update to 2.1.0-beta22 and switch to waves directory structure

.gitattributes

@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto

README.md

@@ -1,38 +1,69 @@
 # gloo-mesh-demo-aoa
 
-## version 2.0.9
-This repo provides a multitenant capable GitOps workflow structure that can be forked and used to demonstrate the deployment and configuration of a single or multi-cluster mesh demo as code using the Argo CD app-of-apps pattern. To get started you just need 1 cluster, you can find the multi-cluster setup if you switch branches
+## version 2.1.0-beta18
+This repo provides a multitenant capable GitOps workflow structure that can be forked and used to demonstrate the deployment and configuration of a multi-cluster mesh demo as code using the Argo CD app-of-apps pattern.
+
+This repo is meant to be deployed along with the following repos to create the entire High Level Architecture diagram below.
+- https://github.com/ably77/aoa-cluster1
+- https://github.com/ably77/aoa-cluster2
 
 # Prerequisites 
 - 1 Kubernetes Cluster
     - This demo has been tested on 1x `n2-standard-4` (gke), `m5.xlarge` (aws), or `Standard_DS3_v2` (azure) instance for `mgmt` cluster
 
 # High Level Architecture
-![High Level Architecture](images/aoa-1a.png)
+![High Level Architecture](images/aoa-fulla.png)
+
+# What this repo deploys
+![mgmt components](images/aoa-mgmt.png)
 
 # Getting Started
 Run:
 ```
-./deploy.sh           # deploys on mgmt cluster
+./deploy.sh $LICENSE_KEY        # deploys on mgmt cluster
 ```
+The script will prompt you for a Gloo Mesh Enterprise license key if not provided as an input parameter
 
 Note:
-- A temporary (5 day currently) license key is used here for demonstration purposes
 - By default, the script expects to deploy into a cluster context named `mgmt`
 - Context parameters can be changed from defaults by changing the variables in the `deploy.sh` script. A check is done to ensure that the defined contexts exist before proceeding with the installation. Note that the character `_` is an invalid value if you are replacing default contexts
-- Although you may change the contexts where apps are deployed as describe above, the Gloo Mesh and Istio cluster names will remain stable references (i.e. `mgmt`)
+- Although you may change the contexts where apps are deployed as describe above, the Gloo Mesh and Istio cluster names will remain stable references (i.e. `mgmt`, `cluster1`, and `cluster2`)
 
 # App of Apps Explained
-Platform owners control the deployment of applications into the cluster with the app-of-apps pattern. The app-of-apps pattern uses a generic Argo Application to sync all manifests in a particular Git directory, rather than directly point to a Kustomize, YAML, or Helm configuration.
-
-By using the app-of-app pattern, a Platform Administrator can provide some self-service capabilities to end users by delivering a synced directory in Git (i.e. infra team controls `infra` repo/directory, app team to `app` repo/directory) while still controlling what is ultimately deployed to the cluster and exposed through standard Kubernetes RBAC and Policy. This way, with the right policy in place, Applications are not deployed unless successfully committed Git and pushed to the correctly scoped team repo/directory
+The app-of-apps pattern uses a generic Argo Application to sync all manifests in a particular Git directory, rather than directly point to a Kustomize, YAML, or Helm configuration. Anything pushed into the `environment/<overlay>/active` directory is deployed by it's corresponding app-of-app
 ```
-platform-owners
-└── mgmt
-    ├── mgmt-apps.yaml                      # syncs all apps pushed to environments/mgmt/apps/
-    ├── mgmt-cluster-config.yaml            # syncs all apps pushed to environments/mgmt/cluster-config/
-    ├── mgmt-infra.yaml                     # syncs all apps pushed to environments/mgmt/infra/
-    └── mgmt-mesh-config.yaml               # syncs all apps pushed to environments/mgmt/mesh-config/
+environment
+├── wave-1
+│   ├── active
+│   │   ├── cert-manager-cacerts.yaml
+│   │   ├── cert-manager-ns.yaml
+│   │   ├── cert-manager.yaml
+│   │   ├── gloo-mesh-ns.yaml
+│   │   ├── relay-identity-token-secret.yaml
+│   │   └── relay-root-ca.yaml
+│   └── wave-1-aoa.yaml
+├── wave-2
+│   ├── active
+│   │   ├── agent-cert.yaml
+│   │   ├── clusterissuer.yaml
+│   │   ├── gloo-mesh-cert.yaml
+│   │   ├── gloo-mesh-ee-helm-disableca.yaml
+│   │   ├── issuer.yaml
+│   │   └── relay-tls-signing-cert.yaml
+│   └── wave-2-aoa.yaml
+└── wave-3
+    ├── active
+    │   ├── catchall-workspace.yaml
+    │   ├── catchall-workspacesettings.yaml
+    │   ├── gloo-mesh-cluster1-kubernetescluster.yaml
+    │   ├── gloo-mesh-cluster1-virtualgateway-443.yaml
+    │   ├── gloo-mesh-cluster1-virtualgateway-80.yaml
+    │   ├── gloo-mesh-cluster2-kubernetescluster.yaml
+    │   ├── gloo-mesh-global-workspacesettings.yaml
+    │   ├── httpbin-rt-443-vd.yaml
+    │   ├── httpbin-rt-80.yaml
+    │   └── httpbin-virtualdestination.yaml
+    └── wave-3-aoa.yaml
 ```
 
 # forking this repo

deploy.sh

@@ -1,45 +1,86 @@
 #!/bin/bash
 #set -e
 
-# note that the character '_' is an invalid value if you are replacing the defaults below
-mgmt_context="mgmt"
+# replace the parameter below with your designated cluster context
+# note that the character '_' is an invalid value
+#
+# please use `kubectl config rename-contexts <current_context> <target_context>` to
+# rename your context if necessary
+cluster_context="mgmt"
+# number of app waves in the environments directory
+environment_waves="4"
+LICENSE_KEY="$1"
 
 # check to see if defined contexts exist
-if [[ $(kubectl config get-contexts | grep ${mgmt_context}) == "" ]] ; then
-  echo "Check Failed: mgmt context does not exist. Please check to see if you have the clusters available"
-  echo "Run 'kubectl config get-contexts' to see currently available contexts. If the clusters are available, please make sure that they are named correctly. Default is mgmt"
+if [[ $(kubectl config get-contexts | grep ${cluster_context}) == "" ]] ; then
+  echo "Check Failed: ${cluster_context} context does not exist. Please check to see if you have the clusters available"
+  echo "Run 'kubectl config get-contexts' to see currently available contexts. If the clusters are available, please make sure that they are named correctly. Default is ${cluster_context}"
   exit 1;
 fi
 
-# install argocd on ${mgmt_context}, ${cluster1_context}, and ${cluster2_context}
+# check to see if license key variable was passed through, if not prompt for key
+if [[ ${LICENSE_KEY} == "" ]]
+  then
+    # provide license key
+    echo "Please provide your Gloo Mesh Enterprise License Key:"
+    read LICENSE_KEY
+fi
+
+# check OS type
+if [[ "$OSTYPE" == "linux-gnu"* ]]; then
+        # Linux
+        BASE64_LICENSE_KEY=$(echo -n "${LICENSE_KEY}" | base64 -w 0)
+elif [[ "$OSTYPE" == "darwin"* ]]; then
+        # Mac OSX
+        BASE64_LICENSE_KEY=$(echo -n "${LICENSE_KEY}" | base64)
+else
+        echo unknown OS type
+        exit 1
+fi
+
+# license stuff
+kubectl create ns gloo-mesh --context ${cluster_context}
+
+kubectl apply --context ${cluster_context} -f - <<EOF
+apiVersion: v1
+data:
+  gloo-mesh-license-key: ${BASE64_LICENSE_KEY}
+kind: Secret
+metadata:
+  name: gloo-mesh-license
+  namespace: gloo-mesh
+type: Opaque
+EOF
+
+# install argocd
 cd bootstrap-argocd
-./install-argocd.sh insecure-rootpath ${mgmt_context}
+./install-argocd.sh insecure-rootpath ${cluster_context}
 cd ..
 
