Skip to Content
Technical Articles
Author's profile photo Satish Kumar Kara

Register Minikube Kubernetes Cluster with SCP Service Manager

To consume SAP Cloud Platform services in your Minikube, your cluster must be registered at the Service Manager in the context of a subaccount. For this, you need a Global account and a subaccount, and must be administrator of this subaccount. For your production Kubernetes cluster has to be configured the same way with SAP Cloud Platform to establish the connection.

Prerequisites

Kubernetes Cluster

Kubectl – v1.7 or higher

Helm 3 – install helm in Mac OS using brew (currently it will install v3.1.1). You can also download the desired version of helm from release site and install manually.

brew install helm

Service Manger CLI v1.7.3 or higher – Link

Tiller (Helm Server Side Component) – As we are using Helm 3, we don’t need to run init.

Configuration In SAP Cloud Platform

Get a sub account or create a new sub account under your global account. Make sure you are the security administrator to see the security tab in the left navigation. I have created a sub account SCP-K8 for my usage.

Access to Service Manager API

The Kubernetes cluster must be registered at the Service Manager to access services from SAP Cloud Platform in Kubernetes. For this, you first need to obtain the credentials for the Service Manager.

Navigate to the sub account in SAP Cloud Platform Cockpit → Subscriptions → Service Manager and subscribe.

Assign your IDP users to the sub account service administrator collection

In the SAP Cloud Platform cockpit, navigate to your subaccount and choose Security → Trust Configuration → SAP ID Service.

Assign Subaccount Service Administrator role collection to your email address.

Repeat the same for other users to have access to Service Manager API

Login to Service Manager

Login to Service Manger using Service Manager CLI.

smctl login -a https://service-manager.cfapps.<landscape domain> --param subdomain=<subdomain>
User: <user name with service manager role>
Password: *****

For me following are the details

smctl login -a https://service-manager.cfapps.sap.hana.ondemand.com --param subdomain=scpk8

Register Sub Account Scoped Cluster

$ smctl register-platform minikube kubernetes
 
ID                                    Name      Type        Description  Created                      Updated                      Labels                                              Username                                      Password                                     
------------------------------------  --------  ----------  -----------  ---------------------------  ---------------------------  --------------------------------------------------  --------------------------------------------  -------------------------------------------- 
4f7c0ef1-2e84-4124-b55f-7a36f2d79843  minikube  kubernetes               2020-02-25T04:30:28.971113Z  2020-02-25T04:30:28.971113Z  subaccount_id=55d8129b-1e6b-4231-9c80-000ae080f9dd  xxxxxxxxxxxxxxusernamexxxxxxxxxxxxxxxxxxxx  xxxxxxxxxxxxxxxxpasswordxxxxxxxxxxxxxxxxxxxxx

Save the credential some where safe. We will be needing this while configuring service manager broker.

Install Service Catalog in Minikube

If all prerequisites like minikube, kubectl, helm are installed you can start your minikube cluster using the following command.

minikube start --vm-driver=hyperkit  --hyperkit-vpnkit-sock=/Users/xxx/Library/Containers/com.docker.docker/Data/vpnkit.eth.sock --kubernetes-version=1.17.3

Now when your helm is connected to tiller at minikube, we are ready to install service-catalog using helm. Let’s first add the service-catalog repository to helm.

helm repo add svc-cat https://svc-catalog-charts.storage.googleapis.com

Let’s see if we have the service-catalog available for install. Use the following command to search in the repository.

helm search repo service-catalog//in helm 3
helm search service-catalog// in helm 2
//As I am using helm 3
$ helm search repo service-catalog
NAME                    CHART VERSION    APP VERSION    DESCRIPTION                                      
svc-cat/catalog         0.2.1                           service-catalog API server and controller-manag...
svc-cat/catalog-v0.2    0.2.2                           service-catalog API server and controller-manag...

Now let’s install service-catalog using the following command.

kubectl create namespace catalog
helm install catalog svc-cat/catalog --namespace catalog --version 0.3.0-beta.2

Install Service Manger Broker Proxy in Minikube

Add the service manager broker proxy repository to helm.

helm repo add peripli 'https://peripli.github.io'

Install the service manager agent using the following command.

kubectl create namespace service-broker-proxy
helm install service-broker-proxy peripli/service-broker-proxy-k8s \
  --namespace service-broker-proxy \
  --set image.tag=v0.3.2 \
  --set config.sm.url=https://service-manager.cfapps.sap.hana.ondemand.com \
  --set sm.user=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \
  --set sm.password=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

sm.user and sm.password, we have already got while registering our cluster using service manager cli.  sm.url is the service manager url.

Install Service Catalog CLI

Use following to install service catalog cli in Mac OS. This is required to work with service catalog installed in minikube.

curl -sLO https://download.svcat.sh/cli/latest/darwin/amd64/svcat
chmod +x ./svcat
mv ./svcat /usr/local/bin/
svcat version --client

Configure svcat to use your local kubeconfig

export kubeconfig="/Users/xxx/.kube/config"

Test The Connectivity To SAP Cloud Platform

$ svcat marketplace
             CLASS                 PLANS                DESCRIPTION           
+-----------------------------+-------------+---------------------------------+
  feature-flags                 lite          Feature Flags service for       
                                              controlling feature rollout     
  sdm                           standard      Document management for         
                                              Business Applications           
  auditlog-management           default       Retrieve logs and change        
                                              retention                       
  malware-scanner               external      Scan single files for threats,  
                                              via HTTP                        
  transport                     standard      Provides programmatic access    
                                              to Transport Management.        
  transport-ci                  standard      Provides programmatic access    
                                              to Transport Management.        
  hana-cloud                    hana          Leverage the in-memory data     
                                              processing capabilities of      
                                              SAP HANA in the cloud as one    
                                              simple gateway to all data.     
  metering-service              development   Metering-as a Service on        
                                              SAP Cloud platform enables      
                                              services to meter their usage   
                                              information, so it can be used  
                                              later for commercial purposes   
                                              like billing or license         
                                              compliance.                     
                                default                                       
  sap-onpremise-extensibility   api-access    Connects extension              
                                              applications running in an SAP  
                                              Cloud Platform subaccount to    
                                              an On-Premise system.           
  xsuaa                         broker        Manage application              
                                              authorizations and trust to     
                                              identity providers.             
                                application                                    

You may have to modify your entitlement in SAP Cloud Platform Cockpit. For doing so navigate to SAP Cloud Platform Cockpit → Entitlements → Configure Entitlements → Add Service Plans and save once done.

Now let’s create a service instance of xsuaa using the following command.

$ svcat provision mdcs-hana --class hana-cloud --plan hana
  Name:        xsuaa-example                                                   
  Namespace:   default                                                         
  Status:                                                                      
  Class:       xsuaa                                                           
  Plan:        z48zz57zz45zgt9z2fzjz4azz47zz4-fd5fd60de69db525c44c9608067cb61a 
 
Parameters:
  No parameters defined

Let’s now get all the instances that were provisioned.

$ svcat get instance
 
       NAME        NAMESPACE   CLASS                                PLAN                                 STATUS 
+----------------+-----------+-------+-----------------------------------------------------------------+--------+
  xsuaa-example    default     xsuaa   z48zz57zz45zgt9z2fzjz4azz47zz4-fd5fd60de69db525c44c9608067cb61a   Ready

Let’s try deprovisioning the service instance.

svcat deprovision xsuaa-example

Multi Cloud Architecture gives you the provision to support platforms across multiple cloud provides. Like SAP Cloud Platform, you can have service manger broker set up for Google Cloud Platform and Amazon Web Services too.

Assigned Tags

      3 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Rajesh Bhadana
      Rajesh Bhadana

      Hi Satish,

      Thank you for informative and helpful article.

       

      I am trying these steps with SAP Cloud Platform and  Minikube on Windows

      All the steps was working fine but the svcat marketplace showing blank. How can I troubleshoot or what may be wrong/missing ?

