Creating a Kubernetes Relay

Prerequisites

Instructions

  1. Generate a relay token. Log into the Admin UI and select Gateways on the left navigation bar. Click on the add relay button in the upper right, and a box will pop up. You can rename the relay here, or do it later. Click on create and the relay token will appear onscreen.

    New Relay

    Copy the relay token and put it aside, being careful to capture every character. You will need it again below.

    Note: See sdm relay create if you want to generate a token via the CLI.

  2. Encode the resulting token in base64: echo -n <token-string> | base64

    Note: If you generate the token from the CLI, it will have a trailing \n character, which you will have to strip before passing it through base64.

  3. Create the YML file for your Kubernetes relay. Use the following, replacing <<< token-in-base64 >>> with the Base64-encoded token:

     kind: Secret
     apiVersion: v1
     metadata:
       name: sdm-relay-secret
     type: Opaque
     data:
       # replace <<< token-in-base64 >>> with the token generated by "sdm create relay-gateway"
       token: "<<< token-in-base64 >>>"
     ---
     kind: Deployment
     apiVersion: apps/v1beta2
     metadata:
       name: sdm-relay-deployment
       labels:
         app: sdm-relay
     spec:
       replicas: 1 # must always be 1.
       selector:
         matchLabels:
           app: sdm-relay
       template:
         metadata:
           labels:
             app: sdm-relay
         spec:
           # You may use node affinity to ensure that these containers are only
           # deployed to publicly visible nodes.
           # affinity:
           #   nodeAffinity:
           #     requiredDuringSchedulingIgnoredDuringExecution:
           containers:
           - name: sdm-relay
             image: quay.io/sdmrepo/relay:latest
             imagePullPolicy: Always
             env:
               - name: SDM_ORCHESTRATOR_PROBES
                 value: ":9090"
               - name: SDM_RELAY_TOKEN
                 valueFrom:
                   secretKeyRef:
                     name: sdm-relay-secret
                     key: token
             livenessProbe:
               httpGet:
                 path: /liveness
                 port: 9090
               initialDelaySeconds: 5
               periodSeconds: 10
    
  4. To activate your relay, execute the kubectl command

    $ kubectl create -f name-of-relay-file.yml

  5. To verify that it is running, run kubectl get services again. You should see your gateway on the list of running services.
     $ kubectl get services
     NAME                TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)           AGE
     kubernetes          ClusterIP   10.96.0.1       <none>        443/TCP           21h
     sdm-relay-service   NodePort    10.104.132.14   <none>                          21h
    
  6. Login to the Admin UI. In that section, the relay you created should appear Online, with a heartbeat.

    "Relay status in Admin UI"

    If any errors occur or if the relay does not report “online” status, please contact support@strongdm.com for assistance.