This guide contains several steps and links specific to developers at NAV. Some of them link to internal information in private repositories.
We recommend Linux-VDI users to use utvikler-ansible to set up their images.
For Linux- and Windows-VDI, you need to set up NAV-proxy before installing the tools.
Use the Kubernetes command-line tool, kubectl, to deploy and manage applications on Kubernetes. Using kubectl, you can inspect cluster resources; create, delete, and update components; and look at your new cluster and bring up example apps.
Linux and Mac users can use the install guide over at Kubernetes.io to install Kubectl. Windows users can follow the guide below. All three types of users need to configure Kubectl after installation.
What you can and can't do in the clusters are governed by RBAC-rules that are defined in the Naisible-repo. This is a bit technical, and it's better to read up on Kubectl operations over at Kubernetes.io. We also have made a small set of Kubectl operation examples.
- Download Kubectl from
F:\programvare\kubectl\kubectl.exe. Put the file where you usually install files - Add
kubectl.exeto the system environment variable$PATH - Check if everything is working by restarting your shell and running
kubectl
- Clone kubeconfigs from Github
- Point the
KUBECONFIGenvironment-variable to theconfigfile in the cloned repo* - Before you can begin using
Kubectl, you need to authorise with Azure. a. Switch to a clusterkubectl config use-context preprod-fssb. Runkubectl get podsand you will then be asked to authorise with Azure. Go to the address, use the code, and log in with your NAV e-post and NAV-ident password. When your user has been authorised, the shell-command will finish and return a list of pods running in the cluster.
Every time you change your NAV-ident password, you need to reset your Kubeconfigs credentials.
You will get an error similar to the one below:
Failed to acquire a token: refreshing the expired token: refreshing token: adal: Refresh request failed. Status Code = '400'. Response body: {"error":"invalid_grant","error_description":"AADSTS50173: The provided grant has expired due to it being revoked. The user might have changed or reset their password. ...
The easiest way to fix this is to run the following commands in the kubeconfigs-repo:
git checkout -- .
git reset
git pullAlternatively you can just remove the values under user.auth-provider.config for the following keys, in the kubeconfigs/config-yaml file: access-token, refresh-token, expires-in, expires-on.
After that, follow the instruction to configure kubectl.
PS: Some users have had to change Kubernetes context/cluster for the change to take effect.
Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications, whether on laptops, data center VMs, or the cloud.
Follow the install Docker-guide for local testing and development.
To be able to run the Docker daemon that comes with Docker Desktop (formerly known as Docker For Windows) in Nav's Windows virtual machine images we need to enable virtualization (Hyper-V) in the image.
You can ask to have virtualization enabled in the Slack channel #tech_virtualisering. You need to provide the name of the virtual machine, which you will find from within the image > Windows > Kontrollpanel > System og sikkerhet > System. Enabling virtualization requires reboot of the image.
Verify by opening Windows > Aktiver eller deaktiver Windows-funksjoner, find "Hyper-V" and see that all it's checkboxes are enabled.
You need the following variables set in your VDI:
http_proxy=http://webproxy-utvikler.nav.no:8088
https_proxy=http://webproxy-utvikler.nav.no:8088
no_proxy=localhost,127.0.0.1,*.adeo.no,.local,.adeo.no,.nav.no,.aetat.no,.devillo.no,.oera.no,devel,.nais.io