You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by dg...@apache.org on 2019/07/10 14:37:24 UTC

[incubator-openwhisk-deploy-kube] branch master updated: sketch out some instructions for DIY clusters (#488)

This is an automated email from the ASF dual-hosted git repository.

dgrove pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-deploy-kube.git


The following commit(s) were added to refs/heads/master by this push:
     new c839b64  sketch out some instructions for DIY clusters (#488)
c839b64 is described below

commit c839b641f027255d15b454b40f4601b4dfa1d07d
Author: David Grove <dg...@users.noreply.github.com>
AuthorDate: Wed Jul 10 10:37:18 2019 -0400

    sketch out some instructions for DIY clusters (#488)
---
 README.md                  | 15 +++++++++
 docs/k8s-diy.md            | 76 ++++++++++++++++++++++++++++++++++++++++++++++
 helm/openwhisk/values.yaml |  5 ++-
 3 files changed, 95 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 16a9cdd..c95af2b 100644
--- a/README.md
+++ b/README.md
@@ -111,6 +111,21 @@ major cloud providers:
 
 We would welcome contributions of documentation for Azure (AKS) and any other public cloud providers.
 
+### Using a Kubernetes cluster you built yourself
+
+If you are comfortable with building your own Kubernetes clusters and
+deploying services with ingresses to them, you should also
+be able to deploy OpenWhisk to a do-it-yourself cluster. Make sure
+your cluster meets the [technical
+requirements](docs/k8s-technical-requirements.md).  You will need at
+least 1 worker node with 4GB of memory and 2 virtual CPUs to deploy
+the default configuration of OpenWhisk.  You can deploy to
+significantly larger clusters by scaling up the replica count of the
+various components and labeling multiple nodes as invoker nodes.
+There are some additional notes [here](docs/k8s-diy.md).
+
+We would welcome contributions of more detailed DIY instructions.
+
 ## Helm
 
 [Helm](https://github.com/kubernetes/helm) is a tool to simplify the
diff --git a/docs/k8s-diy.md b/docs/k8s-diy.md
new file mode 100644
index 0000000..b58e948
--- /dev/null
+++ b/docs/k8s-diy.md
@@ -0,0 +1,76 @@
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+# Deploying OpenWhisk on "build-it-yourself" Kubernetes clusters
+
+## Overview
+
+This document is an attempt to summarize configuration choices to make
+when deploying OpenWhisk on a Kubernetes cluster you have built
+yourself (ie, not on a public cloud managed Kubernetes service).
+
+First, make sure your cluster is compatible with the
+[technical requirements](k8s-technical-requirements.md).
+
+### Configuring OpenWhisk
+
+#### NodePort Ingress
+
+The simplest type of ingress to configure for OpenWhisk is a NodePort ingress.
+
+Add the following to your `mycluster.yaml`, substituting a real IP address
+for YOUR_WORKERS_PUBLIC_IP_ADDR:
+```yaml
+whisk:
+  ingress:
+    type: NodePort
+    apiHostName: YOUR_WORKERS_PUBLIC_IP_ADDR
+    apiHostPort: 31001
+
+nginx:
+  httpsNodePort: 31001
+```
+
+### Using an ingress controller
+
+Properly configuring TLS can be challenging, but if you know how to get TLS
+to work with your ingress controller for other services on your cluster,
+you can probably get it to work for OpenWhisk as well.
+You will need something like the following in your `mycluster.yaml`.
+```yaml
+whisk:
+  ingress:
+    apiHostName: <domain>
+    apiHostPort: 443
+    apiHostProto: https
+    type: Standard
+    domain: <domain>
+    tls:
+      enabled: true
+      <YOU WILL NEED SOME MORE KEY VALUE PAIRS HERE>
+    annotations:
+      <LIST ANNOTATIONS YOU NEED FOR YOUR INGRESS>
+```
+You can see how these values are used and what other values you might
+need by inspecting
+[frontdoor-ingress.yaml](../helm/openwhisk/templates/frontdoor-ingress.yaml)
+and
+[frontdoor-secrets.yaml](../helm/openwhisk/templates/frontdoor-secrets.yaml).
+
+
diff --git a/helm/openwhisk/values.yaml b/helm/openwhisk/values.yaml
index fe4ec68..090aeb4 100644
--- a/helm/openwhisk/values.yaml
+++ b/helm/openwhisk/values.yaml
@@ -30,6 +30,7 @@
 #   docs/k8s-ibm-private.md
 #   docs/k8s-google.md
 #   docs/k8s-minikube.md
+#   docs/k8s-diy.md (for do-it-yourself clusters).
 #
 # Production deployments _MUST_ override the default credentials
 # that are used in whisk.auth and db.auth.
@@ -45,7 +46,9 @@
 # Overall configuration of OpenWhisk deployment
 whisk:
   # Ingress defines how to access OpenWhisk from outside the Kubernetes cluster.
-  # See docs/ingress.md for a discussion of how to provide these values.
+  # Only a subset of the values are actually used on any specific type of cluster.
+  # See the "Configuring OpenWhisk section" of the docs/k8s-*.md that matches
+  # your cluster type for details on what values to provide and how to get them.
   ingress:
     apiHostName: ""
     apiHostPort: 31001