playgrounds/vagrant-lab-k8s
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

REAMDE + Makefile

Browse Source
This commit is contained in:
Aleksander Cynarski
2022-03-13 14:22:45 +01:00
parent 3c516a1d2e
commit c7bf7f7870
4 changed files with 112 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
Makefile Normal file
View File

@@ -0,0 +1,35 @@
.PHONY: help
.DEFAULT_GOAL := help
# Uppercase vars for internal use.
UC = $(shell echo '$1' | tr '[:lower:]' '[:upper:]')
LOG_ERROR = @printf "\n>> \e[0;31m$1\e[0;00m\n\n"
LOG_WARN = @printf "\n>> \e[0;33m$1\e[0;00m\n\n"
LOG_INFO = @printf "\n>> \e[0;34m$1\e[0;00m\n\n"
LOG_SUCCESS = @printf "\n>> \e[0;36m$1\e[0;00m\n\n"
LOG_SUBLINE = @printf " \e[0;34m$1\e[0;00m\n\n"
help:
@perl -nle'print $& if m{^[a-zA-Z_-]+:.*?## .*$$}' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-10s\033[0m %s\n", $$1, $$2}'
up: ## Vagrant: start stack
$(call LOG_INFO,Up vagrant stack)
vagrant up --no-destroy-on-error --no-tty --provider=libvirt
stop: ## Vagrant: stop stack
$(call LOG_INFO,Stop vagrant stack)
vagrant halt --force
destroy: ## Vagrant: destroy stack
$(call LOG_INFO,Destroy vagrant stack)
vagrant destroy --force
ps: ## Vagrant: list machines
$(call LOG_INFO,List vagrant stack)
vagrant status
server: ## Vagrant: connect to server1
$(call LOG_INFO,Connect to server1 via ssh)
vagrant ssh server1

64
README.md Normal file
View File

@@ -0,0 +1,64 @@
<img src="https://docs.rke2.io/assets/logo-horizontal-rke.svg" height="200">
# Projekt
To jest testowy klaster [rke2](https://github.com/rancher/rke2) kubernetes.
# Uruchomienie
Konfiguracja `/etc/hosts`:
```
10.11.0.101 server.rke2.test
10.11.0.201 example-app.rke2.test
```
Instalacja vagrant plugins:
```bash
vagrant plugin install vagrant-hosts
```
Uruchomienie środowiska:
```bash
make up
```
## Kubernetes API
Dostęp do API kubernetesa:
https://server.rke2.test:6443
Aby się podłączyć do api, porzebujemy certyfikatów, wszystkie są wygenerowane i dostępne w katalogu `./tmp`
Przykład zapytania dla [httpie](https://httpie.io):
```bash
http \
--verify tmp/default-ca-crt.pem \
--cert tmp/default-crt.pem \
--cert-key tmp/default-key.pem \
https://server.rke2.test:6443
```
Przykład zapytania dla `curl`:
```bash
curl \
--cacert tmp/default-ca-crt.pem \
--cert tmp/default-crt.pem \
--key tmp/default-key.pem \
https://server.rke2.test:6443
```
## K9s Dashboard
[K9s](https://github.com/derailed/k9s) to bardzo wygodny dashboard w CLI, aby go uruchomić:
```bash
make server
sudo su -
k9s
```

4
Vagrantfile vendored
View File

@@ -5,15 +5,15 @@ ENV['VAGRANT_NO_PARALLEL'] = 'yes'
require 'ipaddr' require 'ipaddr'
# see https://update.rke2.io/v1-release/channels # see https://update.rke2.io/v1-release/channels
# see https://github.com/rancher/rke2/releases
rke2_channel = 'latest' rke2_channel = 'latest'
# see https://github.com/rancher/rke2/releases
rke2_version = 'v1.23.4+rke2r1' rke2_version = 'v1.23.4+rke2r1'
# see https://github.com/etcd-io/etcd/releases # see https://github.com/etcd-io/etcd/releases
etcdctl_version = 'v3.5.2' etcdctl_version = 'v3.5.2'
# see https://github.com/derailed/k9s/releases # see https://github.com/derailed/k9s/releases
k9s_version = 'v0.25.18' k9s_version = 'v0.25.18'
# see https://github.com/kubernetes-sigs/krew/releases # see https://github.com/kubernetes-sigs/krew/releases
krew_version = 'v0.4.3' krew_version = 'v0.4.1'
number_of_server_nodes = 1 number_of_server_nodes = 1
number_of_agent_nodes = 2 number_of_agent_nodes = 2

