#!/bin/bash # Copyright 2014 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. set -e # Creates resources from the example, assumed to be run from Kubernetes repo root echo echo "===> Initializing:" if test ! $[which python] { echo "Python is a prerequisite for running this script. Please install Python and try running again." exit 1 } if test ! $[which gcloud] { echo "gcloud is a prerequisite for running this script. Please install gcloud and try running again." exit 1 } global gcloud_instances := $[gcloud compute instances list | grep "\-master] if test -z $gcloud_instances || test -z $(KUBE_GCE_INSTANCE_PREFIX) { echo "This script is only able to supply the necessary serviceaccount key if you are running on Google" echo "Compute Engine using a cluster/kube-up.sh script with KUBE_GCE_INSTANCE_PREFIX set. If this is not" echo "the case, be ready to supply a path to the serviceaccount public key." if test -z $(KUBE_GCE_INSTANCE_PREFIX) { echo "Please provide your KUBE_GCE_INSTANCE_PREFIX now:" read KUBE_GCE_INSTANCE_PREFIX } } export OPENSHIFT_EXAMPLE=$[pwd]/examples/openshift-origin echo Set OPENSHIFT_EXAMPLE=$(OPENSHIFT_EXAMPLE) export OPENSHIFT_CONFIG=$(OPENSHIFT_EXAMPLE)/config echo Set OPENSHIFT_CONFIG=$(OPENSHIFT_CONFIG) mkdir $(OPENSHIFT_CONFIG) echo Made dir $(OPENSHIFT_CONFIG) echo echo "===> Setting up OpenShift-Origin namespace:" kubectl create -f $(OPENSHIFT_EXAMPLE)/openshift-origin-namespace.yaml echo echo "===> Setting up etcd-discovery:" # A token etcd uses to generate unique cluster ID and member ID. Conforms to [a-z0-9]{40} export ETCD_INITIAL_CLUSTER_TOKEN=$[python -c "import string; import random; print(''.join(random.SystemRandom().choice(string.ascii_lowercase + string.digits) for _ in range(40)))] # A unique token used by the discovery service. Conforms to etcd-cluster-[a-z0-9]{5} export ETCD_DISCOVERY_TOKEN=$[python -c "import string; import random; print(\"etcd-cluster-\" + ''.join(random.SystemRandom().choice(string.ascii_lowercase + string.digits) for _ in range(5)))] sed -i.bak -e "s/INSERT_ETCD_INITIAL_CLUSTER_TOKEN/\"$(ETCD_INITIAL_CLUSTER_TOKEN)\"/g" -e "s/INSERT_ETCD_DISCOVERY_TOKEN/\"$(ETCD_DISCOVERY_TOKEN)\"/g" $(OPENSHIFT_EXAMPLE)/etcd-controller.yaml kubectl create -f $(OPENSHIFT_EXAMPLE)/etcd-discovery-controller.yaml --namespace='openshift-origin' kubectl create -f $(OPENSHIFT_EXAMPLE)/etcd-discovery-service.yaml --namespace='openshift-origin' echo echo "===> Setting up etcd:" kubectl create -f $(OPENSHIFT_EXAMPLE)/etcd-controller.yaml --namespace='openshift-origin' kubectl create -f $(OPENSHIFT_EXAMPLE)/etcd-service.yaml --namespace='openshift-origin' echo echo "===> Setting up openshift-origin:" kubectl config view --output=yaml --flatten=true --minify=true > $(OPENSHIFT_CONFIG)/kubeconfig kubectl create -f $(OPENSHIFT_EXAMPLE)/openshift-service.yaml --namespace='openshift-origin' echo export PUBLIC_OPENSHIFT_IP="" echo "===> Waiting for public IP to be set for the OpenShift Service." echo "Mistakes in service setup can cause this to loop infinitely if an" echo "external IP is never set. Ensure