Skip to main content

Deploy with minikube

It’s possible to deploy an SE2 environment to a local environment using a local Kubernetes cluster.

Requirements

Steps

1. Create a folder for the environment

This is a temporary place where we’ll create and configure our SE2 environment:

mkdir my-se2

cd my-se2

2. Start up our Kubernetes cluster

Kubernetes clusters usually live on the cloud. However, with minikube, we can create a local one to use:

minikube start

3. Expose our cluster to the internet with ngrok

This command will forward all requests to a randomly-generated URL to http://localhost:80

ngrok http http://localhost
tip

Jot down that URL generated by ngrok! It’ll look something like https://84925795ffae.eu.ngrok.io

4. Generate your SE2 manifests

Next we’ll be using Subo to generate our Kubernetes manifest files!

subo se2 deploy --dryrun

You will be asked for a domain. Please make sure to enter your domain from ngrok.

This will generate some Kubernetes manifest files, which will now live in the .suborbital/ folder:

  • se2-deployment.yaml
  • se2-autoscale.yaml
  • se2-controlplane-deployment.yaml

5. Disable TLS checks in the SE2 environment

Open up .suborbital/se2-controlplane-deployment.yaml in your editor of choice, and make the following changes.

We are disabling the built-in TLS certificate provisioning, as ngrok already takes care of this for us.

Under the Builder Container:

- name: builder
image: suborbital/se2-builder:v0.4.2
command: ["builder"]

ports:
- containerPort: 8080
- containerPort: 8443

env:
- name: SE2_DOMAIN
value: "<YOUR_NGROK_DOMAIN>"

- name: SE2_TLS_PORT
value: "8443"

- name: SE2_LOG_LEVEL
value: "info"

- name: SE2_CONTROL_PLANE
value: "se2-controlplane-service:8081"

volumeMounts:
- mountPath: "/home/se2"
name: controlplane-storage

Delete the following line:

delete containerPort: 8443

Delete the following key-value pair:

- name: SE2_DOMAIN
value: "<YOUR_NGROK_DOMAIN>"

Replacing the following key-value pair:

- name: SE2_TLS_PORT
value: "8443"

With the following:

name: SE2_HTTP_PORT
value: "8080"

Under the se2-builder-service:

apiVersion: v1
kind: Service
metadata:
namespace: suborbital
name: se2-builder-service
spec:
selector:
app: se2-controlplane
ports:
- protocol: TCP
name: challenge
port: 80
targetPort: 8080
- protocol: TCP
name: https
port: 443
targetPort: 8443
type: LoadBalancer

Our builder service no longer needs to expose HTTPS ports as ngrok will forward both HTTP and HTTPS traffic to port 80.

Remove the following lines:

- protocol: TCP
name: https
port: 443
targetPort: 8443

6. Deploy to your cluster

Run the following Subo command to deploy SE2 to your cluster:

subo se2 deploy

7. Setup minikube tunneling

Let’s tell minikube to forward requests to port 80 to our cluster!

minikube tunnel

8. Create an editor token

In order to test our editor, we’re going to come up with a extension name, and create a token so we can access it!

This can only be done as an API call from within your cluster. Since we’re currently not running an app in our cluster, we’ll just make the call from within!

First, we’ll need the name of our control plane pod:

kubectl get pod -n suborbital

Your output will look something like this:

NAME                                           READY   STATUS    RESTARTS   AGE
se2-deployment-7bfb9d76c6-sv5dr 1/1 Running 0 1s
se2-controlplane-deployment-5699f779f7-xmkhr 2/2 Running 0 1s

Let’s take that full name of our se2-controlplane-deployment pod and start a bash session inside it:

kubectl exec -n suborbital -it se2-controlplane-deployment-<REST OF POD CODENAME> -- bash

Would you look at that, we’re inside our cluster now!

Let’s install curl:

apt update; apt install curl

With curl installed, we can now get our editor token for testing:

curl [http://local.suborbital.network:8081/api/v1/token/<IDENT>/default/](http://local.suborbital.network:8081/api/v1/token/com.acmeco.gr9fas97234b/default/httpget)<EXTENSION_NAME>

In which:

  • IDENT: Customer identity, for example: com.example.12345
  • EXTENSION_NAME : A name for your extension

This will give you a JSON response with a token. Let’s copy it!

9. Try out the extension editor

The extension editor is available through building a specific URL. We can do that now that we have all the ingredients. In your browser, try opening up the following URL:

[https://editor.suborbital.network/?builder=https://<NGROK_DOMAIN>&token=<EDITOR_TOKEN>&ident=<IDENT>&fn=](https://editor.suborbital.network/?builder=https://4515-62-178-0-213.eu.ngrok.io&token=StIsWXsIAPJsjVlxcgItgvWS&ident=com.acmeco.gr9fas97234b&fn=ramono)<EXTENSION_NAME>&template=<LANGUAGE_TEMPLATE>

In which:

  • NGROK_DOMAIN: The domain generated by ngrok in step 3
  • EDITOR_TOKEN: The token generated by the control plane API in step 8
  • IDENT: Customer identity, for example: com.example.12345
  • EXTENSION_NAME : A name for your extension
  • LANGUAGE_TEMPLATE: A template to be prefilled when opening the editor for a new extension, defaulting to AssemblyScript.