Created
May 10, 2018 11:39
-
-
Save arehmandev/e2c0807118ef2a2b2bfbe4f6a8073022 to your computer and use it in GitHub Desktop.
Running Helm and Tillerwith ssl on minikube
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| IFS=$'\n\t' | |
| echo "Cleaning workspace" | |
| ls -1 | grep -v generate.sh | xargs rm -rf | |
| echo "Generating CA" | |
| openssl genrsa -out ./ca.key.pem 4096 | |
| openssl req -key ca.key.pem -new -x509 -days 7300 -sha256 -out ca.cert.pem | |
| echo "Creating keys" | |
| openssl genrsa -out ./tiller.key.pem 4096 | |
| openssl genrsa -out ./helm.key.pem 4096 | |
| echo "Creating cert signing requests" | |
| openssl req -key tiller.key.pem -new -sha256 -out tiller.csr.pem | |
| openssl req -key helm.key.pem -new -sha256 -out helm.csr.pem | |
| echo "Signing certs" | |
| openssl x509 -req -CA ca.cert.pem -CAkey ca.key.pem -CAcreateserial -in tiller.csr.pem -out tiller.cert.pem | |
| openssl x509 -req -CA ca.cert.pem -CAkey ca.key.pem -CAcreateserial -in helm.csr.pem -out helm.cert.pem | |
| echo "Initiating tiller" | |
| kubectl delete service tiller-deploy -n kube-system 2> /dev/null || true | |
| kubectl delete deploy tiller-deploy -n kube-system 2> /dev/null || true | |
| kubectl delete secret tiller-secret -n kube-system 2> /dev/null || true | |
| sleep 10 | |
| helm init --service-account default ---tiller-tls --tiller-tls-cert ./tiller.cert.pem --tiller-tls-key ./tiller.key.pem --tiller-tls-verify --tls-ca-cert ca.cert.pem | |
| echo "Testing client after 15s" | |
| sleep 15 | |
| helm ls --tls --tls-ca-cert ca.cert.pem --tls-cert helm.cert.pem --tls-key helm.key.pem |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment