.run.tanzu.vmware.com/tkg-service-configuration edited | |
- [ ] This will ONLY Take effect for NEW CLUSTERS deployed not existing. | |
- [ ] To have it take effect, create a new cluster and test | |
- [ ] k apply -f tkg-small-7u2.yaml | |
- [ ] tanzukubernetescluster.run.tanzu.vmware.com/tkg-cluster-2 created | |
- [ ] docker pull harbor.tpmlab.vmware.com/library/nginx:stable-alpine | |
--------------------------------------------------------------------------------------------------------- | |
TEST Proxy Cache | |
- [ ] For Single level Repositories like elasticsearch in the root (not in an ORG in Docker Hub) | |
- [ ] kubectl run harbor-elastic-2 --image=harbor.tpmlab.vmware.com/proxy/library/elasticsearch:7.12.0 | |
- [ ] For Repositories inside an ORG or multilevel you can omit the "library" in the pull or run statement | |
- [ ] kubectl run redis1 --image=harbor.tpmlab.vmware.com/proxy/bitnami/redis:5.0.12-debian-10-r42 | |
Setup helm | |
1. curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get-helm-3 > get_helm.sh | |
2. chmod 700 get_helm.sh | |
3. ./get_helm.sh | |
--------------------------------------------------------------------------------------------------------- | |
IBM DataPower - Installed through helm CLI HELM Chart | |
https://hub.kubeapps.com/charts/ibm-charts/ibm-datapower-dev/3.1.5 | |
- [ ] helm repo add ibm-charts https://raw.githubusercontent.com/IBM/charts/master/repo/stable/ | |
- [ ] cd ~/github/k8s-manifests/pacific/applications/ibm-datapower | |
- [ ] helm install datapower ibm-charts/ibm-datapower-dev -f values.yaml | |
- [ ] values.yaml. (Same as Kubeapps installation) | |
``` | |
datapower: | |
env: | |
defaultLogFormat: json-icp | |
workerThreads: 3 | |
gatewaySshLocalAddress: 0.0.0.0 | |
gatewaySshPort: 9022 | |
gatewaySshState: enabled | |
image: | |
pullPolicy: IfNotPresent | |
pullSecret: null | |
repository: harbor.tpmlab.vmware.com/proxy/ibmcom/datapower | |
tag: 2018.4.1.16.330899 | |
replicaCount: 1 | |
resources: | |
limits: | |
cpu: 8 | |
memory: 64Gi | |
requests: | |
cpu: 3 | |
memory: 6Gi | |
restManagementLocalAddress: 0.0.0.0 | |
restManagementPort: 5554 | |
restManagementState: enabled | |
snmpLocalAddress: 0.0.0.0 | |
snmpPort: 1161 | |
snmpState: enabled | |
webGuiManagementLocalAddress: 0.0.0.0 | |
webGuiManagementPort: 9090 | |
webGuiManagementState: enabled | |
xmlManagementLocalAddress: 0.0.0.0 | |
xmlManagementPort: 5550 | |
xmlManagementState: disabled | |
crypto: | |
frontsideSecret: null | |
health: | |
livenessPort: 7879 | |
readinessPort: 7878 | |
patternName: restProxy | |
restProxy: | |
backendURL: https://www.ibm.com | |
containerPort: 8443 | |
service: | |
name: datapower | |
type: LoadBalancer | |
``` | |
- [ ] k get po # To get the pod name for Data Power | |
- [ ] k expose po datapower-ibm-datapower-dev-6fb5c98955-jkgdg --port=9090 --target-port=9090 --type=LoadBalancer | |
- [ ] k get svc | |
- [ ] NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE | |
- [ ] datapower-ibm-datapower-dev LoadBalancer 10.96.87.70 192.168.100.131 8443:31367/TCP 5m33s | |
- [ ] datapower-ibm-datapower-dev-6fb5c98955-jkgdg LoadBalancer 10.96.143.254 192.168.100.133 9090:30201/TCP 81s | |
- [ ] Login and TEST | |
- [ ] CHROME --> https://<ExTERNAL -IP> :9090 | |
- [ ] admin /. admin | |
--------------------------------------------------------------------------------------------------------- | |
SETUP & Configure Kubeapps | |
1. helm repo add bitnami https://charts.bitnami.com/bitnami | |
2. kubectl create namespace kubeapps | |
3. NOTE: | |
4. Setup values.yaml file | |
1. cd /root/github/k8s-manifests/pacific/applications/kubeapps | |
2. vi values.yaml | |
1. TO Change Image Locations -(use the caching Harbor proxy server ) | |
1. sed -i 's/docker.io/harbor.tpmlab.vmware.com\/proxy/g' values.yaml | |
2. To Change to SVC type LoadBalancer | |
1. service: | |
2. ## @param frontend.service.type Frontend service type | |
3. ## | |
4. type: LoadBalancer | |
5. helm install kubeapps --namespace kubeapps bitnami/kubeapps --set useHelm3=true -f ./values.yaml | |
6. kubectl create serviceaccount kubeapps-operator | |
7. kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=default:kubeapps-operator | |
8. kubectl get secret $(kubectl get serviceaccount kubeapps-operator -o jsonpath='{range .secrets[*]}{.name}{"\n"}{end}' | grep kubeapps-operator-token) -o jsonpath='{.data.token}' -o go-template='{{.data.token | base64decode}}' && echo | |
9. k edit svc kubeapps -n kubeapps | |
1. Change type: ClusterIP | |
1. to | |
2. type: LoadBalancer | |
10. k get svc -A | |
1. NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE | |
2. kubeapps LoadBalancer 10.105.82.122 10.193.166.68 80:32724/TCP 101s | |
11. Login to Web Interface | |
1. Chrome —> http://192.168.40.201 | |
1. Copy Paste Bearer Token from Step 6 above. ( kubectl get secret ) | |
12. ADD TAC to your KubeApps Dashboard as a repository | |
1. Login to Local kubeapps | |
1. Chrome —> http://192.168.40.201 | |
2. Configuration —> App Repositories —>Add App Repository | |
1. Name: trial-tac-demo | |
2. URL: https://charts.trials.tac.bitnami.com/demo/ | |
1. —> Install Repo | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment