151 lines
3.8 KiB
Bash
Executable File
151 lines
3.8 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
source .utils
|
|
|
|
# Force using the `go install` version as we need to pin to 0.19 for now
|
|
alias kind=$GOPATH/bin/kind
|
|
|
|
kind --version | grep "0.19." > /dev/null
|
|
if [[ "$?" != "0" ]]; then
|
|
echo "Kind v0.19.0 is required"
|
|
exit 1
|
|
fi
|
|
|
|
NAME=""
|
|
VERSION="1.31.1@sha256:cd224d8da58d50907d1dd41d476587643dad2ffd9f6a4d96caf530fb3b9a5956"
|
|
NODES="2"
|
|
FEATURE_GATES=""
|
|
RUNTIME_CONFIG=""
|
|
AUDIT_POLICY=""
|
|
|
|
print_usage() {
|
|
orange "kind-create-cluster - create a Kind cluster"
|
|
echo " "
|
|
underline "Usage:"
|
|
echo "kind-create-cluster [cluster-name]"
|
|
echo " "
|
|
echo " "
|
|
underline "Options:"
|
|
echo "-h, --help show this help text"
|
|
echo "-v, --version the version of kubernetes to use (default: ${VERSION})"
|
|
echo "-n, --nodes the number of worker nodes (default: ${NODES})"
|
|
echo "-f, --feature-gates a comma seperated list of feature-gates to enable (default: ${FEATURE_GATES})"
|
|
echo "-r, --runtime-config a comma seperated list of API versions to enable (default: ${RUNTIME_CONFIG})"
|
|
echo " --audit-policy a file containing the audit policy config"
|
|
}
|
|
|
|
while test $# -gt 0; do
|
|
case "$1" in
|
|
-n|--nodes)
|
|
shift
|
|
NODES=$1
|
|
shift
|
|
;;
|
|
-v|--version)
|
|
shift
|
|
VERSION=$1
|
|
shift
|
|
;;
|
|
-f|--feature-gates)
|
|
shift
|
|
FEATURE_GATES=$1
|
|
shift
|
|
;;
|
|
-r|--runtime-config)
|
|
shift
|
|
RUNTIME_CONFIG=$1
|
|
shift
|
|
;;
|
|
--audit-policy)
|
|
shift
|
|
AUDIT_POLICY=$1
|
|
shift
|
|
;;
|
|
-h|--help)
|
|
print_usage
|
|
exit 0
|
|
;;
|
|
*)
|
|
break
|
|
;;
|
|
esac
|
|
done
|
|
|
|
# Positional args
|
|
NAME=${1:-$(LC_ALL=C tr -dc a-z </dev/urandom | head -c 10)}
|
|
|
|
function node() {
|
|
TYPE=$1
|
|
COUNT=$2
|
|
for ((i = 1 ; i <= $COUNT ; i++)); do
|
|
echo "- role: ${TYPE}"
|
|
echo " image: kindest/node:${VERSION}"
|
|
if [[ "${AUDIT_POLICY}" != "" ]]; then
|
|
if [[ "${TYPE}" == "control-plane" ]]; then
|
|
echo " kubeadmConfigPatches:"
|
|
echo " - |"
|
|
echo " kind: ClusterConfiguration"
|
|
echo " apiServer:"
|
|
echo " extraArgs:"
|
|
echo " audit-log-path: /var/log/kubernetes/kube-apiserver-audit.log"
|
|
echo " audit-policy-file: /etc/kubernetes/policies/audit-policy.yaml"
|
|
echo " extraVolumes:"
|
|
echo " - name: audit-policies"
|
|
echo " hostPath: /etc/kubernetes/policies"
|
|
echo " mountPath: /etc/kubernetes/policies"
|
|
echo " readOnly: true"
|
|
echo " pathType: "DirectoryOrCreate""
|
|
echo " - name: "audit-logs""
|
|
echo " hostPath: "/var/log/kubernetes""
|
|
echo " mountPath: "/var/log/kubernetes""
|
|
echo " readOnly: false"
|
|
echo " pathType: DirectoryOrCreate"
|
|
echo " extraMounts:"
|
|
echo " - hostPath: ${AUDIT_POLICY}"
|
|
echo " containerPath: /etc/kubernetes/policies/audit-policy.yaml"
|
|
echo " readOnly: true"
|
|
fi
|
|
fi
|
|
done
|
|
}
|
|
|
|
function feature-gates() {
|
|
if [[ "${FEATURE_GATES}" != "" ]]; then
|
|
echo "featureGates:"
|
|
FEATURES=(${FEATURE_GATES//,/ })
|
|
for f in "${FEATURES[@]}"; do
|
|
echo " \"${f}\": true"
|
|
done
|
|
fi
|
|
}
|
|
|
|
function runtime-config() {
|
|
if [[ "${RUNTIME_CONFIG}" != "" ]]; then
|
|
echo "runtimeConfig:"
|
|
RUNTIME=(${RUNTIME_CONFIG//,/ })
|
|
for f in "${RUNTIME[@]}"; do
|
|
echo " \"${f}\": true"
|
|
done
|
|
fi
|
|
}
|
|
|
|
CONFIG="kind: Cluster
|
|
apiVersion: kind.x-k8s.io/v1alpha4
|
|
name: ${NAME}
|
|
nodes:
|
|
$(node "control-plane" 1)
|
|
$(node "worker" $NODES)
|
|
$(feature-gates)
|
|
$(runtime-config)
|
|
"
|
|
|
|
CONFIG_FILE=`mktemp`
|
|
|
|
echo "${CONFIG}" > ${CONFIG_FILE}
|
|
|
|
cat ${CONFIG_FILE}
|
|
|
|
kind create cluster --config ${CONFIG_FILE}
|
|
|
|
kind get kubeconfig --name ${NAME} > ~/.kube/clusters/kind.yaml
|