Created
September 26, 2022 08:07
-
-
Save adamrushuk/f892a29ad8cbfc900907c9b334cfee4f to your computer and use it in GitHub Desktop.
AKS Periscope Kustomize Deployment Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# AKS Periscope Kustomize Deployment Script | |
# This script will do the following: | |
# - create a SAS token valid for 60 minutes | |
# - deploy AKS Periscope into your cluster | |
# - collect and save logs into the storage account specified | |
# Set some variables for where you want the logs uploaded to: | |
SUBSCRIPTION_NAME='<YOUR SUBSCRIPTION NAME>' | |
STORAGE_ACCOUNT='<YOUR STORAGE ACCOUNT NAME>' | |
BLOB_CONTAINER_NAME='periscope' | |
# https://github.com/Azure/aks-periscope/releases | |
RELEASE_TAG='0.0.11' | |
# https://mcr.microsoft.com/en-us/product/aks/periscope/tags | |
IMAGE_TAG='0.0.11' | |
RUN_ID=$(date -u '+%Y-%m-%dT%H-%M-%SZ') | |
# Create a SAS for the storage account | |
SAS_EXPIRY=$(date -u -d "60 minutes" '+%Y-%m-%dT%H:%MZ') | |
SAS_TOKEN=$(az storage account generate-sas \ | |
--account-name "$STORAGE_ACCOUNT" \ | |
--subscription "$SUBSCRIPTION_NAME" \ | |
--permissions rwdlacup \ | |
--services b \ | |
--resource-types sco \ | |
--expiry "$SAS_EXPIRY" \ | |
-o tsv) | |
# Create a 'kustomization' folder to contain the Periscope resources to be deployed | |
mkdir ./periscope-deploy || echo "folder cannot be created from current path: [$PWD]" | |
# Create a YAML file to override the default deployment behaviour | |
cat <<EOF > ./periscope-deploy/kustomization.yaml | |
resources: | |
- https://github.com/azure/aks-periscope//deployment/base?ref=${RELEASE_TAG} | |
images: | |
- name: periscope-linux | |
newName: mcr.microsoft.com/aks/periscope | |
newTag: ${IMAGE_TAG} | |
- name: periscope-windows | |
newName: mcr.microsoft.com/aks/periscope-win | |
newTag: ${IMAGE_TAG} | |
secretGenerator: | |
- name: azureblob-secret | |
behavior: replace | |
literals: | |
- AZURE_BLOB_ACCOUNT_NAME=${STORAGE_ACCOUNT} | |
- AZURE_BLOB_CONTAINER_NAME=${BLOB_CONTAINER_NAME} | |
- AZURE_BLOB_SAS_KEY=?${SAS_TOKEN} | |
configMapGenerator: | |
- name: diagnostic-config | |
behavior: merge | |
literals: | |
- DIAGNOSTIC_RUN_ID=${RUN_ID} | |
# add toleration to run on system nodes | |
patches: | |
- target: | |
group: apps | |
kind: DaemonSet | |
name: aks-periscope | |
version: v1 | |
patch: |- | |
- op: add | |
path: '/spec/template/spec/tolerations' | |
value: | |
- key: CriticalAddonsOnly | |
operator: Equal | |
value: 'true' | |
effect: NoSchedule | |
EOF | |
# Deploy | |
kubectl apply --kustomize ./periscope-deploy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# AKS Periscope Update Script | |
# This script will do the following: | |
# - create a SAS token valid for 60 minutes | |
# - update the azureblob-secret | |
# - trigger new log collection | |
# - collect and save logs into the storage account specified | |
# Set some variables for where you want the logs uploaded to: | |
SUBSCRIPTION_NAME='<YOUR SUBSCRIPTION NAME>' | |
STORAGE_ACCOUNT='<YOUR STORAGE ACCOUNT NAME>' | |
# Update to start subsequent diagnostic collections | |
# Update SAS token (if expired) | |
SAS_EXPIRY=$(date -u -d "60 minutes" '+%Y-%m-%dT%H:%MZ') | |
SAS_TOKEN=$(az storage account generate-sas \ | |
--account-name "$STORAGE_ACCOUNT" \ | |
--subscription "$SUBSCRIPTION_NAME" \ | |
--permissions rwdlacup \ | |
--services b \ | |
--resource-types sco \ | |
--expiry "$SAS_EXPIRY" \ | |
-o tsv) | |
echo "SAS token is: [$SAS_TOKEN]" | |
# Update secret | |
kubectl patch secret -n aks-periscope azureblob-secret -p="{\"data\":{\"AZURE_BLOB_SAS_KEY\": \"$(echo -n "?$SAS_TOKEN" | base64 -w 0)\"}}" | |
# Update DIAGNOSTIC_RUN_ID to trigger new log collection | |
runId=$(date -u '+%Y-%m-%dT%H-%M-%SZ') | |
kubectl patch configmap -n aks-periscope diagnostic-config -p="{\"data\":{\"DIAGNOSTIC_RUN_ID\": \"$runId\"}}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment