Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ability to run qbec without kubeconfig and override qbec.yaml #166

Open
Andor opened this issue Oct 1, 2020 · 2 comments
Open

Add ability to run qbec without kubeconfig and override qbec.yaml #166

Andor opened this issue Oct 1, 2020 · 2 comments

Comments

@Andor
Copy link

Andor commented Oct 1, 2020
edited
Loading

Right now, qbec relies on ~/.kube/config and qbec.yaml files when it tries to find cluster credentials.

I think it would be rather nice if qbec will have the ability to provide all the parameters to connect to the cluster via command line.

In my specific case, I want the ability to run qbec from Terraform.
For instance, Terraform providers have configuration like this:

resource "aws_eks_cluster" "cluster" {
  name = "mycluster"
}

data "aws_eks_cluster_auth" "cluster" {
  name = aws_eks_cluster.cluster.id
}

provider "kubernetes" {
  host                   = aws_eks_cluster.main[0].endpoint
  cluster_ca_certificate = base64decode(aws_eks_cluster.main[0].certificate_authority.0.data)
  token                  = data.aws_eks_cluster_auth.cluster.token
}

And I imagine I want to run qbec from terraform with options like this:

resource "aws_eks_cluster" "cluster" {
  name = "mycluster"
}

data "aws_eks_cluster_auth" "cluster" {
  name = aws_eks_cluster.cluster.id
}

resource "null_resource" "cluster" {
  provisioner "local-exec" {
    command = <<COMMAND
qbec \
--k8s:token=${data.aws_eks_cluster_auth.cluster.token} \
--k8s:cluster-server=${aws_eks_cluster.cluster.endpoint} \
--k8s:cluster-ca-certificate=${aws_eks_cluster.cluster.certificate_authority.0.data} \
apply
COMMAND
  }
}

And/or with environment variables like this:

resource "aws_eks_cluster" "cluster" {
  name = "mycluster"
}

data "aws_eks_cluster_auth" "cluster" {
  name = aws_eks_cluster.cluster.id
}

resource "null_resource" "cluster" {
  provisioner "local-exec" {
    command = "qbec apply"
    environment = {
      QBEC_K8S_TOKEN = data.aws_eks_cluster_auth.cluster.token
      QBEC_K8S_CLUSTER_SERVER = aws_eks_cluster.cluster.endpoint
      QBEC_K8S_CLUSTER_CA_CERTIFICATE = aws_eks_cluster.cluster.certificate_authority.0.data
    }
  }
}

Options names are discussable ofc.
@gotwarlost
Copy link
Contributor

gotwarlost commented Jan 17, 2021
edited
Loading

Sorry, this issue fell through the cracks. Are you saying that even the environments defined in qbec.yaml should not exist?

qbec does need an env name to set the labels correctly for GC etc.

we already support a --force:k8s-context environment variable - we could conceivably add a new special value called __none__ and use everything from explicit env vars.

But it seems to be that it would be just as easy in terraform to create a kubeconfig with a single context containing the things of interest and force that to be the qbec context. (and explicitly set the --k8s:kubeconfig option to point to the file data file created in the terraform).

@Andor
Copy link
Author

Andor commented Jan 17, 2021

@gotwarlost That issue was only about cluster credentials, which are taken from kubeconfig file, which can be non-existant in some cases.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Andor @gotwarlost