[Manual] Deploy cluster components in development environment

Question

[Manual] Deploy cluster components in development environment

Closed this issue 8 months ago · 8 comments

nikimanoledaki commented a year ago

This is to create a dev environment for the Green Reviews WG.

Cluster Creation

Create dev cluster
Share kubeconfig with other WG contributors to reuse the same clusters --> ping @rossf7 for kubeconfig

Cluster Components

Manage cluster components:

Phase 1: Base-level cluster components (MVP)

Cilium
Kepler
Prometheus

Phase 2: Gather idle metrics for Falco

Falco

Note: Falco can be deployed by the WG contributors in this dev environment to ensure that it can run alongside Kepler without any issues. However, we aim to extract this so that CNCF Project maintainers are responsible for configuring the deployment of the CNCF Project itself.

Phase 3: Gather load-test metrics

Synthetic workload
Load generation tool e.g. k6

Documentation

Document this process on the green-reviews-tooling repository & the design doc

Answer 1 · 2023-10-23T16:29:29.000Z

Adding myself

Answer 2 · 2023-10-23T19:46:08.000Z

I am also up for this 👍🏽

Answer 3 · 2023-11-02T21:06:37.000Z

I have a question here: can we involve the Falco guys to get Falco deployed manually in the cluster as a first step? We could just give them the kubeconfig and get started while we think more about the pipeline approach. What do you think?

Answer 4 · 2023-11-03T10:11:29.000Z

Could we start by asking the Falco team how they would recommend we do the install? Maybe we can install it rather than giving access to the cluster?

Answer 5 · 2023-11-22T09:29:11.000Z

Falco maintainers are in the process of creating a new repository (https://github.com/falcosecurity/cncf-green-review-testing) that will store everything needed from their side e.g. Falco deployment manifests, synthetic workload deployment manifests, benchmark tests, etc. However, Falco maintainers have less availability until early December.

It would be better to go with a workaround until then!

Answer 6 · 2023-11-22T09:30:37.000Z

I'm guessing that they will use this Ansible config that they sent, at least in part: https://github.com/falcosecurity/kernel-testing/blob/main/ansible-playbooks/roles/bootstrap/tasks/main.yml

We can always reach them through these issues if we need to ask them any questions:

Answer 7 · 2023-12-13T15:43:55.000Z

Synthetic workload has been installed we choose https://github.com/GoogleCloudPlatform/microservices-demo/tree/main/helm-chart#readme and we install it manually via helm, here there is a pull request for the 2-lines documentation on how to reproduce it

Answer 8 · 2024-01-10T15:58:48.000Z

I think we can close this issue, we have developed manually almost everything except from Falco