SUSE Manager/Kubernetes Integration

From MicroFocusInternationalWiki
Revision as of 09:15, 28 September 2017 by JCayouette (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Kubernetes Integration Guide

Requirements

  • Kubernetes >= 1.5.0 (or SUSE CaaS Platform, which includes K8s (Kubernetes) >= 1.5.0 out-of-the-box)
  • Docker >= 1.12 in the container build host (For information on creating a build host see: Creating a Build Host )

To enable all the Kubernetes related features within the UI, the virtual-host-gatherer-Kubernetes package must be installed on your SUSE Manager server.

Prerequisites for this guide

  • At least one Kubernetes or SUSE CaaS Platform cluster available in the network
  • SUSE Manager >= 3.1.2
  • SUSE Manager prepared for container management (required channels are present, and a registered build host should be available.)
  • The virtual-host-gatherer-Kubernetes package must be installed on the SUSE Manager server for additional K8s features to be available from the UI

Walkthrough

Setting up a Kubernetes VHM

Any Kubernetes clusters are registered into SUSE Manager as virtual host managers. Registration and authorization are done through importing a kubeconfig file, which is also used by the kubectl tool.

Registering a Kubernetes cluster into SUSE Manager

  1. Go to Systems > Virtual Host Managers in the navigation menu.
  2. From the Create dropdown on the top-right corner, click Kubernetes Cluster.
  3. Give an arbitrary label for the new VHM.
  4. Select the kubeconfig file which contains data about the Kubernetes cluster.
  5. Select the correct context for the cluster, as specified in the kubeconfig file.
  6. Click Create.

Viewing the list of nodes in the cluster

  1. Go to Systems > Virtual Host Managers in the navigation menu.
  2. Click on the desired Kubernetes cluster.
  3. The node data is not fetched on registration. To get the node information, click on Schedule refresh data.
  4. Refresh the page after a few moments. Node data will appear.

Getting Runtime Information About Images

  1. Go to Images > Images in the navigation menu.
  2. In the image list table, notice the new runtime related columns: Revision, Runtime and Instances. These columns may not initially show any useful data.
    Revision
    An artificial sequence number which increments on every rebuild for manager-built images, or on every reimport for externally built images.
    Runtime
    Overall status of the running instances of the image throughout the registered clusters. The status can be one of the following:
    • All instances are consistent with SUSE Manager: All the running instances are running the same build of the image as tracked by SUSE Manager.
    • Outdated instances found: Some of the instances are running an older build of the image. A redeploy of the image into the pod may be required.
    • No information: The checksum of the instance image does not match the image data contained in SUSE Manager. A redeploy of the image into the pod may be required.
  3. Instances: Number of instances running this image across all the clusters registered in SUSE Manager. A breakdown of numbers can be seen by clicking on the pop-up icon next to the number.

Building an image for deployment in Kubernetes

  1. Under Images > Stores, create an image store.
  2. Under Images > Profiles, create an image profile (with a Dockerfile which is suitable to deploy to Kubernetes).
  3. Under Images > Build, build an image with the created profile and wait for the build to finish.
  4. Deploy the image into one of the registered Kubernetes clusters (via kubectl).
  5. Notice the updated data in Runtime and Instances columns in the respective image row.

Importing an image already deployed in Kubernetes

  1. Pick an image which is already deployed in any of the registered Kubernetes clusters.
  2. Add the registry owning the image to SUSE Manager as an image store.
  3. Go to Images > Images, click Import on the top-right corner, fill in the form fields and click Import
  4. Notice the updated data in Runtime and Instances columns in the respective image row.

Getting additional runtime info

  1. Go to Images > Images, click the Details button on the right end of a row which has running instances.
  2. Under the Overview tab, notice the data in Runtime and Instances fields under Image Info section.
  3. Go to the Runtime tab.
  4. Here is a breakdown of the Kubernetes pods running this image in all the registered clusters including the following data:
    • Pod name
    • Namespace which the pod resides in
    • The runtime status of the container in the specific pod (status icons as explained above)

Rebuilding an image which is already deployed in Kubernetes

  1. Go to Images > Images, click the Details button on the right end of a row which has running instances. The image must be manager-built.
  2. Click Rebuild under Build Status section and wait for the build to finish.
  3. Notice the change in the Runtime icon and title, reflecting the fact that now the instances are running a previous build of the image.


Access rights

Currently, only kubeconfig files with *all embedded certificate data* can be used in SUSE Manager

API calls from SUSE Manager are:

  • GET /api/v1/pods
  • GET /api/v1/nodes

According to this, minimum recommended permissions for SUSE Manager are as follows:

  • A ClusterRole to list all the nodes:
 - resources: ["nodes"]
   verbs: ["list"]
  • A ClusterRole to list pods in all namespaces (role binding must notrestrict the namespace):
 - resources: ["pods"]
   verbs: ["list"]

Currently, in case of a 403 response from /pods, the whole cluster is ignored by SUSE Manager.