-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathkind-demo.sh
executable file
·128 lines (98 loc) · 4.07 KB
/
kind-demo.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#!/bin/bash
set -euv
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
METALLB_VERSION=v0.14.5
export KIND_NODE_VERSION=v1.30.2
CERT_MANAGER_VERSION=v1.15.1
ISTIO_CSR_VERSION=0.9.0
mkdir -p istio/generated
mkdir -p clusters/generated
both_contexts() {
for i in {1..2}
do
file=$(echo $1 | sed "s/{i}/$i/")
kubectl apply -f $file --context "kind-so${i}"
done
}
both_contexts_command() {
arg="--context"
if [ $# -gt 1 ]; then
arg="--$2"
fi
for i in {1..2}
do
cmd=$(echo $1 | sed "s/{i}/$i/")
eval "$cmd $arg kind-so${i}"
done
}
in_context_func() {
for i in {1..2}
do
export i
kubectl config set-context kind-so$i || true
$1
done
}
sub_cluster() {
envsubst < ${SCRIPT_DIR}/clusters/config.yaml > clusters/generated/config-${i}.yaml
}
in_context_func sub_cluster
kind create cluster --config "${SCRIPT_DIR}/clusters/generated/config-1.yaml" --name so1
kind create cluster --config "${SCRIPT_DIR}/clusters/generated/config-2.yaml" --name so2
both_contexts https://raw.githubusercontent.com/metallb/metallb/${METALLB_VERSION}/config/manifests/metallb-native.yaml
both_contexts_command "kubectl rollout status deploy -n metallb-system controller"
export first_two=$(docker network inspect -f '{{$map := index .IPAM.Config 0}}{{index $map "Subnet"}}' kind | awk -F. '{for(i=1;i<=2;i++){print $i}}' | tr '\n' '.')
sub_metallb() {
envsubst < ${SCRIPT_DIR}/clusters/metallb.yaml > clusters/generated/metallb${i}.yaml
}
in_context_func sub_metallb
both_contexts clusters/generated/metallb{i}.yaml
(
cd vault
docker-compose up -d
sleep 5
export VAULT_ADDR=$(docker inspect vault | jq -r '.[0].NetworkSettings.Networks.kind.IPAddress')
envsubst < ../clusters/coredns.yaml.tmpl > ../clusters/generated/coredns.yaml
)
both_contexts clusters/generated/coredns.yaml
both_contexts "https://github.com/cert-manager/cert-manager/releases/download/${CERT_MANAGER_VERSION}/cert-manager.yaml"
both_contexts_command "kubectl rollout status deploy -n cert-manager cert-manager-webhook"
both_contexts_command "kubectl rollout status deploy -n cert-manager cert-manager-cainjector"
both_contexts_command "kubectl rollout status deploy -n cert-manager cert-manager"
both_contexts_command "kubectl create ns istio-system"
both_contexts clusters/vault-token-secret.yaml
sub_vault() {
envsubst < ${SCRIPT_DIR}/clusters/vault-issuer.yaml > clusters/generated/vault-issuer${i}.yaml
}
in_context_func sub_vault
both_contexts clusters/generated/vault-issuer{i}.yaml
both_contexts_command "helm upgrade --install -n istio-system cert-manager-istio-csr -f clusters/csr-values.yaml --set app.server.clusterID=istio-so{i} --version ${ISTIO_CSR_VERSION} jetstack/cert-manager-istio-csr" "kube-context"
both_contexts_command "kubectl rollout status deploy -n istio-system cert-manager-istio-csr"
deploy_istio() {
echo "Starting istio deployment in cluster${i}"
kubectl --context "kind-so${i}" get namespace istio-system && \
kubectl --context "kind-so${i}" label --overwrite namespace istio-system topology.istio.io/network="network${i}"
sed -e "s/{i}/${i}/" istio/cluster.yaml > "istio/generated/cluster${i}.yaml"
istioctl install --context "kind-so${i}" --force -y -f "istio/generated/cluster${i}.yaml"
echo "Generate eastwest gateway in cluster${i}"
${SCRIPT_DIR}/istio/gen-eastwest-gateway.sh \
--mesh "mesh1" --cluster "istio-so${i}" --network "network${i}" | \
istioctl --context "kind-so${i}" install -y -f -
}
in_context_func deploy_istio
both_contexts "istio/expose-services.yaml"
both_contexts "istio/telemetry.yaml"
connect_cluster() {
docker_ip=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "so${i}-control-plane")
istioctl create-remote-secret \
--context="kind-so${i}" \
--server="https://${docker_ip}:6443" \
--name="istio-so${i}" > "istio/generated/so${i}-control-plane.yaml"
}
in_context_func connect_cluster
apply_connect() {
j=$((i %2 + 1))
kubectl --context "kind-so${i}" apply -f istio/generated/so${j}-control-plane.yaml
}
in_context_func apply_connect
both_contexts "clusters/app.yaml"