-
-
Save subinamathew/0f7223dc99076b460ecae2aa6566b65c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function create() { | |
gcloud services enable cloudbilling.googleapis.com | |
gcloud services enable containerregistry.googleapis.com | |
gcloud services enable iam.googleapis.com | |
gcloud services enable compute.googleapis.com | |
gcloud services enable container.googleapis.com | |
gcloud services enable dns.googleapis.com | |
gcloud services enable sqladmin.googleapis.com | |
gcloud iam service-accounts create "${GKE_SA}" --display-name "${GKE_SA}" | |
gcloud projects add-iam-policy-binding "${PROJECT_NAME}" --member serviceAccount:"${GKE_SA_EMAIL}" --role="roles/logging.logWriter" | |
gcloud projects add-iam-policy-binding "${PROJECT_NAME}" --member serviceAccount:"${GKE_SA_EMAIL}" --role="roles/monitoring.metricWriter" | |
gcloud projects add-iam-policy-binding "${PROJECT_NAME}" --member serviceAccount:"${GKE_SA_EMAIL}" --role="roles/container.admin" | |
} | |
function cluster() { | |
gcloud container clusters \ | |
create "${CLUSTER_NAME}" \ | |
--disk-type="pd-ssd" \ | |
--disk-size="100GB" \ | |
--image-type="UBUNTU_CONTAINERD" \ | |
--machine-type="n2d-standard-16" \ | |
--cluster-version="${GKE_VERSION}" \ | |
--zone="${ZONE}" \ | |
--service-account "${GKE_SA_EMAIL}" \ | |
--num-nodes=1 \ | |
--no-enable-basic-auth \ | |
--enable-autoscaling \ | |
--enable-autorepair \ | |
--no-enable-autoupgrade \ | |
--enable-ip-alias \ | |
--enable-network-policy \ | |
--create-subnetwork name="gitpod-${CLUSTER_NAME}" \ | |
--metadata=disable-legacy-endpoints=true \ | |
--scopes="gke-default,https://www.googleapis.com/auth/ndev.clouddns.readwrite" \ | |
--node-labels="gitpod.io/workload_meta=true,gitpod.io/workload_ide=true,gitpod.io/workload_workspace_services=true,gitpod.io/workload_workspace_regular=true,gitpod.io/workload_workspace_headless=true" \ | |
--min-nodes=1 \ | |
--max-nodes=50 \ | |
--addons=HorizontalPodAutoscaling,NodeLocalDNS,NetworkPolicy | |
} | |
function gcc() { | |
gcloud container clusters get-credentials --zone="${ZONE}" "${CLUSTER_NAME}" | |
} | |
function clusterrolebinding() { | |
kubectl create clusterrolebinding cluster-admin-binding \ | |
--clusterrole=cluster-admin \ | |
--user="$(gcloud config get-value core/account)" | |
} | |
function dns() { | |
gcloud iam service-accounts create "${DNS_SA}" --display-name "${DNS_SA}" | |
gcloud projects add-iam-policy-binding "${PROJECT_NAME}" \ | |
--member serviceAccount:"${DNS_SA_EMAIL}" --role="roles/dns.admin" | |
gcloud iam service-accounts keys create --iam-account "${DNS_SA_EMAIL}" \ | |
./dns-credentials.json | |
} | |
function domain() { | |
gcloud dns managed-zones create "${CLUSTER_NAME}" \ | |
--dns-name "${DOMAIN}." \ | |
--description "Automatically managed zone by kubernetes.io/external-dns" | |
} | |
function dns2(){ | |
helm repo add bitnami https://charts.bitnami.com/bitnami | |
helm repo update | |
helm upgrade \ | |
--atomic \ | |
--cleanup-on-fail \ | |
--create-namespace \ | |
--install \ | |
--namespace external-dns \ | |
--reset-values \ | |
--set provider=google \ | |
--set google.project="${PROJECT_NAME}" \ | |
--set logFormat=json \ | |
--set google.serviceAccountSecretKey=dns-credentials.json \ | |
--wait \ | |
external-dns \ | |
bitnami/external-dns | |
} | |
function jqq() { | |
gcloud dns managed-zones describe ${CLUSTER_NAME} --format json | jq '.nameServers' | |
} | |
function certman(){ | |
helm repo add jetstack https://charts.jetstack.io | |
helm repo update | |
helm upgrade \ | |
--atomic \ | |
--cleanup-on-fail \ | |
--create-namespace \ | |
--install \ | |
--namespace cert-manager \ | |
--reset-values \ | |
--set installCRDs=true \ | |
--set 'extraArgs={--dns01-recursive-nameservers-only=true,--dns01-recursive-nameservers=8.8.8.8:53\,1.1.1.1:53}' \ | |
--wait \ | |
cert-manager \ | |
jetstack/cert-manager | |
} | |
function tls(){ | |
kubectl create secret generic "${CLOUD_DNS_SECRET}" \ | |
--namespace=cert-manager \ | |
--from-file=key.json="./dns-credentials.json" | |
chmod 644 *credentials.json | |
} | |
function certman2() { | |
kubectl annotate serviceaccount --namespace=cert-manager cert-manager \ | |
--overwrite "iam.gke.io/gcp-service-account=${DNS_SA_EMAIL}" | |
} | |
function certman3() { | |
kubectl apply -f issuer.yaml | |
} | |
function kots() { | |
curl https://kots.io/install | bash | |
} | |
function kots2 () { | |
kubectl kots install gitpod | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment