From 86021bb0e83cacabfeb397255d7e21fb0cc23542 Mon Sep 17 00:00:00 2001 From: Graham Dumpleton Date: Fri, 16 Aug 2024 15:57:29 +1000 Subject: [PATCH] Install only lookup service in hub cluster. --- .../resources/workshop.yaml | 193 +++++++++--------- .../workshop/content/00-workshop-overview.md | 2 +- .../content/01-kubernetes-clusters.md | 12 +- .../workshop/content/02-admin-user-access.md | 2 - ...al-cluster.md => 03-testing-api-access.md} | 14 +- 5 files changed, 96 insertions(+), 127 deletions(-) rename workshops/lab-lookup-configuration/workshop/content/{03-local-cluster.md => 03-testing-api-access.md} (77%) diff --git a/workshops/lab-lookup-configuration/resources/workshop.yaml b/workshops/lab-lookup-configuration/resources/workshop.yaml index a0bcf8d..acd7faa 100644 --- a/workshops/lab-lookup-configuration/resources/workshop.yaml +++ b/workshops/lab-lookup-configuration/resources/workshop.yaml @@ -293,107 +293,6 @@ spec: - $(workshop_namespace) targetSecret: name: $(session_name)-cluster-1-kubeconfig - # Educates for virtual cluster hub. - - apiVersion: v1 - kind: Secret - metadata: - name: educates-training-platform-values - namespace: $(session_namespace)-hub - stringData: - values.yaml: | - clusterInfrastructure: - provider: vcluster - clusterPackages: - kyverno: - enabled: false - clusterIngress: - domain: "hub.$(session_name).$(ingress_domain)" - clusterSecurity: - policyEngine: none - workshopSecurity: - rulesEngine: none - lookupService: - enabled: true - - apiVersion: kappctrl.k14s.io/v1alpha1 - kind: App - metadata: - name: educates-training-platform - namespace: $(session_namespace)-hub - spec: - noopDelete: true - syncPeriod: 24h - cluster: - namespace: default - kubeconfigSecretRef: - name: vc-hub-vcluster - key: config - fetch: - - imgpkgBundle: - image: ghcr.io/vmware-tanzu-labs/educates-installer:3.0.0-alpha.14 - deploy: - - kapp: - rawOptions: - - --app-changes-max-to-keep=5 - template: - - ytt: - paths: - - config - - kbld/kbld-bundle.yaml - valuesFrom: - - path: kbld/kbld-images.yaml - - secretRef: - name: educates-training-platform-values - - kbld: - paths: - - .imgpkg/images.yml - - '-' - # Educates for virtual cluster cluster-1. - - apiVersion: v1 - kind: Secret - metadata: - name: educates-training-platform-values - namespace: $(session_namespace)-cluster-1 - stringData: - values.yaml: | - clusterIngress: - domain: "cluster-1.$(session_name).$(ingress_domain)" - clusterSecurity: - policyEngine: none - workshopSecurity: - rulesEngine: none - - apiVersion: kappctrl.k14s.io/v1alpha1 - kind: App - metadata: - name: educates-training-platform - namespace: $(session_namespace)-cluster-1 - spec: - noopDelete: true - syncPeriod: 24h - cluster: - namespace: default - kubeconfigSecretRef: - name: vc-cluster-1-vcluster - key: config - fetch: - - imgpkgBundle: - image: ghcr.io/vmware-tanzu-labs/educates-training-platform:2.7.3 - deploy: - - kapp: - rawOptions: - - --app-changes-max-to-keep=5 - template: - - ytt: - paths: - - config - - kbld-bundle.yaml - valuesFrom: - - path: kbld-images.yaml - - secretRef: - name: educates-training-platform-values - - kbld: - paths: - - .imgpkg/images.yml - - '-' # Virtual cluster for cluster-2. - apiVersion: v1 kind: Secret @@ -478,7 +377,97 @@ spec: - $(workshop_namespace) targetSecret: name: $(session_name)-cluster-2-kubeconfig - # Educates for virtual cluster cluster-2. + # Educates lookup service for virtual cluster hub. + - apiVersion: v1 + kind: Secret + metadata: + name: educates-lookup-service-values + namespace: $(session_namespace)-hub + stringData: + values.yaml: | + applicationNamespace: + name: educates + clusterIngress: + domain: "hub.$(session_name).$(ingress_domain)" + - apiVersion: kappctrl.k14s.io/v1alpha1 + kind: App + metadata: + name: educates-lookup-service + namespace: $(session_namespace)-hub + spec: + noopDelete: true + syncPeriod: 24h + cluster: + namespace: default + kubeconfigSecretRef: + name: vc-hub-vcluster + key: config + fetch: + - imgpkgBundle: + image: ghcr.io/educates/educates-lookup-service-installer:main + deploy: + - kapp: + rawOptions: + - --app-changes-max-to-keep=5 + template: + - ytt: + paths: + - config + valuesFrom: + - secretRef: + name: educates-lookup-service-values + - kbld: + paths: + - .imgpkg/images.yml + - '-' + # Educates 2.7.3 for virtual cluster cluster-1. + - apiVersion: v1 + kind: Secret + metadata: + name: educates-training-platform-values + namespace: $(session_namespace)-cluster-1 + stringData: + values.yaml: | + clusterIngress: + domain: "cluster-1.$(session_name).