Add the doc for install knative on IBMCloudPrivate #618
Conversation
knative-prow-robot
added
the
size/L
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: zxDiscovery If they are not already assigned, you can assign the PR to them by writing The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
knative-prow-robot
added
the
needs-ok-to-test
install/Knative-with-ICP.md
Outdated
|
|
||
| This guide walks you through the installation of the latest version of | ||
| [Knative Serving](https://github.com/knative/serving) using pre-built images and | ||
| demonstrates creating and deploying an image of a sample "hello world" app onto |
There was a problem hiding this comment.
s/"hello world"/hello world
install/Knative-with-ICP.md
Outdated
|
|
||
| ## Before you begin | ||
|
|
||
| Knative requires a [IBM Cloud Private](https://www.ibm.com/cloud/private) cluster v2.1.0.3 or newer. The install step you can find on the IBM Knowledge Center, [Installing IBM Cloud Private Cloud Native, Enterprise, and Community editions](https://www-03preprod.ibm.com/support/knowledgecenter/SSBS6K_3.1.1/installing/install_containers.html) |
There was a problem hiding this comment.
www-03preprod.ibm.com cannot be accessed externally, please use a released link.
install/Knative-with-ICP.md
Outdated
| | kubectl apply --filename - | ||
| ``` | ||
|
|
||
| Put the namespaces ``knative-serving``, ``knative-build``, ``knative-monitoring`` and ``knative-eventing`` into pod security policy ``ibm-privileged-psp`` as follows. |
There was a problem hiding this comment.
one ` is enough.
s/knative-serving/knative-serving
install/Knative-with-ICP.md
Outdated
|
|
||
| Create a cluster role for the pod security policy resource. The resourceNames for this role must be the name of the pod security policy that was created previous. Here we use ``ibm-privileged-psp``. | ||
| Create a YAML file for the cluster role. | ||
| ``` |
There was a problem hiding this comment.
I'd like you use following command:
cat <<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: knative-role
rules:
- apiGroups:
- extensions
resourceNames:
- ibm-privileged-psp
resources:
- podsecuritypolicies
verbs:
- use
EOF
There was a problem hiding this comment.
@averikitsch @samodell this is the most popular way for some document related with Kubernetes command, like Istio, federation etc, please refer to https://istio.io/docs/tasks/traffic-management/circuit-breaking/#configuring-the-circuit-breaker for an example. ;-)
install/Knative-with-ICP.md
Outdated
|
|
||
| Set up cluster role binding for the service account in knative namespace. By using this role binding, you can set the service accounts in the namespace to use the pod security policy that you created. | ||
| ``` | ||
| vim knative-clusterrolebinding.yaml |
install/Knative-with-ICP.md
Outdated
|
|
||
| Delete the Knative on [IBM Cloud Private](https://www.ibm.com/cloud/private): | ||
|
|
||
| ``` |
install/Knative-with-ICP.md
Outdated
| | sed 's/LoadBalancer/NodePort/' \ | ||
| | kubectl apply --filename - | ||
| ``` | ||
| > Note: If the `image-security-enforcement` enabled when you install [IBM Cloud Private](https://www.ibm.com/cloud/private). You need to update the [image security policy](https://www.ibm.com/support/knowledgecenter/SSBS6K_3.1.1/manage_images/image_security.html). |
There was a problem hiding this comment.
I want to see more detail for how to update image-security-enforcement based on knative image location.
There was a problem hiding this comment.
The document here should also be 2.1.0.3
install/Knative-with-ICP.md
Outdated
| Create a cluster role for the pod security policy resource. The resourceNames for this role must be the name of the pod security policy that was created previous. Here we use ``ibm-privileged-psp``. | ||
| Create a YAML file for the cluster role. | ||
| ```shell | ||
| cat <<EOF | kubectl apply -f - |
There was a problem hiding this comment.
Kill the blank space in front of this.
install/Knative-with-ICP.md
Outdated
| Set up cluster role binding for the service account in knative namespace. By using this role binding, you can set the service accounts in the namespace to use the pod security policy that you created. | ||
| ```shell | ||
| cat <<EOF | kubectl apply -f - |
There was a problem hiding this comment.
Kill the blank space in front of this section.
install/Knative-with-ICP.md
Outdated
|
|
||
| ## Before you begin | ||
|
|
||
| Knative requires a [IBM Cloud Private](https://www.ibm.com/cloud/private) cluster v2.1.0.3 or newer. The install step you can find on the IBM Knowledge Center, [Installing IBM Cloud Private Cloud Native, Enterprise, and Community editions](https://www.ibm.com/support/knowledgecenter/SSBS6K_3.1.1/installing/install_containers.html) |
There was a problem hiding this comment.
You are mentioning cluster v2.1.0.3, but here you are using 3.1.1 document, so here I'd like you mention this example is using 3.1.1 as example.
install/Knative-with-ICP.md
Outdated
| | sed 's/LoadBalancer/NodePort/' \ | ||
| | kubectl apply --filename - | ||
| ``` | ||
| > Note: If the `image-security-enforcement` enabled when you install [IBM Cloud Private](https://www.ibm.com/cloud/private). You need to update the [image security policy](https://www.ibm.com/support/knowledgecenter/SSBS6K_3.1.1/manage_images/image_security.html). |
There was a problem hiding this comment.
The document here should also be 2.1.0.3
install/Knative-with-ICP.md
Outdated
|
|
||
| ## Before you begin | ||
|
|
||
| Knative requires a [IBM Cloud Private](https://www.ibm.com/cloud/private) cluster v2.1.0.3 or newer. The install step you can find on the IBM Knowledge Center, [Installing IBM Cloud Private Cloud Native, Enterprise, and Community editions](https://www.ibm.com/support/knowledgecenter/SSBS6K_3.1.1/installing/install_containers.html) |
There was a problem hiding this comment.
Why request cluster v2.1.0.3 or newer?
knative-prow-robot
requested review from
RichieEscarez,
averikitsch and
samodell
|
@zxDiscovery please rebase as there are some conflict with master. Also please run |
|
I think that Matt will be re-running prettier or a regular basis as well to
avoid everyone needing to install those tools.
…On Tue, Dec 4, 2018 at 7:24 AM Guang Ya Liu ***@***.***> wrote:
@zxDiscovery <https://github.com/zxDiscovery> please rebase as there are
some conflict with master.
Also please run prettier --write <your filename> to format your markdown
file as we have just merged the PR for whole docs repo at #620
<#620>
—
You are receiving this because your review was requested.
Reply to this email directly, view it on GitHub
<#618 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AHlyN7Jfb4A4rnjOvs8X7yh6Rt89YG9kks5u1pOagaJpZM4Y994X>
.
--
Evan Anderson <argent@google.com>
|
install/Knative-with-ICP.md
Outdated
|
|
||
| Then edit the image security policy. | ||
| ``` | ||
| # kubectl edit clusterimagepolicies ibmcloud-default-cluster-image-policy |
There was a problem hiding this comment.
Remove "#" from all commands.
install/Knative-with-ICP.md
Outdated
| You can use the following command to look up the value to use for the {IP_ADDRESS} placeholder | ||
| used in the samples: | ||
| ```shell | ||
| echo $(ICP cluster ip):$(kubectl get svc knative-ingressgateway --namespace istio-system --output 'jsonpath={.spec.ports[?(@.port==80)].nodePort}') |
There was a problem hiding this comment.
Can you break this into two lines for readability?
|
@zxDiscovery after you resolved the comments for the reviewer, please also ack, such as adding |
install/Knative-with-ICP.md
Outdated
|
|
||
| ## Cleaning up | ||
|
|
||
| Delete the Knative on [IBM Cloud Private](https://www.ibm.com/cloud/private): |
There was a problem hiding this comment.
| Delete the Knative on [IBM Cloud Private](https://www.ibm.com/cloud/private): | |
| Delete the cluster on [IBM Cloud Private](https://www.ibm.com/cloud/private): |
install/README.md
Outdated
| * [Knative Install on OpenShift](Knative-with-OpenShift.md) | ||
| * [Knative Install on Minishift](Knative-with-Minishift.md) | ||
| * [Knative Install on Pivotal Container Service](Knative-with-PKS.md) | ||
| * [Knative Install on IBM Cloud Private](Knative-with-ICP.md) |
There was a problem hiding this comment.
This list is in alphabetical order; please insert after IBM Cloud Kubernetes Service.
install/Knative-with-ICP.md
Outdated
|
|
||
| ## Before you begin | ||
|
|
||
| Knative requires an [IBM Cloud Private](https://www.ibm.com/cloud/private) cluster v3.1.1. The install step you can find on the IBM Knowledge Center, [Installing IBM Cloud Private Cloud Native, Enterprise, and Community editions](https://www.ibm.com/support/knowledgecenter/SSBS6K_3.1.1/installing/install_containers.html) |
There was a problem hiding this comment.
"The install step you can find on the IBM Knowledge Center, Installing IBM Cloud Private Cloud Native, Enterprise, and Community editions"
change to:
"See Installing IBM Cloud Private Cloud Native, Enterprise, and Community editions in the IBM Knowledge Center for install instructions."
|
@zxDiscovery Some actions need to take:
|
|
/ok-to-test |
knative-prow-robot
removed
the
needs-ok-to-test
|
/retest |
Signed-off-by: GuessWhoSamFoo <sfoohei@gmail.com>
Change the image name to match the instructions in README.
|
@zxDiscovery please squash your commits to one commit, you can ask @clyang82 for how to squash commits. |
Produced via: `prettier --write --prose-wrap=always $(find -name '*.md' | grep -v vendor | grep -v .github)`
* Add Docker for Mac setup instructions. * Fix prose and typos. * Add Docker for Mac link to global README.
|
So there's good news and bad news. 👍 The good news is that everyone that needs to sign a CLA (the pull request submitter and all commit authors) have done so. Everything is all good there. 😕 The bad news is that it appears that one or more commits were authored or co-authored by someone other than the pull request submitter. We need to confirm that all authors are ok with their commits being contributed to this project. Please have them confirm that here in the pull request. Note to project maintainer: This is a terminal state, meaning the |
|
The local git repository has some problem, I create a new PR to replace the current PR. See #660 |
11 participants
Fixes #557
Proposed Changes