Giters

NicklasXYZ / selfhosted-serverless

A collection of instructions for setting up OpenFaaS or OpenWhisk in a k3s Kubernetes cluster.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

self-hostedopenfaasopenwhiskk3sguide

Overview

This repository contains a small collection of documents with instructions and links to helpful external resource. The instructions and links have been collected for the purpose of easily setting up a Kubernets cluster for running serverless functions using the OpenFaaS or OpenWhisk framework.

Install a Kubernetes Cluster (k3s)

Install k3s, a small and lightweight Kubernetes distribution:

curl -sfL https://get.k3s.io | sh -

Check that everything was installed properly by seeing whether or not a node is actually listed:

k3s kubectl get node

Install Helm

Install helm, a Kubernetes package manager:

curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh
rm -f get_helm.sh

Install OpenFaaS

For OpenFaaS installation instructions see here. For more information visit the OpenFaaS docs.

Install OpenWhisk

For OpenWhisk installation instructions see here. For more information visit the OpenWhisk docs.

(Optional) Install Sealed Secrets

SealedSecret can be used to encrypt secrets. A "sealed secret" can be decrypted only by the controller running in the target cluster and nobody else. In the instructions below it is assumed that cluster/server-side resources are deployed to a k3s kubernetes cluster.

Client-side setup & configuration

Install sealed secrets client-side

Install the latest version (0.16.0 at the time of writing) of the sealed secrets client-side program:

wget https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.16.0/kubeseal-linux-amd64 -O kubeseal && \
sudo install -m 755 kubeseal /usr/local/bin/kubeseal && \
rm -f kubeseal

To get a more recent version visit the relevant github repository here.

Cluster/server-side setup & configuration

(Optional) create a sealed secrets namespace:

sudo k3s kubectl create namespace sealed-secrets

Download manifests for the sealed secrets controller:

curl -L kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.16.0/controller.yaml > sealed-secrets.yaml

Again, to get a more recent version visit the relevant github repository here.

If another sealed-secrets namespace was created then change the default namespace of the sealed secrets controller from kube-system to sealed-secrets. Otherwise the controller will just be deployed to the default kube-system namespace.

sed -i -e "s/kube-system/sealed-secrets/g" sealed-secrets.yaml

Finally, deploy the sealed secrets controller:

sudo k3s kubectl apply -f sealed-secrets.yaml && \
rm -rf sealed-secrets.yaml

Verify that a sealed secrets pod has been deployed and is up and running:

sudo k3s kubectl get pods --namespace sealed-secrets

About

A collection of instructions for setting up OpenFaaS or OpenWhisk in a k3s Kubernetes cluster.

self-hostedopenfaasopenwhiskk3sguide