diff --git a/k8s-tools/.gitignore b/k8s-tools/.gitignore index e48533e..a733e06 100644 --- a/k8s-tools/.gitignore +++ b/k8s-tools/.gitignore @@ -1,3 +1,4 @@ .env **.env tmp +**ci-keys.txt \ No newline at end of file diff --git a/k8s-tools/00-run.sh b/k8s-tools/00-run.sh new file mode 100644 index 0000000..0108fd6 --- /dev/null +++ b/k8s-tools/00-run.sh @@ -0,0 +1,29 @@ +# Crée le cluster et export les +# ce script a pour but d automatiser la configuration de l environnement pour +# la construction du cluster de management +## prerequis +## avoir le fichier age-secret stocké en local .config/age/secret-age.txt +## SOPS_AGE_RECIPIENTS dans les variables d'environnement + +# extract only the deploy directory uncomment the following line +#git clone --filter=blob:none --sparse git@github.com:cloud-gouv/k8s-cluster-api-infra.git +git clone git@github.com:cloud-gouv/k8s-cluster-api-infra.git +cd k8s-cluster-api-infra +# extract only the deploy directory uncomment the following lines +#git sparse-checkout init --cone +#git sparse-checkout set deploy +cp $HOME/.config/age/secret-age.txt deploy/ci-keys.txt +docker-compose build +kind create cluster --name mgmt +export KUBE_CTRLPLANE_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' mgmt-control-plane) +kubectl config set clusters.kind-mgmt.server "https://${KUBE_CTRLPLANE_IP}:6443" +export DOCKER_REGISTRY=ghcr.io/cloud-gouv/ +cd ../ +pwd +echo "kubectl config use-context kind-mgmt" > 01-inside_docker.sh +echo "kubectl get nodes" >> 01-inside_docker.sh +echo 'cp k8s-cluster-api-infra/deploy/ci-keys.txt $HOME/ci-key.txt'>>01-inside_docker.sh +echo 'export SOPS_AGE_KEY_FILE="$HOME/ci-keys.txt"'>>01-inside_docker.sh +echo "export SOPS_AGE_RECIPIENTS=$PUBLIC_SOPS_AGE" >> 01-inside_docker.sh +echo "cd k8s-cluster-api-infra/deploy">> 01-inside_docker.sh +docker-compose run -i --rm k8s_tools /bin/bash \ No newline at end of file diff --git a/k8s-tools/10-destroy.sh b/k8s-tools/10-destroy.sh new file mode 100644 index 0000000..09223a6 --- /dev/null +++ b/k8s-tools/10-destroy.sh @@ -0,0 +1,6 @@ +DOCKER_MGMT=$(docker ps --format "{{.Names}}") +docker stop $DOCKER_MGMT +docker rm $DOCKER_MGMT +kind delete cluster --name=mgmt +rm -rf k8s-cluster-api-infra +rm -f 01-inside_docker.sh \ No newline at end of file diff --git a/k8s-tools/README.md b/k8s-tools/README.md index d2d48b0..1b213a0 100644 --- a/k8s-tools/README.md +++ b/k8s-tools/README.md @@ -26,22 +26,35 @@ Prereq: - create a kind cluster (ensure is running) - $HOME/.kube/config is present - the container k8s_tools will be connected to the `kind` network to access kube api control plane on private url (`https://IP:6443`) - +- store secret age file in .config/age/secret-age.txt +- set public age key in PUBLIC_SOPS_AGE environment variable + +### Start the environment +00-run.sh: + - clone the K8s-tools directory in the dockerfiles repository + - create the kind cluster + - start the docker with all prerequisite checked ``` -# -# create a kind cluster named "mgmt" -kind create cluster --name mgmt -# get kind-mgmt ctrl plane private ip -export KUBE_CTRLPLANE_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' mgmt-control-plane) - -# replace it in KUBECONFIG -kubectl config set clusters.kind-mgmt.server "https://${KUBE_CTRLPLANE_IP}:6443" - -# start k8s_tools container in shell mode -docker-compose run -i --rm k8s_tools - -# Inside container, verify kube api access -kubectl config use-context kind-mgmt -kubectl get pod -A +sh 00-run.sh +``` +In the docker execute the script 01-inside-run.sh +### Start the environment +00-run.sh: + - clone the K8s-tools directory in the dockerfiles repository + - create the kind cluster + - start the docker with all prerequisite checked ``` + sh 00-run.sh +``` +### configure the kubectl config +in the docker execute the following commande +``` +source 01-inside_docker.sh +``` + +### Clean all + exit from the docker and exec : + ``` + sh 10-destroy.sh + ``` \ No newline at end of file