Getting Stuff Into Production from Absolute 0

###### tags: `article` # Getting Stuff Into Production from Absolute 0 Giant Swarm is having [another](https://www.giantswarm.io/blog/q1-2020-hackathon-what-can-a-non-techie-do/) hackathon and I still had an itch to scratch, namely, to get an RSS feed like interface to github changes. I [tweeted about it](https://twitter.com/othylmann/status/1260540999291604993?s=20) about a month ago and soon after, an engineer working at one of our customers actually commented on that one offering his help. Soonafter he had a release and the ball was back in my park and I needed to get it going. We have a shared cluster internally that anyone can use for their projects and one would expect that I would just use that one. The problem is simple though. My current job requires very little interaction with Kubernetes on the User side, and I took this as an opportunity to change that. As a side note I wanted to see if I can write a kind of noob entry to using us. I have [the app](https://github.com/wind0r/IssuesToFeed), a Kubernetes Cluster to put it on, a hackathon to use as an excuse, and help from multiple sides. First I needed to install our tooling for interacting with our API, call [gsctl](https://docs.giantswarm.io/reference/gsctl/). Of course, it wasn't all that simple, as I was running the Beta version of MacOS, which I needed to revert to a non-Beta release, loose my laptop login in the process, needing to revive that through my AppleID, and then still download the XCode Command Line Tools. Then I finally could do it. `brew upgrade gsctl` (as I already had it installed previously) Then I could cheat because internally we already have full SSO across all clusters. Customers can do that specially through their SSO system. So all I then needed to do was. `gsctl login --sso` Worked like a charm and it actually remembers the last cluster I was logged into through my browser. Next, upgrade kubectl. `brew upgrade kubectl` Next I obviously need a certificate to log in. `gsctl create kubeconfig --cluster 5jka7 --ttl 1d --certificate-organization system:masters` Then I can do stuff with my cluster. `kubectl cluster-info` (to get infos on the cluster) `kubectl get ns` (gets namespaces) `kubectl create ns othylmann` (Creates my namespace and I named it othylmann so others know its me.) To not get pods out of the default namespace, I change my context. `kubectl config set-context giantswarm-5jka7 --namespace othylmann` Deeply proud of myself, I continued down the line, but thankfully the YAML files and container were already created for me and yes, no internal networking, no storage, and so on. I took the easy way. I have a deployment.yaml that is the basic config of my deployment, what is to run, under which labels, configuration of things and so forth. Then I have a service.yaml that defines a service that is to be kept up and an ingress.yaml that is there to give someone access from the outside. There are other apps that might go into detail on how these work. When simply doing `kubectl create -f deployment.yaml` an error became visible to do not having my github secret set. `kubectl create secret generic github --from-literal='token=$token'`allowed me to set that and slight hack, add a space in front of that line if you do not want it to appear in your history of your command line tool. Then I also created service and yaml. Next up we `kubectl create -f service.yaml` and `kubectl create -f ingress.yaml` followed by `kubectl logs` which shows you that you are done and through `kubectl get ingress -o wide` you get the url of your ingress. The next thing we still want to do is making sure that we don't do everything with the system:masters account, we change that by doing `kubectl create rolebinding othylmann-rss-edit --clusterrole=edit --group=othylmann-rss-edit --namespace=othylmann` followed by `gsctl create kubeconfig --cluster 5jka7 --ttl 1d --certificate-organizations othylmann-rss-edit`