Skip to content
This repository has been archived by the owner on Jan 18, 2021. It is now read-only.

Commit

Permalink
Browse files Browse the repository at this point in the history
Update installer script
  • Loading branch information
tamalsaha committed Feb 14, 2018
1 parent 13ea274 commit 2180906
Show file tree
Hide file tree
Showing 8 changed files with 244 additions and 163 deletions.
1 change: 1 addition & 0 deletions chart/stable/swift/templates/deployment.yaml
Expand Up @@ -21,6 +21,7 @@ spec:
- run
- --v={{ .Values.logLevel }}
- --connector=incluster
- --tiller-insecure-skip-verify=true
image: {{ .Values.swift.image }}:{{ .Values.swift.tag }}
imagePullPolicy: {{ .Values.imagePullPolicy }}
{{- if .Values.imagePullSecrets }}
Expand Down
25 changes: 25 additions & 0 deletions hack/deploy/rbac-list.yaml
@@ -0,0 +1,25 @@
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: swift
labels:
app: swift
rules:
- apiGroups: [""]
resources: ["nodes", "services"]
verbs: ["list"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: swift
labels:
app: swift
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: swift
subjects:
- kind: ServiceAccount
name: ${SWIFT_SERVICE_ACCOUNT}
namespace: ${SWIFT_NAMESPACE}
12 changes: 12 additions & 0 deletions hack/deploy/run-on-master.yaml
@@ -0,0 +1,12 @@
# kubectl patch deploy swift -n kube-system --patch "$(cat run-on-master.yaml)"
spec:
template:
spec:
nodeSelector:
node-role.kubernetes.io/master: ""
tolerations:
- key: CriticalAddonsOnly
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
66 changes: 66 additions & 0 deletions hack/deploy/server.yaml
@@ -0,0 +1,66 @@
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: swift
namespace: ${SWIFT_NAMESPACE}
labels:
app: swift
initializers:
pending: []
spec:
replicas: 1
selector:
matchLabels:
app: swift
template:
metadata:
labels:
app: swift
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
serviceAccountName: ${SWIFT_SERVICE_ACCOUNT}
imagePullSecrets: [${SWIFT_IMAGE_PULL_SECRET}]
containers:
- name: swift
image: ${SWIFT_DOCKER_REGISTRY}/swift:0.6.0
imagePullPolicy: IfNotPresent
args:
- run
- --v=3
- --connector=incluster
- --tiller-insecure-skip-verify=true
ports:
- containerPort: 9855
- containerPort: 50055
- containerPort: 56790
volumeMounts:
- mountPath: /tmp
name: chart-volume
volumes:
- name: chart-volume
emptyDir: {}
tolerations:
- key: CriticalAddonsOnly
operator: Exists
---
apiVersion: v1
kind: Service
metadata:
name: swift
namespace: ${SWIFT_NAMESPACE}
labels:
app: swift
spec:
ports:
- name: http
port: 80
targetPort: 9855
- name: https
port: 443
targetPort: 50055
- name: ops
port: 56790
targetPort: 56790
selector:
app: swift
140 changes: 140 additions & 0 deletions hack/deploy/swift.sh
@@ -0,0 +1,140 @@
#!/bin/bash
set -eou pipefail

echo "checking kubeconfig context"
kubectl config current-context || { echo "Set a context (kubectl use-context <context>) out of the following:"; echo; kubectl config get-contexts; exit 1; }
echo ""

# ref: https://stackoverflow.com/a/27776822/244009
case "$(uname -s)" in
Darwin)
curl -fsSL -o onessl https://github.com/kubepack/onessl/releases/download/0.1.0/onessl-darwin-amd64
chmod +x onessl
export ONESSL=./onessl
;;

Linux)
curl -fsSL -o onessl https://github.com/kubepack/onessl/releases/download/0.1.0/onessl-linux-amd64
chmod +x onessl
export ONESSL=./onessl
;;

CYGWIN*|MINGW32*|MSYS*)
curl -fsSL -o onessl.exe https://github.com/kubepack/onessl/releases/download/0.1.0/onessl-windows-amd64.exe
chmod +x onessl.exe
export ONESSL=./onessl.exe
;;
*)
echo 'other OS'
;;
esac

# http://redsymbol.net/articles/bash-exit-traps/
function cleanup {
rm -rf $ONESSL ca.crt ca.key server.crt server.key
}
trap cleanup EXIT

# ref: https://stackoverflow.com/a/7069755/244009
# ref: https://jonalmeida.com/posts/2013/05/26/different-ways-to-implement-flags-in-bash/
# ref: http://tldp.org/LDP/abs/html/comparison-ops.html

export SWIFT_NAMESPACE=kube-system
export SWIFT_SERVICE_ACCOUNT=default
export SWIFT_ENABLE_RBAC=false
export SWIFT_RUN_ON_MASTER=0
export SWIFT_DOCKER_REGISTRY=appscode
export SWIFT_IMAGE_PULL_SECRET=
export SWIFT_UNINSTALL=0

show_help() {
echo "swift.sh - install Ajax friendly Helm Tiller Proxy"
echo " "
echo "swift.sh [options]"
echo " "
echo "options:"
echo "-h, --help show brief help"
echo "-n, --namespace=NAMESPACE specify namespace (default: kube-system)"
echo " --rbac create RBAC roles and bindings"
echo " --docker-registry docker registry used to pull swift images (default: appscode)"
echo " --image-pull-secret name of secret used to pull swift docker images"
echo " --run-on-master run swift operator on master"
echo " --uninstall uninstall swift"
}

while test $# -gt 0; do
case "$1" in
-h|--help)
show_help
exit 0
;;
-n)
shift
if test $# -gt 0; then
export SWIFT_NAMESPACE=$1
else
echo "no namespace specified"
exit 1
fi
shift
;;
--namespace*)
export SWIFT_NAMESPACE=`echo $1 | sed -e 's/^[^=]*=//g'`
shift
;;
--docker-registry*)
export SWIFT_DOCKER_REGISTRY=`echo $1 | sed -e 's/^[^=]*=//g'`
shift
;;
--image-pull-secret*)
secret=`echo $1 | sed -e 's/^[^=]*=//g'`
export SWIFT_IMAGE_PULL_SECRET="name: '$secret'"
shift
;;
--rbac)
export SWIFT_SERVICE_ACCOUNT=swift
export SWIFT_ENABLE_RBAC=true
shift
;;
--run-on-master)
export SWIFT_RUN_ON_MASTER=1
shift
;;
--uninstall)
export SWIFT_UNINSTALL=1
shift
;;
*)
show_help
exit 1
;;
esac
done

if [ "$SWIFT_UNINSTALL" -eq 1 ]; then
kubectl delete deployment -l app=swift --namespace $SWIFT_NAMESPACE
kubectl delete service -l app=swift --namespace $SWIFT_NAMESPACE
kubectl delete secret -l app=swift --namespace $SWIFT_NAMESPACE
# Delete RBAC objects, if --rbac flag was used.
kubectl delete serviceaccount -l app=swift --namespace $SWIFT_NAMESPACE
kubectl delete clusterrolebindings -l app=swift --namespace $SWIFT_NAMESPACE
kubectl delete clusterrole -l app=swift --namespace $SWIFT_NAMESPACE

exit 0
fi

env | sort | grep SWIFT*
echo ""

curl -fsSL https://raw.githubusercontent.com/appscode/swift/0.6.0/hack/deploy/server.yaml | $ONESSL envsubst | kubectl apply -f -

if [ "$SWIFT_ENABLE_RBAC" = true ]; then
kubectl create serviceaccount $SWIFT_SERVICE_ACCOUNT --namespace $SWIFT_NAMESPACE
kubectl label serviceaccount $SWIFT_SERVICE_ACCOUNT app=swift --namespace $SWIFT_NAMESPACE
curl -fsSL https://raw.githubusercontent.com/appscode/swift/0.6.0/hack/deploy/rbac-list.yaml | $ONESSL envsubst | kubectl auth reconcile -f -
fi

if [ "$SWIFT_RUN_ON_MASTER" -eq 1 ]; then
kubectl patch deploy swift -n $SWIFT_NAMESPACE \
--patch="$(curl -fsSL https://raw.githubusercontent.com/appscode/swift/0.6.0/hack/deploy/run-on-master.yaml)"
fi
10 changes: 0 additions & 10 deletions hack/deploy/uninstall.sh

This file was deleted.

94 changes: 0 additions & 94 deletions hack/deploy/with-rbac.yaml

This file was deleted.

0 comments on commit 2180906

Please sign in to comment.