porkadot 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/porkadot/assets/bootstrap.rb +2 -2
- data/lib/porkadot/assets/etcd.rb +3 -0
- data/lib/porkadot/assets/kubelet/install-deps.sh.erb +10 -3
- data/lib/porkadot/assets/kubelet.rb +3 -0
- data/lib/porkadot/assets/kubernetes/manifests/kube-apiserver.secrets.yaml.erb +37 -0
- data/lib/porkadot/assets/kubernetes/manifests/kube-apiserver.yaml.erb +0 -36
- data/lib/porkadot/assets/kubernetes/manifests/kube-controller-manager.secrets.yaml.erb +16 -0
- data/lib/porkadot/assets/kubernetes/manifests/kube-controller-manager.yaml.erb +0 -15
- data/lib/porkadot/assets/kubernetes.rb +5 -0
- data/lib/porkadot/assets.rb +15 -0
- data/lib/porkadot/config.rb +8 -0
- data/lib/porkadot/configs/bootstrap.rb +13 -1
- data/lib/porkadot/configs/etcd.rb +7 -3
- data/lib/porkadot/configs/kubelet.rb +9 -1
- data/lib/porkadot/configs/kubernetes.rb +8 -0
- data/lib/porkadot/install/bootstrap.rb +7 -0
- data/lib/porkadot/install/kubelet.rb +4 -0
- data/lib/porkadot/install/kubernetes.rb +4 -0
- data/lib/porkadot/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c4a540c5dd8b6b61feeb82c0237ec62c70740de25656cfa0b95ae0ef22bfffe5
|
|
4
|
+
data.tar.gz: aeddd88d774b653d1e5dc40cc28996090baa90ada864ccb1457340d2a4791582
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 711a19855866bb0d22ffcb47558a56b20c9b000d2b5c38a9f88b9553bde85d918b069cd0520e46817e62de57fb7f29ce16e98c48688fb1a3d744f29f3c9fb6cf
|
|
7
|
+
data.tar.gz: ffd3ff0472e4df3374086857fac3e239d638b59e97449e4e1e480673f2af64129fbe92b22979d364cf850dcb3fad6258d241e37a6557ac370a1fdbe2b72064f2
|
|
@@ -18,8 +18,8 @@ module Porkadot; module Assets
|
|
|
18
18
|
|
|
19
19
|
def render
|
|
20
20
|
logger.info "--> Rendering bootstrap manifests"
|
|
21
|
-
unless File.directory?(config.
|
|
22
|
-
FileUtils.mkdir_p(config.
|
|
21
|
+
unless File.directory?(config.bootstrap_path)
|
|
22
|
+
FileUtils.mkdir_p(config.bootstrap_path)
|
|
23
23
|
end
|
|
24
24
|
render_secrets
|
|
25
25
|
render_erb 'bootstrap/kubeconfig-bootstrap.yaml'
|
data/lib/porkadot/assets/etcd.rb
CHANGED
|
@@ -50,6 +50,9 @@ module Porkadot; module Assets
|
|
|
50
50
|
unless File.directory?(config.target_path)
|
|
51
51
|
FileUtils.mkdir_p(config.target_path)
|
|
52
52
|
end
|
|
53
|
+
unless File.directory?(config.target_secrets_path)
|
|
54
|
+
FileUtils.mkdir_p(config.target_secrets_path)
|
|
55
|
+
end
|
|
53
56
|
render_ca_crt
|
|
54
57
|
render_etcd_crt
|
|
55
58
|
render_erb 'etcd-server.yaml', etcd: global_config.etcd
|
|
@@ -1,20 +1,27 @@
|
|
|
1
1
|
#!/bin/bash
|
|
2
2
|
|
|
3
|
+
architecture="arm64"
|
|
4
|
+
case $(uname -m) in
|
|
5
|
+
x86_64) architecture="amd64" ;;
|
|
6
|
+
arm) dpkg --print-architecture | grep -q "arm64" && architecture="arm64" || architecture="arm" ;;
|
|
7
|
+
esac
|
|
8
|
+
echo $architecture
|
|
9
|
+
|
|
3
10
|
CNI_VERSION="<%= global_config.k8s.networking.cni_version %>"
|
|
4
11
|
mkdir -p /opt/cni/bin
|
|
5
|
-
curl -L "https://github.com/containernetworking/plugins/releases/download/${CNI_VERSION}/cni-plugins-linux
|
|
12
|
+
curl -L "https://github.com/containernetworking/plugins/releases/download/${CNI_VERSION}/cni-plugins-linux-${architecture}-${CNI_VERSION}.tgz" | tar -C /opt/cni/bin -xz
|
|
6
13
|
|
|
7
14
|
RELEASE="<%= global_config.k8s.kubernetes_version %>"
|
|
8
15
|
|
|
9
16
|
mkdir -p /opt/bin
|
|
10
17
|
|
|
11
|
-
curl -L https://storage.googleapis.com/kubernetes-release/release/${RELEASE}/bin/linux/
|
|
18
|
+
curl -L https://storage.googleapis.com/kubernetes-release/release/${RELEASE}/bin/linux/${architecture}/kubectl \
|
|
12
19
|
-o /opt/bin/kubectl-${RELEASE}
|
|
13
20
|
chmod +x /opt/bin/kubectl-${RELEASE}
|
|
14
21
|
rm -f /opt/bin/kubectl
|
|
15
22
|
ln -s /opt/bin/kubectl-${RELEASE} /opt/bin/kubectl
|
|
16
23
|
|
|
17
|
-
curl -L https://storage.googleapis.com/kubernetes-release/release/${RELEASE}/bin/linux/
|
|
24
|
+
curl -L https://storage.googleapis.com/kubernetes-release/release/${RELEASE}/bin/linux/${architecture}/kubelet \
|
|
18
25
|
-o /opt/bin/kubelet-${RELEASE}
|
|
19
26
|
chmod +x /opt/bin/kubelet-${RELEASE}
|
|
20
27
|
rm -f /opt/bin/kubelet
|
|
@@ -50,6 +50,9 @@ module Porkadot; module Assets
|
|
|
50
50
|
unless File.directory?(config.target_path)
|
|
51
51
|
FileUtils.mkdir_p(config.target_path)
|
|
52
52
|
end
|
|
53
|
+
unless File.directory?(config.target_secrets_path)
|
|
54
|
+
FileUtils.mkdir_p(config.target_secrets_path)
|
|
55
|
+
end
|
|
53
56
|
ca_data = certs.ca_cert.to_pem
|
|
54
57
|
ca_data = Base64.strict_encode64(ca_data)
|
|
55
58
|
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
<% k8s = global_config.k8s -%>
|
|
2
|
+
---
|
|
3
|
+
apiVersion: v1
|
|
4
|
+
data:
|
|
5
|
+
apiserver.crt: <%= certs.kubernetes.to_base64(:apiserver_cert) %>
|
|
6
|
+
apiserver.key: <%= certs.kubernetes.to_base64(:apiserver_key) %>
|
|
7
|
+
ca.crt: <%= certs.kubernetes.to_base64(:ca_cert) %>
|
|
8
|
+
front-proxy-ca.crt: <%= certs.front_proxy.to_base64(:ca_cert) %>
|
|
9
|
+
front-proxy-client.crt: <%= certs.front_proxy.to_base64(:client_cert) %>
|
|
10
|
+
front-proxy-client.key: <%= certs.front_proxy.to_base64(:client_key) %>
|
|
11
|
+
kubelet-client.crt: <%= certs.kubernetes.to_base64(:kubelet_client_cert) %>
|
|
12
|
+
kubelet-client.key: <%= certs.kubernetes.to_base64(:kubelet_client_key) %>
|
|
13
|
+
sa.pub: <%= certs.kubernetes.to_base64(:sa_public_key) %>
|
|
14
|
+
kind: Secret
|
|
15
|
+
metadata:
|
|
16
|
+
name: kube-apiserver
|
|
17
|
+
namespace: kube-system
|
|
18
|
+
labels:
|
|
19
|
+
<%- k8s.apiserver.labels.each do |k, v| -%>
|
|
20
|
+
<%= k.to_s %>: <%= v %>
|
|
21
|
+
<%- end -%>
|
|
22
|
+
type: Opaque
|
|
23
|
+
---
|
|
24
|
+
apiVersion: v1
|
|
25
|
+
data:
|
|
26
|
+
ca.crt: <%= certs.etcd.to_base64(:ca_cert) %>
|
|
27
|
+
etcd-client.crt: <%= certs.etcd.to_base64(:client_cert) %>
|
|
28
|
+
