Local Kyma installation
Use the following command to run Kubernetes locally via Minikube:
$ ./installation/scripts/minikube.sh --domain "kyma.local" --vm-driver "hyperkit"
Kyma installation requires increased permissions granted by the cluster-admin role. To bind the role to the default ServiceAccount, run the following command:
$ kubectl apply -f ./installation/resources/default-sa-rbac-role.yaml
Wait until the coredns
Pod is ready. Run this script to setup Tiller:
$ ./installation/scripts/install-tiller.sh
Deploy Kyma Installer using the local installer file:
$ kubectl apply -f https://github.com/kyma-project/kyma/releases/download/0.8.0/kyma-installer-local.yaml
Configure the Kyma installation using the local configuration file:
$ kubectl apply -f https://github.com/kyma-project/kyma/releases/download/0.8.0/kyma-config-local.yaml
To trigger the installation process, label the kyma-installation
custom resource:
$ kubectl label installation/kyma-installation action=install
Track progress of the installation using the following script:
$ ./installation/scripts/is-installed.sh
Installation on Google Kubernetes Engine
-
Make sure that you have
gcloud
tool installed. Set environment variables for your Google project identifier and your cluster name. You can keep your demo cluster name but your Google project identifier must be changed. Then you can spin up the cluster:export CLUSTER_NAME=demo export PROJECT=YOUR_PROJECT_ID gcloud beta container --project "$PROJECT" clusters \ create "$CLUSTER_NAME" --zone "europe-west1-b" \ --cluster-version "1.10.12" --machine-type "n1-standard-2" \ --addons HorizontalPodAutoscaling,HttpLoadBalancing,KubernetesDashboard
-
Install Tiller:
kubectl apply -f https://raw.githubusercontent.com/kyma-project/kyma/0.8.0/installation/resources/tiller.yaml
-
Download the release and replace the placeholders with the proper values. The placeholders are the upper case variables surrounded by double underscore, such as
__DOMAIN__
. These are the mandatory values to change:__DOMAIN__
which specifies your domain, for examplekyma.example.com
.__TLS_CERT__
which is a PEM format, base64-encoded TLS certifcate.__TLS_KEY__
which is a base64-encoded TLS private key.
If you don't know how to set other values, replace them with an empty string.
You can use this script to set only three mandatory values:
export DOMAIN=kyma.example.com export TLS_CERT=base64_PEM_TLS_certificate export TLS_KEY=base64_TLS_private_key cat kyma-config-cluster.yaml | sed -e "s/__DOMAIN__/$DOMAIN/g" |sed -e "s/__TLS_CERT__/$TLS_CERT/g" | sed -e "s/__TLS_KEY__/$TLS_KEY/g" |sed -e "s/__.*__//g" >my-kyma.yaml
As a result, you get the
my-kyma.yaml
file which you can deploy on the GKE cluster. -
Configure kubectl to use your new cluster, add yourself as the cluster admin, and deploy Kyma installer with your configuration.
gcloud container clusters get-credentials $CLUSTER_NAME --zone europe-west1-b --project $PROJECT kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$(gcloud config get-value account) kubectl apply -f https://github.com/kyma-project/kyma/releases/download/0.8.0/kyma-installer-cluster.yaml kubectl apply -f my-kyma.yaml
-
Check if
tiller
andkyma-installer
Pods are up and running. Start the installation process with this command:kubectl label installation/kyma-installation action=install
Watch installation progress:
kubectl logs -n kyma-installer [kyma-installer-pod] -f
-
Configure DNS for two load balancers created by the Kyma installation, which are istio-ingressgateway and core-nginx-ingress-controller. You need the following DNS records:
*.kyma.example.com A EXTERNAL_PUBLIC_IP
gateway.kyma.example.com A REMOTE_ENV_IP
You can use this script to get external IP addresses for load balancers:
export EXTERNAL_PUBLIC_IP=$(kubectl get service -n istio-system istio-ingressgateway -o jsonpath="{.status.loadBalancer.ingress[0].ip}") export APISERVER_PUBLIC_IP=$(kubectl get service -n kyma-system apiserver-proxy-ssl -o jsonpath="{.status.loadBalancer.ingress[0].ip}") export REMOTE_ENV_IP=$(kubectl get service -n kyma-system application-connector-ingress-nginx-ingress-controller -o jsonpath="{.status.loadBalancer.ingress[0].ip}") gcloud dns --project=$PROJECT record-sets transaction start --zone=$DNS_ZONE gcloud dns --project=$PROJECT record-sets transaction add $EXTERNAL_PUBLIC_IP --name=\*.$DOMAIN. --ttl=60 --type=A --zone=$DNS_ZONE gcloud dns --project=$PROJECT record-sets transaction add $REMOTE_ENV_IP --name=\gateway.$DOMAIN. --ttl=60 --type=A --zone=$DNS_ZONE gcloud dns --project=$PROJECT record-sets transaction add $APISERVER_PUBLIC_IP --name=\apiserver.$DOMAIN. --ttl=60 --type=A --zone=$DNS_ZONE gcloud dns --project=$PROJECT record-sets transaction execute --zone=$DNS_ZONE
Read this document for more information on installing Kyma.
