GitBook: [#543] Provider Helm Charts

SUMMARY.md

@@ -57,7 +57,28 @@
 
 * [Features](features/README.md)
   * [Test Page](features/test-page.md)
-* [Other Resources](other-resources.md)
+* [Other Resources](other-resources/README.md)
+  * [Experimental](other-resources/experimental/README.md)
+    * [Akash Cloud Provider Build With Helm Charts](other-resources/experimental/akash-cloud-provider-build-with-helm-charts/README.md)
+      * [STEP 1 - Prerequisites of an Akash Provider](other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-1-prerequisites-of-an-akash-provider.md)
+      * [STEP 2 - Kubernetes Configurations](other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-2-kubernetes-configurations.md)
+      * [STEP 3 - Export Provider Wallet](other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-3-export-provider-wallet.md)
+      * [STEP 4 - Helm Installation on Kubernetes Node](other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-4-helm-installation-on-kubernetes-node.md)
+      * [STEP 5 - Provider Build via Helm Chart](other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-5-provider-build-via-helm-chart.md)
+      * [Step 6 - Hostname Operator Build](other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-6-hostname-operator-build.md)
+      * [STEP 7 - Ingress Controller Install](other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-7-ingress-controller-install.md)
+      * [Step 8 - Firewall Rule Review](other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-8-firewall-rule-review.md)
+      * [Step 9 - Domain Name Review](other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-9-domain-name-review.md)
+    * [Kubernetes Cluster for Akash Providers](other-resources/experimental/kubernetes-cluster-for-akash-providers/README.md)
+      * [STEP 1 - Clone the Kubespray Project](other-resources/experimental/kubernetes-cluster-for-akash-providers/step-1-clone-the-kubespray-project.md)
+      * [STEP 2 - Install Ansible](other-resources/experimental/kubernetes-cluster-for-akash-providers/step-2-install-ansible.md)
+      * [STEP 3 - Ansible Access to Kubernetes Cluster](other-resources/experimental/kubernetes-cluster-for-akash-providers/step-3-ansible-access-to-kubernetes-cluster.md)
+      * [STEP 4 - Ansible Inventory](other-resources/experimental/kubernetes-cluster-for-akash-providers/step-4-ansible-inventory.md)
+      * [STEP 5 - Enable gVisor](other-resources/experimental/kubernetes-cluster-for-akash-providers/step-5-enable-gvisor.md)
+      * [STEP 6 - Create Kubernetes Cluster](other-resources/experimental/kubernetes-cluster-for-akash-providers/step-6-create-kubernetes-cluster.md)
+      * [STEP 7 - Confirm Kubernetes Cluster](other-resources/experimental/kubernetes-cluster-for-akash-providers/step-7-confirm-kubernetes-cluster.md)
+      * [STEP 8 - Disable Swap on Kubernetes Hosts](other-resources/experimental/kubernetes-cluster-for-akash-providers/step-8-disable-swap-on-kubernetes-hosts.md)
+      * [STEP 9 - Review Firewall Policies](other-resources/experimental/kubernetes-cluster-for-akash-providers/step-9-review-firewall-policies.md)
 
 ## About Akash <a href="#glossary" id="glossary"></a>
 

other-resources.md → other-resources/README.md

@@ -1,3 +1,2 @@
 # Other Resources
 
-GH

other-resources/experimental/README.md

@@ -0,0 +1,3 @@
+# Experimental
+
+Guides provided in the Experimental category are in the process of further review.

other-resources/experimental/akash-cloud-provider-build-with-helm-charts/README.md

@@ -0,0 +1,19 @@
+# Akash Cloud Provider Build With Helm Charts
+
+
+
+An Akash Provider leases compute to users launching new deployments. Follow the steps in this guide to build your own provider.
+
+This guide uses a single Kubernetes master node.
+
+Overview and links to the steps involved:
+
+* [Prerequisites of an Akash Provider](step-1-prerequisites-of-an-akash-provider.md)
+* [Kubernetes Configurations](step-2-kubernetes-configurations.md)
+* [Export Provider Wallet](step-3-export-provider-wallet.md)
+* [Helm Installation on Kubernetes Node](step-4-helm-installation-on-kubernetes-node.md)
+* [Provider Build via Helm Chart](step-5-provider-build-via-helm-chart.md)
+* [Hostname Operator Build](step-6-hostname-operator-build.md)
+* [Ingress Controller Install](step-7-ingress-controller-install.md)
+* [Firewall Rule Review](step-8-firewall-rule-review.md)
+* [Domain Name Review](step-9-domain-name-review.md)

other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-1-prerequisites-of-an-akash-provider.md