22
provision/rke2-server.sh
View File

@@ -40,6 +40,7 @@ cat >/etc/motd <<'EOF'
EOF EOF
h1 "Configure rke2 server"
# configure the rke2 server. # configure the rke2 server.
# see https://docs.rke2.io/install/install_options/install_options/ # see https://docs.rke2.io/install/install_options/install_options/
# see https://docs.rke2.io/install/install_options/server_config/ # see https://docs.rke2.io/install/install_options/server_config/
@@ -64,6 +65,8 @@ cluster-dns: 10.13.0.10
cluster-domain: cluster.local cluster-domain: cluster.local
EOF EOF
h1 "Install rke2 server"
h2 "Version: ${rke2_version}"
# install rke2 server. # install rke2 server.
# see https://docs.rke2.io/install/install_options/install_options/ # see https://docs.rke2.io/install/install_options/install_options/
# see https://docs.rke2.io/install/install_options/server_config/ # see https://docs.rke2.io/install/install_options/server_config/
@@ -74,11 +77,13 @@ curl -sfL https://raw.githubusercontent.com/rancher/rke2/$rke2_version/install.s
INSTALL_RKE2_TYPE="server" \ INSTALL_RKE2_TYPE="server" \
sh - sh -
h2 "Start rke2 server"
# start the rke2-server service. # start the rke2-server service.
systemctl cat rke2-server systemctl cat rke2-server
systemctl enable rke2-server.service systemctl enable rke2-server.service
systemctl start rke2-server.service systemctl start rke2-server.service
h2 "Configure system path for rke2"
# symlink the utilities and setup the environment variables to use them. # symlink the utilities and setup the environment variables to use them.
ln -fs /var/lib/rancher/rke2/bin/{kubectl,crictl,ctr} /usr/local/bin/ ln -fs /var/lib/rancher/rke2/bin/{kubectl,crictl,ctr} /usr/local/bin/
cat >/etc/profile.d/01-rke2.sh <<'EOF' cat >/etc/profile.d/01-rke2.sh <<'EOF'
@@ -89,28 +94,23 @@ export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
EOF EOF
source /etc/profile.d/01-rke2.sh source /etc/profile.d/01-rke2.sh
# wait for this node to be Ready.
h1 "wait for this node to be Ready."
# e.g. server Ready control-plane,etcd,master 3m v1.21.5+rke2r1 # e.g. server Ready control-plane,etcd,master 3m v1.21.5+rke2r1
$SHELL -c 'node_name=$(hostname); echo "waiting for node $node_name to be ready..."; while [ -z "$(kubectl get nodes $node_name | grep -E "$node_name\s+Ready\s+")" ]; do sleep 3; done; echo "node ready!"' $SHELL -c 'node_name=$(hostname); echo "waiting for node $node_name to be ready..."; while [ -z "$(kubectl get nodes $node_name | grep -E "$node_name\s+Ready\s+")" ]; do sleep 3; done; echo "node ready!"'
# wait for the kube-dns pod to be Running. h1 "wait for the kube-dns pod to be Running."
# e.g. rke2-coredns-rke2-coredns-7bb4f446c-jksvq 1/1 Running 0 33m # e.g. rke2-coredns-rke2-coredns-7bb4f446c-jksvq 1/1 Running 0 33m
$SHELL -c 'while [ -z "$(kubectl get pods --selector k8s-app=kube-dns --namespace kube-system | grep -E "\s+Running\s+")" ]; do sleep 3; done' $SHELL -c 'while [ -z "$(kubectl get pods --selector k8s-app=kube-dns --namespace kube-system | grep -E "\s+Running\s+")" ]; do sleep 3; done'
# save the node-token in the host.
# NB do not create a token yourself as a simple hex random string, as that will
# not include the Cluster CA which means the joining nodes will not
# verify the server certificate. rke2 warns about this as:
# Cluster CA certificate is not trusted by the host CA bundle, but the
# token does not include a CA hash. Use the full token from the server's
# node-token file to enable Cluster CA validation
if [ "$rke2_command" == 'cluster-init' ]; then if [ "$rke2_command" == 'cluster-init' ]; then
h2 "Copy server token to shared directory"
install -d /vagrant/tmp install -d /vagrant/tmp
cp /var/lib/rancher/rke2/server/node-token /vagrant/tmp/node-token cp /var/lib/rancher/rke2/server/node-token /vagrant/tmp/node-token
fi fi
# install the krew kubectl package manager. h1 "Install krew package manager"
echo "installing the krew $krew_version kubectl package manager..." h2 "Version: ${krew_version}"
apt-get install -y --no-install-recommends git apt-get install -y --no-install-recommends git
wget -qO- "https://github.com/kubernetes-sigs/krew/releases/download/$krew_version/krew.tar.gz" | tar xzf - ./krew-linux_amd64 wget -qO- "https://github.com/kubernetes-sigs/krew/releases/download/$krew_version/krew.tar.gz" | tar xzf - ./krew-linux_amd64
wget -q "https://github.com/kubernetes-sigs/krew/releases/download/$krew_version/krew.yaml" wget -q "https://github.com/kubernetes-sigs/krew/releases/download/$krew_version/krew.yaml"