aws ecr get-login --no-include-email --region eu-central-1
# returns a docker login command. Execute this to authenticate your local docker installation for access to this registry.
kops create cluster ${FQDN_OF_YOUR_CLUSTER} --zones <AWS Zone> --authorization=rbac --node-count ${NUMBER_OF_NODE} --node-size ${NODE_SIZE} --kubernetes-version ${K8S_VER} --topology private --networking calico --vpc=${VPC_ID} --bastion --state ${KOPS_STATE_STORE_BUCKET}
kops create secret --name ${FQDN_OF_YOUR_CLUSTER} sshpublickey admin -i ~/.ssh/id_rsa.pub
kops update cluster --name ${FQDN_OF_YOUR_CLUSTER} --state ${KOPS_STATE_STORE_BUCKET} --yes
kops validate cluster --name ${FQDN_OF_YOUR_CLUSTER}
kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/kubernetes-dashboard/v1.8.3.yaml
=== Create a file "dashboard.yaml" ===
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
labels:
k8s-app: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kube-system
kubectl create -f dashboard.yaml
# get the credentials for your dashboard. User is "admin", the output is your password
kops get secrets kube --type secret -oplaintext
# define an ingress
kubectl apply -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/ingress-nginx/v1.6.0.yaml
# Create Srevice Account for tiller
kubectl create serviceaccount --namespace kube-system tiller
kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
# Install helm
curl -LO https://storage.googleapis.com/kubernetes-helm/helm-v2.9.1-linux-amd64.tar.gz
tar -zxvf helm-v2.9.1-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/helm
helm init --service-account tiller --upgrade
helm init && helm list
~/slplugin/bin/slplugin execute -p ~/SAPDataHub-Foundation/
Installation finished successfully
Ok ?
Prepare analytics data in '/home/<user>/work'
Feedback file was written. Please consider sending statistics data back to SAP by opening file '/home/<user>/work/EvalForm.html'
# Create a certificate
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/tls.key -out /tmp/tls.crt -subj "/CN=vsystem.ingress.<your-domain>"
kubectl -n $NAMESPACE create secret tls vsystem-tls-certs --key /tmp/tls.key --cert /tmp/tls.crt
### Create a YAML file: ingress.yaml ###
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: vsystem
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/tls-acme: "true"
ingress.kubernetes.io/force-ssl-redirect: "true"
ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/proxy-body-size: 500m
ingress.kubernetes.io/proxy-body-size: 500m
spec:
rules:
-
host: vsystem.ingress.<your-domain>
http:
paths:
-
path: /
backend:
serviceName: vsystem
servicePort: 8797
tls:
- hosts:
- vsystem.ingress.<your-domain>
secretName: vsystem-tls-certs
######
kubectl -n $NAMESPACE create -f ingress.yaml
kubectl -n $NAMESPACE describe ingress vsystem
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
35 | |
25 | |
13 | |
7 | |
7 | |
6 | |
6 | |
6 | |
5 | |
4 |