https://github.com/bitkeks/scs-bootstrap-clusterstacks-openstack

Helper script to bootstrap SCS Cluster Stacks on an OpenStack environment
https://github.com/bitkeks/scs-bootstrap-clusterstacks-openstack

cluster-api-provider-openstack cluster-stacks kubernetes openstack

Last synced: 3 months ago
JSON representation

Helper script to bootstrap SCS Cluster Stacks on an OpenStack environment

• Host: GitHub
• URL: https://github.com/bitkeks/scs-bootstrap-clusterstacks-openstack
• Owner: bitkeks
• License: apache-2.0
• Created: 2024-04-12T13:58:26.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2024-08-21T13:30:33.000Z (9 months ago)
• Last Synced: 2024-08-21T14:54:09.184Z (9 months ago)
• Topics: cluster-api-provider-openstack, cluster-stacks, kubernetes, openstack
• Language: Shell
• Homepage: https://scs.community
• Size: 25.4 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Automated setup script for Cluster Stacks on OpenStack

This script bootstraps Cluster Stacks on OpenStack, namely the SCS gx-scs environment.

Quick-start source: [cluster-stacks/providers/openstack/README.md](https://github.com/SovereignCloudStack/cluster-stacks/blob/6b250211290c181aa3a3c14831b4bcc665b8a811/providers/openstack/README.md).

Run `create_all.sh` with bash or zsh and follow the displayed instructions.

## Pre-requirements

### CLI tools

As stated in the source README, you need the following CLI tools:

* `kind` (works with both Docker and Podman)

* `kubectl`

* `helm`

* `clusterctl`

* `jq`

Additionally, for this script also needed are:

* `python3`

* the python3-yaml library

Go with `envsubst` is not needed here because it is replaced with Python.

### Config files

* `gh-pat`: plain text file that contains your Github PAT as text string

* `clouds.yaml`: credentials from your OpenStack project

## Cleaning up

1. Delete the cluster resource like so (kubectl targets the Cluster Stacks management cluster): `kubectl -n scs-tenant delete cluster cs-cluster`

2. Delete the KinD cluster (run on local machine): `kind delete clusters cluster-stacks-bootstrapper`

## Additional notes

### Quickly generate workload cluster access for someone else

The folder `generate-cert-access` contains a script which let's you generate a new kubeconfig with less privileges than the cluster-admin.

This is very helpful for running tests, experiments or compliance checks.

After you run the bootstrapping script, you have both a Cluster Stacks management cluster as well as the first workload cluster.

Use the workload cluster's kubeconfig via `export KUBECONFIG=xyz`, which makes you the cluster-admin by default and run the script.

The resulting kubeconfig allows for someone else to use `kubectl` with the workload cluster as endpoint, but scoped in a namespace.

### OpenStack CLI client

If you have the OpenStack CLI client installed, you can make use of the `app-cred-*-openrc.sh` file you get from Horizon:

1. `source <(openstack complete)`

2. `source app-cred-*-openrc.sh`

The CLI tool helps with cleaning up OpenStack resources if something went wrong and the UI is too annoying.

Example: Delete all ports in a project, which are marked as `DOWN`:

```shell

openstack port list --long --format value | grep DOWN | awk '{ print $1 }' | xargs -L 1 openstack port delete

```

### Cilium in workload k8s cluster

The networking in the workload clusters is managed by Cilium.

Via kubectl, you can check Cilium state in the workload cluster with: `kubectl -n kube-system exec -ti cilium-4ww5k -- cilium status` (where `-4ww5k` is to be replaced by the pod name).

Of course you can also install the `cilium` CLI binary on your local machine and aim it at the workload cluster as well.