2 minutes
Playing with kube files using Podman
The goal of this exercise is to create two skupper-router containers named skupper-router-east and skupper-router-west
with Podman, exposing a TLS AMQP listener on the east router, with all generated credentials
and router configuration included as Kubernetes descriptors (using YAML), so that these YAML
files can be loaded with podman kube play
to spin up the two router pods.
All files mentioned here, can be found below.
Deploying this sample
To deploy this sample, run: ./play.sh
, or execute:
podman network create skupper-router-sample
podman kube play --userns=keep-id --network=skupper-router-sample skupper-router-east-west.yaml
When you run this sample, a podman network (mode: bridge) named skupper-router-sample
will
be created.
Once the network is created, podman kube play
will be invoked to process the YAML
file named skupper-router-east-west.yaml
.
This will run two pods (with one container each), named respectively:
- skupper-router-east-pod / skupper-router-east-pod-skupper-router-east
- skupper-router-west-pod / skupper-router-west-pod-skupper-router-west
The east container uses a TLS certificate which is valid for the host skupper-router-east
,
which is a valid host within the generated podman network.
The west container uses a TLS certificate generated by the same CA for authentication.
Teardown
To remove all the created pods and network, run: ./down.sh
, or execute:
podman kube down --force skupper-router-east-west.yaml
podman network rm --force skupper-router-sample
The script will basically run podman kube down --force skupper-router-east-west.yaml
and
will also remove the podman network that has been created earlier.