vSphere FIPS: Verify Install and Log in to the UI
Once the Konvoy cluster is built and Kommander has been installed, you will want to verify your installation of Kommander. After the CLI successfully installs the components, it will wait for all applications to be ready by default.
NOTE: If the Kommander installation fails or you wish to reconfigure applications, you can rerun the install command to retry the installation.
If you prefer the CLI to not wait for all applications to become ready, you can set the --wait=false
flag.
If you choose not to wait via the DKP CLI, you can check the status of the installation using the following command:
kubectl -n kommander wait --for condition=Released helmreleases --all --timeout 15m
This will wait for each of the helm charts to reach their Released
condition, eventually resulting in an output resembling below:
helmrelease.helm.toolkit.fluxcd.io/centralized-grafana condition met
helmrelease.helm.toolkit.fluxcd.io/dex condition met
helmrelease.helm.toolkit.fluxcd.io/dex-k8s-authenticator condition met
helmrelease.helm.toolkit.fluxcd.io/fluent-bit condition met
helmrelease.helm.toolkit.fluxcd.io/gitea condition met
helmrelease.helm.toolkit.fluxcd.io/grafana-logging condition met
helmrelease.helm.toolkit.fluxcd.io/grafana-loki condition met
helmrelease.helm.toolkit.fluxcd.io/karma condition met
helmrelease.helm.toolkit.fluxcd.io/kommander condition met
helmrelease.helm.toolkit.fluxcd.io/kommander-appmanagement condition met
helmrelease.helm.toolkit.fluxcd.io/kube-prometheus-stack condition met
helmrelease.helm.toolkit.fluxcd.io/kubecost condition met
helmrelease.helm.toolkit.fluxcd.io/kubecost-thanos-traefik condition met
helmrelease.helm.toolkit.fluxcd.io/kubefed condition met
helmrelease.helm.toolkit.fluxcd.io/kubernetes-dashboard condition met
helmrelease.helm.toolkit.fluxcd.io/kubetunnel condition met
helmrelease.helm.toolkit.fluxcd.io/logging-operator condition met
helmrelease.helm.toolkit.fluxcd.io/logging-operator-logging condition met
helmrelease.helm.toolkit.fluxcd.io/prometheus-adapter condition met
helmrelease.helm.toolkit.fluxcd.io/prometheus-thanos-traefik condition met
helmrelease.helm.toolkit.fluxcd.io/reloader condition met
helmrelease.helm.toolkit.fluxcd.io/rook-ceph condition met
helmrelease.helm.toolkit.fluxcd.io/rook-ceph-cluster condition met
helmrelease.helm.toolkit.fluxcd.io/thanos condition met
helmrelease.helm.toolkit.fluxcd.io/traefik condition met
helmrelease.helm.toolkit.fluxcd.io/traefik-forward-auth-mgmt condition met
helmrelease.helm.toolkit.fluxcd.io/velero condition met
Failed HelmReleases
If any application fails to successfully deploy, you can check the status of a HelmRelease
with:
kubectl -n kommander get helmrelease <HELMRELEASE_NAME>
If you find any HelmReleases
in a “broken” release state such as “exhausted” or “another rollback/release in progress”, you can trigger a reconciliation of the HelmRelease
using the following commands:
kubectl -n kommander patch helmrelease <HELMRELEASE_NAME> --type='json' -p='[{"op": "replace", "path": "/spec/suspend", "value": true}]'
kubectl -n kommander patch helmrelease <HELMRELEASE_NAME> --type='json' -p='[{"op": "replace", "path": "/spec/suspend", "value": false}]'
Log in to the UI
By default, you can log in to the UI in Kommander with the credentials given using this command:
dkp open dashboard --kubeconfig=${CLUSTER_NAME}.conf
You can also retrieve your credentials at any time using the following command:
kubectl -n kommander get secret dkp-credentials -o go-template='Username: {{.data.username|base64decode}}{{ "\n"}}Password: {{.data.password|base64decode}}{{ "\n"}}'
You can also retrieve the URL used for accessing the UI using the following command:
kubectl -n kommander get svc kommander-traefik -o go-template='https://{{with index .status.loadBalancer.ingress 0}}{{or .hostname .ip}}{{end}}/dkp/kommander/dashboard{{ "\n"}}'
You should only use these static credentials to access the UI for configuring an external identity provider. Treat them as back up credentials rather than use them for normal access.
You rotate the password using the following command:
dkp experimental rotate dashboard-password
Password: kqZ31lMBSCLcBjUKVwLJMQL2PxalipIzZw5Pjyw09wDqjWV3dz2wPSSBYi09JGJp
You can perform the following operations on Identity Providers:
Create an Identity Provider
Temporarily Disable an Identity Provider
Create Groups
Dashboard UI Functions
After installing Konvoy component and building a cluster as well as successfully installing Kommander and logging into the UI, you are now ready to customize configurations using the Day 2 Cluster Operations Management section of the documentation. The majority of this customization such as attaching clusters and deploying applications will take place in the dashboard or UI of DKP. The Day 2 section allows you to manage cluster operations and their application workloads to optimize your organization’s productivity.