Skip to content

PConsole

Abstract

The Punch Console (PConsole) package provides you with the operational commands to manage your applications and platforms. It is designed to interact with with punch running on kubernetes (> 7.x) or on standard VMs (> 6.3).

This chapter only describes the Kubernetes usage.

The PConsole is a punch downloadable package. It comes in two flavors: macos and linux distributions. The PConsole provides resources, shells, libraries and binaries to:

  1. manage punch applications on a remote Kubernetes punch.
  2. develop your own java or python nodes.

In contrast to the standalone, it does not provide any of the third-party COTS. I.e it can only act as a client tool to submit punch application for execution.

Installation Requirements

The requirements to install the PConsole itself are similar to that of the punch standalone:

The following python3 packages are also required:

  • jinja2
  • pyyaml
  • hjson

Installation

Simply unzip the PConsole package; i.e.

unzip punch-console-7.0.0-darwin

Enable remote access to Kubernetes cluster

The Punch Console must be able to contact the remote Kubernetes cluster. To achieve this point, please run :

scp user@kube_master:/home/your_local_user/.kube/config $HOME/.kube/config
export KUBECONFIG=$HOME/.kube/config

Then, if your Kubernetes cluster is already deployed, you interact with it using for example :

punch-operator:$ kubectl get nodes
NAME           STATUS   ROLES    AGE   VERSION
kastmaster     Ready    master   44h   v1.19.7
kastworker-1   Ready    <none>   44h   v1.19.7
kastworker-2   Ready    <none>   44h   v1.19.7
kastworker-3   Ready    <none>   44h   v1.19.7

Platform configuration

Here is the default platform.json which must be update before running install.sh :

{
  "kubernetes": {
    "config": "$HOME/.kube/config"
  },
  "resources_manager": {
    "elasticsearch": {
      "host": "elasticsearch.doc-store:9200"
    },
    "minio": {
      "host": "http://s3.object-store:9000",
      "access_key": "minio",
      "secret_key": "K@st2020*"
    }
  }
}

Installation

  1. Fill the required target punch configuration in the platform.json file.
  2. Run ./install.sh. This will unpack binaries and generate two punch configuration files punchplatform.properties and resolv.yml.
  3. Review the kubernetes settings as explained below.
  4. Run source activate.sh to set the console environment.

You then have the usual punch punchlinectl and channelctl command line tools ready to use.

Kubernetes Settings

Info

The punchplatform.properties is a global settings file used by punch tools to communicate with target components (kube, minio, elastic etc..). Its content depends on your use case. For example you may or may not have an exposed Minio S3 service.

However the kubernetes section is (of course) mandatory for you PConsole to interact with your kubernetes cluster.

The default kubernetes section in the punchplatform.properties is the following :

"kubernetes": {
    "clusters": {
      "kastcluster": {
        "config_path": "$HOME/.kube/config",
        "tenants": {
          "kast": {
            "spark_service_account": "spark-sa",
            "spark_role": "spark-role",
            "sparkline_container": "gitlab.thalesdigital.io:5005/punch/product/pp-punch/sparkline:7.0.0",
            "init_container": "gitlab.thalesdigital.io:5005/punch/product/pp-punch/resourcectl:7.0.0",
            "stormline_container": "gitlab.thalesdigital.io:5005/punch/product/pp-punch/stormline:7.0.0",
            "image_pull_policy": "Always",
            "image_pull_secret": "mysecret"
          }
        }
      }
    }
}

Important

You must provide a dedicated section for each of your target punch tenant.

Make sure to review these settings before using the PConsole. The parameters are the following:

  • clusters.<clusterId> : String

    MANDATORY
    The clusterId is a string composed of alphanumeric characters and [-]. It is used by the punch command-line tools and configuration files to refer to the corresponding cluster.

    There can be one or several kubernetes.clusters.[clusterId] sections, depending on your platform(s) setup. Multiple clusters are typically used to define several zones with different security levels and data flows restrictions.

    The clusterIds must be unique in the scope of a punch.

    The cluster name must be the same as the one in the Kubernetes configuration file (i.e config_path file)

  • clusters.<clusterId>.config_path : String

    MANDATORY
    Kubernetes configuration file which permits you to communicate with the remote Kubernetes cluster

  • clusters.<clusterId>.tenants.<tenantId>.spark_service_account : String

    MANDATORY
    Service account id used to launch sparklines for this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.spark_role : String

    MANDATORY
    Role binding id used to launch sparklines for this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.sparkline_container : String

    MANDATORY
    Sparkline image used to launch sparklines for this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.stormline_container : String

    MANDATORY
    Stormline image used to launch stormlines for this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.init_container : String

    MANDATORY
    Init container image used to donwload resources for this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.image_pull_policy : String

    MANDATORY
    Image pull policy to apply for all punch images of this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.image_pull_secret : String

    MANDATORY
    Image pull secret id to apply for all punch images of this specific tenant.