Update minikube requirements to handle demo-app

otterize · May 16, 2023 · 4e2c6aa · 4e2c6aa
1 parent 25fe453
commit 4e2c6aa
Show file tree

Hide file tree

Showing 6 changed files with 101 additions and 6 deletions.
diff --git a/docs/_common/cluster-setup-for-visual-tutorials.md b/docs/_common/cluster-setup-for-visual-tutorials.md
@@ -0,0 +1,95 @@
+Below are instructions for setting up a Kubernetes cluster with network policies.
+If you don't have a cluster already, we recommend starting out with a Minikube cluster.
+
+<Tabs groupId="cni">
+<TabItem value="minikube" label="Minikube">
+
+If you don't have the Minikube CLI, first [install it](https://minikube.sigs.k8s.io/docs/start/). 
+
+Then start your Minikube cluster with Calico, in order to enforce network policies.
+
+```bash
+minikube start --cpus=4 --memory 8192 --disk-size 32g --cni=calico
+```
+The minikube system requirements are for the demo application we deploy in the visual tutorials.
+
+</TabItem>
+<TabItem value="gke" label="Google GKE">
+<a href="https://cloud.google.com/kubernetes-engine/docs/how-to/network-policy#gcloud">Visit the official documentation</a>, or follow the instructions below:
+<Tabs>
+<TabItem value="cli" label="gcloud CLI">
+
+To use the gcloud CLI for this tutorial, first [install](https://cloud.google.com/sdk/docs/install) and then 
+[initialize](https://cloud.google.com/sdk/docs/initializing) it.
+
+***To enable network policy enforcement when creating a new cluster:***
+
+Run the following command:
+```bash
+gcloud container clusters create CLUSTER_NAME --enable-network-policy --zone=ZONE
+```
+(Replace `CLUSTER_NAME` with the name of the new cluster and `ZONE` with your zone.)
+
+***To enable network policy enforcement for an existing cluster, perform the following tasks:***
+
+Run the following command to enable the add-on:
+```bash
+gcloud container clusters update CLUSTER_NAME --update-addons=NetworkPolicy=ENABLED
+```
+(Replace `CLUSTER_NAME` with the name of the cluster.)
+
+Then enable network policy enforcement on your cluster, re-creating your cluster's node pools with network policy enforcement enabled:
+```bash
+gcloud container clusters update CLUSTER_NAME --enable-network-policy
+```
+(Replace `CLUSTER_NAME` with the name of the cluster.)
+
+</TabItem>
+<TabItem value="console" label="Console">
+
+***To enable network policy enforcement when creating a new cluster:***
+
+1. Go to the Google Kubernetes Engine page in the Google Cloud console.
+   The remaining steps will appear automatically in the Google Cloud console.
+
+2. On the Google Kubernetes Engine page, click Create.
+3. Configure your cluster as desired.
+4. From the navigation pane, under Cluster, click Networking.
+5. Select the checkbox to Enable network policy.
+6. Click Create.
+
+
+***To enable network policy enforcement for an existing cluster:***
+
+1. Go to the Google Kubernetes Engine page in the Google Cloud console. The remaining steps will appear automatically in the Google Cloud console.
+
+2. In the cluster list, click the name of the cluster you want to modify.
+3. Under Networking, in the Network policy field, click Edit network policy.
+4. Select the checkbox to Enable network policy for master and click Save Changes.
+5. Wait for your changes to apply, and then click Edit network policy again.
+6. Select the checkbox to Enable network policy for nodes.
+7. Click Save Changes.
+
+</TabItem>
+</Tabs>
+</TabItem>
+<TabItem value="eks" label="AWS EKS">
+<a href="https://docs.aws.amazon.com/eks/latest/userguide/calico.html">Visit the official documentation</a>, or follow the instructions below:
+
+1. Spin up an [EKS cluster](https://docs.aws.amazon.com/eks/latest/userguide/create-cluster.html) using the console, AWS CLI or `eksctl`.
+2. Install Calico for network policy enforcement, without replacing the CNI:
+```bash
+kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.6/config/master/calico-operator.yaml
+kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.6/config/master/calico-crs.yaml
+```
+</TabItem>
+<TabItem value="aks" label="Azure AKS">
+
+You can set up an AKS cluster using this [guide](https://learn.microsoft.com/en-us/azure/aks/learn/quick-kubernetes-deploy-cli).
+
+For network policy support, no setup is required: Azure AKS comes with a built-in network policy implementation called Azure Network Policy Manager. You can choose whether you'd like to use this option or Calico when you create a cluster.
+
+
+<a href="https://learn.microsoft.com/en-us/azure/aks/use-network-policies"> Read more at the official documentation site</a>.
+</TabItem>
+</Tabs>
diff --git a/docs/_common/cluster-setup.md b/docs/_common/cluster-setup.md
@@ -9,7 +9,7 @@ If you don't have the Minikube CLI, first [install it](https://minikube.sigs.k8s
 Then start your Minikube cluster with Calico, in order to enforce network policies.
 
 ```bash
-minikube start --network-plugin=cni --cni=calico
+minikube start --cni=calico
 ```
 
 </TabItem>

diff --git a/docs/quick-visual-tutorials/visual-ibac-kafka-k8s.mdx b/docs/quick-visual-tutorials/visual-ibac-kafka-k8s.mdx
@@ -35,7 +35,7 @@ Before you start, you'll need a Kubernetes cluster.
 You won't actually need [network policies](https://kubernetes.io/docs/concepts/services-networking/network-policies/) in this tutorial,
 so you can follow the steps below while skipping the network policies (CNI) enablement bits, or keep them as is.
 
-{@include: ../_common/cluster-setup.md}
+{@include: ../_common/cluster-setup-for-visual-tutorials.md}
 </details>
 
 <details>

diff --git a/docs/quick-visual-tutorials/visual-ibac-network-policies.mdx b/docs/quick-visual-tutorials/visual-ibac-network-policies.mdx
@@ -30,7 +30,7 @@ The following steps are only needed if you haven't already run through the [Kube
 
 Before you start, you'll need a Kubernetes cluster.
 
-{@include: ../_common/cluster-setup.md}
+{@include: ../_common/cluster-setup-for-visual-tutorials.md}
 </details>
 
 <details>
@@ -297,7 +297,7 @@ Otterize automatically generated network policies according to your declared int
 
 To list all generated network policies run:
 ```bash
-get netpol -n otterize-ecom-demo
+kubectl get netpol -n otterize-ecom-demo
 ```
 
 Let's inspect one of these network policies with:

diff --git a/docs/quick-visual-tutorials/visual-k8s-cluster-mapping.mdx b/docs/quick-visual-tutorials/visual-k8s-cluster-mapping.mdx
@@ -29,7 +29,7 @@ Before you start, you'll need a Kubernetes cluster.
 While you won't need [network policies](https://kubernetes.io/docs/concepts/services-networking/network-policies/) in this tutorial,
 you'll use them in the next tutorial, so you may just want to install them now. Otherwise, feel free to skip that aspect.
 
-{@include: ../_common/cluster-setup.md}
+{@include: ../_common/cluster-setup-for-visual-tutorials.md}
 </details>
 
 ## Deploy the demo set of services

diff --git a/static/code-examples/network-mapper/istio.yaml b/static/code-examples/network-mapper/istio.yaml
@@ -67,7 +67,7 @@ spec:
   selector:
     matchLabels:
       app: nginx
-  replicas: 1 # tells deployment to run 2 pods matching the template
+  replicas: 1
   template:
     metadata:
       labels: