├── AUTHORS
├── README.md
├── force-update-deployment
├── apiversion2resources
├── LICENSE.txt
├── wait-until-pods-ready
└── create-kubeconfig


/AUTHORS:
--------------------------------------------------------------------------------
1 | List of contributors
2 | ====================
3 | 
4 | Kazuki Suda
5 | Takashi Kusumi
6 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Kubernetes scripts
 2 | 
 3 | This repository contains some useful scripts for operating Kubernetes.
 4 | 
 5 | - `create-kubeconfig`: Create a kubeconfig to access the apiserver with the specified serviceaccount and outputs it to stdout.
 6 | - `wait-until-pods-ready`: Wait for all pods to be ready in the current namespace.
 7 | - `force-update-deployment`: Recreate the pods managed by the specified deployment.
 8 | - `apiversion2resources`: Convert API versions read from STDIN to resources in the form of `apiversion.resource`.
 9 | 
10 | ## How to use
11 | 
12 | **apiversion2resources**
13 | 
14 | ```
15 | # Convert the supported API versions on the server
16 | $ kubectl api-versions | apiversion2resources
17 | ```
18 | 
19 | ## License
20 | 
21 | These scripts are released under the MIT License.
22 | 


--------------------------------------------------------------------------------
/force-update-deployment:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | # Copyright 2017, Z Lab Corporation. All rights reserved.
 4 | # Copyright 2017, Kubernetes scripts contributors
 5 | #
 6 | # For the full copyright and license information, please view the LICENSE
 7 | # file that was distributed with this source code.
 8 | 
 9 | set -e
10 | 
11 | if [[ $# == 0 ]]; then
12 |   echo "Usage: $0 DEPLOYMENT [kubectl options]" >&2
13 |   echo "" >&2
14 |   echo "This script recreates the pods managed by the specified deployment." >&2
15 |   exit 1
16 | fi
17 | 
18 | function _kubectl() {
19 |   kubectl $@ $kubectl_options
20 | }
21 | 
22 | deployment="$1"
23 | updated_at=$(date +%s)
24 | kubectl_options="${@:2}"
25 | 
26 | _kubectl patch deployment "$deployment" \
27 |   -p "{\"spec\":{\"template\":{\"metadata\":{\"annotations\":{\"force-update.zlab.co.jp/updated-at\":\"$updated_at\"}}}}}"
28 | 


--------------------------------------------------------------------------------
/apiversion2resources:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | # Copyright 2018, Z Lab Corporation. All rights reserved.
 4 | # Copyright 2018, Kubernetes scripts contributors
 5 | #
 6 | # For the full copyright and license information, please view the LICENSE
 7 | # file that was distributed with this source code.
 8 | 
 9 | set -e
10 | set -o pipefail
11 | 
12 | apiversion2resources() {
13 |   local apiversion="$1"
14 |   local url=""
15 | 
16 |   if [[ "$apiversion" == "v1" ]]; then
17 |     url="/api/v1"
18 |   else
19 |     url="/apis/$apiversion"
20 |   fi
21 | 
22 |   kubectl get --raw "$url" | jq -r ".resources[] | if (.name | contains(\"/\")) then empty else .kind end" | grep -v "/" | sort | sed -e "s#^#$apiversion.#"
23 | }
24 | 
25 | export -f apiversion2resources
26 | 
27 | cat | xargs -I% -P3 -n1 bash -c "apiversion2resources %" | sort
28 | # vim: ai ts=2 sw=2 et sts=2 ft=sh
29 | 


--------------------------------------------------------------------------------
/LICENSE.txt:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2017 Z Lab Corporation
 4 | Copyright (c) 2017 Kubernetes scripts contributors
 5 | 
 6 | Permission is hereby granted, free of charge, to any person obtaining
 7 | a copy of this software and associated documentation files (the
 8 | "Software"), to deal in the Software without restriction, including
 9 | without limitation the rights to use, copy, modify, merge, publish,
10 | distribute, sublicense, and/or sell copies of the Software, and to
11 | permit persons to whom the Software is furnished to do so, subject to
12 | the following conditions:
13 | 
14 | The above copyright notice and this permission notice shall be
15 | included in all copies or substantial portions of the Software.
16 | 
17 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
18 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
19 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
20 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
21 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
22 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
23 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
24 | 


