Skip to content

Instantly share code, notes, and snippets.

@joshuaquek

joshuaquek/.Minikube-scripts

Last active March 15, 2021 08:35
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save joshuaquek/be0b89415d68fe41cffc69ab14d046a5 to your computer and use it in GitHub Desktop.
Save joshuaquek/be0b89415d68fe41cffc69ab14d046a5 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
.Minikube-scripts
Summary: Some useful minikube scripts for an Amazon Linux AMI instance
Raw
1-setup.sh
#!/bin/bash
# Disable SELinux to allow for easier management/access (Ensure that your EC2 is only accessible from your jumpbox or VPN - only 443 and 80 allowed to public internet)
sudo setenforce 0
# Ensure that QuickProx & PM2 are installed
sudo npm install pm2 -g
sudo npm install quickprox -g
# Install Helm
curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get-helm-3 > get_helm.sh
chmod 700 get_helm.sh
./get_helm.sh
Raw
2-startup.sh
#!/bin/bash
# ----- Start Docker Service -----
sudo service docker start
# ----- Start Minikube -----
minikube start --embed-certs --apiserver-ips=10.1.1.136
# ----- Start TCP Reverse Proxy -----
sudo quickprox add 8443 192.168.49.2 8443
Raw
3-purge.sh
#!/bin/bash
minikube delete --all --purge
rm -rf ./.kube
rm -rf ./.minikube
pm2 delete all
Raw
4-setup-crontab.sh
@reboot sudo service docker start
@reboot minikube start --embed-certs --apiserver-ips=10.1.1.136
@reboot sudo quickprox add 8443 192.168.49.2 8443
Raw
5-Konga-installation.sh
#!/bin/bash
git clone https://github.com/pantsel/konga
cd konga/charts/konga/
helm install -f ./values.yaml ../konga --namespace default --wait --generate-name
Raw
6-Minikube-WebUI-dashboard-setup.md

Create Admin User

Create a new file:

nano dashboard-admin.yaml

Add the following content into the file:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

After saving the file, run the following kubectl command to apply the change:

kubectl apply -f dashboard-admin.yaml

Generate the secret token for access:

kubectl get secret -n kubernetes-dashboard $(kubectl get serviceaccount admin-user -n kubernetes-dashboard -o jsonpath="{.secrets[0].name}") -o jsonpath="{.data.token}" | base64 --decode

Create Read-only User

Create a new file:

nano dashboard-read-only.yaml

Add the following content into the file:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: read-only-user
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
  labels:
  name: read-only-clusterrole
  namespace: default
rules:
- apiGroups:
  - ""
  resources: ["*"]
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - extensions
  resources: ["*"]
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - apps
  resources: ["*"]
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: read-only-binding
roleRef:
  kind: ClusterRole
  name: read-only-clusterrole
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: read-only-user
  namespace: kubernetes-dashboard

After saving the file, run the following kubectl command to apply the change:

kubectl apply -f dashboard-read-only.yaml

Generate the secret token for access:

kubectl get secret -n kubernetes-dashboard $(kubectl get serviceaccount read-only-user -n kubernetes-dashboard -o jsonpath="{.secrets[0].name}") -o jsonpath="{.data.token}" | base64 --decode
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment