From 3f22a892187ea1969d39f80ac4c8be755d5fb45e Mon Sep 17 00:00:00 2001 From: Shikanime Deva Date: Mon, 6 May 2019 15:30:55 +0200 Subject: [PATCH 1/6] Fix kubernete-helm certificates --- .../kubernetes-helm/.devcontainer/Dockerfile | 25 +++++++++++++++---- .../.devcontainer/devcontainer.json | 10 +++++--- 2 files changed, 27 insertions(+), 8 deletions(-) diff --git a/containers/kubernetes-helm/.devcontainer/Dockerfile b/containers/kubernetes-helm/.devcontainer/Dockerfile index a743cef49b..8b7e35e79a 100644 --- a/containers/kubernetes-helm/.devcontainer/Dockerfile +++ b/containers/kubernetes-helm/.devcontainer/Dockerfile @@ -35,11 +35,26 @@ RUN curl -s https://raw.githubusercontent.com/helm/helm/master/scripts/get | bas # Copy localhost's ~/.kube/config file into the container and swap out localhost # for host.docker.internal whenever a new shell starts to keep them in sync. -RUN echo 'if [ "$SYNC_LOCALHOST_KUBECONFIG" == "true" ]; then \ - mkdir -p $HOME/.kube \ - && cp -r $HOME/.kube-localhost/* $HOME/.kube \ - && sed -i -e "s/localhost/host.docker.internal/g" $HOME/.kube/config; \ - fi' >> $HOME/.bashrc +RUN echo '\n\ +if [ "$SYNC_LOCALHOST_KUBECONFIG" == "true" ]; then\n\ + mkdir -p $HOME/.kube\n\ + cp -r $HOME/.kube-localhost/* $HOME/.kube\n\ + sed -i -e "s/localhost/host.docker.internal/g" $HOME/.kube/config;\n\ +fi' \ +>> $HOME/.bashrc + +# Copy localhost's minikube certificate file into the container and swap out localhost +RUN echo '\n\ +if [ "$SYNC_LOCALHOST_MINIKUBE" == "true" ]; then\n\ + mkdir -p $HOME/.minikube\n\ + cp -r $HOME/.minikube-localhost/ca.crt $HOME/.minikube\n\ + cp -r $HOME/.minikube-localhost/client.crt $HOME/.minikube\n\ + cp -r $HOME/.minikube-localhost/client.key $HOME/.minikube\n\ + sed -i -r "s|(\s*client-key:\s).*|\\1$HOME\/.minikube\/client.key|g" $HOME/.kube/config;\n\ + sed -i -r "s|(\s*client-certificate:\s).*|\\1$HOME\/.minikube\/client.crt|g" $HOME/.kube/config\n\ + sed -i -r "s|(\s*certificate-authority:\s).*|\\1$HOME\/.minikube\/ca.crt|g" $HOME/.kube/config;\n\ +fi' \ +>> $HOME/.bashrc # Clean up RUN apt-get autoremove -y \ diff --git a/containers/kubernetes-helm/.devcontainer/devcontainer.json b/containers/kubernetes-helm/.devcontainer/devcontainer.json index 2ffdc300f9..1736f42d7e 100644 --- a/containers/kubernetes-helm/.devcontainer/devcontainer.json +++ b/containers/kubernetes-helm/.devcontainer/devcontainer.json @@ -5,7 +5,11 @@ "peterjausovec.vscode-docker", "ms-kubernetes-tools.vscode-kubernetes-tools" ], - "runArgs": ["-e", "SYNC_LOCALHOST_KUBECONFIG=true", - "-v", "/var/run/docker.sock:/var/run/docker.sock", - "-v", "${env:HOME}${env:USERPROFILE}/.kube:/root/.kube-localhost"] + "runArgs": [ + "-e", "SYNC_LOCALHOST_KUBECONFIG=true", + "-e", "SYNC_LOCALHOST_MINIKUBE=true", + "-v", "/var/run/docker.sock:/var/run/docker.sock", + "-v", "${env:HOME}${env:USERPROFILE}/.kube:/root/.kube-localhost", + "-v", "${env:HOME}${env:USERPROFILE}/.minikube:/root/.minikube-localhost" + ] } \ No newline at end of file From 29026acc91b6c43a7ed0150a0d3674eb7e01fe22 Mon Sep 17 00:00:00 2001 From: Shikanime Deva Date: Tue, 7 May 2019 00:08:50 +0200 Subject: [PATCH 2/6] Refactor to mount --- .../kubernetes-helm/.devcontainer/Dockerfile | 22 +++++++++------- .../.devcontainer/devcontainer.json | 26 +++++++++---------- 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/containers/kubernetes-helm/.devcontainer/Dockerfile b/containers/kubernetes-helm/.devcontainer/Dockerfile index 8b7e35e79a..c6e078882a 100644 --- a/containers/kubernetes-helm/.devcontainer/Dockerfile +++ b/containers/kubernetes-helm/.devcontainer/Dockerfile @@ -36,23 +36,25 @@ RUN curl -s https://raw.githubusercontent.com/helm/helm/master/scripts/get | bas # Copy localhost's ~/.kube/config file into the container and swap out localhost # for host.docker.internal whenever a new shell starts to keep them in sync. RUN echo '\n\ -if [ "$SYNC_LOCALHOST_KUBECONFIG" == "true" ]; then\n\ - mkdir -p $HOME/.kube\n\ - cp -r $HOME/.kube-localhost/* $HOME/.kube\n\ - sed -i -e "s/localhost/host.docker.internal/g" $HOME/.kube/config;\n\ -fi' \ +mkdir -p $HOME/.kube\n\ +cp -r $HOME/.kube-localhost/* $HOME/.kube\n\ +sed -i -e "s/localhost/host.docker.internal/g" $HOME/.kube/config' \ >> $HOME/.bashrc # Copy localhost's minikube certificate file into the container and swap out localhost RUN echo '\n\ -if [ "$SYNC_LOCALHOST_MINIKUBE" == "true" ]; then\n\ - mkdir -p $HOME/.minikube\n\ +mkdir -p $HOME/.minikube\n\ +if [[ -f "$HOME/.minikube-localhost/ca.crt" ]]; then\n\ cp -r $HOME/.minikube-localhost/ca.crt $HOME/.minikube\n\ + sed -i -r "s|(\s*certificate-authority:\s).*|\\1$HOME\/.minikube\/ca.crt|g" $HOME/.kube/config\n\ +fi\n\ +if [[ -f "$HOME/.minikube-localhost/client.crt" ]]; then\n\ cp -r $HOME/.minikube-localhost/client.crt $HOME/.minikube\n\ - cp -r $HOME/.minikube-localhost/client.key $HOME/.minikube\n\ - sed -i -r "s|(\s*client-key:\s).*|\\1$HOME\/.minikube\/client.key|g" $HOME/.kube/config;\n\ sed -i -r "s|(\s*client-certificate:\s).*|\\1$HOME\/.minikube\/client.crt|g" $HOME/.kube/config\n\ - sed -i -r "s|(\s*certificate-authority:\s).*|\\1$HOME\/.minikube\/ca.crt|g" $HOME/.kube/config;\n\ +fi\n\ +if [[ -f "$HOME/.minikube-localhost/client.key" ]]; then\n\ + cp -r $HOME/.minikube-localhost/client.key $HOME/.minikube\n\ + sed -i -r "s|(\s*client-key:\s).*|\\1$HOME\/.minikube\/client.key|g" $HOME/.kube/config\n\ fi' \ >> $HOME/.bashrc diff --git a/containers/kubernetes-helm/.devcontainer/devcontainer.json b/containers/kubernetes-helm/.devcontainer/devcontainer.json index 1736f42d7e..afea881d76 100644 --- a/containers/kubernetes-helm/.devcontainer/devcontainer.json +++ b/containers/kubernetes-helm/.devcontainer/devcontainer.json @@ -1,15 +1,13 @@ { - "name": "Kubernetes & Helm", - "dockerFile": "Dockerfile", - "extensions": [ - "peterjausovec.vscode-docker", - "ms-kubernetes-tools.vscode-kubernetes-tools" - ], - "runArgs": [ - "-e", "SYNC_LOCALHOST_KUBECONFIG=true", - "-e", "SYNC_LOCALHOST_MINIKUBE=true", - "-v", "/var/run/docker.sock:/var/run/docker.sock", - "-v", "${env:HOME}${env:USERPROFILE}/.kube:/root/.kube-localhost", - "-v", "${env:HOME}${env:USERPROFILE}/.minikube:/root/.minikube-localhost" - ] -} \ No newline at end of file + "name": "Kubernetes & Helm", + "dockerFile": "Dockerfile", + "extensions": [ + "peterjausovec.vscode-docker", + "ms-kubernetes-tools.vscode-kubernetes-tools" + ], + "runArgs": [ + "--mount", "type=bind,source=/var/run/docker.sock,target=/var/run/docker.sock", + "--mount", "type=bind,source=${env:HOME}${env:USERPROFILE}/.kube,target=/root/.kube-localhost", + "--mount", "type=bind,source=${env:HOME}${env:USERPROFILE}/.minikube,target=/root/.minikube-localhost" + ] +} From cdfd6919bd320892d45106e1fd141cb2a22fc8a7 Mon Sep 17 00:00:00 2001 From: Shikanime Deva Date: Tue, 7 May 2019 09:41:58 +0200 Subject: [PATCH 3/6] Revert minikube certificates mount to docker volume --- containers/kubernetes-helm/.devcontainer/devcontainer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/containers/kubernetes-helm/.devcontainer/devcontainer.json b/containers/kubernetes-helm/.devcontainer/devcontainer.json index