Spread Templating and Parameters

Overview of Spread templating concepts with tutorials

Spread templating enables users to easily configure and deploy containerized applications to Kubernetes. Parameters exposed in the command line provide a simple interface for entering in required information without needing to manually edit Kubernetes object files. This is our first release of templating, and we've focused on the user experience around configuring parameters for pre-defined templates. In the near future, we will update the documentation to show how to author templates.

1. Setting up Spread

If you haven't already done so, go ahead and set up Spread.

2. Using Parameters to Deploy Templated Applications

For this tutorial, we've set up an example application you can deploy with Spread from our Spread Library: a virtual private network (VPN). The following instructions will take you through deploying the application step-by-step.

Virtual Private Network (VPN)

A virtual private network (VPN) is a private network that extends across a public network or internet. It enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. A VPN is useful for securely and remotely accessing a corporate intranet, sending wireless transactions, and connecting to proxy servers to protect personal information or location, among other uses. (Source: Wikipedia)

1. Use one of the following commands to initiate deployment:

  • If you are using the local cluster solution, Minikube: spread deploy vpn
  • If you are using a remote cluster on GKE: spread deploy vpn-gke
  • If you are using a remote cluster on AWS: spread deploy vpn-aws

2. If you are on GKE or AWS, set up your volume:

Note: Setting up volumes is not required, but if the Pod dies, all configuration and certs will be lost (and the VPN will be useless).

  • For GKE, enter this command, filling in the placeholders: gcloud compute disks create --size=400GB my-vpn --project <projectName>
  • For AWS, enter this command, filling in the placeholders: ec2-create-volume --size 200 --region <regionName> --availability-zone <availabilityZoneName>

If you are using Minikube, there are no volumes to set up and you can skip on to the next step.

3. Next, you will be prompted to fill in the only required parameter:

OVPN_HOST (required) - Hostname to be used to connect to OpenVPN (i.e. vpn.example.com)

The following parameters are optional, as they are populated with sane defaults if left blank. Hit enter to click through them.

  • KUBE_DNS - Kubernetes DNS Nameserver
  • KUBE_DNS_SEARCH - DNS Search path to be used (i.e. cluster.local)
  • KUBE_SVC_NET - IP of Kubernetes Service Network
  • KUBE_SVC_MASK - Subnet Mask of Kubernetes Service Network

Once you have filled in your parameter(s), Spread will deploy your newly configured VPN to either a local cluster or your specified remote cluster.

4. Set up your client.

Now you’ve set up the server, and you want to get people to access the server. Let’s set up your client.

  • Find the pod that’s running: kubectl get pods
  • Create the certificate on the server using the pod name that you just found

kubectl exec -it <POD_NAME> easyrsa build-client-full CLIENTNAME novas

  • Write the certificate to a file, with the file name at the end

kubectl exec -it <POD_NAME> ovpn_getclient CLIENTNAME > CLIENTNAME.ovpn

If you're using Tunnelblick (OS X), you can double click that file to get access to the VPN server. For connecting client configuration for other operating systems, check out this handy link.

Woo! You're all set!

Authoring Templates (to be continued)

We will update this section with documentation on how to author Spread templates.