117 lines
3.0 KiB
Bash
Executable File
117 lines
3.0 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
source .env
|
|
|
|
ALL_NODES=("$KUBE_CP" "${KUBE_WORKERS[@]}")
|
|
|
|
## Prepare all of the nodes with k8s using the ansible playbooks I prepared
|
|
|
|
ansible-playbook ./"$ANSIBLE_DIR"/k8s-install-deps.yaml \
|
|
-i "$(IFS=, ; echo "${ALL_NODES[*]}",)" \
|
|
-u "$KUBE_USER" \
|
|
--private-key "$PRIVATE_KEY_PATH"
|
|
|
|
ansible-playbook ./"$ANSIBLE_DIR"/longhorn-deps.yaml \
|
|
-i "$(IFS=, ; echo "${KUBE_WORKERS[*]}",)" \
|
|
-u "$KUBE_USER" \
|
|
--private-key "$PRIVATE_KEY_PATH"
|
|
|
|
## Bootstrap the cluster
|
|
|
|
ssh "$KUBE_USER@$KUBE_CP" \
|
|
"sudo kubeadm init \
|
|
--pod-network-cidr=$POD_NET_CIDR \
|
|
--apiserver-advertise-address=$API_ADDR \
|
|
--cri-socket unix:///run/containerd/containerd.sock"
|
|
|
|
ssh "$KUBE_USER@$KUBE_CP" \
|
|
"sudo cp /etc/kubernetes/admin.conf /tmp/config && sudo chown $KUBE_USER:$KUBE_USER /tmp/config"
|
|
|
|
## Fetch the configuration from the freshly installed cluster. BEWARE THAT ANY EXISTING CONFIG WILL BE OVERWRITTEN
|
|
|
|
scp "$KUBE_USER@$KUBE_CP":/tmp/config "$HOME"/.kube/config
|
|
|
|
## Install the CNI
|
|
|
|
kubectl apply -f \
|
|
"https://raw.githubusercontent.com/projectcalico/calico/$CNI_VER/manifests/calico.yaml"
|
|
|
|
## Now join the workers to the cluster
|
|
|
|
JOIN_TOKEN=$(ssh "$KUBE_USER@$KUBE_CP" \
|
|
"sudo kubeadm token create --print-join-command")
|
|
|
|
for NODE in "${KUBE_WORKERS[@]}"; do
|
|
echo "Joining $NODE"
|
|
ssh "$KUBE_USER@$NODE" "sudo $JOIN_TOKEN"
|
|
done
|
|
|
|
### NOW APPLYING HELMS ###
|
|
|
|
## Setup all the needed repos
|
|
helm repo add metallb https://metallb.github.io/metallb
|
|
helm repo add traefik https://traefik.github.io/charts
|
|
helm repo add jetstack https://charts.jetstack.io
|
|
helm repo add longhorn https://charts.longhorn.io
|
|
helm repo update
|
|
|
|
## Let's install metallb!
|
|
|
|
helm install \
|
|
metallb metallb/metallb \
|
|
-n metallb-system \
|
|
--create-namespace
|
|
|
|
echo "Waiting for all the pods to start..."
|
|
|
|
kubectl wait --namespace metallb-system \
|
|
--for=condition=Ready pod \
|
|
--all \
|
|
--timeout=200s
|
|
|
|
## Apply the load-balancer IPs range
|
|
|
|
envsubst < ./manifests/metallb/metallb-config.yaml | kubectl apply -f -
|
|
|
|
## Let's install traefik!
|
|
|
|
helm install \
|
|
traefik traefik/traefik \
|
|
-n traefik \
|
|
-f ./manifests/traefik/values.yaml \
|
|
--set service.spec.loadBalancerIP="$LOAD_BALANCER_IP" \
|
|
--create-namespace
|
|
|
|
## Let's install Cert-Manager!
|
|
|
|
helm install \
|
|
cert-manager jetstack/cert-manager \
|
|
-n cert-manager \
|
|
-f ./manifests/certmanager/values.yaml \
|
|
--create-namespace
|
|
|
|
## Set up the cloudflare API token secret
|
|
|
|
kubectl create secret generic cloudflare-api-token-secret \
|
|
--from-literal=api-token="$CF_API" \
|
|
-n=cert-manager
|
|
|
|
## Apply the cloudflare Issuer
|
|
|
|
envsubst < ./manifests/certmanager/issuer.yaml | kubectl apply -f -
|
|
|
|
## Let's install longhorn!
|
|
|
|
helm install longhorn longhorn/longhorn -n longhorn-system --create-namespace
|
|
|
|
echo "Waiting for all the pods to start..."
|
|
|
|
kubectl wait --namespace longhorn-system \
|
|
--for=condition=Ready pod \
|
|
--all \
|
|
--timeout=120s
|
|
|
|
## Apply ingress rule and certificate
|
|
|
|
envsubst < ./manifests/longhorn/certificate.yaml | kubectl apply -f -
|
|
envsubst < ./manifests/longhorn/ingress.yaml | kubectl apply -f - |