From 83d52a8be52e1dbcaf2846d3957c2998ad2fa529 Mon Sep 17 00:00:00 2001 From: chaogeng77977 Date: Tue, 15 Feb 2022 17:14:04 +0800 Subject: [PATCH 1/2] Rel2.13 - Manifest Updates --- .../agent/portainer-ce213-agent-edge-k8s.yaml | 106 ++++++++++++++++++ .../agent/portainer-ce213-edge-agent-setup.sh | 88 +++++++++++++++ 2 files changed, 194 insertions(+) create mode 100644 deploy/manifests/agent/portainer-ce213-agent-edge-k8s.yaml create mode 100644 deploy/manifests/agent/portainer-ce213-edge-agent-setup.sh diff --git a/deploy/manifests/agent/portainer-ce213-agent-edge-k8s.yaml b/deploy/manifests/agent/portainer-ce213-agent-edge-k8s.yaml new file mode 100644 index 0000000..7e1b06e --- /dev/null +++ b/deploy/manifests/agent/portainer-ce213-agent-edge-k8s.yaml @@ -0,0 +1,106 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: portainer +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: portainer-sa-clusteradmin + namespace: portainer +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: portainer-crb-clusteradmin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: + - kind: ServiceAccount + name: portainer-sa-clusteradmin + namespace: portainer +# Optional: can be added to expose the agent port 80 to associate an Edge key. +# --- +# apiVersion: v1 +# kind: Service +# metadata: +# name: portainer-agent +# namespace: portainer +# spec: +# type: LoadBalancer +# selector: +# app: portainer-agent +# ports: +# - name: http +# protocol: TCP +# port: 80 +# targetPort: 80 +--- +apiVersion: v1 +kind: Service +metadata: + name: portainer-agent + namespace: portainer +spec: + clusterIP: None + selector: + app: portainer-agent +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: portainer-agent + namespace: portainer +spec: + selector: + matchLabels: + app: portainer-agent + template: + metadata: + labels: + app: portainer-agent + spec: + serviceAccountName: portainer-sa-clusteradmin + containers: + - name: portainer-agent + image: portainer/agent:2.11.0 + imagePullPolicy: Always + env: + - name: LOG_LEVEL + value: INFO + - name: KUBERNETES_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: EDGE + value: "1" + - name: AGENT_CLUSTER_ADDR + value: "portainer-agent" + - name: EDGE_ID + valueFrom: + configMapKeyRef: + name: portainer-agent-edge + key: edge.id + - name: EDGE_INSECURE_POLL + valueFrom: + configMapKeyRef: + name: portainer-agent-edge + key: edge.insecure_poll + - name: AGENT_SECRET + valueFrom: + configMapKeyRef: + name: portainer-agent-edge + key: edge.secret + optional: true + - name: EDGE_KEY + valueFrom: + secretKeyRef: + name: portainer-agent-edge-key + key: edge.key + ports: + - containerPort: 9001 + protocol: TCP + - containerPort: 80 + protocol: TCP diff --git a/deploy/manifests/agent/portainer-ce213-edge-agent-setup.sh b/deploy/manifests/agent/portainer-ce213-edge-agent-setup.sh new file mode 100644 index 0000000..380c434 --- /dev/null +++ b/deploy/manifests/agent/portainer-ce213-edge-agent-setup.sh @@ -0,0 +1,88 @@ +#!