that the OpenShift service" echo "is set to use an external load balancer. This process may take" echo "a few minutes. Errors can be found in the log file found at:" echo $(OPENSHIFT_EXAMPLE)/openshift-startup.log echo "" > $(OPENSHIFT_EXAMPLE)/openshift-startup.log while [ ${#PUBLIC_OPENSHIFT_IP} -lt 1 ] { echo -n . sleep 1 do { export PUBLIC_OPENSHIFT_IP=$[kubectl get services openshift --namespace="openshift-origin" --template="{{ index .status.loadBalancer.ingress 0 \"ip\" }}] } >> ${OPENSHIFT_EXAMPLE}/openshift-startup.log 2>&1 if [[ ! ${PUBLIC_OPENSHIFT_IP} =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]] { export PUBLIC_OPENSHIFT_IP="" } } echo echo "Public OpenShift IP set to: $(PUBLIC_OPENSHIFT_IP)" echo echo "===> Configuring OpenShift:" docker run --privileged -v $(OPENSHIFT_CONFIG):/config openshift/origin start master --write-config=/config --kubeconfig=/config/kubeconfig --master=https://localhost:8443 --public-master=https://$(PUBLIC_OPENSHIFT_IP):8443 --etcd=http://etcd:2379 sudo -E chown -R $(USER) $(OPENSHIFT_CONFIG) # The following assumes GCE and that KUBE_GCE_INSTANCE_PREFIX is set export ZONE=$[gcloud compute instances list | grep "$(KUBE_GCE_INSTANCE_PREFIX)\-master" | awk '{print $2}' | head -1] echo "sudo cat /srv/kubernetes/server.key; exit;" | gcloud compute ssh $(KUBE_GCE_INSTANCE_PREFIX)-master --zone $(ZONE) | grep -Ex "(^\-.*\-$|^\S+$)" > $(OPENSHIFT_CONFIG)/serviceaccounts.private.key # The following insertion will fail if indentation changes sed -i -e 's/publicKeyFiles:.*$/publicKeyFiles:/g' -e '/publicKeyFiles:/a \ \ - serviceaccounts.private.key' $(OPENSHIFT_CONFIG)/master-config.yaml docker run -it --privileged -e="KUBECONFIG=/config/admin.kubeconfig" -v $(OPENSHIFT_CONFIG):/config openshift/origin cli secrets new openshift-config /config -o json &> $(OPENSHIFT_EXAMPLE)/secret.json kubectl create -f $(OPENSHIFT_EXAMPLE)/secret.json --namespace='openshift-origin' echo echo "===> Running OpenShift Master:" kubectl create -f $(OPENSHIFT_EXAMPLE)/openshift-controller.yaml --namespace='openshift-origin' echo echo Done. (CommandList children: [ (C {(set)} {(-e)}) (C {(echo)}) (C {(echo)} {(DQ ("===> Initializing:"))}) (If arms: [ (if_arm cond: [ (C {(Lit_Other "[")} {(KW_Bang "!")} { (CommandSubPart command_list: (CommandList children:[(C {(which)} {(python)})]) left_token: spids: [66 70] ) } {(Lit_Other "]")} ) ] action: [ (C {(echo)} { (DQ ( "Python is a prerequisite for running this script. Please install Python and try running again." ) ) } ) (C {(exit)} {(1)}) ] spids: [-1 74] ) ] spids: [-1 88] ) (If arms: [ (if_arm cond: [ (C {(Lit_Other "[")} {(KW_Bang "!")