diff --git a/README.md b/README.md index 340a351..8dbb6db 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,10 @@ Workshops included are: automatic creation of a virtual cluster with full admin access to the cluster using `helm` resources. +* [lab-contour-vcluster](workshops/lab-contour-vcluster) - A workshop + demonstrating installation of Contour ingress controller into a virtual + cluster rather than using underlying cluster ingress. + * [lab-shared-vcluster](workshops/lab-shared-vcluster) - A workshop demonstrating creation of a shared virtual cluster for the whole workshop environment, with workshops users getting access to only a single namespace in diff --git a/resources/trainingportal.yaml b/resources/trainingportal.yaml index f0791fd..3a5b0fd 100644 --- a/resources/trainingportal.yaml +++ b/resources/trainingportal.yaml @@ -34,6 +34,11 @@ spec: overtime: 10m deadline: 60m orphaned: 5m + - name: lab-contour-vcluster + expires: 40m + overtime: 10m + deadline: 60m + orphaned: 5m - name: lab-shared-vcluster expires: 40m overtime: 10m diff --git a/workshops/lab-command-vcluster/workshop/config.yaml b/workshops/lab-command-vcluster/workshop/config.yaml deleted file mode 100644 index 1946240..0000000 --- a/workshops/lab-command-vcluster/workshop/config.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# pathways: -# default: workshop -# -# paths: -# workshop: -# title: "Workshop" -# -# steps: -# - 00-workshop-overview -# - 01-workshop-instructions -# - 99-workshop-summary -# -# params: -# - name: NAME -# value: undefined -# aliases: -# - ALIAS - -# modules: -# - name: 00-workshop-overview -# title: Workshop Overview -# - name: 01-workshop-instructions -# title: Workshop Instructions -# - name: 99-workshop-summary -# title: Workshop Summary - -# params: -# - name: NAME -# value: undefined -# aliases: -# - ALIAS diff --git a/workshops/lab-contour-vcluster/README.md b/workshops/lab-contour-vcluster/README.md new file mode 100644 index 0000000..0072df0 --- /dev/null +++ b/workshops/lab-contour-vcluster/README.md @@ -0,0 +1,5 @@ +Contour vcluster +================ + +A workshop demonstrating installation of Contour ingress controller into a +virtual cluster rather than using underlying cluster ingress. diff --git a/workshops/lab-contour-vcluster/resources/workshop.yaml b/workshops/lab-contour-vcluster/resources/workshop.yaml new file mode 100644 index 0000000..9c55c8a --- /dev/null +++ b/workshops/lab-contour-vcluster/resources/workshop.yaml @@ -0,0 +1,222 @@ +--- +apiVersion: training.educates.dev/v1beta1 +kind: Workshop +metadata: + name: "lab-contour-vcluster" +spec: + title: "Test of Contour with a virtual cluster" + description: "Test of installing Contour into a virtual cluster." + publish: + image: $(image_repository)/labs-vcluster-testing/lab-contour-vcluster-files:$(workshop_version) + files: + - directory: + path: workshop + path: workshop + - directory: + path: ../../packages + path: packages + workshop: + files: + - image: + url: $(image_repository)/labs-vcluster-testing/lab-contour-vcluster-files:$(workshop_version) + includePaths: + - workshop/** + session: + namespaces: + budget: x-large + security: + policy: baseline + token: + enabled: false + applications: + terminal: + enabled: true + layout: split + editor: + enabled: true + console: + enabled: true + vendor: octant + octant: + version: latest + vcluster: + enabled: false + volumes: + - name: admin-credentials-config + secret: + secretName: $(session_name)-kubeconfig + volumeMounts: + - name: admin-credentials-config + mountPath: /opt/kubeconfig + objects: + - apiVersion: v1 + kind: Secret + metadata: + name: $(session_name)-contour-vcluster-values + namespace: $(workshop_namespace) + stringData: + values.yaml: | + vcluster: + image: rancher/k3s:v1.25.3-k3s1 + syncer: + extraArgs: + - --tls-san=contour-vcluster.$(session_namespace).svc.$(cluster_domain) + - --out-kube-config-server=https://contour-vcluster.$(session_namespace).svc.