This directory includes a Helm chart suitable for deploying Realm Object Server in a Kubernetes Cluster.
"Helm helps you manage Kubernetes applications โ Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application." - helm.sh
Helm uses a "chart," which is simply a set of templates that define what Kubernetes resources should be present in order to provide the service it defines. Typically, a simple chart will include a template for:
- ConfigMap
- Secret
- Deployment
- Service
- Ingress
These are all basic building blocks for running apps in Kubernetes, and you should be familiar with them before proceeding.
Minikube is currently not supported for local macOS deployments because they currently do not support RBAC in k8s. For local deployments please use Docker Edge with Kubernetes found here: https://docs.docker.com/v17.09/docker-for-mac/install/
On macOS (can be skipped if using Docker for Mac):
brew install kubectl
Other: Installing kubectl
On macOS:
brew install kubernetes-helm
Other: Installing Helm
If you're using Docker for Mac or an otherwise new cluster, you need to install tiller in the cluster:
helm init --upgrade --wait
You might also want to access the Kubernetes Dashboard. In order to do so, you need to install it:
helm install --kube-context=docker-for-desktop \
--name kubernetes-dashboard --namespace kube-system \
stable/kubernetes-dashboard -f - <<EOL
service:
type: NodePort
nodePort: 30443
EOL
After doing so, your dashboard will be accessible at https://127.0.0.1:30443/.
Or it will be accessible via the commands printed to the terminal. Copy and paste those commands and follow the http link a web browser.
The Realm Object Server Helm chart includes default values that are suitable for running ROS on any Kubernetes cluster, in a basic configuration:
helm upgrade --install my-ros ./helm/realm-object-server
If you need to customize your installation, you can override any values from
values.yaml. For example, if you're using
Docker for Mac and would like to use a custom image that you're developing
locally (see below as well), write this to a new values.yaml
file:
image:
repository: realm-object-server
tag: latest
pullPolicy: Never
and run:
helm upgrade --install my-ros ./helm/realm-object-server -f values.yaml
Obviously, everybody's environment is different, and charts typically allow for customization of these resources in order to run the application effectively regardless of cloud provider.
When using the default values, ROS will not be exposed to the internet. Defining ingress to your ROS is something that is typically customized according to the cloud provider. Here are some ways you can expose your ROS:
Port forwarding is the quickest way to access a Kubernetes Pod for testing and development. First, find the name of the ROS Pod and start a proxy to it:
$ kubectl get pods -l app=realm-object-server,component=core
NAME READY STATUS RESTARTS AGE
my-ros-realm-object-server-75cd8f7c88-g6d2f 1/1 Running 0 6s
$ kubectl port-forward my-ros-realm-object-server-75cd8f7c88-g6d2f 9080:9080
Forwarding from 127.0.0.1:9080 -> 9080
Now you can access on http://127.0.0.1:9080
with this adminToken:
eyJhcHBfaWQiOiJpby5yZWFsbS5hdXRoIiwiaWRlbnRpdHkiOiJfX2FkbWluIiwiYWNjZXNzIjpbImRvd25sb2FkIiwidXBsb2FkIiwibWFuYWdlIl0sInNhbHQiOiIyOGMwNDgzMCJ9:c2S8hMDUua/zfizq3AqZFOB07Adow6JOUuSucyTyvhTtVdJBN3tGjxD/7FKL9CJ77JI8DqoNB/1grR9iXZlkGXU7aiPxttA+lYtoEU9Rbo85IyKN2Yf5C28U6X8gUrI6hGeTSCm1DPCInrW8ZcBKOfTb67IY9PLlAU/9gGap4LyguvejD/TEpsLSWgTSiS/UME5IzZa4Y5YjQ1f8G5bhFSDaIIN3yrS8O8VXHbZ/qpBXdmPku6Jn7q+L7W4usvgPxLf57Te3TfM5eqAvKtD/vx+SJAiAJifPdig0Xt1Zy2ZsoV5zrG4q+GP0E4sDQ/AYP4HVeeuoMkNgi2q58jmJuQ==
If you have direct access to nodes in the cluster (such as with Docker for Mac), you can set the ROS Service to be a NodePort service:
service:
type: NodePort
# Omit the port to get kubernetes to choose one
port: 30080
In which case you could access ROS at http://node-ip:30080
(http://localhost:30080
when using Docker for Mac).
If you are using a cloud provider that can provide LoadBalancer functionality on services, using the LoadBalancer service type might be suitable for you (below is an example using AWS):
service:
type: LoadBalancer
annotations:
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http"
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https"
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:eu-west-1:774659224473:certificate/a143cde5-dc1f-4b35-b2b0-63cad2f9322e"
external-dns.alpha.kubernetes.io/hostname: "my-ros.arena.k8s.realmlab.net"
If you have a Kubernetes Ingress Controller that you would like to use, you can enable it like so (using the nginx ingress controller in arena):
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: nginx
path: /
hosts:
- ignorant-cat.arena.realmlab.net
TODO
The realm-object-server
Helm chart also includes stats collection as an
option. To enable it:
prometheus:
enabled: true
grafana:
enabled: true
# You can also configure the service and/or ingress, just as with
# core services:
service:
type: NodePort
port: 30081
This will ensure that Prometheus is installed alongside Realm Object Server. It will be configured to scrape ROS periodically for stats, which can be viewed in Grafana. The Grafana installation also includes a few canned dashboards.
TODO: add examples of values files that will work with various cloud providers.
If you're planning on using a local Docker installation for testing and development, you should build the ROS docker image first:
./scripts/docker-build.sh
You will now have a local image named realm-object-server
, which can be used by Kubernetes, using
realm-object-server-local.values.yaml as a configuration:
helm upgrade --install my-ros ./helm/realm-object-server -f ./helm/realm-object-server-local.values.yaml