We are bringing the best of Tectonic to Red Hat OpenShift to build the most secure, hybrid Kubernetes application platform.
End-users of Tectonic are expected to deploy applications directly in Kubernetes. For first-time users of Kubernetes, familiarize yourself with the building blocks of Kubernetes:
Your application's architecture will drive how you assemble these components together.
Tectonic supports three different methods of interacting with Kubernetes:
See below for more information on how to use each of these.
The primary method of access control for Kubernetes is client certificates issued to you by your administrator. These certificates can be used to access the Kubernetes API and configured for use with kubectl
.
The Tectonic Console gives end-users an easy-to-navigate view of the live event stream and workload of the Tectonic cluster. By default, the Console is not exposed to the internet, and your administrator may have placed it behind a VPN or other restricted location.
End-users more familiar with command-line tools will find kubectl
a productive method of deploying their Kubernetes-aware applications.
In order to use kubectl, an end-user must be issued client certificates to the Kubernetes API by an administrator.
Configure your local Kubernetes client using the following commands:
${MASTER_IP}
with the Kubernetes API location${CA_CERT}
with the path to the ca.pem
managed by the administrator${USER_KEY}
with the path to the user-key.pem
issued by the administrator${USER_CERT}
with the path to the user.pem
issued by the administrator$ kubectl config set-cluster vagrant --server=https://${MASTER_IP}:443 --certificate-authority=${CA_CERT}
$ kubectl config set-credentials vagrant-user --certificate-authority=${CA_CERT} --client-key=${USER_KEY} --client-certificate=${USER_CERT}
$ kubectl config set-context vagrant --cluster=vagrant --user=vagrant-user
$ kubectl config use-context vagrant
Once kubectl is properly configured, it can be used to explore Kubernetes entities:
$ kubectl get nodes
NAME LABELS STATUS
10.0.0.197 kubernetes.io/hostname=10.0.0.197 Ready
10.0.0.198 kubernetes.io/hostname=10.0.0.198 Ready
10.0.0.199 kubernetes.io/hostname=10.0.0.199 Ready
An end-user may integrate external tools and applications with Kubernetes directly via a swagger-based API. After being issued certificates to the Kubernetes API by an administrator, an end-user should be able to make direct API requests.
See the upstream documentation for more information about the API semantics.