- A running Kubernetes cluster with publicly accessible nodes and stable IPs
First, add your gateway/relay to the Admin UI and generate a token for it. To do this, log into the Admin UI and select Gateways on the left navigation bar. Click on the add gateway button in the upper right, and a box will pop up. You can rename the gateway here, or do it later.
If you intend to instead create a relay, click add relay, fill in the name, and click create. For more information on the difference between gateways and relays, please check out the gateway documentation.
Advertised host should be the IP address or host that the gateway will be listening on. Select a TCP port (default 5000) for the service to listen on.
Click on create and the token will appear onscreen.
Copy the token and put it aside, being careful to capture every character. You will need it again below. See sdm admin relay create-gateway if you want to generate a token via the CLI.
Encode the resulting token in base64:
echo -n [token-string>]| base64
If you generate the token from the CLI, it will have a trailing
\ncharacter, which you will have to strip before passing it through
Create the YML file for your Kubernetes gateway/relay. Use the following, replacing
[token-in-base64]with the Base64-encoded token:---kind: SecretapiVersion: v1metadata:name: sdm-relay-secrettype: Opaquedata:token: [token-in-base64]---kind: DeploymentapiVersion: apps/v1metadata:name: sdm-relay-deploymentlabels:app: sdm-relayspec:replicas: 1 # must always be 1.selector:matchLabels:app: sdm-relaytemplate:metadata:labels:app: sdm-relayspec:# You may use node affinity to ensure that these containers are only# deployed to publicly visible nodes.# This doesn't work with fargate profiles# affinity:# nodeAffinity:# requiredDuringSchedulingIgnoredDuringExecution:# nodeSelectorTerms:# - matchExpressions:# - key: alpha.eksctl.io/nodegroup-name# operator: In# values:# - ng-1containers:- name: sdm-relayimage: quay.io/sdmrepo/relay:latestimagePullPolicy: Alwaysenv:- name: SDM_ORCHESTRATOR_PROBESvalue: ":9090"- name: SDM_RELAY_TOKENvalueFrom:secretKeyRef:name: sdm-relay-secretkey: tokenlivenessProbe:httpGet:path: /livenessport: 9090initialDelaySeconds: 25timeoutSeconds: 10periodSeconds: 15failureThreshold: 5
If you are setting up a relay, that is the end of the config file. If you are setting up a gateway, you need the following added to your YML:---kind: ServiceapiVersion: v1metadata:name: sdm-relay-servicelabels:app: sdm-relayspec:type: "NodePort"selector:app: sdm-relayports:- name: gateway# or relayport: 30001targetPort: 5000nodePort: 30001# You may use externalIPs as a way to get a stable IP configuration.# then map 126.96.36.199 to sdmrelay.mycompany.comexternalIPs:- 188.8.131.52
To ensure that the external IP address is persistent, you'll need to either use node affinity (in the Deployment section) or
externalIPsin the NodePort section.
To activate your gateway/relay, execute the kubectl command
$ kubectl create -f name-of-gateway-file.yml
To verify that it is running, run
kubectl get servicesagain. You should see your gateway on the list of running services.$ kubectl get servicesNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 21hsdm-relay-service NodePort 10.104.132.14 <none> 30001:30001/TCP 21h
Login to the Admin UI. In that section, the gateway you created should appear Online, with a heartbeat.
If any errors occur or if the gateway does not report "online" status, please contact email@example.com for assistance.