Container Platform

The GARR Cloud Container Platform is an environment for automating deployment, scaling, and management of containerized applications, based on

../_images/Kubernetes_logo.svg

Kubernetes enables rapid application development and iteration by making it easy to deploy, update, and manage your applications and services. You can attach persistent storage and even run a database in your cluster. Simply describe the compute, memory, and storage resources your application containers require, and Kubernetes provisions and manages the underlying cloud resources automatically.

Support for hardware accelerators enables running Machine Learning, General Purpose GPU, High-Performance Computing, and other workloads that benefit from specialized hardware accelerators.

For an introduction to Kubernetes try the Kubernetes Basics tutorial.

The GARR Container Platform uses the same accounts as the GARR Cloud Compute Platform. To appy for an account, register here.

Installing kubectl

You need to install kubectl on a machine, which could be as well a VM on the GARR Cloud.

Follow these instruction to install kubectl.

This cheatsheet lists the commands available.

Configuring kubectl for Application Credentials

Create a directory in your home:

$ mkdir -p ~/.kube/bin

where to dowload the plugin for Keystone the application credentials.

Linux

::
$ cd ~/.kube/bin $ curl -O https://git.garr.it/cloud/charms/kubernetes-keystone/raw/master/bin/linux-amd64/kubectl-keystone-auth $ chmod +x kubectl-keystone-auth

Mac OS

::
$ cd ~/.kube/bin $ curl -O https://git.garr.it/cloud/charms/kubernetes-keystone/raw/master/bin/osx-amd64/kubectl-keystone-auth $ chmod +x kubectl-keystone-auth

Download your credentials

Follow these instructions to obtain an app-cred-*-kubeconfig file using application credentials from GARR’s OpenStack dashboard.

Move the app-cred-*-kubeconfig file to ~/.kube/config.

Test the credentials:

$ kubectl get pods

Dashboard Access

You can start a dashbord for controlling your cluster through a GUI by doing:

$ kubectl proxy

By default, this establishes a proxy running on your local machine and the kubernetes-master unit. To reach the Kubernetes dashboard, visit:

http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

To log in to the dashboard you need to authenticate. Follow this procedure:

  1. List your secrets:

    $ kubectl get secrets
    NAME                  TYPE                                  DATA      AGE
    default-token-g98dg   kubernetes.io/service-account-token   3         1d
    
  2. Obtain the token for the secret named default-token-xxxx (in this example default-token-g98dg):

    $ kubectl describe secret default-token-g98dg
    Name:         default-token-g98dg
    Namespace:    colla
    Labels:       <none>
    Annotations:  kubernetes.io/service-account.name=default
                  kubernetes.io/service-account.uid=fcd785ad-8ffd-11e8-8674-74e6e266c8e1
    
    Type:  kubernetes.io/service-account-token
    
    Data
    ====
    ca.crt:     1167 bytes
    namespace:  5 bytes
    token:      AAAABBBBBCCCCCCDDDDD....
    
  3. Open the dashboard and select the Token method (see figure).

    ../_images/k8s-dash-login.png
  4. Enter the token and press SIGN IN.

  5. You will land in the default namespace where you don’t have permissions, so you will get error messages like these:

    ../_images/k8s-dash-default.png
  6. Click on default below Namespace on the left panel and enter the namespace that has been assigned to you on registration. You will now be able to see your deployments! (see figure).

    ../_images/k8s-dash-namespace.png

Testing

See this example to test the cluster.

Persistent Volumes

See this guide for instructions on how to claim persistent volumes to use with a deployment.

GPUs

The Container Platform includes a node with a few Nvidia Tesla V100 GPUs. Read these instruction on how to use the GPU’s.