forked from hyperledger/fabric-samples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkind.sh
executable file
·216 lines (167 loc) · 6.02 KB
/
kind.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
#!/bin/bash
#
# Copyright IBM Corp All Rights Reserved
#
# SPDX-License-Identifier: Apache-2.0
#
function pull_docker_images() {
push_fn "Pulling docker images for Fabric ${FABRIC_VERSION}"
docker pull ${FABRIC_CONTAINER_REGISTRY}/fabric-ca:$FABRIC_CA_VERSION
docker pull ${FABRIC_CONTAINER_REGISTRY}/fabric-orderer:$FABRIC_VERSION
docker pull ${FABRIC_PEER_IMAGE}
docker pull ${FABRIC_CONTAINER_REGISTRY}/fabric-tools:$FABRIC_VERSION
docker pull ghcr.io/hyperledgendary/fabric-ccaas-asset-transfer-basic:latest
docker pull couchdb:3.2.1
pop_fn
}
function load_docker_images() {
push_fn "Loading docker images to KIND control plane"
kind load docker-image ${FABRIC_CONTAINER_REGISTRY}/fabric-ca:$FABRIC_CA_VERSION
kind load docker-image ${FABRIC_CONTAINER_REGISTRY}/fabric-orderer:$FABRIC_VERSION
kind load docker-image ${FABRIC_PEER_IMAGE}
kind load docker-image ${FABRIC_CONTAINER_REGISTRY}/fabric-tools:$FABRIC_VERSION
kind load docker-image ghcr.io/hyperledgendary/fabric-ccaas-asset-transfer-basic:latest
kind load docker-image couchdb:3.2.1
pop_fn
}
function pull_docker_images_for_rest_sample() {
push_fn "Pulling docker images for fabric-rest-sample"
docker pull ghcr.io/hyperledger/fabric-rest-sample:latest
docker pull redis:6.2.5
pop_fn
}
function load_docker_images_for_rest_sample() {
push_fn "Loading docker images for fabric-rest-sample to KIND control plane"
kind load docker-image ghcr.io/hyperledgendary/fabric-ccaas-asset-transfer-basic:latest
kind load docker-image redis:6.2.5
pop_fn
}
function apply_nginx_ingress() {
push_fn "Launching ingress controller"
# This ingress-nginx.yaml was generated 9/24 from https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
# with modifications for ssl-passthrough required to launch IBP-support with the nginx ingress.
# It may be preferable to always load from the remote mainline?
# kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
kubectl apply -f kube/ingress-nginx.yaml
pop_fn
}
function wait_for_nginx_ingress() {
push_fn "Waiting for ingress controller"
kubectl wait --namespace ingress-nginx \
--for=condition=ready pod \
--selector=app.kubernetes.io/component=controller \
--timeout=90s
pop_fn
}
function apply_cert_manager() {
push_fn "Launching cert-manager"
# Install cert-manager to manage TLS certificates
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.yaml
pop_fn
}
function wait_for_cert_manager() {
push_fn "Waiting for cert-manager"
kubectl -n cert-manager rollout status deploy/cert-manager
kubectl -n cert-manager rollout status deploy/cert-manager-cainjector
kubectl -n cert-manager rollout status deploy/cert-manager-webhook
pop_fn
}
function kind_create() {
push_fn "Creating cluster \"${CLUSTER_NAME}\""
# prevent the next kind cluster from using the previous Fabric network's enrollments.
rm -rf $PWD/build
# todo: always delete? Maybe return no-op if the cluster already exists?
kind delete cluster --name $CLUSTER_NAME
local reg_name=${LOCAL_REGISTRY_NAME}
local reg_port=${LOCAL_REGISTRY_PORT}
local ingress_http_port=${NGINX_HTTP_PORT}
local ingress_https_port=${NGINX_HTTPS_PORT}
# the 'ipvs'proxy mode permits better HA abilities
cat <<EOF | kind create cluster --name $CLUSTER_NAME --config=-
---
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
kubeadmConfigPatches:
- |
kind: InitConfiguration
nodeRegistration:
kubeletExtraArgs:
node-labels: "ingress-ready=true"
extraPortMappings:
- containerPort: 80
hostPort: ${ingress_http_port}
protocol: TCP
- containerPort: 443
hostPort: ${ingress_https_port}
protocol: TCP
#networking:
# kubeProxyMode: "ipvs"
# create a cluster with the local registry enabled in containerd
containerdConfigPatches:
- |-
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:${reg_port}"]
endpoint = ["http://${reg_name}:${reg_port}"]
EOF
# workaround for https://github.com/hyperledger/fabric-samples/issues/550 - pods can not resolve external DNS
for node in $(kind get nodes);
do
docker exec "$node" sysctl net.ipv4.conf.all.route_localnet=1;
done
pop_fn
}
function launch_docker_registry() {
push_fn "Launching container registry \"${LOCAL_REGISTRY_NAME}\" at localhost:${LOCAL_REGISTRY_PORT}"
# create registry container unless it already exists
local reg_name=${LOCAL_REGISTRY_NAME}
local reg_port=${LOCAL_REGISTRY_PORT}
running="$(docker inspect -f '{{.State.Running}}' "${reg_name}" 2>/dev/null || true)"
if [ "${running}" != 'true' ]; then
docker run \
-d --restart=always -p "127.0.0.1:${reg_port}:5000" --name "${reg_name}" \
registry:2
fi
# connect the registry to the cluster network
# (the network may already be connected)
docker network connect "kind" "${reg_name}" || true
# Document the local registry
# https://github.com/kubernetes/enhancements/tree/master/keps/sig-cluster-lifecycle/generic/1755-communicating-a-local-registry
cat <<EOF | kubectl apply -f -
---
apiVersion: v1
kind: ConfigMap
metadata:
name: local-registry-hosting
namespace: kube-public
data:
localRegistryHosting.v1: |
host: "localhost:${reg_port}"
help: "https://kind.sigs.k8s.io/docs/user/local-registry/"
EOF
pop_fn
}
function kind_delete() {
push_fn "Deleting KIND cluster ${CLUSTER_NAME}"
kind delete cluster --name $CLUSTER_NAME
pop_fn 2
}
function kind_init() {
# todo: how to pass this through to push_fn ?
set -o errexit
kind_create
apply_nginx_ingress
apply_cert_manager
launch_docker_registry
if [ "${STAGE_DOCKER_IMAGES}" == true ]; then
pull_docker_images
load_docker_images
pull_docker_images_for_rest_sample
load_docker_images_for_rest_sample
fi
wait_for_cert_manager
wait_for_nginx_ingress
}
function kind_unkind() {
kind_delete
}