Add CLI bootstrap flux documentation #4136
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -30,23 +30,26 @@ For those seeking other scenarios or fine-grain customisation [Weave GitOps Ente | |
|
|
||
| ### Prerequisites | ||
|
|
||
| :::warning Required Permissions | ||
| A Platform Engineer running the boostrap command requires to have both **cluster admin** permissions on the Management Cluster and **push** permissions to the Git repository. | ||
| ::: | ||
|
|
||
| Before you start make sure the following requirements are met: | ||
|
|
||
| - [ ] **Management Cluster**: a Kubernetes cluster with a Kubeconfig with cluster admin permissions to be able to create resources. | ||
| - [ ] **Git Repository with SSH access**: the Git configuration repo to be used by Flux and Weave GitOps. | ||
| - [ ] **Flux CLI**: is [installed](https://fluxcd.io/flux/installation/#install-the-flux-cli) locally. It will be used for reconciling Flux resources. | ||
| - [ ] **Weave GitOps Enterprise Entitlements** are installed in the Management Cluster. Contact [Sales](/help-and-support/) for help on getting them. | ||
|
|
||
| ### Install `gitops-ee` CLI | ||
|
|
||
| Weave GitOps Enterprise Bootstrap functionality is available on Weave GitOps Enterprise CLI starting from version v0.35. If you haven't already, please install the latest `gitops-ee` CLI using this command. | ||
|
|
||
| ```bash | ||
| brew install weaveworks/tap/gitops-ee | ||
| ``` | ||
|
|
||
| ### Bootstrap Weave GitOps Enterprise | ||
|
|
||
| Please use the following command to start the installation wizard of Weave GitOps Enterprise. | ||
|
|
||
|
|
@@ -67,10 +70,13 @@ Please use the following command to start the installation wizard of Weave GitOp | |
| ```bash | ||
| gitops bootstrap \ | ||
| --kubeconfig=$HOME/.kube/config \ | ||
| --private-key=$HOME/.ssh/id_ed25519 --private-key-password="" \ | ||
| --version="0.35.0" \ | ||
| --domain-type="localhost" \ | ||
| --password="admin123" \ | ||
| --repo-url="ssh://git@github.com/my-org-name/my-repo-name" \ | ||
| --branch="main" \ | ||
| --repo-path="clusters/my-cluster" | ||
| ``` | ||
| For more information about the CLI configurations, check the below sections [here](#cli-configurations) | ||
|
|
||
|
|
@@ -85,18 +91,25 @@ Please use the following command to start the installation wizard of Weave GitOp | |
| `gitops-ee bootstrap` is a workflow that will take you through the following stages: | ||
|
|
||
| 1. [Verify Flux](#verifying-flux): verify Flux installation on the Management cluster. | ||
| 2. (Optional) [Bootstrap Flux](#bootstrap-flux): bootstrap Flux in case is not found. | ||
| 3. [Verify Entitlement](#verifying-entitlement): verify the Entitlements secret content (username, password, entitlement). | ||
|
There was a problem hiding this comment. it feels odd that we could be doing a mutation in the cluster like installing flux without first verifying entitlements (given that is a pre-requirement). how do you guys feel about this ( cc @MostafaMegahid @waleedhammam ) There was a problem hiding this comment. i think when we discussed it before, there was a dependency as the entitlement lies in There was a problem hiding this comment. Yes, I mean that given we have verifyXX as step, those seem better to come first before any action, as they are pre-conditions that we need to meet or we would drop. if we are in the scenario of dropping cause pre-condition is not met, you dont want to have done any change in the users environment
|
||
| 4. [Configure Git Access](#configure-git-access): configure the access to your configuration repo. | ||
| 5. [Select WGE version](#selecting-wge-version): from the latest 3 available releases. | ||
| 6. [Create Cluster User](#create-cluster-user): create a Secret with the username and password for the emergency cluster user. | ||
| 7. [Configure Dashboard Access](#configure-dashboard-access): choose between 2 methods to access the dashboard either local or external. | ||
| 8. [Access the dashboard](#access-the-dashboard): via the link from the installation success message. | ||
| 9. (Optional) [Configure OIDC](#configure-oidc): to enable login to dashboard via OIDC providers. | ||
|
|
||
| #### Verify Flux | ||
|
|
||
| Weave GitOps Enterprise runs on top of Flux, the bootstrap CLI will check if Flux is installed on the management cluster, and it will verify that it has the right version with valid git repository setup, and it is able to reconcile Flux components properly. | ||
| If Flux is installed, but doesn't have a valid installation, the bootstrap CLI will terminate pending the fix or uninstall of current Flux installation. | ||
|
|
||
| #### Bootstrap Flux | ||
|
|
||
| If Flux is not found in the Management Cluster, you have the ability to bootstrap it with the [Generic Git](https://fluxcd.io/flux/installation/bootstrap/generic-git-server/). | ||
| You will be prompted to provide: `repository url`, `repository branch` and `path` to reconcile. Based on your `repository url` authentication credentials will be requested. | ||
| For SSH, `private key path` & `private key password`. For HTTPS, `username` and `password`. After getting the right info regarding your repo, Flux will start to bootstrap and reconcile your repo. | ||
|
|
||
| #### Verify Entitlement | ||
|
|
||
|
|
@@ -155,3 +168,8 @@ Please don't forget to add a new static-client on your OIDC provider settings wi | |
| - `-c`, `--private-key-password`: Private key password. If the private key is encrypted using password | ||
| - `-u`, `--username`: Dashboard admin username | ||
| - `-v`, `--version`: Weave GitOps Enterprise version to install | ||
| - `--repo-url`: Git repo url for your Flux repository | ||
| - `--git-username`: Git username which contains your repository | ||
| - `--gitPassword`: Git password/token to give Flux the accessiblity to be able to reconcile the repo | ||
| - `-b`, `--branch`: Git branch for your Flux repository | ||
| - `-r`, `--repo-path`: Git path for your Flux repository (example: clusters/my-cluster) | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
have you tested whether you could bootstrap with this command?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes, I've tested it with the same command and everything went well
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cool, i guess i meant before without the
\that i dont think it would work.