deploy kubeturbo without access to the node

[songbinliu]

In some scenarios, we are not able to access the nodes directly, for example, we can only deploy kubeturbo through the Openshift Web UI. There will be two problems:

Problem1: not able to place the configuration files In current deploy guides, we have to ssh into a node, and place on that nodes with two files:

• kubeconfig : to access the kubernetes API;
• turbo.config: to access Turbo server;

Problem2: not able to label the node

[songbinliu]

One solution is to use configMap.

1. Get rid of kubeconfig : for kubernetes 1.6+ and Openshift 3.6+, Kubeconfig is not necessary;

2. Put turbo.config into configMap:

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: turbo-conf
  namespace: default
data:
    turbo.conf: | 
        {"communicationConfig":{"serverMeta":{"version":"6.0.0","turboServer":"https://1.2.3.4"},"restAPIConfig":{"opsManagerUserName":"administrator","opsManagerPassword":"pass"}},"targetConfig":{"probeCategory":"CloudNative","targetType":"Kubernetes","address":"https://openshift.3.7.cluster","username":"kube.user","password":"kube.passwd"} }
---        
apiVersion: v1
kind: Pod
metadata:
  name: kubeturbo
spec:
  containers:
  - name: kubeturbo
    image: vmturbo/kubeturbo:6.0
    args:
      - --turboconfig=/etc/kubeturbo/turbo.conf
      - --v=3
    volumeMounts:
    - name: vmt-config
      mountPath: /etc/kubeturbo
      readOnly: true
  volumes:
  - name: vmt-config
    configMap:
      name: turbo-conf

[songbinliu]

If we want to deploy it with Secret instead of Configmap, we have to encode the content with base64, and add the base64 string to the secret.

0. encode the content. For example, if the JSON content is:

 {"communicationConfig":{"serverMeta":{"version":"6.0.0","turboServer":"https://1.2.3.4"},"restAPIConfig":{"opsManagerUserName":"administrator","opsManagerPassword":"pass"}},"targetConfig":{"probeCategory":"CloudNative","targetType":"Kubernetes","address":"https://openshift.3.7.cluster","username":"kube.user","password":"kube.passwd"} }

After base64 encoding, we get:

IHsiY29tbXVuaWNhdGlvbkNvbmZpZyI6eyJzZXJ2ZXJNZXRhIjp7InZlcnNpb24iOiI2LjAuMCIsInR1cmJvU2VydmVyIjoiaHR0cHM6Ly8xLjIuMy40In0sInJlc3RBUElDb25maWciOnsib3BzTWFuYWdlclVzZXJOYW1lIjoiYWRtaW5pc3RyYXRvciIsIm9wc01hbmFnZXJQYXNzd29yZCI6InBhc3MifX0sInRhcmdldENvbmZpZyI6eyJwcm9iZUNhdGVnb3J5IjoiQ2xvdWROYXRpdmUiLCJ0YXJnZXRUeXBlIjoiS3ViZXJuZXRlcyIsImFkZHJlc3MiOiJodHRwczovL29wZW5zaGlmdC4zLjcuY2x1c3RlciIsInVzZXJuYW1lIjoia3ViZS51c2VyIiwicGFzc3dvcmQiOiJrdWJlLnBhc3N3ZCJ9IH0NCg==

1. deploy the Secret

apiVersion: v1
kind: Secret
metadata:
  name: turbo-conf
data:
    turbo.conf: IHsiY29tbXVuaWNhdGlvbkNvbmZpZyI6eyJzZXJ2ZXJNZXRhIjp7InZlcnNpb24iOiI2LjAuMCIsInR1cmJvU2VydmVyIjoiaHR0cHM6Ly8xLjIuMy40In0sInJlc3RBUElDb25maWciOnsib3BzTWFuYWdlclVzZXJOYW1lIjoiYWRtaW5pc3RyYXRvciIsIm9wc01hbmFnZXJQYXNzd29yZCI6InBhc3MifX0sInRhcmdldENvbmZpZyI6eyJwcm9iZUNhdGVnb3J5IjoiQ2xvdWROYXRpdmUiLCJ0YXJnZXRUeXBlIjoiS3ViZXJuZXRlcyIsImFkZHJlc3MiOiJodHRwczovL29wZW5zaGlmdC4zLjcuY2x1c3RlciIsInVzZXJuYW1lIjoia3ViZS51c2VyIiwicGFzc3dvcmQiOiJrdWJlLnBhc3N3ZCJ9IH0NCg==

2. deploy the Pod

apiVersion: v1
kind: Pod
metadata:
  name: kubeturbo
  labels:
    name: kubeturbo
spec:
  containers:
  - name: kubeturbo-6
    image: vmturbo/kubeturbo:6.0
    args:
      - --turboconfig=/etc/kubeturbo/turbo.conf
      - --v=3
    volumeMounts:
    - name: vmt-config
      mountPath: /etc/kubeturbo
      readOnly: true
  volumes:
  - name: vmt-config
    secret: 
      secretName: turbo-conf  

[songbinliu]

Anyway, We should expose all the configurations with command line parameters, so that we can deploy kubeturbo even if we cannot create configMap/Secret/file.

[maxwangvmt]

The turbo-conf includes the password to connect to OpsMgr server. So, we should use secret for that.

Also, we don't need to include the target configuration from 6.1. The parameters we need to include is actually only the communicationConfig.

[songbinliu]

It is still easy to decode from base64 encoding string.

Can we also replaced the vmturbo/kubeturbo:6.0 and vmturbo/kubeturbo:60os images with your latest patch, so that we don't need the target configuration section from 6.0.

[maxwangvmt]

I think it's better not changing 6.0. Instead, if we want to include the fix, simply use the image of version 6.0.1.

[songbinliu]

The deploy documentation will be more user friendly if we have the single concise configuration option.

[songbinliu]

https://github.com/turbonomic/kubeturbo/pull/152