Кластеры

Подготовка переменных для авторизации

export CLUSTERNAME=my-cluster
export SH_USERNAME=admin
export SH_PASS="my-password"
export INGRESS="apps.ip-x-x-x-x.shturval.link"

export AUTHENDPOINT="https://auth.$INGRESS"
export BACKENDPOINT="https://back.$INGRESS"
export KUBECONFIG_PATH=/tmp/$CLUSTERNAME.kubeconfig

export COOKIE_PATH=/tmp/cookie


curl -k -v --silent $AUTHENDPOINT/login -c $COOKIE_PATH --data-urlencode "username=$SH_USERNAME" \
--data-urlencode "password=$SH_PASS" &>/dev/null

echo "Got cookie" 

code=$(curl -k -b $COOKIE_PATH -v "$AUTHENDPOINT/oauth/authorize?response_type=code&client_id=backend&redirect_uri=localhost/cb" -v 2>&1 | grep -E -o "\<code=[A-Z0-9]+")

echo "Got code"

token=$(curl -k --silent "$AUTHENDPOINT/oauth/token" \
--header 'Content-Type: application/x-www-form-urlencoded' \
-b $COOKIE_PATH \
 --data-urlencode 'client_id=backend' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode "$code" \
--data-urlencode "redirect_uri=localhost/cb" | jq -r '.access_token')

echo "Got token"

curl -k --silent "$BACKENDPOINT/api/v1/clusters/$CLUSTERNAME/kubeconfig" -H "Authorization: Bearer $token" -H 'accept: application/json, text/plain, */*' > $KUBECONFIG_PATH

echo "Kubeconfig is ready"
echo "export KUBECONFIG=$KUBECONFIG_PATH"

Получить список кластеров

curl --silent --location --request GET $BACKENDPOINT/api/v1/clusters --header "Authorization: Bearer $TOKEN" | jq -r

В ответе ожидается json такого формата:

{
    "items": [
        {
            "id": "capov",
            "clusterName": "capov",
            "ingress": "*.apps.ip-10-31-145-222.shturval.link",
            "providerType": "capov",
            "haType": "ha",
            "status": "Provisioned",
            "workerCount": 3,
            "apiEndpoint": "10.31.145.221:6443",
            "networks": [
                {
                    "type": "Service CIDR",
                    "network": "10.96.0.0/12",
                    "netmask": ""
                },
                {
                    "type": "Pod CIDR",
                    "network": "172.16.0.0/16",
                    "netmask": ""
                }
            ]
        }
    ],
    "count": 1
}

Создание кластера на провайдере vSphere

export CLUSTERNAME="capvs-new-cluster"
export PROVIDERTEMPLATENAME="capvs-template-name"

curl --silent --location --request POST $BACKENDPOINT/api/v1/platform/providers/clusters/capvs
--header "Authorization: Bearer $TOKEN" | jq -r
--data @<(cat <<EOF
{
  "cluster": {
    "apiEndpoint": "10.20.30.40",
    "clusterName": "$CLUSTERNAME",
    "disabledServices": [
            "shturval-dashboards",
            "shturval-rollouts",
            "shturval-cd"
        ],
        "enabledServices": [
            "shturval-vip-provider",
            "shturval-metrics",
            "shturval-node-config-crds",
            "shturval-update-crds",
            "shturval-scanner-crds",
            "shturval-backup-crds",
            "shturval-cert-manager",
            "shturval-policy-manager",
            "shturval-cd-crds",
            "shturval-cert-expiration",
            "shturval-networking",
            "shturval-caching-dns",
            "shturval-descheduler",
            "shturval-cluster-roles",
            "shturval-services",
            "shturval-services-crds",
            "shturval-node-config",
            "shturval-update",
            "shturval-policies",
            "shturval-cert-manager-crds",
            "shturval-log-operator",
            "shturval-log-operator-crds",
            "shturval-ingress-controller",
            "shturval-vip",
            "shturval-monitoring-crds",
            "shturval-local-csi",
            "shturval-scanner",
            "shturval-backup"
        ],
    "externalKubeAPILB": false,
    "externalingresslb": true,
    "haType": "single",
    "ingress": "",
    "ingressvip": "10.20.30.41",
    "kubernetesVersion": "v1.26.5",
    "podSubnet": "172.16.0.0/16",
    "secure": false,
    "serviceSubnet": "10.96.0.0/12"
  },
  "createdByUser": "string",
  "provider": {
    "controlplaneNodeConfig": {
      "diskGiB": 25,
      "memoryMiB": 8192,
      "numCPUs": 2
    },
    "enableCSI": false,
    "identityName": "$PROVIDERTEMPLATENAME",
    "workerNodeConfig": {
      "diskGiB": 25,
      "memoryMiB": 8192,
      "numCPUs": 2
    },
    "workersCount": 0,
    "workersScale": {
      "maxmachines": 10,
      "minmachines": 2
    }
  }
}

При успешном создании провайдера vSphere, в ответе ожидается json такого формата:

{
  "apiEndpoint": "10.20.30.40",
  "clusterName": "capvs-new-cluster",
  "haType": "single",
  "id": "XXXXX",
  "ingress": "",
  "networks": [
    {
      "netmask": "Service CIDR",
      "network": "10.96.0.0/12",
      "type": ""
    }
  ],
  "providerType": "capvs",
  "status": "Provisioned",
  "workerCount": 0,
  "workerScale": {
    "maxmachines": 10,
    "minmachines": 2
  }
}

Удаление кластера

export CLUSTERNAME=“capvs-new-cluster”

curl –location –request DELETE $BACKENDPOINT/api/v1/clusters/$CLUSTERNAME –header “Authorization: Bearer $TOKEN”