| Yuriy Taraday | 06c1920 | 2017-08-25 14:48:19 +0400 | [diff] [blame] | 1 | ========== |
| 2 | User guide |
| 3 | ========== |
| 4 | |
| 5 | .. highlight:: yaml |
| 6 | |
| 7 | Instalation |
| 8 | =========== |
| 9 | |
| 10 | Our formula is already being installed from `system level <https://github.com/Mirantis/reclass-system-salt-model/blob/master/salt/master/pkg.yml>`_ |
| 11 | so if you have ``system.salt.master.pkg`` or ``system.salt.master.git`` class |
| 12 | on your config node, you don't need to do anything. |
| 13 | |
| 14 | Using class from system level |
| 15 | ----------------------------- |
| 16 | |
| 17 | You can use ``system.salt.master.formula.pkg.helm`` `class <https://github.com/Mirantis/reclass-system-salt-model/blob/master/salt/master/formula/pkg/helm.yml>`_ |
| 18 | to install from packages or include following to some part of config node |
| 19 | model:: |
| 20 | |
| 21 | parameters: |
| 22 | salt: |
| 23 | master: |
| 24 | environment: |
| 25 | prd: |
| 26 | formula: |
| 27 | helm: |
| 28 | source: pkg |
| 29 | name: salt-formula-helm |
| 30 | |
| 31 | If you want to isntall from Git repo, you can use ``system.salt.master.formula.git.helm`` `class <https://github.com/Mirantis/reclass-system-salt-model/blob/master/salt/master/formula/git/helm.yml>`_ |
| 32 | or following snippet:: |
| 33 | |
| 34 | parameters: |
| 35 | salt: |
| 36 | master: |
| 37 | environment: |
| 38 | prd: |
| 39 | formula: |
| 40 | helm: |
| 41 | source: git |
| 42 | address: '${_param:salt_master_environment_repository}/salt-formula-helm.git' |
| 43 | revision: ${_param:salt_master_environment_revision} |
| 44 | module: |
| 45 | helm.py: |
| 46 | enabled: true |
| 47 | state: |
| 48 | helm_release.py: |
| 49 | enabled: true |
| 50 | |
| 51 | Using apt |
| 52 | --------- |
| 53 | |
| 54 | You can also just install using ``apt`` from our repo at `<http://apt-mk.mirantis.com/>`_: |
| 55 | |
| 56 | .. code-block:: bash |
| 57 | |
| 58 | apt install salt-formula-helm |
| 59 | |
| 60 | Basic usage |
| 61 | =========== |
| 62 | |
| 63 | The most simple way to use this formula is to include ``service.helm.client`` |
| 64 | class or one derived from it to one of your Kubernetes controllers. Following |
| 65 | our cookiecutter model structure, if you create file at ``classes/cluster/<cluster name>/kubernetes/helm.yml`` |
| 66 | with following contents (we'll use this file throughout this guide):: |
| 67 | |
| 68 | classes: |
| 69 | - service.helm.client |
| 70 | |
| 71 | and then add it to one of kubernetes controllers by adding to ``reclass:storage:node`` |
| 72 | section of ``classes/cluster/<cluster name>/infra/config.yml`` file:: |
| 73 | |
| 74 | kubernetes_control_node01: |
| 75 | - cluster.${_param:cluster_name}.kubernetes.helm |
| 76 | |
| 77 | And then run ``reclass`` state and ``refresh_pillar`` method: |
| 78 | |
| 79 | .. code-block:: bash |
| 80 | |
| 81 | salt -I 'salt:master' state.sls reclass |
| 82 | salt '*' saltutil.refresh_pillar |
| 83 | |
| 84 | Now you can address this node via ``helm:client`` pillar value: |
| 85 | |
| 86 | .. code-block:: bash |
| 87 | |
| 88 | salt -I 'helm:client' state.sls helm |
| 89 | |
| 90 | After you run this, the state will install ``helm`` binary on selected node and |
| 91 | deploy Tiller on Kubernetes cluster. |
| 92 | |
| 93 | Release creation |
| 94 | ---------------- |
| 95 | |
| 96 | To create some release, you should add its description to |
| 97 | ``helm:client:releases`` section of the model:: |
| 98 | |
| 99 | classes: |
| 100 | - service.helm.client |
| 101 | parameters: |
| 102 | helm: |
| 103 | client: |
| 104 | releases: |
| 105 | my-first-sql: # This name is used by default as release name |
| 106 | name: the-mysql # But can be overriden here |
| 107 | chart: stable/mysql # This chart exists in default helm repo |
| 108 | |
| 109 | After this if you run ``helm`` state |
| 110 | |