etcd-client.key: <%= certs.etcd.to_base64(:client_key) %>
|
|
29
|
+
kind: Secret
|
|
30
|
+
metadata:
|
|
31
|
+
name: etcd-tls
|
|
32
|
+
namespace: kube-system
|
|
33
|
+
labels:
|
|
34
|
+
<%- k8s.apiserver.labels.each do |k, v| -%>
|
|
35
|
+
<%= k.to_s %>: <%= v %>
|
|
36
|
+
<%- end -%>
|
|
37
|
+
type: Opaque
|
|
@@ -1,41 +1,5 @@
|
|
|
1
1
|
<% k8s = global_config.k8s -%>
|
|
2
2
|
---
|
|
3
|
-
apiVersion: v1
|
|
4
|
-
data:
|
|
5
|
-
apiserver.crt: <%= certs.kubernetes.to_base64(:apiserver_cert) %>
|
|
6
|
-
apiserver.key: <%= certs.kubernetes.to_base64(:apiserver_key) %>
|
|
7
|
-
ca.crt: <%= certs.kubernetes.to_base64(:ca_cert) %>
|
|
8
|
-
front-proxy-ca.crt: <%= certs.front_proxy.to_base64(:ca_cert) %>
|
|
9
|
-
front-proxy-client.crt: <%= certs.front_proxy.to_base64(:client_cert) %>
|
|
10
|
-
front-proxy-client.key: <%= certs.front_proxy.to_base64(:client_key) %>
|
|
11
|
-
kubelet-client.crt: <%= certs.kubernetes.to_base64(:kubelet_client_cert) %>
|
|
12
|
-
kubelet-client.key: <%= certs.kubernetes.to_base64(:kubelet_client_key) %>
|
|
13
|
-
sa.pub: <%= certs.kubernetes.to_base64(:sa_public_key) %>
|
|
14
|
-
kind: Secret
|
|
15
|
-
metadata:
|
|
16
|
-
name: kube-apiserver
|
|
17
|
-
namespace: kube-system
|
|
18
|
-
labels:
|
|
19
|
-
<%- k8s.apiserver.labels.each do |k, v| -%>
|
|
20
|
-
<%= k.to_s %>: <%= v %>
|
|
21
|
-
<%- end -%>
|
|
22
|
-
type: Opaque
|
|
23
|
-
---
|
|
24
|
-
apiVersion: v1
|
|
25
|
-
data:
|
|
26
|
-
ca.crt: <%= certs.etcd.to_base64(:ca_cert) %>
|
|
27
|
-
etcd-client.crt: <%= certs.etcd.to_base64(:client_cert) %>
|
|
28
|
-
etcd-client.key: <%= certs.etcd.to_base64(:client_key) %>
|
|
29
|
-
kind: Secret
|
|
30
|
-
metadata:
|
|
31
|
-
name: etcd-tls
|
|
32
|
-
namespace: kube-system
|
|
33
|
-
labels:
|
|
34
|
-
<%- k8s.apiserver.labels.each do |k, v| -%>
|
|
35
|
-
<%= k.to_s %>: <%= v %>
|
|
36
|
-
<%- end -%>
|
|
37
|
-
type: Opaque
|
|
38
|
-
---
|
|
39
3
|
apiVersion: "apps/v1"
|
|
40
4
|
kind: DaemonSet
|
|
41
5
|
metadata:
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
<% k8s = global_config.k8s -%>
|
|
2
|
+
---
|
|
3
|
+
apiVersion: v1
|
|
4
|
+
data:
|
|
5
|
+
ca.crt: <%= certs.kubernetes.to_base64(:ca_cert) %>
|
|
6
|
+
ca.key: <%= certs.kubernetes.to_base64(:ca_key) %>
|
|
7
|
+
sa.key: <%= certs.kubernetes.to_base64(:sa_private_key) %>
|
|
8
|
+
kind: Secret
|
|
9
|
+
metadata:
|
|
10
|
+
name: kube-controller-manager
|
|
11
|
+
namespace: kube-system
|
|
12
|
+
labels:
|
|
13
|
+
<%- k8s.controller_manager.labels.each do |k, v| -%>
|
|
14
|
+
<%= k.to_s %>: <%= v %>
|
|
15
|
+
<%- end -%>
|
|
16
|
+
type: Opaque
|
|
@@ -44,21 +44,6 @@ metadata:
|
|
|
44
44
|
<%= k.to_s %>: <%= v %>
|
|
45
45
|
<%- end -%>
|
|
46
46
|
---
|
|
47
|
-
apiVersion: v1
|
|
48
|
-
data:
|
|
49
|
-
ca.crt: <%= certs.kubernetes.to_base64(:ca_cert) %>
|
|
50
|
-
ca.key: <%= certs.kubernetes.to_base64(:ca_key) %>
|
|
51
|
-
sa.key: <%= certs.kubernetes.to_base64(:sa_private_key) %>
|
|
52
|
-
kind: Secret
|
|
53
|
-
metadata:
|
|
54
|
-
name: kube-controller-manager
|
|
55
|
-
namespace: kube-system
|
|
56
|
-
labels:
|
|
57
|
-
<%- k8s.controller_manager.labels.each do |k, v| -%>
|
|
58
|
-
<%= k.to_s %>: <%= v %>
|
|
59
|
-
<%- end -%>
|
|
60
|
-
type: Opaque
|
|
61
|
-
---
|
|
62
47
|
apiVersion: apps/v1
|
|
63
48
|
kind: Deployment
|
|
64
49
|
metadata:
|
|
@@ -20,6 +20,9 @@ module Porkadot; module Assets
|
|
|
20
20
|
unless File.directory?(config.manifests_path)
|
|
21
21
|
FileUtils.mkdir_p(config.manifests_path)
|
|
22
22
|
end
|
|
23
|
+
unless File.directory?(config.manifests_secrets_path)
|
|
24
|
+
FileUtils.mkdir_p(config.manifests_secrets_path)
|
|
25
|
+
end
|
|
23
26
|
lb = global_config.lb
|
|
24
27
|
cni = global_config.cni
|
|
25
28
|
render_erb 'manifests/porkadot.yaml'
|
|
@@ -27,9 +30,11 @@ module Porkadot; module Assets
|
|
|
27
30
|
render_erb "manifests/#{lb.type}.yaml"
|
|
28
31
|
render_erb "manifests/#{cni.type}.yaml"
|
|
29
32
|
render_erb "manifests/kube-apiserver.yaml"
|
|
33
|
+
render_secrets_erb "manifests/kube-apiserver.secrets.yaml"
|
|
30
34
|
render_erb "manifests/kube-proxy.yaml"
|
|
31
35
|
render_erb "manifests/kube-scheduler.yaml"
|
|
32
36
|
render_erb "manifests/kube-controller-manager.yaml"
|
|
37
|
+
render_secrets_erb "manifests/kube-controller-manager.secrets.yaml"
|
|
33
38
|
render_erb "manifests/pod-checkpointer.yaml"
|
|
34
39
|
render_erb "manifests/kubelet-rubber-stamp.yaml"
|
|
35
40
|
render_erb 'install.sh'
|
data/lib/porkadot/assets.rb
CHANGED
|
@@ -21,4 +21,19 @@ module Porkadot::Assets
|
|
|
21
21
|
end
|
|
22
22
|
end
|
|
23
23
|
|
|
24
|
+
def render_secrets_erb file, opts={}
|
|
25
|
+
file = file.to_s
|
|
26
|
+
opts[:config] = self.config
|
|
27
|
+
opts[:global_config] = self.global_config
|
|
28
|
+
opts[:certs] = Porkadot::Assets::Certs.new(self.global_config)
|
|
29
|
+
opts[:u] = ErbUtils.new
|
|
30
|
+
|
|
31
|
+
logger.info "----> #{file}"
|
|
32
|
+
open(File.join(self.class::TEMPLATE_DIR, "#{file}.erb")) do |io|
|
|
33
|
+
open(config.secrets_path(file), 'w') do |out|
|
|
34
|
+
out.write ERB.new(io.read, trim_mode: '-').result_with_hash(opts)
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
|
|
24
39
|
end
|
data/lib/porkadot/config.rb
CHANGED
|
@@ -81,6 +81,10 @@ module Porkadot
|
|
|
81
81
|
File.expand_path(raw.local.assets_dir)
|
|
82
82
|
end
|
|
83
83
|
|
|
84
|
+
def secrets_root_dir
|
|
85
|
+
File.join(self.assets_dir, 'secrets')
|
|
86
|
+
end
|
|
87
|
+
|
|
84
88
|
end
|
|
85
89
|
|
|
86
90
|
module ConfigUtils
|
|
@@ -102,6 +106,10 @@ module Porkadot
|
|
|
102
106
|
end
|
|
103
107
|
alias path asset_path
|
|
104
108
|
|
|
109
|
+
def secrets_path file
|
|
110
|
+
File.join(self.target_secrets_path, file.to_s)
|
|
111
|
+
end
|
|
112
|
+
|
|
105
113
|
def method_missing name, *args
|
|
106
114
|
return nil if self.raw.nil?
