Local Development Setup¶

This guide will help you set up a complete local development environment for RCIIS DevOps using Kind (Kubernetes in Docker).

Environment Options¶

The RCIIS DevOps project provides multiple local development setups to match different needs:

Cilium Cluster (Recommended)Calico ClusterMinimal Cluster

Use Case: Modern development with advanced networking features
Features: eBPF-based networking, network policies, service mesh capabilities
Script: scripts/create_local_cilium.sh

Use Case: Traditional networking with proven stability
Features: Standard CNI networking, basic network policies
Script: scripts/create_local.sh

Use Case: Resource-constrained environments or CI/CD
Features: Basic Kubernetes with minimal components
Script: local/scripts/create_local.sh

Quick Start - Cilium Cluster Setup¶

1. Create the Local Cluster¶

# Navigate to the project root
cd rciis-devops

# Make the script executable
chmod +x scripts/create_local_cilium.sh

# Create the cluster (this takes 5-10 minutes)
./scripts/create_local_cilium.sh

2. Verify the Installation¶

# Check cluster status
kubectl cluster-info --context kind-cilium-cluster

# Verify all pods are running
kubectl get pods --all-namespaces

# Check installed components
kubectl get nodes
kubectl get namespaces

Expected Output:¶

NAME                           STATUS   ROLES           AGE   VERSION
cilium-cluster-control-plane   Ready    control-plane   5m    v1.28.0
cilium-cluster-worker          Ready    <none>          4m    v1.28.0
cilium-cluster-worker2         Ready    <none>          4m    v1.28.0

What Gets Installed¶

The local development cluster includes:

Component	Namespace	Purpose
Cilium	`kube-system`	CNI networking with eBPF
cert-manager	`cert-manager`	TLS certificate management
ArgoCD	`argocd`	GitOps continuous deployment
Strimzi Operator	`strimzi-system`	Kafka cluster management
Camel K	`camel-k`	Integration platform
ApiSIX	`apisix`	API gateway and ingress
MinIO	`minio`	S3-compatible object storage

Step-by-Step Setup Process¶

1. Cluster Creation¶

# The script creates a multi-node Kind cluster
kind create cluster --name cilium-cluster --config scripts/cilium-cluster.yaml

2. Cilium Installation¶

# Install Cilium CNI with eBPF features
helm repo add cilium https://helm.cilium.io/
helm install cilium cilium/cilium \
  --namespace kube-system \
  --set operator.replicas=1 \
  --set ipam.mode=kubernetes

3. Infrastructure Components¶

# Install cert-manager for TLS certificates
helm repo add jetstack https://charts.jetstack.io
helm install cert-manager jetstack/cert-manager \
  --namespace cert-manager \
  --create-namespace \
  --set installCRDs=true

# Install ArgoCD for GitOps
helm repo add argo https://argoproj.github.io/argo-helm
helm install argocd argo/argo-cd \
  --namespace argocd \
  --create-namespace

4. Application Platform¶

# Install Strimzi for Kafka
helm repo add strimzi https://strimzi.io/charts/
helm install strimzi-cluster-operator strimzi/strimzi-kafka-operator \
  --namespace strimzi-system \
  --create-namespace

# Install Camel K for integrations
helm repo add camel-k https://apache.github.io/camel-k/charts
helm install camel-k camel-k/camel-k \
  --namespace camel-k \
  --create-namespace

Configuration Details¶

Cluster Configuration¶

The Kind cluster is configured with:

# scripts/cilium-cluster.yaml
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
name: cilium-cluster
networking:
  disableDefaultCNI: true  # We'll install Cilium
  podSubnet: "10.244.0.0/16"
  serviceSubnet: "10.96.0.0/12"
nodes:
- role: control-plane
  kubeadmConfigPatches:
  - |
    kind: InitConfiguration
    nodeRegistration:
      kubeletExtraArgs:
        node-labels: "ingress-ready=true"
  extraPortMappings:
  - containerPort: 80
    hostPort: 80
    protocol: TCP
  - containerPort: 443
    hostPort: 443
    protocol: TCP
- role: worker
- role: worker

