-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathall.sh
executable file
·213 lines (166 loc) · 5.93 KB
/
all.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
#!/bin/bash
createRole() {
aws cloudformation create-stack \
--stack-name eks-service-role \
--template-body file://amazon-eks-service-role.yaml \
--capabilities CAPABILITY_NAMED_IAM
waitCreateStack eks-service-role
}
getStackOutput() {
declare desc=""
declare stack=${1:?required stackName} outputKey=${2:? required outputKey}
aws cloudformation describe-stacks \
--stack-name $stack \
--query 'Stacks[].Outputs[? OutputKey==`'$outputKey'`].OutputValue' \
--out text
}
createCluster() {
aws eks create-cluster \
--name $EKS_CLUSTER_NAME \
--role-arn $EKS_SERVICE_ROLE \
--resources-vpc-config subnetIds=$EKS_SUBNET_IDS,securityGroupIds=$EKS_SECURITY_GROUPS
#wait for "ACTIVE"
echo "---> wait for create cluster: $EKS_CLUSTER_NAME ..."
while ! aws eks describe-cluster --name $EKS_CLUSTER_NAME --query cluster.status --out text | grep -q ACTIVE; do
sleep ${SLEEP:=3}
echo -n .
done
}
createVPC() {
aws cloudformation create-stack \
--stack-name ${VPC_STACK_NAME} \
--template-body file://amazon-eks-vpc-sample.yaml \
--region us-east-1
waitCreateStack ${VPC_STACK_NAME}
}
installAwsEksCli() {
curl -LO https://s3-us-west-2.amazonaws.com/amazon-eks/1.10.3/2018-06-05/eks-2017-11-01.normal.json
mkdir -p $HOME/.aws/models/eks/2017-11-01/
mv eks-2017-11-01.normal.json $HOME/.aws/models/eks/2017-11-01/
aws configure add-model --service-name eks --service-model file://$HOME/.aws/models/eks/2017-11-01/eks-2017-11-01.normal.json
}
createKubeConfig() {
echo "---> installing latest version of kubectl in local dir ..."
curl -LO https://amazon-eks.s3-us-west-2.amazonaws.com/1.10.3/2018-06-05/bin/darwin/amd64/kubectl
chmod +x kubectl
export PATH=$PWD:$PATH
echo "---> creatin kubeconfig file: ~/.kube/config-eks"
cat > ~/.kube/config-eks <<EOF
apiVersion: v1
clusters:
- cluster:
server: ${EKS_ENDPOINT}
certificate-authority-data: ${EKS_CERT}
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: aws
name: aws
current-context: aws
kind: Config
preferences: {}
users:
- name: aws
user:
exec:
apiVersion: client.authentication.k8s.io/v1alpha1
command: heptio-authenticator-aws
args:
- "token"
- "-i"
- "${EKS_CLUSTER_NAME}"
EOF
export KUBECONFIG=$KUBECONFIG:~/.kube/config-eks
}
createWorkers() {
if ! aws ec2 describe-key-pairs --key-names ${WORKER_STACK_NAME}; then
aws ec2 create-key-pair --key-name ${WORKER_STACK_NAME} --query 'KeyMaterial' --output text > $HOME/.ssh/id-eks.pem
chmod 0400 $HOME/.ssh/id-eks.pem
fi
aws cloudformation create-stack \
--stack-name $WORKER_STACK_NAME \
--template-body file://amazon-eks-nodegroup.yaml \
--capabilities CAPABILITY_IAM \
--parameters \
ParameterKey=NodeInstanceType,ParameterValue=${EKS_NODE_TYPE} \
ParameterKey=NodeImageId,ParameterValue=${EKS_WORKER_AMI} \
ParameterKey=NodeGroupName,ParameterValue=${EKS_NODE_GROUP_NAME} \
ParameterKey=NodeAutoScalingGroupMinSize,ParameterValue=${EKS_NODE_MIN} \
ParameterKey=NodeAutoScalingGroupMaxSize,ParameterValue=${EKS_NODE_MAX} \
ParameterKey=ClusterControlPlaneSecurityGroup,ParameterValue=${EKS_SECURITY_GROUPS} \
ParameterKey=ClusterName,ParameterValue=${EKS_CLUSTER_NAME} \
ParameterKey=Subnets,ParameterValue=${EKS_SUBNET_IDS//,/\\,} \
ParameterKey=VpcId,ParameterValue=${EKS_VPC_ID} \
ParameterKey=KeyName,ParameterValue=${WORKER_STACK_NAME}
waitCreateStack ${WORKER_STACK_NAME}
}
authWorkers() {
cat > aws-auth-cm.yaml <<EOF
apiVersion: v1
kind: ConfigMap
metadata:
name: aws-auth
namespace: kube-system
data:
mapRoles: |
- rolearn: ${EKS_INSTANCE_ROLE}
username: system:node:{{EC2PrivateDNSName}}
groups:
- system:bootstrappers
- system:nodes
EOF
kubectl apply -f aws-auth-cm.yaml
}
waitStackState() {
declare desc=""
declare stack=${1:? required stackName} state=${2:? required stackStatePattern}
echo "---> wait for stack delete: ${stack}"
while ! aws cloudformation describe-stacks --stack-name ${stack} --query Stacks[].StackStatus --out text | grep -q "${state}"; do
sleep ${SLEEP:=3}
echo -n .
done
}
waitCreateStack() {
declare stack=${1:? required stackName}
echo "---> wait for stack create: ${stack} ..."
aws cloudformation wait stack-create-complete --stack-name $stack
}
deleteStackWait() {
declare stack=${1:? required stackName}
aws cloudformation delete-stack --stack-name $stack
echo "---> wait for stack delete: ${stack} ..."
aws cloudformation wait stack-delete-complete --stack-name $stack
}
eksCleanup() {
deleteStackWait $WORKER_STACK_NAME
aws eks delete-cluster --name $EKS_CLUSTER_NAME
deleteStackWait $VPC_STACK_NAME
}
eksCreateCluster() {
export AWS_DEFAULT_REGION=us-east-1
export EKS_WORKER_AMI=ami-dea4d5a1
export VPC_STACK_NAME=eks-service-vpc
export WORKER_STACK_NAME=eks-service-worker-nodes
export EKS_CLUSTER_NAME=eks-devel
export EKS_SERVICE_ROLE_NAME=eksServiceRole
export EKS_NODE_GROUP_NAME=eks-worker-group
export EKS_NODE_TYPE=t2.small
export EKS_NODE_MIN=3
export EKS_NODE_MAX=3
if ! aws iam get-role --role-name $EKS_SERVICE_ROLE_NAME > /dev/null ; then
createRole
fi
EKS_SERVICE_ROLE=$(aws iam list-roles --query 'Roles[?contains(RoleName, `eksService`) ].Arn' --out text)
createVPC
EKS_SECURITY_GROUPS=$(getStackOutput $VPC_STACK_NAME SecurityGroups)
EKS_VPC_ID=$(getStackOutput $VPC_STACK_NAME VpcId)
EKS_SUBNET_IDS=$(getStackOutput $VPC_STACK_NAME SubnetIds)
createCluster
EKS_ENDPOINT=$(aws eks describe-cluster --name $EKS_CLUSTER_NAME --query cluster.endpoint)
EKS_CERT=$(aws eks describe-cluster --name $EKS_CLUSTER_NAME --query cluster.certificateAuthority.data)
createWorkers
EKS_INSTANCE_ROLE=$(getStackOutput $WORKER_STACK_NAME NodeInstanceRole)
createKubeConfig
authWorkers
}