Merge pull request #8 from portefaix/feat/kind

Kind for infrastructure deployment on AWS

Makefile

@@ -0,0 +1,129 @@
+# Copyright (C) 2021 Nicolas Lamirault <[email protected]>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+include hack/commons.mk
+-include hack/kind.$(ENV).mk
+
+KIND_VERSION := $(shell kind --version 2>/dev/null)
+
+HELM_CROSSPLANE_VERSION=1.4.1
+
+
+# ====================================
+# D E V E L O P M E N T
+# ====================================
+
+##@ Development
+
+.PHONY: clean
+clean: ## Cleanup
+	@echo -e "$(OK_COLOR)[$(BANNER)] Cleanup$(NO_COLOR)"
+	@find . -name "*.retry"|xargs rm -f
+	@rm -fr vendor
+	@rm -fr venv
+
+.PHONY: check
+check: check-kubectl check-kustomize check-helm ## Check requirements
+
+.PHONY: validate
+validate: ## Execute git-hooks
+	@poetry run pre-commit run -a
+
+# ====================================
+# K I N D
+# ====================================
+
+##@ Kind
+
+.PHONY: kind-install
+kind-install: ## Install Kind
+ifdef KIND_VERSION
+	@echo "Found version $(KIND_VERSION)"
+else
+	@curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.10.0/kind-linux-amd64
+	@chmod +x ./kind
+	@mv ./kind /bin/kind
+endif
+
+.PHONY: kind-create
+kind-create: guard-ENV ## Creates a local Kubernetes cluster (ENV=xxx)
+	@echo -e "$(OK_COLOR)[$(APP)] Create Kubernetes cluster ${SERVICE}$(NO_COLOR)"
+	@kind create cluster --name=$(CLUSTER) --config=hack/kind-config.yaml --wait 180s
+
+.PHONY: kind-delete
+kind-delete: guard-ENV ## Delete a local Kubernetes cluster (ENV=xxx)
+	@echo -e "$(OK_COLOR)[$(APP)] Create Kubernetes cluster ${SERVICE}$(NO_COLOR)"
+	@kind delete cluster --name=$(CLUSTER)
+
+.PHONY: kind-kube-credentials
+kind-kube-credentials: guard-ENV ## Credentials for Kind (ENV=xxx)
+	@kubectl config use-context $(KUBE_CONTEXT)
+
+
+# ====================================
+# K U B E R N E T E S
+# ====================================
+
+##@ Kubernetes
+
+kubernetes-check-context:
+	@if [[ "$(KUBE_CONTEXT)" != "$(KUBE_CURRENT_CONTEXT)" ]] ; then \
+		echo -e "$(ERROR_COLOR)[KO]$(NO_COLOR) Kubernetes context: $(KUBE_CONTEXT) vs $(KUBE_CURRENT_CONTEXT)"; \
+		exit 1; \
+	fi
+
+.PHONY: kubernetes-switch
+kubernetes-switch: guard-ENV ## Switch Kubernetes context (ENV=xxx)
+	@kubectl config use-context $(KUBE_CONTEXT)
+
+.PHONY: kubernetes-secret
+kubernetes-secret: guard-NAMESPACE guard-NAME guard-FILE ## Generate a Kubernetes secret file (NAME=xxxx NAMESPACE=xxxx FILE=xxxx)
+	@kubectl create secret generic $(NAME) -n $(NAMESPACE) --dry-run=client --from-file=$(FILE) -o yaml
+
+.PHONY: kubernetes-credentials
+kubernetes-credentials: guard-ENV guard-CLOUD ## Generate credentials (CLOUD=xxxx ENV=xxx)
+	@kubectl config use-context $(KUBE_CONTEXT)
+
+# ====================================
+# C R O S S P L A N E
+# ====================================
+
+##@ Helm
+
+.PHONY: crossplane-controlplane
+crossplane-controlplane: ## Install Crossplane using Helm
+	@kubectl create namespace crossplane-system
+	@helm repo add crossplane-stable https://charts.crossplane.io/stable
+	@helm repo update
+	@helm install crossplane --namespace crossplane-system crossplane-stable/crossplane --version $(HELM_CROSSPLANE_VERSION)
+
+.PHONY: crossplane-aws-credentials
+crossplane-aws-credentials: guard-AWS_ACCESS_KEY guard-AWS_SECRET_KEY ## Generate credentials for AWS (AWS_ACCESS_KEY=xxx AWS_SECRET_KEY=xxx)
+	@./hack/scripts/aws.sh $(AWS_ACCESS_KEY) $(AWS_SECRET_KEY)
+
+.PHONY: crossplane-azure-credentials
+crossplane-azure-credentials: ## Generate credentials for Azure
+	@./hack/scripts/azure.sh
+
+.PHONY: crossplane-provider
+crossplane-provider: guard-CLOUD guard-ACTION ## Setup the Crossplane provider (CLOUD=xxx ACTION=xxx)
+	@kustomize build krm/$(CLOUD)/provider | kubectl $(ACTION) -f -
+
+.PHONY: crossplane-config
+crossplane-config: guard-CLOUD guard-ACTION ## The Crossplane configuration (CLOUD=xxx ACTION=xxx)
+	@kustomize build krm/$(CLOUD)/config | kubectl $(ACTION) -f -
+
+.PHONY: crossplane-infra
+crossplane-infra: guard-CLOUD guard-ACTION ## The Crossplane provider (CLOUD=xxx ACTION=xxx)
+	@kustomize build krm/$(CLOUD)/infra | kubectl $(ACTION) -f -

README.md

@@ -6,6 +6,46 @@
 
 Build cloud platform using [Kubernetes Resources Model](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/architecture/resource-management.md)
 