/usr/bin/env bash + +# Script used to deploy the Portainer Edge agent inside a Kubernetes cluster. + +# Requires: +# curl +# kubectl + +### COLOR OUTPUT ### + +ESeq="\x1b[" +RCol="$ESeq"'0m' # Text Reset + +# Regular Bold Underline High Intensity BoldHigh Intens Background High Intensity Backgrounds +Bla="$ESeq"'0;30m'; BBla="$ESeq"'1;30m'; UBla="$ESeq"'4;30m'; IBla="$ESeq"'0;90m'; BIBla="$ESeq"'1;90m'; On_Bla="$ESeq"'40m'; On_IBla="$ESeq"'0;100m'; +Red="$ESeq"'0;31m'; BRed="$ESeq"'1;31m'; URed="$ESeq"'4;31m'; IRed="$ESeq"'0;91m'; BIRed="$ESeq"'1;91m'; On_Red="$ESeq"'41m'; On_IRed="$ESeq"'0;101m'; +Gre="$ESeq"'0;32m'; BGre="$ESeq"'1;32m'; UGre="$ESeq"'4;32m'; IGre="$ESeq"'0;92m'; BIGre="$ESeq"'1;92m'; On_Gre="$ESeq"'42m'; On_IGre="$ESeq"'0;102m'; +Yel="$ESeq"'0;33m'; BYel="$ESeq"'1;33m'; UYel="$ESeq"'4;33m'; IYel="$ESeq"'0;93m'; BIYel="$ESeq"'1;93m'; On_Yel="$ESeq"'43m'; On_IYel="$ESeq"'0;103m'; +Blu="$ESeq"'0;34m'; BBlu="$ESeq"'1;34m'; UBlu="$ESeq"'4;34m'; IBlu="$ESeq"'0;94m'; BIBlu="$ESeq"'1;94m'; On_Blu="$ESeq"'44m'; On_IBlu="$ESeq"'0;104m'; +Pur="$ESeq"'0;35m'; BPur="$ESeq"'1;35m'; UPur="$ESeq"'4;35m'; IPur="$ESeq"'0;95m'; BIPur="$ESeq"'1;95m'; On_Pur="$ESeq"'45m'; On_IPur="$ESeq"'0;105m'; +Cya="$ESeq"'0;36m'; BCya="$ESeq"'1;36m'; UCya="$ESeq"'4;36m'; ICya="$ESeq"'0;96m'; BICya="$ESeq"'1;96m'; On_Cya="$ESeq"'46m'; On_ICya="$ESeq"'0;106m'; +Whi="$ESeq"'0;37m'; BWhi="$ESeq"'1;37m'; UWhi="$ESeq"'4;37m'; IWhi="$ESeq"'0;97m'; BIWhi="$ESeq"'1;97m'; On_Whi="$ESeq"'47m'; On_IWhi="$ESeq"'0;107m'; + +printSection() { + echo -e "${BIYel}>>>> ${BIWhi}${1}${RCol}" +} + +info() { + echo -e "${BIWhi}${1}${RCol}" +} + +success() { + echo -e "${BIGre}${1}${RCol}" +} + +error() { + echo -e "${BIRed}${1}${RCol}" +} + +errorAndExit() { + echo -e "${BIRed}${1}${RCol}" + exit 1 +} + +### !COLOR OUTPUT ### + +main() { + if [[ $# -lt 3 ]]; then + error "Not enough arguments" + error "Usage: ${0} " + exit 1 + fi + + local EDGE_ID="$1" + local EDGE_KEY="$2" + local EDGE_INSECURE_POLL="$3" + local EDGE_SECRET="$4" + + [[ "$(command -v curl)" ]] || errorAndExit "Unable to find curl binary. Please ensure curl is installed before running this script." + [[ "$(command -v kubectl)" ]] || errorAndExit "Unable to find kubectl binary. Please ensure kubectl is installed before running this script." + + info "Downloading agent manifest..." + curl -L https://portainer.github.io/k8s/deploy/manifests/agent/portainer-ce213-agent-edge-k8s.yaml -o portainer-agent-edge-k8s.yaml || errorAndExit "Unable to download agent manifest" + + info "Creating Portainer namespace..." + kubectl create namespace portainer + + info "Creating agent configuration..." + configmapCmd="kubectl create configmap portainer-agent-edge" + configmapCmd+=" --from-literal="edge.id=$EDGE_ID"" + configmapCmd+=" --from-literal="edge.insecure_poll=$EDGE_INSECURE_POLL"" + if [ ! -z $EDGE_SECRET ]; then + configmapCmd+=" --from-literal="edge.secret=$EDGE_SECRET"" + fi + configmapCmd+=" -n portainer" + $configmapCmd + + info "Creating agent secret..." + kubectl create secret generic portainer-agent-edge-key "--from-literal=edge.key=$EDGE_KEY" -n portainer + + info "Deploying agent..." + kubectl apply -f portainer-agent-edge-k8s.yaml || errorAndExit "Unable to deploy agent manifest" + + success "Portainer Edge agent successfully deployed" + exit 0 +} + +main "$@" From 2f2b64280982a697e7925674ca264dade87dd6fd Mon Sep 17 00:00:00 2001 From: chaogeng77977 Date: Tue, 15 Feb 2022 19:26:04 +0800 Subject: [PATCH 2/2] Rel2.13 - Manifest Updates for ee --- .../ee/portainer-agent-ee214-edge-k8s.yaml | 106 ++++++++++++++++++ .../agent/portainer-ce213-agent-edge-k8s.yaml | 2 +- .../agent/portainer-ce213-edge-agent-setup.sh | 88 --------------- 3 files changed, 107 insertions(+), 89 deletions(-) create mode 100644 deploy/manifests/agent/ee/portainer-agent-ee214-edge-k8s.yaml delete mode 100644 deploy/manifests/agent/portainer-ce213-edge-agent-setup.sh diff --git a/deploy/manifests/agent/ee/portainer-agent-ee214-edge-k8s.yaml b/deploy/manifests/agent/ee/portainer-agent-ee214-edge-k8s.yaml new file mode 100644 index 0000000..9c7bedd --- /dev/null +++ b/deploy/manifests/agent/ee/portainer-agent-ee214-edge-k8s.yaml @@ -0,0 +1,106 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: portainer +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: portainer-sa-clusteradmin + namespace: portainer +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: portainer-crb-clusteradmin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: + - kind: ServiceAccount + name: portainer-sa-clusteradmin + namespace: portainer +# Optional: can be added to expose the agent port 80 to associate an Edge key. +# --- +# apiVersion: v1 +# kind: Service +# metadata: +# name: portainer-agent +# namespace: portainer +# spec: +# type: LoadBalancer +# selector: +# app: portainer-agent +# ports: +# - name: http +# protocol: TCP +# port: 80 +# targetPort: 80 +--- +apiVersion: v1 +kind: Service +metadata: + name: portainer-agent + namespace: portainer +spec: + clusterIP: None + selector: + app: portainer-agent +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: portainer-agent + namespace: portainer +spec: + selector: + matchLabels: + app: portainer-agent + template: + metadata: + labels: + app: portainer-agent + spec: + serviceAccountName: portainer-sa-clusteradmin + containers: + - name: portainer-agent + image: portainer/agent:2.14.0 + imagePullPolicy: Always + env: + - name: LOG_LEVEL + value: INFO + - name: KUBERNETES_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: EDGE + value: "1" + - name: AGENT_CLUSTER_ADDR + value: "portainer-agent" + - name: EDGE_ID + valueFrom: + configMapKeyRef: + name: portainer-agent-edge + key: edge.id + - name: EDGE_INSECURE_POLL + valueFrom: + configMapKeyRef: + name: portainer-agent-edge + key: edge.insecure_poll + - name: AGENT_SECRET + valueFrom: + configMapKeyRef: + name: portainer-agent-edge + key: edge.secret + optional: true + - name: EDGE_KEY + valueFrom: + secretKeyRef: + name: portainer-agent-edge-key + key: edge.key + ports: + - containerPort: 9001 + protocol: TCP + - containerPort: 80 + protocol: TCP diff --git a/deploy/manifests/agent/portainer-ce213-agent-edge-k8s.yaml b/deploy/manifests/agent/portainer-ce213-agent-edge-k8s.yaml index 7e1b06e..8906b42 100644 --- a/deploy/manifests/agent/portainer-ce213-agent-edge-k8s.yaml +++ b/deploy/manifests/agent/portainer-ce213-agent-edge-k8s.yaml @@ -65,7 +65,7 @@ spec: serviceAccountName: portainer-sa-clusteradmin containers: - name: portainer-agent - image: portainer/agent:2.11.0 + image: portainer/agent:2.13.0 imagePullPolicy: Always env: - name: LOG_LEVEL diff --git a/deploy/manifests/agent/portainer-ce213-edge-agent-setup.sh b/deploy/manifests/agent/portainer-ce213-edge-agent-setup.sh deleted file mode 100644 index 380c434..0000000 --- a/deploy/manifests/agent/portainer-ce213-edge-agent-setup.sh +++ /dev/null @@ -1,88 +0,0 @@ -#!