Giter Club home page Giter Club logo

kdk's Introduction

Kubernetes Development Kit (KDK)

Quickstart (TL;DR)

This Quickstart assumes that you have installed all of the dependencies.

The KDK works on many OS's, and may run as a docker container or virtual machine.

  • On Mac and Linux, the preferred route is to run the KDK as a docker image.
  • On Windows, the preferred route is to run the KDK as a Vagrant virtual machine (Hyper-V and Virtualbox are both supported).

Mac and Linux

Docker KDK (preferred for Mac)

curl -sSL https://raw.githubusercontent.com/cisco-sso/kdk/master/files/install | bash
kdk init && kdk ssh

Vagrant KDK

The Vagrant Virtualbox image works on Mac, using the same instructions as the Windows version. The only reason one may choose to use this run method is if support for IPV6 networking is required. Docker for Mac does not support IPV6.

Windows

Vagrant Hyper-V or Virtualbox KDK (preferred for Windows)

git clone [email protected]:cisco-sso/kdk.git # or https://github.com/cisco-sso/kdk.git
cd kdk
# Edit Vagrantfile: You may want to tune memory, network settings, or host-mounted directories.
vagrant up  # Starts the KDK
vagrant ssh -- -A -D 8000  # Connect to the KDK (-A ssh-agent forwarding, -D socks proxy forwarding)
# Use the KDK
vagrant destroy

Docker KDK

Please use Windows10 powershell for installation.

Set-ExecutionPolicy Bypass -Scope Process -Force
iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/cisco-sso/kdk/master/files/install.ps1'))
kdk init ; kdk ssh

NOTE: After installation, Windows CMD prompt will work. The KDK has not been tested with Cygwin, Mingw, or Windows Subsystem for Linux.

Installation Instructions

Detailed installation instructions of the KDK along with all of its dependencies are found here:

Background

Getting your workstation setup to work with Kubernetes clusters may require the install and configuration of quite a few tools. Do it inconsistently among your team, and your automation and workflows may not work properly for everyone. Even if it works on your machine because the latest code you've written requires the latest version of kubectl and a new installation of jq, your teammates Billy on Windows and Jane on Mac are busy filing bugs against your latest PR because they haven't received the memo about updating their toolchains.

We've created the open-source Kubernetes Development Kit (KDK) in order to solve this problem. The KDK is a docker container or a vagrant virtual machine, which may be deployed on Mac, Windows, and Linux. It is a Linux-based environment which has over 30+ tools pre-installed and pre-configured. If your team uses the KDK, then you are guaranteed to have a similar development and operations environment, with the same tools, at the same versions.

A sampling of tools include: docker, kubectl, helm, helmfile, kops, kubetail, docker-compose, terraform, ansible, minio-cli, aws-cli, gcloud, drone-cli, direnv, golang, git, hub, jsonnet, vi/vim, emacs, python 2/3, pipenv, pyenv, jq, zsh, helm-s3, kafkacat, dig, ssh-keygen, dep, gomplate, minikube, neutronclient, openstackclient, supernova, virtualenv, yq, colordiff, nmap, screen, tmux, sshuttle, yadm, and many others.

The KDK may make your life easier if you often:

  • Operate Kubernetes clusters.
  • Deploy Kubernetes clusters to various clouds including AWS and GKE.
  • Develop and deploy Helm Charts.
  • Develop docker containers.

Basic Usage

  1. Create or re-create the config
kdk init
  1. Connect or reconnect to the KDK (will pull and start container if necessary)
kdk ssh
  1. Destroy the KDK
kdk destroy
  1. Update the KDK (binary, config, and container)
kdk update

Saving State between Resetting your KDK Environment

The KDK is meant to be ephemeral. You should be able to kdk destroy && kdk ssh whenever you need to reset your environment. Resetting should be done often, because over time your environment will diverge from original state as you use it.

Here are a few approaches for saving state in between resets.

Customizing your .bash_profile

The KDK default dotfiles includes a default .bash_profile that will search for additional bash profiles in a few pre-defined locations. If files in any of these locations exist, they will be sourced automatically.

