devel: Remove vCluster

Now available on the `vcluster` branch
2026-01-20 18:53:17 +01:00
parent 1e8584281a
commit 411550cc23
9 changed files with 0 additions and 143 deletions
@@ -1,9 +0,0 @@
 #!/usr/bin/env bash
 # the shebang is ignored, but nice for editors
 if type -P lorri &>/dev/null; then
  eval "$(lorri direnv)"
 else
  echo 'while direnv evaluated .envrc, could not find the command "lorri" [https://github.com/nix-community/lorri]'
  use nix
 fi
@@ -1,2 +0,0 @@
 ~
 _*
@@ -1,7 +0,0 @@
 # Oceanbox k8s vcluster setup
 The script `./create-vcluster.sh` provisions a personal vcluster on a Kubernetes cluster, for usage
 with Tilt. It also automatically provisions a local `Dapr` installation on the cluster, and sets up a
 CNPG psql database cluster on the host system, and tunnels it to the vcluster for Archmeister. In
 addition, it sets up an ingress and a kubeconfig.yaml for convenient access, if `vcluster connect` isn't
 available.
@@ -1,69 +0,0 @@
 #!/usr/bin/env bash
 if [ ! $# -ge 1 ]; then
    echo "usage: $0 cluster [helm args]"
    exit 1
 fi
 k='kubectl --context oceanbox'
 name=$1
 ns=$name-vcluster
 shift
 yq ".clusters[]|select(.name|contains(\"$name-vcluster\")).name" ~/.kube/config | grep -q "$name"
 if [ $? = 0 ]; then
    $k get ns $ns >/dev/null 2>&1 || $k create ns $ns
    # helm template -n $ns $@ $name oceanbox/atlantis-vcluster | $k apply -f -
    helm template -n $ns $@ $name ../charts/vcluster | $k apply -f -
    echo "waiting for vcluster $name to appear... "
    while true; do
        $k wait -n $ns --for=condition=ready pod -l app=vcluster 2>&1 > /dev/null
        if [ $? != 0 ]; then
            echo "zzz..."
            sleep 15
        else
            break
        fi
    done
    vcluster connect $name-vcluster -- kubectl -n dapr-system wait pod --for=condition=ready -l app=dapr-operator
    echo "wating 20s for Dapr..."
    sleep 20
    tmp=/tmp/$name-vlcuster.tmp$$
    kubectl kustomize ../resources/atlantis/manifests/staging > $tmp
    vcluster connect $name-vcluster -- kubectl apply -f $tmp
    rm $tmp
 else
    cat << EOF
 ***
 *** $name-vcluster must be defined in ~/.kube/config
 ***
 clusters:
 - cluster:
    insecure-skip-tls-verify: true
    server: https://$name-vcluster.beta.oceanbox.io
  name: $name-vcluster
 contexts:
 - context:
    cluster: $name-vcluster
    namespace: atlantis
    user: oidc
  name: $name-vcluster
 users:
 - name: oidc
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1beta1
      args:
      - oidc-login
      - get-token
      - --oidc-issuer-url=https://login.microsoftonline.com/3f737008-e9a0-4485-9d27-40329d288089/v2.0
      - --oidc-client-id=9b6daef0-02fa-4574-8949-f7c1b5fccd15
      - --oidc-client-secret=[redacted]
      command: kubectl
 EOF
 fi
@@ -1,3 +0,0 @@
 #!/bin/sh
 ./create-vcluster.sh staging --set persistence=true
@@ -1,12 +0,0 @@
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: oidc-cluster-admin
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
 subjects:
 - kind: Group
  name: eb17a659-4ce6-41bc-9153-d9b117c44479
@@ -1,22 +0,0 @@
 #!/usr/bin/env bash
 #
 if [ ! $# -ge 1 ]; then
    echo "usage: $0 cluster [helm args]"
    exit 1
 fi
 if [ ! -f create-vcluster.sh ]; then
    echo "error: must be run from toplevel directory"
    exit 1
 fi
 k='kubectl --context oceanbox'
 name=$1
 cluster=$name-vcluster
 shift
 token=$(kubectl get secret --context $cluster -n kube-system admin-token -o json | jq .data.token | tr -d '"' | base64 -d)
 config=$(echo "{\"bearerToken\": \"$token\", \"tlsClientConfig\": { \"insecure\" : true }}" | base64 -w0)
 $k patch -n argocd secret cluster-$cluster -p "{\"data\":{\"config\":\"$config\"}}"
@@ -1,10 +0,0 @@
 #!/bin/sh
 vcluster connect $1-vcluster -n $1-vcluster \
    --context oceanbox \
    --update-current=true \
    --kube-config-context-name $1-vcluster \
    --insecure --cluster-role cluster-admin \
    --service-account kube-system/admin \
    --server https://$1-vcluster.beta.oceanbox.io
@@ -1,9 +0,0 @@
 with import <nixpkgs> {};
 mkShell rec {
  nativeBuildInputs = [
    dapr-cli
    vcluster
  ];
  shellHook = '' '';
 }
		`@@ -1,3 +0,0 @@`
			`#!/bin/sh`

			`./create-vcluster.sh staging --set persistence=true`