$(cluster_domain) + mapServices: + fromVirtual: + - from: projectcontour/contour-envoy + to: contour-envoy + init: + manifests: |- + apiVersion: v1 + kind: Namespace + metadata: + name: projectcontour + --- + # The helmTemplate support in App for kapp-controller appears to + # be buggy and requires namespace the same name as that holding + # the App in the local cluster to exist in the target cluster when + # using kubeconfig. + apiVersion: v1 + kind: Namespace + metadata: + name: $(session_namespace) + - apiVersion: kappctrl.k14s.io/v1alpha1 + kind: App + metadata: + name: $(session_name)-contour-vcluster-package + namespace: $(workshop_namespace) + spec: + serviceAccountName: kapp-installer + syncPeriod: 720h + noopDelete: true + fetch: + - helmChart: + name: vcluster + repository: + url: https://charts.loft.sh + template: + - helmTemplate: + name: contour-vcluster + namespace: $(session_namespace) + valuesFrom: + - secretRef: + name: $(session_name)-contour-vcluster-values + - ytt: + inline: + paths: + overlays.yaml: | + #@ load("@ytt:data", "data") + #@ load("@ytt:overlay", "overlay") + #@overlay/match by=overlay.all, expects="1+" + --- + metadata: + #@overlay/match missing_ok=True + ownerReferences: + - apiVersion: training.educates.dev/v1beta1 + kind: WorkshopSession + blockOwnerDeletion: true + controller: true + name: $(session_name) + uid: $(workshop_session_uid) + deploy: + - kapp: + rawOptions: + - --app-changes-max-to-keep=5 + - apiVersion: v1 + kind: Secret + metadata: + name: contour-values + stringData: + values.yaml: | + envoy: + service: + type: ClusterIP + externalTrafficPolicy: null + useHostPort: false + - apiVersion: kappctrl.k14s.io/v1alpha1 + kind: App + metadata: + name: contour-package + spec: + noopDelete: true + syncPeriod: 24h + cluster: + namespace: default + kubeconfigSecretRef: + name: vc-contour-vcluster + key: config + fetch: + - helmChart: + name: contour + repository: + url: https://charts.bitnami.com/bitnami + template: + - helmTemplate: + name: contour + namespace: projectcontour + valuesFrom: + - secretRef: + name: contour-values + deploy: + - kapp: + rawOptions: + - --app-changes-max-to-keep=5 + - apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + name: contour + annotations: + "nginx.ingress.kubernetes.io/proxy-send-timeout": "3600" + "nginx.ingress.kubernetes.io/proxy-read-timeout": "3600" + "projectcontour.io/websocket-routes": "/" + "projectcontour.io/response-timeout": "3600s" + spec: + rules: + - host: "*.$(session_name).$(ingress_domain)" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: contour-envoy + port: + number: 80 + - apiVersion: secrets.educates.dev/v1beta1 + kind: SecretCopier + metadata: + name: $(session_name)-kubeconfig + spec: + rules: + - sourceSecret: + name: vc-contour-vcluster + namespace: $(session_namespace) + targetNamespaces: + nameSelector: + matchNames: + - $(workshop_namespace) + targetSecret: + name: $(session_name)-kubeconfig + environment: + assets: + files: + - image: + url: $(image_repository)/labs-vcluster-testing/lab-contour-vcluster-files:$(workshop_version) + objects: + - apiVersion: v1 + kind: ServiceAccount + metadata: + name: kapp-installer + - apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: kapp-installer-$(workshop_namespace) + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin + subjects: + - kind: ServiceAccount + name: kapp-installer + namespace: $(workshop_namespace) diff --git a/workshops/lab-contour-vcluster/workshop/content/00-workshop-overview.md b/workshops/lab-contour-vcluster/workshop/content/00-workshop-overview.md new file mode 100644 index 0000000..6bbed1a --- /dev/null +++ b/workshops/lab-contour-vcluster/workshop/content/00-workshop-overview.md @@ -0,0 +1,15 @@ +--- +title: Workshop Overview +--- + +```terminal:execute +command: helm install --set ingress.enabled=true --set ingress.hostname=apache.{{< param session_name >}}.{{< param ingress_domain >}} httpd oci://registry-1.docker.io/bitnamicharts/apache +``` + +```terminal:execute +command: kubectl rollout status deployment/httpd-apache +``` + +```terminal:execute +command: curl http://apache.{{< param session_name >}}.{{< param ingress_domain >}} +``` diff --git a/workshops/lab-contour-vcluster/workshop/content/01-workshop-instructions.md b/workshops/lab-contour-vcluster/workshop/content/01-workshop-instructions.md new file mode 100644 index 0000000..313f51f --- /dev/null +++ b/workshops/lab-contour-vcluster/workshop/content/01-workshop-instructions.md @@ -0,0 +1,5 @@ +--- +title: Workshop Instructions +--- + +This is the first page of the workshop instructions, create as many separate pages as you need to. If necessary pages can be located in sub directories to provided grouping. diff --git a/workshops/lab-contour-vcluster/workshop/content/99-workshop-summary.md b/workshops/lab-contour-vcluster/workshop/content/99-workshop-summary.md new file mode 100644 index 0000000..dfd00c3 --- /dev/null +++ b/workshops/lab-contour-vcluster/workshop/content/99-workshop-summary.md @@ -0,0 +1,5 @@ +--- +title: Workshop Summary +--- + +This is the last page of the workshop. Include in this page a summary of the workshop and any links to resources relevant to the workshop. This ensures anyone doing the workshop has material they can research later to learn more.