services/userspace
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

add scripts

Browse Source
This commit is contained in:
ducoterra
2020-05-25 18:47:15 -04:00
parent 46d90d785c
commit e33a239729
3 changed files with 14 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
createadmin.sh Executable file
View File

@@ -0,0 +1,8 @@
export USER=$1
docker run -it -v $HOME/.kube/users/$USER:/$USER python:latest openssl genrsa -out /$USER/$USER.key 2048
docker run -it -v $HOME/.kube/users/$USER:/$USER python:latest openssl req -new -key /$USER/$USER.key -out /$USER/$USER.csr -subj "/CN=admin/O=manager"
kubectl --context admin cp $HOME/.kube/users/$USER/$USER.csr certsigner:/certs/$USER.csr
kubectl --context admin exec --context admin certsigner -- openssl x509 -in /certs/$USER.csr -req -CA /keys/client-ca.crt -CAkey /keys/client-ca.key -set_serial $(python -c "import random; print(random.randint(1000000000, 9999999999))") -out /certs/$USER.crt -days 5000
kubectl --context admin cp certsigner:/certs/$USER.crt $HOME/.kube/users/$USER/$USER.crt
kubectl config set-credentials $USER --client-certificate=$HOME/.kube/users/$USER/$USER.crt --client-key=$HOME/.kube/users/$USER/$USER.key
kubectl config set-context $USER --cluster=mainframe --namespace=kube-system --user=$USER

4
createuser.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
export USER=$1 export USER=$1
docker run -it -v $(pwd)/users/$USER:/$USER python:latest openssl genrsa -out /$USER/$USER.key 2048 docker run -it -v $HOME/.kube/users/$USER:/$USER python:latest openssl genrsa -out /$USER/$USER.key 2048
docker run -it -v $(pwd)/users/$USER:/$USER python:latest openssl req -new -key /$USER/$USER.key -out /$USER/$USER.csr -subj "/CN=$USER/O=user" docker run -it -v $HOME/.kube/users/$USER:/$USER python:latest openssl req -new -key /$USER/$USER.key -out /$USER/$USER.csr -subj "/CN=$USER/O=user"

8
userspace.sh → createuserspace.sh Normal file → Executable file
View File

@@ -2,8 +2,8 @@
export USER=$1 export USER=$1
helm template $USER ./namespace | kubectl --context admin apply -f - helm template $USER ./namespace | kubectl --context admin apply -f -
kubectl --context admin cp $(pwd)/users/$USER/$USER.csr certsigner:/certs/$USER.csr kubectl --context admin cp $HOME/.kube/users/$USER/$USER.csr certsigner:/certs/$USER.csr
kubectl --context admin exec --context admin certsigner -- openssl x509 -in /certs/$USER.csr -req -CA /keys/client-ca.crt -CAkey /keys/client-ca.key -set_serial $(python -c "import random; print(random.randint(1000000000, 9999999999))") -out /certs/$USER.crt -days 5000 kubectl --context admin exec --context admin certsigner -- openssl x509 -in /certs/$USER.csr -req -CA /keys/client-ca.crt -CAkey /keys/client-ca.key -set_serial $(python -c "import random; print(random.randint(1000000000, 9999999999))") -out /certs/$USER.crt -days 5000
kubectl --context admin cp certsigner:/certs/$USER.crt $(pwd)/users/$USER/$USER.crt kubectl --context admin cp certsigner:/certs/$USER.crt $HOME/.kube/users/$USER/$USER.crt
kubectl config set-credentials $USER --client-certificate=$(pwd)/users/$USER/$USER.crt --client-key=$(pwd)/users/$USER/$USER.key kubectl config set-credentials $USER --client-certificate=$HOME/.kube/users/$USER/$USER.crt --client-key=$HOME/.kube/users/$USER/$USER.key
kubectl config set-context $USER --cluster=mainframe --namespace=$USER --user=$USER kubectl config set-context $USER --cluster=mainframe --namespace=kube-system --user=$USER