@@ -0,0 +1,19 @@
+# STEP 1 - Prerequisites of an Akash Provider
+
+## Akash Wallet
+
+Placing a bid on an order requires a 5 AKT deposit placed into collateral per bid won. If the provider desired 2 concurrent leases, the provider’s wallet would need minimum funding of 10AKT.
+
+The steps to create an Akash wallet are covered in the Provider setup section of this [document](https://docs.akash.network/token/keplr).
+
+## **Kubernetes Cluster**
+
+A full Kubernetes cluster is required with outbound internet access and be reachable from the internet.
+
+If you need assistance in building a new cluster, visit the [Kubernetes Cluster for Akash Providers ](broken-reference)guide.
+
+## RPC Node
+
+Akash Providers need to run their own blockchain RPC node to remove dependence on public nodes.  This is a strict requirement.  The RPC node should not run as a deployment on the Testnet network as no long running workloads should run in that environment and deployments running for more than several hours be deleted.
+
+Build your own RPC node via these [instructions](broken-reference).

other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-2-kubernetes-configurations.md

@@ -0,0 +1,13 @@
+# STEP 2 - Kubernetes Configurations
+
+Create Provider namespaces on your Kubernetes cluster.
+
+Run these commands from a Kubernetes master node which has kubectl access to cluster.
+
+```
+kubectl create ns akash-services
+kubectl label ns akash-services akash.network/name=akash-services akash.network=true
+
+kubectl create ns ingress-nginx
+kubectl label ns ingress-nginx app.kubernetes.io/name=ingress-nginx app.kubernetes.io/instance=ingress-nginx
+```

other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-3-export-provider-wallet.md

@@ -0,0 +1,19 @@
+# STEP 3 - Export Provider Wallet
+
+In this section we will export the pre-existing, funded wallet to store the private key in a local file.  To conduct the commands in this section the Akash CLI must be installed which is detailed in this [guide](broken-reference).
+
+The wallet used will be used for the following purposes:
+
+* Pay for provider transaction gas fees
+* Pay for bid collateral which is discussed further in this section
+
+## **Export Private Key to Local File**
+
+* The key-name can be any name of your choice
+* Note the passphrase used to protect the private key as it will be used in future steps
+
+```
+cd ~
+
+akash keys export <key-name> > key.pem
+```

other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-4-helm-installation-on-kubernetes-node.md

@@ -0,0 +1,31 @@
+# STEP 4 - Helm Installation on Kubernetes Node
+
+*   Install Helm on a Kubernetes Master Node
+
+    ```
+    wget https://get.helm.sh/helm-v3.6.2-linux-amd64.tar.gz
+
+    tar -zxvf helm-v3.6.2-linux-amd64.tar.gz
+
+    mv linux-amd64/helm /usr/local/bin/helm
+
+    helm repo add akash https://ovrclk.github.io/helm-charts
+    ```
+
+
+
+## **Confirmation of Helm Install**
+
+**Print Helm Version**
+
+```
+helm version
+```
+
+**Expected Output**
+
+```
+root@node1:~# helm version
+
+version.BuildInfo{Version:"v3.6.2", GitCommit:"ee407bdf364942bcb8e8c665f82e15aa28009b71", GitTreeState:"clean", GoVersion:"go1.16.5"}
+```

other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-5-provider-build-via-helm-chart.md