|
|
107
115
|
self.raw[name]
|
|
@@ -16,6 +16,10 @@ module Porkadot; module Configs
|
|
|
16
16
|
def target_path
|
|
17
17
|
File.join(bootstrap_config.target_path, 'kubelet')
|
|
18
18
|
end
|
|
19
|
+
|
|
20
|
+
def target_secrets_path
|
|
21
|
+
File.join(bootstrap_config.target_secrets_path, 'kubelet')
|
|
22
|
+
end
|
|
19
23
|
end
|
|
20
24
|
|
|
21
25
|
include Porkadot::ConfigUtils
|
|
@@ -31,12 +35,20 @@ module Porkadot; module Configs
|
|
|
31
35
|
File.join(self.config.assets_dir, 'bootstrap')
|
|
32
36
|
end
|
|
33
37
|
|
|
38
|
+
def target_secrets_path
|
|
39
|
+
File.join(self.config.secrets_root_dir, 'bootstrap')
|
|
40
|
+
end
|
|
41
|
+
|
|
34
42
|
def bootstrap_path
|
|
35
43
|
File.join(self.target_path, 'bootstrap')
|
|
36
44
|
end
|
|
37
45
|
|
|
46
|
+
def bootstrap_secrets_path
|
|
47
|
+
File.join(self.target_secrets_path, 'bootstrap')
|
|
48
|
+
end
|
|
49
|
+
|
|
38
50
|
def secrets_path
|
|
39
|
-
File.join(self.
|
|
51
|
+
File.join(self.bootstrap_secrets_path, 'secrets')
|
|
40
52
|
end
|
|
41
53
|
|
|
42
54
|
def kubeconfig_path
|
|
@@ -79,16 +79,20 @@ module Porkadot; module Configs
|
|
|
79
79
|
File.join(self.kubelet.addon_path, 'etcd')
|
|
80
80
|
end
|
|
81
81
|
|
|
82
|
+
def target_secrets_path
|
|
83
|
+
File.join(self.kubelet.addon_secrets_path, 'etcd')
|
|
84
|
+
end
|
|
85
|
+
|
|
82
86
|
def ca_crt_path
|
|
83
|
-
File.join(self.
|
|
87
|
+
File.join(self.target_secrets_path, 'ca.crt')
|
|
84
88
|
end
|
|
85
89
|
|
|
86
90
|
def etcd_key_path
|
|
87
|
-
File.join(self.
|
|
91
|
+
File.join(self.target_secrets_path, 'etcd.key')
|
|
88
92
|
end
|
|
89
93
|
|
|
90
94
|
def etcd_crt_path
|
|
91
|
-
File.join(self.
|
|
95
|
+
File.join(self.target_secrets_path, 'etcd.crt')
|
|
92
96
|
end
|
|
93
97
|
|
|
94
98
|
end
|
|
@@ -41,16 +41,24 @@ module Porkadot; module Configs
|
|
|
41
41
|
File.join(self.config.assets_dir, 'kubelet', name)
|
|
42
42
|
end
|
|
43
43
|
|
|
44
|
+
def target_secrets_path
|
|
45
|
+
File.join(self.config.secrets_root_dir, 'kubelet', name)
|
|
46
|
+
end
|
|
47
|
+
|
|
44
48
|
def addon_path
|
|
45
49
|
File.join(self.target_path, 'addons')
|
|
46
50
|
end
|
|
47
51
|
|
|
52
|
+
def addon_secrets_path
|
|
53
|
+
File.join(self.target_secrets_path, 'addons')
|
|
54
|
+
end
|
|
55
|
+
|
|
48
56
|
def ca_crt_path
|
|
49
57
|
File.join(self.target_path, 'ca.crt')
|
|
50
58
|
end
|
|
51
59
|
|
|
52
60
|
def bootstrap_key_path
|
|
53
|
-
File.join(self.
|
|
61
|
+
File.join(self.target_secrets_path, 'bootstrap.key')
|
|
54
62
|
end
|
|
55
63
|
|
|
56
64
|
def bootstrap_cert_path
|
|
@@ -27,10 +27,18 @@ module Porkadot; module Configs
|
|
|
27
27
|
File.join(self.config.assets_dir, 'kubernetes')
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
+
def target_secrets_path
|
|
31
|
+
File.join(self.config.secrets_root_dir, 'kubernetes')
|
|
32
|
+
end
|
|
33
|
+
|
|
30
34
|
def manifests_path
|
|
31
35
|
File.join(self.target_path, 'manifests')
|
|
32
36
|
end
|
|
33
37
|
|
|
38
|
+
def manifests_secrets_path
|
|
39
|
+
File.join(self.target_secrets_path, 'manifests')
|
|
40
|
+
end
|
|
41
|
+
|
|
34
42
|
def control_plane_endpoint_host_and_port
|
|
35
43
|
endpoint = self.config.k8s.control_plane_endpoint
|
|
36
44
|
raise "kubernetes.control_plane_endpoint should not be nil" unless endpoint
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
module Porkadot; module Install
|
|
2
2
|
class Bootstrap
|
|
3
3
|
KUBE_TEMP = File.join(Porkadot::Install::KUBE_TEMP, 'bootstrap')
|
|
4
|
+
KUBE_SECRETS_TEMP = File.join(Porkadot::Install::KUBE_TEMP, '.bootstrap')
|
|
4
5
|
include SSHKit::DSL
|
|
5
6
|
attr_reader :global_config
|
|
6
7
|
attr_reader :config
|
|
@@ -21,8 +22,11 @@ module Porkadot; module Install
|
|
|
21
22
|
execute(:mkdir, '-p', Porkadot::Install::KUBE_TEMP)
|
|
22
23
|
if test("[ -d #{KUBE_TEMP} ]")
|
|
23
24
|
execute(:rm, '-rf', KUBE_TEMP)
|
|
25
|
+
execute(:rm, '-rf', KUBE_SECRETS_TEMP)
|
|
24
26
|
end
|
|
25
27
|
upload! config.target_path, KUBE_TEMP, recursive: true
|
|
28
|
+
upload! config.target_secrets_path, KUBE_SECRETS_TEMP, recursive: true
|
|
29
|
+
execute(:cp, '-r', KUBE_SECRETS_TEMP + '/*', KUBE_TEMP)
|
|
26
30
|
|
|
27
31
|
as user: 'root' do
|
|
28
32
|
execute(:bash, File.join(KUBE_TEMP, 'install.sh'))
|
|
@@ -44,8 +48,11 @@ module Porkadot; module Install
|
|
|
44
48
|
execute(:mkdir, '-p', Porkadot::Install::KUBE_TEMP)
|
|
45
49
|
if test("[ -d #{KUBE_TEMP} ]")
|
|
46
50
|
execute(:rm, '-rf', KUBE_TEMP)
|
|
51
|
+
execute(:rm, '-rf', KUBE_SECRETS_TEMP)
|
|
47
52
|
end
|
|
48
53
|
upload! config.target_path, KUBE_TEMP, recursive: true
|
|
54
|
+
upload! config.target_secrets_path, KUBE_SECRETS_TEMP, recursive: true
|
|
55
|
+
execute(:cp, '-r', KUBE_SECRETS_TEMP + '/*', KUBE_TEMP)
|
|
49
56
|
|
|
50
57
|
global_config.nodes.each do |k, node|
|
|
51
58
|
if node.apiserver?
