Permalink
Fetching contributors…
Cannot retrieve contributors at this time
154 lines (118 sloc) 4.33 KB
SHELL += -eu
BLUE := \033[0;34m
GREEN := \033[0;32m
RED := \033[0;31m
NC := \033[0m
export DIR_KEY_PAIR := .keypair
export DIR_SSL := .cfssl
export DIR_KUBECONFIG := .kube
# CIDR_PODS: flannel overlay range
# - https://coreos.com/flannel/docs/latest/flannel-config.html
#
# CIDR_SERVICE_CLUSTER: apiserver parameter --service-cluster-ip-range
# - http://kubernetes.io/docs/admin/kube-apiserver/
#
# CIDR_VPC: vpc subnet
# - http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html#VPC_Sizing
# - https://www.terraform.io/docs/providers/aws/r/vpc.html#cidr_block
#
# ∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨∨
export AWS_REGION ?= us-west-2
export COREOS_CHANNEL ?= stable
export COREOS_VM_TYPE ?= hvm
export CLUSTER_NAME ?= test
export AWS_EC2_KEY_NAME ?= kz8s-$(CLUSTER_NAME)
export AWS_EC2_KEY_PATH := ${DIR_KEY_PAIR}/${AWS_EC2_KEY_NAME}.pem
export INTERNAL_TLD := ${CLUSTER_NAME}.kz8s
export HYPERKUBE_IMAGE ?= quay.io/coreos/hyperkube
export HYPERKUBE_TAG ?= v1.7.4_coreos.0
export CIDR_VPC ?= 10.0.0.0/16
export CIDR_PODS ?= 10.2.0.0/16
export CIDR_SERVICE_CLUSTER ?= 10.3.0.0/24
export K8S_SERVICE_IP ?= 10.3.0.1
export K8S_DNS_IP ?= 10.3.0.10
export ETCD_IPS ?= 10.0.10.10,10.0.10.11,10.0.10.12
export PKI_IP ?= 10.0.10.9
# Alternative:
# CIDR_PODS ?= "172.15.0.0/16"
# CIDR_SERVICE_CLUSTER ?= "172.16.0.0/24"
# K8S_SERVICE_IP ?= 172.16.0.1
# K8S_DNS_IP ?= 172.16.0.10
# ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
.addons: ; @scripts/do-task "initialize add-ons" ./scripts/init-addons
## generate key-pair, variables and then `terraform apply`
all: prereqs create-keypair init apply
@echo "${GREEN}✓ terraform portion of 'make all' has completed ${NC}\n"
@$(MAKE) post-terraform
.PHONY: post-terraform
post-terraform:
@$(MAKE) instances
@$(MAKE) get-ca
@$(MAKE) create-admin-certificate
@$(MAKE) create-kubeconfig
@$(MAKE) wait-for-cluster
@$(MAKE) create-addons
@$(MAKE) create-busybox
kubectl get nodes -o wide
kubectl --namespace=kube-system get cs
@echo "etcd-0 incorrectly reporting as unhelathy"
@echo "https://github.com/kubernetes/kubernetes/issues/27343"
@echo "https://github.com/kubernetes/kubernetes/pull/39716"
@echo "View nodes:"
@echo "% make nodes"
@echo "---"
@echo "View uninitialized kube-system pods:"
@echo "% make pods"
@echo "---"
@echo "View ec2 instance info:"
@echo "% make instances"
@echo "---"
@echo "Status summaries:"
@echo "% make status"
@echo "---"
@scripts/watch-pods-until
## destroy and remove everything
clean: delete-addons destroy delete-keypair
@-pkill -f "kubectl proxy" ||:
@-rm terraform.tfvars ||:
@-rm terraform.tfplan ||:
@-rm -rf .terraform ||:
@-rm -rf tmp ||:
@-rm -rf ${DIR_SSL} ||:
## create kube-system addons
create-addons:
scripts/create-default-storage-class
scripts/create-kube-dns-service
scripts/create-kube-system-configmap
kubectl apply --recursive -f addons
create-admin-certificate: ; @scripts/do-task "create admin certificate" \
scripts/create-admin-certificate
create-busybox: ; @scripts/do-task "create busybox test pod" \
kubectl create -f test/pods/busybox.yml
create-kubeconfig: ; @scripts/do-task "create kubeconfig" \
scripts/create-kubeconfig
## start proxy and open kubernetes dashboard
dashboard: ; @./scripts/dashboard
## delete addons
delete-addons: ; @-scripts/delete-addons
## get ca certificate
get-ca: ; scripts/do-task "get root ca certificate" scripts/get-ca
## show instance information
instances: ; @scripts/instances
## journalctl on etcd1
journal: ; @scripts/ssh "ssh `terraform output etcd1-ip` journalctl -fl"
prereqs: ; @scripts/do-task "checking prerequisities" scripts/prereqs
## ssh into etcd1
ssh: ; @scripts/ssh "ssh `terraform output etcd1-ip`"
## ssh into bastion host
ssh-bastion: ; @scripts/ssh
## status
status: instances ; scripts/status
## smoke it
test: test-ssl test-route53 test-etcd pods dns
wait-for-cluster: ; @scripts/do-task "wait-for-cluster" scripts/wait-for-cluster
include makefiles/*.mk
.DEFAULT_GOAL := help
.PHONY: all clean create-addons create-admin-certificate create-busybox
.PHONY: delete-addons get-ca instances journal prereqs ssh ssh-bastion ssl
.PHONY: status test wait-for-cluster