Manage Clients¶
The jmp admin
admin CLI can be used to manage your client configurations
on the distributed service.
Creating a Client¶
If you have configured a Jumpstarter service
and you have a kubeconfig, the jmp admin
CLI will attempt to use
your current credentials to provision the client automatically, and produce
a client configuration file.
You can also use the following options to specify kubeconfig and context to use:
--kubeconfig
- Set the location of your kubeconfig file.--namespace
- The namespace to search in (default isdefault
)
To create a new client and its associated config, run the following command:
$ jmp admin create client john --namespace jumpstarter-lab --unsafe -o john.yaml
This creates a client named john
and outputs the configuration to a YAML
file named john.yaml
:
apiVersion: jumpstarter.dev/v1alpha1
kind: ClientConfig
metadata:
namespace: jumpstarter-lab
name: john
endpoint: grpc.jumpstarter.192.168.1.10.nip.io:8082
token: <<token>>
tls:
ca: ''
insecure: False
drivers:
allow: []
unsafe: True
We use the --unsafe
setting that configures the drivers
section to allow
any driver packages on the client.
Warning
This section can be important if you don’t trust the exporter’s configuration, since every driver is composed of two parts, a client side and an exporter side, the client side Python module is dynamically loaded when a client connects to an exporter.
A tls
section is also included, which allows you to specify a custom CA certificate
to use for the connection, or to disable TLS verification if your system is using
self-signed certificates.
Manual Provisioning¶
Apply the YAML to your cluster:
# my-client.yaml apiVersion: jumpstarter.dev/v1alpha1 kind: Client metadata: name: my-client
$ kubectl apply -f my-client.yaml
Get the created client resource:
$ kubectl get client my-client -o yaml $ kubectl get client my-client -o=jsonpath='{.status.endpoint}' $ kubectl get secret $(kubectl get client my-client -o=jsonpath='{.status.credential.name}') -o=jsonpath='{.data.token}' | base64 -d
Those details can be installed as a secret on CI, or passed down to the final user.
Then the user can create the client using the jmp client CLI:
$ jmp client create-config my-client Enter a valid Jumpstarter service endpoint: devl.jumpstarter.dev Enter a Jumpstarter auth token (hidden): *** Enter a comma-separated list of allowed driver packages (optional):