Thursday, February 28, 2019

CKA Certification (Kubernetes Administrator)

https://github.com/cncf/curriculum/blob/master/CKA_Curriculum_V1.12.0.pdf here the topics to be covered


I would start by reading the official doc https://kubernetes.io/docs/concepts/

Kubernetes Master : kube-apiserver, kube-controller-manager and kube-scheduler

Non-master node : kubelet, kube-proxy

Control Plane , kubectl,

etcd, kube-scheduler, kube-controller-manager

PodSpecs , Cluster DNS ,

(to be continued)



Monday, February 25, 2019

Viktor Farcic and Jenkins-X

https://leanpub.com/the-devops-2-6-toolkit

The ebook is available to read for free - the first 60 pages.

For a good overall presentation of JenkinsX https://opensource.com/article/18/11/getting-started-jenkins-x



az CLI for Azure Kubernetes Services (AKS)

https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?view=azure-cli-latest

I am installing AZ on Windows. At the end of installation, I reboot (maybe not needed...)

az login -> this opens a browser window which automatically logs you in your AKS account

in return , you get a JSON with your account details. Nice.

[
{
"cloudName": "AzureCloud",
"id": "9ab0d5c-036-495-b6d-25b05be758",
"isDefault": true,
"name": "Free Trial",
"state": "Enabled",
"tenantId": "9dc2b0-897-4b6-adf1-8c5488ea413",
"user": {
"name": "pippo.pluto@hotmail.com",
"type": "user"
}
}
]

which can be obtained also by doing

az account show


I am stingy, so I first check my billing:

az billing invoice list

NotOptedIn - You are not allowed to download invoices. Please contact your account administrator (pippo.pluto@hotmail.com) to turn on access in the management portal for allowing to download invoices through the API.




So I log into https://portal.azure.com/


Be very careful not to use the Azure Cloud Shell available in the Browser UI... using it will create a Storage Account to host a shared drive needed by the Shell, and this will reduce to 1 month the (otherwise 1 year) trial account. So, just install the AZ cli on your machine and be happy.



To display a Resource Group (RG):
az group show --name myResourceGroup

To create a RG
az group create --name myResourceGroup --location "East US"






Saturday, February 2, 2019

JenkinsX and GKE on Centos

Install JX:

https://gist.github.com/vfarcic/8cef206b4df0b1bbec3060d1d45c2a80

mkdir -p ~/.jx/bin

curl -L https://github.com/jenkins-x/jx/releases/download/v1.3.634/jx-linux-amd64.tar.gz \
    | tar xzv -C ~/.jx/bin

export PATH=$PATH:~/.jx/bin

echo 'export PATH=$PATH:~/.jx/bin' \
>> ~/.bashrc



install gcloud:


https://cloud.google.com/sdk/docs/downloads-yum

tee -a /etc/yum.repos.d/google-cloud-sdk.repo << EOM
[google-cloud-sdk]
name=Google Cloud SDK
baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOM


yum install google-cloud-sdk


create GKE cluster
jx create cluster gke
(this will install kubectl and try to install helm.... helm installation fails with
"error: error installing helm: failed to remove helm secrets: failed to run '/root/.jx/bin/helm plugin remove secrets' command in directory '', output: 'Error: Plugin: secrets not found': exit status 1"

So I download help here https://storage.googleapis.com/kubernetes-helm/helm-v2.12.3-linux-amd64.tar.gz
gunzip helm-v2.12.3-linux-amd64.tar.gz tar xvf helm-v2.12.3-linux-amd64.tar mv linux-amd64/helm /usr/local/bin/helm mv linux-amd64/tiller /usr/local/bin/tiller
I request an authorization code at https://accounts.google.com/o/oauth2/auth?
then run
gcloud auth login --brief
and paste the authorization code
jx install --provider=gke unable to load in-cluster configuration, KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT must be defined error: failed to create the kube client: unable to load in-cluster configuration, KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT must be defined
I do:
export KUBERNETES_SERVICE_HOST=cloud.google.com export KUBERNETES_SERVICE_PORT=443
then again "jx install --provider=gke" and I get
open /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory error: failed to create the kube client: open /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory
and of course also this fails
jx create cluster gke -n jx-rocks -p pippo -z us-east1-b -m n1-standard-2 --min-num-nodes 3 --max-num-nodes 5 --default-admin-password admin --default-environment-prefix jx-rocks
with this error
open /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory
Go to the following link in your browser:

    https://accounts.google.com/o/oauth2/auth?redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&prompt=select_account&response_type=code&client_id=32555940559.apps.googleusercontent.com&scope
=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcloud-platform+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fappengine.admin+https%3A%2F%2Fwww
.googleapis.com%2Fauth%2Fcompute+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Faccounts.reauth&access_type=offline


ERROR: There was a problem with web authentication.
ERROR: (gcloud.auth.login) EOF when reading a line
Enter verification code: Error: Command failed  gcloud auth login --brief
error creating cluster exit status 1
error: exit status 1

I have googled everywhere and I find no help... it seems that JX is still a niche product and immature..
I am giving up...
Maybe I will try some parameters https://jenkins-x.io/commands/jx_create_cluster_gke/
kubectl get ns The connection to the server localhost:8080 was refused - did you specify the right host or port?
what????