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
module Porkadot; module Install
|
|
2
2
|
class KubeletList
|
|
3
3
|
KUBE_TEMP = File.join(Porkadot::Install::KUBE_TEMP, 'kubelet')
|
|
4
|
+
KUBE_SECRETS_TEMP = File.join(Porkadot::Install::KUBE_TEMP, '.kubelet')
|
|
4
5
|
include SSHKit::DSL
|
|
5
6
|
attr_reader :global_config
|
|
6
7
|
attr_reader :logger
|
|
@@ -27,8 +28,11 @@ module Porkadot; module Install
|
|
|
27
28
|
execute(:mkdir, '-p', Porkadot::Install::KUBE_TEMP)
|
|
28
29
|
if test("[ -d #{KUBE_TEMP} ]")
|
|
29
30
|
execute(:rm, '-rf', KUBE_TEMP)
|
|
31
|
+
execute(:rm, '-rf', KUBE_SECRETS_TEMP)
|
|
30
32
|
end
|
|
31
33
|
upload! host.config.target_path, KUBE_TEMP, recursive: true
|
|
34
|
+
upload! host.config.target_secrets_path, KUBE_SECRETS_TEMP, recursive: true
|
|
35
|
+
execute(:cp, '-r', KUBE_SECRETS_TEMP + '/*', KUBE_TEMP)
|
|
32
36
|
|
|
33
37
|
as user: 'root' do
|
|
34
38
|
unless test("[ -f /opt/bin/kubelet-#{host.global_config.k8s.kubernetes_version} ]") && !force
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
module Porkadot; module Install
|
|
2
2
|
class Kubernetes
|
|
3
3
|
KUBE_TEMP = File.join(Porkadot::Install::KUBE_TEMP, 'kubernetes')
|
|
4
|
+
KUBE_SECRETS_TEMP = File.join(Porkadot::Install::KUBE_TEMP, '.kubernetes')
|
|
4
5
|
include SSHKit::DSL
|
|
5
6
|
attr_reader :global_config
|
|
6
7
|
attr_reader :config
|
|
@@ -19,8 +20,11 @@ module Porkadot; module Install
|
|
|
19
20
|
execute(:mkdir, '-p', Porkadot::Install::KUBE_TEMP)
|
|
20
21
|
if test("[ -d #{KUBE_TEMP} ]")
|
|
21
22
|
execute(:rm, '-rf', KUBE_TEMP)
|
|
23
|
+
execute(:rm, '-rf', KUBE_SECRETS_TEMP)
|
|
22
24
|
end
|
|
23
25
|
upload! config.target_path, KUBE_TEMP, recursive: true
|
|
26
|
+
upload! config.target_secrets_path, KUBE_SECRETS_TEMP, recursive: true
|
|
27
|
+
execute(:cp, '-r', KUBE_SECRETS_TEMP + '/*', KUBE_TEMP)
|
|
24
28
|
|
|
25
29
|
as user: 'root' do
|
|
26
30
|
execute(:bash, File.join(KUBE_TEMP, 'install.sh'))
|
data/lib/porkadot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: porkadot
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- OTSUKA, Yuanying
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-04-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: thor
|
|
@@ -141,7 +141,9 @@ files:
|
|
|
141
141
|
- lib/porkadot/assets/kubernetes.rb
|
|
142
142
|
- lib/porkadot/assets/kubernetes/install.sh.erb
|
|
143
143
|
- lib/porkadot/assets/kubernetes/manifests/flannel.yaml.erb
|
|
144
|
+
- lib/porkadot/assets/kubernetes/manifests/kube-apiserver.secrets.yaml.erb
|
|
144
145
|
- lib/porkadot/assets/kubernetes/manifests/kube-apiserver.yaml.erb
|
|
146
|
+
- lib/porkadot/assets/kubernetes/manifests/kube-controller-manager.secrets.yaml.erb
|
|
145
147
|
- lib/porkadot/assets/kubernetes/manifests/kube-controller-manager.yaml.erb
|
|
146
148
|
- lib/porkadot/assets/kubernetes/manifests/kube-proxy.yaml.erb
|
|
147
149
|
- lib/porkadot/assets/kubernetes/manifests/kube-scheduler.yaml.erb
|