Commit ee08f68a authored by Bengt Giger's avatar Bengt Giger

Updated README

parent e53baa95
......@@ -4,7 +4,8 @@ Basic k8s Cluster Configuration
Prerequisite
---
Have the cluster config added to `$HOME/.kube/config` and set as default context.
Have the cluster config added to `$HOME/.kube/config` and set as default context. The config content
can be found in Rancher GUI, in the dashboard for the cluster, button *Kubeconfig File*.
Prepare your Local Machine
......@@ -17,32 +18,40 @@ cd ansible
ansible-galaxy collection install -r roles/requirements.yml
```
Install tools from `ansible` directory on local machine:
Install tools from `ansible` directory on local machine; must be *root*, use sudo or root account (without sudo):
```sudo ansible-playbook -l localhost pb_controlhost.yml```
Define Rancher Projects
Configure Rancher CLI
---
Rancher projects cannot be declared, they have to be configured via GUI or CLI. For a CLI login a
Rancher projects cannot be declared, they have to be configured via GUI or CLI. The next playbook will
use the Rancher CLI to configure some basic projects. For a CLI login a
bearer token has to used. In the Rancher GUI, go to *User / API & Keys* and create an access key.
Login into Rancher CLI:
```rancher --token <bearer-token> login https://ids-rnc.ethz.ch```
Rancher CLI can now create projects. Run ansible to configure projects defined in ansible/host_vars/localhost.yml:
Rancher CLI can now create projects.
Prepare Kubernetes Cluster
---
The following playbook will create the namespace for ArgoCD, install the SealedSecret service and
creates the Rancher projects defined in `host_vars/localhost.yml`.
```
rancher context switch
ansible-playbook -l localhost pb_rancherprojects.yml
ansible-playbook -l localhost pb_k8s.yml
```
Install ArgoCD
---
Apply ArgoCD configuration in cluster. Change to directory corresponding to the desired cluster instance,
ie. *tst*. Then apply with
ie. *k8s-argocd/tst*. Then apply with
```kustomize build . | kubectl apply -f -```
......@@ -58,9 +67,3 @@ argocd login 172.31.91.7:30000 --insecure --username admin --password $(kubectl
argocd account update-password
```
Problem: ETH firewall... Warten auf Loadbalancer
Synchronize sealed-secrets
---
Login into ArgoCD and sync *sealed-secrets*, or .
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment