Register Minikube Kubernetes Cluster with SCP Service Manager

To consume SAP Cloud Platform services in your Minikube, your cluster must be registered at the Service Manager in the context of a subaccount. For this, you need a Global account and a subaccount, and must be administrator of this subaccount. For your production Kubernetes cluster has to be configured the same way with SAP Cloud Platform to establish the connection.


Kubernetes Cluster

Kubectl – v1.7 or higher

Helm 3 – install helm in Mac OS using brew (currently it will install v3.1.1). You can also download the desired version of helm from release site and install manually.

brew install helm

Service Manger CLI v1.7.3 or higher – Link

Tiller (Helm Server Side Component) – As we are using Helm 3, we don’t need to run init.

Configuration In SAP Cloud Platform

Get a sub account or create a new sub account under your global account. Make sure you are the security administrator to see the security tab in the left navigation. I have created a sub account SCP-K8 for my usage.

Access to Service Manager API

The Kubernetes cluster must be registered at the Service Manager to access services from SAP Cloud Platform in Kubernetes. For this, you first need to obtain the credentials for the Service Manager.

Navigate to the sub account in SAP Cloud Platform Cockpit → Subscriptions → Service Manager and subscribe.

Assign your IDP users to the sub account service administrator collection

In the SAP Cloud Platform cockpit, navigate to your subaccount and choose Security → Trust Configuration → SAP ID Service.

Assign Subaccount Service Administrator role collection to your email address.

Repeat the same for other users to have access to Service Manager API

Login to Service Manager

Login to Service Manger using Service Manager CLI.

smctl login -a https://service-manager.cfapps.<landscape domain> --param subdomain=<subdomain>
User: <user name with service manager role>
Password: *****

For me following are the details

smctl login -a --param subdomain=scpk8

Register Sub Account Scoped Cluster

$ smctl register-platform minikube kubernetes
ID                                    Name      Type        Description  Created                      Updated                      Labels                                              Username                                      Password                                     
------------------------------------  --------  ----------  -----------  ---------------------------  ---------------------------  --------------------------------------------------  --------------------------------------------  -------------------------------------------- 
4f7c0ef1-2e84-4124-b55f-7a36f2d79843  minikube  kubernetes               2020-02-25T04:30:28.971113Z  2020-02-25T04:30:28.971113Z  subaccount_id=55d8129b-1e6b-4231-9c80-000ae080f9dd  xxxxxxxxxxxxxxusernamexxxxxxxxxxxxxxxxxxxx  xxxxxxxxxxxxxxxxpasswordxxxxxxxxxxxxxxxxxxxxx

Save the credential some where safe. We will be needing this while configuring service manager broker.

Install Service Catalog in Minikube

If all prerequisites like minikube, kubectl, helm are installed you can start your minikube cluster using the following command.

minikube start --vm-driver=hyperkit  --hyperkit-vpnkit-sock=/Users/xxx/Library/Containers/com.docker.docker/Data/vpnkit.eth.sock --kubernetes-version=1.17.3

Now when your helm is connected to tiller at minikube, we are ready to install service-catalog using helm. Let’s first add the service-catalog repository to helm.

helm repo add svc-cat

Let’s see if we have the service-catalog available for install. Use the following command to search in the repository.

helm search repo service-catalog//in helm 3
helm search service-catalog// in helm 2
//As I am using helm 3
$ helm search repo service-catalog
NAME                    CHART VERSION    APP VERSION    DESCRIPTION                                      
svc-cat/catalog         0.2.1                           service-catalog API server and controller-manag...
svc-cat/catalog-v0.2    0.2.2                           service-catalog API server and controller-manag...

Now let’s install service-catalog using the following command.

kubectl create namespace catalog
helm install catalog svc-cat/catalog --namespace catalog --version 0.3.0-beta.2

Install Service Manger Broker Proxy in Minikube

Add the service manager broker proxy repository to helm.

helm repo add peripli ''

Install the service manager agent using the following command.

kubectl create namespace service-broker-proxy
helm install service-broker-proxy peripli/service-broker-proxy-k8s \
  --namespace service-broker-proxy \
  --set image.tag=v0.3.2 \
  --set \
  --set sm.user=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \
  --set sm.password=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

sm.user and sm.password, we have already got while registering our cluster using service manager cli.  sm.url is the service manager url.

Install Service Catalog CLI

Use following to install service catalog cli in Mac OS. This is required to work with service catalog installed in minikube.

curl -sLO
chmod +x ./svcat
mv ./svcat /usr/local/bin/
svcat version --client

Configure svcat to use your local kubeconfig

export kubeconfig="/Users/xxx/.kube/config"

Test The Connectivity To SAP Cloud Platform

$ svcat marketplace
             CLASS                 PLANS                DESCRIPTION           
  feature-flags                 lite          Feature Flags service for       
                                              controlling feature rollout     
  sdm                           standard      Document management for         
                                              Business Applications           
  auditlog-management           default       Retrieve logs and change        
  malware-scanner               external      Scan single files for threats,  
                                              via HTTP                        
  transport                     standard      Provides programmatic access    
                                              to Transport Management.        
  transport-ci                  standard      Provides programmatic access    
                                              to Transport Management.        
  hana-cloud                    hana          Leverage the in-memory data     
                                              processing capabilities of      
                                              SAP HANA in the cloud as one    
                                              simple gateway to all data.     
  metering-service              development   Metering-as a Service on        
                                              SAP Cloud platform enables      
                                              services to meter their usage   
                                              information, so it can be used  
                                              later for commercial purposes   
                                              like billing or license         
  sap-onpremise-extensibility   api-access    Connects extension              
                                              applications running in an SAP  
                                              Cloud Platform subaccount to    
                                              an On-Premise system.           
  xsuaa                         broker        Manage application              
                                              authorizations and trust to     
                                              identity providers.             

You may have to modify your entitlement in SAP Cloud Platform Cockpit. For doing so navigate to SAP Cloud Platform Cockpit → Entitlements → Configure Entitlements → Add Service Plans and save once done.

Now let’s create a service instance of xsuaa using the following command.

$ svcat provision mdcs-hana --class hana-cloud --plan hana
  Name:        xsuaa-example                                                   
  Namespace:   default                                                         
  Class:       xsuaa                                                           
  Plan:        z48zz57zz45zgt9z2fzjz4azz47zz4-fd5fd60de69db525c44c9608067cb61a 
  No parameters defined

Let’s now get all the instances that were provisioned.

$ svcat get instance
       NAME        NAMESPACE   CLASS                                PLAN                                 STATUS 
  xsuaa-example    default     xsuaa   z48zz57zz45zgt9z2fzjz4azz47zz4-fd5fd60de69db525c44c9608067cb61a   Ready

Let’s try deprovisioning the service instance.

svcat deprovision xsuaa-example

Multi Cloud Architecture gives you the provision to support platforms across multiple cloud provides. Like SAP Cloud Platform, you can have service manger broker set up for Google Cloud Platform and Amazon Web Services too.

Original Article:

Related blogs


Please enter your comment!
Please enter your name here