Skip to content

Commit

Permalink
Merge pull request #24 from ns1labs/kind-support
Browse files Browse the repository at this point in the history 
adding kind support for local k8s deployment
  • Loading branch information
@fhaze
fhaze authored Jun 7, 2022
2 parents cf60878 + 3a856fa commit 8bab851
Show file tree
Hide file tree
Showing 6 changed files with 816 additions and 1 deletion.
47 changes: 47 additions & 0 deletions KIND.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
# Kind local cluster

Kind is a tool for running local k8s clusters using docker container as nodes.

## 🚧 Install Kind

if you have `go 1.17` installed
```shell
go install sigs.k8s.io/[email protected]
```

macOS
```shell
brew install kind
```

> 🚨 **Windows WSL users**: WSL is also supported, but for some reason the Orb stack mess up the WSL internal DNS.
> You can fix that by editing your `/etc/wsl.conf` and adding the following:
> ```shell
> [network]
> generateResolvConf = false
> ```
> Then remove the symbolic link from `/etc/resolv.conf`:
> ```shell
> sudo unlink /etc/resolv.conf
> ```
> Create a new `/etc/resolv.conf` file and add the following:
> ```shell
> nameserver 8.8.8.8
> ```
> save the file and you are done.
## 🚀 Deploy Orb on Kind
Use the following command to create the cluster and deploy **Orb**
```shell
make kind-create-all
```
Access the **Orb UI** by accessing: https://kubernetes.docker.internal/. The admin user is created with the following credentials: `[email protected] / pass123456`

If you want to delete the cluster run:

```shell
make kind-delete-cluster
```
21 changes: 21 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,3 +20,24 @@ index:
git push
git checkout main

kind-create-all: kind-create-cluster kind-install-orb

kind-create-cluster:
kind create cluster --image kindest/node:v1.23.0 --config=./kind/config.yaml

kind-delete-cluster:
kind delete cluster

kind-install-orb:
kubectl create namespace orb
kubectl create secret generic orb-auth-service --from-literal=jwtSecret=MY_SECRET -n orb
kubectl create secret generic orb-user-service [email protected] --from-literal=adminPassword=pass123456 -n orb
helm install --set defaults.replicaCount=1 --set nginx_internal.kindDeploy=true --set ingress.hostname=kubernetes.docker.internal -n orb kind-orb ./charts/orb
kubectl apply -f ./kind/nginx.yaml

