Warning
-
You need Kubernetes version 1.24 or above to make sure that all the components are working.
-
Make sure that you have the latest version of helm installed described here
-
This chart requires 2400 milicores of CPU and 4Gi of memory. Therefore, we recommend at least 4 CPUs and 8 GBs of memory in the cluster. If you plan to have more services (e.g. PostgreSQL database or RabbitMQ queue), then you will need more resources.
If you need to access to the services running on Kubernetes, you need to run kubectl port-forward
command.
Example:
# you can access to the database from `localhost:27017` after running this:
kubectl port-forward mongodb-0 27017:27017 -n <NAMESPACE>
Similar can be done for redis, rabbitmq, and other services:
Warning
Below commands run on the default namespace, if you installed the chart to other namespace, then you should add -n <NAMESPACE>
# http://localhost:9001
kubectl port-forward svc/minio-storage-console 9001:9001
# username:
kubectl get secret minio-credentials -o jsonpath='{.data.rootUser}' | base64 -d
# password:
kubectl get secret minio-credentials -o jsonpath='{.data.rootPassword}' | base64 -d
# http://localhost:15672
kubectl port-forward svc/rabbitmq 15672:15672
# username
kubectl get secret rabbitmq-default-user -o jsonpath='{.data.username}' | base64 -d
# password
kubectl get secret rabbitmq-default-user -o jsonpath='{.data.password}' | base64 -d
# http://localhost:5000
kubectl port-forward svc/local-registry 5000:5000
# http://localhost:9097/#/taskruns
kubectl port-forward svc/tekton-dashboard -n tekton-pipelines 9097:9097
More information can be found here
If you would like to create a wildcard certificate for your domain with cert-manager
and let's encrypt
, then you need to use DNS-01
challange. This requires credentials to access your DNS provider.
More information with some examples can be found on cert-manager documentation
After you successfully created your Issuer
, then you need to update the ingress objects as given example below:
## example for studio-ingress
## all ingresses need to be updated!
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: studio-ingress
namespace: {{ .Release.Namespace }}
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 500m
nginx.ingress.kubernetes.io/proxy-connect-timeout: '6000'
nginx.ingress.kubernetes.io/proxy-send-timeout: '6000'
nginx.ingress.kubernetes.io/proxy-read-timeout: '6000'
nginx.ingress.kubernetes.io/proxy-next-upstream-timeout: '6000'
nginx.ingress.kubernetes.io/rewrite-target: /$1
# add an annotation indicating the issuer to use.
cert-manager.io/cluster-issuer: nameOfClusterIssuer
spec:
ingressClassName: nginx
tls: # < placing a host in the TLS config will determine what ends up in the cert's subjectAltNames
- hosts:
- example.com
secretName: myingress-cert # < cert-manager will store the created certificate in this secret.
rules:
- host:
http:
paths:
- path: /(.*)
pathType: ImplementationSpecific
backend:
service:
name: studio-clusterip-service
port:
number: 4000