From 5ea036786311369a48b972afb052dd593e6b990c Mon Sep 17 00:00:00 2001 From: Traci Morrison Date: Wed, 14 Aug 2019 13:58:18 -0400 Subject: [PATCH] Add install Helm on Docker EE section Signed-off-by: Traci Morrison --- ee/ucp/user-access/kubectl.md | 35 ++++++++++++++++++++++++++--------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/ee/ucp/user-access/kubectl.md b/ee/ucp/user-access/kubectl.md index a94173b91d..16f97b708b 100644 --- a/ee/ucp/user-access/kubectl.md +++ b/ee/ucp/user-access/kubectl.md @@ -4,9 +4,9 @@ description: Learn how to install kubectl, the Kubernetes command-line tool, on keywords: ucp, cli, administration, kubectl, Kubernetes --- -Docker EE 2.0 and higher deploys Kubernetes as part of a UCP installation. +Docker Enterprise 2.0 and higher deploys Kubernetes as part of a UCP installation. Deploy, manage, and monitor Kubernetes workloads from the UCP dashboard. Users can -also interact with the Kubernetes deployment through the Kubernetes +also interact with the Kubernetes deployment through the Kubernetes command-line tool named kubectl. To access the UCP cluster with kubectl, install the [UCP client bundle](cli.md). @@ -28,10 +28,10 @@ To use kubectl, install the binary on a workstation which has access to your UCP > Kubernetes only guarantees compatibility with kubectl versions that are +/-1 minor versions away from the Kubernetes version. {: .important} -First, find which version of Kubernetes is running in your cluster. This can be found -within the Universal Control Plane dashboard or at the UCP API endpoint [version](/reference/ucp/3.2/api/). +First, find which version of Kubernetes is running in your cluster. This can be found +within the Universal Control Plane dashboard or at the UCP API endpoint [version](/reference/ucp/3.2/api/). You can also find the Kubernetes version using the Docker CLI. You need to source a client bundle and type the `docker version` command. -From the UCP dashboard, click on **About Docker EE** within the **Admin** menu in the top left corner +From the UCP dashboard, click **About** within the **Admin** menu in the top left corner of the dashboard. Then navigate to **Kubernetes**. ![Find Kubernetes version](../images/kubernetes-version.png){: .with-border} @@ -91,14 +91,31 @@ curl https://storage.googleapis.com/kubernetes-release/release/$env:k8sversion/b -## Using kubectl with a Docker EE cluster +## Using kubectl with a Docker Enterprise cluster -Docker Enterprise Edition provides users unique certificates and keys to authenticate against - the Docker and Kubernetes APIs. Instructions on how to download these certificates and how to +Docker Enterprise provides users unique certificates and keys to authenticate against + the Docker and Kubernetes APIs. Instructions on how to download these certificates and how to configure kubectl to use them can be found in [CLI-based access.](cli.md#download-client-certificates) +## Install Helm on Docker Enterprise + +Helm is the package manager for Kubernetes. Tiller is the Helm server. Before installing Helm on Docker Enterprise, you must meet the following requirements: + +* You must be running a Docker Enterprise 2.1 or higher cluster. +* You must have kubectl configured to communicate with the cluster (usually this is done via a client bundle). + +To use Helm and Tiller with UCP, you must grant the default service account within the kube-system namespace the necessary roles. Enter the following kubectl commands in this order: + +```bash +kubectl create rolebinding default-view --clusterrole=view --serviceaccount=kube-system:default --namespace=kube-system + +kubectl create clusterrolebinding add-on-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default +``` +It is recommended that you specify a Role and RoleBinding to limit Tiller’s scope to a particular namespace, as described in [Helm’s documentation](https://helm.sh/docs/using_helm/#example-deploy-tiller-in-a-namespace-restricted-to-deploying-resources-only-in-that-namespace). + +See [initialize Helm and install Tiller](https://helm.sh/docs/using_helm/#initialize-helm-and-install-tiller) for more information. + ## Where to go next - [Deploy a workload to a Kubernetes cluster](../kubernetes.md) - [Deploy to Kubernetes on Docker Desktop for Mac](/docker-for-mac/kubernetes.md) -