-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathsetup.sh
executable file
·70 lines (54 loc) · 1.99 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/bin/bash
if [ -z `which kubectl` ]; then
echo "[-] kubectl not found"
exit
fi;
if [ -z `which helm` ]; then
echo "[-] helm not found"
exit
fi;
echo "[+] Installing Helm tiller service"
kubectl apply -f infra/helm-rbac.yaml
helm init --service-account tiller --history-max 200
sleep 30
echo "[+] Fixing helm tiller default security issue for 2.x"
kubectl -n kube-system delete service tiller-deploy
kubectl -n kube-system patch deployment tiller-deploy --patch '
spec:
template:
spec:
containers:
- name: tiller
ports: []
command: ["/tiller"]
args: ["--listen=localhost:44134"]
'
sleep 40
helm version
echo "[+] Deploying nginx ingress using helm"
helm install --namespace kube-system \
--name nginx-ingress stable/nginx-ingress --set rbac.create=true
echo "[+] Installing NATS"
helm install --name nats stable/nats --set auth.enabled=false
echo "[+] In cluster NATS should be accessible at: nats-nats-client.default.svc.cluster.local:4222"
echo "[+] Creating Minio secret"
kubectl create secret generic minio-secret \
--from-literal=accesskey=$(openssl rand -hex 8) \
--from-literal=secretkey=$(openssl rand -hex 16)
echo "[+] Installing Minio"
helm install --name minio --set existingSecret=minio-secret \
--set serviceAccount.create=false stable/minio
echo "[+] Creating common secrets"
kubectl create secret generic common-secrets \
--from-literal=NATS_URL="nats://nats-nats-client.default.svc.cluster.local:4222" \
--from-literal=MINIO_ENDPOINT=minio.default.svc.cluster.local:9000
echo "[+] Deploying API service"
kubectl apply -f infra/deploy-api-service.yml
echo "[+] Deploying Feedback processor"
kubectl apply -f infra/deploy-feedback-processor.yml
echo "[+] Deploying certspotter tool"
kubectl apply -f apps/tools/certspotter/deploy.yml
echo "[+] Deploying appdiscovery tool"
kubectl apply -f apps/tools/appdiscovery/deploy.yml
echo "[+] Deploying mozilla observatory (API) tool"
kubectl apply -f apps/tools/mozilla-observatory-api/deploy.yml