KOF Verification

Finally, verify that KOF installed properly.

Verification steps

1. Wait until the value of HELMCHARTS and POLICYREFS changes from Provisioning to Provisioned:

   kubectl get clustersummaries -A -o wide
   

   If you see the Failed/Provisioning loop, check status and logs:

   kubectl get clustersummaries -A -o yaml \
     | yq '.items[].status.featureSummaries[]
     | select(.status != "Provisioned")'
   
   kubectl logs -n kof deploy/kof-mothership-kof-operator | less
   kubectl logs -n projectsveltos deploy/addon-controller | less
   

2. Wait for all pods in the regional and child clusters to show as Running in the namespaces kof, kube-system, projectsveltos:

   kubectl get secret -n kcm-system $REGIONAL_CLUSTER_NAME-kubeconfig \
     -o=jsonpath={.data.value} | base64 -d > regional-kubeconfig
   
   kubectl get secret -n kcm-system $CHILD_CLUSTER_NAME-kubeconfig \
     -o=jsonpath={.data.value} | base64 -d > child-kubeconfig
   
   KUBECONFIG=regional-kubeconfig kubectl get pod -A
   KUBECONFIG=child-kubeconfig kubectl get pod -A
   

3. Wait until the value of READY changes to True for all certificates in each cluster:

   KUBECONFIG=regional-kubeconfig kubectl get cert -A
   KUBECONFIG=child-kubeconfig kubectl get cert -A
   

Manual DNS config

If you've opted out of DNS auto-config and Istio, you will need to do the following:

1. Get the EXTERNAL-IP of ingress-nginx:

   KUBECONFIG=regional-kubeconfig kubectl get svc \
     -n kof ingress-nginx-controller
   

   It should look like REDACTED.us-east-2.elb.amazonaws.com

2. Create these DNS records of type A, all pointing to that EXTERNAL-IP:

   echo grafana.$REGIONAL_DOMAIN
   echo jaeger.$REGIONAL_DOMAIN
   echo vmauth.$REGIONAL_DOMAIN
   

KOF UI

You can use the KOF UI to find and debug errors or misconfigurations. Check the Access to the KOF UI section to learn how to access it and read about its features.