Add example steps

README.md

@@ -26,9 +26,23 @@ This operator easily provides NetBird access on Kubernetes clusters, allowing us
 ```sh
 helm repo add netbirdio https://netbirdio.github.io/kubernetes-operator
 ```
-2. (Recommended) Install [cert-manager](https://cert-manager.io/docs/installation/#default-static-install).
-3. (Recommended) Create a values.yaml file, check `helm show values netbirdio/kubernetes-operator` for more info.
-4. Install using `helm install --create-namespace -f values.yaml -n netbird netbird-operator netbirdio/kubernetes-operator`.
+2. (Recommended) Install [cert-manager](https://cert-manager.io/docs/installation/#default-static-install) for k8s API to communicate with the NetBird operator.
+```sh
+kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.17.0/cert-manager.yaml
+```
+3. Add NetBird API token
+```shell
+kubectl create namespace netbird
+kubectl -n netbird create secret generic netbird-mgmt-api-key --from-literal=NB_API_KEY=$(cat ~/nb-pat.secret)
+```
+4. (Recommended) Create a [`values.yaml`](examples/ingress/values.yaml) file, check `helm show values netbirdio/kubernetes-operator` for more info.
+5. Install using `helm install --create-namespace -f values.yaml -n netbird netbird-operator netbirdio/kubernetes-operator`.
+6. (Recommended) Check pod status using `kubectl get pods -n netbird`.
+6. (Optional) Create an [`exposed-nginx.yaml`](examples/ingress/exposed-nginx.yaml) file to create a Nginx service for testing.
+7. (Optional) Apply the Nginx service:
+```sh
+kubectl apply -f exposed-nginx.yaml
+```
 
 > Learn more about the values.yaml options [here](helm/kubernetes-operator/values.yaml) and  [Granting controller access to NetBird Management](docs/usage.md#granting-controller-access-to-netbird-management).
 #### Using install.yaml

examples/ingress/exposed-nginx.yaml

@@ -2,14 +2,14 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   labels:
-    app: test
-  name: test
+    app: nginx
+  name: nginx
   namespace: default
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: test
+      app: nginx
   strategy:
     rollingUpdate:
       maxSurge: 25%
@@ -18,7 +18,7 @@ spec:
   template:
     metadata:
       labels:
-        app: test
+        app: nginx
     spec:
       containers:
       - image: nginx
@@ -32,9 +32,10 @@ metadata:
     netbird.io/expose: "true"
     netbird.io/policy: default
     netbird.io/resource-name: nginx
+    netbird.io/groups: nginx-k8s-gke
   labels:
-    app: test
-  name: test
+    app: nginx
+  name: nginx
   namespace: default
 spec:
   ports:
@@ -43,5 +44,5 @@ spec:
     protocol: TCP
     targetPort: 80
   selector:
-    app: test
+    app: nginx
   type: ClusterIP

examples/ingress/values.yaml

@@ -1,12 +1,19 @@
+#operator:
+#  image:
+#    tag: "0.1.0"
 ingress:
   enabled: true
   router:
     enabled: true
-  policies:
-    default:
-      name: Kubernetes Default Policy
-      sourceGroups:
-      - All
+#  policies:
+#    default:
+#      name: Kubernetes Default Policy
+#      sourceGroups:
+#        - All
 
 netbirdAPI:
-  key: "nbp_m0LM9ZZvDUzFO0pY50iChDOTxJgKFM3DIqmZ" # Replace with valid NetBird Service Account token
+  # Replace with valid NetBird Service Account token (PAT)
+  # https://docs.netbird.io/how-to/access-netbird-public-api#creating-an-access-token
+  #key: "nbp_m0LM9yZvDUzF8fpY20iChDOTxJgKFM3DIqmZ"
+  # Use keyFromSecret instead of plain text secret
+  keyFromSecret: "netbird-mgmt-api-key"