/usr/bin/env bash - -# Script used to deploy the Portainer Edge agent inside a Kubernetes cluster. - -# Requires: -# curl -# kubectl - -### COLOR OUTPUT ### - -ESeq="\x1b[" -RCol="$ESeq"'0m' # Text Reset - -# Regular Bold Underline High Intensity BoldHigh Intens Background High Intensity Backgrounds -Bla="$ESeq"'0;30m'; BBla="$ESeq"'1;30m'; UBla="$ESeq"'4;30m'; IBla="$ESeq"'0;90m'; BIBla="$ESeq"'1;90m'; On_Bla="$ESeq"'40m'; On_IBla="$ESeq"'0;100m'; -Red="$ESeq"'0;31m'; BRed="$ESeq"'1;31m'; URed="$ESeq"'4;31m'; IRed="$ESeq"'0;91m'; BIRed="$ESeq"'1;91m'; On_Red="$ESeq"'41m'; On_IRed="$ESeq"'0;101m'; -Gre="$ESeq"'0;32m'; BGre="$ESeq"'1;32m'; UGre="$ESeq"'4;32m'; IGre="$ESeq"'0;92m'; BIGre="$ESeq"'1;92m'; On_Gre="$ESeq"'42m'; On_IGre="$ESeq"'0;102m'; -Yel="$ESeq"'0;33m'; BYel="$ESeq"'1;33m'; UYel="$ESeq"'4;33m'; IYel="$ESeq"'0;93m'; BIYel="$ESeq"'1;93m'; On_Yel="$ESeq"'43m'; On_IYel="$ESeq"'0;103m'; -Blu="$ESeq"'0;34m'; BBlu="$ESeq"'1;34m'; UBlu="$ESeq"'4;34m'; IBlu="$ESeq"'0;94m'; BIBlu="$ESeq"'1;94m'; On_Blu="$ESeq"'44m'; On_IBlu="$ESeq"'0;104m'; -Pur="$ESeq"'0;35m'; BPur="$ESeq"'1;35m'; UPur="$ESeq"'4;35m'; IPur="$ESeq"'0;95m'; BIPur="$ESeq"'1;95m'; On_Pur="$ESeq"'45m'; On_IPur="$ESeq"'0;105m'; -Cya="$ESeq"'0;36m'; BCya="$ESeq"'1;36m'; UCya="$ESeq"'4;36m'; ICya="$ESeq"'0;96m'; BICya="$ESeq"'1;96m'; On_Cya="$ESeq"'46m'; On_ICya="$ESeq"'0;106m'; -Whi="$ESeq"'0;37m'; BWhi="$ESeq"'1;37m'; UWhi="$ESeq"'4;37m'; IWhi="$ESeq"'0;97m'; BIWhi="$ESeq"'1;97m'; On_Whi="$ESeq"'47m'; On_IWhi="$ESeq"'0;107m'; - -printSection() { - echo -e "${BIYel}>>>> ${BIWhi}${1}${RCol}" -} - -info() { - echo -e "${BIWhi}${1}${RCol}" -} - -success() { - echo -e "${BIGre}${1}${RCol}" -} - -error() { - echo -e "${BIRed}${1}${RCol}" -} - -errorAndExit() { - echo -e "${BIRed}${1}${RCol}" - exit 1 -} - -### !COLOR OUTPUT ### - -main() { - if [[ $# -lt 3 ]]; then - error "Not enough arguments" - error "Usage: ${0} " - exit 1 - fi - - local EDGE_ID="$1" - local EDGE_KEY="$2" - local EDGE_INSECURE_POLL="$3" - local EDGE_SECRET="$4" - - [[ "$(command -v curl)" ]] || errorAndExit "Unable to find curl binary. Please ensure curl is installed before running this script." - [[ "$(command -v kubectl)" ]] || errorAndExit "Unable to find kubectl binary. Please ensure kubectl is installed before running this script." - - info "Downloading agent manifest..." - curl -L https://portainer.github.io/k8s/deploy/manifests/agent/portainer-ce213-agent-edge-k8s.yaml -o portainer-agent-edge-k8s.yaml || errorAndExit "Unable to download agent manifest" - - info "Creating Portainer namespace..." - kubectl create namespace portainer - - info "Creating agent configuration..." - configmapCmd="kubectl create configmap portainer-agent-edge" - configmapCmd+=" --from-literal="edge.id=$EDGE_ID"" - configmapCmd+=" --from-literal="edge.insecure_poll=$EDGE_INSECURE_POLL"" - if [ ! -z $EDGE_SECRET ]; then - configmapCmd+=" --from-literal="edge.secret=$EDGE_SECRET"" - fi - configmapCmd+=" -n portainer" - $configmapCmd - - info "Creating agent secret..." - kubectl create secret generic portainer-agent-edge-key "--from-literal=edge.key=$EDGE_KEY" -n portainer - - info "Deploying agent..." - kubectl apply -f portainer-agent-edge-k8s.yaml || errorAndExit "Unable to deploy agent manifest" - - success "Portainer Edge agent successfully deployed" - exit 0 -} - -main "$@"