From a0aec9fbc4a355e3c3c25e2eaf4b7b980aa24e0e Mon Sep 17 00:00:00 2001 From: ivanbrennan Date: Sun, 13 May 2018 00:54:50 -0400 Subject: [PATCH] kubernetes: kubectl, minikube, virtualboxHeadless Set the default kubernetes version in minikube: minikube config set kubernetes-version v1.10.3 Configure clusters and credentials: PKI=$HOME/Development/code/SumAll/pki CLUSTERS=( tng-stage tng-prod ) USERNAME=ibrennan mkdir -p $PKI for CLUSTER in ${CLUSTERS[@]}; do CRT=${PKI}/${CLUSTER}-ca.crt lpass show --notes "SumAll kubernetes ${CLUSTER} client ca.crt" > $CRT LPASS=$(lpass show --notes "SumAll kubernetes ${CLUSTER} client config ${USERNAME}") SERVER=$(grep -oP '^server: \K\S+' <<< $LPASS) TOKEN=$(grep -oP '^token: \K\S+' <<< $LPASS) kubectl config set-cluster ${CLUSTER} --server=${SERVER} --certificate-authority=${CRT} --embed-certs=true kubectl config set-credentials ${USERNAME}-${CLUSTER} --token=${TOKEN} kubectl config set-context ${CLUSTER} --cluster=${CLUSTER} --user=${USERNAME}-${CLUSTER} done unset PKI CLUSTERS CLUSTER USERNAME CRT LPASS SERVER TOKEN Initialize cluster resources: RESOURCES=$HOME/Development/code/SumAll/k8s-cluster-resources if [ ! -e $RESOURCES ]; then git clone git@github.com:SumAll/k8s-cluster-resources.git $RESOURCES fi kubectl --context=minikube create -f $RESOURCES/ms-config-dev.yml kubectl --context=minikube create -f $RESOURCES/k8s-generic-pod-user-dev.yml kubectl --context=minikube create -f $RESOURCES/mongo/mongo-dev.yml kubectl --context=minikube create -f $RESOURCES/redis/redis-dev.yml kubectl --context=minikube create -f $RESOURCES/site-proxy/ingress-dev.yaml unset RESOURCES minikube service mongo --url minikube service redis --url Set up tng-workspace: if ! systemctl --quiet is-active openvpn-sumall.service; then systemctl start openvpn-sumall.service fi # `minikube status` is broken: https://github.com/kubernetes/minikube/issues/2743 # `minikube start` is not idempotent: https://github.com/kubernetes/minikube/issues/2646 ps x | grep -q [m]inikube || minikube start WORKSPACE=$HOME/Development/code/SumAll/k8s-workspace if [ ! -e $WORKSPACE ]; then git clone git@github.com:SumAll/k8s-workspace.git $WORKSPACE fi pushd $WORKSPACE >/dev/null export TNG_WORKSPACE=$HOME/Development/code/SumAll/tng-workspace mkdir -p $TNG_WORKSPACE for f in config.sh manage-services.sh setup-serviceyml-configmap.sh; do sed -i '1 s,#!/bin/bash,#!/usr/bin/env bash,' $f done ./manage-services.sh -c setup for f in config.sh manage-services.sh setup-serviceyml-configmap.sh; do sed -i '1 s,#!/usr/bin/env bash,#!/bin/bash,' $f done popd unset WORKSPACE f --- configuration.nix | 9 ++++++++- environment/system-packages.nix | 3 +++ users/default.nix | 1 + 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/configuration.nix b/configuration.nix index f7d9cc3..0845387 100644 --- a/configuration.nix +++ b/configuration.nix @@ -21,7 +21,14 @@ time.timeZone = "America/New_York"; - virtualisation.docker.enable = true; + virtualisation = { + docker.enable = true; + + virtualbox.host = { + enable = true; + headless = true; + }; + }; nixpkgs.config = { allowUnfree = true; diff --git a/environment/system-packages.nix b/environment/system-packages.nix index a25cb18..e2049d1 100644 --- a/environment/system-packages.nix +++ b/environment/system-packages.nix @@ -27,9 +27,11 @@ with pkgs; [ gnupg highlight jq + kubectl lastpass-cli lshw lsof + minikube mkpasswd nice-backgrounds neovim @@ -50,6 +52,7 @@ with pkgs; [ universal-ctags vim-configured vimPrivatePlugins.haskell-vim + virtualboxHeadless vlc vln weechat diff --git a/users/default.nix b/users/default.nix index b0dd839..cdc25f1 100644 --- a/users/default.nix +++ b/users/default.nix @@ -9,6 +9,7 @@ "docker" "networkmanager" "wheel" + "vboxusers" ]; hashedPassword = "$6$4uOYQEuFA$RqNmGNfQcR6mPK2.jSHPntF43HgN6BJP4nwQANNUbp8ulpquniQNqecgUMVGRBsjBzt2b7gJBhCCedbUYmI/60"; };