Perpetual K8s Cluster Application Onboard
This document deals with the Creating Namespace and Access Management to the Perpetual GDA Clusters.Below points will give an idea about the Clusters.
- K8s Clusters are owned by Perpetual team.
- To host an application to the K8s Cluster, Namespace creation is the initial step.
- Since these managed clusters, We dont have dedicated clusters to SMDS
- We need to create a namespace under the GDA Common Clusters.
- Below are the GDA Cluster Details. Mutli Region Clusters with 2 Environments
- gda-np-ne-01.json: https://github.com/Maersk-Global/platform-data/blob/master/data/clusters/gda-np-ne-01.json
- gda-np-westeurope-1.json: https://github.com/Maersk-Global/platform-data/blob/master/data/clusters/gda-np-westeurope-1.json
- gda-prod-ne-01.json: https://github.com/Maersk-Global/platform-data/blob/master/data/clusters/gda-prod-ne-01.json
- gda-prod-westeurope-1.json: https://github.com/Maersk-Global/platform-data/blob/master/data/clusters/gda-prod-westeurope-1.json
Namespace Creation
Application namespace configurations are stored as a JSON file in the Platform Data repository.
https://github.com/Maersk-Global/platform-data/tree/master/data/customers
By Adding the below entries in the existing JSON, Namespaces can be created to deploy the Applications.
customer Name : Application Name (for ex. cmd.json) productkey : Unique for the application (user defined) admiral_product_code : Available in the Admiral under each Application ad_security_group uuid : New AD Group for Cluster Access Management. (Should be created from Admiral) cluster_name : GDA Cluster Names are mentioned above namespaces name : Unique to the Environment (smdscmd-cdt,smdscmd-pp & smdscmd-prod)
Below JSON can be edited with inputs to create a namespace in the GDA Clusters.
{
"customer": {
"name": "CMD",
"metadata": {
"productkey": "cmd",
"admiral_product_code": "customer-master-data-manage",
"contactemail": "rahul.singh2@maersk.com",
"notify_channel": "https://maersk.webhook.office.com/webhookb2/eea7a791-5d7b-4d73-a785-5b90932d665c@05d75c05-fa1a-42e7-9cf1-eb416c396f2d/IncomingWebhook/a5661f3add2f4012823f55645e9d6c7f/6da5cf44-bbbb-45dd-9a6b-f102784232ff"
},
"tools": {
"vault": {
"enabled": true,
"approles": false,
"ad_security_group": {
"uuid": "f1125e70-9dda-4da2-ae77-0909041874fa",
"description": "SMDS CMD AKS Platform",
"name": "customer-master-data-manage (Production) Team aksplatform(Privileged)"
},
"azure_role_access": {
"use_azure_sp": true,
"read_only_sp_config": {
"service_principals": [
"bde25eac-49da-475a-9f65-29c6e7ed52cd"
],
"ad_group_ids": [
"f1125e70-9dda-4da2-ae77-0909041874fa"
]
},
"write_only_sp_config": {
"service_principals": [
"bde25eac-49da-475a-9f65-29c6e7ed52cd"
],
"ad_group_ids": [
"f1125e70-9dda-4da2-ae77-0909041874fa"
]
}
}
},
"fluxcd": {
"enabled": true
},
"kubernetes": [
{
"enabled": true,
"cluster_class": "gda",
"cloud_name": "azure",
"region_name": "westeurope",
"environment_name": "dev",
"cluster_name": "gda-np-westeurope-1",
"azure_sp_access": {
"use_azure_sp": true,
"service_principal": "bde25eac-49da-475a-9f65-29c6e7ed52cd"
},
"ad_security_groups": [
{
"uuid": "f1125e70-9dda-4da2-ae77-0909041874fa",
"description": "SMDS CMD AKS Platform",
"name": "customer-master-data-manage (Production) Team aksplatform(Privileged)"
}
],
"namespaces": [
{
"name": "smdscmd-cdt",
"labels": [],
"annotations": [
{
"key":"replicas-max",
"value": "2"
},
{
"key":"downscaler/exclude",
"value": "true"
}
],
Its an one time activity, We can create namespaces for the Different GDA Clusters in the same JSON attributes.
Refer :
https://github.com/Maersk-Global/platform-data/blob/master/data/customers/cmd.json
https://github.com/Maersk-Global/platform-data/blob/master/data/customers/opsmdm.json
https://github.com/Maersk-Global/platform-data/blob/master/data/customers/smdsvendor.json