-
Notifications
You must be signed in to change notification settings - Fork 10
/
manage-cluster
executable file
·225 lines (170 loc) · 7.23 KB
/
manage-cluster
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
#!/bin/bash
set -e
shopt -s expand_aliases
red=`tput setaf 1`
green=`tput setaf 2`
reset=`tput sgr0`
function check_dep {
if ! [ -x "$(command -v jq)" ]; then
echo 'Error: jq is not installed.' >&2
exit 1
fi
if ! [ -f "${HOME}/.pks/creds.yml" ]; then
echo "ERROR: Login to PKS API before proceeding" >&2
exit 1
fi
CLUSTER_REGION=$(gcloud config list --format="value(compute.region)")
if [[ "$CLUSTER_REGION" == "" ]]; then
echo "Error: Configure GCP region, check step 3 on Instructions!!" >&2
exit 1
fi
}
#Function to reserve IP on GCP & create cluster
function provision_cluster {
check_dep #Check env variables
echo -e "\nEnter pks cluster name to be created and press [ENTER]: "
read CLUSTER_NAME
echo -e "\nListing pks plans..."
pks list-plans
echo -e "\nEnter pks plan to be provisioned, choose plan from above list and press [ENTER]: "
read CLUSTER_PLAN
gcloud dns managed-zones list --format='table(name, dns_name)'
echo -e "\nSelect a managed zone (NAME): "
read managed_zone
zonedomain=$(gcloud dns record-sets list --zone ${managed_zone} --filter=Type=SOA --format='table[no-heading](name)' | sed 's/\.$//')
external_hostname=$CLUSTER_NAME-k8s.$zonedomain
echo -e "\nExternal hostname: $external_hostname"
LB_NAME="$CLUSTER_NAME-lb"
echo -e "Reserving public IP for cluster loadbalancer"
gcloud compute addresses create $LB_NAME --region=$CLUSTER_REGION
CLUSTER_IP=$(gcloud compute addresses describe $LB_NAME --region=$CLUSTER_REGION --format="value(address)")
dns_record add $managed_zone $external_hostname $CLUSTER_IP
echo -e "\nCreating PKS cluster $CLUSTER_NAME with external hostname ${external_hostname}"
pks create-cluster $CLUSTER_NAME --external-hostname $external_hostname -p $CLUSTER_PLAN
}
function dns_record {
[[ -e transaction.yaml ]] && rm transaction.yaml
action=$1
managed_zone=$2
external_hostname=$3
new_ip=$4
function dns-txn {
op=$1; shift
gcloud dns record-sets transaction $op --zone=$managed_zone $*
}
read -r old_ip ttl type <<<$(gcloud dns record-sets list --zone=${managed_zone} --filter="name=${external_hostname}. AND type=A" --format='table[no-heading](DATA,ttl,type)')
dns-txn start
if [[ ! -z $old_ip ]] || [[ $action == "remove" ]]
then
echo Removing exsting record $managed_zone/$external_hostname -\> $old_ip
dns-txn remove $old_ip --name=${external_hostname}. --type $type --ttl $ttl
fi
if [[ $action == "add" ]]
then
echo Adding record $managed_zone/$external_hostname -\> $new_ip
dns-txn add $new_ip --name=${external_hostname}. --ttl=300 --type=A
fi
dns-txn execute
}
#Function to enable access to pks cluster on gcp
function enable_access {
check_dep #Check env variables
echo -e "Listing available clusters..."
pks clusters
echo -e "\nEnter pks cluster name from above list & press [ENTER]: "
read CLUSTER_NAME
LB_NAME="$CLUSTER_NAME-lb"
FORWARDING_RULE="pks-$CLUSTER_NAME-forwarding-rule"
CLUSTER_REGION=$(gcloud config list --format="value(compute.region)")
if ! [[ "$(gcloud compute target-pools list --filter="name=$LB_NAME" --format="value(name)")" == "" ]]; then
echo -e "\nLoad balancer $LB_NAME already exists..."
else
echo -e "\nProvisioning load balancer for $CLUSTER_NAME pks cluster"
gcloud compute target-pools create $LB_NAME \
--description="Load balancer for $CLUSTER_NAME pks cluster" \
--region=$CLUSTER_REGION
fi
if ! [[ "$(gcloud compute forwarding-rules list --filter="name=$FORWARDING_RULE" --format="value(name)")" == "" ]]; then
echo -e "\nForwarding rule $FORWARDING_RULE already exists..."
else
echo -e "\nConfiguring forwarding rule for $LB_NAME"
gcloud compute forwarding-rules create $FORWARDING_RULE \
--region=$CLUSTER_REGION \
--address=$LB_NAME \
--target-pool=$LB_NAME \
--ports=8443
fi
echo -e "\nGetting master nodes for pks cluster $CLUSTER_NAME"
CLUSTER_UUID=$(pks cluster $CLUSTER_NAME --json | jq -r .uuid)
export BOSH_DEPLOYMENT_NAME=service-instance-$CLUSTER_UUID
MASTERS=$(mktemp /tmp/master-$CLUSTER_UUID.XXXX)
gcloud compute instances list --filter="labels.instance_group=master AND labels.deployment=$BOSH_DEPLOYMENT_NAME" \
--format="csv[no-heading](name,zone,networkInterfaces.network)" > $MASTERS
IFS=","
while read -r instance zone network
do
echo -e "\nAdding $instance to load balancer $LB_NAME"
gcloud --quiet compute target-pools add-instances $LB_NAME --instances=$instance --instances-zone=$zone
echo -e "\nAdding tags for allowing traffic from load balancer"
gcloud --quiet compute instances add-tags $instance --zone=$zone --tags $CLUSTER_NAME-master-access
done < "$MASTERS"
PKS_CLUSTER_NETWORK=$(basename $(head -1 $MASTERS | cut -d',' -f3))
FW_RULE=$CLUSTER_NAME-fw-master-access
if ! [[ "$(gcloud compute firewall-rules list --filter="name=$FW_RULE" --format="value(name)")" == "" ]]; then
echo -e "\nFirewall rule $FW_RULE already exists..."
else
echo -e "\nCreating firewall rule from all sources to pks master nodes on port 8443"
gcloud compute firewall-rules create $FW_RULE --allow tcp:8443 \
--description "Allow incoming traffic on TCP port 8443 for pks cluster $CLUSTER_NAME" \
--target-tags "$CLUSTER_NAME-master-access" \
--network $PKS_CLUSTER_NETWORK \
--direction INGRESS
fi
rm $MASTERS
echo -e "\nConfiguring kubectl for creds using pks get-credentials"
pks get-credentials $CLUSTER_NAME
echo -e "\nPKS cluster $CLUSTER_NAME information"
kubectl cluster-info
echo -e "\nGetting all pods across all namespaces..."
kubectl get pods --all-namespaces
}
function gcp_cleanup {
check_dep #Check env variables
echo -e "Listing available clusters..."
pks clusters
echo -e "\nEnter pks cluster name from above list & press [ENTER]: "
read CLUSTER_NAME
LB_NAME="$CLUSTER_NAME-lb"
CLUSTER_REGION=$(gcloud config list --format="value(compute.region)")
CLUSTER_UUID=$(pks cluster $CLUSTER_NAME --json | jq -r .uuid)
CLUSTER_IP=$(gcloud compute addresses describe $LB_NAME --region=$CLUSTER_REGION --format="value(address)")
external_hostname=$(pks cluster $CLUSTER_NAME --json | jq -r .parameters.kubernetes_master_host)
zonedomain=${external_hostname#*-k8s.}
managed_zone=$(gcloud dns managed-zones list --filter=dnsName:$zonedomain --format="value(name)")
echo "Deleting firewall rule"
gcloud compute firewall-rules delete $CLUSTER_NAME-fw-master-access --quiet
echo "Deleting forwarding rule"
gcloud compute forwarding-rules delete pks-$CLUSTER_NAME-forwarding-rule --region=$CLUSTER_REGION --quiet
echo "Deleting target pool/lb"
gcloud compute target-pools delete $LB_NAME --quiet
echo "Releasing public IP"
gcloud compute addresses delete $LB_NAME --region=$CLUSTER_REGION --quiet
echo "Removing DNS record"
dns_record remove $managed_zone $external_hostname
echo -e "\n${green}GCP Cleanup complete, you can delete your cluster with: ${reset}${red}pks delete-cluster $CLUSTER_NAME ${reset}"
}
operation=$1
case $operation in
provision)
provision_cluster
;;
access)
enable_access
;;
cleanup)
gcp_cleanup
;;
*)
echo $"Usage: $0 {provision|access|cleanup}"
exit 1
esac