Кластеры
Подготовка переменных для авторизации
export CLUSTERNAME=my-cluster
export SH_USERNAME=admin
export SH_PASS="my-password"
export INGRESS="apps.ip-x-x-x-x.shturval.link"
export AUTHENDPOINT="https://auth.$INGRESS"
export BACKENDPOINT="https://back.$INGRESS"
export KUBECONFIG_PATH=/tmp/$CLUSTERNAME.kubeconfig
export COOKIE_PATH=/tmp/cookie
curl -k -v --silent $AUTHENDPOINT/login -c $COOKIE_PATH --data-urlencode "username=$SH_USERNAME" \
--data-urlencode "password=$SH_PASS" &>/dev/null
echo "Got cookie"
code=$(curl -k -b $COOKIE_PATH -v "$AUTHENDPOINT/oauth/authorize?response_type=code&client_id=backend&redirect_uri=localhost/cb" -v 2>&1 | grep -E -o "\<code=[A-Z0-9]+")
echo "Got code"
token=$(curl -k --silent "$AUTHENDPOINT/oauth/token" \
--header 'Content-Type: application/x-www-form-urlencoded' \
-b $COOKIE_PATH \
--data-urlencode 'client_id=backend' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode "$code" \
--data-urlencode "redirect_uri=localhost/cb" | jq -r '.access_token')
echo "Got token"
curl -k --silent "$BACKENDPOINT/api/v1/clusters/$CLUSTERNAME/kubeconfig" -H "Authorization: Bearer $token" -H 'accept: application/json, text/plain, */*' > $KUBECONFIG_PATH
echo "Kubeconfig is ready"
echo "export KUBECONFIG=$KUBECONFIG_PATH"
Получить список кластеров
curl --silent --location --request GET $BACKENDPOINT/api/v1/clusters --header "Authorization: Bearer $TOKEN" | jq -r
В ответе ожидается json такого формата:
{
"items": [
{
"id": "capov",
"clusterName": "capov",
"ingress": "*.apps.ip-10-31-145-222.shturval.link",
"providerType": "capov",
"haType": "ha",
"status": "Provisioned",
"workerCount": 3,
"apiEndpoint": "10.31.145.221:6443",
"networks": [
{
"type": "Service CIDR",
"network": "10.96.0.0/12",
"netmask": ""
},
{
"type": "Pod CIDR",
"network": "172.16.0.0/16",
"netmask": ""
}
]
}
],
"count": 1
}
Создание кластера на провайдере vSphere
export CLUSTERNAME="capvs-new-cluster"
export PROVIDERTEMPLATENAME="capvs-template-name"
curl --silent --location --request POST $BACKENDPOINT/api/v1/platform/providers/clusters/capvs
--header "Authorization: Bearer $TOKEN" | jq -r
--data @<(cat <<EOF
{
"cluster": {
"apiEndpoint": "10.20.30.40",
"clusterName": "$CLUSTERNAME",
"disabledServices": [
"shturval-dashboards",
"shturval-rollouts",
"shturval-cd"
],
"enabledServices": [
"shturval-vip-provider",
"shturval-metrics",
"shturval-node-config-crds",
"shturval-update-crds",
"shturval-scanner-crds",
"shturval-backup-crds",
"shturval-cert-manager",
"shturval-policy-manager",
"shturval-cd-crds",
"shturval-cert-expiration",
"shturval-networking",
"shturval-caching-dns",
"shturval-descheduler",
"shturval-cluster-roles",
"shturval-services",
"shturval-services-crds",
"shturval-node-config",
"shturval-update",
"shturval-policies",
"shturval-cert-manager-crds",
"shturval-log-operator",
"shturval-log-operator-crds",
"shturval-ingress-controller",
"shturval-vip",
"shturval-monitoring-crds",
"shturval-local-csi",
"shturval-scanner",
"shturval-backup"
],
"externalKubeAPILB": false,
"externalingresslb": true,
"haType": "single",
"ingress": "",
"ingressvip": "10.20.30.41",
"kubernetesVersion": "v1.26.5",
"podSubnet": "172.16.0.0/16",
"secure": false,
"serviceSubnet": "10.96.0.0/12"
},
"createdByUser": "string",
"provider": {
"controlplaneNodeConfig": {
"diskGiB": 25,
"memoryMiB": 8192,
"numCPUs": 2
},
"enableCSI": false,
"identityName": "$PROVIDERTEMPLATENAME",
"workerNodeConfig": {
"diskGiB": 25,
"memoryMiB": 8192,
"numCPUs": 2
},
"workersCount": 0,
"workersScale": {
"maxmachines": 10,
"minmachines": 2
}
}
}
При успешном создании провайдера vSphere, в ответе ожидается json такого формата:
{
"apiEndpoint": "10.20.30.40",
"clusterName": "capvs-new-cluster",
"haType": "single",
"id": "XXXXX",
"ingress": "",
"networks": [
{
"netmask": "Service CIDR",
"network": "10.96.0.0/12",
"type": ""
}
],
"providerType": "capvs",
"status": "Provisioned",
"workerCount": 0,
"workerScale": {
"maxmachines": 10,
"minmachines": 2
}
}
Удаление кластера
export CLUSTERNAME=“capvs-new-cluster”
curl –location –request DELETE $BACKENDPOINT/api/v1/clusters/$CLUSTERNAME –header “Authorization: Bearer $TOKEN”