hub-of-hubs-nonk8s-api

module

v0.3.1 Latest Latest Go to latest Published: Jan 23, 2022 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/stolostron/hub-of-hubs-nonk8s-api

Links

Open Source Insights

README ¶

Hub-of-Hubs Nonk8s API

The REST API component of Hub-of-Hubs.

Environment variables

The following environment variables are required for the most tasks below:

REGISTRY, for example docker.io/vadimeisenbergibm.
IMAGE_TAG, for example v0.1.0.

Build to run locally

make build

Run Locally

Set the following environment variables:

DATABASE_URL - the URL of the database server
CLUSTER_API_URL - the URL of the Kubernetes API server
CLUSTER_API_CA_BUNDLE_PATH - the CA bundle for the Kubernetes API server. If not provided, verification of the server certificates is skipped.
AUTHORIZATION_URL - the URL of the authorization server
AUTHORIZATION_CA_BUNDLE_PATH - the CA bundle for the authorization server. If not provided, verification of the server certificates is skipped.
KEY_PATH - the path to the file that contains the private key for this server's TLS.
CERTIFICATE_PATH - the path to the file that contains the certificate for this server's TLS.

Set the DATABASE_URL according to the PostgreSQL URL format: postgres://YourUserName:YourURLEscapedPassword@YourHostname:5432/YourDatabaseName?sslmode=verify-full&pool_max_conns=50.

❗ Remember to URL-escape the password, you can do it in bash:

python -c "import sys, urllib as ul; print ul.quote_plus(sys.argv[1])" 'YourPassword'

Generate self-signed certificates:

mkdir testdata
openssl genrsa -out ./testdata/server.key 2048
openssl req -new -x509 -key ./testdata/server.key -out ./testdata/server.pem -days 365

Run the server

./bin/hub-of-hubs-nonk8s-api

Build image

make build-images

Deploy to a cluster

Create a secret with your database url:

kubectl create secret generic hub-of-hubs-database-secret --kubeconfig $TOP_HUB_CONFIG -n open-cluster-management --from-literal=url=$DATABASE_URL

Deploy the operator:

COMPONENT=$(basename $(pwd)) IMAGE_TAG=latest envsubst < deploy/operator.yaml.template | kubectl apply --kubeconfig $TOP_HUB_CONFIG -n open-cluster-management -f -

Deploy Ingress:

COMPONENT=$(basename $(pwd)) envsubst < deploy/ingress.yaml.template | kubectl apply --kubeconfig $TOP_HUB_CONFIG -n open-cluster-management -f -

Test the ingress

Note that the port is 443 (the standard HTTPS port).

curl -ks  https://multicloud-console.apps.<the hub URL>/multicloud/hub-of-hubs-nonk8s-api/managedclusters  -H "Authorization: Bearer $TOKEN" | jq .[].metadata.name

Working with Kubernetes deployment

Show log:

kubectl logs -l name=$(basename $(pwd)) -n open-cluster-management

Execute commands on the container:

kubectl exec -it $(kubectl get pod -l name=$(basename $(pwd)) -o jsonpath='{.items..metadata.name}' -n open-cluster-management) \
-n open-cluster-management -- bash

Test (run the commands in this directory)

Add `example.com` to /etc/hosts as local host.

export TOKEN=<the OC token or Service Account token from its secret>

curl https://example.com:8080/managedclusters -w "%{http_code}\n" -H "Authorization: Bearer $TOKEN" --cacert ./certs/tls.crt

curl -s https://example.com:8080/managedclusters  -H "Authorization: Bearer $TOKEN" --cacert ./certs/tls.crt |
     jq .[].metadata.name

Directories ¶

Path	Synopsis
cmd
manager
pkg
authentication
managedclusters

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL