brandon/oam
1
0
Fork 0
mirror of https://gitea.com/mcereda/oam.git synced 2026-02-09 13:44:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(kb/awx): add findings about kustomized helm runs

Browse Source
This commit is contained in:
Michele Cereda
2024-04-10 18:22:11 +02:00
parent 7e0147ef5b
commit ab567792fa
3 changed files with 199 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

162
knowledge base/awx.md
View File

@@ -3,32 +3,10 @@
1. [Installation](#installation)
1. [Uninstallation](#uninstallation)
1. [Testing](#testing)
1. [Create a demo instance in minikube](#create-a-demo-instance-in-minikube)
1. [Create a demo instance](#create-a-demo-instance)
1. [Further readings](#further-readings)
1. [Sources](#sources)
<!-- Uncomment if needed
## TL;DR
-->
<!-- Uncomment if needed
<details>
<summary>Installation and configuration</summary>
</details>
-->
<!-- Uncomment if needed
<details>
<summary>Usage</summary>
</details>
-->
<!-- Uncomment if needed
<details>
<summary>Real world use cases</summary>
</details>
-->
## Installation
Starting from version 18.0, the [AWX Operator][operator's documentation] is the preferred way to install AWX.<br/>
@@ -202,7 +180,7 @@ kubectl delete ns 'awx'
## Testing
### Create a demo instance in [minikube]
### Create a demo instance
<details>
<summary>Run: follow the basic installation guide</summary>
@@ -210,7 +188,7 @@ kubectl delete ns 'awx'
[Guide][basic install]
<details>
<summary>1. ARM, Mac OS X, Kustomize: failed: ARM images for AWX not available</summary>
<summary>1. ARM, Mac OS X, Minikube, Kustomize: failed: ARM images for AWX not available</summary>
```sh
$ minikube start --cpus=4 --memory=6g --addons=ingress
@@ -246,7 +224,7 @@ namespace/awx created
deployment.apps/awx-operator-controller-manager created
$ kubectl -n 'awx' get pods
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-8b7dfcb58-k7jt8 2/2 Running 0 3m
awx-operator-controller-manager-8b7dfcb58-k7jt8 2/2 Running 0 3m42s
$ cat <<EOF > 'awx-demo.yaml'
---
@@ -273,10 +251,11 @@ $ # (ノಠ益ಠ)ノ彡┻━┻
</details>
<details>
<summary>2. AMD64, OpenSUSE Leap, Kustomize</summary>
<summary>2. AMD64, OpenSUSE Leap 15.5, Minikube, Kustomize</summary>
```sh
$ minikube start --cpus=4 --memory=6g --addons=ingress
😄 minikube v1.29.0 on Opensuse-Leap 15.5
🌟 Enabled addons: storage-provisioner, default-storageclass, ingress
🏄 Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
@@ -304,8 +283,8 @@ namespace/awx created
deployment.apps/awx-operator-controller-manager created
$ minikube kubectl -- -n 'awx' get pods
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-8b7dfcb58-k7jt8 2/2 Running 0 10m
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-75b667b745-hjfc7 2/2 Running 0 3m43s
$ cat <<EOF > 'awx-demo.yaml'
---
@@ -318,6 +297,17 @@ spec:
EOF
$ yq -iy '.resources+=["awx-demo.yaml"]' 'kustomization.yaml'
$ minikube kubectl -- apply -k '.'
serviceaccount/awx-operator-controller-manager unchanged
deployment.apps/awx-operator-controller-manager unchanged
awx.awx.ansible.com/awx-demo created
$ minikube kubectl -- -n 'awx' get podsminikube kubectl -- -n 'awx' get pods
NAME READY STATUS RESTARTS AGE
awx-demo-migration-24.1.0-kqxcj 0/1 Completed 0 9s
awx-demo-postgres-15-0 1/1 Running 0 61s
awx-demo-task-7fcbb46c5d-ckf9d 4/4 Running 0 48s
awx-demo-web-58668794c8-rfd7d 3/3 Running 0 49s
awx-operator-controller-manager-75b667b745-hjfc7 2/2 Running 0 93s
$ # Default user is 'admin'.
$ minikube kubectl -- -n 'awx' get secret 'awx-demo-admin-password' -o jsonpath="{.data.password}" | base64 --decode
@@ -327,7 +317,7 @@ $ xdg-open $(minikube service -n 'awx' 'awx-demo-service' --url)
$ minikube kubectl -- delete -k '.'
```
</details>
</details><br/>
</details>
<details>
@@ -336,10 +326,11 @@ $ minikube kubectl -- delete -k '.'
[Guide][helm install on existing cluster]
<details>
<summary>1. AMD64, OpenSUSE Leap, Helm</summary>
<summary>1. AMD64, OpenSUSE Leap 15.5, Minikube, Helm</summary>
```sh
$ minikube start --cpus=4 --memory=6g --addons=ingress
😄 minikube v1.29.0 on Opensuse-Leap 15.5
🌟 Enabled addons: storage-provisioner, default-storageclass, ingress
🏄 Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
@@ -365,7 +356,7 @@ REVISION: 1
TEST SUITE: None
NOTES:
AWX Operator installed with Helm Chart version 2.14.0
$ kubectl -n 'awx' get pods
$ minikube kubectl -- -n 'awx' get pods
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-8b7dfcb58-k7jt8 2/2 Running 0 3m
@@ -381,26 +372,115 @@ TEST SUITE: None
NOTES:
AWX Operator installed with Helm Chart version 2.14.0
$ minikube kubectl -- -n 'awx' get pods
NAME READY STATUS RESTARTS AGE
awx-demo-migration-24.1.0-qhbq2 0/1 Completed 0 12m
awx-demo-postgres-15-0 1/1 Running 0 13m
awx-demo-task-87756dfbc-chx9t 4/4 Running 0 12m
awx-demo-web-69d6d5d6c-wdxlv 3/3 Running 0 12m
awx-operator-controller-manager-75b667b745-g9g9c 2/2 Running 0 17m
NAME READY STATUS RESTARTS AGE
awx-demo-migration-24.1.0-qhbq2 0/1 Completed 0 12m
awx-demo-postgres-15-0 1/1 Running 0 13m
awx-demo-task-87756dfbc-chx9t 4/4 Running 0 12m
awx-demo-web-69d6d5d6c-wdxlv 3/3 Running 0 12m
awx-operator-controller-manager-8b7dfcb58-k7jt8 2/2 Running 0 17m
$ # Default user is 'admin'.
$ minikube kubectl -- -n 'awx' get secret 'awx-demo-admin-password' -o jsonpath="{.data.password}" | base64 --decode
PoU9pFR2J5oFqymgX9I3I8swFgfZVkam
$ xdg-open $(minikube service -n 'awx' 'awx-demo-service' --url)
$ helm -n 'awx' uninstall 'my-awx-operator'
$ minikube kubectl -- delete ns 'awx'
```
</details>
</details><br/>
</details>
<details>
<summary>Run: kustomized helm chart</summary>
TODO
<details>
<summary>1. AMD64, OpenSUSE Leap 15.5, Minikube</summary>
<div class="warning" style="
background-color: rgba(255,255,0,0.0625);
border: solid yellow; /* #FFFF00 */
margin: 1em 0;
padding: 1em 1em 0;
">
<header style="font-weight: bold; margin-bottom: 0.5em">⚠ Warning ⚠️</header>
Mind including the CRDs from the helm chart.
</div>
```sh
$ minikube start --cpus=4 --memory=6g --addons=ingress
😄 minikube v1.29.0 on Opensuse-Leap 15.5
🌟 Enabled addons: storage-provisioner, default-storageclass, ingress
🏄 Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
$ mkdir -p '/tmp/awx'
$ cd '/tmp/awx'
$ cat <<EOF > 'namespace.yaml'
---
apiVersion: v1
kind: Namespace
metadata:
name: awx
EOF
$ cat <<EOF > 'kustomization.yaml'
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: awx
resources:
- namespace.yaml
helmCharts:
- name: awx-operator
repo: https://ansible.github.io/awx-operator/
version: 2.14.0
releaseName: awx-operator
includeCRDs: true
EOF
$ minikube kubectl -- apply -f <(minikube kubectl -- kustomize --enable-helm)
namespace/awx created
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com created
deployment.apps/awx-operator-controller-manager created
$ minikube kubectl -- -n 'awx' get pods
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-787d4945fb-fdffx 2/2 Running 0 3m36s
$ cat <<EOF > 'awx-demo.yaml'
---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx-demo
spec:
service_type: nodeport
EOF
$ yq -iy '.resources+=["awx-demo.yaml"]' 'kustomization.yaml'
$ minikube kubectl -- apply -f <(minikube kubectl -- kustomize --enable-helm)
namespace/awx unchanged
deployment.apps/awx-operator-controller-manager unchanged
awx.awx.ansible.com/awx-demo created
$ minikube kubectl -- -n 'awx' get pods
NAME READY STATUS RESTARTS AGE
awx-demo-migration-24.1.0-zwv8w 0/1 Completed 0 115s
awx-demo-postgres-15-0 1/1 Running 0 10m
awx-demo-task-9c4655cb9-cmz87 4/4 Running 0 8m3s
awx-demo-web-77f65cc65f-qhqrm 3/3 Running 0 8m4s
awx-operator-controller-manager-787d4945fb-fdffx 2/2 Running 0 14m
$ # Default user is 'admin'.
$ minikube kubectl -- -n 'awx' get secret 'awx-demo-admin-password' -o jsonpath="{.data.password}" | base64 --decode
DgHIaA9onZj106osEmvECigzsBqutHqI
$ xdg-open $(minikube service -n 'awx' 'awx-demo-service' --url)
$ minikube kubectl -- delete -f <(minikube kubectl -- kustomize --enable-helm)
```
</details>
</details>
## Further readings

41
knowledge base/kubernetes/kubectl.md
View File

@@ -6,7 +6,7 @@ Resource types are case **in**sensitive and can be specified in their _singular_
```sh
# The two commands below are equivalent.
kubectl get deployment,replicasets,pods -A
kubectl get deployment,replicaSets,pods -A
kubectl get deploy,rs,po -A
```
@@ -16,7 +16,7 @@ Multiple resource types can be specified together, but **only one resource name*
Resource names are case **sensitive** and will filter the requested resources; use the `-l` (`--selector`) option to play around filtering:
```sh
kubectl get deployments,replicasets -A
kubectl get deployments,replicaSets -A
kubectl get pod 'etcd-minikube' -n 'kube-system'
kubectl get pods -l 'app=nginx,tier=frontend'
```
@@ -37,7 +37,13 @@ One possible output format is [JSONpath].
## TL;DR
<details>
<summary>Installation and configuration</summary>
```sh
# Installation.
brew install 'kubernetes-cli'
# Enable shell completion.
source <(kubectl completion 'bash')
echo "[[ $commands[kubectl] ]] && source <(kubectl completion 'zsh')" >> "${HOME}/.zshrc"
@@ -45,7 +51,14 @@ echo "[[ $commands[kubectl] ]] && source <(kubectl completion 'zsh')" >> "${HOME
# Use multiple configuration files at once.
# This will *merge* all files in one big temporary configuration file.
KUBECONFIG="path/to/config1:…:path/to/configN"
```
</details>
<details>
<summary>Usage</summary>
```sh
# Show the final, merged configuration.
kubectl config view
@@ -101,7 +114,7 @@ kubectl get po --sort-by='.status.containerStatuses[0].restartCount'
kubectl get events --sort-by '.metadata.creationTimestamp'
kubectl get pods --field-selector='status.phase=Running'
kubectl get node -l='!node-role.kubernetes.io/master'
kubectl get replicasets -l 'environment in (prod, qa)'
kubectl get replicaSets -l 'environment in (prod, qa)'
kubectl get deploy --selector 'tier,tier notin (frontend)'
# Extract information from Resources' definition.
@@ -160,7 +173,7 @@ kubectl describe node 'pi'
kubectl describe deploy,rs,po -l 'app=redis'
# Validate manifests.
kubectl apply -f 'manifest' --dry-run 'client' --validate 'strict'
kubectl apply -f 'manifest.yaml' --dry-run='client' --validate='strict'
# Create or update resources from manifests.
# Missing resources will be created. Existing resources will be updated.
@@ -172,7 +185,7 @@ cat <<-EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
name: mysecret
name: mySecret
type: Opaque
data:
password: $(echo -n "s33msi4" | base64 -w0)
@@ -288,7 +301,7 @@ KUBE_EDITOR="nano" kubectl edit 'svc/docker-registry'
# Scale the ReplicaSet named 'foo' to 3 replicas.
kubectl scale --replicas='3' 'rs/foo'
kubectl scale --replicas='3' replicaset 'foo'
kubectl scale --replicas='3' replicaSet 'foo'
# Scale resources specified in "foo.yaml" to 3 replicas.
kubectl scale --replicas=3 -f 'foo.yaml'
@@ -325,9 +338,9 @@ kubectl get pods --no-headers \
| xargs -n1 kubectl delete pods
# Delete non-default Service Accounts.
kubectl get serviceaccounts \
kubectl get serviceAccounts \
-o jsonpath="{.items[?(@.metadata.name!='default')].metadata.name}" \
| xargs -n1 kubectl delete serviceaccounts
| xargs -n1 kubectl delete serviceAccounts
# Attach to running Containers.
kubectl attach 'my-pod' -i
@@ -392,6 +405,16 @@ kubectl top node 'my-node'
# Listen on port 5000 on the local machine and forward connections to port 6000
# of 'my-pod'
kubectl port-forward 'my-pod' '5000:6000'
```
</details>
<details>
<summary>Real world use cases</summary>
```sh
# Delete leftovers CRDs from helm charts by release name.
kubectl delete crds -l "helm.sh/chart=awx-operator"
# Show Containers' status, properties and capabilities from the inside.
# Run the command from *inside* the container.
@@ -402,6 +425,8 @@ cat '/proc/1/status'
grep 'Cap' '/proc/1/status'
```
</details>
## Configuration
The configuration files are loaded as follows:

63
knowledge base/kubernetes/kustomize.md
View File

@@ -1,44 +1,71 @@
# Kustomize
FIXME
## Table of contents <!-- omit in toc -->
1. [TL;DR](#tldr)
1. [Further readings](#further-readings)
1. [Sources](#sources)
1. [Sources](#sources)
## TL;DR
```sh
# validation
kustomize build ${PROJECT} | kubectl apply --filename - --validate --dry-run=client
kubeval <(kustomize build ${PROJECT})
<details>
<summary>Installation</summary>
# deployment
kustomize build ${PROJECT} | kubectl apply --filename -
[`kubectl`][kubectl] comes [with an embedded version of Kustomize](https://github.com/kubernetes-sigs/kustomize/blob/master/README.md#kubectl-integration).
```sh
brew install 'kustomize'
zypper install 'kustomize'
```
</details>
<details>
<summary>Usage</summary>
```sh
# Build.
kustomize build
kustomize build 'path/to/folder' --enable_managedby_label
kustomize build 'github.com/kubernetes-sigs/kustomize/examples/multibases/dev/?ref=v1.0.6'
kubectl kustomize
kubectl kustomize 'path/to/helm/enabled/folder' --enable-helm
# Validate.
kustomize build | kubectl apply --filename - --validate --dry-run=client
kubeval <(kustomize build)
# Deploy.
kustomize build | kubectl apply --filename -
kubectl apply -f <(kubectl kustomize --enable-helm)
```
</details>
## Further readings
- [Website]
- [Github]
- [Reference]
- [`kubectl`][kubectl]
## Sources
### Sources
All the references in the [further readings] section, plus the following:
- [Kustomization of a helm chart]
- [Examples]
<!--
References
-->
<!-- In-article sections -->
<!-- Knowledge base -->
[kubectl]: kubectl.md
<!-- Files -->
<!-- Upstream -->
[examples]: https://github.com/kubernetes-sigs/kustomize/blob/master/examples/README.md
[github]: https://github.com/kubernetes-sigs/kustomize
[kustomization of a helm chart]: https://github.com/kubernetes-sigs/kustomize/blob/master/examples/chart.md
[reference]: https://kubectl.docs.kubernetes.io/references/kustomize/
[website]: https://kustomize.io/
<!-- In-article sections -->
[further readings]: #further-readings
<!-- Knowledge base -->
<!-- Files -->
<!-- Others -->