Add example for jsonnet in aws.

example/k8s-aws-centos-jsonnet/README.md

@@ -0,0 +1,118 @@
+Kubernetes cluster with CentOS, jsonnet and kubeadm in AWS
+==========================================================
+
+In this guide, we'll demonstrate how to bootstrap a Kubernetes cluster with
+CentOS using [kubeadm]. All resources are defined with [jsonnet].
+
+Step 1
+------
+
+First, please follow the [installation guide] to install `archon-controller`
+locally or into your Kubernetes cluster.
+
+
+Step 2
+------
+
+Create a new namespace for this cluster:
+
+```
+kubectl create namespace aws-centos
+```
+
+Step 3
+------
+
+Fill in your ssh puclic key in `config.libsonnet` which will be
+used for authentication with the server. And create the user resource.
+
+```
+jsonnet -J PATH_TO_KSONNET_LIB -J PATH_TO_ARCHON k8s-user.jsonnet | kubectl create -f - --namespace=aws-centos
+```
+
+Step 4
+------
+
+Create the vpc network and subnet:
+
+```
+jsonnet -J PATH_TO_KSONNET_LIB -J PATH_TO_ARCHON k8s-net.jsonnet | kubectl create -f - --namespace=aws-centos
+```
+
+Step 5
+------
+
+Create a new instance profile named `k8s-master` with content below:
+
+```
+{
+    "Version": "2012-10-17",
+        "Statement": [{
+            "Effect": "Allow",
+            "Action": [
+                "ec2:DescribeInstances",
+                "ec2:AttachVolume",
+                "ec2:DetachVolume",
+                "ec2:DescribeVolumes",
+                "ec2:DescribeSecurityGroups",
+                "ec2:CreateSecurityGroup",
+                "ec2:DeleteSecurityGroup",
+                "ec2:AuthorizeSecurityGroupIngress",
+                "ec2:RevokeSecurityGroupIngress",
+                "ec2:DescribeSubnets",
+                "ec2:CreateTags",
+                "ec2:DescribeRouteTables",
+                "ec2:CreateRoute",
+                "ec2:DeleteRoute",
+                "ec2:ModifyInstanceAttribute",
+                "ecr:GetAuthorizationToken"
+            ],
+            "Resource": [
+                "*"
+            ]
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "elasticloadbalancing:*"
+            ],
+            "Resource": [
+                "*"
+            ]
+        }]
+}
+```
+
+Step 6
+------
+
+Generate a token with `python generate_token.py` and replace `TOKEN` in the `config.libsonnet` file.
+Then create the master with:
+
+```
+jsonnet -J PATH_TO_KSONNET_LIB -J PATH_TO_ARCHON k8s-master.jsonnet | kubectl create -f - --namespace=aws-centos
+```
+
+Step 7
+------
+
+SSH to the server. Wait for the Kubernetes master to boot up. Then install `flannel` into the cluster:
+
+```
+kubeclt apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel-rbac.yml
+kubectl apply -f https://github.com/coreos/flannel/raw/master/Documentation/kube-flannel.yml
+```
+
+Step 8
+------
+
+Replace `MASTER_IP` with the internal ip of the master server in `config.libsonnet`.
+Then create the node with:
+
+```
+jsonnet -J PATH_TO_KSONNET_LIB -J PATH_TO_ARCHON k8s-node.jsonnet | kubectl create -f - --namespace=aws-centos
+```
+
+[installation guide]: https://github.com/kubeup/archon/blob/master/docs/installation_aws.md
+[kubeadm]: https://kubernetes.io/docs/admin/kubeadm/
+[jsonnet]: http://jsonnet.org

example/k8s-aws-centos-jsonnet/archon.libsonnet

@@ -0,0 +1,50 @@
+local archon = import "archon.alpha.1/cloud/aws/centos/archon.libsonnet";
+local config = import "config.libsonnet";
+
+local mixin =  {
+    network+:: {
+        config+:: {
+            region:: config.networkRegion,
+            zone:: config.networkZone,
+            subnet:: config.networkSubnet,
+        }
+    },
+    user+:: {
+        new(name):: super.new(name) + self.mixin.spec.sshAuthorizedKeys(config.sshAuthorizedKeys),
+    },
+    instanceGroup+:: {
+        local file = archon.v1.instance.mixin.spec.filesType,
+        local sysctl = |||
+          - sysctl
+          - -p
+        |||,
+        new(name):: super.new(name) + self.mixin.spec.template.spec.users({name: "k8s-user"}),
+        files+:: {
+            i01fixIptable(config):: file.new() + file.name("fix-iptable") + file.path("/etc/sysctl.d/10-iptable.conf") + file.content("net.bridge.bridge-nf-call-iptables = 1"),
+            i02sysctl(config):: file.new() + file.name("sysctl") + file.path("/config/runcmd/sysctl") + file.content(sysctl),
+        },
+    },
+    master+:: {
+        config+:: {
+            k8s+:: {
+                "token": config.token,
+                "pod-ip-range": config.podIPRange,
+            },
+            networkName:: "k8s-net",
+            instanceProfile:: config.masterInstanceProfile,
+        }
+    },
+    node+:: {
+        config+:: {
+            k8s+:: {
+                "token":: config.token,
+                "master-ip":: config.masterIP,
+            },
+            networkName:: "k8s-net",
+        }
+    },
+};
+
+archon + {
+    v1+:: archon.v1 + mixin,
+}

example/k8s-aws-centos-jsonnet/config.libsonnet

@@ -0,0 +1,10 @@
+{
+    sshAuthorizedKeys:: "YOUR_SSH_KEY",
+    masterInstanceProfile:: "k8s-master",
+    networkRegion:: "us-west-1",
+    networkZone:: "us-west-1a",
+    networkSubnet:: "10.99.0.0/24",
+    token:: "TOKEN",
+    podIPRange:: "10.244.0.0/16",
+    masterIP: "MASTER_IP:6443",
+}

example/k8s-aws-centos-jsonnet/generate_token.py

@@ -0,0 +1,7 @@
+import random
+import string
+
+def token(l):
+    return ''.join(random.choice(string.ascii_lowercase + string.digits) for _ in range(l))
+
+print token(6) + "." + token(16)

example/k8s-aws-centos-jsonnet/k8s-master.jsonnet

@@ -0,0 +1,3 @@
+local archon = import "archon.libsonnet";
+
+archon.v1.master.new("k8s-master")

example/k8s-aws-centos-jsonnet/k8s-net.jsonnet

@@ -0,0 +1,3 @@
+local archon = import "archon.libsonnet";
+
+archon.v1.network.new("k8s-net")

example/k8s-aws-centos-jsonnet/k8s-node.jsonnet

@@ -0,0 +1,3 @@
+local archon = import "archon.libsonnet";
+
+archon.v1.node.new("k8s-node")

example/k8s-aws-centos-jsonnet/k8s-user.jsonnet

@@ -0,0 +1,3 @@
+local archon = import "archon.libsonnet";
+
+archon.v1.user.new("k8s-user")