From 1889cf39d4995e254ee56ef921e5ff91c776bb9f Mon Sep 17 00:00:00 2001 From: Taekyu Date: Wed, 16 Nov 2022 15:49:41 +0900 Subject: [PATCH] feature. add workflow for import cluster --- tks-cluster/import-usercluster-wftpl.yaml | 236 ++++++++++++++++++++++ 1 file changed, 236 insertions(+) create mode 100644 tks-cluster/import-usercluster-wftpl.yaml diff --git a/tks-cluster/import-usercluster-wftpl.yaml b/tks-cluster/import-usercluster-wftpl.yaml new file mode 100644 index 00000000..4616c5cd --- /dev/null +++ b/tks-cluster/import-usercluster-wftpl.yaml @@ -0,0 +1,236 @@ +apiVersion: argoproj.io/v1alpha1 +kind: WorkflowTemplate +metadata: + name: import-tks-usercluster + namespace: argo +spec: + entrypoint: deploy + arguments: + parameters: + - name: contract_id + value: "P0010010a" + - name: cluster_id + value: "C011b88fa" + - name: kubeconfig + value: "KUBECONFIG_string" + - name: template_name + value: "aws-reference" + - name: git_base_url + value: "github.com" + - name: git_account + value: "tks-management" + + volumes: + - name: kubeconfig-adm + secret: + secretName: tks-admin-kubeconfig-secret + - name: artifacts + configMap: + name: aws-artifacts + defaultMode: 0555 + - name: tks-proto-vol + configMap: + name: tks-proto + - name: awsconfig + secret: + secretName: awsconfig-secret + + templates: + - name: deploy + steps: + - - name: create-cluster-repo + template: create-cluster-repo + arguments: + parameters: + - name: git_base_url + value: "{{ workflow.parameters.git_base_url }}" + + - - name: import-cluster + template: import-cluster + arguments: + parameters: + - name: cluster_id + value: "{{ workflow.parameters.cluster_id }}" + - name: kubeconfig + value: "{{ workflow.parameters.kubeconfig }}" + + - - name: init-cluster-for-tks + template: init-cluster-for-tks + arguments: + parameters: + - name: cluster_id + value: "{{ workflow.parameters.cluster_id }}" + + + ####################### + # Template Definition # + ####################### + - name: create-cluster-repo + activeDeadlineSeconds: 300 + inputs: + parameters: + - name: git_base_url + container: + name: 'createClusterRepo' + image: ghcr.io/sktelecom/ghcli-alpine:2.0.0 + imagePullPolicy: IfNotPresent + command: + - /bin/bash + - -ecx + - | + TOKEN=$(echo -n $TOKEN) + curl -X POST -H "content-type: application/json" -H "Authorization: token ${TOKEN}" --data '{"name": "'${CLUSTER_ID}'"}' https://${GIT_BASE_URL}/api/v1/user/repos + curl -X POST -H "content-type: application/json" -H "Authorization: token ${TOKEN}" --data '{"name": "'$CLUSTER_ID'-manifests"}' https://${GIT_BASE_URL}/api/v1/user/repos + + git clone https://$(echo -n $TOKEN)@${GIT_BASE_URL}/${USERNAME}/${CONTRACT_ID}.git + git clone https://$(echo -n $TOKEN)@${GIT_BASE_URL}/${USERNAME}/${CLUSTER_ID}.git + git clone https://$(echo -n $TOKEN)@${GIT_BASE_URL}/${USERNAME}/${CLUSTER_ID}-manifests.git + + cd ${CONTRACT_ID} + CONTRACT_COMMIT_ID=$(git rev-parse HEAD) + mkdir ${CLUSTER_ID} + cd .. + + cp -r ${CONTRACT_ID}/${TEMPLATE_NAME} ${CLUSTER_ID}/${CLUSTER_ID} + cp -r ${CONTRACT_ID}/_github ${CLUSTER_ID}/.github + + ## Replace site-values with fetched params ## + sed -i "s/clusterName:\ cluster.local/clusterName:\ $CLUSTER_ID/g" $CLUSTER_ID/$CLUSTER_ID/tks-cluster/site-values.yaml + + echo "Contract ID: "${CONTRACT_ID} > ${CLUSTER_ID}/META + echo "Contract Repo Commit: "${CONTRACT_COMMIT_ID} >> ${CLUSTER_ID}/META + echo "Template