EDA Bastion install Gemini-cli and MCP

# EDA Bastion install Gemini-cli and MCP ## Environment Bastion of RHDPS EDA Bastion - RHEL 9 ## Install Gemini-CLI 1. Install Node.JS ``` # Download and install nvm: curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash # in lieu of restarting the shell \. "$HOME/.nvm/nvm.sh" # Download and install Node.js: nvm install 22 # Verify the Node.js version: node -v # Should print "v22.17.1". nvm current # Should print "v22.17.1". # Verify npm version: npm -v # Should print "10.9.2". ``` 3. Install Gemini-CLI ``` npm install -g @google/gemini-cli ``` 4. Get your API-Key https://aistudio.google.com/app/apikey ![image](https://hackmd.io/_uploads/Hk-hX7kPgg.png) ``` export GEMINI_API_KEY="" ``` 5. Edit Gemini setting ``` mkdir .gemini vi ~/.gemini/settings.json { "theme": "GitHub", "mcpServers": { "kubernetes": { "command": "npx", "args": [ "-y", "rh-tam-kubernetes-mcp-server@latest" ] } } } ``` ## Test Gemini Prompt mode + MCP ``` [quickcluster@upi-0 ~]$ vi ~/.gemini/settings.json [quickcluster@upi-0 ~]$ [quickcluster@upi-0 ~]$ [quickcluster@upi-0 ~]$ gemini -p "列出所有OCP內的namesapce" OK. Here are all the namespaces in the cluster: - default - jace-test - kube-node-lease - kube-public - kube-system - openshift - openshift-apiserver - openshift-apiserver-operator - openshift-authentication - openshift-authentication-operator - openshift-catalogd - openshift-cloud-controller-manager - openshift-cloud-controller-manager-operator - openshift-cloud-credential-operator - openshift-cloud-network-config-controller - openshift-cloud-platform-infra - openshift-cluster-csi-drivers - openshift-cluster-machine-approver - openshift-cluster-node-tuning-operator - openshift-cluster-olm-operator - openshift-cluster-samples-operator - openshift-cluster-storage-operator - openshift-cluster-version - openshift-config - openshift-config-managed ... ... ``` ## Ansible playbook呼叫gemini-cli MCP 1. Add Bastion as a new host in AAP inventory ![image](https://hackmd.io/_uploads/r1zXs3bdee.png) ![](https://hackmd.io/_uploads/ry9mzwY1T.png) 2. Add host in the inventory ![](https://hackmd.io/_uploads/H1AXbvFya.png) ![](https://hackmd.io/_uploads/B1WhGvtJT.png) ![](https://hackmd.io/_uploads/H1pIbPY1a.png) 3. Create credential for bastion ![](https://hackmd.io/_uploads/BJWWXPKJa.png) Rulebook: oc_inspect_analyze.yml ```bash= --- - name: Listen for unhealthy+warning event hosts: all sources: - sabre1041.eda.k8s: api_version: v1 kind: Event namespace: jace #自行替換成新預計的ns名稱 rules: - name: Debug condition: event.resource.reason == "Unhealthy" and event.resource.type == "Warning" throttle: once_within: 5 minutes group_by_attributes: - event.resource.metadata.namespace - event.resource.involvedObject.name actions: - run_job_template: name: oc-inspect #必須對應AAP內的template 名稱 organization: Default - run_job_template: name: gemini-analyze organization: Default ``` Playbook ```bash= - name: Run gemini to troubleshoot given NS hosts: bastion.xnfx4.sandbox1562.opentlc.com # 替換成實際的 bastion 主機名或 group gather_facts: no vars: ns: "{{ ansible_eda.event.resource.metadata.namespace }}" tasks: - name: Gemini analyze NS shell: 'gemini -p "分析目前OpenShift內namespace {{ ns }} 有什麼異常 (只需要重點整理，不顯示推論過程)"' register: lsout - name: Show command output debug: var: lsout.stdout_lines ```