Kubernetes
Prerequisites
The prerequisites listed below should be met before proceeding.
-
At least one Kubernetes or _SUSE CaaS Platform _ cluster available on your network
-
SUSE Manager configured for container management
Required channels are present, a registered build host available etc.
-
virtual-host-gatherer-Kubernetes package installed on your SUSE Manager server
Requirements
-
Kubernetes version 1.5.0 or higher. Alternatively use SUSE CaaS Platform (SUSE CaaS Platform includes Kubernetes 1.5.0 by default)
-
Docker version 1.12 or higher on the container build host
To enable all Kubernetes related features within the Web UI, the virtual-host-gatherer-Kubernetes package must be installed. |
Register Kubernetes as a Virtual Host Manager
Kubernetes clusters are registered with SUSE Manager as virtual host managers
.
Registration and authorization begins with importing a kubeconfig
file using Kubernetes official command line tool kubectl
.
-
Select
from the navigation menu. -
Expand the
Create
dropdown in the upper right corner of the page and select Kubernetes Cluster . -
Input a label for the new Virtual Host Manager.
-
Select the
kubeconfig
file which contains the required data for the Kubernetes cluster. -
Select the correct context for the cluster, as specified in the kubeconfig file.
-
Click
Create
.
View the List of Nodes in a Cluster
-
Select
from the navigation menu. -
Select the desired Kubernetes cluster to view it.
-
Node data is not refreshed during registration. To refresh node data, click on
Schedule refresh data
. -
Refresh the browser. If the node data is not available wait a few moments and try again.
Obtain Runtime Data about Images
See the following steps to find runtime data for images.
-
Select
from the navigation menu. -
In the image list table, take notice of the new runtime columns. These are labeled:
Revision
,Runtime
andInstances
. Initially these columns will not provide useful data.-
Revision
: An artificial sequence number which increments on every rebuild for manager-built images, or on every reimport for externally built images. -
Runtime
: Overall status of the running instances of the image throughout the registered clusters. The status can be one of the following:-
All instances are consistent with SUSE Manager: All the running instances are running the same build of the image as tracked by SUSE Manager.
-
Outdated instances found: Some of the instances are running an older build of the image. A redeploy of the image into the pod may be required.
-
No information: The checksum of the instance image does not match the image data contained in SUSE Manager. A redeploy of the image into the pod may be required.
-
-
Instances
: Number of instances running this image across all the clusters registered in SUSE Manager. A breakdown of numbers can be seen by clicking on the pop-up icon next to the number.
-
Build an image for deployment in Kubernetes
The following steps will help you build an image for deployment in Kubernetes.
-
Under
, create an image store. -
Under
, create an image profile (with a Dockerfile which is suitable to deploy to Kubernetes). -
Under
, build an image with the new profile and wait for the build to finish. -
Deploy the image into one of the registered Kubernetes clusters (via
kubectl
). -
Notice the updated data in
Runtime
andInstances
columns in the respective image row.
Import a Previously Deployed Image in Kubernetes
The following steps will guide you through importing a previously deployed image in Kubernetes.
-
Select an image that has already been deployed to any of your registered Kubernetes clusters.
-
Add the registry owning the image to SUSE Manager as an image store.
-
Select
, clickImport
from the top-right corner, fill in the form fields and clickImport
. -
Notice the updated data in
Runtime
andInstances
columns in the respective image row.
Obtain Additional Runtime Data
The following steps will help you find additional runtime data.
-
Select to
, click theDetails
button on the right end of a row which has running instances. -
Under the
Overview
tab, notice the data inRuntime
andInstances
fields underImage Info
section. -
Select the
Runtime
tab. -
Here is a breakdown of the Kubernetes pods running this image in all the registered clusters including the following data:
-
Pod name
-
Namespace which the pod resides in
-
The runtime status of the container in the specific pod. Status icons are explained in the preceeding example.
-
Rebuild a Previously Deployed Image in Kubernetes
The following steps will guide you through rebuilding an image which has been deployed to a Kubernetes cluster.
-
Go to
, click the Details button on the right end of a row which has running instances. The image must be manager-built. -
Click the
Rebuild
button located under theBuild Status
section and wait for the build to finish. -
Notice the change in the
Runtime
icon and title, reflecting the fact that now the instances are running a previous build of the image.
Role Based Access Control Permissions and Certificate Data
Currently, only kubeconfig files containing all embedded certificate data may be used with SUSE Manager |
The API calls from SUSE Manager are:
-
GET /api/v1/pods
-
GET /api/v1/nodes
According to this list, the minimum recommended permissions for SUSE Manager should be as follows:
-
A ClusterRole to list all the nodes:
resources: ["nodes"] verbs: ["list"]
-
A ClusterRole to list pods in all namespaces (role binding must not restrict the namespace):
resources: ["pods"] verbs: ["list"]
Due to a a 403 response from /pods, the entire cluster will be ignored by SUSE Manager.
For more information on working with RBAC Authorization see: https://kubernetes.io/docs/admin/authorization/rbac/