Name: "${TEMPLATE_NAME} >> ${CLUSTER_ID}/META + + git config --global user.email "taco_support@sk.com" + git config --global user.name "SKTelecom TACO" + + cd ${CLUSTER_ID} + git init + git checkout -b main + git add .github + git add * + git commit -m "add new ${CLUSTER_ID} site" + git push -u origin main + cd .. + + cd ${CLUSTER_ID}-manifests + git init + git checkout -b main + touch README + git add README + git commit -m "add new ${CLUSTER_ID} site" + git push -u origin main + cd .. + + envFrom: + - secretRef: + name: "github-tks-mgmt-token" + env: + - name: CONTRACT_ID + value: "{{workflow.parameters.contract_id}}" + - name: CLUSTER_ID + value: "{{workflow.parameters.cluster_id}}" + - name: TEMPLATE_NAME + value: "{{workflow.parameters.template_name}}" + - name: GIT_BASE_URL + value: "{{inputs.parameters.git_base_url}}" + + - name: import-cluster + inputs: + parameters: + - name: cluster_id + - name: kubeconfig + container: + name: cluster-init + image: ghcr.io/openinfradev/python_kubectl_argo:v1.1.0 + command: + - /bin/bash + - '-exc' + - | + cp /kube/value kubeconfig_adm + export KUBECONFIG=kubeconfig_adm + + echo $KUBECONFIG_IMPORT | base64 -d | tee kubeconfig_$CLUSTER_ID + + kubectl --kubeconfig kubeconfig_$CLUSTER_ID get node | grep -v NAME + if [[ $? != 0 ]]; then + echo "ERROR - invalid kubernetes nodes" + exit 1 + fi + + cat < $CLUSTER_ID_namespace.yaml + apiVersion: v1 + kind: Namespace + metadata: + labels: + name: $CLUSTER_ID + name: $CLUSTER_ID + EOF + kubectl apply -f $CLUSTER_ID_namespace.yaml + + kubectl create secret generic $CLUSTER_ID-kubeconfig -n $CLUSTER_ID --from-file=value=kubeconfig_$CLUSTER_ID + + volumeMounts: + - name: kubeconfig-adm + mountPath: "/kube" + env: + - name: CLUSTER_ID + value: "{{ inputs.parameters.cluster_id }}" + - name: KUBECONFIG_IMPORT + value: "{{ inputs.parameters.kubeconfig}}" + + - name: init-cluster-for-tks + inputs: + parameters: + - name: cluster_id + container: + name: cluster-init + image: ghcr.io/openinfradev/python_kubectl_argo:v1.1.0 + command: + - /bin/bash + - '-exc' + - | + cp /kube/value kubeconfig_adm + export KUBECONFIG=kubeconfig_adm + + KUBECONFIG_WORKLOAD=$(kubectl get secret -n $CLUSTER_ID $CLUSTER_ID-kubeconfig -o jsonpath="{.data.value}" | base64 -d) + cat <<< "$KUBECONFIG_WORKLOAD" > kubeconfig_workload + + kubectl --kubeconfig=kubeconfig_workload label node --all taco-lma=enabled taco-ingress-gateway=enabled taco-egress-gateway=enabled servicemesh=enabled --overwrite + + export KUBECONFIG=kubeconfig_workload + cat < taco-system.yaml + apiVersion: v1 + kind: Namespace + metadata: + labels: + name: taco-system + name: taco-system + EOF + kubectl apply -f taco-system.yaml + + argocd login --insecure --plaintext $ARGO_SERVER --username $ARGO_USERNAME --password $ARGO_PASSWORD + CLUSTER_CONTEXT=$(kubectl config current-context) + + while [ $(kubectl get no | wc -l) == 0 ] + do + echo "Wait for cluster is ready (1s)" + sleep 1 + done + + if [ $(argocd cluster list | grep \ $CLUSTER_ID\ | wc -l ) == 0 ]; then + argocd cluster add $CLUSTER_CONTEXT --name $CLUSTER_ID --upsert + else + echo "Warning: $1 is already registered on argo-cd server. If unintended, it may occure woring operations." + fi + + volumeMounts: + - name: kubeconfig-adm + mountPath: "/kube" + envFrom: + - secretRef: + name: "decapod-argocd-config" + env: + - name: CLUSTER_ID + value: "{{ inputs.parameters.cluster_id }}" +