- go
- docker
Install Kind
go install sigs.k8s.io/[email protected]
Run a local Kind cluster
kind create cluster --config .kind/kind-config.yaml
Install Helm
go install helm.sh/helm/v3/cmd/[email protected]
Install the Emissary components and CRDs
kubectl apply -f .emissary/crds.yaml
Here you should wait 1 or 2 minutes ⏳
Install the emissary helm chart
helm install emissary-ingress -f .emissary/helm/values.yaml -n emissary-system .emissary/helm
Generate a self-signed certificat and create the secrets
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -subj '/CN=ambassador-cert' -nodes
kubectl create secret tls tls-cert --cert=cert.pem --key=key.pem
Apply the Host configuration
kubectl apply -f .emissary/wildcard-host.yaml
Install the demo application
kubectl apply -f ./infra/demo.yaml
Test the configuration
<WORKER_IP> being your kind-worker node ip
export WORKER_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' kind-worker)
curl https://$WORKER_IP/demo/ -ik
Emissary is using the "hostNetwork" in order to access our service. To avoid this setup, you will need a load balancer solution like MetalLB
Remove demo application
kubectl delete -f ./infra/demo.yaml
Install ArgoCD
kubectl create namespace argocd
kubectl apply -n argocd -f .argocd/install.yaml
kubectl apply -n argocd -f .argocd/ingress.yaml
Retrieve initial admin password
kubectl -n argocd get secret argocd-initial-admin-secret --template={{.data.password}} | base64 -D; echo
Browse the UI at https://<WORKER_IP>/argocd and connect with the admin user and the password you just retrieved
optional
Install new relic
helm repo add newrelic https://helm-charts.newrelic.com
helm repo update
kubectl create namespace newrelic
helm install newrelic-bundle -f .newrelic/helm/values.yaml -n newrelic .newrelic/helm --set global.licenseKey=xxx