#!/usr/bin/env bash set -euo pipefail root=$(git rev-parse --show-toplevel) tools=(talosctl cilium-cli yq helm) cilium_version=1.18.4 flux_version=2.7.5 for tool in "${tools[@]}"; do command -v ${tool} > /dev/null || (echo "Missing: ${tool}" && exit -1) done cluster_name="${1:-}" if [ -z "${cluster_name}" ]; then echo "No cluster name has been specified." exit -1 fi bootstrap_ip="${2:-}" if [ -z "${bootstrap_ip}" ]; then echo "No bootstrap ip has been specified." exit -1 fi TALOSCONFIG=${TALOSCONFIG:-} if [ -z "${TALOSCONFIG}" ]; then echo "TALOSCONFIG is not set, please make sure to run \`. ./rendered/source.sh\` in the metal repository." exit -1 fi if [ ! -f "${TALOSCONFIG}" ]; then echo "File specified in TALOSCONFIG (${TALOSCONFIG}) does not exist, make sure to generate it using \`./rendered/generate_configs.sh\` in the metal repository." fi clusters=($(cat $TALOSCONFIG | yq '.contexts | keys' -o csv | tr ',' ' ')) if [[ ! "${clusters[*]}" =~ "${cluster_name}" ]]; then echo "Cluster '${cluster_name}' does not exist." echo "Available clusters:" for (( i=0; i<${#clusters[@]}; i++ )); do echo -e "\t${clusters[$i]}" done exit -1 fi KUBECONFIG=${KUBECONFIG:-} if [ -z "${KUBECONFIG}" ]; then echo "KUBECONFIG is not set, please make sure to run \`. ./rendered/source.sh\` in the metal repository." exit -1 fi KUBECONFIG=$(echo $KUBECONFIG | tr ':' '\n' | grep ${cluster_name}/kubeconfig) if [ -z "${KUBECONFIG}" ]; then echo "KUBECONFIG does not contain a path for the current cluster, please make sure to run \`. ./rendered/source.sh\` in the metal repository." exit -1 fi vip=$(cat $TALOSCONFIG | yq ".contexts.${cluster_name}.endpoints[0]") if [ "${vip}" = "null" ]; then echo "Failed to get VIP of cluster." exit -1 fi echo -n "Checking connection to ${bootstrap_ip}... " # spellchecker:ignore-next-line if nmap -Pn ${bootstrap_ip} -p 50000 | grep -q 'open'; then echo "[Success]" else echo "[Failure]" exit -1 fi count=0 max_retries=20 # spellchecker:ignore-next-line while ! nmap -Pn ${vip} -p 50000 | grep -q 'open' && [ ${count} -lt ${max_retries} ]; do if [ $count -eq 0 ]; then echo -n "Bootstrapping Kubernetes" fi echo -n "." count=$((count+1)) sleep 5 talosctl --context ${cluster_name} -e ${bootstrap_ip} -n ${bootstrap_ip} bootstrap 2> /dev/null || true done if [ ${count} -ge ${max_retries} ]; then echo " [Failure]" exit -1 elif [ ! $count -eq 0 ]; then echo " [Success]" fi talosctl --context ${cluster_name} -n "${bootstrap_ip}" kubeconfig -f count=0 max_retries=20 while [ -z "$(kubectl get nodes 2> /dev/null)" ]; do if [ $count -eq 0 ]; then echo -n "Waiting for apiserver" fi echo -n "." count=$((count+1)) sleep 15 done if [ ${count} -ge ${max_retries} ]; then echo " [Failure]" exit -1 elif [ ! $count -eq 0 ]; then echo " [Success]" fi cluster_env=$(kubectl get configmaps -n flux-system cluster-variables -o jsonpath={.data.cluster_env}) if ! helm status -n kube-system cilium &> /dev/null; then echo "Installing cilium..." helm repo add cilium https://helm.cilium.io/ > /dev/null helm repo update > /dev/null helm install \ cilium \ cilium/cilium \ --version ${cilium_version} \ --namespace kube-system \ --values ${root}/controllers/cilium/base/values.yaml \ --values ${root}/controllers/cilium/${cluster_env}/values.yaml fi cilium-cli status --wait # echo "Running connectivity test..." # cilium-cli connectivity test --namespace-labels pod-security.kubernetes.io/enforce=privileged echo "Bootstrapping flux..." flux bootstrap git \ --url ssh://git@huizinga.dev/infra/foundation \ --branch=main \ --private-key-file=clusters/${cluster_name}/deploy.key -s \ --path=clusters/${cluster_name} \ --components-extra=source-watcher \ --version v${flux_version}