0.8.0 (2019-03-14)
Console
- #3121 Workaround fiori bugs for firefox and safari (@kwiatekus)
Committers: 2
- Ahmed ElRefaey Hamouda (@montaro)
- Krzysztof (@kwiatekus)
0.8.0-rc1 (2019-03-12)
Application Connector
- #3063 Bump image of Application Gateway (@Szymongib)
- #2919 Chart changes (@Maladie)
- #2915 Enhance OAuth authentication with header containing credentials (@Szymongib)
- #2986 Certificate revocation documentation (@Maladie)
- #2895 Add upgrade functionality to the operator (@janmedrek)
- #2899 Implementation of certificate revocation functionality (@Maladie)
- #3033 Bump app-registry component (@crabtree)
- #3029 Adding the ca-certificates file to the scratch image (@lszymik)
- #2796 Update Connector Service chart and READMEs (@janmedrek)
- #2812 Extract nginx to a separate chart (@Tomasz-Smelcerz-SAP)
- #2933 Application Gateway renaming - bump (@Szymongib)
- #2879 Make common value for enabling app-mgmt and conn-svc (@crabtree)
- #2930 Rename Application Proxy to Application Gateway (@Szymongib)
- #2969 rename secret in application operator (@Tomasz-Smelcerz-SAP)
- #2875 Disable NGINX ssl chain autocompletion (@janmedrek)
- #2894 Bump image of Connector Service (@Szymongib)
- #2892 Enhance Connector Service Management Info endpoint (@Szymongib)
- #2803 Connectivity Certs Controller chart (@Szymongib)
- #2880 Update API Spec of Connector Service (@Szymongib)
- #2749 New CN support in application-operator - charts (@crabtree)
- #2854 Update application client in application connector components (@crabtree)
- #2799 Connectivity Certs Controller implementation (@Szymongib)
- #2779 Accept optional placeholders in Connector Service Info URL (@franpog859)
- #2757 New CN value in connector-service (@crabtree)
- #2778 Image bump for #2613 (@Maladie)
- #2763 Add logging for Connector Service (@Maladie)
- #2808 Add ability to skip Connector Service installation (@akgalwas)
- #2809 Certificate renewal documentation (@tomekpapiernik)
- #2767 Client certificate rotation chart update (@Szymongib)
- #2781 Update the "Application" CRD document to follow the template (@tomekpapiernik)
- #2764 Client certificate rotation in Connector Service (@Szymongib)
- #2692 Bump Connector Service version (@janmedrek)
- #2690 Introduce configurable expiration time for certificates issued by Connector Service (@janmedrek)
- #2683 Chart and image bump for getInfo (@Maladie)
- #2664 Implement the GetInfo endpoint for connected applications and clusters (@franpog859)
- #2740 Improve AC documentation - architecture / tutorials (@tomekpapiernik)
- #2722 Describe AC payload limits for API definitions (@tomekpapiernik)
- #2711 Update scripts to test AC locally (@Szymongib)
Serverless
- #2961 Configure required backend modules for lambda CMF (@kwiatekus)
- #2772 Load test migration (@sayanh)
Service Catalog
- #2967 Bump ui-api-layer image for openApiSpec and odataSpec fields in SC and CSC (@magicmatatjahu)
- #2962 Add openApiSpec and odataSpec field for CSC and SC in ui-api-layer (@magicmatatjahu)
- #2882 Update service catalog version to 0.1.41 (@adamwalach)
- #2862 Bump docs image (@PK85)
- #2858 Add VNET rules to PostgreSQL documentation (@PK85)
- #2843 Bump image of catalog-ui and ui-tests (@akucharska)
