Major change: exposing the Lieutenant API with ngrok, adding support for kind and microk8s

Author: akosma

0_requirements.sh

@@ -7,6 +7,9 @@ trim () {
 	echo -n "$var"
 }
 
+NGROK_VERSION=$(ngrok version)
+echo $NGROK_VERSION
+
 DOCKER_VERSION=$(docker version | grep Version -m 1)
 DOCKER_VERSION=$(trim "$DOCKER_VERSION")
 echo "Docker $DOCKER_VERSION"

1_lieutenant_on_minikube.sh

@@ -34,8 +34,12 @@ echo "===> For Minikube we must delete the default service and re-create it"
 kubectl -n lieutenant delete svc lieutenant-api
 kubectl -n lieutenant expose deployment lieutenant-api --type=NodePort --port=8080
 
-echo "===> Find Lieutenant URL"
-LIEUTENANT_URL=$(minikube service lieutenant-api -n lieutenant --url | sed 's/http:\/\///g' | awk '{split($0,a,":"); print "lieutenant." a[1] ".nip.io:" a[2]}')
+echo "===> Launch ngrok in the background tunneling towards the Lieutenant API"
+setsid ./ngrok.sh >/dev/null 2>&1 < /dev/null &
+sleep 2s
+
+echo "===> Find external Lieutenant URL through the ngrok API"
+LIEUTENANT_URL=$(curl http://localhost:4040/api/tunnels --silent | jq -r '.["tunnels"][0]["public_url"]')
 echo "===> Lieutenant API: $LIEUTENANT_URL"
 # end::demo[]
 
@@ -64,7 +68,7 @@ kubectl -n lieutenant get tenant
 kubectl -n lieutenant get gitrepo
 
 echo "===> Register a Lieutenant Cluster via the API"
-CLUSTER_ID=$(curl -s -H "$LIEUTENANT_AUTH" -H "Content-Type: application/json" -X POST --data "{ \"tenant\": \"${TENANT_ID}\", \"displayName\": \"Minikube cluster\", \"facts\": { \"cloud\": \"local\", \"distribution\": \"k3s\", \"region\": \"local\" }, \"gitRepo\": { \"url\": \"ssh://git@${GITLAB_ENDPOINT}/${GITLAB_USERNAME}/tutorial-cluster-minikube.git\" } }" "http://${LIEUTENANT_URL}/clusters" | jq -r ".id")
+CLUSTER_ID=$(curl -s -H "$LIEUTENANT_AUTH" -H "Content-Type: application/json" -X POST --data "{ \"tenant\": \"${TENANT_ID}\", \"displayName\": \"Minikube cluster\", \"facts\": { \"cloud\": \"local\", \"distribution\": \"k3s\", \"region\": \"local\" }, \"gitRepo\": { \"url\": \"ssh://git@${GITLAB_ENDPOINT}/${GITLAB_USERNAME}/tutorial-cluster-minikube.git\" } }" "${LIEUTENANT_URL}/clusters" | jq -r ".id")
 echo "Cluster ID: $CLUSTER_ID"
 
 echo "===> Retrieve the registered Clusters via API and directly on the cluster"

2_commodore_on_minikube.sh

@@ -19,15 +19,15 @@ fi
 echo "===> OK: commodore defaults forked: $GITHUB_COMMODORE_DEFAULTS"
 
 echo "===> Find Lieutenant URL"
-LIEUTENANT_URL=$(minikube service lieutenant-api -n lieutenant --url | sed 's/http:\/\///g' | awk '{split($0,a,":"); print "http://lieutenant." a[1] ".nip.io:" a[2]} "/"')
+LIEUTENANT_URL=$(curl http://localhost:4040/api/tunnels --silent | jq -r '.["tunnels"][0]["public_url"]')
 check_variable "LIEUTENANT_URL" $LIEUTENANT_URL
 
 echo "===> Find Cluster ID"
-CLUSTER_ID=$(kubectl -n lieutenant get cluster | grep c- | awk 'NR==1{print $1}')
+CLUSTER_ID=$(kubectl --context minikube -n lieutenant get cluster | grep c- | awk 'NR==1{print $1}')
 check_variable "CLUSTER_ID" $CLUSTER_ID
 
 echo "===> Find Lieutenant Token"
-LIEUTENANT_TOKEN=$(kubectl -n lieutenant get secret $(kubectl -n lieutenant get sa api-access-synkickstart -o go-template='{{(index .secrets 0).name}}') -o go-template='{{.data.token | base64decode}}')
+LIEUTENANT_TOKEN=$(kubectl --context minikube -n lieutenant get secret $(kubectl -n lieutenant get sa api-access-synkickstart -o go-template='{{(index .secrets 0).name}}') -o go-template='{{.data.token | base64decode}}')
 
 echo "===> Kickstart Commodore"
 echo "===> IMPORTANT: When prompted enter your SSH key password"

3_steward_on_minikube.sh

@@ -10,7 +10,7 @@ CLUSTER_ID=$(kubectl --context minikube -n lieutenant get cluster | grep Minikub
 check_variable "CLUSTER_ID" $CLUSTER_ID
 
 echo "===> Find Lieutenant URL"
-LIEUTENANT_URL=$(minikube service lieutenant-api -n lieutenant --url | sed 's/http:\/\///g' | awk '{split($0,a,":"); print "http://lieutenant." a[1] ".nip.io:" a[2] }')
+LIEUTENANT_URL=$(curl http://localhost:4040/api/tunnels --silent | jq -r '.["tunnels"][0]["public_url"]')
 check_variable "LIEUTENANT_URL" $LIEUTENANT_URL
 
 echo "===> Find Lieutenant API token"

4_synthesize_on_k3s.sh

@@ -12,11 +12,7 @@ check_variable "LIEUTENANT_TOKEN" $LIEUTENANT_TOKEN
 check_variable "COMMODORE_SSH_PRIVATE_KEY" $COMMODORE_SSH_PRIVATE_KEY
 
 # Launch K3s
-if [[ "$OSTYPE" == "darwin"* ]]; then
-  k3d cluster create projectsyn
-else
-  k3d cluster create projectsyn --network host
-fi
+k3d cluster create projectsyn
 
 wait_for_k3s
 wait_for_traefik

4_synthesize_on_kind.sh

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+source lib/functions.sh
+
+check_variable "GITLAB_TOKEN" $GITLAB_TOKEN
+check_variable "GITLAB_ENDPOINT" $GITLAB_ENDPOINT
+check_variable "GITLAB_USERNAME" $GITLAB_USERNAME
+check_variable "TENANT_ID" $TENANT_ID
+check_variable "LIEUTENANT_URL" $LIEUTENANT_URL
+check_variable "LIEUTENANT_TOKEN" $LIEUTENANT_TOKEN
+check_variable "COMMODORE_SSH_PRIVATE_KEY" $COMMODORE_SSH_PRIVATE_KEY
+
+# Launch kind
+kind create cluster --name projectsyn
+
+LIEUTENANT_AUTH="Authorization: Bearer ${LIEUTENANT_TOKEN}"
+
+echo "===> Register this cluster via the API"
+CLUSTER_ID=$(curl -s -H "$LIEUTENANT_AUTH" -H "Content-Type: application/json" -X POST --data "{ \"tenant\": \"${TENANT_ID}\", \"displayName\": \"Kind cluster\", \"facts\": { \"cloud\": \"local\", \"distribution\": \"k3s\", \"region\": \"local\" }, \"gitRepo\": { \"url\": \"ssh://git@${GITLAB_ENDPOINT}/${GITLAB_USERNAME}/tutorial-cluster-kind.git\" } }" "${LIEUTENANT_URL}/clusters" | jq -r ".id")
+check_variable "CLUSTER_ID" $CLUSTER_ID
+
+echo "===> Kickstart Commodore"
+echo "===> IMPORTANT: When prompted enter your SSH key password"
+kubectl --context minikube -n lieutenant run commodore-shell \
+  --image=docker.io/projectsyn/commodore:v0.2.0 \
+  --env=COMMODORE_API_URL="$LIEUTENANT_URL" \
+  --env=COMMODORE_API_TOKEN="$LIEUTENANT_TOKEN" \
+  --env=COMMODORE_GLOBAL_GIT_BASE="https://github.com/$GITHUB_USERNAME" \
+  --env=SSH_PRIVATE_KEY="$(cat ${COMMODORE_SSH_PRIVATE_KEY})" \
+  --env=CLUSTER_ID="$CLUSTER_ID" \
+  --env=GITLAB_ENDPOINT="$GITLAB_ENDPOINT" \
+  --tty --stdin --restart=Never --rm --wait \
+  --image-pull-policy=Always \
+  --command \
+  -- /usr/local/bin/entrypoint.sh bash -c "ssh-keyscan $GITLAB_ENDPOINT >> /app/.ssh/known_hosts; commodore catalog compile $CLUSTER_ID --push"
+
+echo "===> COMMODORE DONE"
+
+echo "===> Check the validity of the bootstrap token"
+wait_for_token "$CLUSTER_ID"
+
+echo "===> Retrieve the Steward install URL"
+STEWARD_INSTALL=$(curl --header "$LIEUTENANT_AUTH" --silent "${LIEUTENANT_URL}/clusters/${CLUSTER_ID}" | jq -r ".installURL")
+echo "===> Steward install URL: $STEWARD_INSTALL"
+
+echo "===> Install Steward in the local kind cluster"
+kubectl --context kind-projectsyn apply -f "$STEWARD_INSTALL"
+
+echo "===> Check that Steward is running and that Argo CD Pods are appearing"
+kubectl --context kind-projectsyn -n syn get pod
+
+echo ""
+echo "===> STEWARD DONE"

4_synthesize_on_microk8s.sh

@@ -0,0 +1,55 @@
+#!/usr/bin/env bash
+
+source lib/functions.sh
+
+check_variable "GITLAB_TOKEN" $GITLAB_TOKEN
+check_variable "GITLAB_ENDPOINT" $GITLAB_ENDPOINT
+check_variable "GITLAB_USERNAME" $GITLAB_USERNAME
+check_variable "TENANT_ID" $TENANT_ID
+check_variable "LIEUTENANT_URL" $LIEUTENANT_URL
+check_variable "LIEUTENANT_TOKEN" $LIEUTENANT_TOKEN
+check_variable "COMMODORE_SSH_PRIVATE_KEY" $COMMODORE_SSH_PRIVATE_KEY
+
+# Launch microk8s
+microk8s start
+microk8s enable dns
+microk8s status --wait-ready
+
+LIEUTENANT_AUTH="Authorization: Bearer ${LIEUTENANT_TOKEN}"
+
+echo "===> Register this cluster via the API"
+CLUSTER_ID=$(curl -s -H "$LIEUTENANT_AUTH" -H "Content-Type: application/json" -X POST --data "{ \"tenant\": \"${TENANT_ID}\", \"displayName\": \"Microk8s cluster\", \"facts\": { \"cloud\": \"local\", \"distribution\": \"k3s\", \"region\": \"local\" }, \"gitRepo\": { \"url\": \"ssh://git@${GITLAB_ENDPOINT}/${GITLAB_USERNAME}/tutorial-cluster-microk8s.git\" } }" "${LIEUTENANT_URL}/clusters" | jq -r ".id")
+check_variable "CLUSTER_ID" $CLUSTER_ID
+
+echo "===> Kickstart Commodore"
+echo "===> IMPORTANT: When prompted enter your SSH key password"
+kubectl --context minikube -n lieutenant run commodore-shell \
+  --image=docker.io/projectsyn/commodore:v0.2.0 \
+  --env=COMMODORE_API_URL="$LIEUTENANT_URL" \
+  --env=COMMODORE_API_TOKEN="$LIEUTENANT_TOKEN" \
+  --env=COMMODORE_GLOBAL_GIT_BASE="https://github.com/$GITHUB_USERNAME" \
+  --env=SSH_PRIVATE_KEY="$(cat ${COMMODORE_SSH_PRIVATE_KEY})" \
+  --env=CLUSTER_ID="$CLUSTER_ID" \
+  --env=GITLAB_ENDPOINT="$GITLAB_ENDPOINT" \
+  --tty --stdin --restart=Never --rm --wait \
+  --image-pull-policy=Always \
+  --command \
+  -- /usr/local/bin/entrypoint.sh bash -c "ssh-keyscan $GITLAB_ENDPOINT >> /app/.ssh/known_hosts; commodore catalog compile $CLUSTER_ID --push"
+
+echo "===> COMMODORE DONE"
+
+echo "===> Check the validity of the bootstrap token"
+wait_for_token "$CLUSTER_ID"
+
+echo "===> Retrieve the Steward install URL"
+STEWARD_INSTALL=$(curl --header "$LIEUTENANT_AUTH" --silent "${LIEUTENANT_URL}/clusters/${CLUSTER_ID}" | jq -r ".installURL")
+echo "===> Steward install URL: $STEWARD_INSTALL"
+
+echo "===> Install Steward in the local kind cluster"
+microk8s.kubectl apply -f "$STEWARD_INSTALL"
+
+echo "===> Check that Steward is running and that Argo CD Pods are appearing"
+microk8s.kubectl -n syn get pod
+
+echo ""
+echo "===> STEWARD DONE"

5_delete.sh

@@ -23,4 +23,4 @@ kubectl --context minikube -n lieutenant delete cluster "$MINIKUBE_CLUSTER_ID"
 kubectl --context minikube -n lieutenant delete tenant "$TENANT_ID"
 minikube delete
 k3d cluster delete projectsyn
-
+killall ngrok

assets/images/ngrok_inspect.png

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-LIEUTENANT_URL=http://$(minikube service lieutenant-api -n lieutenant --url | sed 's/http:\/\///g' | awk '{split($0,a,":"); print "lieutenant." a[1] ".nip.io:" a[2]}')
+LIEUTENANT_URL=$(curl http://localhost:4040/api/tunnels --silent | jq -r '.["tunnels"][0]["public_url"]')
 export LIEUTENANT_URL
 
 TENANT_ID=$(kubectl --context minikube --namespace lieutenant get tenant | grep t- | awk 'NR==1{print $1}')