Skip to content

vice apps

Create namespace

kubectl create ns vice-apps

Create a secret on namespace vice-apps vice-image-pull-secret

This secret has the harbor.org which allows the pod to pull docker images.

kubectl create secret generic vice-image-pull-secret \
    --from-file=.dockerconfigjson=/root/.docker/config.json \
    --type=kubernetes.io/dockerconfigjson -n vice-apps

Create serviceAccounts

## edit the namespace if you are running in a diffrent env
## vi /k8s-resources/resources/serviceaccounts/app-exposer.yml
kubectl apply -f /k8s-resources/resources/serviceaccounts/app-exposer.yml
kubectl apply -f /k8s-resources/resources/serviceaccounts/vice-app-runner.yml

Apply clusterrolebindings

## edit the namespace if you are running in a diffrent env
## vi /k8s-resources/resources/clusterrolebindings/app-exposer.yml
kubectl apply -f /k8s-resources/resources/clusterrolebindings/app-exposer.yml

Apply networkpolicies

To apply networkpolicies we need to edit the file /k8s-resources/resources/networkpolicies/vice-apps.yml, and add all the worker nodes, and master nodes, to it if we are using a diffrent env rather than prod.

e.g.

-        except:
         - ********
         - ********

+        except:
         - 10.0.10.0/24          # k8s master CIDR
         - ****************/32   # c1 
         - ****************/32   # w1 
         - ***************/32    # w2 
         - ***************/32    # w3 
         - **************/32     # w4
         - *************/32      # w5 
         - ************/32       # vice-w1

Run policy

kubectl apply -f /k8s-resources/resources/networkpolicies/vice-apps.yml

Apply roles

kubectl apply -f /k8s-resources/resources/roles/vice-apps.yml

Create porklock-config secrert for irods

Create irods-config.properties

Create a file irods-config.properties and add the values.

porklock.irods-home=
porklock.irods-user=
porklock.irods-pass=
porklock.irods-host=
porklock.irods-port=
porklock.irods-zone=
porklock.irods-resc=

Create secret from file

kubectl -n vice-apps create secret generic porklock-config --from-file=irods-config.properties

Restart the services

kubectl rollout restart apps app-exposer templeton-incremental templeton-periodic -n NAMESPACE

Install/configure ingress-nginx

For installing and configuring the ingress-nginx have a look at ingress-nginx