Network Access¶

The cluster exposes services via:

HTTP: localhost:80 → Ingress Controller
HTTPS: localhost:443 → Ingress Controller
ArgoCD UI: Access via port-forward or ingress
Grafana: Access via port-forward (if monitoring enabled)

Working with the Local Environment¶

ArgoCD Access¶

# Get initial admin password
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d

# Port forward to access UI
kubectl port-forward svc/argocd-server -n argocd 8080:443

# Access at https://localhost:8080
# Username: admin
# Password: (from above command)

Deploy Applications¶

# Deploy RCIIS applications using ArgoCD
kubectl apply -f apps/rciis/nucleus/local/

# Or deploy directly with Kustomize
kustomize build --enable-alpha-plugins --enable-exec apps/rciis/nucleus/local/ | kubectl apply -f -

Secret Management¶

# Generate age key for local development
age-keygen -o ~/.config/sops/age/keys.txt

# Encrypt a secret
sops -e --age $(age-keygen -y ~/.config/sops/age/keys.txt) secret.yaml > secret.enc.yaml

# Build with encrypted secrets
kustomize build --enable-alpha-plugins --enable-exec apps/rciis/secrets/local/

Development Workflow¶

1. Make Changes¶

# Edit application configurations
vim apps/rciis/nucleus/local/values.yaml

# Update Helm chart
vim charts/rciis/templates/deployment.yaml

2. Test Locally¶

# Validate Helm chart
helm lint charts/rciis

# Test Kustomize build
kustomize build --enable-alpha-plugins --enable-exec apps/rciis/nucleus/local/

# Dry-run deployment
kubectl apply --dry-run=client -f manifests.yaml

3. Deploy Changes¶

# Deploy via ArgoCD (GitOps way)
kubectl apply -f apps/rciis/nucleus/local/

# Or deploy directly (development way)
helm upgrade --install nucleus charts/rciis -f apps/rciis/nucleus/local/values.yaml

Troubleshooting¶

Common Issues¶

Cluster Creation Fails¶

# Clean up and retry
kind delete cluster --name cilium-cluster
docker system prune -f
./scripts/create_local_cilium.sh

Pods Not Starting¶

# Check pod status
kubectl get pods --all-namespaces -o wide

# Describe problematic pods
kubectl describe pod <pod-name> -n <namespace>

# Check logs
kubectl logs <pod-name> -n <namespace>

Network Issues¶

# Test Cilium connectivity
kubectl exec -n kube-system ds/cilium -- cilium connectivity test

# Check DNS resolution
kubectl run -it --rm debug --image=busybox --restart=Never -- nslookup kubernetes.default

SOPS/Encryption Issues¶

# Verify age key
age --version
ls -la ~/.config/sops/age/keys.txt

# Test encryption/decryption
echo "test" | sops -e --age $(age-keygen -y ~/.config/sops/age/keys.txt) /dev/stdin

Clean Up¶

# Delete the cluster
kind delete cluster --name cilium-cluster

# Clean up Docker resources
docker system prune -f

# Remove kubeconfig context
kubectl config delete-context kind-cilium-cluster

Advanced Configuration¶

Enable Monitoring¶

# Install Prometheus and Grafana
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm install monitoring prometheus-community/kube-prometheus-stack \
  --namespace monitoring \
  --create-namespace

Enable Service Mesh¶

# Enable Cilium service mesh features
helm upgrade cilium cilium/cilium \
  --namespace kube-system \
  --reuse-values \
  --set envoy.enabled=true \
  --set l7Proxy=true

Custom Domain Names¶

Add to /etc/hosts for easy access:

127.0.0.1 argocd.local
127.0.0.1 nucleus.local
127.0.0.1 grafana.local

Next Steps¶

Quick Start - Deploy your first application
Architecture Overview - Understand the system design
Development Guide - Advanced development workflows
Troubleshooting - Common issues and solutions