} { (CommandSubPart command_list: (CommandList children:[(C {(which)} {(gcloud)})]) left_token: spids: [97 101] ) } {(Lit_Other "]")} ) ] action: [ (C {(echo)} { (DQ ( "gcloud is a prerequisite for running this script. Please install gcloud and try running again." ) ) } ) (C {(exit)} {(1)}) ] spids: [-1 105] ) ] spids: [-1 119] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:gcloud_instances) op: Equal rhs: { (CommandSubPart command_list: (CommandList children: [ (Pipeline children: [ (C {(gcloud)} {(compute)} {(instances)} {(list)}) (C {(grep)} {(DQ (EscapedLiteralPart token:) (master))}) ] negated: False ) ] ) left_token: spids: [123 140] ) } spids: [122] ) ] spids: [122] ) (If arms: [ (if_arm cond: [ (AndOr children: [ (C {(Lit_Other "[")} {(-z)} {(DQ ($ VSub_Name "$gcloud_instances"))} {(Lit_Other "]")}) (C {(Lit_Other "[")} {(-z)} {(DQ (${ VSub_Name KUBE_GCE_INSTANCE_PREFIX))} {(Lit_Other "]")} ) ] op_id: Op_DPipe ) ] action: [ (C {(echo)} { (DQ ( "This script is only able to supply the necessary serviceaccount key if you are running on Google" ) ) } ) (C {(echo)} { (DQ ( "Compute Engine using a cluster/kube-up.sh script with KUBE_GCE_INSTANCE_PREFIX set. If this is not" ) ) } ) (C {(echo)} {(DQ ("the case, be ready to supply a path to the serviceaccount public key."))}) (If arms: [ (if_arm cond: [ (C {(Lit_Other "[")} {(-z)} {(DQ (${ VSub_Name KUBE_GCE_INSTANCE_PREFIX))} {(Lit_Other "]")} ) ] action: [ (C {(echo)} {(DQ ("Please provide your KUBE_GCE_INSTANCE_PREFIX now:"))}) (C {(read)} {(KUBE_GCE_INSTANCE_PREFIX)}) ] spids: [-1 207] ) ] spids: [-1 222] ) ] spids: [-1 168] ) ] spids: [-1 224] ) (C {(export)} {(Lit_VarLike "OPENSHIFT_EXAMPLE=") (CommandSubPart command_list: (CommandList children:[(C {(pwd)})]) left_token: spids: [230 232] ) (/examples/openshift-origin) } ) (C {(echo)} {(Set)} {(Lit_VarLike "OPENSHIFT_EXAMPLE=") (${ VSub_Name OPENSHIFT_EXAMPLE)}) (C {(export)} {(Lit_VarLike "OPENSHIFT_CONFIG=") (${ VSub_Name OPENSHIFT_EXAMPLE) (/config)}) (C {(echo)} {(Set)} {(Lit_VarLike "OPENSHIFT_CONFIG=") (${ VSub_Name OPENSHIFT_CONFIG)}) (C {(mkdir)} {(${ VSub_Name OPENSHIFT_CONFIG)}) (C {(echo)} {(Made)} {(dir)} {(${ VSub_Name OPENSHIFT_CONFIG)}) (C {(echo)}) (C {(echo)} {(DQ ("===> Setting up OpenShift-Origin namespace:"))}) (C {(kubectl)} {(create)} {(-f)} {(${ VSub_Name OPENSHIFT_EXAMPLE) (/openshift-origin-namespace.yaml)} ) (C {(echo)}) (C {(echo)} {(DQ ("===> Setting up etcd-discovery:"))}) (C {(export)} {(Lit_VarLike "ETCD_INITIAL_CLUSTER_TOKEN=") (CommandSubPart command_list: (CommandList children: [ (C {(python)} {(-c)} { (DQ ( "import string; import random; print(''.join(random.SystemRandom().choice(string.ascii_lowercase + string.digits) for _ in range(40)))" ) ) } ) ] ) left_token: spids: [312 320] ) } ) (C {(export)} {(Lit_VarLike "ETCD_DISCOVERY_TOKEN=") (CommandSubPart command_list: (CommandList children: [ (C {(python)} {(-c)} { (DQ ("import string; import random; print(") (EscapedLiteralPart token:) (etcd-cluster-) (EscapedLiteralPart token:) ( " + ''.join(random.SystemRandom().choice(string.ascii_lowercase + string.digits) for _ in range(5)))" ) ) } ) ] ) left_token: spids: [329 341] ) } ) (C {(sed)} {(-i.bak)} {(-e)} { (DQ (s/INSERT_ETCD_INITIAL_CLUSTER_TOKEN/) (EscapedLiteralPart token:) (${ VSub_Name ETCD_INITIAL_CLUSTER_TOKEN) (EscapedLiteralPart token:) (/g) ) } {(-e)} { (DQ (s/INSERT_ETCD_DISCOVERY_TOKEN/) (EscapedLiteralPart token:) (${ VSub_Name ETCD_DISCOVERY_TOKEN) (EscapedLiteralPart token:) (/g) ) } {(${ VSub_Name OPENSHIFT_EXAMPLE) (/etcd-controller.yaml)} ) (C {(kubectl)} {(create)} {(-f)} {(${ VSub_Name OPENSHIFT_EXAMPLE) (/etcd-discovery-controller.yaml)} {(--namespace) (Lit_Other "=") (SQ )} ) (C {(kubectl)} {(create)} {(-f)} {(${ VSub_Name OPENSHIFT_EXAMPLE) (/etcd-discovery-service.yaml)} {(--namespace) (Lit_Other "=") (SQ )} ) (C {(echo)}) (C {(echo)} {(DQ ("===> Setting up etcd:"))}) (C {(kubectl)} {(create)} {(-f)} {(${ VSub_Name OPENSHIFT_EXAMPLE) (/etcd-controller.yaml)} {(--namespace) (Lit_Other "=") (SQ )} ) (C {(kubectl)} {(create)} {(-f)} {(${ VSub_Name OPENSHIFT_EXAMPLE) (/etcd-service.yaml)} {(--namespace) (Lit_Other "=") (SQ )} ) (C {(echo)}) (C {(echo)} {(DQ ("===> Setting up openshift-origin:"))}) (SimpleCommand words: [ {(kubectl)} {(config)} {(view)} {(--output) (Lit_Other "=") (yaml)} {(--flatten) (Lit_Other "=") (true)} {(--minify) (Lit_Other "=") (true)} ] redirects: [ (Redir op_id: Redir_Great fd: -1 arg_word: {(${ VSub_Name OPENSHIFT_CONFIG) (/kubeconfig)} spids: [481] ) ] ) (C {(kubectl)} {(create)} {(-f)} {(${ VSub_Name OPENSHIFT_EXAMPLE) (/openshift-service.yaml)} {(--namespace) (Lit_Other "=") (SQ )} ) (C {(echo)}) (C {(export)} {(Lit_VarLike "PUBLIC_OPENSHIFT_IP=") (DQ )}) (C {(echo)} {(DQ ("===> Waiting for public IP to be set for the OpenShift Service."))}) (C {(echo)} {(DQ ("Mistakes in service setup can cause this to loop infinitely if an"))}) (C {(echo)} {(DQ ("external IP is never set. Ensure that the OpenShift service"))}) (C {(echo)} {(DQ ("is set to use an external load balancer. This process may take"))}) (C {(echo)} {(DQ ("a few minutes. Errors can be found in the log file found at:"))}) (C {(echo)} {(${ VSub_Name OPENSHIFT_EXAMPLE) (/openshift-startup.log)}) (SimpleCommand words: [{(echo)} {(DQ )}] redirects: [ (Redir op_id: Redir_Great fd: -1 arg_word: {(${ VSub_Name OPENSHIFT_EXAMPLE) (/openshift-startup.log)} spids: [557] ) ] ) (While cond: [ (Sentence child: (C {(Lit_Other "[")} { (BracedVarSub token: prefix_op: VSub_Pound spids: [568 571] ) } {(-lt)} {(1)} {(Lit_Other "]")} ) terminator: ) ] body: (DoGroup children: [ (C {(echo)} {(-n)} {(.)}) (C {(sleep)} {(1)}) (BraceGroup children: [ (C {(export)} {(Lit_VarLike "PUBLIC_OPENSHIFT_IP=") (CommandSubPart command_list: (CommandList children: [ (C {(kubectl)} {(get)} {(services)} {(openshift)} {(--namespace) (Lit_Other "=") (DQ (openshift-origin))} {(--template) (Lit_Other "=") (DQ ("{{ index .status.loadBalancer.ingress 0 ") (EscapedLiteralPart token: ) (ip) (EscapedLiteralPart token:) (" }}") ) } ) ] ) left_token: spids: [601 625] ) } ) ] redirects: [ (Redir op_id: Redir_DGreat fd: -1 arg_word: {(${ VSub_Name OPENSHIFT_EXAMPLE) (/openshift-startup.log)} spids: [630] ) (Redir op_id:Redir_GreatAnd fd:2 arg_word:{(1)} spids:[637]) ] spids: [595] ) (If arms: [ (if_arm cond: [ (Sentence child: (DBracket expr: (LogicalNot child: (BoolBinary op_id: BoolBinary_EqualTilde left: {(${ VSub_Name PUBLIC_OPENSHIFT_IP)} right: {(Lit_Other "^") ("(") (Lit_Other "[") (0-9) (Lit_Other "]") (Lit_LBrace "{") (1) (Lit_Comma ",") (3) (Lit_RBrace "}") (EscapedLiteralPart