createuserspace

README.md

@@ -4,21 +4,11 @@
 
 ### Quickstart
 
-```bash
+1. Start Docker
-kubectl -n kube-system create secret generic certsigner --from-file /var/lib/rancher/k3s/server/tls/client-ca.crt --from-file /var/lib/rancher/k3s/server/tls/client-ca.key
+2. Run createuserspace.sh
-kubectl apply -f cluster
-kubectl apply -f certsigner
-./adduser.sh tester
-./userspace.sh tester
-```
 
 ```bash
-export USER=$1
+./createuserspace.sh <username> <server_fqdn>
-openssl req -in $HOME/.kube/users/$USER/$USER.csr -noout -text
-helm template $USER ./namespace | kubectl --context admin apply -f -
-kubectl --context admin cp $HOME/.kube/users/$USER/$USER.csr certsigner:/certs/$USER.csr
-kubectl --context admin exec --context admin certsigner -- openssl x509 -in /certs/$USER.csr -req -CA /keys/client-ca.crt -CAkey /keys/client-ca.key -set_serial $(python -c "import random; print(random.randint(1000000000, 9999999999))") -out /certs/$USER.crt -days 5000
-kubectl --context admin cp certsigner:/certs/$USER.crt $HOME/.kube/users/$USER/$USER.crt
 ```
 
 ### Update a user

createuser.sh

@@ -1,5 +0,0 @@
-#!/bin/bash
-
-export USER=$1
-docker run -it -v $HOME/.kube/users/$USER:/$USER python:latest openssl genrsa -out /$USER/$USER.key 2048
-docker run -it -v $HOME/.kube/users/$USER:/$USER python:latest openssl req -new -key /$USER/$USER.key -out /$USER/$USER.csr -subj "/CN=$USER/O=user"

namespace/templates/resourcequota.yaml

@@ -5,11 +5,7 @@ metadata:
   namespace: {{ .Release.Name }}
 spec:
   hard:
-    requests.cpu: "12"
+    requests.cpu: "1"
-    requests.memory: "24G"
+    requests.memory: "4Gi"
-    limits.cpu: "48"
+    limits.cpu: "12"
-    limits.memory: "64G"
+    limits.memory: "12G"
-    nvme.storageclass.storage.k8s.io/persistentvolumeclaims: "0"
-    nvme.storageclass.storage.k8s.io/requests.storage: 0Gi
-    external-ssd.storageclass.storage.k8s.io/persistentvolumeclaims: "0"
-    external-ssd.storageclass.storage.k8s.io/requests.storage: 0Mi