Skip to content

Commit

Permalink
Install only lookup service in hub cluster.
Browse files Browse the repository at this point in the history
  • Loading branch information
@GrahamDumpleton
GrahamDumpleton committed Aug 16, 2024
1 parent 2a8fd1c commit 86021bb
Show file tree
Hide file tree
Showing 5 changed files with 96 additions and 127 deletions.
193 changes: 91 additions & 102 deletions workshops/lab-lookup-configuration/resources/workshop.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -293,107 +293,6 @@ spec:
- $(workshop_namespace)
targetSecret:
name: $(session_name)-cluster-1-kubeconfig
# Educates for virtual cluster hub.
- apiVersion: v1
kind: Secret
metadata:
name: educates-training-platform-values
namespace: $(session_namespace)-hub
stringData:
values.yaml: |
clusterInfrastructure:
provider: vcluster
clusterPackages:
kyverno:
enabled: false
clusterIngress:
domain: "hub.$(session_name).$(ingress_domain)"
clusterSecurity:
policyEngine: none
workshopSecurity:
rulesEngine: none
lookupService:
enabled: true
- apiVersion: kappctrl.k14s.io/v1alpha1
kind: App
metadata:
name: educates-training-platform
namespace: $(session_namespace)-hub
spec:
noopDelete: true
syncPeriod: 24h
cluster:
namespace: default
kubeconfigSecretRef:
name: vc-hub-vcluster
key: config
fetch:
- imgpkgBundle:
image: ghcr.io/vmware-tanzu-labs/educates-installer:3.0.0-alpha.14
deploy:
- kapp:
rawOptions:
- --app-changes-max-to-keep=5
template:
- ytt:
paths:
- config
- kbld/kbld-bundle.yaml
valuesFrom:
- path: kbld/kbld-images.yaml
- secretRef:
name: educates-training-platform-values
- kbld:
paths:
- .imgpkg/images.yml
- '-'
# Educates for virtual cluster cluster-1.
- apiVersion: v1
kind: Secret
metadata:
name: educates-training-platform-values
namespace: $(session_namespace)-cluster-1
stringData:
values.yaml: |
clusterIngress:
domain: "cluster-1.$(session_name).$(ingress_domain)"
clusterSecurity:
policyEngine: none
workshopSecurity:
rulesEngine: none
- apiVersion: kappctrl.k14s.io/v1alpha1
kind: App
metadata:
name: educates-training-platform
namespace: $(session_namespace)-cluster-1
spec:
noopDelete: true
syncPeriod: 24h
cluster:
namespace: default
kubeconfigSecretRef:
name: vc-cluster-1-vcluster
key: config
fetch:
- imgpkgBundle:
image: ghcr.io/vmware-tanzu-labs/educates-training-platform:2.7.3
deploy:
- kapp:
rawOptions:
- --app-changes-max-to-keep=5
template:
- ytt:
paths:
- config
- kbld-bundle.yaml
valuesFrom:
- path: kbld-images.yaml
- secretRef:
name: educates-training-platform-values
- kbld:
paths:
- .imgpkg/images.yml
- '-'
# Virtual cluster for cluster-2.
- apiVersion: v1
kind: Secret
Expand Down Expand Up @@ -478,7 +377,97 @@ spec:
- $(workshop_namespace)
targetSecret:
name: $(session_name)-cluster-2-kubeconfig
# Educates for virtual cluster cluster-2.
# Educates lookup service for virtual cluster hub.
- apiVersion: v1
kind: Secret
metadata:
name: educates-lookup-service-values
namespace: $(session_namespace)-hub
stringData:
values.yaml: |
applicationNamespace:
name: educates
clusterIngress:
domain: "hub.$(session_name).$(ingress_domain)"
- apiVersion: kappctrl.k14s.io/v1alpha1
kind: App
metadata:
name: educates-lookup-service
namespace: $(session_namespace)-hub
spec:
noopDelete: true
syncPeriod: 24h
cluster:
namespace: default
kubeconfigSecretRef:
name: vc-hub-vcluster
key: config
fetch:
- imgpkgBundle:
image: ghcr.io/educates/educates-lookup-service-installer:main
deploy:
- kapp:
rawOptions:
- --app-changes-max-to-keep=5
template:
- ytt:
paths:
- config
valuesFrom:
- secretRef:
name: educates-lookup-service-values
- kbld:
paths:
- .imgpkg/images.yml
- '-'
# Educates 2.7.3 for virtual cluster cluster-1.
- apiVersion: v1
kind: Secret
metadata:
name: educates-training-platform-values
namespace: $(session_namespace)-cluster-1
stringData:
values.yaml: |
clusterIngress:
domain: "cluster-1.$(session_name).$(ingress_domain)"
clusterSecurity:
policyEngine: none
workshopSecurity:
rulesEngine: none
- apiVersion: kappctrl.k14s.io/v1alpha1
kind: App
metadata:
name: educates-training-platform
namespace: $(session_namespace)-cluster-1
spec:
noopDelete: true
syncPeriod: 24h
cluster:
namespace: default
kubeconfigSecretRef:
name: vc-cluster-1-vcluster
key: config
fetch:
- imgpkgBundle:
image: ghcr.io/vmware-tanzu-labs/educates-training-platform:2.7.3
deploy:
- kapp:
rawOptions:
- --app-changes-max-to-keep=5
template:
- ytt:
paths:
- config
- kbld-bundle.yaml
valuesFrom:
- path: kbld-images.yaml
- secretRef:
name: educates-training-platform-values
- kbld:
paths:
- .imgpkg/images.yml
- '-'
# Educates 3.0.0 for virtual cluster cluster-2.
- apiVersion: v1
kind: Secret
metadata:
Expand Down
2 changes: 1 addition & 1 deletion workshops/lab-lookup-configuration/workshop/content/00-workshop-overview.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,5 @@ service, in particular how to configure it to span multiple clusters.

It is assumed that you have already undertaken the workshop on how to perform
the initial installation of the Educates lookup service, which covers basic
concepts needed when configuring the Educates lookup services, such as clusters,
concepts needed when configuring the Educates lookup service, such as clusters,
tenants and clients.
12 changes: 3 additions & 9 deletions workshops/lab-lookup-configuration/workshop/content/01-kubernetes-clusters.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,9 @@ title: Kubernetes Clusters
---

In this workshop, in order to demonstrate how to configure the Educates lookup
service three separate Kubernetes virtual clusters have been created. Each of
the virtual clusters has Educates installed, with the lookup service enabled.
service three separate Kubernetes virtual clusters have been created. Two of
the virtual clusters will have the Educates training platform installed and the
other will have just the Educates lookup service installed.

Access to each virtual cluster is provided through separate contexts defined
in the user kubeconfig file. To list the contexts run:
Expand All @@ -24,10 +25,3 @@ so we know how to access it, you can run:
session: 1
command: kubectl get ingress/lookup-service --context hub -n educates
```

Although a complete Educates installation has been deployed to the `hub` virtual
cluster, for this workshop we will only make use of the lookup service running
in that cluster to monitor Educates running in the `cluster-1` and `cluster-2`
virtual clusters. Conversely, for `cluster-1` and `cluster-2`, we will make use
of Educates for deploying workshops, but will not use the lookup service in
those clusters.
2 changes: 0 additions & 2 deletions workshops/lab-lookup-configuration/workshop/content/02-admin-user-access.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,6 @@ path: admin-config.yaml
preview: true
```

This includes a `ClientConfig` which is used to configure a user.

The admin user has the special role `admin` and can be used for querying the
state of any monitored Educates cluster via the lookup service. This user should
not be used by a custom front end web portal which only needs to request
Expand Down
14 changes: 1 addition & 13 deletions ...tion/workshop/content/03-local-cluster.md → ...workshop/content/03-testing-api-access.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
title: Local Cluster
title: Testing API Access
---

To test that the configuration is working, we can use the admin user to login
Expand All @@ -26,15 +26,3 @@ command: |-

Right now this should return an empty list as we have not yet configured the
lookup service to monitor any Educates clusters.

We could have applied a `ClusterConfig` as follows to the `hub` cluster to allow
us to monitor the `hub` cluster itself, but for this workshop we only want to
monitor the remote clusters.

```
apiVersion: lookup.educates.dev/v1beta1
kind: ClusterConfig
metadata:
name: local-cluster
namespace: educates-config
```

0 comments on commit 86021bb

Please sign in to comment.