Last active
January 3, 2020 07:52
-
-
Save halvards/ffd4c0d71f6622bff4a9bfb8043fde89 to your computer and use it in GitHub Desktop.
Create a kind K8s cluster with Knative Serving for development purposes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # Copyright 2020 Google LLC | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| # Disclaimer: This is not an officially supported Google product. | |
| # | |
| # Create a kind cluster with Knative Serving and Istio. | |
| # | |
| # It's a minimal installation in order to keep resource consumption low: | |
| # - use Istio lean (Pilot + Ingress gateway only, no sidecar injection) | |
| # - doesn't install the monitoring component | |
| # - only one replica for each deployment | |
| # - pod resource requests and limits removed | |
| # - HPAs removed, or minReplicas set to 1 | |
| # | |
| # For development only, not for production! | |
| # | |
| # Requires `kind` and `yq`: | |
| # GO111MODULE=on go get sigs.k8s.io/kind@v0.6.1 | |
| # GO111MODULE=on go get github.com/mikefarah/yq/v2@v2.4.1 | |
| # Optionally: | |
| # GO111MODULE=on go get knative.dev/client/cmd/kn@v0.11.0 | |
| set -euf -o pipefail | |
| CLUSTER=${CLUSTER:-knative} | |
| KNATIVE_SERVING_VERSION=${KNATIVE_SERVING_VERSION:-v0.11.1} | |
| ISTIO_VERSION=${ISTIO_VERSION:-1.4.0} | |
| # Create a kind cluster | |
| kind create cluster --name "$CLUSTER" | |
| # Install Istio | |
| kubectl apply -f "https://raw.githubusercontent.com/knative/serving/${KNATIVE_SERVING_VERSION}/third_party/istio-${ISTIO_VERSION}/istio-crds.yaml" | |
| echo Waiting for Istio CRDs to be ready... | |
| until kubectl get crds/gateways.networking.istio.io 2> /dev/null; do sleep 3; done | |
| # The next command uses sed to remove the three HPAs at the end of the manifest. | |
| # That's brittle. Verify that this doesn't break anything when upgrading Istio. | |
| curl -sL "https://raw.githubusercontent.com/knative/serving/${KNATIVE_SERVING_VERSION}/third_party/istio-${ISTIO_VERSION}/istio-lean.yaml" \ | |
| | yq d -d'*' - 'spec.replicas' \ | |
| | yq d -d'*' - 'spec.template.spec.containers[*].resources' \ | |
| | yq d -d'*' - 'spec.minReplicas' \ | |
| | sed '/apiVersion\: autoscaling\/v2beta1/,$d' \ | |
| | kubectl apply -f - | |
| # Install Knative Serving | |
| kubectl apply -f "https://github.com/knative/serving/releases/download/${KNATIVE_SERVING_VERSION}/serving-crds.yaml" | |
| echo Waiting for Knative Serving CRDs to be ready | |
| until kubectl get crds/services.serving.knative.dev 2> /dev/null; do sleep 3; done | |
| curl -sL "https://github.com/knative/serving/releases/download/${KNATIVE_SERVING_VERSION}/serving.yaml" \ | |
| | yq d -d'*' - 'spec.replicas' \ | |
| | yq d -d'*' - 'spec.template.spec.containers[*].resources' \ | |
| | yq d -d'*' - 'spec.minReplicas' \ | |
| | kubectl apply -f - | |
| echo Waiting for the Istio Ingress Gateway deployment to be ready | |
| kubectl -n istio-system rollout status deploy/istio-ingressgateway | |
| echo Waiting for the Knative Serving controller deployment to be ready | |
| kubectl -n knative-serving rollout status deploy/controller | |
| # Reduce queue-proxy logging output so we don't get lots of probe spam in the Skaffold log output | |
| kubectl -n knative-serving patch cm/config-logging -p '{"data": {"loglevel.queueproxy": "warn"}}' | |
| echo | |
| echo '*****************************************************************************' | |
| echo "kind cluster $CLUSTER with Knative Serving $KNATIVE_SERVING_VERSION and Istio v$ISTIO_VERSION is ready." | |
| echo '*****************************************************************************' | |
| echo | |
| echo Pull non-public images from gcr.io: | |
| echo | |
| echo 'SA_EMAIL="$(gcloud iam service-accounts create gcr-pull --format "value(email)")"' | |
| echo 'PROJECT_ID="$(gcloud config list --format="value(core.project)")"' | |
| echo 'gsutil iam ch "serviceAccount:${SA_EMAIL}:objectViewer" "gs://artifacts.${PROJECT_ID}.appspot.com"' | |
| echo 'gcloud iam service-accounts keys create gcr-pull-credentials.json --iam-account "$SA_EMAIL"' | |
| echo 'set +o history' | |
| echo 'kubectl create secret docker-registry gcr-pull \' | |
| echo ' --docker-email="${SA_EMAIL}" \' | |
| echo ' --docker-password="$(cat ./gcr-pull-credentials.json)" \' | |
| echo ' --docker-server=gcr.io \' | |
| echo ' --docker-username=_json_key' | |
| echo 'set -o history' | |
| echo 'kubectl patch sa default -p "{\"imagePullSecrets\": [{\"name\": \"gcr-pull\"}]}"' | |
| echo | |
| echo Deploy a sample service: | |
| echo | |
| echo 'kn service create helloworld --image=gcr.io/knative-samples/simple-api' | |
| echo | |
| echo Set up port forwarding to the Istio ingress gateway: | |
| echo | |
| echo 'kubectl -n istio-system port-forward svc/istio-ingressgateway 8080:80' | |
| echo |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment