To get started with the Varnish Helm Chart, make sure Helm is already installed.
To add the Varnish Helm Chart repository to Helm:
$ helm repo add varnish https://packagecloud.io/varnishplus/60/helm --username <token> --password does-not-matter
Replace <token>
with your Varnish Enterprise’s PackageCloud token.
A pull secret must also be created to allow the Kubernetes cluster to download from the Varnish Docker repository.
Create a file named dockerconfig.json
with the following content:
{
"auths": {
"https://quay.io": {
"username": "<username>",
"password": "<password>"
}
}
}
Replace <username>
and <password>
with your Varnish Docker image’s Quay.io credentials.
Then either use Kustomize or create the secret file manually.
To generate varnish-pull-secret
using Kustomize, create a varnish-pull-secret
directory
and move dockerconfig.json into it:
$ mkdir -p varnish-pull-secret/
$ mv dockerconfig.json varnish-pull-secret/
Then create varnish-pull-secret/kustomization.yaml
:
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
secretGenerator:
- name: varnish-pull-secret
files:
- .dockerconfigjson=dockerconfig.json
type: kubernetes.io/dockerconfigjson
Once varnish-pull-secret/kustomization.yaml
is created, it can now be deployed onto the cluster:
$ kubectl apply -k varnish-pull-secret
Note: Kustomize will create a secret with a unique name depending on the content of the secret file.
To manually generate varnish-pull-secret.yaml
, run the following command:
$ DOCKERCONFIG_JSON_BASE64=$(base64 -w 0 < dockerconfig.json)
# on macOS, you may need to use base64 -b 0 < dockerconfig.json instead
$ cat <<EOF > varnish-pull-secret.yaml
---
apiVersion: v1
type: kubernetes.io/dockerconfigjson
kind: Secret
metadata:
name: varnish-pull-secret
data:
.dockerconfigjson: $DOCKERCONFIG_JSON_BASE64
EOF
Once varnish-pull-secret.yaml
is created, it can now be deployed onto the cluster:
$ kubectl apply -f varnish-pull-secret.yaml
To list the newly created secret use:
$ kubectl get secrets
Create values.yaml
for Varnish Enterprise with basic configuration:
global:
imagePullSecrets:
- name: varnish-pull-secret # replace with your newly created secret
server:
kind: "StatefulSet"
replicas: 1
vclConfig: |
vcl 4.1;
backend default {
.host = "www.example.com";
.port = "80";
}
sub vcl_backend_fetch {
set bereq.http.Host = "www.example.com";
}
Deploy Varnish Enterprise:
$ helm install -f values.yaml varnish-enterprise varnish/varnish-enterprise
You should now have Varnish Enterprise running in the cluster! Follow an on-screen instruction on how to access a Varnish Enterprise instance from outside the cluster.