Introduction
Gitpod is a Ready-to-Code development platform which allow users to quickly contribute on projects. This platform is powered by VS-Code online.
GitOps is now a standard approach to manage applications and infrastructure delivery. Gitpod is very usefull for that, because you can offer to anyone a Ready-to-Use platform to administrate and contribute.
Gitpod simplifying project startup ! All the tools you use will be available in the VS-Code terminal.
Here, i will share my experience with Gitpod to administrate and contribute on Kubernetes projects.
Requirements
- Gitpod account on gitpod.io (Or self-hosted instance)
- Gitlab / Github account (or private Git server)
- Working Kubernetes cluster
- A web browser !
Getting Started
1. Init git project
First, you need to create en empty git project and open it with Gitpod.
Tips: You can install web-browser extension to quickly open git projects with Gitpod : https://www.gitpod.io/docs/browser-extension/
2. Set up .gitpod.yml
Gitpod allow user to specify environments settings like :
- Environment Docker image
- VS-Code extensions
- Startup tasks
Here, we want to manage and administrate a Kubernetes cluster.
Unfortunately, official Gitpod environment image does not contain Kubernetes administration tools (kubectl, Helm, Kustomize etc..).
So, we going to change default image to use a custom image with all needed tools.
Use image from Docker Hub (Easy method !)
I recently publish a Docker image with useful tools to manage Kubernetes cluster through Gitpod.
Project : https://github.com/quadeare/gitpod-kubectl
You can test this Gitpod environement by opening this project with Gitpod :
Create a .gitpod.yml
file and copy the following content :
image: quadeare/gitpod-kubectl:latest
After that, commit and push .gitpod.yml
. Then, restart Gitpod workspace (close and open).
Use local Dockerfile (Take control !)
You can also build you own Docker image (by using Gitpod) and remain self-sufficient without having to depend on an external image.
So, you can create a simple .gitpod.yml file with the following:
image: file: .gitpod.Dockerfile
Next, create .gitpod.Dockerfile like that :
FROM gitpod/workspace-base:latest ARG KUBECTL_VERSION=v1.22.2 RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl && \ chmod +x ./kubectl && \ sudo mv ./kubectl /usr/local/bin/kubectl && \ mkdir ~/.kube RUN set -x; cd "$(mktemp -d)" && \ OS="$(uname | tr '[:upper:]' '[:lower:]')" && \ ARCH="$(uname -m | sed -e 's/x86_64/amd64/' -e 's/\(arm\)\(64\)\?.*/\1\2/' -e 's/aarch64$/arm64/')" && \ curl -fsSLO "https://github.com/kubernetes-sigs/krew/releases/latest/download/krew.tar.gz" && \ tar zxvf krew.tar.gz && \ KREW=./krew-"${OS}_${ARCH}" && \ "$KREW" install krew && \ echo 'export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"' >> /home/gitpod/.bashrc
After that, commit and push .gitpod.yml
/.gitpod.Dockerfile
. Then, restart Gitpod workspace (close and open).
3. Add your kubeconfig as Gitpod secret
To administrate your Kubernetes cluster from Gitpod, you need to add Kubeconfig content as secret on Gitpod.
Gitpod supports encrypted, user-specific environment variables. They are stored as part of your user settings and can be used to set access tokens, or pass any other kind of user-specific information to your workspaces.
Convert Kubeconfig to base64
cat kubeconfig | base64 -w 0
Copy Kubeconfig (base64 format) to Gitpod
You can add multiple kubeconfig secrets with same variable name (ex : K8S_CTX) by using project scope !
4. Configure your project to extract kubeconfig
Now, edit your .gitpod.yml
file and add this following content :
tasks: - name: Set Glados K8s context command: echo $K8S_CTX | base64 -d > ~/.kube/config
After that, commit and push .gitpod.yml
. Then, restart Gitpod workspace (close and open).
Now, you should be able to administrate your Kubernetes cluster with Kubectl, Helm or even with VS-Code by using Kubernetes extension.
Kubectl and Helm commands
VS-Code Kubernetes extension
Conclusion
Gitpod can be very useful to quickly get a handle on Kubernetes clusters without having to install all tools (Kubectl, Krew plugins, Kustomize etc..).
However, it may be necessary to ask security question :
- Are Gitpod secrets really secured ?
- Are Gitpod workspace perfectly isolated ?
- Is it reasonable to put kubernetes cluster connection informations on Gitpod?
In my case, i prefer to install self-hosted Gitpod to keep my secrets/workspaces in secure place, but that may not be enough.
Moreover, it should not replace an automation by continuous integration. It’s very convenient to talk directly to a Kubernetes cluster, but Gitpod should not become a Kubernetes deployment solution. It should be used only for troobleshooting or testing.