You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/content/setup/local-setup-with-kind.md
+17-13Lines changed: 17 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,10 +3,10 @@
3
3
This guide will walk you through setting up kube-bind between two Kubernetes clusters, where
4
4
5
5
***Backend cluster**:
6
-
* Deploys dex, cert-manager and kube-bind/backend
7
-
* Provides kube-bind compatible backend for MangoDB resources
6
+
* Deploys dex, cert-manager and kube-bind/backend
7
+
* Provides kube-bind compatible backend for MangoDB resources
8
8
***App cluster**:
9
-
* Provides an application consuming MangoDBs
9
+
* Provides an application consuming MangoDBs
10
10
11
11
## Pre-requisites
12
12
@@ -35,7 +35,7 @@ The provider cluster we'll prepare in this section will provide a kube-bind comp
35
35
36
36
> What is MangoDB? It is just an example CRD to demonstrate kube-bind's capabilities and testing, without any workloads. See its definition in [/test/e2e/bind/fixtures/provider/crd-mangodb.yaml](/test/e2e/bind/fixtures/provider/crd-mangodb.yaml).
37
37
38
-
### Step one: create the Backend cluster
38
+
### Step 1: Create the Backend Cluster
39
39
40
40
First, stash the host's external IP in a variable as we're going to use it often:
41
41
@@ -68,7 +68,7 @@ EOF_BackendClusterDefinition
68
68
69
69
> Note: the port mappings will become clear later on, but in general this setup is solely specific to how Kind exposes ports of its nodes on the host. Specifically, we're exposing ports from containers through NodePort services on Kind's nodes, and to make these ports available on the host we need to map them to host's ports through `extraPortMappings`.
70
70
71
-
### Step two: deploy an identity provider
71
+
### Step 2: Deploy an Identity Provider
72
72
73
73
kube-bind relies on OAuth2 forsecurely authenticating consumer and producer clusters. There are many ways to handle thatin Kubernetes, for example with [dex IDP](https://github.com/dexidp/dex). It depends on cert-manager, which we'll deploy first:
74
74
@@ -132,7 +132,7 @@ helm install \
132
132
-f -
133
133
```
134
134
135
-
### Step three: deploy the MangoDB kube-bind backend
135
+
### Step 3: Deploy the MangoDB kube-bind Backend
136
136
137
137
Now we'll deploy a kube-bind--compatible backend for MangoDB. Let's start with kube-bind CRDs:
The App cluster will consume MangoDB CRs provided by the Backend.
205
206
206
-
### Step one: create the App cluster
207
+
### Step 1: Create the App Cluster
207
208
208
209
Again, let's start by stashing the host's external IP in a variable as we're going to use it often (possibly the same one as for the Backend cluster):
209
210
@@ -223,7 +224,7 @@ networking:
223
224
EOF_AppClusterDefinition
224
225
```
225
226
226
-
### Binding MangoDB backend
227
+
### Step 2: Bind the MangoDB Backend
227
228
228
229
Now we'll bring in MangoDB CRDs from the Backend cluster (you can run `kubectl get crds` to see there are none yet):
229
230
@@ -241,11 +242,13 @@ To authenticate, visit in your browser:
241
242
```
242
243
243
244
The client is now waiting foryou to visit the address similar to the one displayedin the output above. After completing the steps to create an OAuth2 token, it is then used by the kube-bind backend to pass the ServiceAccount's kubeconfig (in the Backend cluster) to the App cluster securely:
245
+
244
246
1. on the "Log in to dex" landing page, select "Log in with Example",
245
247
2. on the "Grant Access" page, click the "Grant Access" button,
246
248
3. lastly, click "Bind" when the page displays the mangodb resource.
247
249
248
250
Go back to the terminal where `kubectl bind` command was run, and you should see the following output:
251
+
249
252
```
250
253
🔑 Successfully authenticated to http://${BACKEND_HOST_IP}:8080/export
251
254
🔒 Created secret kube-bind/kubeconfig-x9bd5 for host https://${BACKEND_HOST_IP}:34595, namespace kube-bind-gfsqn
0 commit comments