- #2663 Remove instance during deprovisioning in application broker (@adamwalach)
Cluster
- #2932 Enable Asset Store integration tests (@pkosiec)
- #2719 Bump stability checker image (@jasiu001)
- #2598 Add fluentd to stability checker (@piotrmiskiewicz)
Eventing
- #2999 Enable publish-knative monitoring and event-service (@montaro)
- #3075 Improve subscription-controller (@suleymanakbas91)
- #3028 Activate event-bus tests (@marcobebway)
- #3007 Modify subscription controller chart (@suleymanakbas91)
- #3008 Append kyma subscription namespace to knative subscription name (@radufa)
- #3006 Update the event-bus and event-service versions (@marcobebway)
- #2939 Add graceful shutdown for the event-service (@marcobebway)
- #2936 Add graceful shutdown for the knative-publish HTTP server (@marcobebway)
- #2890 Integrate subscription controller with Knative eventing (@suleymanakbas91)
- #2908 Extend event activation controller to handle kyma subscription (@radufa)
- #2888 Add Knative subscription-controller deployment (@marcobebway)
- #2775 Implement skelton controller that reacts to event activation create and delete (@montaro)
- #2845 Update event-bus component apps version (@marcobebway)
- #2817 Include the event source-id and the event-type-version in the knative channel name (@marcobebway)
Security
- #2782 Introduce kyma-developer role (@Demonsthere)
Service Mesh
- #2795 Enable xip.io integration by default - bump (@jakkab)
- #2793 Enable xip.io integration by default (@jakkab)
- #2751 Configurations generator remove istio policy (@Tomasz-Smelcerz-SAP)
- #2743 JWT token authentication in configurations-generator (@Tomasz-Smelcerz-SAP)
Installation
- #2812 Extract nginx to a separate chart (@Tomasz-Smelcerz-SAP)
- #2912 Define monitoring configuration alerting defaults (@sslavic)
- #2893 Use metrics-server instead of retired heapster (@sslavic)
- #2769 Add the 'kyma-project.io/installation` label to Installer resources (@jakkab)
- #2619 E2e test restore backup (@k15r)
- #2673 Remove unused installation dir (@Demonsthere)
Monitoring
- #2999 Enable publish-knative monitoring and event-service (@montaro)
- #2965 Add monitoring setup for minio and fix other custom monitoring (@derberg)
- #2912 Define monitoring configuration alerting defaults (@sslavic)
- #2893 Use metrics-server instead of retired heapster (@sslavic)
- #2864 Rename test monitoring (@sayanh)
- #2844 Fix Alert rules for PVC (@rakesh-garimella)
- #2761 Use alerts from monitoring chart (@kfurgol)
Logging
- #3038 Logging docs updated with alpha state information (@hisarbalik)
- #2514 Logging solution replacement for oklog with grafana/loki (@hisarbalik)
Console
- #3111 Fix email validation for (cluster) role binding (@kwiatekus)
- #3085 Bump Catalog-ui image (@aerfio)
- #2987 Apply Fiori 3 Fundamentals in the Console UI (@kwiatekus)
- #2967 Bump ui-api-layer image for openApiSpec and odataSpec fields in SC and CSC (@magicmatatjahu)
- #2962 Add openApiSpec and odataSpec field for CSC and SC in ui-api-layer (@magicmatatjahu)
- #2961 Configure required backend modules for lambda CMF (@kwiatekus)
- #2514 Logging solution replacement for oklog with grafana/loki (@hisarbalik)
- #2925 Show system namespaces (@kwiatekus)
- #2954 UI API Layer documentation updates (@tomekpapiernik)
- #2909 Replace hostNetwork setting with hostAliases for ui-acceptance test minikube executions (@kwiatekus)
- #2918 Bump catalog-ui and instances-ui images (@akucharska)
- #2870 Enable content-security-policy in Console UI (@JohannesDoberer)
- #2833 Conditional application management (@parostatkiem)
- #2866 Enable Luigi alerts in lambda ui (@kwiatekus)
- #2827 Use GraphQL querries and mutations for ReplicaSet in Console UI (@kwiatekus)
- #2732 Implement GraphQL queries and mutations for ReplicaSets (@kwiatekus)
- #2843 Bump image of catalog-ui and ui-tests (@akucharska)
- #2807 Bump UI API Layer (@pkosiec)
- #2806 Add namespace parameter for ClusterServiceClass fields in UI API Layer (@pkosiec)
- #2738 Fix css class conflict for inputs (techne vs. fiori) (@kwiatekus)
- #2723 Bump UI API Layer with acceptance tests (@pkosiec)
- #2670 Add instances field for ServiceClass and ClusterServiceClass types in UI API (@pkosiec)
Documentation
- #2795 Enable xip.io integration by default - bump (@jakkab)
- #3061 Added new component type "controller-manager" (@a-thaler)
- #3060 Add CMS chart (@michal-hudy)
- #3058 Introduce CMS Controller Manager (@michal-hudy)
- #2932 Enable Asset Store integration tests (@pkosiec)
- #2919 Chart changes (@Maladie)
- #2928 Introduce Asset Store integration tests (@pkosiec)
- #2986 Certificate revocation documentation (@Maladie)
- #2967 Bump ui-api-layer image for openApiSpec and odataSpec fields in SC and CSC (@magicmatatjahu)
- #2899 Implementation of certificate revocation functionality (@Maladie)
- #2962 Add openApiSpec and odataSpec field for CSC and SC in ui-api-layer (@magicmatatjahu)
- #3037 Fix the broken links (@klaudiagrz)
- #3038 Logging docs updated with alpha state information (@hisarbalik)
- #2901 Introduce naming of the gophers component (@polskikiel)
- #2796 Update Connector Service chart and READMEs (@janmedrek)
- #2879 Make common value for enabling app-mgmt and conn-svc (@crabtree)
- #2965 Add monitoring setup for minio and fix other custom monitoring (@derberg)
- #2853 GKE installation command fix (@kfurgol)
- #2954 UI API Layer documentation updates (@tomekpapiernik)
- #2897 readme files for components and tests containing naming convention (@a-thaler)
- #2943 Fix bugs in the Helm Broker documentation (@klaudiagrz)
- #2889 Add missing project flag in gke doc (@Demonsthere)
- #2782 Introduce kyma-developer role (@Demonsthere)
- #2880 Update API Spec of Connector Service (@Szymongib)
- #2749 New CN support in application-operator - charts (@crabtree)
- #2868 Add links to backup documentation (@bszwarc)
- #2869 Fix dead links in "Asset Store" CRD docs (@tomekpapiernik)
- #2846 Add description of Installation status (@sjanota)
- #2862 Bump docs image (@PK85)
- #2773 Rename generate-docs script to prepare-content (@magicmatatjahu)
- #2863 Remove outdated section from Asset Store documentation (@michal-hudy)
- #2858 Add VNET rules to PostgreSQL documentation (@PK85)
- #2826 Bump Asset Store image (@michal-hudy)
- #2823 Add cluster wide resources to Asset Store (@michal-hudy)
- #2783 Add security recommendations for microfrontends (@jesusreal)
- #2816 Fix the broker registration tutorial (@klaudiagrz)
- #2757 New CN value in connector-service (@crabtree)
- #2770 Add Asset Upload Service chart (@pkosiec)
- #2759 Introduce Asset Upload Service (@pkosiec)
- #2810 Rework Alert Rules chart document (@bszwarc)
- #2809 Certificate renewal documentation (@tomekpapiernik)
- #2804 Add FOSSA large badge (@crabtree)
- #2781 Update the "Application" CRD document to follow the template (@tomekpapiernik)
- #2758 Docs image update (@kazydek)
- #2754 Update dead links (@kazydek)
- #2724 Add security section to documentation overview in ui-api-layer (@kubadz)
- #2741 Fix failed governance jobs issues (@kazydek)
- #2737 Adjust Jaeger documentation (@michal-hudy)
- #2740 Improve AC documentation - architecture / tutorials (@tomekpapiernik)
- #2734 Check new formatting approach for tables (@tomekpapiernik)
- #2717 Bump assetstore and docs images (@tgorgol)
- #2713 Support filter attribute in the package source of the asset store (@tgorgol)
- #2722 Describe AC payload limits for API definitions (@tomekpapiernik)
- #2714 Change CRD names (@kazydek)
- #2709 Kyma docs - fixes and improvements (@tomekpapiernik)
- #2708 Minor changes in docs (@kazydek)
- #2707 Update the doc image (@kazydek)
- #2702 Add BC flow information to the AS architecture (@kazydek)
- #2667 Restructure Service Brokers documentation (@klaudiagrz)
CI
- #3009 Use custom image in kyma integration tests job (@suleymanakbas91)
- #2822 fix release names in e2e testing script (@k15r)
- #2721 Kyma installer: add new makefile target "ci-pr" and "ci-master" (@aszecowka)
- #2719 Bump stability checker image (@jasiu001)
Committers: 52
- Adam Szecówka (@aszecowka)
- Adam Wałach (@adamwalach)
- Agata (@akucharska)
- Ahmed ElRefaey Hamouda (@montaro)
- Andreas Thaler (@a-thaler)
- Arkadiusz Galwas (@akgalwas)
- Barbara Szwarc (@bszwarc)
- Franciszek Pogodziński (@franpog859)
- Gaurav Abbi (@abbi-gaurav)
- Hisar Balik (@hisarbalik)
- Jakub Błaszczyk (@Demonsthere)
- Jakub Dziechciewicz (@kubadz)
- Jakub Kabza (@jakkab)
- Jan Mędrek (@janmedrek)
- Jan Sudczak (@parostatkiem)
- Jesús Real Serrano (@jesusreal)
- Johannes Engelke (@joek)
- Kamil K (@y-kkamil)
- Karol Furgoł (@kfurgol)
- Karolina Zydek (@kazydek)
- Klaudia Grzondziel (@klaudiagrz)
- Korbinian Stoemmer (@k15r)
- Krystian Cieślik (@crabtree)
- Krzysztof (@kwiatekus)
- Lilit Ghazaryan (@lilitgh)
- Lukasz Gornicki (@derberg)
- Lukasz Szymik (@lszymik)
- Maciej Urbańczyk (@magicmatatjahu)
- Marco Bebway (@marcobebway)
- Mariusz Szymański (@Maladie)
- Mateusz Puczyński (@aerfio)
- Mateusz Szostok (@mszostok)
- Michal Kempski (@polskikiel)
- Michał Hudy (@michal-hudy)
- Michał Wieczorek (@mwieczorek)
- Pavel Pavlov (@PavelPavlov46)
- Paweł Kosiec (@pkosiec)
- Piotr Jasiak (@jasiu001)
- Piotr Kopczyński (@PK85)
- Piotr Miśkiewicz (@piotrmiskiewicz)
- Radu Fantaziu (@radufa)
- Rakesh Garimella (@rakesh-garimella)
- Sayan Hazra (@sayanh)
- Stevo Slavić (@sslavic)
- Suleyman Akbas (@suleymanakbas91)
- Szymon Gibała (@Szymongib)
- Szymon Janota (@sjanota)
- Tomasz Gorgol (@tgorgol)
- Tomasz Papiernik (@tomekpapiernik)
- Tomasz Smelcerz (@Tomasz-Smelcerz-SAP)
- Ventura, Santiago (@venturasr)
- @JohannesDoberer