Getting started

Get started using Claudie

Prerequisites

Before you begin, please make sure you have the following prerequisites installed and set up:

1. Claudie needs to be installed on an existing Kubernetes cluster, referred to as the Management Cluster, which it uses to manage the clusters it provisions. For testing, you can use ephemeral clusters like Minikube or Kind. However, for production environments, we recommend using a more resilient solution since Claudie maintains the state of the infrastructure it creates.

2. Claudie requires the installation of cert-manager in your Management Cluster. To install cert-manager, use the following command:

   kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml
   

Supported providers

Supported Provider	Node Pools	DNS
AWS
Azure
GCP
OCI
Hetzner
Cloudflare	N/A

For adding support for other cloud providers, open an issue or propose a PR.

Install Claudie

1. Deploy Claudie to the Management Cluster:

   kubectl apply -f https://github.com/berops/claudie/releases/latest/download/claudie.yaml
   

To further harden claudie, you may want to deploy our pre-defined network policies:

# for clusters using cilium as their CNI
kubectl apply -f https://github.com/berops/claudie/releases/latest/download/network-policy-cilium.yaml

# other
kubectl apply -f https://github.com/berops/claudie/releases/latest/download/network-policy.yaml

Deploy your cluster

1. Create Kubernetes Secret resource for your provider configuration.

   kubectl create secret generic example-aws-secret-1 \
     --namespace=mynamespace \
     --from-literal=accesskey='myAwsAccessKey' \
     --from-literal=secretkey='myAwsSecretKey'
   

   Check the supported providers for input manifest examples. For an input manifest spanning all supported hyperscalers checkout out this example.

2. Deploy InputManifest resource which Claudie uses to create infrastructure, include the created secret in .spec.providers as follows:

   kubectl apply -f - <<EOF
   apiVersion: claudie.io/v1beta1
   kind: InputManifest
   metadata:
     name: examplemanifest
     labels:
       app.kubernetes.io/part-of: claudie
   spec:
     providers:
         - name: aws-1
         providerType: aws
         secretRef:
             name: example-aws-secret-1 # reference the secret name
             namespace: mynamespace     # reference the secret namespace
     nodePools:
         dynamic:
         - name: control-aws
             providerSpec:
               name: aws-1
               region: eu-central-1
               zone: eu-central-1a
             count: 1
             serverType: t3.medium
             image: ami-0965bd5ba4d59211c
         - name: compute-1-aws
             providerSpec:
               name: aws-1
               region: eu-west-3
               zone: eu-west-3a
             count: 2
             serverType: t3.medium
             image: ami-029c608efaef0b395
             storageDiskSize: 50
     kubernetes:
         clusters:
         - name: aws-cluster
             version: v1.24.0
             network: 192.168.2.0/24
             pools:
               control:
                   - control-aws
               compute:
                   - compute-1-aws        
   EOF
   

   Deleting existing InputManifest resource deletes provisioned infrastructure!

Connect to your cluster

Claudie outputs base64 encoded kubeconfig secret <cluster-name>-<cluster-hash>-kubeconfig in the namespace where it is deployed:

1. Recover kubeconfig of your cluster by running:

   kubectl get secrets -n claudie -l claudie.io/output=kubeconfig -o jsonpath='{.items[0].data.kubeconfig}' | base64 -d > your_kubeconfig.yaml
   

2. Use your new kubeconfig:

   kubectl get pods -A --kubeconfig=your_kubeconfig.yaml
   

Cleanup

1. To remove your cluster and its associated infrastructure, delete the cluster definition block from the InputManifest:

   kubectl apply -f - <<EOF
   apiVersion: claudie.io/v1beta1
   kind: InputManifest
   metadata:
     name: examplemanifest
     labels:
       app.kubernetes.io/part-of: claudie
   spec:
     providers:
         - name: aws-1
         providerType: aws
         secretRef:
             name: example-aws-secret-1 # reference the secret name
             namespace: mynamespace     # reference the secret namespace
     nodePools:
         dynamic:
         - name: control-aws
             providerSpec:
               name: aws-1
               region: eu-central-1
               zone: eu-central-1a
             count: 1
             serverType: t3.medium
             image: ami-0965bd5ba4d59211c
         - name: compute-1-aws
             providerSpec:
               name: aws-1
               region: eu-west-3
               zone: eu-west-3a
             count: 2
             serverType: t3.medium
             image: ami-029c608efaef0b395
             storageDiskSize: 50
     kubernetes:
       clusters:
   #      - name: aws-cluster
   #          version: v1.24.0
   #          network: 192.168.2.0/24
   #          pools:
   #            control:
   #                - control-aws
   #            compute:
   #                - compute-1-aws         
   EOF
   

2. To delete all clusters defined in the input manifest, delete the InputManifest. This triggers the deletion process, removing the infrastructure and all data associated with the manifest.

   kubectl delete inputmanifest examplemanifest