$(ingress_domain)" + clusterSecurity: + policyEngine: none + workshopSecurity: + rulesEngine: none + - apiVersion: kappctrl.k14s.io/v1alpha1 + kind: App + metadata: + name: educates-training-platform + namespace: $(session_namespace)-cluster-1 + spec: + noopDelete: true + syncPeriod: 24h + cluster: + namespace: default + kubeconfigSecretRef: + name: vc-cluster-1-vcluster + key: config + fetch: + - imgpkgBundle: + image: ghcr.io/vmware-tanzu-labs/educates-training-platform:2.7.3 + deploy: + - kapp: + rawOptions: + - --app-changes-max-to-keep=5 + template: + - ytt: + paths: + - config + - kbld-bundle.yaml + valuesFrom: + - path: kbld-images.yaml + - secretRef: + name: educates-training-platform-values + - kbld: + paths: + - .imgpkg/images.yml + - '-' + # Educates 3.0.0 for virtual cluster cluster-2. - apiVersion: v1 kind: Secret metadata: diff --git a/workshops/lab-lookup-configuration/workshop/content/00-workshop-overview.md b/workshops/lab-lookup-configuration/workshop/content/00-workshop-overview.md index 873bc67..83706ec 100644 --- a/workshops/lab-lookup-configuration/workshop/content/00-workshop-overview.md +++ b/workshops/lab-lookup-configuration/workshop/content/00-workshop-overview.md @@ -10,5 +10,5 @@ service, in particular how to configure it to span multiple clusters. It is assumed that you have already undertaken the workshop on how to perform the initial installation of the Educates lookup service, which covers basic -concepts needed when configuring the Educates lookup services, such as clusters, +concepts needed when configuring the Educates lookup service, such as clusters, tenants and clients. diff --git a/workshops/lab-lookup-configuration/workshop/content/01-kubernetes-clusters.md b/workshops/lab-lookup-configuration/workshop/content/01-kubernetes-clusters.md index 7853a44..b09a4f2 100644 --- a/workshops/lab-lookup-configuration/workshop/content/01-kubernetes-clusters.md +++ b/workshops/lab-lookup-configuration/workshop/content/01-kubernetes-clusters.md @@ -3,8 +3,9 @@ title: Kubernetes Clusters --- In this workshop, in order to demonstrate how to configure the Educates lookup -service three separate Kubernetes virtual clusters have been created. Each of -the virtual clusters has Educates installed, with the lookup service enabled. +service three separate Kubernetes virtual clusters have been created. Two of +the virtual clusters will have the Educates training platform installed and the +other will have just the Educates lookup service installed. Access to each virtual cluster is provided through separate contexts defined in the user kubeconfig file. To list the contexts run: @@ -24,10 +25,3 @@ so we know how to access it, you can run: session: 1 command: kubectl get ingress/lookup-service --context hub -n educates ``` - -Although a complete Educates installation has been deployed to the `hub` virtual -cluster, for this workshop we will only make use of the lookup service running -in that cluster to monitor Educates running in the `cluster-1` and `cluster-2` -virtual clusters. Conversely, for `cluster-1` and `cluster-2`, we will make use -of Educates for deploying workshops, but will not use the lookup service in -those clusters. diff --git a/workshops/lab-lookup-configuration/workshop/content/02-admin-user-access.md b/workshops/lab-lookup-configuration/workshop/content/02-admin-user-access.md index 3c8f8bf..7f7acf1 100644 --- a/workshops/lab-lookup-configuration/workshop/content/02-admin-user-access.md +++ b/workshops/lab-lookup-configuration/workshop/content/02-admin-user-access.md @@ -11,8 +11,6 @@ path: admin-config.yaml preview: true ``` -This includes a `ClientConfig` which is used to configure a user. - The admin user has the special role `admin` and can be used for querying the state of any monitored Educates cluster via the lookup service. This user should not be used by a custom front end web portal which only needs to request diff --git a/workshops/lab-lookup-configuration/workshop/content/03-local-cluster.md b/workshops/lab-lookup-configuration/workshop/content/03-testing-api-access.md similarity index 77% rename from workshops/lab-lookup-configuration/workshop/content/03-local-cluster.md rename to workshops/lab-lookup-configuration/workshop/content/03-testing-api-access.md index 83a5220..5d21dce 100644 --- a/workshops/lab-lookup-configuration/workshop/content/03-local-cluster.md +++ b/workshops/lab-lookup-configuration/workshop/content/03-testing-api-access.md @@ -1,5 +1,5 @@ --- -title: Local Cluster +title: Testing API Access --- To test that the configuration is working, we can use the admin user to login @@ -26,15 +26,3 @@ command: |- Right now this should return an empty list as we have not yet configured the lookup service to monitor any Educates clusters. - -We could have applied a `ClusterConfig` as follows to the `hub` cluster to allow -us to monitor the `hub` cluster itself, but for this workshop we only want to -monitor the remote clusters. - -``` -apiVersion: lookup.educates.dev/v1beta1 -kind: ClusterConfig -metadata: - name: local-cluster - namespace: educates-config -```