Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#!/bin/bash
# https://news.ycombinator.com/item?id=10736584
set -o errexit -o nounset -o pipefail
# this line enables debugging
set -xv
# create cluster
kind -v 3 create cluster --kubeconfig ~/.kube/kind-kubeconfigs --name clusterapi
cp ~/.kube/kind-kubeconfigs ~/.kube/config
# ~/.aws/credentials looks like this
# [default]
# aws_access_key_id = XXX
# aws_secret_access_key = XXX
export AWS_REGION=us-east-1
# if you want to use the examples generate script, right now it's not working (pr here: https://github.com/kubernetes-sigs/cluster-api-provider-aws/pull/1345)
# also, it's a bit out of date
cd ~/gocode/src/sigs.k8s.io/cluster-api-provider-aws && make clusterawsadm
# follow prerequisites here: https://github.com/kubernetes-sigs/cluster-api-provider-aws/blob/master/docs/prerequisites.md#with-clusterawsadm
cd ~/gocode/src/sigs.k8s.io/cluster-api-provider-aws/bin && ./clusterawsadm alpha bootstrap create-stack
# Output will look like this:
# Attempting to create CloudFormation stack cluster-api-provider-aws-sigs-k8s-io
# Following resources are in the stack:
# Resource |Type |Status
# AWS::IAM::Group |bootstrapper.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# AWS::IAM::InstanceProfile |control-plane.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# AWS::IAM::InstanceProfile |controllers.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# AWS::IAM::InstanceProfile |nodes.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# AWS::IAM::ManagedPolicy |arn:aws:iam::806067863659:policy/control-plane.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# AWS::IAM::ManagedPolicy |arn:aws:iam::806067863659:policy/nodes.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# AWS::IAM::ManagedPolicy |arn:aws:iam::806067863659:policy/controllers.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# AWS::IAM::Role |control-plane.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# AWS::IAM::Role |controllers.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# AWS::IAM::Role |nodes.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# AWS::IAM::User |bootstrapper.cluster-api-provider-aws.sigs.k8s.io |CREATE_COMPLETE
# Create default ssh key-pair
# source: https://github.com/kubernetes-sigs/cluster-api-provider-aws/blob/master/docs/prerequisites.md
aws ssm put-parameter --name "/sigs.k8s.io/cluster-api-provider-aws/ssh-key" \
--type SecureString \
--value "$(aws ec2 create-key-pair --key-name default | jq .KeyMaterial -r)"
# Use the stuff generated in step 1
export AWS_CREDENTIALS=$(aws iam create-access-key --user-name bootstrapper.cluster-api-provider-aws.sigs.k8s.io)
export AWS_ACCESS_KEY_ID=$(echo $AWS_CREDENTIALS | jq .AccessKey.AccessKeyId -r)
export AWS_SECRET_ACCESS_KEY=$(echo $AWS_CREDENTIALS | jq .AccessKey.SecretAccessKey -r)
# generate the yamls
cd ~/gocode/src/sigs.k8s.io/cluster-api-provider-aws/examples && rm -rf _out && ./generate.sh
# NOTE: Ensure that the cert-manager components are running before creating the provider-components, cluster and control-plane.
# WARNING: /Users/bhutwala/gocode/src/sigs.k8s.io/cluster-api-provider-aws/examples/_out/provider-components.yaml includes AWS credentials
# as the note indicates, let's first create the cert-manager components
# this will create 3 deployments in cert-manager namespace and some other goodies (crds, webhooks, etc.)
kubectl apply -f ~/gocode/src/sigs.k8s.io/cluster-api-provider-aws/examples/_out/cert-manager.yaml
# wait
sleep 10
# now, let's create provider-components
# this will create one deployment in capi-system namespace and one deployment in capa-system namespace and some other goodies
kubectl apply -f ~/gocode/src/sigs.k8s.io/cluster-api-provider-aws/examples/_out/provider-components.yaml
# wait
sleep 10
# create a cluster object
kubectl apply -f ~/gocode/src/sigs.k8s.io/cluster-api-provider-aws/examples/_out/cluster.yaml
#look at the logs for any debugging
#kubectl logs -f -n capa-system <CAPA_CONTROLLER_MANAGER_NAME>
# wait
sleep 10
# Now that we’ve created the cluster object, we can create a control plane Machine.
kubectl apply -f ~/gocode/src/sigs.k8s.io/cluster-api-provider-aws/examples/_out/controlplane.yaml
# wait
sleep 10
# get the manager cluster here
kubectl --namespace=default get secret/capi-quickstart-kubeconfig -o json \
| jq -r .data.value \
| base64 --decode \
> ./capi-quickstart.kubeconfig
# useful commands
#aws ec2 create-key-pair --key-name default | jq .KeyMaterial -r
#aws ec2 describe-key-pairs --key-name default
#aws ec2 delete-key-pair --key-name default
#aws iam get-instance-profile --instance-profile-name control-plane.cluster-api-provider-aws.sigs.k8s.io --output json
#aws iam create-instance-profile --instance-profile-name control-plane.cluster-api-provider-aws.sigs.k8s.io
#aws iam delete-instance-profile --instance-profile-name control-plane.cluster-api-provider-aws.sigs.k8s.io
# source: https://github.com/kubernetes-sigs/cluster-api-provider-aws/blob/master/docs/troubleshooting.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment