Nutritious Pancake Mountain

    gardener-installation
    TypeScript icon, indicating that this package has built-in type declarations

    0.7.0 • Public • Published

    gardener-helm-installation

    Simple Gardener installation only using helm charts

    Prerequisites:

    1. Install node version > 16.0.0
    2. Install Helm v3 https://helm.sh/docs/intro/install/
    3. Install yarn npm i -g yarn
    4. Install the node dependencies yarn install

    Install Gardener

    1. Configure your values.yaml. See Values for more details
    2. Target your host cluster. (set the KUBECONFIG env var)
    3. Run the Gardener installation with npx ts-node index.ts --dryRun=false -f ./values.yaml --level=debug
    4. The Gardener cluster can be accessed using the kubeconfig printed in ./gen/kubeconfig.

    This gardener installer installs Gardener into a host cluster with a virtual apiserver and configures this host cluster as first initial seed. Other configuration like shooted seeds have to be created outside of this project.

    The installer will cache some data in the gen folder. But this folder is just for performance and saving network traffic. So it can be safely removed. This folder is also helpful to debug your configuration as the generated values.yaml for all helm charts are saved here.

    The installer is idempotent and can be run multiple times without chaning the outcome. In the future the installer will also be able to upgrade to newer Gardener versions as they are released. In order to do so, the installer has to maintain some state. This state is stored inside the host kubernetes cluster as secrets in the default namespace: gardener-installer-helm-state, gardener-installer-kube-apply-state, gardener-installer-state. This state includes:

    • etcd certs
    • virtual apiserver certs
    • gardener certs
    • auto generated tokens
      • oidc client secrets
      • gardener dashboard session secret
    • all installed helm charts
    • all installed manifests

    ⚠️ The installer has only been productivly tested with:

    • Host cluster: GKE | but every Kubernetes cluster with a working loadbalancer and storage integration should work.
    • DNS provider: Cloudflare
    • Shoot clusters: Equinix Metal

    Values

    The gardener installer can be configured with a values yaml file. The complete structure is defined in Typescript in ./src/ts/Values.ts

    landscapeName: my-landscape
    
    host: gardener.example.com
    
    dns:
      provider: cloudflare-dns|google-dns|...
      credentials: # dns provider specific credentials
        apiToken: ""
    
    hostCluster:
      provider: gcp|aws|...
      region: europe-west1
      network: # cidr's of the host cluster
        podCIDR: 10.40.0.0/14
        serviceCIDR: 10.44.0.0/20
        nodeCIDR: 10.132.0.0/20
    
    backup: # optional, but host backupbucket has to be manually created
      provider: gcp|aws|...
      storageContainer: ""
      region: europe-west1 # region of the bucket
      credentials:
        serviceaccount.json: ""
    
    gardener:
      initConfig:
        defaultOwner: # optional
          apiGroup: rbac.authorization.k8s.io
          kind: User
          name: adm in@example.com
        defaultMembers: # optional
          - apiGroup: rbac.authorization.k8s.io
            kind: User
            name: some-user@example.com
            role: admin
    
        projects: # optional
        - name: "my-project"
          description: "my first gardener project"
    
        cloudProfiles: # optional
          - name: "my cloudprofile"
            # cloudprofile spec.
            # See the Gardener or provider specific docs for more info: https://github.com/gardener/gardener/blob/master/example/30-cloudprofile.yaml
            spec: ~ 
              
    
    acme:
      email: admin@example.com
    
    # DEX indentity service that is used by the dashboard and Gardener
    identity:
    
      dashboardClientSecret: "" # optional, will be generated
      kubectlClientSecret: "" # optional, will be generated
    
      staticPasswords:
      - email: admin@example.com
        hash: "" # bcrypt hashed password
        username: admin
    
    #   additionalStaticClients: []
    #   additionalSecrets: []
    #   additionalVolumes: []
    #   additionalVolumeMounts: []
    
    #   connectors: []
    
    gardener-dashboard:
      sessionSecret: "" # optional, will be generated
    

    ⚠️ Current restrictions

    • Only cloudflare dns is supported as host dns provider.
      • Support for other provider can be added here ./src/ts/components/DNS.ts. But be ware that the gardener external dns managment as well as the cert-manager have to support the provider.
    • The new DNSRecords are not used as not all dns providers like cloudlfare are supported.
    • The host backup bucket has to be manually setup once and the provided in the values as .backup.container
    • Not all extensions are currently installed. See the Extension values for all default extensions. Others can be added via the values.yaml.

    Known issues

    • If the gardener dashboard is unable to correctly read the cloudprofile (you are unable open the create-shoot dialog, or all versions are shown as outaded), then just add your host seed to the seed selector of your cloudprofile.

    Command Options

    npx ts-node index.ts
    
    --dryRun=false
    -f [./path/to/values]
    --level=[debug|info]
    

    Use as module

    The gardener installer is published as npm nodule and can be used within other node scripts

    npm i gardener-installation
    
    yarn add gardener-installation
    
    import {Landscape, InputValues} from 'gardener-installation/lib';
    
    
    (async () => {
    
      try {
    
        const values: InputValues = {}
    
        await Landscape.deploy({
          values,
          // dryRun: false,
        });
      } catch (error) {
        console.error(error);
        process.exit(1);
      }
    })()

    Keywords

    none

    Install

    npm i gardener-installation

    DownloadsWeekly Downloads

    3

    Version

    0.7.0

    License

    MIT

    Unpacked Size

    623 kB

    Total Files

    365

    Last publish

    Collaborators

    • schrodit