def add(ctx): """deploy istio locally using istioctl and the istio operator""" if is_local(): ctx.run("bash tasks/istio_manifest.sh") ctx.run("istioctl operator init && sleep 8") ctx.run("kubectl apply -f istiotools/istio-namespaces.yaml") ctx.run("cat istiotools/istio-manifest.yaml | kubectl apply -f - ")
def init(ctx, localns, localdomain): """deploy locally metrics apis, istio, create specified local namespace and domain ingress""" if is_local(): metrics.add(ctx) istio.add(ctx) namespace.add(ctx, localns) domain.add(ctx, localdomain)
def istio(ctx): """deploy istio locally v1.4.3""" if is_local(): ctx.run("kubectl apply --filename istio/install/kubernetes/namespace.yamlm") ctx.run("kubectl apply --filename templates/kiali-secrets.yaml") ctx.run("istioctl manifest apply --set profile=default --set values.tracing.enabled=true --set telemetry.enabled=true") ctx.run("istioctl manifest apply --set values.kiali.enabled=true --set values.kiali.dashboard.jaegerURL=http://jaeger-query:16686 --set values.kiali.dashboard.grafanaURL=http://grafana:3000")
def rm(ctx): """delete istio""" if is_local(): ctx.run("istioctl manifest generate | kubectl delete -f -") ctx.run("kubectl delete ns istio-system --grace-period=0 --force") ctx.run("kubectl delete ns istio-operator --grace-period=0 --force") ctx.run("kubectl delete ns kiali-operator --grace-period=0 --force")
def rm(ctx, team, domain): """rm local namespace, gateway, and certs""" if is_local(): ctx.run(f"rm local.{domain}.crt local.{domain}.key") ctx.run( f"kubectl delete -n istio-system secret local.{domain}-credential") ctx.run(f"kubectl delete ns {team}-local") ctx.run(f"kubectl delete gateway local-gateway -n istio-system")
def token(ctx): """copy dashboard token to clipboard""" if is_local(): p = run("kubectl -n kubernetes-dashboard describe secret admin-user | awk '{for(i=1;i<=NF;i++) {if($i~/token:/) print $(i+1)}}'", shell=True, stdout=PIPE, encoding='ascii') print(p.stdout) cmd = "echo \"{}\" | pbcopy".format(p.stdout) ctx.run(cmd) print('dashboard token copied to clipboard')
def ls(ctx): """list namespaces, domains, and cert info for local k8s development configuration""" if is_local(): ctx.run("echo NAMESPACE && kubectl get ns | grep 'local' && echo") ctx.run( "echo GATEWAY && kubectl get gateways -n istio-system | grep 'local' && echo" ) ctx.run( "echo CERT && kubectl get secrets -n istio-system | grep 'credential'" )
def reset(ctx): """reset dashboard proxy""" if is_local(): ctx.run('pkill kubectl') p = run("kubectl -n kubernetes-dashboard describe secret admin-user | awk '{for(i=1;i<=NF;i++) {if($i~/token:/) print $(i+1)}}'", shell=True, stdout=PIPE, encoding='ascii') cmd = "echo \"{}\" | pbcopy".format(p.stdout) ctx.run(cmd) print('dashboard token copied to clipboard') dashboard = 'kubectl proxy &' os.system(dashboard) ctx.run("open http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/")
def deploy(ctx, tls=None): """httpbin ingress examples""" if is_local(): ctx.run("kubectl apply -f examples/httpbin/deploy/httpbin-namespace.yaml") ctx.run("kubectl apply -f examples/httpbin/deploy --recursive") if tls: print('using tls') ctx.run('mkcert -cert-file local.httpbin.org.crt -key-file local.httpbin.org.key local.httpbin.org localhost 127.0.0.1 ::1') ctx.run('kubectl create -n istio-system secret tls httpbin-credential --key=local.httpbin.org.key --cert=local.httpbin.org.crt') ctx.run("kubectl apply -f examples/httpbin/tls --recursive") else: ctx.run("kubectl apply -f examples/httpbin/simple --recursive")
def add(ctx): """deploy locally kubernetes dashboard""" if is_local(): ctx.run("kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended.yaml") ctx.run("kubectl apply -f dashboard/dashboard-admin-user.yaml") p = run("kubectl -n kubernetes-dashboard describe secret admin-user | awk '{for(i=1;i<=NF;i++) {if($i~/token:/) print $(i+1)}}'", shell=True, stdout=PIPE, encoding='ascii') cmd = "echo \"{}\" | pbcopy".format(p.stdout) ctx.run(cmd) print('dashboard token copied to clipboard') dashboard = 'kubectl proxy &' os.system(dashboard) ctx.run("open http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/")
