devel: Remove vCluster

Now available on the `vcluster` branch
2026-01-20 18:53:17 +01:00
parent 1e8584281a
commit 411550cc23
9 changed files with 0 additions and 143 deletions
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-# the shebang is ignored, but nice for editors
-
-if type -P lorri &>/dev/null; then
-  eval "$(lorri direnv)"
-else
-  echo 'while direnv evaluated .envrc, could not find the command "lorri" [https://github.com/nix-community/lorri]'
-  use nix
-fi
@@ -1,2 +0,0 @@
-~
-_*
@@ -1,7 +0,0 @@
-# Oceanbox k8s vcluster setup
-
-The script `./create-vcluster.sh` provisions a personal vcluster on a Kubernetes cluster, for usage
-with Tilt. It also automatically provisions a local `Dapr` installation on the cluster, and sets up a
-CNPG psql database cluster on the host system, and tunnels it to the vcluster for Archmeister. In
-addition, it sets up an ingress and a kubeconfig.yaml for convenient access, if `vcluster connect` isn't
-available.
@@ -1,69 +0,0 @@
-#!/usr/bin/env bash
-
-if [ ! $# -ge 1 ]; then
-    echo "usage: $0 cluster [helm args]"
-    exit 1
-fi
-
-k='kubectl --context oceanbox'
-
-name=$1
-ns=$name-vcluster
-shift
-
-yq ".clusters[]|select(.name|contains(\"$name-vcluster\")).name" ~/.kube/config | grep -q "$name"
-
-if [ $? = 0 ]; then
-    $k get ns $ns >/dev/null 2>&1 || $k create ns $ns
-    # helm template -n $ns $@ $name oceanbox/atlantis-vcluster | $k apply -f -
-    helm template -n $ns $@ $name ../charts/vcluster | $k apply -f -
-
-    echo "waiting for vcluster $name to appear... "
-    while true; do
-        $k wait -n $ns --for=condition=ready pod -l app=vcluster 2>&1 > /dev/null
-        if [ $? != 0 ]; then
-            echo "zzz..."
-            sleep 15
-        else
-            break
-        fi
-    done
-    vcluster connect $name-vcluster -- kubectl -n dapr-system wait pod --for=condition=ready -l app=dapr-operator
-    echo "wating 20s for Dapr..."
-    sleep 20
-    tmp=/tmp/$name-vlcuster.tmp$$
-    kubectl kustomize ../resources/atlantis/manifests/staging > $tmp
-    vcluster connect $name-vcluster -- kubectl apply -f $tmp
-    rm $tmp
-else
-    cat << EOF
-***
-*** $name-vcluster must be defined in ~/.kube/config
-***
-clusters:
- cluster:
-    insecure-skip-tls-verify: true
-    server: https://$name-vcluster.beta.oceanbox.io
-  name: $name-vcluster
-contexts:
- context:
-    cluster: $name-vcluster
-    namespace: atlantis
-    user: oidc
-  name: $name-vcluster
-users:
- name: oidc
-  user:
-    exec:
-      apiVersion: client.authentication.k8s.io/v1beta1
-      args:
-      - oidc-login
-      - get-token
-      - --oidc-issuer-url=https://login.microsoftonline.com/3f737008-e9a0-4485-9d27-40329d288089/v2.0
-      - --oidc-client-id=9b6daef0-02fa-4574-8949-f7c1b5fccd15
-      - --oidc-client-secret=[redacted]
-      command: kubectl
-EOF
-fi
-
-
@@ -1,3 +0,0 @@
-#!/bin/sh
-
-./create-vcluster.sh staging --set persistence=true
@@ -1,12 +0,0 @@
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: oidc-cluster-admin
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: cluster-admin
-subjects:
- kind: Group
-  name: eb17a659-4ce6-41bc-9153-d9b117c44479
-
@@ -1,22 +0,0 @@
-#!/usr/bin/env bash
-#
-
-if [ ! $# -ge 1 ]; then
-    echo "usage: $0 cluster [helm args]"
-    exit 1
-fi
-
-if [ ! -f create-vcluster.sh ]; then
-    echo "error: must be run from toplevel directory"
-    exit 1
-fi
-
-k='kubectl --context oceanbox'
-
-name=$1
-cluster=$name-vcluster
-shift
-
-token=$(kubectl get secret --context $cluster -n kube-system admin-token -o json | jq .data.token | tr -d '"' | base64 -d)
-config=$(echo "{\"bearerToken\": \"$token\", \"tlsClientConfig\": { \"insecure\" : true }}" | base64 -w0)
-$k patch -n argocd secret cluster-$cluster -p "{\"data\":{\"config\":\"$config\"}}"
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-vcluster connect $1-vcluster -n $1-vcluster \
-    --context oceanbox \
-    --update-current=true \
-    --kube-config-context-name $1-vcluster \
-    --insecure --cluster-role cluster-admin \
-    --service-account kube-system/admin \
-    --server https://$1-vcluster.beta.oceanbox.io
-
@@ -1,9 +0,0 @@
-with import <nixpkgs> {};
-mkShell rec {
-  nativeBuildInputs = [
-    dapr-cli
-    vcluster
-  ];
-
-  shellHook = '' '';
-}