kind-delete-orb:
kubectl delete -f ./kind/nginx.yaml
helm delete -n orb kind-orb
kubectl delete secret generic orb-user-service -n orb
kubectl delete secret generic orb-auth-service -n orb
kubectl delete namespace orb
2 changes: 1 addition & 1 deletion charts/orb/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ name: orb
description: Orb Observability Platform
icon: https://avatars1.githubusercontent.com/u/13207490
type: application
version: 1.0.19
version: 1.0.20
appVersion: "0.16.0"
home: https://getorb.io
sources:
Expand Down
92 changes: 92 additions & 0 deletions charts/orb/templates/nginx-internal.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -247,7 +247,74 @@ kind: ConfigMap
metadata:
name: {{ .Release.Name }}-nginx-internal-authorization
---
{{- if .Values.nginx_internal.kindDeploy }}
apiVersion: v1
data:
tls.crt: |-
-----BEGIN CERTIFICATE-----
MIIDjzCCAnegAwIBAgIUQ1AagVQXCuOIzmGXm+KhsbyBc18wDQYJKoZIhvcNAQEN
BQAwVzESMBAGA1UEAwwJbG9jYWxob3N0MREwDwYDVQQKDAhNYWluZmx1eDEMMAoG
A1UECwwDSW9UMSAwHgYJKoZIhvcNAQkBFhFpbmZvQG1haW5mbHV4LmNvbTAeFw0x
OTA0MDEwOTI3MDFaFw0yMjAzMzEwOTI3MDFaMFcxEjAQBgNVBAMMCWxvY2FsaG9z
dDERMA8GA1UECgwITWFpbmZsdXgxDDAKBgNVBAsMA0lvVDEgMB4GCSqGSIb3DQEJ
ARYRaW5mb0BtYWluZmx1eC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCq6O4PHwgGOmEafjea5KocG80GYSYbvN37ums6fQ1wcmCxn8LtZek8WkfJ
S2NQQPDvn8QWRY7aUkTAW7cEB4vxpT25bevP7KJNFAS8XZO7NTfF8fscJS+YWSXz
VS0OFZ2YuqTnjCiqWf5mvjAkkXBGIYq+k2ONM1tHlEA0lzbLun2a9H/XarCG+znj
pfYpW6R08zFzXyGb4sI2pyYpP7iZLla7PTSZTt9h6jkY3qqMDhEHhPdlXDhO1O9/
lA8yWMO9vKCzC7ngDXnV99Nl+tFhp9z9VkTUveLMuN9+riDJRfP25fOzHuRYzmsR
emYjD1NvSgsvFqSbFDVXB8kcyrXPAgMBAAGjUzBRMB0GA1UdDgQWBBRs4xR91qEj
NRGmw391xS7x6Tc+8jAfBgNVHSMEGDAWgBRs4xR91qEjNRGmw391xS7x6Tc+8jAP
BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBDQUAA4IBAQAAPMf7bVFhzUG8AYq0
VS9BWVwVtdNzZ3X9FkG9O+tZZO43GlaToym8PmhJHF9wk3AA+pmgfcmBrHcTG0me
PeincN2euO0c4iv1f/i4bAY5/iq/Q0w/GiuTL5VLVpaH1SQrWhc0ZD7Ii+lVPpFQ
bJXKHFQBnZU7mWeQnL9W1SVhWfsSKShBkAEUeGXo3YMC7nYsFJkl/heC3sYqfrW4
7fq80u+TU6HjGetSAWKacae7eeNmprMn0lFw2VqPQG3M4M0l9pEfcrRygOAnqNKO
aNi2UYKBla3XeDjObovOsXRScTKmJZwJ/STJlu+x5UAwF34ZBJy0O2qdd+kOxAhj
5Yq2
-----END CERTIFICATE-----
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-nginx-internal-tls-crt
---
apiVersion: v1
data:
tls.key: |-
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCq6O4PHwgGOmEa
fjea5KocG80GYSYbvN37ums6fQ1wcmCxn8LtZek8WkfJS2NQQPDvn8QWRY7aUkTA
W7cEB4vxpT25bevP7KJNFAS8XZO7NTfF8fscJS+YWSXzVS0OFZ2YuqTnjCiqWf5m
vjAkkXBGIYq+k2ONM1tHlEA0lzbLun2a9H/XarCG+znjpfYpW6R08zFzXyGb4sI2
pyYpP7iZLla7PTSZTt9h6jkY3qqMDhEHhPdlXDhO1O9/lA8yWMO9vKCzC7ngDXnV
99Nl+tFhp9z9VkTUveLMuN9+riDJRfP25fOzHuRYzmsRemYjD1NvSgsvFqSbFDVX
B8kcyrXPAgMBAAECggEAbp/el0MKup1HBRL1gvjHcvI7vwla1VFmje2YQn93F3Wx
SMeUMH1qfnohRRXa7rNaQIA1OAVF9eKSRcAXsjAAUSUX0tJndGpCk4mFlzcqzF4h
/6olU45uRDpP6jUTuK4dGCKXYpjCKaGenXo1RzYsafiECd707Qx05Nv8ww2tlifN
HtUR0xCZfVGDZfmNMZVrksUIZ1XHwZNtNLWQW6MBl3RhFaA0Wz/RfFMi2FzacEbj
75IqE6PLic1fin6P3GouzKamtZ6YPTyR5PqxCOCw97oZDCUGy2qGyAuPUi9O2HKB
fQgSyIxuR73S2korvxAmvekubjBFAqhan2oEjZs6oQKBgQDT28COlC33BSrpr2+V
pZIL4Bb1rGHreTi1M/4n9nP3GOZ9gqnSUsWXyxYVoZ2YfixorjZhUzHyx4SfZ2E9
p5PkIJ0wOiHLlKQ36vEVN9ZO1UyNCYUgs3seW40xnsAiMNczZjufIZrsejO3tc2j
Jhgp+B/9Bt5A8us2ewhz3LlQowKBgQDOhQmZAfL/xAjYBCUS73t/YO60i5e1yg2J
i6jXeKjd5gRZ32upkBzQ8UBvAGSQGqrcCnqIzrU5TeeD046bZzkokg7iKwHwQDrL
SXTthUB6ABZddP/VXCEUVBer3FEnUgJm9jw08RzmPyNEPjfp91FDmJ9GYcbdo/nL
hBPHh3lc5QKBgQCJYZ0yWACeiKlVNECFqAJW1Q/Oa+RrkAYn6vlK7NQyTeFZTlvV
WXtsfXNqv4y0kE037JCy+AIRzzO/MoiqNHsAme2Ukn3LyC3dXOrMuZKtOEAVzTCZ
Dgoum2up26n4AffrCsZq4J3X7z6OSMR6oX9V5+LGb6e8Mko43/uRNnatRQKBgEMH
bQkLV+ppnxE1ry7JKcU7Gd7hm9j1/pTRDnj5AZ4b5Peii1ganS+3zdj5QKqA7UnD
4Od8Z9d0kJr51EReKXAgj9IacWOgBTUr31akNDwkwR2ONubyIw5tCM3QEUr41CzE
6N+qDl4wyeqBYzZ9/hM5eyCl5ZzUduP2N1FAiER9AoGAW2T0OeM5ZsPABMKu9eEN
FB9bVysqWT1tExB34OGWrZvNEzsHTqvr/D3KSWv0PS1pM46M1XkVbybOzRmPrzab
AGMDJXgGhMuk2UtDA/s9mgqTOeDXpvmaFyThVkoH162j6GMuX2SwxHnH9D42zgMR
3LEZ/5Q5HMJ4jwEM880jvP4=
-----END PRIVATE KEY-----
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-nginx-internal-tls-key
---
{{- end }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
Expand Down Expand Up @@ -290,6 +357,9 @@ spec:
ports:
- containerPort: 8883
protocol: TCP
{{- if .Values.nginx_internal.kindDeploy }}
hostPort: 8883
{{- end }}
- containerPort: 8080
protocol: TCP
volumeMounts:
Expand All @@ -302,8 +372,17 @@ spec:
- mountPath: /etc/nginx/authorization.js
name: nginx-authorization
subPath: authorization.js
{{- if .Values.nginx_internal.kindDeploy }}
- mountPath: /etc/ssl/certs/orb/tls.key
name: tls-key
subPath: tls.key
- mountPath: /etc/ssl/certs/orb/tls.crt
name: tls-crt
subPath: tls.crt
{{- else }}
- mountPath: /etc/ssl/certs/orb
name: orb-tls
{{- end }}
dnsPolicy: ClusterFirst
restartPolicy: Always
shareProcessNamespace: true
Expand All @@ -327,9 +406,22 @@ spec:
- name: nginx-crl-volume
persistentVolumeClaim:
claimName: {{ .Release.Name }}-nginx-internal-crl-volume
{{- if .Values.nginx_internal.kindDeploy }}
- name: tls-key
configMap:
defaultMode: 256
name: {{ .Release.Name }}-nginx-internal-tls-key
optional: false
- name: tls-crt
configMap:
defaultMode: 256
name: {{ .Release.Name }}-nginx-internal-tls-crt
optional: false
{{- else }}
- name: orb-tls
secret:
secretName: {{ .Values.ingress.secret }}
{{- end }}
---

apiVersion: v1
Expand Down
20 changes: 20 additions & 0 deletions kind/config.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
kubeadmConfigPatches:
- |
kind: InitConfiguration
nodeRegistration:
kubeletExtraArgs:
node-labels: "ingress-ready=true"
extraPortMappings:
- containerPort: 80
hostPort: 80
protocol: TCP
- containerPort: 443
hostPort: 443
protocol: TCP
- containerPort: 8883
hostPort: 8883
protocol: TCP
Loading

0 comments on commit 8bab851

Please sign in to comment.