-
Notifications
You must be signed in to change notification settings - Fork 378
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Mangirdas Judeikis <[email protected]>
- Loading branch information
Showing
19 changed files
with
1,103 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
ARG SHELL="" | ||
|
||
FROM alpine | ||
|
||
RUN apk --no-cache add ca-certificates \ | ||
&& update-ca-certificates ca-certificates-bundle | ||
|
||
RUN apk --no-cache add curl | ||
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl | ||
RUN chmod +x ./kubectl | ||
RUN mv ./kubectl /usr/local/bin | ||
|
||
WORKDIR / | ||
COPY bin/cache-server . | ||
|
||
ENTRYPOINT ["./cache-server"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
ARG SHELL="" | ||
|
||
FROM alpine | ||
|
||
RUN apk --no-cache add ca-certificates \ | ||
&& update-ca-certificates ca-certificates-bundle | ||
RUN apk --no-cache add curl | ||
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl | ||
RUN chmod +x ./kubectl | ||
RUN mv ./kubectl /usr/local/bin | ||
|
||
RUN apk --no-cache add curl | ||
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl | ||
RUN chmod +x ./kubectl | ||
RUN mv ./kubectl /usr/local/bin | ||
|
||
WORKDIR / | ||
COPY bin/kcp . | ||
|
||
ENTRYPOINT ["./kcp"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
ARG SHELL="" | ||
|
||
FROM alpine | ||
|
||
RUN apk --no-cache add ca-certificates \ | ||
&& update-ca-certificates ca-certificates-bundle | ||
|
||
RUN apk --no-cache add curl | ||
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl | ||
RUN chmod +x ./kubectl | ||
RUN mv ./kubectl /usr/local/bin | ||
|
||
WORKDIR / | ||
COPY bin/kcp-front-proxy . | ||
|
||
ENTRYPOINT ["./kcp-front-proxy"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
# TILT | ||
|
||
Tilt setup for KCP development. | ||
The benefit of using Tilt here is that it can be used to build and deploy the KCP | ||
automatically when code changes are detected. It also provides tools like | ||
Prometheus, Grafana, Loki and port forwarding into local machines for debugging. | ||
It uses a helm chart as a base and injects locally built images into kind cluster | ||
|
||
## Prerequisites | ||
|
||
- [Docker](https://docs.docker.com/get-docker/) | ||
- [Tilt](https://docs.tilt.dev/install.html) | ||
- [Kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation) | ||
- [Helm](https://helm.sh/docs/intro/install/) | ||
- [kubectl oidc-login](https://github.com/int128/kubelogin) | ||
|
||
## Usage | ||
|
||
To start tilt run: | ||
|
||
```bash | ||
./contrib/tilt/kind.sh | ||
``` | ||
or | ||
```bash | ||
make tilt-kind-up | ||
``` | ||
|
||
# Output example: | ||
.... | ||
Install KCP | ||
Tooling: | ||
Grafana: http://localhost:3333/ | ||
Prometheus: http://localhost:9091 | ||
KCP API Server: https://localhost:9443 | ||
KCP FrontProxy Server: https://localhost:9444 | ||
Tilt started on http://localhost:10350/ | ||
v0.33.6, built 2023-09-29 | ||
|
||
(space) to open the browser | ||
(s) to stream logs (--stream=true) | ||
(t) to open legacy terminal mode (--legacy=true) | ||
(ctrl-c) to exit | ||
``` | ||
Once the tilt starts, press `space` and track the progress. The first boot might take | ||
a while as it needs to build all the images, run Prometheus, Grafana, loki, etc. | ||
# Login using IDP: | ||
```bash | ||
./contrib/tilt/generate-admin-kubeconfig.sh | ||
export KUBECONFIG=kcp.kubeconfig | ||
# create ws using kcp-admin | ||
kubectl ws create test | ||
# login using oidc | ||
# user: [email protected] | ||
# password: password | ||
kubectl ws use ~ --user oidc | ||
kubectl ws create test --user oidc | ||
``` | ||
|
||
Check token manually if failed: | ||
```bash | ||
kubectl oidc-login get-token \ | ||
--oidc-issuer-url=https://idp.dev.local:6443 \ | ||
--oidc-client-id=kcp-dev \ | ||
--oidc-client-secret=Z2Fyc2lha2FsYmlzdmFuZGVuekWplCg== \ | ||
--insecure-skip-tls-verify=true \ | ||
--oidc-extra-scope=email | ||
``` | ||
|
||
If you get `Unauthorized` error, check if you have cache contamination from previous runs: | ||
```bash | ||
rm -rf ~/.kube/cache/oidc-login | ||
``` |
Oops, something went wrong.