Tiny Systems Docs

Appearance

Connect your cluster to Tiny Systems

To manage resources, installing modules and monitoring your cluster the platform needs to have access to it. To do that you need to create a kubeconfig. It's all-in-one piece of configuration which contains all information needed to establish the connection.

Create kubeconfig

This page explains how to create kubeconfig to connect your cluster to Tiny Systems.
It is quite common when Kubernetes providers(e.g. GKE, EKS) are using their own CLI helpers to authorise users to access their clusters. Such kubeconfigs are not supported by Tiny Systems, so you have to create a new kubeconfig. Luckily that's an easy thing to do.

Prerequisites

  • You need to have kubectl installed and configured on your computer. Please address your kubernetes provider for the specific instructions. Run kubectl get ns to check if everything is working.
  • Install krew. Krew is the plugin manager for kubectl command-line tool.
  • Install view-serviceaccount-kubeconfig plugin for krew.

Create kubeconfig

Switch kubectl context to the cluster you want to use with Tiny Systems. First, we create Kubernetes namespace where Tiny Systems resources will be contained.

shell
kubectl create ns tinysystems

Create Tiny Systems service account within tinysystems namespace.

shell
kubectl -n tinysystems create serviceaccount tinysystems

Now you have two options of how to install Tiny Systems.

  1. Namespace-wide. All resources of any project and workspace will be installed into a single Kubernetes namespace called tinysystems.
  2. Cluster-wide. Common resources will be installed into tinysystems namespaces while workspace specific resources will be installed into a separate namespaces named after the workspace.

Which type should I choose? If you are willing to share the same cluster within several workspaces please consider cluster-wide installation. That will keep kubernetes resources from different workspaces isolated.

If you choose namespace-wide installation

Bind cluster-admin role to tinysystems service account within tinysystems namespace only using rolebinding.

shell
kubectl -n tinysystems create rolebinding tinysystems-admin-binding --clusterrole=cluster-admin --serviceaccount=tinysystems:tinysystems

If you choose cluster-wide installation.

Bind role using clusterrolebinding

shell
kubectl create clusterrolebinding tinysystems-admin-binding --clusterrole=cluster-admin --serviceaccount=tinysystems:tinysystems

Finally, create and print kubeconfig for the sevice account we created.

shell
kubectl -n tinysystems create token tinysystems --duration=3600s |  kubectl view-serviceaccount-kubeconfig

Use the resulted string during connection to your cluster.

WARNING

Please make sure you keep your kubeconfig safe.