Skip to content

Instantly share code, notes, and snippets.

@mad01

mad01/local-setup.md

Last active May 21, 2024 13:23
Show Gist options
  • Save mad01/7f687b43c72357a0c88bb1b9f45b0f58 to your computer and use it in GitHub Desktop.
Save mad01/7f687b43c72357a0c88bb1b9f45b0f58 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
local-setup.md

Creates a kind cluster named "local-dev", deploys crossplane, deploys a locally built provider-kubernetes

make local-deploy

Stop Crossplane

kubectl -n crossplane-system scale deploy crossplane --replicas=0

Stop provider-kubernetes running inside the cluster

kubectl -n crossplane-system scale deploy provider-kubernetes-provider-kub --replicas=0

Fetch generated certs from cluster

./provider-kubernetes-fetch-certs.sh

Start the provider

export TLS_CLIENT_CERTS_DIR=/tmp/provider-kubernetes/client-certs
export TLS_SERVER_CERTS_DIR=/tmp/provider-kubernetes/server-certs

fix local provider config when running locally with controller

KUBECONFIG=$(kind get kubeconfig --name local-dev | sed -e 's|server:\s*.*$|server: http://localhost:8081|g')
kubectl -n crossplane-system create secret generic cluster-config --from-literal=kubeconfig="${KUBECONFIG}"
kubectl apply -f examples/provider/config.yaml

in a different terminal then the next command run the following for the time you want to talk to the cluster

kubectl proxy --port=8081

start controller

go run cmd/provider/main.go -d
Raw
provider-kubernetes-fetch-certs.sh
#!/usr/bin/env bash
set -aeuo pipefail
#CROSSPLANE_NAMESPACE="crossplane-system"
#PROVIDER_NAME="provider-kubernetes"
CROSSPLANE_NAMESPACE="crossplane-system"
PROVIDER_NAME="provider-kubernetes"
echo "Fetching Provider Kubernetes certs..."
CLIENT_CERTS_DIR="/tmp/provider-kubernetes/client-certs"
SERVER_CERTS_DIR="/tmp/provider-kubernetes/server-certs"
rm -rf "${CLIENT_CERTS_DIR}" && mkdir -p "${CLIENT_CERTS_DIR}"
rm -rf "${SERVER_CERTS_DIR}" && mkdir -p "${SERVER_CERTS_DIR}"
kubectl -n $CROSSPLANE_NAMESPACE get secrets $PROVIDER_NAME-tls-client -o jsonpath='{.data.ca\.crt}' | base64 -D > "${CLIENT_CERTS_DIR}/ca.crt"
kubectl -n $CROSSPLANE_NAMESPACE get secrets $PROVIDER_NAME-tls-client -o jsonpath='{.data.tls\.crt}' | base64 -D > "${CLIENT_CERTS_DIR}/tls.crt"
kubectl -n $CROSSPLANE_NAMESPACE get secrets $PROVIDER_NAME-tls-client -o jsonpath='{.data.tls\.key}' | base64 -D > "${CLIENT_CERTS_DIR}/tls.key"
echo "Fetching Provider Kubernetes client certs...ok!"
kubectl -n $CROSSPLANE_NAMESPACE get secrets $PROVIDER_NAME-tls-server -o jsonpath='{.data.ca\.crt}' | base64 -D > "${SERVER_CERTS_DIR}/ca.crt"
kubectl -n $CROSSPLANE_NAMESPACE get secrets $PROVIDER_NAME-tls-server -o jsonpath='{.data.tls\.crt}' | base64 -D > "${SERVER_CERTS_DIR}/tls.crt"
kubectl -n $CROSSPLANE_NAMESPACE get secrets $PROVIDER_NAME-tls-server -o jsonpath='{.data.tls\.key}' | base64 -D > "${SERVER_CERTS_DIR}/tls.key"
echo "Fetching Provider Kubernetes server certs...ok!"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment