From c8dd7fd2cc0b03751ffcb5f54ca22b173845a803 Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Tue, 8 Apr 2025 14:33:54 +0000 Subject: [PATCH] feat: tooling cleanup, first bootstrap draft, argo tweaks --- admin/cluster_bootstrap.sh | 44 +++++++++++++++++++ admin/dev_apply.sh | 25 +++-------- admin/kubezero.sh | 2 +- admin/libhelm.sh | 22 ++++++++++ .../templates/argo-cd/admin-secret.yaml | 2 +- charts/kubezero-auth/values.yaml | 2 +- 6 files changed, 76 insertions(+), 21 deletions(-) create mode 100755 admin/cluster_bootstrap.sh diff --git a/admin/cluster_bootstrap.sh b/admin/cluster_bootstrap.sh new file mode 100755 index 00000000..634b1b55 --- /dev/null +++ b/admin/cluster_bootstrap.sh @@ -0,0 +1,44 @@ +#!/bin/bash +set -eEx +set -o pipefail +set -x + +VALUES=$1 + +WORKDIR=$(mktemp -p /tmp -d kubezero.XXX) +[ -z "$DEBUG" ] && trap 'rm -rf $WORKDIR' ERR EXIT + +SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +# shellcheck disable=SC1091 +. "$SCRIPT_DIR"/libhelm.sh +CHARTS="$(dirname $SCRIPT_DIR)/charts" + +KUBE_VERSION="$(get_kube_version)" +PLATFORM="$(get_kubezero_platform)" + +if [ -z "$KUBE_VERSION" ]; then + echo "Cannot contact cluster, cannot parse version!" + exit 1 +fi + + +# Upload values into kubezero-values +kubectl create ns kubezero || true +kubectl create cm -n kubezero kubezero-values \ + --from-file values.yaml=$VALUES || \ + kubectl get cm -n kubezero kubezero-values -o=yaml | \ + yq e ".data.\"values.yaml\" |= load_str($1)" | \ + kubectl replace -f - + +### Main +get_kubezero_values $ARGOCD + +# Always use embedded kubezero chart +helm template $CHARTS/kubezero -f $WORKDIR/kubezero-values.yaml --kube-version $KUBE_VERSION --name-template kubezero --version ~$KUBE_VERSION --devel --output-dir $WORKDIR + +ARTIFACTS=(network addons cert-manager storage argo) + +for t in ${ARTIFACTS[@]}; do + _helm crds $t || true + _helm apply $t || true +done diff --git a/admin/dev_apply.sh b/admin/dev_apply.sh index 399d1758..6d7d8d85 100755 --- a/admin/dev_apply.sh +++ b/admin/dev_apply.sh @@ -9,34 +9,23 @@ ARGOCD="${3:-true}" LOCAL_DEV=1 -#VERSION="latest" -KUBE_VERSION="$(kubectl version -o json | jq -r .serverVersion.gitVersion)" - WORKDIR=$(mktemp -p /tmp -d kubezero.XXX) [ -z "$DEBUG" ] && trap 'rm -rf $WORKDIR' ERR EXIT SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) + # shellcheck disable=SC1091 . "$SCRIPT_DIR"/libhelm.sh CHARTS="$(dirname $SCRIPT_DIR)/charts" -# Guess platform from current context -_auth_cmd=$(kubectl config view | yq .users[0].user.exec.command) -if [ "$_auth_cmd" == "gke-gcloud-auth-plugin" ]; then - PLATFORM=gke -elif [ "$_auth_cmd" == "aws-iam-authenticator" ]; then - PLATFORM=aws -else - PLATFORM=nocloud +KUBE_VERSION="$(get_kube_version)" +PLATFORM="$(get_kubezero_platform)" + +if [ -z "$KUBE_VERSION" ]; then + echo "Cannot contact cluster, cannot parse version!" + exit 1 fi -parse_version() { - echo $([[ $1 =~ ^v[0-9]+\.[0-9]+\.[0-9]+ ]] && echo "${BASH_REMATCH[0]//v/}") -} - -KUBE_VERSION=$(parse_version $KUBE_VERSION) - - ### Main get_kubezero_values $ARGOCD diff --git a/admin/kubezero.sh b/admin/kubezero.sh index b6375396..e5bde704 100755 --- a/admin/kubezero.sh +++ b/admin/kubezero.sh @@ -320,7 +320,7 @@ apply_module() { get_kubezero_values $ARGOCD # Always use embedded kubezero chart - helm template $CHARTS/kubezero -f $WORKDIR/kubezero-values.yaml --version ~$KUBE_VERSION --devel --output-dir $WORKDIR + helm template $CHARTS/kubezero -f $WORKDIR/kubezero-values.yaml --kube-version $KUBE_VERSION --name-template kubezero --version ~$KUBE_VERSION --devel --output-dir $WORKDIR # CRDs first for t in $MODULES; do diff --git a/admin/libhelm.sh b/admin/libhelm.sh index 7d439830..1f22391c 100644 --- a/admin/libhelm.sh +++ b/admin/libhelm.sh @@ -44,6 +44,25 @@ function field_manager() { } +function get_kube_version() { + local git_version="$(kubectl version -o json | jq -r .serverVersion.gitVersion)" + echo $([[ $git_version =~ ^v[0-9]+\.[0-9]+\.[0-9]+ ]] && echo "${BASH_REMATCH[0]//v/}") +} + + +function get_kubezero_platform() { + _auth_cmd=$(kubectl config view | yq .users[0].user.exec.command) + if [ "$_auth_cmd" == "gke-gcloud-auth-plugin" ]; then + PLATFORM=gke + elif [ "$_auth_cmd" == "aws-iam-authenticator" ]; then + PLATFORM=aws + else + PLATFORM=nocloud + fi + echo $PLATFORM +} + + function get_secret_val() { local ns=$1 local secret=$2 @@ -83,6 +102,7 @@ function get_kubezero_values() { fi } + # Overwrite kubezero-values CM with file function update_kubezero_cm() { kubectl get cm -n kubezero kubezero-values -o=yaml | \ @@ -90,6 +110,7 @@ function update_kubezero_cm() { kubectl replace -f - } + # sync kubezero-values CM from ArgoCD app function sync_kubezero_cm_from_argo() { get_kubezero_values true @@ -258,6 +279,7 @@ function _helm() { return 0 } + function all_nodes_upgrade() { CMD="$1" diff --git a/charts/kubezero-argo/templates/argo-cd/admin-secret.yaml b/charts/kubezero-argo/templates/argo-cd/admin-secret.yaml index 7ff264f0..4841203a 100644 --- a/charts/kubezero-argo/templates/argo-cd/admin-secret.yaml +++ b/charts/kubezero-argo/templates/argo-cd/admin-secret.yaml @@ -9,5 +9,5 @@ metadata: type: Opaque stringData: admin.password: {{ index .Values "argo-cd" "configs" "secret" "argocdServerAdminPassword" }} - admin.passwordMtime: {{ default (dateInZone "2006-01-02T15:04:05Z" (now) "UTC") }} + admin.passwordMtime: "2006-01-02T15:04:05Z" {{- end }} diff --git a/charts/kubezero-auth/values.yaml b/charts/kubezero-auth/values.yaml index d24e7fac..5beac9c8 100644 --- a/charts/kubezero-auth/values.yaml +++ b/charts/kubezero-auth/values.yaml @@ -19,7 +19,7 @@ keycloak: resources: limits: #cpu: 750m - memory: 768Mi + memory: 1024Mi requests: cpu: 100m memory: 512Mi