Skip to content

Commit 5f2ad30

Browse files
committed
Update kcp readme
Signed-off-by: Nelo-T. Wallus <red.brush9525@fastmail.com> Signed-off-by: Nelo-T. Wallus <n.wallus@sap.com>
1 parent 7c5f8ee commit 5f2ad30

1 file changed

Lines changed: 76 additions & 21 deletions

File tree

contrib/kcp/README.md

Lines changed: 76 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -23,9 +23,23 @@ It will do the following:
2323

2424
# How to run
2525

26+
## Preparation
27+
2628
1. Start dex
29+
30+
```bash
31+
make run-dex
32+
```
33+
2734
2. Start kcp
28-
3. Bootstrap kcp:
35+
36+
```bash
37+
make run-kcp
38+
```
39+
40+
## Backend
41+
42+
2. Bootstrap kcp:
2943
```bash
3044
cp .kcp/admin.kubeconfig .kcp/backend.kubeconfig
3145
export KUBECONFIG=.kcp/backend.kubeconfig
@@ -49,18 +63,22 @@ k ws use :root:kube-bind
4963
--schema-source apiresourceschemas
5064
```
5165

66+
This process will keep running, so open a new terminal.
67+
68+
## Provider
5269

5370
5. Copy the kubeconfig to the provider and create provider workspace:
5471
```bash
5572
cp .kcp/admin.kubeconfig .kcp/provider.kubeconfig
5673
export KUBECONFIG=.kcp/provider.kubeconfig
5774
k ws use :root
58-
kubectl ws create provider --enter
75+
kubectl create-workspace provider --enter
5976
```
6077

6178
6. Bind the APIExport to the provider workspace
6279
```bash
63-
kubectl kcp bind apiexport root:kube-bind:kube-bind.io --accept-permission-claim clusterrolebindings.rbac.authorization.k8s.io \
80+
kubectl kcp bind apiexport root:kube-bind:kube-bind.io \
81+
--accept-permission-claim clusterrolebindings.rbac.authorization.k8s.io \
6482
--accept-permission-claim clusterroles.rbac.authorization.k8s.io \
6583
--accept-permission-claim customresourcedefinitions.apiextensions.k8s.io \
6684
--accept-permission-claim serviceaccounts.core \
@@ -74,10 +92,9 @@ kubectl kcp bind apiexport root:kube-bind:kube-bind.io --accept-permission-claim
7492

7593
7. Create CRD in provider:
7694
```bash
77-
kubectl create -f kcp/deploy/examples/apiexport.yaml
78-
kubectl create -f kcp/deploy/examples/apiresourceschema-cowboys.yaml
79-
kubectl create -f kcp/deploy/examples/apiresourceschema-sheriffs.yaml
80-
# recursive bind
95+
kubectl create -f contrib/kcp/deploy/examples/apiexport.yaml
96+
kubectl create -f contrib/kcp/deploy/examples/apiresourceschema-cowboys.yaml
97+
kubectl create -f contrib/kcp/deploy/examples/apiresourceschema-sheriffs.yaml
8198
kubectl kcp bind apiexport root:provider:cowboys-stable
8299
```
83100

@@ -86,9 +103,11 @@ kubectl kcp bind apiexport root:provider:cowboys-stable
86103
```bash
87104
kubectl get logicalcluster
88105
# NAME PHASE URL AGE
89-
# cluster Ready https://192.168.2.166:6443/clusters/2xh2v3gzjhn4tmve
106+
# cluster Ready https://192.168.2.166:6443/clusters/1d5vpxvdpy0opbj1
90107
```
91108

109+
## Consumer
110+
92111
9. Now we gonna initiate consumer:
93112
```bash
94113
cp .kcp/admin.kubeconfig .kcp/consumer.kubeconfig
@@ -100,19 +119,29 @@ kubectl ws create consumer --enter
100119
10. Bind the thing:
101120

102121
```bash
103-
./bin/kubectl-bind http://127.0.0.1:8080/clusters/2vgrh380y0cq38du/exports --dry-run -o yaml > apiserviceexport.yaml
122+
./bin/kubectl-bind http://127.0.0.1:8080/clusters/awsb9l59tt6xxwz3/exports --dry-run -o yaml > apiserviceexport.yaml
104123

105124
# Extract secret for binding process. Note that secret name is not the same as output from command above. Check secret
106125
# name by running `kubectl get secret -n kube-bind`
107-
kubectl get secret kubeconfig-wvvsb -n kube-bind -o jsonpath='{.data.kubeconfig}' | base64 -d > remote.kubeconfig
126+
kubectl get secrets -n kube-bind -o jsonpath='{.items[0].data.kubeconfig}' | base64 -d > remote.kubeconfig
108127

109-
./bin/kubectl-bind apiservice --remote-kubeconfig remote.kubeconfig -f apiserviceexport.yaml --skip-konnector --remote-namespace kube-bind-m5zx4
128+
namespace=$(yq '.contexts[0].context.namespace' remote.kubeconfig)
110129

111-
export KUBECONFIG=.kcp/consumer.kubeconfig
112-
go run ./cmd/konnector/ --lease-namespace default
130+
./bin/kubectl-bind apiservice -v 6 --remote-kubeconfig remote.kubeconfig -f apiserviceexport.yaml --skip-konnector --remote-namespace "$namespace"
131+
132+
```
133+
134+
This will keep running, so switch to a new terminal.
135+
136+
### Consumer Konnector
113137

