minikube cluster can be registered in gopaddle either using its public IP address or a fully qualified domain name (FQDN) or securely via a Bastion Host or a Jump server.

1. Port Configuration

2. Set up Nginx Proxy

1. Install Python3 and Pip, if not already installed.

sudo apt install python3 -y
sudo apt install python3-pip -y
python3 --version

2. Install pyyaml dependency

pip install pyyaml

3. Make a temporary directory to download the scripts

export TMP_DIR=$HOME/gp_temp/
mkdir -p $TMP_DIR

4. Download the script to extract and expand the CA Certificate, Client Certificate and Key data in the Kubernetes configuration.

curl -o $TMP_DIR/replace-cert-data.sh https://gpscripts.s3.amazonaws.com/replace-cert-data.sh
chmod +x $TMP_DIR/replace-cert-data.sh

5. Install kubectl command line tool, if not installed already.

sudo snap install kubectl --classic

6. Install yq tool to filter Kubernetes YAML file contents.

sudo snap install yq

7. Run the replace script to extract and expand the CA Certificate, Client Certificate and Key data in the Kubernetes configuration

sh $TMP_DIR/replace-cert-data.sh $TMP_DIR

8. Download the script to extract the API server URL, CA Authority, Client certificate and key data from the default Kubernetes Configuration file.

curl -o $TMP_DIR/cluster-extract-config.py https://gpscripts.s3.amazonaws.com/cluster-extract-config.py
chmod +x $TMP_DIR/cluster-extract-config.py

9. Verify if the extraction script works as expected.

python3 $TMP_DIR/cluster-extract-config.py API_SERVER_URL --tmp-dir $TMP_DIR

The output of this execution must result in a similar output like this - Eg output. https://127.0.0.1:40773 Note that the ports might differ based on the cluster configuration.

10. Install Nginx and set HTTP basic authentication for the user named minikube.

sudo apt-get install apache2-utils -y
sudo mkdir /etc/nginx/
sudo htpasswd -c /etc/nginx/.htpasswd minikube

11. Download the scripts to prepare the Nginx configuration and SSL certificate files

curl -o $TMP_DIR/cluster-setup-nginx-config.sh https://gpscripts.s3.amazonaws.com/cluster-setup-nginx-config.sh
chmod +x $TMP_DIR/cluster-setup-nginx-config.sh

12. Prepare the Nginx configuration and SSL certificate files

sudo mkdir /etc/nginx/certs
sudo mkdir /etc/nginx/conf.d
sudo sh $TMP_DIR/cluster-setup-nginx-config.sh  $TMP_DIR

13. Install docker, if not already installed. Check the steps here to install docker.

14. Run Nginx container with the configuration and SSL certificate files.

sudo docker run -d --name nginx  --network host -v /etc/nginx/conf.d/:/etc/nginx/conf.d -v /etc/nginx/.htpasswd:/etc/nginx/.htpasswd -v /etc/nginx/certs/cluster.cert:/etc/nginx/certs/cluster.cert -v /etc/nginx/certs/cluster.key:/etc/nginx/certs/cluster.key nginx

15. Check if Nginx proxy works (skip this step for bastion host setup)

Open a browser session with the public IP address or the FQDN of the cluster master node. Eg. http://<public_ip>

This must show a popup for authentication. Enter the Username as kind and password set in step 6.

16. Copy the kube.config file to your local desktop environment

cat $TMP_DIR/kube.config

3. Validate Connection from Local Desktop Environment

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: <cert-auth-data>
    server: http://minikube:<http_passwd>@<public-ip_or_fqdn>
  name: minikube
contexts:
- context:
    cluster: minikube
    user: minikube
  name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
- name: minikube
  user:
    client-certificate-data: <client-cert-data>
    client-key-data: <client-key-data>

export KUBECONFIG=$(pwd)/kube.config
kubectl get ns

ssh -v -L <local_port>:<cluster_private_ip>:<cluster_nginxx_port> <bastion_user>@<bastion_public_ip> -i <bastion-ssh-pem-file> -N

ssh -v -L 8090:10.0.138.148:80 ubuntu@34.201.100.49 -i bastion.pem -N

apiVersion: v1
clusters:
  - cluster:
      server: http://minikube:<http_passwd>:localhost:<bastion_port> # Eg. 8090
      certificate-authority-data: <certificate-authority-data>
    name: minikube
contexts:
  - context:
      cluster: minikube
      namespace: default
      user: minikube
    name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
  - name: minikube
    user:
      client-certificate-data: <client-certificate-data>
      client-key-data: <client-key-data>

export KUBECONFIG=$(pwd)/kube.config
kubectl get ns

apiVersion: v1
clusters:
  - cluster:
      server: http://minikube:<http_passwd>:<private_ip>:80
      certificate-authority-data: <certificate-authority-data>
    name: minikube
contexts:
  - context:
      cluster: minikube
      namespace: default
      user: minikube
    name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
  - name: minikube
    user:
      client-certificate-data: <client-certificate-data>
      client-key-data: <client-key-data>

4. Register the Cluster in gopaddle

1. In the gopaddle UI, navigate to the Clusters section

2. Click on Add a Cluster and select Register an existing Cluster

3. In the Cluster registration wizard, select the Cluster Access Method as Kube Config

4. Choose the Cluster Provider type as Other

5. In the Authentication Step, upload the Kubernetes config file gathered under section "Validate Connection from Local Desktop Environment".

6. If you have configured a bastion host, provide the Bastion Host IP, SSH Pem file, SSH port

7. Click on Finish to register the On-premises Cluster.

8. If you see the error - Network Error ! ServerError: Response not successful: Received status code 503, while view the cluster resources, then check this troubleshooting section for more information.