def tools(ctx): """deploy prometheus, grafana, jaeger, kiali to local kubernetes""" KIALI_OPERATOR = """ helm install \ --set cr.create=true \ --set cr.namespace=istio-system \ --set spec.auth.strategy=anonymous \ --namespace kiali-operator \ --repo https://kiali.org/helm-charts \ kiali-operator kiali-operator """ if is_local(): ctx.run("kubectl apply --recursive -f istiotools/") ctx.run(KIALI_OPERATOR)
def add(ctx, team, domain): """Create local dev namespace, deploy local gateway, and generate a valid cert for a local CA""" if is_local(): ctx.run( f"mkcert -cert-file local.{domain}.crt -key-file local.{domain}.key local.{domain} \"*.local.{domain}\"" ) ctx.run( f"kubectl create -n istio-system secret tls local.{domain}-credential --key=local.{domain}.key --cert=local.{domain}.crt" ) ctx.run( f"echo '{CREATE_NAMESPACE.format(team)}' | kubectl apply -f - ") ctx.run( f"echo '{CREATE_DOMAIN_GATEWAY.format(domain)}' | kubectl apply -f - " )
def bookinfo(ctx): """Deploy istio bookinfo example. See doc/examples.md for description""" if is_local(): ctx.run("kubectl apply -f bookinfo/namespace.yaml") #--set namespace="local" ctx.run( "kubectl label namespace default istio-injection=enabled --overwrite" ) ctx.run( "kubectl apply -f istio/samples/bookinfo/platform/kube/bookinfo.yaml" ) ctx.run( "kubectl apply -f istio/samples/bookinfo/networking/bookinfo-gateway.yaml" ) ctx.run( "export INGRESS_HOST=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].ip}')" ) ctx.run( "export INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name==\"http2\")].port}')" ) ctx.run( "export SECURE_INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name==\"https\")].port}')" )
def metrics(ctx): """local metrics-server v0.3.6, kube-state-metrics api v1.9.3""" if is_local(): ctx.run('kubectl apply -f metrics/ --recursive')
def buildkite(ctx): """deploy standard buildkite agent""" if is_local(): ctx.run("kubectl delete secret buildkite-secret --ignore-not-found") ctx.run("kubectl create secret generic buildkite-secret --from-literal=buildkite-agent-token=$BUILDKITE_AGENT_TOKEN") ctx.run("kubectl apply --filename buildkite --recursive")
def dash(ctx): """local kubernetes dashboard v2.0.0-rc2""" if is_local(): ctx.run("kubectl apply -f dashboard/dashboard-namespace.yaml") ctx.run('kubectl apply -f dashboard/ --recursive')
def bench(ctx): """Display results from kube-bench run against local cluster""" if is_local(): ctx.run('bash tasks/kube-bench.sh')
def init(ctx, ns, localdomain): """deploy locally metrics-server api v0.4.1, kube-state-metrics api v1.9.7""" if is_local(): metrics.add(ctx) istio.add(ctx) domain.add(ns, localdomain)
def rm(ctx): """httpbin ingress examples""" if is_local(): ctx.run("kubectl delete ns httpbin-local --grace-period=0 --force") ctx.run("kubectl delete secret -n istio-system httpbin-credential")
def reset(ctx): """Delete and restart minikube and local registry""" if is_local(): rm(ctx) start(ctx)
def rm(ctx): """delete current minikube vm instance and stop local registry""" if is_local(): ctx.run('docker stop registry-fwd') ctx.run('minikube delete')
def dash(ctx): """delete kubernetes dashboard""" if is_local(): ctx.run('kubectl delete -f dashboard/ --recursive')
def rm(ctx): """delete dashboard""" if is_local(): ctx.run('pkill kubectl') ctx.run("kubectl delete ns kubernetes-dashboard --grace-period=0 --force")
def rm(ctx): """delete metrics apis""" if is_local(): ctx.run('kubectl delete -f metrics/ --recursive')
def off(ctx): """kill all port-forwarders""" if is_local(): ctx.run('pkill kubectl')
def bookinfo(ctx): if is_local(): ctx.run("istio/samples/bookinfo/platform/kube/cleanup.sh")
def add(ctx): """deploy locally metrics-server and kube-state-metrics apis""" if is_local(): ctx.run('kubectl apply -f metrics/metrics-server --recursive') ctx.run('bash tasks/install_ksm.sh')
def deploy(ctx): if is_local(): ctx.run("kubectl delete -f bookinfo --recursive")
def cluster(ctx): """test health of metrics-server""" if is_local(): ctx.run("inspec exec test/metrics-server.rb") ctx.run("inspec exec test/kube-state-metrics.rb")
def istio(ctx): """delete istio""" if is_local(): ctx.run( "istioctl manifest generate --set profile=default --set telemetry.enabled=true | kubectl delete -f -" )