afea881d76..f1a09723ad 100644 --- a/containers/kubernetes-helm/.devcontainer/devcontainer.json +++ b/containers/kubernetes-helm/.devcontainer/devcontainer.json @@ -8,6 +8,6 @@ "runArgs": [ "--mount", "type=bind,source=/var/run/docker.sock,target=/var/run/docker.sock", "--mount", "type=bind,source=${env:HOME}${env:USERPROFILE}/.kube,target=/root/.kube-localhost", - "--mount", "type=bind,source=${env:HOME}${env:USERPROFILE}/.minikube,target=/root/.minikube-localhost" + "-v", "${env:HOME}${env:USERPROFILE}/.minikube:/root/.minikube-localhost" ] } From 0825ec495e9ff7d1a32ac7055989cdfcce61e926 Mon Sep 17 00:00:00 2001 From: Shikanime Deva Date: Tue, 21 May 2019 00:22:44 +0200 Subject: [PATCH 4/6] Fix bazel devcontainer indentation --- .../.devcontainer/devcontainer.json | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/containers/kubernetes-helm/.devcontainer/devcontainer.json b/containers/kubernetes-helm/.devcontainer/devcontainer.json index 56adac702a..3f32a538dd 100644 --- a/containers/kubernetes-helm/.devcontainer/devcontainer.json +++ b/containers/kubernetes-helm/.devcontainer/devcontainer.json @@ -1,19 +1,19 @@ { - "name": "Kubernetes & Helm", - "dockerFile": "Dockerfile", - "extensions": [ - "peterjausovec.vscode-docker", - "ms-kubernetes-tools.vscode-kubernetes-tools" - ], - "runArgs": [ - "--mount", "type=bind,source=/var/run/docker.sock,target=/var/run/docker.sock", - "--mount", "type=bind,source=${env:HOME}${env:USERPROFILE}/.kube,target=/root/.kube-localhost", - "-v", "${env:HOME}${env:USERPROFILE}/.minikube:/root/.minikube-localhost" + "name": "Kubernetes & Helm", + "dockerFile": "Dockerfile", + "extensions": [ + "peterjausovec.vscode-docker", + "ms-kubernetes-tools.vscode-kubernetes-tools" + ], + "runArgs": [ + "--mount", "type=bind,source=/var/run/docker.sock,target=/var/run/docker.sock", + "--mount", "type=bind,source=${env:HOME}${env:USERPROFILE}/.kube,target=/root/.kube-localhost", + "-v", "${env:HOME}${env:USERPROFILE}/.minikube:/root/.minikube-localhost" + + // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust. + // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" + ], - // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust. - // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" - ], - // Uncomment the next line if you want to publish any ports. // "appPort": [], From caa0cc487c405ca6ab723988c4e1bccf5ee0098f Mon Sep 17 00:00:00 2001 From: Shikanime Deva Date: Wed, 22 May 2019 20:36:13 +0200 Subject: [PATCH 5/6] Add optionnal volume binding for Minikube --- .../kubernetes-helm/.devcontainer/Dockerfile | 33 ++++++++--------- .../.devcontainer/devcontainer.json | 5 ++- containers/kubernetes-helm/README.md | 36 +++++++++++++------ 3 files changed, 43 insertions(+), 31 deletions(-) diff --git a/containers/kubernetes-helm/.devcontainer/Dockerfile b/containers/kubernetes-helm/.devcontainer/Dockerfile index c6e078882a..6eb03bb6ca 100644 --- a/containers/kubernetes-helm/.devcontainer/Dockerfile +++ b/containers/kubernetes-helm/.devcontainer/Dockerfile @@ -36,25 +36,20 @@ RUN curl -s https://raw.githubusercontent.com/helm/helm/master/scripts/get | bas # Copy localhost's ~/.kube/config file into the container and swap out localhost # for host.docker.internal whenever a new shell starts to keep them in sync. RUN echo '\n\ -mkdir -p $HOME/.kube\n\ -cp -r $HOME/.kube-localhost/* $HOME/.kube\n\ -sed -i -e "s/localhost/host.docker.internal/g" $HOME/.kube/config' \ ->> $HOME/.bashrc - -# Copy localhost's minikube certificate file into the container and swap out localhost -RUN echo '\n\ -mkdir -p $HOME/.minikube\n\ -if [[ -f "$HOME/.minikube-localhost/ca.crt" ]]; then\n\ - cp -r $HOME/.minikube-localhost/ca.crt $HOME/.minikube\n\ - sed -i -r "s|(\s*certificate-authority:\s).*|\\1$HOME\/.minikube\/ca.crt|g" $HOME/.kube/config\n\ -fi\n\ -if [[ -f "$HOME/.minikube-localhost/client.crt" ]]; then\n\ - cp -r $HOME/.minikube-localhost/client.crt $HOME/.minikube\n\ - sed -i -r "s|(\s*client-certificate:\s).*|\\1$HOME\/.minikube\/client.crt|g" $HOME/.kube/config\n\ -fi\n\ -if [[ -f "$HOME/.minikube-localhost/client.key" ]]; then\n\ - cp -r $HOME/.minikube-localhost/client.key $HOME/.minikube\n\ - sed -i -r "s|(\s*client-key:\s).*|\\1$HOME\/.minikube\/client.key|g" $HOME/.kube/config\n\ +if [ "$SYNC_LOCALHOST_KUBECONFIG" == "true" ]; then\n\ + mkdir -p $HOME/.kube\n\ + cp -r $HOME/.kube-localhost/* $HOME/.kube\n\ + sed -i -e "s/localhost/host.docker.internal/g" $HOME/.kube/config\n\ +\n\ + if [ -d "$HOME/.minikube-localhost" ]; then\n\ + mkdir -p $HOME/.minikube\n\ + cp -r $HOME/.minikube-localhost/ca.crt $HOME/.minikube\n\ + sed -i -r "s|(\s*certificate-authority:\s).*|\\1$HOME\/.minikube\/ca.crt|g" $HOME/.kube/config\n\ + cp -r $HOME/.minikube-localhost/client.crt $HOME/.minikube\n\ + sed -i -r "s|(\s*client-certificate:\s).*|\\1$HOME\/.minikube\/client.crt|g" $HOME/.kube/config\n\ + cp -r $HOME/.minikube-localhost/client.key $HOME/.minikube\n\ + sed -i -r "s|(\s*client-key:\s).*|\\1$HOME\/.minikube\/client.key|g" $HOME/.kube/config\n\ + fi\n\ fi' \ >> $HOME/.bashrc diff --git a/containers/kubernetes-helm/.devcontainer/devcontainer.json b/containers/kubernetes-helm/.devcontainer/devcontainer.json index 3f32a538dd..f4e99d0a78 100644 --- a/containers/kubernetes-helm/.devcontainer/devcontainer.json +++ b/containers/kubernetes-helm/.devcontainer/devcontainer.json @@ -6,9 +6,12 @@ "ms-kubernetes-tools.vscode-kubernetes-tools" ], "runArgs": [ + "-e", "SYNC_LOCALHOST_KUBECONFIG=true", "--mount", "type=bind,source=/var/run/docker.sock,target=/var/run/docker.sock", "--mount", "type=bind,source=${env:HOME}${env:USERPROFILE}/.kube,target=/root/.kube-localhost", - "-v", "${env:HOME}${env:USERPROFILE}/.minikube:/root/.minikube-localhost" + + // Uncomment the next line to also sync certs in your .minikube folder + // "--mount", "type=bind,source=${env:HOME}${env:USERPROFILE}/.minikube,target=/root/.minikube-localhost" // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust. // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" diff --git a/containers/kubernetes-helm/README.md b/containers/kubernetes-helm/README.md index e9bdb1f1a8..86396c4323 100644 --- a/containers/kubernetes-helm/README.md +++ b/containers/kubernetes-helm/README.md @@ -6,7 +6,7 @@ | Metadata | Value | |----------|-------| -| *Contributors* | The VS Code team | +| *Contributors* | The VS Code team and Phetsinorath William | | *Definition type* | Dockerfile | | *Languages, platforms* | Any | @@ -50,14 +50,26 @@ You can adapt your own existing development container Dockerfile to support this "-v", "$HOME/.kube:/root/.kube-localhost"] ``` -3. Update `.bashrc` to automatically swap out localhost for host.docker.internal in a containr copy of the Kubernetes config. From `.devcontainer/Dockerfile`: +3. Update `.bashrc` to automatically swap out localhost for host.docker.internal in a container copy of the Kubernetes config and optionally Minikube certificates if the volume is enabled. From `.devcontainer/Dockerfile`: ```Dockerfile - RUN echo 'if [ "$SYNC_LOCALHOST_KUBECONFIG" == "true" ]; then \ - mkdir -p $HOME/.kube \ - && cp -r $HOME/.kube-localhost/* $HOME/.kube \ - && sed -i -e "s/localhost/host.docker.internal/g" $HOME/.kube/config; \ - fi' >> $HOME/.bashrc + RUN echo '\n\ + if [ "$SYNC_LOCALHOST_KUBECONFIG" == "true" ]; then\n\ + mkdir -p $HOME/.kube\n\ + cp -r $HOME/.kube-localhost/* $HOME/.kube\n\ + sed -i -e "s/localhost/host.docker.internal/g" $HOME/.kube/config\n\ + \n\ + if [ -d "$HOME/.minikube-localhost" ]; then\n\ + mkdir -p $HOME/.minikube\n\ + cp -r $HOME/.minikube-localhost/ca.crt $HOME/.minikube\n\ + sed -i -r "s|(\s*certificate-authority:\s).