-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathmanager_lifecycle.sh
80 lines (75 loc) · 3.04 KB
/
manager_lifecycle.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
#!/bin/bash
# Collection of functions to manage Rancher lifecycle
#######################################
# Installs Rancher with a certificate generated by a cluster issuer
# Arguments:
# Helm repository suffix (latest, stable)
# Version
# Number of replicas
# Hostname
# Cluster issuer name (managed by cert-manager)
# Examples:
# rancher_install_withcertmanagerclusterissuer latest "2.8.2" 1 rancher.random_string.geek letsencrypt-prod
#######################################
rancher_install_withcertmanagerclusterissuer() {
local repository=$1
local version=$2
local replicas=$3
local hostname=$4
local clusterissuer=$5
echo 'Installing Rancher...'
helm repo add rancher-${repository} https://releases.rancher.com/server-charts/${repository}
helm repo update
helm upgrade --install rancher rancher-${repository}/rancher --namespace cattle-system --create-namespace \
--version ${version} \
--set replicas=${replicas} \
--set hostname=${hostname} \
--set ingress.extraAnnotations.'cert-manager\.io/cluster-issuer'=${clusterissuer} \
--set ingress.tls.source=secret \
--set ingress.tls.secretName=rancher-tls \
--set agentTLSMode="system-store"
kubectl wait pods -n cattle-system -l app=rancher --for condition=Ready --timeout=180s
echo 'Waiting for Rancher web app to be running with a valid certificate...'
while ! kubectl get secret rancher-tls --namespace cattle-system 2>/dev/null; do sleep 1; done
sleep 10
}
#######################################
# Do the first log in Rancher (will update admin password and set server URL)
# Arguments:
# Rancher URL (starting with http:// or https://)
# new password
# Examples:
# rancher_first_login MyNewPassword
#######################################
rancher_first_login() {
local rancherUrl=$1
local newPassword=$2
echo 'Do first login on Rancher...'
BOOTSTRAP_PASSWORD=$(kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}{{ "\n" }}')
echo "DEBUG BOOTSTRAP_PASSWORD=${BOOTSTRAP_PASSWORD}"
rancher_login_withpassword $rancherUrl 'admin' $BOOTSTRAP_PASSWORD
echo "DEBUG LOGIN_TOKEN=${LOGIN_TOKEN}"
rancher_update_password $rancherUrl $LOGIN_TOKEN $BOOTSTRAP_PASSWORD $newPassword
rancher_update_serverurl $rancherUrl
}
#######################################
# Waits for Rancher CAPI to be ready (for cluster creation in particular)
# Arguments:
# None
# Examples:
# rancher_wait_capiready
#######################################
rancher_wait_capiready() {
while true; do
status=$(kubectl get deployment capi-controller-manager -n cattle-provisioning-capi-system -o jsonpath='{.status.conditions[?(@.type=="Available")].status}' 2>/dev/null)
if [ "$status" == 'True' ]; then
echo 'Deployment capi-controller-manager is available'
break
fi
sleep 10
done
while [[ $(kubectl get endpoints capi-webhook-service -n cattle-provisioning-capi-system -o jsonpath='{.subsets}' 2>/dev/null) == '' ]]; do
sleep 10
done
echo 'Service capi-webhook-service is ready'
}