Kubernetes Gardener

Bootstrapping Gardener

To set up your own Gardener for your organization’s Kubernetes-as-a-Service needs, follow the documentation. For testing purposes, you can set up Gardener on your laptop by checking out the source code repository and simply running make kind-up gardener-up (the easiest developer way of checking out Gardener!).

Alternatively, 23 Technologies GmbH offers a fully-managed Gardener service that conveniently works with all supported cloud providers and comes with a free trial: Okeanos. Similarly, cloud providers such as STACKIT, B’Nerd, MetalStack, and many others run Gardener as their Kubernetes Engine.

To learn more about the inception of this open source project, read Gardener Project Update and Gardener - The Kubernetes Botanist on kubernetes.io.

Gardener yourself a Shoot with Istio, custom Domains, and Certificates is a detailed tutorial for the end user of Gardener.

Install and configure kubectl

  1. If you already have kubectl CLI, run kubectl version --short to check the version. You need a current version that at least matches your Kubernetes cluster version you want to order. If your kubectl is older, follow the next step to install a newer version.

  2. Install the kubectl CLI.

Access Gardener

  1. Create a project in the Gardener dashboard. This will essentially create a Kubernetes namespace with the name garden-<my-project>.

  2. Configure access to your Gardener project using a kubeconfig.

    You can skip this step if you intend to create and interact with your cluster using the Gardener dashboard and the embedded webterminal; this step is only needed for programmatic access.

    If you are not the Gardener Administrator already, you can create a technical user in the Gardener dashboard: go to the “Members” section and add a service account. You can then download the kubeconfig for your project. Make sure you export KUBECONFIG=garden-my-project.yaml in your shell. Download kubeconfig for Gardener

Creating a Kubernetes cluster

You can create your cluster using the kubectl cli by providing a cluster specification yaml file. You can find an example for GCP here. Make sure the namespace matches that of your project. Then apply the prepared so-called “shoot” cluster manifest with kubectl:

  1. $ kubectl apply --filename my-cluster.yaml

An easier alternative is to create the cluster following the cluster creation wizard in the Gardener dashboard: shoot creation

Configure kubectl for your cluster

You can now download the kubeconfig for your freshly created cluster in the Gardener dashboard or via cli as follows:

  1. $ kubectl --namespace shoot--my-project--my-cluster get secret kubecfg --output jsonpath={.data.kubeconfig} | base64 --decode > my-cluster.yaml

This kubeconfig file has full administrator access to you cluster. For any activities with the payload cluster be sure you have export KUBECONFIG=my-cluster.yaml set.

Cleaning up

Use the Gardener dashboard to delete your cluster, or execute the following with kubectl pointing to your garden-my-project.yaml kubeconfig:

  1. $ kubectl --kubeconfig garden-my-project.yaml --namespace garden--my-project annotate shoot my-cluster confirmation.garden.sapcloud.io/deletion=true
  2. $ kubectl --kubeconfig garden-my-project.yaml --namespace garden--my-project delete shoot my-cluster