Add cluster bootstrap script

2024-12-14 11:37:37 +00:00 · 2023-11-26 16:15:46 -08:00 · 2023-11-26 16:15:46 -08:00 · 737eca5b62
commit 737eca5b62
parent 021d366351
1 changed files with 51 additions and 0 deletions
--- a/bin/init
+++ b/bin/init
@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+
+create() { for i in "$@"; do kubectl create -k "result/$i"; done; }
+create_with_ns () {
+  # TODO: fix lib/builders.nix
+  kubectl create -n "$1" -k result/"$2";
+}
+
+kubectl create -f result/namespaces.yaml
+
+create {system,services}/istio-system
+
+# Chart is behind git master
+create services/sidecar-cleaner
+
+create \
+  system/kyverno \
+  system/longhorn-system \
+  system/svc/registry-cache
+
+# Test pods are useless but can't be disabled in-chart
+kubectl delete -n kyverno po --all
+
+create \
+  system/{metallb,gateway}-system \
+  services/svc/gateway
+
+# TODO: patch command for svc/svc-istio:
+# `spec.externalTrafficPolicy="Local"
+
+sops -d system/cert-manager/cert-manager/k8s-intermediate.sops.yaml \
+| kubectl create -f-
+create system/cert-manager
+
+# Catch-22 of k3s caching images in itself still unresolved
+~/src/nixos/manual-shit/set-up-k3s-registries
+do_not_recreate="kyverno|cnpg|kube-prom"
+
+
+# shellcheck disable=SC2046
+create \
+  $(fd . -td --min-depth 2 -d2 system | grep -Ev $do_not_recreate)
+
+create services/kube-system
+
+pg_primary=$(kubectl get -n cnpg-system cluster/postgres -o json \
+            | jq -r .status.currentPrimary)
+zcat /zpool/media/app/bak/cnpg/postgres.gz \
+| kubectl exec -n cnpg-system "$pg_primary" psql
+
+create services