138+
Start konnector:
114139

115-
11. (Optional) Add second consumer to test
140+
```bash
141+
./bin/konnector --lease-namespace default --kubeconfig .kcp/consumer.kubeconfig
142+
```
143+
144+
Optionally add second consumer to test
116145

117146
```bash
118147
cp .kcp/admin.kubeconfig .kcp/consumer2.kubeconfig
@@ -121,27 +150,53 @@ kubectl ws use :root
121150
kubectl ws create consumer2 --enter
122151

123152
./bin/kubectl-bind http://127.0.0.1:8080/clusters/2vgrh380y0cq38du/exports --dry-run -o yaml > apiserviceexport2.yaml
124-
kubectl get secret kubeconfig-wvvsb -n kube-bind -o jsonpath='{.data.kubeconfig}' | base64 -d > remote2.kubeconfig
125153

126-
./bin/kubectl-bind apiservice --remote-kubeconfig remote2.kubeconfig -f apiserviceexport.yaml --skip-konnector --remote-namespace kube-bind-m5zx4
154+
kubectl get secrets -n kube-bind -o jsonpath='{.items[0].data.kubeconfig}' | base64 -d > remote2.kubeconfig
127155

156+
./bin/kubectl-bind apiservice -v 6 --remote-kubeconfig remote2.kubeconfig -f apiserviceexport2.yaml --skip-konnector --remote-namespace "$(yq '.contexts[0].context.namespace' remote2.kubeconfig)"
128157

129-
export KUBECONFIG=.kcp/consumer2.kubeconfig
130-
go run ./cmd/konnector/ --lease-namespace default --server-address :8091
158+
./bin/konnector --lease-namespace default --kubeconfig .kcp/consumer2.kubeconfig --server-address :8091
131159
```
132160

161+
This will keep running, so switch to a new terminal.
162+
163+
## Testing
164+
133165
Create objects:
134166
```
135-
kubectl apply -f kcp/deploy/examples/cowboy.yaml
167+
export KUBECONFIG=.kcp/consumer.kubeconfig
168+
kubectl apply -f contrib/kcp/deploy/examples/cowboy.yaml
169+
kubectl apply -f contrib/kcp/deploy/examples/sheriff.yaml
136170
```
137171

138172

139173
## Debug
140174

141175
```bash
176+
142177
cp .kcp/admin.kubeconfig .kcp/debug.kubeconfig
143178
export KUBECONFIG=.kcp/debug.kubeconfig
144179
k ws use :root:kube-bind
145180

146-
k -s "$(kubectl get apiexportendpointslice kube-bind.io -o jsonpath="{.status.endpoints[0].url}")/clusters/*" api-resources
147-
k -s "$(kubectl get apiexportendpointslice kube-bind.io -o jsonpath="{.status.endpoints[0].url}")/clusters/*" get crd
181+
k -s "$(kubectl get apiexportendpointslice kube-bind.io -o jsonpath='{.status.endpoints[0].url}')/clusters/*" api-resources
182+
183+
k -s "$(kubectl get apiexportendpointslice kube-bind.io -o jsonpath='{.status.endpoints[0].url}')/clusters/*" get crd
184+
185+
namespace=$(yq '.contexts[0].context.namespace' remote.kubeconfig)
186+
187+
# some claimed objects
188+
189+
kubectl create cm provider -n "$namespace-default"
190+
kubectl label cm provider app=wildwest -n "$namespace-default"
191+
192+
kubectl create cm consumer -n default
193+
kubectl label cm consumer app=wildwest -n default
194+
195+
kubectl create secret generic provider-secret
196+
kubectl label secret provider-secret app=wildwest
197+
198+
kubectl create namespace bob
199+
kubectl create secret generic wildwest-secrets1 -n bob
200+
kubectl label secret wildwest-secrets1 app=wildwest -n bob
201+
202+
```

0 commit comments

Comments
 (0)