remove apple, add echo, adjust to new k3s
This commit is contained in:
parent
2a48b541b8
commit
bd83b4a0f8
11 changed files with 23 additions and 102 deletions
|
|
@ -9,7 +9,7 @@ data class K3sConfig(
|
|||
val node: Node,
|
||||
val loopback: Loopback = Loopback(ipv4 = "192.168.5.1", ipv6 = "fc00::5:1"),
|
||||
val certmanager: Certmanager? = null,
|
||||
val apple: Apple? = null,
|
||||
val echo: Echo? = null,
|
||||
val reprovision: Reprovision = false
|
||||
) {
|
||||
fun isDualStack(): Boolean {
|
||||
|
|
|
|||
|
|
@ -22,8 +22,8 @@ fun Prov.provisionK3s(configFileName: ConfigFileName?) = task {
|
|||
if (k3sConfig.certmanager != null) {
|
||||
provisionK3sCertManager(k3sConfig.certmanager)
|
||||
}
|
||||
if (k3sConfig.apple == true) {
|
||||
provisionK3sApple(k3sConfig.fqdn, k3sConfig.certmanager?.letsencryptEndpoint)
|
||||
if (k3sConfig.echo == true) {
|
||||
provisionK3sEcho(k3sConfig.fqdn, k3sConfig.certmanager?.letsencryptEndpoint)
|
||||
}
|
||||
ProvResult(true)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,4 +2,5 @@ package org.domaindrivenarchitecture.provs.server.domain.k3s
|
|||
|
||||
typealias Reprovision = Boolean
|
||||
typealias Apple = Boolean
|
||||
typealias Echo = Boolean
|
||||
typealias Email = String
|
||||
|
|
@ -28,8 +28,7 @@ fun Prov.testConfigExists(): Boolean {
|
|||
|
||||
fun Prov.provisionK3sInfra(k3sConfig: K3sConfig) = task {
|
||||
if (!testConfigExists()) {
|
||||
installK3s()
|
||||
configureK3s(k3sConfig)
|
||||
installK3s(k3sConfig)
|
||||
} else {
|
||||
ProvResult(true)
|
||||
}
|
||||
|
|
@ -44,18 +43,7 @@ fun Prov.deprovisionK3sInfra() = task {
|
|||
}
|
||||
|
||||
|
||||
fun Prov.installK3s() = task {
|
||||
createFileFromResource(
|
||||
k3sInstall,
|
||||
"k3s-install.sh",
|
||||
k3sResourcePath,
|
||||
"755",
|
||||
sudo = true
|
||||
)
|
||||
cmd("INSTALL_K3S_CHANNEL=latest k3s-install.sh")
|
||||
}
|
||||
|
||||
fun Prov.configureK3s(k3sConfig: K3sConfig) = task {
|
||||
fun Prov.installK3s(k3sConfig: K3sConfig) = task {
|
||||
createDirs(k8sCredentialsPath, sudo = true)
|
||||
createDirs(k3sAutomatedManifestsDir, sudo = true)
|
||||
createDirs(k3sManualManifestsDir, sudo = true)
|
||||
|
|
@ -79,6 +67,14 @@ fun Prov.configureK3s(k3sConfig: K3sConfig) = task {
|
|||
"644",
|
||||
sudo = true
|
||||
)
|
||||
createFileFromResource(
|
||||
k3sInstall,
|
||||
"k3s-install.sh",
|
||||
k3sResourcePath,
|
||||
"755",
|
||||
sudo = true
|
||||
)
|
||||
cmd("INSTALL_K3S_CHANNEL=latest k3s-install.sh")
|
||||
if (k3sConfig.isDualStack()) {
|
||||
// see https://github.com/k3s-io/k3s/discussions/5003
|
||||
createFileFromResource(
|
||||
|
|
@ -95,7 +91,6 @@ fun Prov.configureK3s(k3sConfig: K3sConfig) = task {
|
|||
cmd("ln -s /etc/rancher/k3s/k3s.yaml " + k8sCredentialsPath + "admin.conf", sudo = true)
|
||||
}
|
||||
|
||||
|
||||
fun Prov.provisionK3sCertManager(certmanager: Certmanager) = task {
|
||||
createFileFromResource(
|
||||
certManagerDeployment,
|
||||
|
|
@ -122,34 +117,6 @@ fun Prov.provisionK3sCertManager(certmanager: Certmanager) = task {
|
|||
}
|
||||
}
|
||||
|
||||
fun Prov.provisionK3sApple(fqdn: String, endpoint: CertmanagerEndpoint? = null) = task {
|
||||
val endpointName = endpoint?.name?.lowercase()
|
||||
|
||||
val issuer = if (endpointName != null)
|
||||
endpointName
|
||||
else {
|
||||
createFileFromResourceTemplate(
|
||||
selfsignedCertificate,
|
||||
"selfsigned-certificate.template.yaml",
|
||||
k3sResourcePath,
|
||||
mapOf("host" to fqdn),
|
||||
"644",
|
||||
sudo = true
|
||||
)
|
||||
"selfsigned-issuer"
|
||||
}
|
||||
|
||||
createFileFromResourceTemplate(
|
||||
k3sApple,
|
||||
"apple.template.yaml",
|
||||
k3sResourcePath,
|
||||
mapOf("fqdn" to fqdn, "issuer_name" to issuer),
|
||||
"644",
|
||||
sudo = true
|
||||
)
|
||||
cmd("kubectl apply -f $k3sApple", sudo = true)
|
||||
}
|
||||
|
||||
fun Prov.provisionK3sEcho(fqdn: String, endpoint: CertmanagerEndpoint? = null) = task {
|
||||
val endpointName = endpoint?.name?.lowercase()
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ fun getK3sConfig(fileName: ConfigFileName? = null): K3sConfig {
|
|||
val filename = fileName?.fileName ?: DEFAULT_CONFIG_FILE
|
||||
|
||||
if ((filename.substringAfterLast("/") == DEFAULT_CONFIG_FILE) && !File(filename).exists()) {
|
||||
writeK3sConfig(ConfigFileName(filename), K3sConfig("localhost", Node("127.0.0.1"), apple = true))
|
||||
writeK3sConfig(ConfigFileName(filename), K3sConfig("localhost", Node("127.0.0.1"), echo = true))
|
||||
}
|
||||
return readFromFile(filename).yamlToType()
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,48 +0,0 @@
|
|||
kind: Ingress
|
||||
apiVersion: networking.k8s.io/v1
|
||||
metadata:
|
||||
name: apple-ingress
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "traefik"
|
||||
cert-manager.io/cluster-issuer: ${issuer_name}
|
||||
spec:
|
||||
rules:
|
||||
- host: ${fqdn}
|
||||
http:
|
||||
paths:
|
||||
- pathType: Prefix
|
||||
path: /apple
|
||||
backend:
|
||||
service:
|
||||
name: apple-service
|
||||
port:
|
||||
number: 5678
|
||||
tls:
|
||||
- hosts:
|
||||
- ${fqdn}
|
||||
secretName: apple-cert
|
||||
---
|
||||
|
||||
kind: Pod
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: apple-app
|
||||
labels:
|
||||
app: apple
|
||||
spec:
|
||||
containers:
|
||||
- name: apple-app
|
||||
image: hashicorp/http-echo
|
||||
args:
|
||||
- "-text=apple"
|
||||
---
|
||||
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: apple-service
|
||||
spec:
|
||||
selector:
|
||||
app: apple
|
||||
ports:
|
||||
- port: 5678 # Default port for image
|
||||
|
|
@ -5,7 +5,7 @@ metadata:
|
|||
name: traefik-crd
|
||||
namespace: kube-system
|
||||
spec:
|
||||
chart: https://%{KUBERNETES_API}%/static/charts/traefik-crd-10.9.100.tgz
|
||||
chart: https://%{KUBERNETES_API}%/static/charts/traefik-crd-10.14.100.tgz
|
||||
---
|
||||
apiVersion: helm.cattle.io/v1
|
||||
kind: HelmChart
|
||||
|
|
@ -13,7 +13,7 @@ metadata:
|
|||
name: traefik
|
||||
namespace: kube-system
|
||||
spec:
|
||||
chart: https://%{KUBERNETES_API}%/static/charts/traefik-10.9.100.tgz
|
||||
chart: https://%{KUBERNETES_API}%/static/charts/traefik-10.14.100.tgz
|
||||
set:
|
||||
global.systemDefaultRegistry: ""
|
||||
valuesContent: |-
|
||||
|
|
@ -36,6 +36,7 @@ spec:
|
|||
priorityClassName: "system-cluster-critical"
|
||||
image:
|
||||
name: "rancher/mirrored-library-traefik"
|
||||
tag: "2.6.1"
|
||||
tolerations:
|
||||
- key: "CriticalAddonsOnly"
|
||||
operator: "Exists"
|
||||
|
|
|
|||
|
|
@ -42,6 +42,6 @@ internal class K3sConfigRepositoryKtTest {
|
|||
val exception = assertThrows<FileNotFoundException> {
|
||||
getK3sConfig(ConfigFileName("src/test/resources/Idonotexist.yaml"))
|
||||
}
|
||||
assertEquals("src/test/resources/Idonotexist.yaml (No such file or directory)", exception.message)
|
||||
assertEquals(FileNotFoundException::class.java, exception.javaClass)
|
||||
}
|
||||
}
|
||||
|
|
@ -30,7 +30,7 @@ internal class K3sConfigRepositoryTest {
|
|||
email = "admin@meissa-gmbh.de",
|
||||
letsencryptEndpoint = CertmanagerEndpoint.prod
|
||||
),
|
||||
apple = true,
|
||||
echo = true,
|
||||
reprovision = true
|
||||
), config
|
||||
)
|
||||
|
|
@ -49,6 +49,6 @@ internal class K3sConfigRepositoryTest {
|
|||
val exception = assertThrows<FileNotFoundException> {
|
||||
getK3sConfig(ConfigFileName("src/test/resources/Idonotexist.yaml"))
|
||||
}
|
||||
assertEquals("src/test/resources/Idonotexist.yaml (No such file or directory)", exception.message)
|
||||
assertEquals(FileNotFoundException::class.java, exception.javaClass)
|
||||
}
|
||||
}
|
||||
|
|
@ -37,7 +37,7 @@ internal class NetworkKtTest {
|
|||
email = "admin@meissa-gmbh.de",
|
||||
letsencryptEndpoint = CertmanagerEndpoint.prod
|
||||
),
|
||||
apple = true,
|
||||
echo = true,
|
||||
reprovision = true
|
||||
)
|
||||
)
|
||||
|
|
|
|||
|
|
@ -5,5 +5,5 @@ node:
|
|||
certmanager:
|
||||
email: admin@meissa-gmbh.de
|
||||
letsencryptEndpoint: prod
|
||||
apple: true
|
||||
echo: true
|
||||
reprovision: true
|
||||
Loading…
Reference in a new issue
