7a387a87a1
Squashed commit of the following:
commit dedaccffdc1d797b5f23e0004280c2fcc0ecffa9
Merge: 24c3585 f03a267
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Tue Sep 15 17:07:42 2015 -0500
Merge branch 'master' of github.com:kubernetes/kubernetes into enable-ssl
commit 24c358566cc0963fb86dc057db15739f031ba6f6
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Tue Sep 15 16:44:58 2015 -0500
Fixing problems with verify-boilerplate.
commit a64443352c64498255ac98fc0da1a7d8d5934485
Merge: f152794 ee3f662
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Tue Sep 15 15:43:08 2015 -0500
Merge branch 'enable-ssl' of github.com:mbruzek/kubernetes into enable-ssl
Conflicts:
cluster/juju/util.sh
commit f152794502c017ae7d3cff0351d8bf44b7311883
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 14:12:21 2015 -0500
Fixes for problems found in testing.
commit 94effa4827d5f30c60621e9133c4526c187e40b4
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 12:34:37 2015 -0500
Making updates for changes in master branch.
commit a81795b44e57d54b8b4ae486ca6ea8164ac8fc6b
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:39:36 2015 -0500
pep8 fix
commit 53a862caea02c4b35f8cd19b1549fda29e040f12
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:37:31 2015 -0500
Adding diagnostic log messages and reloading nginx.
commit 96411a924fb05e2e58534cce94d9a1e51d7db9af
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:19:31 2015 -0500
Making the check user logic cleaner.
commit a0243b34cdda2f865e559bd4812c5a78ab6f6f05
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:18:04 2015 -0500
Open port 6443 for ssl enablement.
commit e8423614763aa6d650089c735c3dc1893bf73993
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:16:54 2015 -0500
Generating certificates and adding config options.
commit 6570a818e252f2cb156a577094ba987dec834fe1
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:14:56 2015 -0500
Removing the http configuration adding https config.
commit e624bd79f8840b71b141a111bca7c6091b677575
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:13:04 2015 -0500
Changed the distribution nginx config slightly.
commit c497911170268ee75bed53afeb5fa32ff44c82af
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 10:57:17 2015 -0500
Adding the crt and key to the apiserver flags.
commit 6c1e76c5de31eb4d0f800065ce4bc96a82801846
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 10:56:15 2015 -0500
Adding the cert and key configuration parameters.
commit 55da910d473efa0be0af5efccf2336612525986e
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 10:49:46 2015 -0500
Adding a requirements file to install path.py with pip -r
commit 27a39686af89e134268be50ce5e4fc36cffdf2b3
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Fri Aug 21 16:34:56 2015 -0500
Making the install hook idempotent.
commit ee3f66287ba045592f932c3a41aeb8e0167a9235
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 14:12:21 2015 -0500
Fixes for problems found in testing.
commit 3dfdbb0e21d79da66617f7a29e6dd8d977528057
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 12:34:37 2015 -0500
Making updates for changes in master branch.
commit df9c297fe27c63713fc0d7dbd461b2d47133614c
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:39:36 2015 -0500
pep8 fix
commit 645b25d9cc84555ca7af5c75e3f0b1300aaa9f48
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:37:31 2015 -0500
Adding diagnostic log messages and reloading nginx.
commit 57654320bd73dc4dd52d6d56021d40a97c6ed893
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:37:02 2015 -0500
Removing xtrace.
commit a0e8cd98353e7cd411786bc8836fe99a77cde3ba
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:19:31 2015 -0500
Making the check user logic cleaner.
commit 6c6eb7ff02d6dbf66d3175b715e957b00a861525
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:18:04 2015 -0500
Open port 6443 for ssl enablement.
commit 29f18cc95ff96de1a48f72af2cff2e37420a43c7
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:16:54 2015 -0500
Generating certificates and adding config options.
commit c9bdaa499552980153ff263a1ab9b4fa73a0536a
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:14:56 2015 -0500
Removing the http configuration adding https config.
commit ec33e66a159a4b44207353b16741c7fad2e4ee0d
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 11:13:04 2015 -0500
Changed the distribution nginx config slightly.
commit 96dc16879c0dd230569ceb928f9f7bf92ff8ab3f
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 10:57:17 2015 -0500
Adding the crt and key to the apiserver flags.
commit 308799502c0a22f214408395f5efa4821d075374
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 10:56:15 2015 -0500
Adding the cert and key configuration parameters.
commit 7f407a4356de8703ff2f237432084f35910d8abd
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Wed Sep 9 10:49:46 2015 -0500
Adding a requirements file to install path.py with pip -r
commit f800ae1152076758d4db203fdbecf6d945c0e892
Author: Matt Bruzek <matthew.bruzek@canonical.com>
Date: Fri Aug 21 16:34:56 2015 -0500
Making the install hook idempotent.
Resolving verification problems.
183 lines
6.1 KiB
Bash
Executable File
183 lines
6.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Copyright 2015 The Kubernetes Authors All rights reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
|
|
set -o errexit
|
|
set -o nounset
|
|
set -o pipefail
|
|
#set -o xtrace
|
|
|
|
UTIL_SCRIPT=$(readlink -m "${BASH_SOURCE}")
|
|
JUJU_PATH=$(dirname ${UTIL_SCRIPT})
|
|
KUBE_ROOT=$(readlink -m ${JUJU_PATH}/../../)
|
|
# Use the config file specified in $KUBE_CONFIG_FILE, or config-default.sh.
|
|
source "${JUJU_PATH}/${KUBE_CONFIG_FILE-config-default.sh}"
|
|
source ${JUJU_PATH}/prereqs/ubuntu-juju.sh
|
|
export JUJU_REPOSITORY=${JUJU_PATH}/charms
|
|
#KUBE_BUNDLE_URL='https://raw.githubusercontent.com/whitmo/bundle-kubernetes/master/bundles.yaml'
|
|
KUBE_BUNDLE_PATH=${JUJU_PATH}/bundles/local.yaml
|
|
|
|
# Build the binaries on the local system and copy the binaries to the Juju charm.
|
|
function build-local() {
|
|
local targets=(
|
|
cmd/kube-proxy \
|
|
cmd/kube-apiserver \
|
|
cmd/kube-controller-manager \
|
|
cmd/kubelet \
|
|
plugin/cmd/kube-scheduler \
|
|
cmd/kubectl \
|
|
test/e2e/e2e.test \
|
|
)
|
|
# Make a clean environment to avoid compiler errors.
|
|
make clean
|
|
# Build the binaries locally that are used in the charms.
|
|
make all WHAT="${targets[*]}"
|
|
local OUTPUT_DIR=_output/local/bin/linux/amd64
|
|
mkdir -p cluster/juju/charms/trusty/kubernetes-master/files/output
|
|
# Copy the binaries from the output directory to the charm directory.
|
|
cp -v $OUTPUT_DIR/* cluster/juju/charms/trusty/kubernetes-master/files/output
|
|
}
|
|
|
|
function detect-master() {
|
|
local kubestatus
|
|
# Capturing a newline, and my awk-fu was weak - pipe through tr -d
|
|
kubestatus=$(juju status --format=oneline kubernetes-master | grep kubernetes-master/0 | awk '{print $3}' | tr -d "\n")
|
|
export KUBE_MASTER_IP=${kubestatus}
|
|
export KUBE_SERVER=http://${KUBE_MASTER_IP}:8080
|
|
}
|
|
|
|
function detect-minions() {
|
|
# Run the Juju command that gets the minion private IP addresses.
|
|
local ipoutput
|
|
ipoutput=$(juju run --service kubernetes "unit-get private-address" --format=json)
|
|
# [
|
|
# {"MachineId":"2","Stdout":"192.168.122.188\n","UnitId":"kubernetes/0"},
|
|
# {"MachineId":"3","Stdout":"192.168.122.166\n","UnitId":"kubernetes/1"}
|
|
# ]
|
|
|
|
# Strip out the IP addresses
|
|
export KUBE_MINION_IP_ADDRESSES=($(${JUJU_PATH}/return-node-ips.py "${ipoutput}"))
|
|
# echo "Kubernetes minions: " ${KUBE_MINION_IP_ADDRESSES[@]} 1>&2
|
|
export NUM_MINIONS=${#KUBE_MINION_IP_ADDRESSES[@]}
|
|
}
|
|
|
|
function get-password() {
|
|
export KUBE_USER=admin
|
|
# Get the password from the basic-auth.csv file on kubernetes-master.
|
|
export KUBE_PASSWORD=$(juju run --unit kubernetes-master/0 "cat /srv/kubernetes/basic-auth.csv" | grep ${KUBE_USER} | cut -d, -f1)
|
|
}
|
|
|
|
function kube-up() {
|
|
build-local
|
|
if [[ -d "~/.juju/current-env" ]]; then
|
|
juju quickstart -i --no-browser
|
|
else
|
|
juju quickstart --no-browser
|
|
fi
|
|
# The juju-deployer command will deploy the bundle and can be run
|
|
# multiple times to continue deploying the parts that fail.
|
|
juju deployer -c ${KUBE_BUNDLE_PATH}
|
|
|
|
source "${KUBE_ROOT}/cluster/common.sh"
|
|
get-password
|
|
|
|
# Sleep due to juju bug http://pad.lv/1432759
|
|
sleep-status
|
|
detect-master
|
|
detect-minions
|
|
|
|
local prefix=$RANDOM
|
|
export KUBE_CERT="/tmp/${prefix}-kubecfg.crt"
|
|
export KUBE_KEY="/tmp/${prefix}-kubecfg.key"
|
|
export CA_CERT="/tmp/${prefix}-kubecfg.ca"
|
|
export CONTEXT="juju"
|
|
|
|
# Copy the cert and key to this machine.
|
|
(
|
|
umask 077
|
|
juju scp kubernetes-master/0:/srv/kubernetes/apiserver.crt ${KUBE_CERT}
|
|
juju run --unit kubernetes-master/0 'chmod 644 /srv/kubernetes/apiserver.key'
|
|
juju scp kubernetes-master/0:/srv/kubernetes/apiserver.key ${KUBE_KEY}
|
|
juju run --unit kubernetes-master/0 'chmod 600 /srv/kubernetes/apiserver.key'
|
|
cp ${KUBE_CERT} ${CA_CERT}
|
|
|
|
create-kubeconfig
|
|
)
|
|
}
|
|
|
|
function kube-down() {
|
|
local force="${1-}"
|
|
# Remove the binary files from the charm directory.
|
|
rm -rf cluster/juju/charms/trusty/kubernetes-master/files/output/
|
|
local jujuenv
|
|
jujuenv=$(cat ~/.juju/current-environment)
|
|
juju destroy-environment ${jujuenv} ${force} || true
|
|
}
|
|
|
|
function prepare-e2e() {
|
|
echo "prepare-e2e() The Juju provider does not need any preperations for e2e." 1>&2
|
|
}
|
|
|
|
function sleep-status() {
|
|
local i
|
|
local maxtime
|
|
local jujustatus
|
|
i=0
|
|
maxtime=900
|
|
jujustatus=''
|
|
echo "Waiting up to 15 minutes to allow the cluster to come online... wait for it..." 1>&2
|
|
|
|
jujustatus=$(juju status kubernetes-master --format=oneline)
|
|
if [[ $jujustatus == *"started"* ]];
|
|
then
|
|
return
|
|
fi
|
|
|
|
while [[ $i < $maxtime && $jujustatus != *"started"* ]]; do
|
|
sleep 15
|
|
i+=15
|
|
jujustatus=$(juju status kubernetes-master --format=oneline)
|
|
done
|
|
|
|
# sleep because we cannot get the status back of where the minions are in the deploy phase
|
|
# thanks to a generic "started" state and our service not actually coming online until the
|
|
# minions have received the binary from the master distribution hub during relations
|
|
echo "Sleeping an additional minute to allow the cluster to settle" 1>&2
|
|
sleep 60
|
|
}
|
|
|
|
# Execute prior to running tests to build a release if required for environment.
|
|
function test-build-release {
|
|
echo "test-build-release() " 1>&2
|
|
}
|
|
|
|
# Execute prior to running tests to initialize required structure. This is
|
|
# called from hack/e2e.go only when running -up (it is run after kube-up).
|
|
function test-setup {
|
|
echo "test-setup() " 1>&2
|
|
}
|
|
|
|
# Execute after running tests to perform any required clean-up. This is called
|
|
# from hack/e2e.go
|
|
function test-teardown() {
|
|
kube-down "-y"
|
|
}
|
|
|
|
# Verify the prerequisites are statisfied before running.
|
|
function verify-prereqs() {
|
|
gather_installation_reqs
|
|
}
|