To get started with the Varnish Helm Chart, make sure Helm is already installed.
To add the Varnish Helm Chart repository to Helm:
$ helm repo add varnish https://packagecloud.io/varnishplus/60/helm --username <token> --password does-not-matter
Replace <token>
with your Varnish Enterprise’s PackageCloud token.
A pull secret must also be created to allow the Kubernetes cluster to download from the Varnish Docker repository.
Create a file named dockerconfig.json
with the following content:
{
"auths": {
"https://quay.io": {
"username": "<username>",
"password": "<password>"
}
}
}
Replace <username>
and <password>
with your Varnish Docker image’s Quay.io credentials.
Then either use Kustomize or create the secret file manually.
To generate varnish-pull-secret
using Kustomize, create a varnish-pull-secret
directory
and move dockerconfig.json into it:
$ mkdir -p varnish-pull-secret/
$ mv dockerconfig.json varnish-pull-secret/
Then create varnish-pull-secret/kustomization.yaml
:
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
secretGenerator:
- name: varnish-pull-secret
files:
- .dockerconfigjson=dockerconfig.json
type: kubernetes.io/dockerconfigjson
Once varnish-pull-secret/kustomization.yaml
is created, it can now be deployed onto the cluster:
$ kubectl apply -k varnish-pull-secret
Note: Kustomize will create a secret with a unique name depending on the content of the secret file.
To manually generate varnish-pull-secret.yaml
, run the following command:
$ DOCKERCONFIG_JSON_BASE64=$(base64 -w 0 < dockerconfig.json)
# on macOS, you may need to use base64 -b 0 < dockerconfig.json instead
$ cat <<EOF > varnish-pull-secret.yaml
---
apiVersion: v1
type: kubernetes.io/dockerconfigjson
kind: Secret
metadata:
name: varnish-pull-secret
data:
.dockerconfigjson: $DOCKERCONFIG_JSON_BASE64
EOF
Once varnish-pull-secret.yaml
is created, it can now be deployed onto the cluster:
$ kubectl apply -f varnish-pull-secret.yaml
A license is required to use Varnish Controller.
Obtain license.lic
from the customer portal and either use Kustomize or create the secret file manually.
To generate varnish-controller-license
using Kustomize, create varnish-controller-license
directory
and put license.lic in it.
$ mkdir varnish-controller-license
$ mv license.lic varnish-controller-license
Then create varnish-controller-license/kustomization.yaml
:
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
secretGenerator:
- name: varnish-controller-license
files:
- license.lic=license.lic
Once varnish-controller-license/kustomization.yaml
is created, it can now be deployed onto the cluster:
$ kubectl apply -k varnish-controller-license
Note that Kustomize will create a secret with a unique name depending on the content of the secret file.
To manually generate varnish-controller-license.yaml
, run the following command:
$ LICENSELIC_JSON_BASE64=$(base64 -w 0 < license.lic)
# on macOS, you may need to use base64 -b 0 < license.lic instead
$ cat <<EOF > varnish-controller-license.yaml
---
apiVersion: v1
kind: Secret
metadata:
name: varnish-controller-license
data:
license.lic: $LICENSELIC_JSON_BASE64
EOF
Once varnish-controller-license.yaml
is created, it can now be deployed onto the cluster:
$ kubectl apply -f varnish-controller-license.yaml
Create values.yaml
for Varnish Controller with basic configuration:
---
global:
imagePullSecrets:
- name: varnish-pull-secret
brainz:
licenseSecret: varnish-controller-license
ui:
enabled: true
ingress:
enabled: true
hosts:
- host: varnish-controller.example.com
paths: []
Deploy Varnish Controller:
$ helm install -f values.yaml varnish-controller varnish/varnish-controller
If a DNS record for varnish-controller.example.com
is pointed to the Kubernetes Ingress,
Varnish Controller should now be accessible from varnish-controller.example.com
.
To retrieve the default admin password, run the following command:
kubectl get secrets -o jsonpath="{.data.varnish-admin-password}" varnish-controller-credentials | base64 --decode
Integrating Varnish Controller with Varnish Enterprise requires running a Varnish Controller Agent as a sidecar to Varnish Enterprise. See also the Integrating Varnish Controller with Varnish Enterprise section in Varnish Enterprise Helm Chart.