*|\\1$HOME\/.minikube\/ca.crt|g" $HOME/.kube/config\n\ + cp -r $HOME/.minikube-localhost/client.crt $HOME/.minikube\n\ + sed -i -r "s|(\s*client-certificate:\s).*|\\1$HOME\/.minikube\/client.crt|g" $HOME/.kube/config\n\ + cp -r $HOME/.minikube-localhost/client.key $HOME/.minikube\n\ + sed -i -r "s|(\s*client-key:\s).*|\\1$HOME\/.minikube\/client.key|g" $HOME/.kube/config\n\ + fi\n\ + fi' \ + >> $HOME/.bashrc ``` 5. Add a container specific user settings file that forces the Docker extension to be installed inside the container instead of locally. From `.devcontainer/Dockerfile`: @@ -119,10 +131,10 @@ Follow the steps below for your operating system to use the definition. helm init ``` -## Linux Setup +## Linux/Minikube Setup 1. If this is your first time using a development container, please follow the [getting started steps](https://aka.ms/vscode-remote/containers/getting-started) to set up your machine. - + 2. Install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) and [Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/) on your local OS if you have not already. 3. Start Minikube as follows: @@ -143,9 +155,11 @@ Follow the steps below for your operating system to use the definition. 6. After following step 2 or 3, the contents of the `.devcontainer` folder in your project can be adapted to meet your needs. -7. Finally, press F1 and run **Remote-Containers: Reopen Folder in Container** to start using the definition. +7. Open `.devcontainer/devcontainer.json` and uncomment the minikube volume binding. -8. [Optional] If you want to use [Helm](https://helm.sh), open a VS Code terminal and run: +8. Finally, press F1 and run **Remote-Containers: Reopen Folder in Container** to start using the definition. + +9. [Optional] If you want to use [Helm](https://helm.sh), open a VS Code terminal and run: ``` helm init ``` From 0220ff528837eb8f4781058d7fddd8d312e7109b Mon Sep 17 00:00:00 2001 From: Shikanime Deva Date: Wed, 22 May 2019 20:44:02 +0200 Subject: [PATCH 6/6] Fix slash typo --- containers/kubernetes-helm/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/containers/kubernetes-helm/README.md b/containers/kubernetes-helm/README.md index 86396c4323..a035456411 100644 --- a/containers/kubernetes-helm/README.md +++ b/containers/kubernetes-helm/README.md @@ -104,7 +104,7 @@ In addition, if you want to **disable sync'ing** local Kubernetes config into th Follow the steps below for your operating system to use the definition. -### macOS / Windows +### macOS / Windows 1. If this is your first time using a development container, please follow the [getting started steps](https://aka.ms/vscode-remote/containers/getting-started) to set up your machine. @@ -131,7 +131,7 @@ Follow the steps below for your operating system to use the definition. helm init ``` -## Linux/Minikube Setup +## Linux / Minikube Setup 1. If this is your first time using a development container, please follow the [getting started steps](https://aka.ms/vscode-remote/containers/getting-started) to set up your machine.