Hello world pull from Trustnest Artifactory
Prerequisites
To run this onboarding tutorial, we should first have:
- a k8saas cluster deployed
To ask and set up your own cluster, look at the section Getting Started.
- docker engine running on your computer
And downloaded the following files:
Upload image to Trustnest Artifactory
First, login to Artifactory with Docker using our documentation: [here]
Pull and tag the image:
docker image mcr.microsoft.com/azuredocs/aks-helloworld:v1 doesn't exist anymore but has been uploaded into Artifcatory repo.
docker pull mcr.microsoft.com/azuredocs/aks-helloworld:v1
docker tag mcr.microsoft.com/azuredocs/aks-helloworld:v1 artifactory.thalesdigital.io/docker-internal/k8saas/helloworld/aks-helloworld-$K8SAAS_RESOURCE_NAME:latest
docker push artifactory.thalesdigital.io/docker-internal/k8saas/helloworld/aks-helloworld-$K8SAAS_RESOURCE_NAME:latest
Be sure to change $K8SAAS_RESOURCE_NAME with your instance name.
Deploy the application from ArtiFactory
Edit the deployment file with your image name and url link:
LC_ALL=C find ./ -type f -exec sed -i '' -e 's/INSTANCE_NAME/$K8SAAS_RESOURCE_NAME/g' {} \;
Create secret to access Artifactory from the Kubernetes cluster.
kubectl create secret docker-registry regcred-af --namespace customer-namespaces --docker-server=artifactory.thalesdigital.io --docker-username=$K8SAAS_ARTIFACTORY_EMAIL --docker-password=$K8SAAS_ARTIFACTORY_API_KEY
Be sure to change $K8SAAS_RESOURCE_NAME, $K8SAAS_ARTIFACTORY_EMAIL and $K8SAAS_ARTIFACTORY_API_KEY with your values.
Update DNS zone
You will need to update the file pomerium-ingress.yaml with the right DNS zone and at the same time we will change the host to be sure it's unique and not interfering with another project.
Look and replace:
spec:
ingressClassName: pomerium
rules:
- host: <VALUE_TO_CHANGE>.demo-arti.<DNS_ZONE>
...
tls:
- hosts:
- <VALUE_TO_CHANGE>.demo-arti.<DNS_ZONE>
With the DNS zone information that was in the onboarding email sent to you. If you do not have this information you can always run this:
kubectl get ingress -n monitoring
It should return something like this:
NAME CLASS HOSTS ADDRESS PORTS AGE
prometheus-operator-grafana nginx grafana.k8saas-rbo-sandbox.eu.k8saas.thalesdigital.io 20.50.218.145 80, 443 389d
Now with the information from the previous command, update pomerium-ingress.yaml with the right information. Here we've replaced hello-world-ingress with rbo-sandbox-hw to be unique like suggested earlier.
spec:
ingressClassName: pomerium
rules:
- host: rbo-sandbox-hw.demo-pomerium.eu.k8saas.thalesdigital.io
...
tls:
- hosts:
- rbo-sandbox-hw.demo-pomerium.eu.k8saas.thalesdigital.io
Deploy resources and check their availability:
kubectl apply -f aks-helloworld-one.yaml --namespace customer-namespaces
kubectl get pods --namespace customer-namespaces
# aks-helloworld-artifactory-54ff5cff7c-zw59x 2/2 Running
kubectl apply -f hello-world-ingress.yaml --namespace customer-namespaces
kubectl get ingress --namespace customer-namespaces
# hello-world-ingress-artifactory <none> hello-world-ingress-af.INSTANCE_NAME.kaas.thalesdigital.io 20.81.14.231 80, 443
Now, open a browser and consult your first application: https://hello-world-ingress-af.<INSTANCE_NAME>.kaas.thalesdigital.io
or in a shell:
curl -k https://hello-world-ingress.demo.kaas.thalesdigital.io
The application have been successfully deployed using an image from Trustnest ArtiFactory.
Remove your test
kubectl delete -f aks-helloworld-one.yaml --namespace customer-namespaces
kubectl delete -f hello-world-ingress.yaml --namespace customer-namespaces