  • $HOME/.bash_profile_private
  • $HOME/.config/kdk/.bash_profile_private
  • /keybase/private/<user-keybase-id>/.bash_profile_private
    • If the user has installed Keybase

Thus, one may customize their own private settings by creating any of the files above by host-mounting directories into the KDK when prompted during kdk init. This method may be used to set environment variables as well as create entire dotfiles, such as ~/.aws/credentials and ~/.aws/config. See here for an example.

Mounting Directories Directly into the KDK

Upon KDK init, you will be prompted to mount additional directories from your host system into the KDK system. Typically this is used to mount code directories from the host machine to the KDK, but it can also be used to mount configuration directories.

Here's an example of mounting the ~/.aws directory from an OSX machine to a location within the KDK.

Would you like to mount additional docker host directories into the KDK? [y/n] y
Please enter the docker host source directory (e.g. /Users/<username>/Projects) /Users/mcboats/.aws
INFO[0022] Entered host source directory mount /Users/mcboats/.aws
Please enter the docker container target directory (e.g. /home/<username>/Projects) /home/mcboats/.aws
INFO[0026] Entered container target directory mount /home/mcboats/.aws

SSH-Agent

If you are using OSX, then you may use ssh-agent to automatically forward your SSH keys into the KDK. This will allow you to access SSH resources (such as git cloning from Github) without physically copying your keys into the KDK machine, which lowers security. OSX automatically starts ssh-agent automatically. To load your keys into the agent, add your default keys with ssh-add. From inside of the kdk, you may list which keys you have loaded with ssh-add -l

Customizing your dotfiles

If you have your own yadm dotfiles repository, you may kdk init with the option:

--dotfiles-repo string      KDK Dotfiles Repo (default "https://github.com/cisco-sso/yadm-dotfiles.git")

NOTE: There are many configuration options available in kdk init.See kdk init --help for details

Running Multiple KDK Containers

You might have a need to run multiple KDK containers. The KDK CLI can do that!

  1. Create a new KDK config
  • NOTE: name parameter must be unique (no other container can have this name)
kdk init --name kdk1
  1. Connect to kdk1 container
kdk ssh --name kdk1

kdk's People

Contributors

adamdmharvey avatar dcwangmit01 avatar erikburgess avatar hangxie avatar hangxie-cisco avatar josdotso avatar liggitt avatar marsavela avatar prabdeb avatar raoulbhatia avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

dcwangmit01 raoulbhatia marsavela mpratsch prabdeb josdotso wozniakjan nvichare rustycl0ck erikburgess gherlein mpeters mailmsmanju bopini rtluckie adamdmharvey vigneshwaran082 liggitt aarthi-vanimisetty jagadash19 justnance

kdk's Issues

KDK host-mount filesystem slowness on Mac

We need to bring docker lib to newer version to support cached, ref: https://docs.docker.com/docker-for-mac/osxfs-caching/

Performance test was done with kubernetes repo under golang docker container and go list

for D in $(seq 1 5); do cd /perftest/ && time go list ./... > /dev/null; done 2>&1 | grep real | tail -3

Comparision:

  1. linux does not have much difference:
  • docker run -it --rm -v `pwd`/kubernetes:/perftest golang

real 0m4.099s
real 0m4.101s
real 0m3.981s

  • docker run -it --rm -v `pwd`/kubernetes:/perftest:cached golang

real 0m3.807s
real 0m3.843s
real 0m4.031s

  1. mac: w/ cached is about 3 times faster than w/o cached
  • docker run -it --rm -v `pwd`/kubernetes:/perftest golang

real 2m8.093s
real 2m12.504s
real 2m34.471s

  • docker run -it --rm -v `pwd`/kubernetes:/perftest:cached golang

real 0m40.561s
real 0m41.422s
real 0m41.870s

"kdk update" runtime error when no configuration file is present

Running kdk update without a valid config file results in the following runtime error:
panic: runtime error: invalid memory address or nil pointer dereference.

