-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathktoolsinstall
More file actions
executable file
·62 lines (48 loc) · 2.2 KB
/
ktoolsinstall
File metadata and controls
executable file
·62 lines (48 loc) · 2.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#!/bin/bash
. ~/.rpicrc
#install kubectl
# metrics-server (slightly tuned config for arm64)
echo "deploying metrics-server..."
kubectl apply -k conf/metrics-server/
# standard k8s dashboard
echo -e "\n\ndeploying kubernetes dashboard..."
kubectl apply -k conf/dashboard/
# TODO: need to create a user and bearer token
# we're going to use metallb as a load-balancer with a simple layer-2 config
echo -e "\n\ndeploying metallb load-balancer in layer 2 mode"
kubectl apply -f conf/metallb/metallb.yaml
kubectl apply -f conf/metallb/config.yaml
# ingress-nginx
# we'll use this rather than Traefik as it's mainstream and easier to config
echo -e "\n\ndeploying nginx-ingress-controller..."
kubectl apply -k conf/ingress-nginx/
#cert-manager
echo -e "\n\ndeploying cert-manager..."
kubectl create namespace cert-manager
kubectl apply -k conf/cert-manager/
kubectl label namespace cert-manager certmanager.k8s.io/disable-validation=true
# generate key-signing pair for issuer (one-time only)
if [ ! -f "conf/ca.key" ]; then
echo -e "\n\ngenerating a signing key pair in conf/..."
openssl genrsa -out conf/ca.key 2048
openssl req -x509 -new -nodes -key conf/ca.key -subj "/CN=${RPDOMAIN}" -days 3650 -reqexts v3_req -extensions v3_ca -out conf/ca.crt
fi
# linkerd2
echo -e "\n\ndeploying linkerd2 service mesh..."
kubectl apply -f conf/linkerd/
# we're going to do a helm chart install. Check if helm is here, if not, install
which helm > /dev/null
OUT=$?
if [ $OUT -eq 1 ];then
curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash
fi
# arm64/aarch64 is not supported on official builds, we'll use a multi-arch rebuild
echo -e "\n\ndeploying tiller..."
kubectl -n kube-system create sa tiller
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
helm init --tiller-image=jessestuart/tiller --skip-refresh --upgrade --service-account tiller
echo -e "\nuse 'kubectl get pod -n kube-system' to check tiller readiness"
kubectl get pod -n kube-system -o wide
echo -e "\nand use 'kubectl get pod -n linkerd' to check linkerd readiness"
kubectl get pod -n linkerd -o wide
echo -e "\nEnsure both tiller and linkerd are deployed and ready, then try './ofinstall' next"