Skip to main content
Version: 2.4

Install kubefirst From the CLI

Using the CLI to create your cluster directly without using the UI is a perfect alternative for automation. The end result will be the same, a new production-ready management Kubernetes cluster, but you won't have access to the useful additional features available within the UI.

Prerequisites

kubefirst

If you are on macOS or Linux, and have Homebrew installed, you can run:

brew install kubefirst/tools/kubefirst

To upgrade an existing kubefirst CLI to the latest version run:

brew update
brew upgrade kubefirst

Docker Desktop

Install Docker Desktop.

info

If you are a Windows user, you need to be sure to enable Docker support in WSL2 distros. More information in the Docker documentation.

Docker Resources Allocation

The more resources you give Docker, the faster your cluster creation will go, but here are the minimum requirements:

  • CPU: 5 Cores
  • Memory (RAM): 5 GB
  • Swap: 1 GB
  • Virtual Disk limit (for Docker images & containers): 10 GB

DigitalOcean Prerequisites

For kubefirst to be able to provision your DigitalOcean cloud resources:

GitHub Prerequisites

Create your new kubefirst cluster

Adjust the following command with your GitHub and DigitalOcean key in addition to the appropriate values for your new platform.

export GITHUB_TOKEN=ghp_xxxxxxxxxxxxxxxx
export DO_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
export DO_SPACES_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
export DO_SPACES_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

kubefirst digitalocean create \
  --alerts-email yourdistro@your-company.io \
  --github-org your-github-org \
  --domain-name your-domain.io \
  --cluster-name kubefirst
tip

By default kubefirst use the cloud providers to manage DNS. You also have the option to use Cloudflare.

To do so, add the dnsProvider flag with the value cloudflare to your create command —dnsProvider cloudflare.

You also need to set the CF_API_TOKEN environment variable with a Cloudflare token (export CF_API_TOKEN=xxxxxxxxx) having the Zone.Zone, and Zone.DNS edit permission. More information on Cloudflare token creation in their documentation.

note

Note that the space will always be created in the NYC3 region, no matter the selected or default region used.

The kubefirst CLI will produce a directory of utilities, a state file, and some staged platform content that can now be found in the ~/.kubefirst and ~/.k1 folders on your local machine.

After the ~ 10 minute installation, your browser will launch a new tab to the kubefirst Console, which will help you navigate your new suite of tools running in your new Do cluster.

If your deployment is not successful, errors and troubleshooting information will be stored in a local log file specified during the installation run.

Example of terminal output following cluster creation

Handoff Screen

Root credentials

To obtain your 3 initial passwords, run

kubefirst digitalocean root-credentials

root credentials

If you created your cluster using the UI, or reset your kubefirst environment, you can still retrieve the root credentials (except the kbot user password, which you will have to find manually in Vault) using kubectl:

# Argo CD admin password
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d

# Vault root token
kubectl -n vault get secret vault-unseal-secret -o jsonpath="{.data.root-token}" | base64 -d

Connecting to Kubernetes

To connect to your new Kubernetes cluster, run

export KUBECONFIG=~/.k1/kubeconfig

To view all cluster pods, run

kubectl get pods -A