token:) (")") (Lit_LBrace "{") (3) (Lit_RBrace "}") (Lit_Other "[") (0-9) (Lit_Other "]") (Lit_LBrace "{") (1) (Lit_Comma ",") (3) (Lit_RBrace "}") (Lit_Other "$") } ) ) ) terminator: ) ] action: [(C {(export)} {(Lit_VarLike "PUBLIC_OPENSHIFT_IP=") (DQ )})] spids: [-1 681] ) ] spids: [-1 691] ) ] spids: [580 693] ) ) (C {(echo)}) (C {(echo)} {(DQ ("Public OpenShift IP set to: ") (${ VSub_Name PUBLIC_OPENSHIFT_IP))}) (C {(echo)}) (C {(echo)} {(DQ ("===> Configuring OpenShift:"))}) (C {(docker)} {(run)} {(--privileged)} {(-v)} {(${ VSub_Name OPENSHIFT_CONFIG) (Lit_Other ":") (/config)} {(openshift/origin)} {(start)} {(master)} {(--write-config) (Lit_Other "=") (/config)} {(--kubeconfig) (Lit_Other "=") (/config/kubeconfig)} {(--master) (Lit_Other "=") (https) (Lit_Other ":") (//localhost) (Lit_Other ":") (8443)} {(--public-master) (Lit_Other "=") (https) (Lit_Other ":") (//) (${ VSub_Name PUBLIC_OPENSHIFT_IP) (Lit_Other ":") (8443) } {(--etcd) (Lit_Other "=") (http) (Lit_Other ":") (//etcd) (Lit_Other ":") (2379)} ) (C {(sudo)} {(-E)} {(chown)} {(-R)} {(${ VSub_Name USER)} {(${ VSub_Name OPENSHIFT_CONFIG)}) (C {(export)} {(Lit_VarLike "ZONE=") (CommandSubPart command_list: (CommandList children: [ (Pipeline children: [ (C {(gcloud)} {(compute)} {(instances)} {(list)}) (C {(grep)} { (DQ (${ VSub_Name KUBE_GCE_INSTANCE_PREFIX) (EscapedLiteralPart token:) (master) ) } ) (C {(awk)} {(SQ <"{print $2}">)}) (C {(head)} {(-1)}) ] negated: False ) ] ) left_token: spids: [793 827] ) } ) (Pipeline children: [ (C {(echo)} {(DQ ("sudo cat /srv/kubernetes/server.key; exit;"))}) (C {(gcloud)} {(compute)} {(ssh)} {(${ VSub_Name KUBE_GCE_INSTANCE_PREFIX) (-master)} {(--zone)} {(${ VSub_Name ZONE)} ) (SimpleCommand words: [ {(grep)} {(-Ex)} { (DQ ("(^") (EscapedLiteralPart token:) (".*") (EscapedLiteralPart token:) (Lit_Other "$") ("|^") (EscapedLiteralPart token:) ("+") (Lit_Other "$") (")") ) } ] redirects: [ (Redir op_id: Redir_Great fd: -1 arg_word: {(${ VSub_Name OPENSHIFT_CONFIG) (/serviceaccounts.private.key)} spids: [873] ) ] ) ] negated: False ) (C {(sed)} {(-i)} {(-e)} {(SQ <"s/publicKeyFiles:.*$/publicKeyFiles:/g">)} {(-e)} {(SQ <"/publicKeyFiles:/a \\ \\ - serviceaccounts.private.key">)} {(${ VSub_Name OPENSHIFT_CONFIG) (/master-config.yaml)} ) (Sentence child: (C {(docker)} {(run)} {(-it)} {(--privileged)} {(-e) (Lit_Other "=") (DQ ("KUBECONFIG=/config/admin.kubeconfig"))} {(-v)} {(${ VSub_Name OPENSHIFT_CONFIG) (Lit_Other ":") (/config)} {(openshift/origin)} {(cli)} {(secrets)} {(new)} {(openshift-config)} {(/config)} {(-o)} {(json)} ) terminator: ) (SimpleCommand redirects: [ (Redir op_id: Redir_Great fd: -1 arg_word: {(${ VSub_Name OPENSHIFT_EXAMPLE) (/secret.json)} spids: [944] ) ] ) (C {(kubectl)} {(create)} {(-f)} {(${ VSub_Name OPENSHIFT_EXAMPLE) (/secret.json)} {(--namespace) (Lit_Other "=") (SQ )} ) (C {(echo)}) (C {(echo)} {(DQ ("===> Running OpenShift Master:"))}) (C {(kubectl)} {(create)} {(-f)} {(${ VSub_Name OPENSHIFT_EXAMPLE) (/openshift-controller.yaml)} {(--namespace) (Lit_Other "=") (SQ )} ) (C {(echo)}) (C {(echo)} {(Done.)}) ] )