The following guide details how to deploy Stratos in Kubernetes.
You will need a suitable Kubernetes environment and a machine from which to run the deployment commands.
You will need to have the kubectl CLI installed and available on your path. It should be appropriately configured to be able to communicate with your Kubernetes environment.
We use Helm for deploying to Kubernetes.
You will need the latest Helm client installed on the machine from which you are deploying and you will need to install the Helm Server (Tiller) into you Kubernetes environment.
- Download the Helm client for your system from https://github.com/kubernetes/helm/releases. For convenience the guide assumes that the helm client has been added to your PATH.
- To install the Helm server (Tiller) in your Kubernetes environment by running the following command:
helm init
If you already Helm installed, please make sure it is the latest version. To update your Helm server (Tiller) in your Kubernetes environment after you download the latest Helm release, run the following command:
helm init --upgrade
Stratos uses persistent volumes. In order to deploy it in your Kubernetes environment, you must have a storage class available.
Without configuration, the Stratos Helm Chart will use the default storage class. If a default storage class is not available, installation will fail.
To check if a default storage class exists, you can list your configured storage classes with kubectl get storageclass. If no storage class has (default) after it, then you need to either specify a storage class override or declare a default storage class for your Kubernetes cluster.
For non-production environments, you may want to use the hostpath storage class. See the SCF instructions for details on setting this up. Note that you will need to make this storage class the default storage class, e.g.
kubectl patch storageclass <your-class-name> -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
Where <your-class-name> would be hostpath if you follow the SCF instructions.
You can deploy Stratos from one of three different sources:
- Using our Helm repository
- Using an archive file containing a given release of our Helm chart
- Using the latest Helm chart directly from out GitHub repository
Add the Helm repository to your helm installation
helm repo add stratos https://cloudfoundry-incubator.github.io/stratos
Check the repository was successfully added by searching for the console
helm search console
NAME VERSION DESCRIPTION
stratos/console 0.9.0 A Helm chart for deploying Console
To install Stratos.
helm install stratos/console --namespace=console --name my-console
Note: The previous assumes that a storage class exists in the kubernetes cluster that has been marked as
default. If no such storage class exists, a specific storage class needs to be specified, please see the following section Specifying a custom Storage Class.
You can change the namespace (--namespace) and the release name (--name) to values of your choice.
This will create a Console instance named my-console in a namespace called console in your Kubernetes cluster.
After the install, you should be able to access the Console in a web browser by following the instructions below.
Helm chart archives are available for Stratos releases from our GitHub repository, under releases - see https://github.com/cloudfoundry-incubator/stratos/releases.
Download the appropriate release console-helm-chart.X.Y.Z.tgz from the GitHub repository and unpack the archive to a local folder. The Helm Chart will be extracted to a sub-folder named console.
Deploy Stratos with:
helm install console --namespace=console --name my-console
Note: Deploying using the GitHub repository uses the latest Stratos images that are built nightly (tagged
latest). While these contain the very latest updates, they may contain bugs or instabilities.
Clone the Stratos GitHub repository:
git clone https://github.com/cloudfoundry-incubator/stratos.git
Open a terminal and cd to the deploy/kubernetes directory:
$ cd deploy/kubernetes
Run helm install:
$ helm install console --namespace console --name my-console
You can change the namespace (--namespace) and the release name (--name) to values of your choice.
This will create a Console instance named my-console in a namespace called console in your Kubernetes cluster.
You should now be able to access the Console in a web browser by following the instructions below.
To check the status of the instance use the following command:
helm status my-console
Note: Replace
my-consolewith the value you used for thenameparameter, or if you did not provide one, use thehelm listcommand to find the release name that was automatically generated for you.
Once the instance is in DEPLOYED state, find the IP address and port that the console is running on:
$ helm status my-console | grep ui-ext
console-ui-ext 10.0.0.162 192.168.77.1 80:30933/TCP,443:30941/TCP 1m
In this example, the IP address is 192.168.77.1 and the node-port is 30941, so the console is accessible on:
https://192.168.77.1:30941
The values will be different for your environment.
You can now access the UI.
You may see a certificate warning which you can safely ignore.
To login use the following credentials detailed here.
