You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by dg...@apache.org on 2019/07/10 14:37:24 UTC
[incubator-openwhisk-deploy-kube] branch master updated: sketch out
some instructions for DIY clusters (#488)
This is an automated email from the ASF dual-hosted git repository.
dgrove pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-deploy-kube.git
The following commit(s) were added to refs/heads/master by this push:
new c839b64 sketch out some instructions for DIY clusters (#488)
c839b64 is described below
commit c839b641f027255d15b454b40f4601b4dfa1d07d
Author: David Grove <dg...@users.noreply.github.com>
AuthorDate: Wed Jul 10 10:37:18 2019 -0400
sketch out some instructions for DIY clusters (#488)
---
README.md | 15 +++++++++
docs/k8s-diy.md | 76 ++++++++++++++++++++++++++++++++++++++++++++++
helm/openwhisk/values.yaml | 5 ++-
3 files changed, 95 insertions(+), 1 deletion(-)
diff --git a/README.md b/README.md
index 16a9cdd..c95af2b 100644
--- a/README.md
+++ b/README.md
@@ -111,6 +111,21 @@ major cloud providers:
We would welcome contributions of documentation for Azure (AKS) and any other public cloud providers.
+### Using a Kubernetes cluster you built yourself
+
+If you are comfortable with building your own Kubernetes clusters and
+deploying services with ingresses to them, you should also
+be able to deploy OpenWhisk to a do-it-yourself cluster. Make sure
+your cluster meets the [technical
+requirements](docs/k8s-technical-requirements.md). You will need at
+least 1 worker node with 4GB of memory and 2 virtual CPUs to deploy
+the default configuration of OpenWhisk. You can deploy to
+significantly larger clusters by scaling up the replica count of the
+various components and labeling multiple nodes as invoker nodes.
+There are some additional notes [here](docs/k8s-diy.md).
+
+We would welcome contributions of more detailed DIY instructions.
+
## Helm
[Helm](https://github.com/kubernetes/helm) is a tool to simplify the
diff --git a/docs/k8s-diy.md b/docs/k8s-diy.md
new file mode 100644
index 0000000..b58e948
--- /dev/null
+++ b/docs/k8s-diy.md
@@ -0,0 +1,76 @@
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+# Deploying OpenWhisk on "build-it-yourself" Kubernetes clusters
+
+## Overview
+
+This document is an attempt to summarize configuration choices to make
+when deploying OpenWhisk on a Kubernetes cluster you have built
+yourself (ie, not on a public cloud managed Kubernetes service).
+
+First, make sure your cluster is compatible with the
+[technical requirements](k8s-technical-requirements.md).
+
+### Configuring OpenWhisk
+
+#### NodePort Ingress
+
+The simplest type of ingress to configure for OpenWhisk is a NodePort ingress.
+
+Add the following to your `mycluster.yaml`, substituting a real IP address
+for YOUR_WORKERS_PUBLIC_IP_ADDR:
+```yaml
+whisk:
+ ingress:
+ type: NodePort
+ apiHostName: YOUR_WORKERS_PUBLIC_IP_ADDR
+ apiHostPort: 31001
+
+nginx:
+ httpsNodePort: 31001
+```
+
+### Using an ingress controller
+
+Properly configuring TLS can be challenging, but if you know how to get TLS
+to work with your ingress controller for other services on your cluster,
+you can probably get it to work for OpenWhisk as well.
+You will need something like the following in your `mycluster.yaml`.
+```yaml
+whisk:
+ ingress:
+ apiHostName: <domain>
+ apiHostPort: 443
+ apiHostProto: https
+ type: Standard
+ domain: <domain>
+ tls:
+ enabled: true
+ <YOU WILL NEED SOME MORE KEY VALUE PAIRS HERE>
+ annotations:
+ <LIST ANNOTATIONS YOU NEED FOR YOUR INGRESS>
+```
+You can see how these values are used and what other values you might
+need by inspecting
+[frontdoor-ingress.yaml](../helm/openwhisk/templates/frontdoor-ingress.yaml)
+and
+[frontdoor-secrets.yaml](../helm/openwhisk/templates/frontdoor-secrets.yaml).
+
+
diff --git a/helm/openwhisk/values.yaml b/helm/openwhisk/values.yaml
index fe4ec68..090aeb4 100644
--- a/helm/openwhisk/values.yaml
+++ b/helm/openwhisk/values.yaml
@@ -30,6 +30,7 @@
# docs/k8s-ibm-private.md
# docs/k8s-google.md
# docs/k8s-minikube.md
+# docs/k8s-diy.md (for do-it-yourself clusters).
#
# Production deployments _MUST_ override the default credentials
# that are used in whisk.auth and db.auth.
@@ -45,7 +46,9 @@
# Overall configuration of OpenWhisk deployment
whisk:
# Ingress defines how to access OpenWhisk from outside the Kubernetes cluster.
- # See docs/ingress.md for a discussion of how to provide these values.
+ # Only a subset of the values are actually used on any specific type of cluster.
+ # See the "Configuring OpenWhisk section" of the docs/k8s-*.md that matches
+ # your cluster type for details on what values to provide and how to get them.
ingress:
apiHostName: ""
apiHostPort: 31001