Merge branch '686-docs' into 'master'

Updated documentation per task request Closes #686 See merge request platform-one/big-bang/bigbang!1123

Merge branch '686-docs' into 'master'
59114153 · Micah Nagel · 45ec2970 · 9a492f2a · 59114153 · 59114153
Commit 59114153 authored 3 years ago by Micah Nagel
--- a/docs/developer/develop-package.md
+++ b/docs/developer/develop-package.md
@@ -169,3 +169,27 @@ Under Settings → Repository → Default Branch, ensure that main is selected.

 1. After the merge create a git tag following the charter convention of {UpstreamChartVersion}-bb.{BigBangVersion}. The tag should exactly match the chart version in the Chart.yaml.
 example:    1.2.3-bb.0
+
+### Private registry secret creation
+In some instances you may wish to manually create a private-registry secret in the namespace or during a helm deployment.  There are a couple of ways to do this:
+
+1. The first way is to add the secret manually using kubectl. This method is useful for standalone package testing/development.
+
+   ```shell
+   kubectl create secret docker-registry private-registry --docker-server="https://registry1.dso.mil" --docker-username='Username' --docker-password="CLI secret" --docker-email=<your-email> --namespace=<package-namespace>
+   ```
+2. The second is to create a yaml file containing the secret and apply it during a helm install. This method is applicable when installing your new package as part of the Big Bang chart. In this example the file name is "reg-creds.yaml":
+
+Create the file with the secret contents:
+   ```yaml
+   registryCredentials:
+     registry: registry1.dso.mil
+     username: ""
+     password: ""
+     email: ""
+   ```
+
+Then include a reference to your file during your helm install command by adding the below `-f` to your Big Bang install command:
+   ```shell
+   -f reg-creds.yaml
+   ```
\ No newline at end of file
--- a/docs/developer/development-environment.md
+++ b/docs/developer/development-environment.md
@@ -126,53 +126,6 @@ k3d cluster create \
    --api-port 6443
 ```

-**_Optionally_** you can set your image pull secret on the cluster so that you don't have to put your credentials in the code or in the command line in later steps
-
-```shell
-# Create the directory for the k3s registry config.
-mkdir ~/.k3d/
-
-# Define variables
-YOURUSERNAME="<user_name>"
-YOURCLISECRET="<CLI secret>"
-EC2_PUBLIC_IP=$( curl https://ipinfo.io/ip )
-
-# Create the config file using your registry1 credentials.
-cat << EOF > ~/.k3d/p1-registries.yaml
-configs:
-  "registry1.dso.mil":
-    auth:
-      username: $YOURUSERNAME
-      password: $YOURCLISECRET
-EOF
-
-# Create k3d cluster
-k3d cluster create \
-    --servers 1 \
-    --agents 3 \
-    --volume ~/.k3d/p1-registries.yaml:/etc/rancher/k3s/registries.yaml \
-    --volume /etc/machine-id:/etc/machine-id \
-    --k3s-server-arg "--disable=traefik" \
-    --k3s-server-arg "--disable=metrics-server" \
-    --k3s-server-arg "--tls-san=$EC2_PUBLIC_IP" \
-    --port 80:80@loadbalancer \
-    --port 443:443@loadbalancer \
-    --api-port 6443
-```
-
-Here is an explanation of what we are doing with this command:
-
- `--servers 1` Creating 1 master/server
- `--agents 3` Creating 3 agent nodes
- `--k3s-server-arg "--disable=traefik"` Disable the default Traefik Ingress
- `--k3s-server-arg "--disable=metrics-server"` Disable default metrics
- `--k3s-server-arg "--tls-san=<your public ec2 ip>"` This adds the public IP to the kubeapi certificate so that you can access it remotely.
- `--port 80:80@loadbalancer` Exposes the cluster on the host on port 80
- `--port 443:443@loadbalancer` Exposes the cluster on the host on port 443
- `--volume ~/.k3d/p1-registries.yaml:/etc/rancher/k3s/registries.yaml` volume mount image pull secret config for k3d cluster.
- `--volume /etc/machine-id:/etc/machine-id` volume mount so k3d nodes have a file at /etc/machine-id for fluentbit DaemonSet.
- `--api-port 6443` port that your k8s api will use. 6443 is the standard default port for k8s api
-
 ### Step 3

 Test the cluster from your local workstation. Copy the contents of the k3d kubeconfig from the EC2 instance to your local workstation. Do it manually with copy and paste.
@@ -487,3 +440,54 @@ sudo wget -q -O - https://raw.githubusercontent.com/rancher/k3d/main/install.sh

 # exit ssh and then reconnect so you can use docker as non-root
 ```
+
+### Setting an imagePullSecret on the cluster with k3d
+
+
+**_This methodology is not recommended_**
+It is possible to set your image pull secret on the cluster so that you don't have to put your credentials in the code or in the command line in later steps
+
+```shell
+# Create the directory for the k3s registry config.
+mkdir ~/.k3d/
+
+# Define variables
+YOURUSERNAME="<user_name>"
+YOURCLISECRET="<CLI secret>"
+EC2_PUBLIC_IP=$( curl https://ipinfo.io/ip )
+
+# Create the config file using your registry1 credentials.
+cat << EOF > ~/.k3d/p1-registries.yaml
+configs:
+  "registry1.dso.mil":
+    auth:
+      username: $YOURUSERNAME
+      password: $YOURCLISECRET
+EOF
+
+# Create k3d cluster
+k3d cluster create \
+    --servers 1 \
+    --agents 3 \
+    --volume ~/.k3d/p1-registries.yaml:/etc/rancher/k3s/registries.yaml \
+    --volume /etc/machine-id:/etc/machine-id \
+    --k3s-server-arg "--disable=traefik" \
+    --k3s-server-arg "--disable=metrics-server" \
+    --k3s-server-arg "--tls-san=$EC2_PUBLIC_IP" \
+    --port 80:80@loadbalancer \
+    --port 443:443@loadbalancer \
+    --api-port 6443
+```
+
+Here is an explanation of what we are doing with this command:
+
+- `--servers 1` Creating 1 master/server
+- `--agents 3` Creating 3 agent nodes
+- `--k3s-server-arg "--disable=traefik"` Disable the default Traefik Ingress
+- `--k3s-server-arg "--disable=metrics-server"` Disable default metrics
+- `--k3s-server-arg "--tls-san=<your public ec2 ip>"` This adds the public IP to the kubeapi certificate so that you can access it remotely.
+- `--port 80:80@loadbalancer` Exposes the cluster on the host on port 80
+- `--port 443:443@loadbalancer` Exposes the cluster on the host on port 443
+- `--volume ~/.k3d/p1-registries.yaml:/etc/rancher/k3s/registries.yaml` volume mount image pull secret config for k3d cluster.
+- `--volume /etc/machine-id:/etc/machine-id` volume mount so k3d nodes have a file at /etc/machine-id for fluentbit DaemonSet.
+- `--api-port 6443` port that your k8s api will use. 6443 is the standard default port for k8s api
\ No newline at end of file