Kubernetes Agent
Prodvana supports Kubernetes-based Runtimes through an Agent that runs in the cluster.
How it works
The Prodvana Agent initiates a secure communication channel to the Prodvana backend; this allows Prodvana to work with Kubernetes clusters that are not exposed publicly. After establishing the communication channel, the Prodvana backend uses the Agent to manage deployments in the cluster.
Because the Agent must initiate the communication channel, it must be installed to the Kubernetes cluster outside of Prodvana when the runtime is initially linked.
Linking and Managing a Kubernetes Runtime
Interactive
You link a Kubernetes runtime using the Web UI or the pvnctl runtimes add-k8s-magic
CLI command. Both methods provide you with a Kubernetes YAML configuration file that, when applied via kubectl
, will deploy the agent to your cluster.
After linking, the lifecycle of the Agent is either managed by Prodvana or managed externally.
Prodvana Managed Agent
The Prodvana backend will keep the Agent up to date automatically after it is first linked. This is the recommended option.
Externally Managed Agent
The Prodvana backend will not keep the Agent up to date. This option is best for organizations that want to manage the version of software running within their cluster explicitly, at the cost of taking on additional work of upgrading the agent regularly.
Prodvana updates the Agent image once a month and will support the last 3 versions. This means Agents must be updated at a minimum once per quarter.
If an agent is left on an unsupported version, Prodvana may be unable to manage your runtime.
Here's an example Kubernetes configuration for the Agent:
---
apiVersion: v1
kind: Namespace
metadata:
name: prodvana
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: prodvana
namespace: prodvana
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: prodvana-access
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: prodvana
namespace: prodvana
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: prodvana-agent
namespace: prodvana
spec:
replicas: 1
selector:
matchLabels:
app: prodvana-agent
template:
metadata:
labels:
app: prodvana-agent
spec:
serviceAccountName: prodvana
containers:
- name: agent
image: us-docker.pkg.dev/pvn-infra/pvn-public/agent:v0.1.0
args:
- /agent
- --clusterid
- <runtime id>
- --auth
- <agent auth token>
- --server-addr
- api.<org_slug>.prodvana.io
Terraform
The Prodvana Terraform Provider can be used to manage runtimes as well:
Prodvana Managed Agent
You can use the prodvana_managed_k8s_runtime
resource to have the Prodvana provider create and apply the Agent Kubernetes config. Prodvana will also handle automatically updating the agent. For example:
resource "google_container_cluster" "primary" {
name = "my-gke-cluster"
...
}
resource "prodvana_managed_k8s_runtime" "example" {
name = "my-runtime"
endpoint = google_container_cluster.primary.endpoint
client_certificate = google_container_cluster.primary.master_auth.0.client_certificate
client_key = google_container_cluster.primary.master_auth.0.client_key
cluster_ca_certificate = google_container_cluster.primary.master_auth.0.ca_certificate
}
resource "prodvana_release_channel" "example" {
name = "my-release-channel"
runtimes = [
{
runtime = prodvana_managed_k8s_runtime.example.name
}
]
}
Externally Managed Agent
You can use the prodvana_k8s_runtime
and prodvana_runtime_link
resources to manage the Agent lifecycle externally:
resource "prodvana_k8s_runtime" {
name = "my-runtime"
}
# Full Kubernetes setup elided...
# deploy the Prodvana agent to the Kubernetes cluster
resource "kubernetes_namespace" "prodvana" {
metadata {
name = "prodvana"
}
}
resource "kubernetes_service_account" "prodvana" {
metadata {
name = "prodvana"
namespace = kubernetes_namespace.prodvana.metadata[0].name
}
}
resource "kubernetes_cluster_role_binding" "prodvana" {
metadata {
name = "prodvana-access"
}
role_ref {
api_group = "rbac.authorization.k8s.io"
kind = "ClusterRole"
name = "cluster-admin"
}
subject {
kind = "ServiceAccount"
name = "prodvana"
namespace = kubernetes_namespace.prodvana.metadata[0].name
}
}
resource "kubernetes_deployment" "agent" {
metadata {
name = "prodvana-agent"
namespace = kubernetes_namespace.prodvana.metadata[0].name
}
spec {
replicas = 1
selector {
match_labels = {
app = "prodvana-agent"
}
}
template {
metadata {
labels = {
app = "prodvana-agent"
}
}
spec {
service_account_name = kubernetes_service_account.prodvana.metadata[0].name
container {
name = "agent"
image = resource.prodvana_k8s_runtime.cluster.agent_image
args = resource.prodvana_k8s_runtime.cluster.agent_args
}
}
}
}
}
# this resource will complete only after the agent
# registers itself with the Prodvana API
resource "prodvana_runtime_link" "example" {
id = prodvana_k8s_runtime.example.id
}
resource "prodvana_release_channel" "example" {
name = "my-release-channel"
runtimes = [
{
# now you can reference the runtime from the runtime_link resource
# and be sure that the runtime has been fully linked prior to use
runtime = prodvana_runtime_link.example.name
}
]
}
Prodvana Agent Updates
Update Cadence | Monthly |
Supported versions | Last 3 versions |
Latest Stable Version | v0.1.0 |
Supported Versions | v0.1.0 |
Repository | us-docker.pkg.dev/pvn-infra/pvn-public/agent |
Updated 12 months ago