gistfile1.txt

#! /bin/bash

# requires jsonnet. there's a homebrew package and it's pretty easy to build from source.

set -o nounset
set -o errexit
set -o pipefail

if [[ -z "${K8S_MASTER:-}" ]]; then
  echo "Please set K8S_MASTER before running this" > /dev/stderr
  exit 1
fi

# create the required secrets
export ROOT_CA_FILE="$(ssh ${K8S_MASTER} 'sudo cat /srv/kubernetes/ca.crt')"
export SERVER_KEY="$(ssh ${K8S_MASTER} 'sudo cat /srv/kubernetes/server.key')"

cat << EOF | \
  jsonnet --env ROOT_CA_FILE --env SERVER_KEY - \
  | tee /dev/stderr \
  | kubectl apply -f -

local rootCAFile = std.base64(std.extVar("ROOT_CA_FILE"));
local serverKey = std.base64(std.extVar("SERVER_KEY"));

{
  "apiVersion": "v1",
  "kind": "Secret",
  "metadata": {
    "name": "cm-secrets",
    "namespace": "kube-system",
  },
  "type": "Opaque",
  "data": {
    "root-ca-file": rootCAFile,
    "server-key": serverKey,
  }
}
EOF


# create the components
MANIFEST_URL="https://raw.githubusercontent.com/mikedanese/k8s-on-k8s/master/apps/%s"

MANIFESTS=(
  "controller-manager.deployment.json"
  "controller-manager.svc.json"
  "scheduler.deployment.json"
  "scheduler.svc.json"
)

for manifest in ${MANIFESTS[@]}; do
  url="$(printf \"${MANIFETS_URL}\" \"${manifest}\")"
  kubectl apply -f "${url}"
done

# go shutdown your controller-manager and scheduler.