8.3 KiB
Freeleaps Cluster Toolchains
A collection of tools to help you work with Freeleaps Kubernetes Cluster.
Freeleaps Cluster Authenticator
Helps to
kubectlauthenticated toFreeleaps Kubernetes Cluster.
Prerequisites
mathmast.comAzure Directory accountLinuxwithShell / BashsupportInternetaccess
How to use?
First, you need grant this script to executable with commands:
chmod ug+x freeleaps-cluster-authenticator
Now, you can get help text with commands:
freeleaps-cluster-authenticator -h
Freeleaps Cluster Authentication requires some tools to ensure authentication workflow, please check belows and make sure they are installed on your device:
curlunzipunamejq
Once the required tools are installed, you can using command:
freeleaps-cluster-authenticator auth
to start authentication workflow.
Once authentication workflow started, Freeleaps Cluster Authenticator will check the requirements and automatically install kubectl and kubelogin if not found.
The console output should be like:
[GATHER] Checking OS and architecture...
[INFO] OS: linux
[INFO] Architecture: amd64
[PREREQUISITES] Checking for required tools...
[PREREQUISITES] curl: ✓
[PREREQUISITES] unzip: ✓
[PREREQUISITES] uname: ✓
[PREREQUISITES] kubectl: ✓
[PREREQUISITES] kubelogin: ✓
[PREREQUISITES] jq: ✓
And will shows [SETUP] Setting up kubelogin... if prerequisites checking passed.
Now you can open http://127.0.0.1:8000 with your browser, it will redirect to Microsoft login page, you can login Freeleaps Kubernetes Cluster with your mathmast.com Azure Directory account.
Console will shows [SETUP] kubelogin setup completed successfully. when authenticated successfully.
Now the Freeleaps Cluster Authenticator will prompt you to input your mathmast Azure Directory account name (ends with @mathmast.com):
[GATHER] Checking OS and architecture...
[INFO] OS: linux
[INFO] Architecture: amd64
[PREREQUISITES] Checking for required tools...
[PREREQUISITES] curl: ✓
[PREREQUISITES] unzip: ✓
[PREREQUISITES] uname: ✓
[PREREQUISITES] kubectl: ✓
[PREREQUISITES] kubelogin: ✓
[PREREQUISITES] jq: ✓
[SETUP] Setting up kubelogin...
[SETUP] kubelogin setup completed successfully.
[PROMPT] Please enter your Mathmast account name (ending with @mathmast.com, eg. jack@mathmast.com):
You can enter your mathmast.com Azure Directory account name and press enter to submit.
The Freeleaps Cluster Authenticator will automatically finish setting works when you submit your mathmast.com Azure Directory account name and the console should be like:
[PROMPT] Username: zhenyus@mathmast.com
[KUBECTL & KUBE_LOGIN] Setting kubectl credentials for zhenyus@mathmast.com...
[KUBECTL & KUBE_LOGIN] Credentials set successfully.
[KUBECTL] Adding cluster (named to: freeleaps-cluster) to kubectl...
[KUBECTL] Cluster added to kubectl successfully.
[KUBECTL] Creating kubectl context...
[KUBECTL] Context created successfully.
[KUBECTL] Using kubectl context...
[KUBECTL] Context set successfully.
[KUBECTL] Checking whoami...
ATTRIBUTE VALUE
Username zhenyus@mathmast.com
Groups [mathmast:admin system:authenticated]
[INFO] Your kubectl has been authenticated with your Mathmast account.
[INFO] Now you can try to using kubectl to interact with the cluster.
Now you are already finished authentication for Freeleaps Kubernetes Cluster.
You can using kubectl to work with Freeleaps Kubernetes CLuster right now.
Commands
Freeleaps Cluster Authenticator provides lots of useful command to help you complete authentication flow.
| Command | Alias | Usage |
|---|---|---|
auth |
-a,--auth |
Setup kubectl for Freeleaps Kubernetes Cluster with provides mathmast.com Azure Directory account |
reset-auth |
-r,--reset-auth |
Reset kubectl authentication state |
clear |
-c,--clear |
Clear authentication |
doctor |
-d, --doctor |
Check if all the required tools are installed |
dashboard |
-db, --dashboard |
Open dashboard for Freeleaps Kubernetes Cluster and forward the port to localhost and listen on 8443 |
get-token |
-gt, --get-token |
Get the token for the current user, usually to using for Kubernetes Dashboard authentication |
Freeleaps Cluster Proxifier
Helps to forward Kubernetes service ports to your local machine.
Prerequisites
- Authenticated kubectl access to Freeleaps Kubernetes Cluster
- Linux with Shell/Bash support
How to use?
First, grant executable permission to the script:
chmod ug+x freeleaps-cluster-proxifier
View available commands:
freeleaps-cluster-proxifier -h
List all available services that can be forwarded:
freeleaps-cluster-proxifier list-available
Forward a service port:
freeleaps-cluster-proxifier forward namespace/service -p local-port:service-port
List all active port forwards:
freeleaps-cluster-proxifier list
Stop forwarding a service:
freeleaps-cluster-proxifier stop namespace/service
Commands
| Command | Alias | Usage |
|---|---|---|
forward |
-f,--forward |
Forward a service port to local machine |
stop |
-s,--stop |
Stop forwarding a service |
list |
-l,--list |
List all forwarded services |
list-available |
-la,--list-available |
List all available services |
help |
-h,--help |
Show help message |
Infrastructure Authentication Retriever
Helps to retrieve authentication tokens for various infrastructure services.
Prerequisites
- Authenticated kubectl access to Freeleaps Kubernetes Cluster
- Linux with Shell/Bash support
How to use?
First, grant executable permission:
chmod ug+x infra-auth-retriver
View available commands:
infra-auth-retriver -h
Retrieve authentication token for a specific service:
infra-auth-retriver get-token <service-name>
List all available services:
infra-auth-retriver list
Commands
| Command | Alias | Usage |
|---|---|---|
get-token |
-gt,--get-token |
Retrieve authentication token for specified service |
list |
-l,--list |
List all available services |
help |
-h,--help |
Show help message |
Tips
Here are some useful tips for working with the Freeleaps Cluster Toolchains:
Jenkins and Grafana Accounts and Passwords: You can obtain Jenkins and Grafana accounts and passwords by executing the follow command.
infra-auth-retriver grafana
Argo Account and Password: You can obtain Argo account and password by executing the follow command.
infra-auth-retriver argocd