Changes

Jump to navigation Jump to search

Initializing the Kubernetes cluster

546 bytes added, 6 years ago
m
Kubernetes and pre-requisites (every node)
<syntaxhighlight lang="bash">
"default-runtime": "nvidia",
"default-shm-size": "1g",
"runtimes": {
"nvidia": {
The daemonset should be active on any node with an nVidia GPU.
== Authentication systems ==
The master node should now login to the docker registry of the cluster.
</syntaxhighlight>
Also, we need to provide the read-only secret for the docker registry in every namespace.
TODO: howto.
=== DEX with LDAP ===
TODO: outdatedFinally, switched we need to containerized DEX. Check what still needs to be doneset up all the rules for rbac.
Set <syntaxhighlight lang="bash">> cd rbac# generate namespaces for user groups> ./generate_namespaces.sh# label all compute nodes for which namespace they serve# (after they are up according , needs to [https:be redone when new nodes are added)> .//githublabel_nodes.sh# set up access rights for namespaces> kubectl apply -f rbac.com/krishnapmv/k8syaml# set up rights for which namespaces can access which compute node> kubectl apply -ldap this tutorial]f node_to_groups.yamlwith customized install scripts in kubernetes/init/dex</syntaxhighlight> == Persistent volumes == === Local persistent volumes ===
# Create secrets for TLS connections, use certs Check directory local_storage:* clone the git repository for ccuthe provisioner using clone_provisioner.uni-konstanzsh (delete first if already here).de## Modify ca-cm* install helm: install_helm.sh, get_helm.yml to contain correct cash.## Run upload_ccu_tlsDo NOT run helm init (unsafe and soon obsolete).sh# Spin * set up login application serviceand run provisioner: <syntaxhighlight lang="bash">> cd install> generate_config.sh## Modify loginapp> kubectl apply -cmf install_storageclass.yml: server configyaml## Modify loginapp-ing> kubectl apply -srvf install_service.yml: service data, mapping of ports to outside worldyaml## Modify loginapp> kubectl apply -deployf provisioner_generated.yml: ID secret for TLSyaml</syntaxhighlight>## Run start-login-service.sh# Spin After local persistent volumes on the nodes have been generated in /mnt/kubernetes, they should show up dexunder## Modify dex-cm.yml: server data and LDAP configuration## Modify dex-ing-srv.yml: service data, mapping of ports to outside world<syntaxhighlight lang="bash">## Modify dex-deploy.yml: ID secret for TLS> kubectl get pv## Run start-dex-service.sh</syntaxhighlight>
Retrieved from "https://ccu.uni-konstanz.de:443/wiki/Special:MobileDiff/465...520"

Navigation menu