kdk update                                                                                                                                            
WARN[0000] Failed to load KDK config.                    configFileUsed=/Users/user/.kdk/kdk/config.yaml err="open /Users/user/.kdk/kdk/config.yaml: no such file or directory"
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x90 pc=0x15fd04a]

goroutine 1 [running]:
github.com/cisco-sso/kdk/pkg/kdk.needsUpdateConfig(...)
	/home/travis/gopath/src/github.com/cisco-sso/kdk/pkg/kdk/update.go:81
github.com/cisco-sso/kdk/pkg/kdk.Update(0x1df1880)
	/home/travis/gopath/src/github.com/cisco-sso/kdk/pkg/kdk/update.go:94 +0x95a
github.com/cisco-sso/kdk/cmd/kdk.glob..func11(0x1de3de0, 0x1e0e5b8, 0x0, 0x0)
	/home/travis/gopath/src/github.com/cisco-sso/kdk/cmd/kdk/update.go:27 +0x2d
github.com/spf13/cobra.(*Command).execute(0x1de3de0, 0x1e0e5b8, 0x0, 0x0, 0x1de3de0, 0x1e0e5b8)
	/home/travis/gopath/pkg/mod/github.com/spf13/[email protected]/command.go:766 +0x2aa
github.com/spf13/cobra.(*Command).ExecuteC(0x1de2880, 0xffffffffffffffff, 0x0, 0xc0004a9e08)
	/home/travis/gopath/pkg/mod/github.com/spf13/[email protected]/command.go:852 +0x2ea
github.com/spf13/cobra.(*Command).Execute(...)
	/home/travis/gopath/pkg/mod/github.com/spf13/[email protected]/command.go:800
github.com/cisco-sso/kdk/cmd/kdk.Execute()
	/home/travis/gopath/src/github.com/cisco-sso/kdk/cmd/kdk/kdk.go:49 +0x42
main.main()
	/home/travis/gopath/src/github.com/cisco-sso/kdk/main.go:20 +0x20

I am getting this problem and not able to setup KDK.

Run the following command to continue once this error has been fixed:
direnv allow
######################### DEPENDENCY ERROR #########################
######################### DEPENDENCY ERROR #########################
You must be registered on keybase.io and added to the team cisco_sso.honjo

Run the following command to continue once this error has been fixed:
direnv allow
######################### DEPENDENCY ERROR #########################
######################### DEPENDENCY ERROR #########################
Failed to find /keybase/team/cisco_sso.honjo/kubeconfig/honjo1-dev.csco.cloud

This error may be benign if the cluster hasn't been created yet

Run the following command to continue once this error has been fixed:
direnv allow

Golang KDK fails to start if it already has stopped before without a destroy

Had to manually remove the stopped container.

$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
$ kdk up
FATA[0000] Failed to create KDK container                command=up error="Error response from daemon: Conflict. The container name \"/kdk\" is already in use by container \"60c11804a8d6e7353e2d5407be026375a93a0c9013b63baa51934781e1cce07c\". You have to remove (or rename) that container to be able to reuse that name."
$ docker ps -a
CONTAINER ID        IMAGE                        COMMAND                  CREATED             STATUS                      PORTS                    NAMES
60c11804a8d6        ciscosso/kdk:debian-latest   "/lib/systemd/systemd"   5 days ago          Exited (255) 23 hours ago   0.0.0.0:2022->2022/tcp   kdk
$ kdk destroy
INFO[0000] No KDK containers found. Nothing to destroy...  command=destroy
$ docker rm -f kdk
kdk
$ kdk up
INFO[0000] Successfully started KDK container            command=up

SSH keys permission error

SSH keys are currently generated as root giving a permission denied on ./kdk ssh.

ssh kdk@localhost -A -p 2022 -i ~/.kdk/ssh/id_rsa -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
Warning: Permanently added '[localhost]:2022' (ECDSA) to the list of known hosts.
Load key "/home/kdk/.kdk/ssh/id_rsa": Permission denied
kdk@localhost's password:

(I've executed the commands as user kdk with uid 1002. uid 1000 is a different user on the same system.)

kdk@rb:~$ ls -aln ./.kdk/ssh/
total 16
drwxr-xr-x 2 1002 1002 4096 Jun 29 12:12 .
drwxr-xr-x 3 1002 1002 4096 Jun 29 12:12 ..
-rw------- 1    0    0 3247 Jun 29 12:12 id_rsa
-rw------- 1 1000 1000  743 Jun 29 12:12 id_rsa.pub

Implement `kdk cp`

  • Use scp to copy files to/from host and a kdk container.
  • Should support naming one of multiple kdk containers.

Improve first run of "kdk init" for new users

When doing a fresh install on MacOS 10.15.4, $HOME/.kdk/ does not exist.

The first run of kdk init is therefore generating warnings that are confusing to new users, specifically [...] "open /Users/user/.kdk/kdk/config.yaml: no such file or directory".

Additional information and/or clarification that this error is OK in such a case would improve the user experience.

Thanks,
Raoul

Full output of kdk init:

$ kdk init                                                                                                                                              
WARN[0000] Failed to load KDK config.                    configFileUsed=/Users/user/.kdk/kdk/config.yaml err="open /Users/user/.kdk/kdk/config.yaml: no such file or directory"
WARN[0000] Failed to add keybase mount:Failed to detect potential keybase filesystem mounts
Would you like to mount additional docker host directories into the KDK? [y/n] n
Would you like to enable SOCKS proxy? [y/n] n
INFO[0103] Set SOCKS port 8000
WARN[0103] KDK config does not exist
INFO[0103] Creating KDK config
WARN[0103] KDK ssh key pair not found.
INFO[0103] Generating ssh key pair...
INFO[0105] Successfully generated ssh key pair.
INFO[0105] KDK config written to /Users/user/.kdk/kdk/config.yaml. Modify this file to suit your needs.

Apple Silicon ARM64 support

Currently, the installation does not work with Macs with M1 chips.
I tried bypassing the installation.sh script and installed the amd64 version and was getting the following error with kdk ssh

kex_exchange_identification: Connection closed by remote host
Connection closed by ::1 port 59033
FATA[0011] Failed to ssh to KDK container.               error="exit status 255"

Also attempted to build the Docker Image locally, but was getting various errors within provision.sh due to outdated Go, and the Go packages.

Thanks

KDK contianer is not starting after upgrade to 1.8

Hi Team,

I upgraded the KDK from 1.6.1 to 1.8.0 yesterday. Now the KDK container is not getting started. Getting the below error.

$ kdk ssh -d
time="2019-03-19T09:30:49+05:30" level=warning msg="Upgrade Available\n***************************************\nSome KDK components are out of date.\n Latest Version: 1.9.0\n Binary Version: 1.8.0\n Image Tag: 1.8.0\n Container Present at Config Version: false\n\nPlease upgrade the KDK with the commands:\n kdk update\n kdk destroy\n kdk ssh\n***************************************"
time="2019-03-19T09:30:49+05:30" level=info msg="Connecting to KDK container"
time="2019-03-19T09:30:49+05:30" level=info msg="KDK is not currently running. Starting..."
time="2019-03-19T09:30:49+05:30" level=debug msg="Not pulling already present KDK Image" tag=1.8.0
time="2019-03-19T09:30:49+05:30" level=info msg="Keybase mirror already started"
time="2019-03-19T09:30:50+05:30" level=fatal msg="Failed to create KDK container" error="Error response from daemon: invalid mount config for type "bind": bind source path does not exist: /host_mnt/c/Users/soupradh/.kdk/ssh/id_rsa.pub"

Not sure where it is taking the /host_mnt/.

I have updated to 1.9.0, but also getting the same error.

Thanks,
Soubhayga

Fix CI

We need to get fully automated CI sorted out. The manual pushing of the docker containers is a serious PITA.

I would advocate moving from travis to circleci.

Upgrade Executor to work around Python 3.7 incompatibility

KDK doesn't work when using Python 3.7 i.e. via MacOS Homebew and Executor 20.0 due to asyncbeing a reserved keyword in Python 3.7 [1].