Note: For some environments like Minikube, you are not given an IP Address - it may show as
<nodes>. In this case, runkubectl cluster-infoand use the IP address of your node shown in the output of this command.
If your Kubernetes deployment supports automatic configuration of a load balancer (e.g. Google Container Engine), specify the parameters useLb=true when installing.
helm install stratos/console --namespace=console --name my-console --set useLb=true
If the kubernetes cluster supports external IPs for services (see Service External IPs), then the following arguments can be provided. In this following example the dashboard will be available at https://192.168.100.100:5000.
helm install stratos/console --namespace=console --name my-console --set console.externalIP=192.168.100.100 console.port=5000
To upgrade your instance when using the Helm repository, fetch any updates to the repository:
$ helm repo update
To update an instance, the following assumes your instance is called my-console, and overrides have been specified in a file called overrides.yaml.
$ helm upgrade -f overrides.yaml my-console stratos/console --recreate-pods
After the upgrade, perform a helm list to ensure your console is the latest version.
When deploying with SCF, the scf-config-values.yaml (see SCF Wiki link) can be supplied when installing Stratos.
$ helm install stratos/console -f scf-config-values.yaml
Alternatively, you can supply the following configuration. Edit according to your environment and save to a file called uaa-config.yaml.
uaa:
protocol: https://
port: 2793
host: uaa.cf-dev.io
consoleClient: cf
consoleClientSecret:
consoleAdminIdentifier: cloud_controller.admin
skipSSLValidation: false
To install Stratos with the above specified configuration:
$ helm install stratos/console -f uaa-config.yaml
If no default storage class has been defined in the Kubernetes cluster. The Stratos helm chart will fail to deploy successfully. To check if a default storage class exists, you can list your configured storage classes with kubectl. If no storage class has (default) after it, then you need to either specify a storage class override or declare a default storage class for your Kubernetes cluster.
$ kubectl get storageclass
NAME TYPE
ssd kubernetes.io/host-path
persistent kubernetes.io/host-path
For instance to use the storage class persistent to deploy Console persistent volume claims, store the following to a file called override.yaml.
---
storageClass: persistent
If you want MariaDB to use a specific storage class (which can be different to that used for the other components), then specify the following:
---
storageClass: persistent
mariadb:
persistence:
storageClass: persistent
Run Helm with the override:
helm install -f override.yaml stratos/console
Alternatively, you can configure a storage class with storageclass.kubernetes.io/is-default-class set to true. For instance the following storage class will be declared as the default. If you don't have the hostpath provisioner available in your local cluster, please follow the instructions on [link] (https://github.com/kubernetes-incubator/external-storage/tree/master/docs/demo/hostpath-provisioner), to deploy one.
If the hostpath provisioner is available, save the file to storageclass.yaml
---
kind: StorageClass
apiVersion: storage.k8s.io/v1beta1
metadata:
name: default
annotations:
storageclass.kubernetes.io/is-default-class: "true"
provisioner: kubernetes.io/host-path # Or whatever the local hostpath provisioner is called
To create it in your kubernetes cluster, execute the following.
kubectl create -f storageclass.yaml
See [Storage Class documentation] ( https://kubernetes.io/docs/tasks/administer-cluster/change-default-storage-class/) for more insformation.
By default the console will generate self-signed certificates for demo purposes. To configure Stratos UI to use your provided TLS certificates set the consoleCert and consoleCertKey overrides.
consoleCert: |
-----BEGIN CERTIFICATE-----
MIIDXTCCAkWgAwIBAgIJAJooOiQWl1v1MA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
...
-----END CERTIFICATE-----
consoleCertKey: |
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDV9+ySh0xZzM41
....
-----END PRIVATE KEY-----
Assuming the above is stored in a file called override-ssl.yaml, install the chart with the override specified.
helm install -f override-ssl.yaml stratos/console --namespace console
If you are deploying the helm chart against images that are hosted in a secure image repository provide the following parameters ( store the following to a file called docker-registry-secrets.yaml).
kube:
registry:
hostname: mysecure-dockerregistry.io
username: john.appleseed
password: sup3rs3cur3
# `email` is an optional field
email: [email protected]
Deploy the chart with the provided parameters:
helm install -f docker-registry-secrets.yaml stratos/console