+### Core
+
+* Create Kind cluster :
+
+```shell
+> make kind-create ENV=local
+```
+
+* Install Crossplane:
+
+```shell
+> make crossplane-controlplane ACTION=apply
+```
+
+### AWS
+
+* Cloud provider configuration:
+
+```shell
+> make crossplane-aws-credentials AWS_ACCESS_KEY=xxxxxx AWS_SECRET_KEY=xxxxxxxxx
+```
+
+* Install Crossplane provider:
+
+```shell
+> make crossplane-provider CLOUD=aws ACTION=apply
+```
+
+* Setup Crossplane configuration:
+
+```shell
+❯ make crossplane-config CLOUD=aws ACTION=apply
+```
+
+* Deploy infrastructure:
+
+```shell
+❯ make crossplane-infra CLOUD=aws ACTION=apply
+```
+
 ## Contributing
 
 See [CONTRIBUTING.md](./CONTRIBUTING.md)

hack/commons.mk

@@ -0,0 +1,84 @@
+# Copyright (C) 2021 Nicolas Lamirault <[email protected]>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+APP = portefaix
+
+BANNER = P O R T E F A I X / K R M
+
+# ENVS = $(shell ls *.*.mk | awk -F"." '{ print $$2 }')
+
+KUBE_CONTEXT = $(KUBE_CONTEXT_$(ENV))
+KUBE_CURRENT_CONTEXT = $(shell kubectl config current-context)
+CLUSTER = $(CLUSTER_$(ENV))
+
+KIND_CLUSTER_NAME = $(KIND_CLUSTER_NAME_$(ENV))
+
+CONFIG_HOME = $(or ${XDG_CONFIG_HOME},${XDG_CONFIG_HOME},${HOME}/.config)
+
+DEBUG ?=
+
+SHELL = /bin/bash -o pipefail
+
+MKFILE_PATH := $(abspath $(lastword $(MAKEFILE_LIST)))
+MKFILE_DIR := $(dir $(MKFILE_PATH))
+
+PYTHON_VENV = $(MKFILE_DIR)/../.venv
+
+NO_COLOR=\033[0m
+OK_COLOR=\033[32;01m
+ERROR_COLOR=\033[31;01m
+WARN_COLOR=\033[33;01m
+INFO_COLOR=\033[36m
+WHITE_COLOR=\033[1m
+
+MAKE_COLOR=\033[33;01m%-20s\033[0m
+
+.DEFAULT_GOAL := help
+
+OK=[✅]
+KO=[❌]
+WARN=[⚠️]
+
+.PHONY: help
+help:
+	@echo -e "$(OK_COLOR)                  $(BANNER)$(NO_COLOR)"
+	@echo "------------------------------------------------------------------"
+	@echo ""
+	@echo -e "${ERROR_COLOR}Usage${NO_COLOR}: make ${INFO_COLOR}<target>${NO_COLOR}"
+	@awk 'BEGIN {FS = ":.*##"; } /^[a-zA-Z0-9_-]+:.*?##/ { printf "  ${INFO_COLOR}%-30s${NO_COLOR} %s\n", $$1, $$2 } /^##@/ { printf "\n${WHITE_COLOR}%s${NO_COLOR}\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
+
+
+
+# @echo -e "${ERROR_COLOR}Environments${NO_COLOR}: $(ENVS)"
+# @echo ""
+
+guard-%:
+	@if [ "${${*}}" = "" ]; then \
+		echo -e "$(ERROR_COLOR)Environment variable $* not set$(NO_COLOR)"; \
+		exit 1; \
+	fi
+
+check-%:
+	@if $$(hash $* 2> /dev/null); then \
+		echo -e "$(OK_COLOR)$(OK)$(NO_COLOR) $*"; \
+	else \
+		echo -e "$(ERROR_COLOR)$(KO)$(NO_COLOR) $*"; \
+	fi
+
+print-%:
+	@if [ "${$*}" == "" ]; then \
+		echo -e "$(ERROR_COLOR)[KO]$(NO_COLOR) $* = ${$*}"; \
+	else \
+		echo -e "$(OK_COLOR)[OK]$(NO_COLOR) $* = ${$*}"; \
+	fi

hack/kind-config.yaml

@@ -0,0 +1,52 @@
+# Copyright (C) 2021 Nicolas Lamirault <[email protected]>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+apiVersion: kind.x-k8s.io/v1alpha4
+kind: Cluster
+
+kubeadmConfigPatches:
+- |
+  apiVersion: kubeadm.k8s.io/v1alpha3
+  kind: ClusterConfiguration
+  metadata:
+    name: config
+  apiServerExtraArgs:
+    enable-admission-plugins: NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook
+
+networking:
+  podSubnet: "10.244.0.0/20"
+  serviceSubnet: "10.244.16.0/20"
+
+nodes:
+- role: control-plane
+  kubeadmConfigPatches:
+  - |
+    kind: InitConfiguration
+    nodeRegistration:
+      kubeletExtraArgs:
+        node-labels: "ingress-ready=true"
+  extraPortMappings:
+  - containerPort: 80
+    hostPort: 80
+    protocol: TCP
+    listenAddress: "0.0.0.0"
+  - containerPort: 443
+    hostPort: 443
+    protocol: TCP
+    listenAddress: "0.0.0.0"
+- role: worker
+  extraMounts:
+  - hostPath: /tmp/kind-portefaix-krm
+    containerPath: /data

hack/kind.local.mk

@@ -0,0 +1,17 @@
+# Copyright (C) 2021 Nicolas Lamirault <[email protected]>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+CLUSTER_local = portefaix-krm-local
+
+KUBE_CONTEXT_local = kind-portefaix-krm-local