a0d4f366d0
- created the installation-66477d7646db.rest file; - Updated $ wget information and updated the command line. - Updated kubevirt-app version. - Updated step to install KubeVirt. Signed-off-by: Elaine Fonaro <elaine.fonaro@windriver.com> Change-Id: I01f35539076d835916bb4fc78dd59b9c05ae3dfa
143 lines
5.6 KiB
ReStructuredText
143 lines
5.6 KiB
ReStructuredText
|
||
.. begin-install-proc
|
||
|
||
#. On the controller, if an **admin-user** service account is not already available, create one.
|
||
|
||
#. Create the **admin-user** service account in **kube-system**
|
||
namespace and bind the **cluster-admin** ClusterRoleBinding to this user.
|
||
|
||
.. code-block:: none
|
||
|
||
% cat <<EOF > admin-login.yaml
|
||
apiVersion: v1
|
||
kind: ServiceAccount
|
||
metadata:
|
||
name: kubernetes-admin
|
||
namespace: kube-system
|
||
---
|
||
apiVersion: v1
|
||
kind: Secret
|
||
type: kubernetes.io/service-account-token
|
||
metadata:
|
||
name: kubernetes-admin-sa-token
|
||
namespace: kube-system
|
||
annotations:
|
||
kubernetes.io/service-account.name: kubernetes-admin
|
||
---
|
||
apiVersion: rbac.authorization.k8s.io/v1
|
||
kind: ClusterRoleBinding
|
||
metadata:
|
||
name: kubernetes-admin
|
||
roleRef:
|
||
apiGroup: rbac.authorization.k8s.io
|
||
kind: ClusterRole
|
||
name: cluster-admin
|
||
subjects:
|
||
- kind: ServiceAccount
|
||
name: kubernetes-admin
|
||
namespace: kube-system
|
||
EOF
|
||
% kubectl apply -f admin-login.yaml
|
||
|
||
#. Retrieve the secret token.
|
||
|
||
.. code-block:: none
|
||
|
||
~(keystone_admin)]$ TOKEN_DATA=$(kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kubernetes-admin | awk '{print $1}') | grep "token:" | awk '{print $2}')
|
||
|
||
|
||
#. On a remote workstation, install the :command:`kubectl` client. Go to the
|
||
following link: `https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/
|
||
<https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/>`__.
|
||
|
||
#. Install the :command:`kubectl` client CLI (for example, an Ubuntu host).
|
||
|
||
.. code-block:: none
|
||
|
||
% sudo apt-get update
|
||
% sudo apt-get install -y apt-transport-https
|
||
% curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | \
|
||
sudo apt-key add
|
||
% echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | \
|
||
sudo tee -a /etc/apt/sources.list.d/kubernetes.list
|
||
% sudo apt-get update
|
||
% sudo apt-get install -y kubectl
|
||
|
||
#. Set up the local configuration and context.
|
||
|
||
.. note::
|
||
In order for your remote host to trust the certificate used by
|
||
the |prod-long| K8S API, you must ensure that the
|
||
``k8s_root_ca_cert`` specified at install time is a trusted
|
||
|CA| certificate by your host. Follow the instructions for adding
|
||
a trusted |CA| certificate for the operating system distribution
|
||
of your particular host.
|
||
|
||
If you did not specify a ``k8s_root_ca_cert`` at install
|
||
time, then specify ``--insecure-skip-tls-verify``, as shown below.
|
||
|
||
The following example configures the default ~/.kube/config. See the
|
||
following reference:
|
||
`https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/
|
||
<https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/>`__.
|
||
You need to obtain a floating |OAM| IP.
|
||
|
||
.. code-block:: none
|
||
|
||
% kubectl config set-cluster mycluster --server=https://${OAM_IP}:6443 \
|
||
--insecure-skip-tls-verify
|
||
% kubectl config set-credentials kubernetes-admin@mycluster --token=$TOKEN_DATA
|
||
% kubectl config set-context kubernetes-admin@mycluster --cluster=mycluster \
|
||
--user kubernetes-admin@mycluster --namespace=default
|
||
% kubectl config use-context kubernetes-admin@mycluster
|
||
|
||
``$TOKEN_DATA`` is the token retrieved in step 1.
|
||
|
||
#. Test remote :command:`kubectl` access.
|
||
|
||
.. code-block:: none
|
||
|
||
% kubectl get nodes -o wide
|
||
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE ...
|
||
controller-0 Ready master 15h v1.12.3 192.168.204.3 <none> CentOS L ...
|
||
controller-1 Ready master 129m v1.12.3 192.168.204.4 <none> CentOS L ...
|
||
worker-0 Ready <none> 99m v1.12.3 192.168.204.201 <none> CentOS L ...
|
||
worker-1 Ready <none> 99m v1.12.3 192.168.204.202 <none> CentOS L ...
|
||
%
|
||
|
||
#. On the workstation, install the :command:`helm` client on an Ubuntu
|
||
host by taking the following actions on the remote Ubuntu system.
|
||
|
||
#. Install :command:`helm`. See the following reference:
|
||
`https://helm.sh/docs/intro/install/
|
||
<https://helm.sh/docs/intro/install/>`__. Helm accesses the Kubernetes
|
||
cluster as configured in the previous step, using the default ~/.kube/config.
|
||
|
||
.. code-block:: none
|
||
|
||
% wget https://get.helm.sh/helm-v3.2.1-linux-amd64.tar.gz
|
||
% tar xvf helm-v3.2.1-linux-amd64.tar.gz
|
||
% sudo cp linux-amd64/helm /usr/local/bin
|
||
|
||
|
||
#. Verify that :command:`helm` installed correctly.
|
||
|
||
.. code-block:: none
|
||
|
||
% helm version
|
||
version.BuildInfo{Version:"v3.2.1", GitCommit:"fe51cd1e31e6a202cba7dead9552a6d418ded79a", GitTreeState:"clean", GoVersion:"go1.13.10"}
|
||
|
||
#. Run the following commands:
|
||
|
||
.. code-block:: none
|
||
|
||
% helm repo add bitnami https://charts.bitnami.com/bitnami
|
||
% helm repo update
|
||
% helm repo list
|
||
% helm search repo
|
||
% helm install wordpress bitnami/wordpress
|
||
|
||
|
||
.. end-install-proc
|
||
|