This document explains how to install kind ("kubernetes in docker"), create a kubernetes cluster, and install forklift on that cluster.
We also install kubevirt so that the cluster can be used as a VM migration target.
Only the backend is installed, i.e. operator/controller/validation, without the UI, because it is meant to be the target for running automated tests.
Run the script setup_everything.sh to get kind, create a cluster, install the latest release of forklift + kubevirt and grant cluster-admin role to the kind default user abcdef. It will take a few minutes and output progress info that might look like errors. Please be patient.
See below for the individual steps.
In order to build & install from sources please see BUILD_AND_INSTALL_FORKLIFT_ON_KIND.md.
Run the script install_kind.sh to get kind and create a new cluster. If the script is sourced instead it exports the variable $CLUSTER which can be used as the URL prefix for queries:
$ CLUSTER=`kind get kubeconfig | grep server | cut -d ' ' -f6`
Run the script k8s-deploy-forklift.sh to get the lates release of forklift from github and deploy it to the new cluster. This can take a few minutes.
Run the script k8s-deploy-kubevirt.sh to deploy kubevirt and everything it needs to the new cluster. This can also take a moment.
Run the script k8s-deploy-cert-manager.sh to deploy cert-manager.
Since this is for test clusters only we use the simplest form of "access control". Kind has a default user abcdef. We give this user admin rights and then we use its bearer token to authenticate our API requests with curl. This is totally unsafe and strictly for temporary test clusters!
Run the script grant_permissions.sh to give the default user (abcdef) admin rights so its token can be used to access the API. If You source that script instead then it also stores the token in the variable $TOKEN. You can also set it manually:
$ TOKEN=`kubectl get secrets -n kube-system -o jsonpath='{.items[0].data.token-id}' | base64 -d`.`kubectl get secrets -n kube-system -o jsonpath='{.items[0].data.token-secret}' | base64 -d`
The kind container:
$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
298d058aa24e kindest/node:v1.25.0 "/usr/local/bin/entr…" 12 minutes ago Up 12 minutes 127.0.0.1:36679->6443/tcp kind-control-plane
The running pods should look like this:
$ kubectl get pod -n konveyor-forklift
NAME READY STATUS RESTARTS AGE
cef4e22ed1b3d40ac67fe676ede6173d27cf3fac387c18ee8b65d8442bssfqg 0/1 Completed 0 4m16s
forklift-controller-6857cc454b-j972t 2/2 Running 0 3m
forklift-operator-6b6d55f97f-52k6t 1/1 Running 0 3m58s
forklift-validation-6d46d4b679-cgqmb 1/1 Running 0 2m58s
konveyor-forklift-67rbj 1/1 Running 0 5m29s
Set CLUSTER and TOKEN (see above) and call:
$ curl -k "$CLUSTER/apis/forklift.konveyor.io/v1beta1/namespaces/konveyor-forklift/providers" --header "Authorization: Bearer $TOKEN"
You can also create a port forwarding to the forklift inventory-service (which is not exposed externally, by default):
$ kubectl port-forward -n konveyor-forklift service/forklift-inventory 9090:8080
This allows you to call the service directly, like this:
$ curl "http://localhost:9090/providers" --header "Authorization: Bearer $TOKEN"
Or just use kubectl (which will say "No resources found in konveyor-forklift namespace." until a provider has been created):
$ kubectl get -n konveyor-forklift providers
The Forklift API is described here.