To start working with Kubernetes clusters, RMK needs to initialize the configuration for the current environment. At the time of configuration initialization launch, RMK prepares the state in the form of the current environment config with all the required attributes for further work. It also downloads and resolves and installs all necessary dependencies and tools described in the project.yaml file in the root of the project repository.
Example of the configuration:
name: kodjin-develop # RMK config name, a unique identifier which consists of the tenant name and the abbreviated name of the Git branch.
tenant: kodjin # Tenant name.
environment: develop # Environment name.
config-from: kodjin-develop # Configuration name from which the cluster configuration was inherited.
root-domain: kodjin-develop.edenlab.dev # Root domain name used across the cluster.
aws:
profile: kodjin-develop # AWS profile name for the AWS CLI.
region: eu-north-1 # AWS region of the current Kubernetes cluster.
account_id: "123456789"
# ...All attributes can be overridden using RMK flags or environment variables.
Prerequisites:
- The
GITHUB_TOKENvariable or--github-tokenflag are required: GitHub Personal Access Tokens (PAT).The token should have the
repo: full controlpermissions.- Project repository has already been created and initialized.
- At least one Git branch for the environment exists already.
rmk config initIf an AWS profile with the correct name has not been created previously during the first initialization of the configuration, RMK will start the creation process. The 2 supported configuration scenarios are:
- through environment variables:
AWS_REGION,AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY - interactive input: the AWS credentials will be requested one by one.
If the environment variables has been declared before the rmk config init command was run, RMK will create a profile
based on their values. Otherwise, the interactive mode will begin.
RMK automatically check for an MFA device, when the following command is executed: rmk config init.
To set up an MFA device, if it is required by the administrator, the following actions should be executed:
- First, sign in to the AWS Management Console.
- Then, go to the following page to set up security credentials: My security credentials
- Navigate to the "Multi-factor authentication (MFA)" section and set up an MFA device. If a device name is required, specify a name.
- After that, sign out and sign in again to refresh AWS policies
(might be required in case of an IAM policy based on the
aws:MultiFactorAuthPresentcondition exists). - Finally, on the "My security credentials" page navigate to the "Access keys for CLI, SDK, & API access" section and create a new AWS access key, if needed.
For the detailed documentation regarding the MFA setup in AWS, go to AWS documentation
You can also check the lifetime of the session token by running the command: rmk config init
2022-12-14T09:02:20.267+0100 INFO MFA remaining time for token validity: 11:59:48
When initializing the RMK configuration for feature or release clusters, you can use inheritance
from a previously saved configuration that contains the necessary credentials to create a Kubernetes cluster.
Let's say you want to create or connect to the feature cluster with the credentials of the develop cluster,
in this case you must run the initialization command with the --config-from-environment flag. For example:
rmk config init --config-from-environment=<develop|staging|production|ffs-XXX|vX.X.X-rc|vX.X.X>rmk config init --aws-reconfigurermk config init --root-domain="example.com"rmk config deleteWhen deleting the current RMK configuration, the respective AWS profile files will be deleted as well.