| 111 | .. code-block:: bash |
| 112 | |
| 113 | salt -I 'helm:client' state.sls helm |
| 114 | |
| 115 | ``the-mysql`` release will be created in Tiller in ``default`` namespace. |
| 116 | |
| 117 | Using Mirantis chart repository |
| 118 | ------------------------------- |
| 119 | |
| 120 | To use charts from Mirantis chart repository you must describe it in model and |
| 121 | use it in ``chart``:: |
| 122 | |
| 123 | helm: |
| 124 | client: |
| 125 | repos: |
| 126 | mirantisworkloads: https://mirantisworkloads.storage.googleapis.com/ |
| 127 | releases: |
| 128 | zoo1: |
| 129 | name: my-zookeeper |
| 130 | chart: mirantisworkloads/zookeeper # we reference installed repo |
| 131 | |
| 132 | This pillar will install latest version of Zookeeper chart from Mirantis |
| 133 | repository. |
| 134 | |
| 135 | Release customizations |
| 136 | ---------------------- |
| 137 | |
| 138 | You can change namespace where the release is created, version of chart to use |
| 139 | and specify any values to pass to the chart:: |
| 140 | |
| 141 | releases: |
| 142 | zoo1: |
| 143 | chart: mirantisworkloads/zookeeper |
| 144 | namespace: different-ns # Namespace will be created if absent |
| 145 | version: 1.2.0 # select any available version |
| 146 | values: |
| 147 | logLevel: INFO # any values used by chart can specified here |
| 148 | |
| 149 | Note that after initial deployment, you can change these values (except |
| 150 | namespace) if chart supports it. |
| 151 | |
| 152 | .. note:: |
| 153 | |
| 154 | In Kubernetes versions up to 1.6 statefulsets cannot be upgraded, so you |
| 155 | cannot change version of chart that creates statefulset, like our Zookeeper |
| 156 | chart. |
| 157 | |
| 158 | Release deletion |
| 159 | ---------------- |
| 160 | |
| 161 | To ensure that release is absent, you should set its ``enable`` parameter to |
| 162 | ``false``:: |
| 163 | |
| 164 | releases: |
| 165 | zoo1: |
| 166 | name: my-zookeeper # Note that releases are identified in Tiller by name |
| 167 | # so you must leave custom name if you've specified |
| 168 | # one. |
| 169 | enabled: false |
| 170 | |
| 171 | After this model is applied, ``my-zookeeper`` release will be deleted. |
| 172 | |
| 173 | Running on remote Kubernetes |
| 174 | ============================ |
| 175 | |
| 176 | Up to this point we assumed that Helm formula is applied to controller node of |
| 177 | existing Kubernetes cluster with already installed and configured ``kubectl``. |
| 178 | If you want to use it with some remote Kubernetes or on any different node |
| 179 | (e.g. Salt Master node), you'll need to install and configure ``kubectl`` on |
| 180 | it. |
| 181 | |
| 182 | For example, to run it on our cluster, you should add ``cluster.<cluster name>.kubernetes.helm`` |
| 183 | class to config node in ``nodes/<your config node fqdn>.yml``, and then modify |
| 184 | ``classes/cluster/<cluster name>/kubernetes/helm.yml``:: |
| 185 | |
| 186 | helm: |
| 187 | client: |
| 188 | kubectl: |
| 189 | install: true |
| 190 | config: |
| 191 | user: |
| 192 | username: ${_param:kubernetes_admin_user} |
| 193 | password: ${_param:kubernetes_admin_password} |
| 194 | cluster: |
| 195 | server: https://${_param:kubernetes_control_address} |
| 196 | certificate_authority: /etc/ssl/certs/ca-salt_master_ca.crt |
| 197 | |
| 198 | Note that we're using parameters that are already specified in ``cluster.<cluster name>.kubernetes`` |
| 199 | class for simplicity. We are also using path to CA certificate specifit to |
| 200 | config node. If you don't have such file, you'll have to specify base64 |
| 201 | representation of certificate file in ``certificate_authority_data``. |
| 202 | |
| 203 | Now if we apply state ``helm`` to our config node, both ``helm`` and ``kubectl`` |
| 204 | binaries will be installed and ``kubectl`` config will be created in |
| 205 | ``/srv/helm/kubeconfig.yaml``. |