From 78b789ceacb4201b1c1efdf1d3c19de5b14aee10 Mon Sep 17 00:00:00 2001 From: George Verghese <16950956+geverghe@users.noreply.github.com> Date: Fri, 21 Feb 2020 12:47:30 +0530 Subject: [PATCH] Update README.md --- README.md | 49 ++++++++++++++++++++++++++++--------------------- 1 file changed, 28 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index d4a6a26..9ead483 100644 --- a/README.md +++ b/README.md @@ -15,33 +15,40 @@ This helm chart installs different resources required for configuring the load b In this helm chart installs the ingress resource to configure the rules that route traffic to internal webserver already installed as part of previous helm chart. Assuming user has already created a tls-secret with the existing certificate and key. ##### Approach 2 - Use Let's Encrypt to create a valid certificate and Key In this helm chart installs the ClusterIsuer and Certificate along with ingress resource. + +In order to set up your Kubernetes cluster as the build infrastructure, you need to +1. Configure the pool provider on Kuberentes cluster +2. Add the Agent pool configured as Kubernetes poolprovider -## Steps to configure the poolprovider on Kubernetes cluster +## 1. Configure the poolprovider on Kubernetes cluster -1. Install k8s-poolprovidercrd helm chart - helm install k8s-poolprovidercrd --name-template k8spoolprovidercrd --set "azurepipelines.VSTS_SECRET=$sharedsecretval" --set "app.namespace=$namespaceval" - sharedsecretval - Value must be of atleast 16 characters +1. Install k8s-poolprovidercrd helm chart + `helm install k8s-poolprovidercrd --name-template k8spoolprovidercrd --set "azurepipelines.VSTS_SECRET=$sharedsecretval" --set "app.namespace=$namespaceval"` + sharedsecretval - Value must be of atleast 16 characters namespaceval - Namespace where all the poolprovider resources will be deployed -2. Apply poolprovider custom resource yaml - kubectl apply azurepipelinespool_cr.yaml -3. Run helm install stable/nginx-ingress - helm install stable/nginx-ingress --generate-name --namespace $namespaceval -4. Execute commands to link the ingress service public ip with valid DNS name - For azure following set of commands are used - +2. Apply poolprovider custom resource yaml + `kubectl apply azurepipelinespool_cr.yaml` +3. Run helm install stable/nginx-ingress + `helm install stable/nginx-ingress --generate-name --namespace $namespaceval` +4. Execute commands to link the ingress service public ip with valid DNS name + For azure following set of commands are used - + ``` kubectl get service -l app=nginx-ingress --namespace=$namespaceval -o=jsonpath='{.items[0].status.loadBalancer.ingress[0].ip}' - publicpid=$(az network public-ip list --query "[?ipAddress!=null]|[?contains(ipAddress, '$ingressip')].[id]" --output tsv) - az network public-ip update --ids $publicpid --dns-name $dnsname -5. Run helm install cert-manager if you want to use Let's Encrypt else execute - kubectl create secret tls tls-secret --key $keypath --cert $certpath -n $namespace - keypath - Specify path for key - certpath - Specify path for certificate -6. Install k8s-certmanager helm chart - helm install k8s-certmanager --name-template k8spoolprovidercert --set "configvalues.dnsname=$fqdn" --set "letsencryptcert.val=false" --set "app.namespace=$namespaceval" + publicpid=$(az network public-ip list --query "[?ipAddress!=null]|[?contains(ipAddress, '$ingressip')].[id]" --output tsv) + + az network public-ip update --ids $publicpid --dns-name $dnsname + ``` +5. Run helm install cert-manager if you want to use Let's Encrypt else execute + `kubectl create secret tls tls-secret --key $keypath --cert $certpath -n $namespace` + keypath - Specify path for key + certpath - Specify path for certificate +6. Install k8s-certmanager helm chart + `helm install k8s-certmanager --name-template k8spoolprovidercert --set "configvalues.dnsname=$fqdn" --set "letsencryptcert.val=false" --set "app.namespace=$namespaceval"` fqdn - Fully qualified domain name for which the key and certificate are generated - + >namespaceval - does the specification remain the same as the previous step? ### User can configure Azure Kubernetes Cluster using existing setup script - -Note - If using AKS cluster user needs to have az login and get access credentials for a managed Kubernetes cluster using az get-credentials command +Note - If using an existing AKS cluster, user needs to have az login and get access credentials for a managed Kubernetes cluster using `az aks get-credentials` command. Refer [here](https://docs.microsoft.com/cli/azure/aks?view=azure-cli-latest#az-aks-get-credentials) for the command documentation. Before running the script user need to have az login. ##### Approach 1 - User provides the existing certificates and Key @@ -61,7 +68,7 @@ Before running the script user need to have az login. Note : As part of setup script we bind the public ip of ingress with the DNS name provided by user. Currently to perform this operation script is using az commands if you want to configure cluster other than AKS please change those commands. -## Steps to add Agent pool configured as Kubernetes poolprovider +## 2. Add Agent pool configured as Kubernetes poolprovider 1. Run the powershell script poolprovidersetup.ps1