Fix and improve bootstrapping scripts
This commit is contained in:
Jonas Juselius
172
modules/k8s.nix
172
modules/k8s.nix
@@ -29,12 +29,117 @@ let
|
||||
'';
|
||||
};
|
||||
|
||||
cluster-scripts = pkgs.stdenv.mkDerivation {
|
||||
cluster-scripts =
|
||||
let
|
||||
ingressNodes = builtins.foldl' (a: x:
|
||||
a + ",${x}") "${cfg.k8s.master.name}"
|
||||
cfg.k8s.extraIngressNodes;
|
||||
ingressReplicaCount =
|
||||
builtins.toString (1 + builtins.length cfg.k8s.extraIngressNodes);
|
||||
show-kubernetes-charts-config = ''
|
||||
#!/usr/bin/env bash
|
||||
cat << EOF
|
||||
# Generated by show-kubernetes-charts-config
|
||||
# $(date)
|
||||
# Charts in ${kubernetes-charts}/share/kubernetes-charts
|
||||
|
||||
|
||||
vars=(
|
||||
initca="${pki.initca}"
|
||||
apiserver="${cfg.k8s.master.name}"
|
||||
cluster="${cfg.clusterName}"
|
||||
ingress_nodes="${ingressNodes}"
|
||||
ingress_replica_count="${ingressReplicaCount}"
|
||||
fileserver="${cfg.k8s.fileserver}"
|
||||
acme_email="${cfg.k8s.charts.acme_email}"
|
||||
grafana_smtp_user="$(echo -n ${cfg.k8s.charts.grafana_smtp_user} | base64 -w0)"
|
||||
grafana_smtp_password="$(echo -n ${cfg.k8s.charts.grafana_smtp_password} | base64 -w0)"
|
||||
)
|
||||
|
||||
EOF
|
||||
cat << '"'"'EOF'"'"'
|
||||
substitute_all () {
|
||||
local x i k v subs
|
||||
x="$(</dev/stdin)"
|
||||
subs=("$@")
|
||||
for i in "''${subs[@]}"; do
|
||||
k=$(echo "$i" | cut -d= -f1)
|
||||
v=$(echo "$i" | cut -d= -f2 | sed '"'"'s,/,\\/,g'"'"')
|
||||
x=$(echo "$x" | sed "s/@$k@/$v/g")
|
||||
done
|
||||
echo "$x"
|
||||
}
|
||||
|
||||
substitute_defaults () {
|
||||
substitute_all "''${vars[@]}"
|
||||
}
|
||||
|
||||
create_namespace () {
|
||||
kubectl get ns $namespace >/dev/null 2>&1 || kubectl create ns $namespace
|
||||
}
|
||||
|
||||
export_vars () {
|
||||
local i
|
||||
for i in "''${vars[@]}"; do eval "$i"; done
|
||||
}
|
||||
|
||||
kubectl_apply () {
|
||||
local x namespace
|
||||
namespace="$1"; shift
|
||||
x="$(</dev/stdin)"
|
||||
create_namespace $namespace
|
||||
echo "$x" | \
|
||||
substitute_defaults | \
|
||||
kubectl -n $namespace apply $@ -f -
|
||||
}
|
||||
|
||||
kubectl_apply_files () {
|
||||
local i namespace charts
|
||||
namespace=$1; shift
|
||||
charts=("$@")
|
||||
for i in "''${charts[@]}"; do
|
||||
cat "$i" | kubectl_apply $namespace
|
||||
done
|
||||
}
|
||||
|
||||
helm_apply () {
|
||||
local namespace name chart
|
||||
namespace="$1"
|
||||
name="$2"
|
||||
chart="$3"
|
||||
create_namespace $namespace
|
||||
cat values.yaml | \
|
||||
substitute_defaults | \
|
||||
helm template -n $namespace -f- $name $chart | \
|
||||
kubectl -n $namespace apply -f -
|
||||
}
|
||||
|
||||
EOF
|
||||
'';
|
||||
copy-kubernetes-charts = ''
|
||||
#!/usr/bin/env bash
|
||||
if [ \$# = 0 ]; then
|
||||
dest=${cfg.clusterName}-charts
|
||||
else
|
||||
dest=\$1
|
||||
fi
|
||||
echo "Copying charts into \$dest"
|
||||
cp -r ${kubernetes-charts}/share/kubernetes-charts \$dest
|
||||
chown -R \$USER \$dest
|
||||
chmod -R u+w \$dest
|
||||
$out/bin/show-kubernetes-charts-config > \$dest/config.sh
|
||||
'';
|
||||
in
|
||||
pkgs.stdenv.mkDerivation {
|
||||
name = "cluster-scripts";
|
||||
src = ../scripts;
|
||||
buildCommand = ''
|
||||
mkdir -p $out/bin
|
||||
cp $src/* $out/bin
|
||||
echo '${show-kubernetes-charts-config}' > $out/bin/show-kubernetes-charts-config
|
||||
chmod a+x $out/bin/show-kubernetes-charts-config
|
||||
echo "${copy-kubernetes-charts}" > $out/bin/copy-kubernetes-charts
|
||||
chmod a+x $out/bin/copy-kubernetes-charts
|
||||
'';
|
||||
};
|
||||
|
||||
@@ -43,72 +148,10 @@ let
|
||||
src = ../charts;
|
||||
buildCommand = ''
|
||||
mkdir -p $out/share/${name}
|
||||
cp -r $src/* $out/share${name}
|
||||
cp -r $src/* $out/share/${name}
|
||||
'';
|
||||
};
|
||||
|
||||
show-kubernetes-charts-config =
|
||||
let
|
||||
ingressNodes = builtins.foldl' (a: x:
|
||||
a + ", ${x}") "${cfg.k8s.master.name}"
|
||||
cfg.k8s.extraIngressNodes;
|
||||
ingressReplicaCount =
|
||||
builtins.toString (1 + builtins.length cfg.k8s.extraIngressNodes);
|
||||
in
|
||||
pkgs.writeScriptBin "show-kubernetes-charts-config"
|
||||
''
|
||||
#!${pkgs.stdenv.shell}
|
||||
cat << EOF
|
||||
# Generated by show-kubernetes-charts-config
|
||||
# $(date)
|
||||
# Charts in ${kubernetes-charts}
|
||||
|
||||
vars=(
|
||||
initca="${pki.initca}"
|
||||
apiserver="${cfg.k8s.master.name}"
|
||||
cluster="${cfg.clusterName}"
|
||||
ingress_nodes="[ ${ingressNodes} ]"
|
||||
ingress_replica_count="${ingressReplicaCount}"
|
||||
filseserver="${cfg.k8s.fileserver}"
|
||||
acme_email="${cfg.k8s.charts.acme_email}"
|
||||
grafana_smtp_user="$(echo -n ${cfg.k8s.charts.grafana_smtp_user} | base64 -w0)"
|
||||
grafana_smtp_password="$(echo -n ${cfg.k8s.charts.grafana_smtp_password} | base64 -w0)"
|
||||
)
|
||||
|
||||
EOF
|
||||
cat << 'EOF'
|
||||
substitute_all () {
|
||||
read x
|
||||
subs=("$@")
|
||||
for i in "''${subs[@]}"; do
|
||||
k=$(echo "$i" | cut -d= -f1)
|
||||
v=$(echo "$i" | cut -d= -f2)
|
||||
echo "$x" | sed "s/@$k@/$v/g"
|
||||
done
|
||||
}
|
||||
|
||||
substitute_defaults () {
|
||||
substitute_all "''${vars[@]}"
|
||||
}
|
||||
|
||||
kubectl_apply () {
|
||||
read x
|
||||
namespace=$1; shift
|
||||
kubectl get ns $namespace 2>&1 >/dev/null || kubectl create ns $namespace
|
||||
cat $x | substitute_defaults | kubectl -n $namespace apply -f -
|
||||
}
|
||||
|
||||
kubectl_apply_files () {
|
||||
namespace=$1; shift
|
||||
charts=("$@")
|
||||
for i in "''${charts[@]}"; do
|
||||
cat $i | kubectl_apply $namespace
|
||||
done
|
||||
}
|
||||
EOF
|
||||
'';
|
||||
|
||||
|
||||
install-apitoken = ''
|
||||
#!${pkgs.bash}/bin/bash
|
||||
set -e
|
||||
@@ -182,7 +225,6 @@ let
|
||||
pkgs.kubectl
|
||||
cluster-scripts
|
||||
kubernetes-charts
|
||||
show-kubernetes-charts-config
|
||||
];
|
||||
|
||||
systemd.services.kube-certmgr-apitoken-bootstrap = {
|
||||
|
||||
Reference in New Issue
Block a user