#!/bin/bash echo "" echo "... ] PREPARING ENVS [ ..." HOME=$( cd "$(dirname "$0")" && pwd ) source $HOME/config if [ -f $HOME/config-coreapps ]; then echo "config-coreapps file FOUND :)" source $HOME/config-coreapps export CEPH_MONITOR_1 export CEPH_MONITOR_2 export CEPH_MONITOR_3 else echo "config-coreapps file is missing." exit 1 fi export KUBECONFIG=$ADMIN_KUBECONFIG nspace=$1 export nspace # Setup namespace, Service Accounts, RBAC, Limit and namespace keypair printf "\nsetting up ${nspace}... \n" cat yaml/system/namespace.yaml | envsubst | kubectl apply -f - printf "\nsetting up Service Accounts... \n" /bin/bash tools/add_service_account.sh admin-sa ${nspace} /bin/bash tools/add_service_account.sh backup-agent-sa ${nspace} sleep 5 printf "\nsetting up RBAC... \n" cat yaml/system/sa-rbac.yaml | envsubst | kubectl apply -f - cat yaml/system/sa-rbac-backup-agent.yaml | envsubst | kubectl apply -f - sleep 5 printf "\nsetting up resource limits... \n" kubectl -n $nspace apply -f yaml/system/default-resource-limits.yaml printf "\nsetting up shared keypair secret... \n" openssl ecparam -genkey -name prime256v1 -noout -out /tmp/${nspace}_id_ecdsa openssl ec -in /tmp/${nspace}_id_ecdsa -pubout -out /tmp/${nspace}_id_ecdsa.pub kubectl -n $nspace create secret generic auth-keypair --from-file=id_ecdsa=/tmp/${nspace}_id_ecdsa --from-file=id_ecdsa.pub=/tmp/${nspace}_id_ecdsa.pub rm /tmp/${nspace}_id_ecdsa rm /tmp/${nspace}_id_ecdsa.pub if [ "$nspace" = "develop" ]; then # Setup the private docker registry printf "\nsetting up Docker Registry... \n" #create secret for the registry if [ -f /tmp/regsecret ]; then rm /tmp/regsecret fi htpasswd -Bb -c /tmp/regsecret $REGISTRY_USER $REGISTRY_PASS regpassstr=`cat /tmp/regsecret | base64 -w 0` cat <