       

      command output of Test The Connectivity To SAP Cloud Platform steps,

      C:\WINDOWS\system32> svcat marketplace

      CLASS   PLANS   DESCRIPTION

      +-------+-------+-------------+

      verbose logs

      C:\WINDOWS\system32>svcat marketplace -v=7
      I0724 12:12:12.217974 31876 loader.go:375] Config loaded from file: C:\Users\rbhadana\.kube\config
      I0724 12:12:12.219974 31876 cert_rotation.go:137] Starting client certificate rotation controller
      I0724 12:12:12.229980 31876 round_trippers.go:420] GET https://xxx.xx.xx.xx:8443/apis/servicecatalog.k8s.io/v1beta1/clusterserviceclasses
      I0724 12:12:12.229980 31876 round_trippers.go:427] Request Headers:
      I0724 12:12:12.230937 31876 round_trippers.go:431] Accept: application/json, */*
      I0724 12:12:12.231937 31876 round_trippers.go:431] User-Agent: svcat/v0.0.0 (windows/amd64) kubernetes/$Format
      I0724 12:12:12.241963 31876 round_trippers.go:446] Response Status: 200 OK in 10 milliseconds
      I0724 12:12:12.242941 31876 round_trippers.go:420] GET https://xxx.xx.xx.xx:8443/apis/servicecatalog.k8s.io/v1beta1/namespaces/default/serviceclasses
      I0724 12:12:12.242941 31876 round_trippers.go:427] Request Headers:
      I0724 12:12:12.245091 31876 round_trippers.go:431] Accept: application/json, */*
      I0724 12:12:12.245091 31876 round_trippers.go:431] User-Agent: svcat/v0.0.0 (windows/amd64) kubernetes/$Format
      I0724 12:12:12.247974 31876 round_trippers.go:446] Response Status: 200 OK in 2 milliseconds
      I0724 12:12:12.248947 31876 round_trippers.go:420] GET https://xxx.xx.xx.xx:8443/apis/servicecatalog.k8s.io/v1beta1/clusterserviceplans
      I0724 12:12:12.248947 31876 round_trippers.go:427] Request Headers:
      I0724 12:12:12.250946 31876 round_trippers.go:431] Accept: application/json, */*
      I0724 12:12:12.251948 31876 round_trippers.go:431] User-Agent: svcat/v0.0.0 (windows/amd64) kubernetes/$Format
      I0724 12:12:12.254941 31876 round_trippers.go:446] Response Status: 200 OK in 2 milliseconds
      I0724 12:12:12.254941 31876 round_trippers.go:420] GET https://xxx.xx.xx.xx:8443/apis/servicecatalog.k8s.io/v1beta1/namespaces/default/serviceplans
      I0724 12:12:12.254941 31876 round_trippers.go:427] Request Headers:
      I0724 12:12:12.256940 31876 round_trippers.go:431] Accept: application/json, */*
      I0724 12:12:12.257977 31876 round_trippers.go:431] User-Agent: svcat/v0.0.0 (windows/amd64) kubernetes/$Format
      I0724 12:12:12.262976 31876 round_trippers.go:446] Response Status: 200 OK in 2 milliseconds
      CLASS PLANS DESCRIPTION
      +-------+-------+-------------+

      I have one additional question, Is it possible to consume SAP cloud services in Open Source CF platform running on Azure platform ?

      Author's profile photo Satish Kumar Kara
      Satish Kumar Kara
      Blog Post Author

      please try the following command and see if you are getting the result.

      smctl marketplace

      If you getting result for the above, then it's a problem with catalog manger. Please try the below version instead of the version listed in the blog.

      helm install catalog svc-cat/catalog --namespace catalog --version 0.3.0

      If you are not able to list marketplace from smctl then there would be some problem in the access and authorisation.

      I have one additional question, Is it possible to consume SAP cloud services in Open Source CF platform running on Azure platform ?

      I think you can not at least using Open Service Broker implementation.

       

      Author's profile photo Sundar Chakravarthy
      Sundar Chakravarthy

      Hi Satish,

      Good article !

      I have a trial account and don't see Service Manager under subscriptions. Has the name changed recently ?

      Thanks,

      Sundar