oceanbox/platform
6
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Totally revamp cluster chart configs

Browse Source
This commit is contained in:
Jonas Juselius
2020-11-05 21:06:57 +01:00
parent 3a69e7f1f1
commit f5d8ed6915
1 changed files with 65 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
modules/k8s.nix
View File

@@ -29,55 +29,66 @@ let
'';
};
kube-system-bootstrap =
let
workerNodes = pkgs.writeText "kube-worker-nodes" (
builtins.foldl' (a: x:
a + " - ${x.address}\n") "" cfg.k8s.nodes);
grafanaLdap = pkgs.writeText "grafana-ldap.toml"
cfg.k8s.bootstrap.grafana_ldap_toml;
in
pkgs.stdenv.mkDerivation {
name = "kube-system-bootstrap";
src = ../bootstrap;
cluster-scripts = pkgs.stdenv.mkDerivation {
name = "cluster-scripts";
src = ../scripts;
buildCommand = ''
share=$out/share/kube-system-bootstrap
mkdir -p $out/bin
mkdir -p $share/bin
mkdir -p $share/config
mkdir -p $share/charts
export bash="${pkgs.bash}"
export apiserver="${cfg.k8s.master.name}"
export apiserverAddress="${cfg.k8s.master.address}"
export initca="${pki.initca}"
export cluster="${cfg.clusterName}"
export fileserver="${cfg.k8s.fileserver}"
export acme_email="${cfg.k8s.bootstrap.acme_email}"
export grafana_smtp_user="$(echo -n ${cfg.k8s.bootstrap.grafana_smtp_user} | base64 -w0)"
export grafana_smtp_password="$(echo -n ${cfg.k8s.bootstrap.grafana_smtp_password} | base64 -w0)"
export grafana_ldap_toml="$(cat ${grafanaLdap} | base64 -w0)"
export workers="$(cat ${workerNodes})"
substituteAll $src/bin/initial-kube-system-bootstrap $share/bin/initial-kube-system-bootstrap
chmod 755 $share/bin/initial-kube-system-bootstrap
substituteAll $src/copy-kube-system-bootstrap $out/bin/copy-kube-system-bootstrap
chmod 755 $out/bin/copy-kube-system-bootstrap
cd $src/config
for i in *; do
substituteAll $i $share/config/$i
done
cd $src/charts
for i in *; do
substituteAll $i $share/charts/$i
done
cp $src/bin/* $share/bin
cp $src/* $out/bin
'';
};
show-kubernetes-charts-config =
let
ingressNodes = builtins.foldl' (a: x:
a + ", ${x}") "${cfg.k8s.master.name}"
cfg.k8s.extraIngressNodes;
ingressReplicas =
builtins.toString (1 + builtins.length cfg.k8s.extraIngressNodes);
grafanaLdap = pkgs.writeText "grafana-ldap.toml"
cfg.k8s.charts.grafana_ldap_toml;
in
pkgs.writeScriptBin "show-kubernetes-charts-config"
''
#!${pkgs.stdenv.shell}
cat << EOF
# Generated by show-kubernetes-charts-config
# $(date)
vars=(
initca="${pki.initca}"
apiserver="${cfg.k8s.master.name}"
cluster="${cfg.clusterName}"
ingress_nodes="[ ${ingressNodes} ]"
ingress_replicas="${ingressReplicas}"
filseserver="${cfg.k8s.fileserver}"
acme_email="${cfg.k8s.charts.acme_email}"
grafana_smtp_user="$(echo -n ${cfg.k8s.charts.grafana_smtp_user} | base64 -w0)"
grafana_smtp_password="$(echo -n ${cfg.k8s.charts.grafana_smtp_password} | base64 -w0)"
grafana_ldap_toml="$(cat ${grafanaLdap} | base64 -w0)"
)
EOF
cat << 'EOF'
make_substitutions () {
read x
for i in "''${vars[@]}"; do
k=$(echo "$i" | cut -d= -f1)
v=$(echo "$i" | cut -d= -f2)
echo "$x" | sed "s/@$k@/$v/g"
done
}
kubectl_apply () {
charts=("$@")
for i in "''${charts[@]}"; do
k=$(echo "$i" | cut -d= -f1)
v=$(echo "$i" | cut -d= -f2)
sed "s/@$k@/$v/g" $i | kubectl apply -f -
done
}
EOF
'';
};
install-apitoken = ''
#!${pkgs.bash}/bin/bash
@@ -150,7 +161,8 @@ let
environment.systemPackages = [
pkgs.kubernetes-helm
pkgs.kubectl
kube-system-bootstrap
cluster-scripts
show-kubernetes-charts-config
];
systemd.services.kube-certmgr-apitoken-bootstrap = {
@@ -220,6 +232,11 @@ in {
default = "10.0.0.0/16";
};
extraIngressNodes = mkOption {
type = types.listOf types.str;
default = [];
};
master = {
enable = mkEnableOption "Enable kubernetes master node";
@@ -248,7 +265,7 @@ in {
enable = mkEnableOption "Enable kubernetes";
};
bootstrap = {
charts = {
acme_email = mkOption {
type = types.str;
default = "";