Traceback (most recent call last):
  File "./kdk", line 12, in <module>
    from executor import execute
  File "/Users/raobhati/Dev/kdk/.venv/lib/python3.7/site-packages/executor/__init__.py", line 199
    if command.async:
                   ^
SyntaxError: invalid syntax

See Python 3.7 reserved word: async #9

[1] https://docs.python.org/3.7/reference/lexical_analysis.html?highlight=reserved%20word#keywords

Add cfssl tool 

go get -u github.com/cloudflare/cfssl/cmd/cfssljson
go get -u github.com/cloudflare/cfssl/cmd/cfssl

Dockerfile for running awake based chart update

Is it a good idea to have a Dockerfile that can help to update chart repo (cisco-sso/charts)?

Mainly the Dockerfile will have awake, helm, kubectl, ansible installed.

Current KDK Dockerfile might be little big for that!

I have tried to build it, size is coming close to 300MB.

Add jwt-cli

https://github.com/mike-engel/jwt-cli

Example usage:

foo get token | jwt decode -

Token header
------------
{
  "typ": "JWT",
  "alg": "HS256"
}

Token claims
------------
{
  "aud": "api",
  "exp": 0,
  "https://example.org": {},
  "iat": 1582668632,
  "id": "b74647fd-cecd-5a7e-b672-5f00a1163eaf",
  "iss": "api",
  "role": "boss"
}

kdk up fails because of incompatable Dokan library

kdk up fails on Windows because keybase requires Dokan 1.2.0 and the kdk expects 1.1.0. Downgrading Dokan to 1.1.0 causes keybase filesystem integration to be disabled.

The system cannot find the file C:\Program Files\Dokan\Dokan Library-1.1.0\sample\mirror\mirror.exe.
"Unrecognized parameter start. You must pass either start or stop"
INFO[0019] An exited KDK container exists

Keybase Client: 2.11.0-20181203203419+ec71fb1ab3

Add go-task

https://github.com/go-task/task/releases

To demonstrate this tool works, here is very basic example Taskfile.yml:

version: "2"

tasks:

  default:
    cmds:
      - task: install

  install:
    desc: Install to Kubernetes.
    deps:
      - tiller
      - nginx-ingress
      - consul

  tiller:
    desc: Install Helm Tiller.
    cmds:
      - helm init --wait

  nginx-ingress:
    desc: Install Helm Chart for Nginx Ingress.
    cmds:
      - helm upgrade --install --recreate-pods
          --namespace nginx-ingress
          --values nginx-ingress/values.yaml
          nginx-ingress stable/nginx-ingress

  consul:
    desc: Install Helm Chart for Consul.
    cmds:
      - helm upgrade --install --recreate-pods
          --namespace consul
          --values consul/values.yaml
          consul stable/consul

Allow common parameters to kdk to be passed as a string or from a file

I destroy and recreate kdk containers quite often. It would be nice if we could allow the users to pass in the configuration as a string or from a file and avoid the interactive prompts alltogether.

something like this...

kdk init --config '{"Name": "kdk0", "DotfilesRepo": "https://github.com/rtluckie/work-dotfiles.git", "Shell": "/usr/local/bin/zsh", "KeybaseMount": true, "ExtraMounts": [{"Source": "/User/jdoe/projects", "Target": "/home/jdoe/projects"}, {"Source": "/User/jdoe/docs", "Target": "/home/jdoe/docs"}], "socks": {"enable": true, "port": 8000}}'
kdk init --config-from-file my-kdk-config.yaml
# my-kdk-config.yaml
Name: kdk0
DotfilesRepo: https://github.com/rtluckie/work-dotfiles.git
Dhell: "/usr/local/bin/zsh"
DeybaseMount: true
ExtraMounts:
- Source: "/User/jdoe/projects"
  Target: "/home/jdoe/projects"
- Source: "/User/jdoe/docs"
  Target: "/home/jdoe/docs"
Socks:
  enable: true
  port: 8000

We also may want to consider enabling the user to override elements of ContainerConfig or HostConfig, but that would take some more thought.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.