@@ -0,0 +1,79 @@
+# STEP 5 - Provider Build via Helm Chart
+
+
+
+## **Environment Variables**
+
+* Declare the following environment variables for Helm
+* Replace the variable  with your own settings
+* Notes on settings and values
+  * [ ] Domain should be a publicly accessible DNS name dedicated for your provider use such as myprovider.com.  More info on provider domain name use is available [here](broken-reference).
+  * [ ] The moniker does not consequence and can be any identifier of your choosing
+
+```
+ACCOUNT_ADDRESS=<wallet-address-exported-previously-into-key.pem-file>
+KEY_SECRET=<password-used-for-private-key-export>
+DOMAIN=<domain-name-of-provider>
+MONIKER=<identifier-of-node-on-chain>
+```
+
+## **Provider Helm Chart Build**
+
+
+
+* Add the following if you are running your own RPC server.&#x20;
+  * \--set node="http://\<IP-ADDRESS-OF-YOUR-RPC-NODE>:26657"
+* Additionally consider personalizing the attributes - listed in the ./provider/values.yaml file.  For example - edit the organization attribute with your own org name.
+
+```
+helm install akash-provider akash/provider -n akash-services \
+     --set from="$ACCOUNT_ADDRESS" \
+     --set key="$(cat ./key.pem | base64)" \
+     --set keysecret="$(echo $KEY_SECRET | base64)" \
+     --set domain="$DOMAIN" \
+     --set node="http://<IP-ADDRESS-OF-YOUR-RPC-NODE>:26657" \
+     --set chainid="edgenet-1" \
+     --set image.tag="0.15.0-rc15" \
+     --set gas=auto \
+     --set gasadjustment=1.3 \
+     --set gasprices=0.025uakt
+```
+
+#### **Expected output**
+
+```
+NAME: akash-provider
+LAST DEPLOYED: Thu Apr 28 18:58:10 2022
+NAMESPACE: akash-services
+STATUS: deployed
+REVISION: 1
+TEST SUITE: None
+```
+
+## **Provider Confirmation**
+
+```
+kubectl get pods -n akash-services
+```
+
+#### **Expected output (example and name following akash-provider will differ)**
+
+```
+root@node1:~# kubectl get pods -n akash-services
+
+NAME                              READY   STATUS    RESTARTS   AGE
+akash-provider-6d7c455dfb-qkf5z   1/1     Running   0          4m37s
+```
+
+
+
+## Helm Chart Uninstall Process
+
+* Should a need arise to uninstall the Helm Chart and attempt the process anew, the following step can be used
+* Only conduct this step if there is a problem with Akash Provider Helm Chart install
+* This Helm uninstall technique can be used for this or any subsequent chart installs
+* Following this step - if needed - start the Provider Helm Chart install anew via the prior step in this page
+
+```
+helm uninstall akash-provider -n akash-services
+```

other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-6-hostname-operator-build.md

@@ -0,0 +1,24 @@
+# Step 6 - Hostname Operator Build
+
+* Run the following command to build the Kubernetes hostname operator
+
+```
+helm install hostname-operator akash/hostname-operator -n akash-services --set image.tag="0.16.4-rc0"
+```
+
+#### Expected/Example Output
+
+```
+NAME: hostname-operator
+LAST DEPLOYED: Thu Apr 28 19:06:30 2022
+NAMESPACE: akash-services
+STATUS: deployed
+REVISION: 1
+TEST SUITE: None
+NOTES:
+1. Get the application URL by running these commands:
+  export POD_NAME=$(kubectl get pods --namespace akash-services -l "app.kubernetes.io/name=hostname-operator,app.kubernetes.io/instance=hostname-operator" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace akash-services $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace akash-services port-forward $POD_NAME 8080:$CONTAINER_PORT
+```

other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-7-ingress-controller-install.md

@@ -0,0 +1,18 @@
+# STEP 7 - Ingress Controller Install
+
+*   Build the Kubernetes ingress controller
+
+    ```
+    helm install akash-ingress akash/akash-ingress -n ingress-nginx --set domain=$DOMAIN
+    ```
+
+#### Expected Output
+
+```
+NAME: akash-ingress
+LAST DEPLOYED: Thu Apr 28 19:08:45 2022
+NAMESPACE: ingress-nginx
+STATUS: deployed
+REVISION: 1
+TEST SUITE: None
+```

other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-8-firewall-rule-review.md

@@ -0,0 +1,20 @@
+# Step 8 - Firewall Rule Review
+
+## External/Internet Firewall Rules
+
+The following firewall rules are applicable to internet-facing Kubernetes components.
+
+### **Akash Provider**
+
+```
+8443/tcp - for manifest uploads
+```
+
+### **Akash Ingress Controller**
+
+```
+80/tcp - for web app deployments
+443/tcp - for web app deployments
+30000-32767/tcp - for Kubernetes node port range for deployments
+30000-32767/udp - for Kubernetes node port range for deployments
+```

other-resources/experimental/akash-cloud-provider-build-with-helm-charts/step-9-domain-name-review.md

