oceanbox/platform
6
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Fix and improve bootstrapping scripts

Browse Source
This commit is contained in:
Jonas Juselius
2020-11-06 15:44:59 +01:00
parent 904a02de59
commit 69b97020e6
1 changed files with 113 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

184
modules/k8s.nix
View File

@@ -29,13 +29,118 @@ let
''; '';
}; };
cluster-scripts = pkgs.stdenv.mkDerivation { cluster-scripts =
name = "cluster-scripts"; let
src = ../scripts; ingressNodes = builtins.foldl' (a: x:
buildCommand = '' a + ",${x}") "${cfg.k8s.master.name}"
mkdir -p $out/bin cfg.k8s.extraIngressNodes;
cp $src/* $out/bin ingressReplicaCount =
''; builtins.toString (1 + builtins.length cfg.k8s.extraIngressNodes);
show-kubernetes-charts-config = ''
#!/usr/bin/env bash
cat << EOF
# Generated by show-kubernetes-charts-config
# $(date)
# Charts in ${kubernetes-charts}/share/kubernetes-charts
vars=(
initca="${pki.initca}"
apiserver="${cfg.k8s.master.name}"
cluster="${cfg.clusterName}"
ingress_nodes="${ingressNodes}"
ingress_replica_count="${ingressReplicaCount}"
fileserver="${cfg.k8s.fileserver}"
acme_email="${cfg.k8s.charts.acme_email}"
grafana_smtp_user="$(echo -n ${cfg.k8s.charts.grafana_smtp_user} | base64 -w0)"
grafana_smtp_password="$(echo -n ${cfg.k8s.charts.grafana_smtp_password} | base64 -w0)"
)
EOF
cat << '"'"'EOF'"'"'
substitute_all () {
local x i k v subs
x="$(</dev/stdin)"
subs=("$@")
for i in "''${subs[@]}"; do
k=$(echo "$i" | cut -d= -f1)
v=$(echo "$i" | cut -d= -f2 | sed '"'"'s,/,\\/,g'"'"')
x=$(echo "$x" | sed "s/@$k@/$v/g")
done
echo "$x"
}
substitute_defaults () {
substitute_all "''${vars[@]}"
}
create_namespace () {
kubectl get ns $namespace >/dev/null 2>&1 || kubectl create ns $namespace
}
export_vars () {
local i
for i in "''${vars[@]}"; do eval "$i"; done
}
kubectl_apply () {
local x namespace
namespace="$1"; shift
x="$(</dev/stdin)"
create_namespace $namespace
echo "$x" | \
substitute_defaults | \
kubectl -n $namespace apply $@ -f -
}
kubectl_apply_files () {
local i namespace charts
namespace=$1; shift
charts=("$@")
for i in "''${charts[@]}"; do
cat "$i" | kubectl_apply $namespace
done
}
helm_apply () {
local namespace name chart
namespace="$1"
name="$2"
chart="$3"
create_namespace $namespace
cat values.yaml | \
substitute_defaults | \
helm template -n $namespace -f- $name $chart | \
kubectl -n $namespace apply -f -
}
EOF
'';
copy-kubernetes-charts = ''
#!/usr/bin/env bash
if [ \$# = 0 ]; then
dest=${cfg.clusterName}-charts
else
dest=\$1
fi
echo "Copying charts into \$dest"
cp -r ${kubernetes-charts}/share/kubernetes-charts \$dest
chown -R \$USER \$dest
chmod -R u+w \$dest
$out/bin/show-kubernetes-charts-config > \$dest/config.sh
'';
in
pkgs.stdenv.mkDerivation {
name = "cluster-scripts";
src = ../scripts;
buildCommand = ''
mkdir -p $out/bin
cp $src/* $out/bin
echo '${show-kubernetes-charts-config}' > $out/bin/show-kubernetes-charts-config
chmod a+x $out/bin/show-kubernetes-charts-config
echo "${copy-kubernetes-charts}" > $out/bin/copy-kubernetes-charts
chmod a+x $out/bin/copy-kubernetes-charts
'';
}; };
kubernetes-charts = pkgs.stdenv.mkDerivation rec { kubernetes-charts = pkgs.stdenv.mkDerivation rec {
@@ -43,72 +148,10 @@ let
src = ../charts; src = ../charts;
buildCommand = '' buildCommand = ''
mkdir -p $out/share/${name} mkdir -p $out/share/${name}
cp -r $src/* $out/share${name} cp -r $src/* $out/share/${name}
''; '';
}; };
show-kubernetes-charts-config =
let
ingressNodes = builtins.foldl' (a: x:
a + ", ${x}") "${cfg.k8s.master.name}"
cfg.k8s.extraIngressNodes;
ingressReplicaCount =
builtins.toString (1 + builtins.length cfg.k8s.extraIngressNodes);
in
pkgs.writeScriptBin "show-kubernetes-charts-config"
''
#!${pkgs.stdenv.shell}
cat << EOF
# Generated by show-kubernetes-charts-config
# $(date)
# Charts in ${kubernetes-charts}
vars=(
initca="${pki.initca}"
apiserver="${cfg.k8s.master.name}"
cluster="${cfg.clusterName}"
ingress_nodes="[ ${ingressNodes} ]"
ingress_replica_count="${ingressReplicaCount}"
filseserver="${cfg.k8s.fileserver}"
acme_email="${cfg.k8s.charts.acme_email}"
grafana_smtp_user="$(echo -n ${cfg.k8s.charts.grafana_smtp_user} | base64 -w0)"
grafana_smtp_password="$(echo -n ${cfg.k8s.charts.grafana_smtp_password} | base64 -w0)"
)
EOF
cat << 'EOF'
substitute_all () {
read x
subs=("$@")
for i in "''${subs[@]}"; do
k=$(echo "$i" | cut -d= -f1)
v=$(echo "$i" | cut -d= -f2)
echo "$x" | sed "s/@$k@/$v/g"
done
}
substitute_defaults () {
substitute_all "''${vars[@]}"
}
kubectl_apply () {
read x
namespace=$1; shift
kubectl get ns $namespace 2>&1 >/dev/null || kubectl create ns $namespace
cat $x | substitute_defaults | kubectl -n $namespace apply -f -
}
kubectl_apply_files () {
namespace=$1; shift
charts=("$@")
for i in "''${charts[@]}"; do
cat $i | kubectl_apply $namespace
done
}
EOF
'';
install-apitoken = '' install-apitoken = ''
#!${pkgs.bash}/bin/bash #!${pkgs.bash}/bin/bash
set -e set -e
@@ -182,7 +225,6 @@ let
pkgs.kubectl pkgs.kubectl
cluster-scripts cluster-scripts
kubernetes-charts kubernetes-charts
show-kubernetes-charts-config
]; ];
systemd.services.kube-certmgr-apitoken-bootstrap = { systemd.services.kube-certmgr-apitoken-bootstrap = {