Setting up a Kubernetes environment (k3s) on Ubuntu

You can use the script that is provided with Rational® Test Automation Server to set up a k3s Kubernetes environment.

Before you begin

You must have completed the following tasks:

Installed the following software:
- OpenSSH server
- Helm
Ensured that your computer has a Domain Name Server (DNS) resolvable host name to resolve the host name into a machine-readable IP address.

About this task

As part of the k3s Kubernetes environment set up, you can enable the following software:

Jaeger: By using this software, you can trace test logs and Jaeger-based reports when you run tests.
Prometheus server: By using this software, you can monitor your system resources by using metrics data that are collected by a Prometheus server.

Procedure

Use an SSH session to log in to the Ubuntu server.

Run the following command to retrieve the case from IBM Cloud Pack repository:

curl -o ibm-rtas-case-4.1013.0.tgz https://raw.githubusercontent.com/IBM/cloud-pak/master/repo/case/ibm-rtas-case-4.1013.0.tgz

Run the following command to extract the case:
```
tar xvf ibm-rtas-case-4.1013.0.tgz
```
Run any of the following commands to install the k3s Kubernetes environment:

Note: The second option allows you to override the name of the Kubernetes domain that is created.
- Run the following commands to install with the default name that is either based on IP address or fully qualified host name:
```
#Run the following commands if you are on Ubuntu 18.04
$ cd ibm-rtas-case/inventory/ibmRtasBase/files
$ sudo ./ubuntu-init.sh

#Run the following commands if you are on Ubuntu 20.04
$ cd ibm-rtas-case/inventory/ibmRtasBase/files
$ sudo HOME=$HOME ./ubuntu-init.sh
```
- Run the following commands to install k3s Kubernetes environment by overriding the default name:
```
$ cd ibm-rtas-case/inventory/ibmRtasBase/files
$ sudo INGRESS_DOMAIN={rtas.}myorg.com HOME=$HOME ./ubuntu-init.sh
```
  where:
  - {rtas.} is a sub-domain name that you specified for the server. For example, testenv.
    Note: The sub-domain must consist of lowercase alphanumeric characters, -(hyphen) or .(period). Also, the value must start and end with an alphanumeric character.
  - myorg.com is the domain name of your organization. For example, ibm.com
You can access the product through a web browser by using any of the following ways:
- Fully Qualified Hostname: When the server is configured, you can use hostname -f command to get the fully qualified hostname defined in the DNS to access Rational® Test Automation Server. For example, rtas.myorg.com
- IP address: You can use the IP address to access Rational® Test Automation Server when you cannot create a specific DNS record for the server. For example, ip-address.nip.io
On completion of the ubuntu-init.sh script, a namespace with the name test-system is created to install the server software and the output displays the following information on the command-line interface:
- The INGRESS_DOMAIN that is in use. This is, the URL from where you can access Rational® Test Automation Server. You must use this value for the global.ibmRtasIngressDomain parameter in step 5 in the server installation topic.
- The DNS information that the Kubernetes cluster uses to resolve names.
- Certificate Authority (CA) that must be import into the browser to prevent certificate errors.
  You can run the following command to get the certificate from the system:
```
kubectl get secret ingress -n test-system -o jsonpath={.data.ca\\.crt} | base64 -d
```
- Instructions to confirm whether the Kubernetes environment has started.
  
  You can refer to the Results section for more details on how to verify the Kubernetes environment has started.
Perform one of the following options to configure a firewall:
- Run the following script to configure the firewall that allows traffic on cni0 and port 443:
```
#Run the following command if you are on Ubuntu 18.04
$ sudo ./ubuntu-firewall.sh

#Run the following command if you are on Ubuntu 20.04
$ sudo HOME=$HOME ./ubuntu-firewall.sh
```
  Note: You must consult your network administrator before you run this script and confirm that whether the firewall is compatible with your corporate policy.
- Update the firewall that allows traffic on cni0 and port 443, if your Ubuntu server is already configured with the firewall.

Optional: Run the following command to enable Istio service virtualization, a Tech Preview feature:

#Run the following command if you are on Ubuntu 18.04
$ sudo ./ubuntu-init.sh --demo

#Run the following command if you are on Ubuntu 20.04
$ sudo HOME=$HOME ./ubuntu-init.sh --demo

Optional: Run the following command to enable the Jaeger traces for performance and Web UI tests:
```
./service.sh expose jaeger
```
Note: If you do not enable Jaeger, Rational® Test Automation Server produces text output in a microservice log file instead of Jaeger traces when you run performance and Web UI test assets.

Important: The Jaeger traces are not protected, thus, any information logged into the Jaeger server might be easily accessible by anyone who has or discovers the <server-url>/jaeger URL.
Optional: Run the following command to enable the Prometheus server to monitor your system resources by using metrics data:
```
./service.sh expose prometheus
```
Important: The Prometheus metrics are not protected, thus, any information logged into the Prometheus server might be easily accessible by anyone who has or discovers the <server-url>/prometheus URL.

Results

You have set up the Kubernetes environment on Ubuntu.

Note: You can run the kubectl get pods -A command to verify that the Kubernetes environment is working. After a while, the status of the pods must be Running or Complete state.

What to do next

You must log in to the server host system again after the installation process is completed so that changes to the group membership are applied.
You can install the server software. See Installing the server software on Ubuntu by using k3s.