@@ -0,0 +1,21 @@
+# Step 9 - Domain Name Review
+
+Our guide defines a domain which all of the charts will use for their ingress routes. For our example we use yourdomain.com.
+
+Add A records for the IP addresses of all Kubernetes worker nodes and point to nodes.yourdomain.com.
+
+To get the external IP of your worker nodes, run the following command on your Kubernetes cluster.
+
+```
+kubectl get nodes -A -o wide
+```
+
+Your DNS records should look something like this:
+
+```
+*.ingress 300 IN CNAME nodes.yourdomain.com.
+nodes 300 IN A x.x.x.x
+nodes 300 IN A x.x.x.x
+nodes 300 IN A x.x.x.x
+provider 300 IN CNAME nodes.yourdomain.com.
+```

other-resources/experimental/kubernetes-cluster-for-akash-providers/README.md

@@ -0,0 +1,21 @@
+# Kubernetes Cluster for Akash Providers
+
+
+
+## **Overview**
+
+Akash leases are deployed via Kubernetes pods on provider clusters.  This guide details the build of the provider’s Kubernetes control plane and worker nodes.
+
+The setup of a Kubernetes cluster is the responsibility of the provider. This guide provides best practices and recommendations for setting up a Kubernetes cluster. This document is not a comprehensive guide and assumes pre-existing Kubernetes knowledge.
+
+The Kubernetes Cluster created is then ready for the Akash Provider build detailed [here](broken-reference).
+
+* [Clone the Kubespray Project](step-1-clone-the-kubespray-project.md)
+* [Install Ansible](step-2-install-ansible.md)
+* [Ansible Access to Kubernetes Cluster](step-3-ansible-access-to-kubernetes-cluster.md)
+* [Ansible Inventory](step-4-ansible-inventory.md)
+* [Enable gVisor](step-5-enable-gvisor.md)
+* [Create Kubernetes Cluster](step-6-create-kubernetes-cluster.md)
+* [Confirm Kubernetes Cluster](step-7-confirm-kubernetes-cluster.md)
+* [Disable Swap on Kubernetes Hosts](step-8-disable-swap-on-kubernetes-hosts.md)
+* [Review Firewall Policies](step-9-review-firewall-policies.md)

other-resources/experimental/kubernetes-cluster-for-akash-providers/step-1-clone-the-kubespray-project.md

@@ -0,0 +1,27 @@
+# STEP 1 - Clone the Kubespray Project
+
+## Cluster Recommendations
+
+We recommend using the Kubespray project to deploy a cluster. Kubespray uses Ansible to make the deployment of a Kubernetes cluster easy.
+
+The recommended minimum number of hosts is four. This is meant to allow:
+
+* Three hosts serving as a redundant master nodes
+* One host to serve as Kubernetes worker node to host provider leases
+* NOTE - if you intended to build a provider with persistent storage please refer to host requirements detailed [here](https://docs.akash.network/testnet-technical-docs/provider-persistent-storage-enablement).
+
+While you could use a single Kubernetes host in testing and dev this would not be recommended for production.
+
+## **Kubespray Clone**
+
+Install Kubespray on a machine that has connectivity to the hosts that will serve as the Kubernetes cluster.  Kubespray should not be installed on the Kubernetes hosts themselves but rather on a machine that has connectivity to the Kubernetes hosts.
+
+Obtain Kubespray and navigate into the created local directory:
+
+```
+cd ~
+
+git clone https://github.com/kubernetes-sigs/kubespray.git
+
+cd kubespray
+```

other-resources/experimental/kubernetes-cluster-for-akash-providers/step-2-install-ansible.md

@@ -0,0 +1,24 @@
+# STEP 2 - Install Ansible
+
+When you launch Kubespray it will use an Ansible playbook to deploy a Kubernetes cluster.  In this step we will install Ansible.
+
+Depending on your operating system it may be necessary to install OS patches, pip3, and virtualenv.  Example steps for a Ubuntu OS are detailed below.
+
+```
+apt-get update ; apt-get install -y python3-pip virtualenv
+```
+
+Within the kubespray directory use the following commands for the purpose of:
+
+* Opening a Python virtual environment for the Ansible install
+* Installing Ansible and other necessary packages specified in the requirements.txt file
+
+```
+cd ~/kubespray
+
+virtualenv --python=python3 venv
+
+source venv/bin/activate
+
+pip3 install -r requirements.txt
+```