Skip to main content
Version: 0.2.0

Installing the KubeSlice Controller

Introduction

The KubeSlice Controller orchestrates the creation and management of slices on worker clusters. The KubeSlice Controller components and the worker cluster components can coexist on a cluster. Hence, the cluster running the KubeSlice controller can also be used as a worker cluster. We recommend that you run the KubeSlice Controller on a separate cluster.

This topic describes the steps to install the KubeSlice Controller in the cluster.

Prerequisites

Before you begin, ensure the following prerequisites are met:

  • You have set up the environment to install the KubeSlice Controller in the cluster. For more information, see Prerequisites.
  • You have cluster administrator privileges to install the KubeSlice Controller.
  • You have added the helm repository to your local configuration. For more information, see Adding the Helm Repository.

Installing the KubeSlice Controller

Installing the KubeSlice Controller installs the following:

  • KubeSlice Controller specific ClusterResourceDefinitions(CRDs)
  • ClusterRole, ServiceAccount and ClusterRoleBinding for KubeSlice Controller
  • A Role and RoleBinding for KubeSlice Controller Leader Election
  • KubeSlice Controller workload
  • KubeSlice Controller API Gateway

Installing the Certificate Manager

The KubeSlice Controller uses the certificate manager to provision the certificates for the webhook server. The certificate manager uses the Kubernetes API server that is extended using a webhook server for providing dynamic admission control over the certificate manager resources. This implies that the certificate manager benefits from the same behavior as the basic Kubernetes resources.

Switch the context to the controller cluster.

kubectx <cluster name>

Install the cert-manager using the following command:

helm install cert-manager kubeslice/cert-manager --namespace cert-manager  --create-namespace --set installCRDs=true

Expected Output

NAME: cert-manager
LAST DEPLOYED: Tue Apr 26 11:57:31 2022
NAMESPACE: cert-manager
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
cert-manager v1.7.0 has been deployed successfully!

Creating the Values File

The following information is required to create the values.yaml file. The values file will be used to install the KubeSlice Controller in one of the clusters.

Getting the Cluster Endpoint

Use the following command to get the cluster endpoint:

kubectl cluster-info

Example output

Kubernetes control plane is running at https://aks-controller-cluster-dns-06a5f5da.hcp.westus2.azmk8s.io:443
addon-http-application-routing-default-http-backend is running at https://aks-controller-cluster-dns-06a5f5da.hcp.westus2.azmk8s.io:443/api/v1/namespaces/kube-system/services/addon-http-application-routing-default-http-backend/proxy
addon-http-application-routing-nginx-ingress is running at http://40.125.122.238:80 http://40.125.122.238:443
healthmodel-replicaset-service is running at https://aks-controller-cluster-dns-06a5f5da.hcp.westus2.azmk8s.io:443/api/v1/namespaces/kube-system/services/healthmodel-replicaset-service/proxy
CoreDNS is running at https://aks-controller-cluster-dns-06a5f5da.hcp.westus2.azmk8s.io:443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Metrics-server is running at https://aks-controller-cluster-dns-06a5f5da.hcp.westus2.azmk8s.io:443/ap

From the above output, copy the URL for the Kubernetes control plane to add it as the cluster endpoint in the values.yaml file. For example, https://aks-controller-cluster-dns-06a5f5da.hcp.westus2.azmk8s.io:443.

Creating the Values YAML File

info

To understand more about the configuration parameters, see Controller Configuration Parameters

To install the KubeSlice Controller, create the values.yaml file using the following template.

kubeslice:
  controller:
    loglevel: info
    rbacResourcePrefix: kubeslice-rbac
    projectnsPrefix: kubeslice
    endpoint: <end-point of your cluster>

The following is an example of values.yaml with the Azure AKS endpoint set for Azure AKS.

kubeslice:
  controller:
    logLevel: info
    rbacResourcePrefix: kubeslice-rbac
    projectnsPrefix: kubeslice
    endpoint: https://aks-controller-cluster-dns-06a5f5da.hcp.westus2.azmk8s.io:443

Applying the Values File

The following information is required.

ParameterDescription
<cluster name>The name of the cluster.
<values>The name of the values file.

Use the following command to apply the YAML:

helm install kubeslice-controller kubeslice/kubeslice-controller -f <full path of the values>.yaml --namespace kubeslice-controller --create-namespace

Expected Output

NAME: kubeslice-controller
LAST DEPLOYED: Tue May  3 13:12:49 2022
NAMESPACE: kubeslice-controller
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
kubeslice-controller installation successful!

Validating the Installation

Perform these steps to validate the installation on the controller cluster where the KubeSlice Controller is installed:

Validate the installation of the KubeSlice Controller by checking the pods belonging to the kubeslice-controller namespace using the following command:

kubectl get pods -n kubeslice-controller

Expected Output

NAME                                            READY   STATUS      RESTARTS   AGE
kubeslice-controller-manager-768c774c69-5qsct   2/2     Running     0          134m

Creating the Project Namespace

A project may represent an individual customer or an organization or a department within an organization. Each project would have a dedicated auto-generated namespace, which will ensure that the resources of one project do not clash with the resources of another project.

For example, a slice with the same name can exist across multiple projects but with different configurations. Changes to the slice in one project will not affect the slice in another project. For more information, see The KubeSlice Architecture.

Creating the Project YAML File

Create a project by applying the manifest file.After deploying the manifest, the project namespace is created. Create the Project name .yaml file using the following template.

info

To understand more about the configuration parameters, see Project Namespace Configuration Parameters.

apiVersion: controller.kubeslice.io/v1alpha1
kind: Project
metadata:
  name: <project name>
  namespace: kubeslice-controller
spec:
  serviceAccount:
    readOnly:
      - <readonly user1>
      - <readonly user2>
      - <readonly user3>
    readWrite:
      - <readwrite user1>
      - <readwrite user2>
      - <readwrite user3>

Applying the Project YAML File

The following information is required.

ParameterDescription
<project name>The given name of the project YAML file.

Use the following command to apply the YAML file:

kubectl apply -f <full path of the project name>.yaml -n kubeslice-controller

Validation

After applying the manifest file on the project namespace. You can validate if the project and service accounts are created successfully.

Validating the Project

Use the following command on the kubeslice-controller namespace to get the list of the project:

kubectl get project -n kubeslice-controller

For example:

kubectl get project -n kubeslice-controller
NAME     AGE
avesha   30s

Validating the Service Accounts

To validate the account creation, check the service accounts belonging to the project namespace using the following command:

kubectl get sa -n kubeslice-<project name>

For example:

kubectl get sa -n kubeslice-avesha
NAME                              SECRETS   AGE
default                           1         17h
kubeslice-rbac-ro-user1           1         17h
kubeslice-rbac-rw-user2           1         17h
success

You have successfully installed the KubeSlice Controller and created the project with a dedicated namespace.

KubeSlice is a CNCF Sandbox Projectcloud native logo
The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see Trademark Usage.
Kubeslice dark logo
KubeSlice was originally created by Avesha
Links
Terms and ConditionsPrivacy Policy
Follow
@2024 KubeSlice Authors All rights reserved.