forked from cloudfoundry/cf-k8s-networking
-
Notifications
You must be signed in to change notification settings - Fork 0
/
deploy-istio.sh
executable file
·63 lines (50 loc) · 2.34 KB
/
deploy-istio.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#!/bin/bash
set -euo pipefail
# ENV
: "${KUBECONFIG_CONTEXT:?}"
: "${SHARED_DNS_ZONE_NAME:?}"
: "${DNS_DOMAIN:?}"
: "${GCP_DNS_SERVICE_ACCOUNT_KEY:?}"
: "${GCP_PROJECT_ID:?}"
function install_istio() {
workspace=${PWD}
export KUBECONFIG="${PWD}/kubeconfig/config"
generate_script="${PWD}/cf-k8s-networking/config/istio/generate.sh"
kubectl config use-context ${KUBECONFIG_CONTEXT}
# Install Istio with its dependencies (--dangerous-allow-all-symlink-destinations is required for process substitution on Linux)
# fixed in https://github.com/k14s/ytt/commit/7e1876698b4ea633ac44368168b43f51d55f5645
# removed when ytt is upgraded
ytt --dangerous-allow-all-symlink-destinations \
-f istio.yaml=<("${generate_script}" --set values.grafana.enabled=true) \
| kubectl apply -f -
}
function configure_dns() {
tmp_dir="$(mktemp -d /tmp/deploy-istio.XXXXXXXX)"
service_key_path="${tmp_dir}/gcp.json"
echo "${GCP_DNS_SERVICE_ACCOUNT_KEY}" > "${service_key_path}"
gcloud auth activate-service-account --key-file="${service_key_path}"
gcloud config set project "${GCP_PROJECT_ID}"
echo "Discovering Istio Gateway LB IP"
external_static_ip=""
while [ -z $external_static_ip ]; do
sleep 10
external_static_ip=$(kubectl get services/istio-ingressgateway -n istio-system --output="jsonpath={.status.loadBalancer.ingress[0].ip}")
done
echo "Configuring DNS for external IP: ${external_static_ip}"
gcloud dns record-sets transaction start --zone="${SHARED_DNS_ZONE_NAME}"
gcp_records_json="$( gcloud dns record-sets list --zone "${SHARED_DNS_ZONE_NAME}" --name "*.${DNS_DOMAIN}" --format=json )"
record_count="$( echo "${gcp_records_json}" | jq 'length' )"
if [ "${record_count}" != "0" ]; then
existing_record_ip="$( echo "${gcp_records_json}" | jq -r '.[0].rrdatas | join(" ")' )"
gcloud dns record-sets transaction remove --name "*.${DNS_DOMAIN}" --type=A --zone="${SHARED_DNS_ZONE_NAME}" --ttl=300 "${existing_record_ip}" --verbosity=debug
fi
gcloud dns record-sets transaction add --name "*.${DNS_DOMAIN}" --type=A --zone="${SHARED_DNS_ZONE_NAME}" --ttl=300 "${external_static_ip}" --verbosity=debug
echo "Contents of transaction.yaml:"
cat transaction.yaml
gcloud dns record-sets transaction execute --zone="${SHARED_DNS_ZONE_NAME}" --verbosity=debug
}
function main() {
install_istio
configure_dns
}
main