 # wait for argo cluster rollout
-./tools/wait-for-rollout.sh deployment argocd-server argocd 20 ${mgmt_context}
+./tools/wait-for-rollout.sh deployment argocd-server argocd 20 ${cluster_context}
 
-# deploy mgmt, cluster1, and cluster2 cluster config aoa
-kubectl apply -f platform-owners/mgmt/mgmt-cluster-config.yaml --context ${mgmt_context}
-
-# deploy mgmt, cluster1, and cluster2 environment infra app-of-apps
-kubectl apply -f platform-owners/mgmt/mgmt-infra.yaml --context ${mgmt_context}
+# deploy app of app waves
+for i in $(seq ${environment_waves}); do 
+  #echo $i;
+  kubectl apply -f environment/wave-${i}/wave-${i}-aoa.yaml --context ${cluster_context};
+  #TODO: add test script if statement
+  sleep 20; 
+done
 
 # wait for completion of gloo-mesh install
-./tools/wait-for-rollout.sh deployment gloo-mesh-mgmt-server gloo-mesh 10 ${mgmt_context}
-
-# deploy cluster1, and cluster2 environment apps aoa
-kubectl apply -f platform-owners/mgmt/mgmt-apps.yaml --context ${mgmt_context}
-
-# deploy mgmt mesh config aoa
-kubectl apply -f platform-owners/mgmt/mgmt-mesh-config.yaml --context ${mgmt_context}
+./tools/wait-for-rollout.sh deployment gloo-mesh-mgmt-server gloo-mesh 10 ${cluster_context}
 
 # echo port-forward commands
 echo
 echo "access gloo mesh dashboard:"
-echo "kubectl port-forward -n gloo-mesh svc/gloo-mesh-ui 8090 --context ${mgmt_context}"
+echo "kubectl port-forward -n gloo-mesh svc/gloo-mesh-ui 8090 --context ${cluster_context}"
 echo 
 echo "access argocd dashboard:"
-echo "kubectl port-forward svc/argocd-server -n argocd 9999:443 --context ${mgmt_context}"
+echo "kubectl port-forward svc/argocd-server -n argocd 9999:443 --context ${cluster_context}"
 echo
-
+echo "navigate to http://localhost:8090 in your browser for the Gloo Mesh UI"
+echo "navigate to http://localhost:9999/argo in your browser for argocd"
+echo
+echo "username: admin"
+echo "password: solo.io"

platform-owners/mgmt/mgmt-apps.yaml → environment/wave-1/wave-1-aoa.yaml

@@ -1,7 +1,7 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
-  name: meta-mgmt-apps
+  name: wave-1-aoa
   namespace: argocd
   finalizers:
   - resources-finalizer.argocd.argoproj.io
@@ -10,7 +10,7 @@ spec:
   source:
     repoURL: https://github.com/ably77/gloo-mesh-aoa/
     targetRevision: HEAD
-    path: environments/mgmt/apps/active/
+    path: environment/wave-1/active/
   destination:
     server: https://kubernetes.default.svc
   syncPolicy:

environments/mgmt/infra/active/gloo-mesh-addons.yaml → environment/wave-2/active/gloo-mesh-addons.yaml

@@ -21,7 +21,7 @@ spec:
       - name: glooMeshAgent.enabled
         value: 'false'
     repoURL: https://storage.googleapis.com/gloo-mesh-enterprise/gloo-mesh-agent
-    targetRevision: 2.0.9
+    targetRevision: 2.1.0-beta22
   syncPolicy:
     automated:
       prune: true

environments/mgmt/infra/active/gloo-mesh-agent.yaml → environment/wave-2/active/gloo-mesh-agent.yaml

@@ -9,7 +9,7 @@ spec:
     namespace: gloo-mesh
   source:
     repoURL: 'https://storage.googleapis.com/gloo-mesh-enterprise/gloo-mesh-agent'
-    targetRevision: 2.0.9
+    targetRevision: 2.1.0-beta22
     chart: gloo-mesh-agent
     helm:
       valueFiles:

environments/mgmt/infra/active/gloo-mesh-ee-helm-disableca.yaml → environment/wave-2/active/gloo-mesh-ee-helm-disableca.yaml

@@ -14,7 +14,9 @@ spec:
     chart: gloo-mesh-enterprise
     helm:
       values: |
-        licenseKey: eyJleHAiOjE2NjE5MDI0NjAsImlhdCI6MTY1ODk2NDg2MCwiayI6Ikt3Z3pCUSIsImx0IjoidHJpYWwiLCJwcm9kdWN0IjoiZ2xvbyJ9.CWe1JmPIDkq9QYQ-MkD2qm9SIpysg4mI2nGUkuidGOM
+        licenseSecretName: gloo-mesh-license
+        global:
+          cluster: mgmt
         mgmtClusterName: mgmt
         glooMeshMgmtServer:
           serviceType: ClusterIP
@@ -37,7 +39,7 @@ spec:
                   labels:
                     istio.io/rev: "1-13"
     repoURL: https://storage.googleapis.com/gloo-mesh-enterprise/gloo-mesh-enterprise
-    targetRevision: 2.0.9
+    targetRevision: 2.1.0-beta22
   syncPolicy:
     automated:
       prune: false

platform-owners/mgmt/mgmt-infra.yaml → environment/wave-2/wave-2-aoa.yaml

@@ -1,7 +1,7 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
-  name: meta-mgmt-infra
+  name: wave-2-aoa
   namespace: argocd
   finalizers:
   - resources-finalizer.argocd.argoproj.io
@@ -10,7 +10,7 @@ spec:
   source:
     repoURL: https://github.com/ably77/gloo-mesh-aoa/
     targetRevision: HEAD
-    path: environments/mgmt/infra/active/
+    path: environment/wave-2/active/
   destination:
     server: https://kubernetes.default.svc
   syncPolicy:

platform-owners/mgmt/mgmt-mesh-config.yaml → environment/wave-3/wave-3-aoa.yaml

@@ -1,7 +1,7 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
-  name: meta-mgmt-mesh-config
+  name: wave-3-aoa
   namespace: argocd
   finalizers:
   - resources-finalizer.argocd.argoproj.io
@@ -10,7 +10,7 @@ spec:
   source:
     repoURL: https://github.com/ably77/gloo-mesh-aoa/
     targetRevision: HEAD
-    path: environments/mgmt/mesh-config/active/
+    path: environment/wave-3/active/
   destination:
     server: https://kubernetes.default.svc
   syncPolicy:

platform-owners/mgmt/mgmt-cluster-config.yaml → environment/wave-4/wave-4-aoa.yaml

@@ -1,7 +1,7 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
-  name: meta-mgmt-cluster-config
+  name: wave-4-aoa
   namespace: argocd
   finalizers:
   - resources-finalizer.argocd.argoproj.io
@@ -10,7 +10,7 @@ spec:
   source:
     repoURL: https://github.com/ably77/gloo-mesh-aoa/
     targetRevision: HEAD
-    path: environments/mgmt/cluster-config/active/
+    path: environment/wave-4/active/
   destination:
     server: https://kubernetes.default.svc
   syncPolicy:

notes.md

@@ -1,7 +1,7 @@
 Summary:
 1 mgmt cluster only
 - Since Gloo Mesh and the Gloo Mesh Agent are in the same cluster, we can configure both to communicate over ClusterIP
-gloo mesh 2.0.9
+gloo mesh 2.1.0-beta22
 istio 1.13.4 with revisions
 north/south and east/west gateways
 cert manager deployed in cert-manager namespace

tools/configure.sh

@@ -1,13 +1,10 @@
 #!/bin/bash
 #set -e
 
-# comma separated list
-cluster_contexts="mgmt"
+# number of app waves in the environments directory
+environment_waves="3"
 
-# sed commands to replace target_branch variable
-for i in $(echo ${cluster_contexts} | sed "s/,/ /g"); do
-  kubectl apply -f ../platform-owners/$i/$i-apps.yaml --context $i
-  kubectl apply -f ../platform-owners/$i/$i-cluster-config.yaml --context $i
-  kubectl apply -f ../platform-owners/$i/$i-infra.yaml --context $i
-  kubectl apply -f ../platform-owners/$i/$i-mesh-config.yaml --context $i
+# configure
+for i in $(seq ${environment_waves}); do 
+  kubectl apply -f environment/wave-${i}/wave-${i}-aoa.yaml;
 done

tools/replace-branch.sh

@@ -2,8 +2,8 @@
 #!/bin/bash
 current_branch=''$1''
 target_branch=''$2''
-# comma separated list
-platform_owners_overlays="mgmt"
+# number of app waves in the environments directory
+environment_waves="4"
 
 # check to see if current branch variable was passed through, if not prompt for it
 if [[ ${current_branch} == "" ]]
@@ -22,10 +22,6 @@ if [[ ${target_branch} == "" ]]
 fi
 
 # sed commands to replace target_branch variable
-for i in $(echo ${platform_owners_overlays} | sed "s/,/ /g"); do
-  sed -i '' -e 's/'${current_branch}'/'${target_branch}'/g' ../platform-owners/$i/$i-apps.yaml
-  sed -i '' -e 's/'${current_branch}'/'${target_branch}'/g' ../platform-owners/$i/$i-cluster-config.yaml
-  sed -i '' -e 's/'${current_branch}'/'${target_branch}'/g' ../platform-owners/$i/$i-infra.yaml
-  sed -i '' -e 's/'${current_branch}'/'${target_branch}'/g' ../platform-owners/$i/$i-mesh-config.yaml
-done
-
+for i in $(seq ${environment_waves}); do 
+  sed -i '' -e 's/'${current_branch}'/'${target_branch}'/g' ../environment/wave-${i}/wave-${i}-aoa.yaml; 
+done

tools/replace-github-username.sh

@@ -1,8 +1,8 @@
 # tested on macos
 #!/bin/bash
 github_username=''$1''
-# comma separated list
-platform_owners_overlays="mgmt"
+# number of app waves in the environments directory
+environment_waves="3"
 
 # check to see if github username variable was passed through, if not prompt for key
 if [[ ${github_username} == "" ]]
@@ -13,9 +13,6 @@ if [[ ${github_username} == "" ]]
 fi
 
 # sed commands to replace target_branch variable
-for i in $(echo ${platform_owners_overlays} | sed "s/,/ /g"); do
-  sed -i '' -e 's/ably77/'${github_username}'/g' ../platform-owners/$i/$i-apps.yaml
-  sed -i '' -e 's/ably77/'${github_username}'/g' ../platform-owners/$i/$i-cluster-config.yaml
-  sed -i '' -e 's/ably77/'${github_username}'/g' ../platform-owners/$i/$i-infra.yaml
-  sed -i '' -e 's/ably77/'${github_username}'/g' ../platform-owners/$i/$i-mesh-config.yaml
+for i in $(seq ${environment_waves}); do 
+  sed -i '' -e 's/ably77/'${github_username}'/g' ../environment/wave-${i}/wave-${i}-aoa.yaml; 
 done