Local Setup
The files in config/samples showcase kcp-operator resources but have been crafted to get a kind setup up and running quickly.
Also check out the Quickstart guide for more information on getting a first kcp setup up and running.
Prerequisites
- A local copy of the kcp-operator repository
- kind
To make DNS working from your local machine, it is necessary to create an entry in your /etc/hosts
(or corresponding OS mechanism):
Prepare Environment
First, create a kind cluster if you do not have one yet:
Install cert-manager, it is required to create kcp's PKI:
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.18.2/cert-manager.yaml
Set up two etcd instances, one for the root shard and one for a supplementary shard:
helm install etcd oci://registry-1.docker.io/bitnamicharts/etcd --set auth.rbac.enabled=false --set auth.rbac.create=false
helm install etcd-shard oci://registry-1.docker.io/bitnamicharts/etcd --set auth.rbac.enabled=false --set auth.rbac.create=false
Create a "self-signed" cert-manager issuer:
Run Operator
Now the operator needs to be started. You can either deploy the operator into the cluster to ensure the built container image behaves as intended (e.g. has the necessary RBAC, etc) or -- for rapid development -- run the operator as a binary.
Option 1: Deploy Operator
Build the image:
Load the image into the kind cluster:
Deploy the operator manifests into the cluster:
Option 2: Run Operator Directly
Alternatively, apply the CRDs to the cluster:
Then start the operator via go run
:
Create kcp Instance
Now you can create a root shard:
Create the additional shard:
Create the front-proxy instance:
Finally, let's create a kubeconfig that we can use to access the kcp environment via its front-proxy:
Connect to kcp
Once the kubeconfig above has been reconciled, we can use it to connect to kcp.
First, fetch the created kubeconfig:
kubectl get secret sample-kubeconfig -o jsonpath="{.data.kubeconfig}" | base64 -d > admin.kubeconfig
Create a port-forwarding in a second terminal:
Use the new 'admin.kubeconfig` to connect: