Skip to content

@kyma-bot kyma-bot released this Mar 14, 2019 · 4 commits to release-0.8 since this release

Local Kyma installation

Use the following command to run Kubernetes locally via Minikube:
$ ./installation/scripts/ --domain "kyma.local" --vm-driver "hyperkit"

Kyma installation requires increased permissions granted by the cluster-admin role. To bind the role to the default ServiceAccount, run the following command:
$ kubectl apply -f ./installation/resources/default-sa-rbac-role.yaml

Wait until the coredns Pod is ready. Run this script to setup Tiller:
$ ./installation/scripts/

Deploy Kyma Installer using the local installer file:
$ kubectl apply -f

Configure the Kyma installation using the local configuration file:
$ kubectl apply -f

To trigger the installation process, label the kyma-installation custom resource:
$ kubectl label installation/kyma-installation action=install

Track progress of the installation using the following script:
$ ./installation/scripts/

Installation on Google Kubernetes Engine

  1. Make sure that you have gcloud tool installed. Set environment variables for your Google project identifier and your cluster name. You can keep your demo cluster name but your Google project identifier must be changed. Then you can spin up the cluster:

    export CLUSTER_NAME=demo
    gcloud beta container --project "$PROJECT" clusters \
    create "$CLUSTER_NAME" --zone "europe-west1-b" \
    --cluster-version "1.10.12" --machine-type "n1-standard-2" \
    --addons HorizontalPodAutoscaling,HttpLoadBalancing,KubernetesDashboard 
  2. Install Tiller:

    kubectl apply -f
  3. Download the release and replace the placeholders with the proper values. The placeholders are the upper case variables surrounded by double underscore, such as __DOMAIN__. These are the mandatory values to change:

    • __DOMAIN__ which specifies your domain, for example
    • __TLS_CERT__ which is a PEM format, base64-encoded TLS certifcate.
    • __TLS_KEY__ which is a base64-encoded TLS private key.

    If you don't know how to set other values, replace them with an empty string.

    You can use this script to set only three mandatory values:

    export TLS_CERT=base64_PEM_TLS_certificate
    export TLS_KEY=base64_TLS_private_key
    cat kyma-config-cluster.yaml | sed -e "s/__DOMAIN__/$DOMAIN/g" |sed -e "s/__TLS_CERT__/$TLS_CERT/g" | sed -e "s/__TLS_KEY__/$TLS_KEY/g" |sed -e "s/__.*__//g" >my-kyma.yaml

    As a result, you get the my-kyma.yaml file which you can deploy on the GKE cluster.

  4. Configure kubectl to use your new cluster, add yourself as the cluster admin, and deploy Kyma installer with your configuration.

    gcloud container clusters get-credentials $CLUSTER_NAME --zone europe-west1-b --project $PROJECT
    kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$(gcloud config get-value account)
    kubectl apply -f
    kubectl apply -f my-kyma.yaml
  5. Check if tiller and kyma-installer Pods are up and running. Start the installation process with this command:

    kubectl label installation/kyma-installation action=install

    Watch installation progress:

    kubectl logs -n kyma-installer [kyma-installer-pod] -f
  6. Configure DNS for two load balancers created by the Kyma installation, which are istio-ingressgateway and core-nginx-ingress-controller. You need the following DNS records:


    You can use this script to get external IP addresses for load balancers:

    export EXTERNAL_PUBLIC_IP=$(kubectl get service -n istio-system istio-ingressgateway -o jsonpath="{.status.loadBalancer.ingress[0].ip}")
    export APISERVER_PUBLIC_IP=$(kubectl get service -n kyma-system apiserver-proxy-ssl -o jsonpath="{.status.loadBalancer.ingress[0].ip}")
    export REMOTE_ENV_IP=$(kubectl get service -n kyma-system application-connector-ingress-nginx-ingress-controller -o jsonpath="{.status.loadBalancer.ingress[0].ip}")
    gcloud dns --project=$PROJECT record-sets transaction start --zone=$DNS_ZONE
    gcloud dns --project=$PROJECT record-sets transaction add $EXTERNAL_PUBLIC_IP --name=\*.$DOMAIN. --ttl=60 --type=A --zone=$DNS_ZONE
    gcloud dns --project=$PROJECT record-sets transaction add $REMOTE_ENV_IP --name=\gateway.$DOMAIN. --ttl=60 --type=A --zone=$DNS_ZONE
    gcloud dns --project=$PROJECT record-sets transaction add $APISERVER_PUBLIC_IP --name=\apiserver.$DOMAIN. --ttl=60 --type=A --zone=$DNS_ZONE
    gcloud dns --project=$PROJECT record-sets transaction execute --zone=$DNS_ZONE

Read this document for more information on installing Kyma.

0.8.0 (2019-03-14)


Committers: 2

0.8.0-rc1 (2019-03-12)

Application Connector


Service Catalog




Service Mesh







Committers: 52

Assets 6