/athena

A service that knows everything about your installation

Primary LanguageGoApache License 2.0Apache-2.0

CircleCI Docker Repository on Quay

Athena

Athena is a service that knows some useful things about your cluster. Its purpose is to provide some non-sensitive data (e. g. the CA certificate of the Kubernetes API, the cluster identifier, the cloud provider) to public clients, so they could easily establish a connection with the Kubernetes API, and identify the cluster that they're talking to.

Athena is typically running in every Giant Swarm management cluster, but is also useful in workload clusters.

Installing in a workload cluster

If Dex is already configured in the workload cluster, Athena can be used to provide OIDC access information to kubectl gs for easy login via SSO.

The app is installed in workload clusters, via our app platform.

Other than the app itself, you will need to provide a values.yaml configuration.

The management cluster name is needed as minimal configuration.

managementCluster:
  name: test

It is also possible to override the api and issuer addresses as well as the cluster name and provider in case it is needed:

managementCluster:
  name: test
clusterID: example
provider:
  kind: aws
kubernetes:
  api:
    address: https://api.test.example.io
oidc:
  issuerAddress: https://dex.test.example.io

Access to athena can be restricted to certain CIDRs.

security:
  subnet:
    customer:
      public: x.x.x.x/x,x.x.x.x/x
      private: x.x.x.x/x
    restrictAccess:
      gsAPI: true

Examples

Athena provides a GraphQL service. You can find example queries in the examples folder. You can execute these in the GraphQL playground app (at the / route).

How to add a new property?

Adding a new query property is relatively simple. We can illustrate this by adding a new party property.

  1. Create a new schema for your new property

pkg/graph/graphql/party.graphql

type Party {
  name: String!
}
  1. Extend the Query by adding your new property to it.

pkg/graph/graphql/party.graphql

type Party {
  name: String!
}
+
+   extend type Query {
+     party: Party!
+   }
  1. Run the code generator
$ go generate ./...
  1. Add your resolver implementation (what to return when that parameter is queried).

pkg/graph/resolver/party.resolvers.go

func (r *queryResolver) Party(ctx context.Context) (*model.Party, error) {
-  	 panic(fmt.Errorf("not implemented"))
+    p := &model.Party{
+		Name: "something",
+	 }
+
+    return p, nil
}
  1. See it in action

You can run the app locally, and execute a query for this in the GraphQL playground app (at the / route).