--------------------------------------------------------------------------------
/wait-until-pods-ready:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | # Copyright 2017, Z Lab Corporation. All rights reserved.
 4 | # Copyright 2017, Kubernetes scripts contributors
 5 | #
 6 | # For the full copyright and license information, please view the LICENSE
 7 | # file that was distributed with this source code.
 8 | 
 9 | set -e
10 | 
11 | function __is_pod_ready() {
12 |   [[ "$(kubectl get po "$1" -o 'jsonpath={.status.conditions[?(@.type=="Ready")].status}')" == 'True' ]]
13 | }
14 | 
15 | function __pods_ready() {
16 |   local pod
17 | 
18 |   [[ "$#" == 0 ]] && return 0
19 | 
20 |   for pod in $pods; do
21 |     __is_pod_ready "$pod" || return 1
22 |   done
23 | 
24 |   return 0
25 | }
26 | 
27 | function __wait-until-pods-ready() {
28 |   local period interval i pods
29 | 
30 |   if [[ $# != 2 ]]; then
31 |     echo "Usage: wait-until-pods-ready PERIOD INTERVAL" >&2
32 |     echo "" >&2
33 |     echo "This script waits for all pods to be ready in the current namespace." >&2
34 | 
35 |     return 1
36 |   fi
37 | 
38 |   period="$1"
39 |   interval="$2"
40 | 
41 |   for ((i=0; i<$period; i+=$interval)); do
42 |     pods="$(kubectl get po -o 'jsonpath={.items[*].metadata.name}')"
43 |     if __pods_ready $pods; then
44 |       return 0
45 |     fi
46 | 
47 |     echo "Waiting for pods to be ready..."
48 |     sleep "$interval"
49 |   done
50 | 
51 |   echo "Waited for $period seconds, but all pods are not ready yet."
52 |   return 1
53 | }
54 | 
55 | __wait-until-pods-ready $@
56 | # vim: ft=sh :
57 | 


--------------------------------------------------------------------------------
/create-kubeconfig:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | # Copyright 2017, Z Lab Corporation. All rights reserved.
 4 | # Copyright 2017, Kubernetes scripts contributors
 5 | #
 6 | # For the full copyright and license information, please view the LICENSE
 7 | # file that was distributed with this source code.
 8 | 
 9 | set -e
10 | 
11 | if [[ $# == 0 ]]; then
12 |   echo "Usage: $0 SERVICEACCOUNT [kubectl options]" >&2
13 |   echo "" >&2
14 |   echo "This script creates a kubeconfig to access the apiserver with the specified serviceaccount and outputs it to stdout." >&2
15 | 
16 |   exit 1
17 | fi
18 | 
19 | function _kubectl() {
20 |   kubectl $@ $kubectl_options
21 | }
22 | 
23 | serviceaccount="$1"
24 | kubectl_options="${@:2}"
25 | 
26 | if ! secret="$(_kubectl get serviceaccount "$serviceaccount" -o 'jsonpath={.secrets[0].name}' 2>/dev/null)"; then
27 |   echo "serviceaccounts \"$serviceaccount\" not found." >&2
28 |   exit 2
29 | fi
30 | 
31 | if [[ -z "$secret" ]]; then
32 |   echo "serviceaccounts \"$serviceaccount\" doesn't have a serviceaccount token." >&2
33 |   exit 2
34 | fi
35 | 
36 | # context
37 | context="$(_kubectl config current-context)"
38 | # cluster
39 | cluster="$(_kubectl config view -o "jsonpath={.contexts[?(@.name==\"$context\")].context.cluster}")"
40 | server="$(_kubectl config view -o "jsonpath={.clusters[?(@.name==\"$cluster\")].cluster.server}")"
41 | # token
42 | ca_crt_data="$(_kubectl get secret "$secret" -o "jsonpath={.data.ca\.crt}" | openssl enc -d -base64 -A)"
43 | namespace="$(_kubectl get secret "$secret" -o "jsonpath={.data.namespace}" | openssl enc -d -base64 -A)"
44 | token="$(_kubectl get secret "$secret" -o "jsonpath={.data.token}" | openssl enc -d -base64 -A)"
45 | 
46 | export KUBECONFIG="$(mktemp)"
47 | kubectl config set-credentials "$serviceaccount" --token="$token" >/dev/null
48 | ca_crt="$(mktemp)"; echo "$ca_crt_data" > $ca_crt
49 | kubectl config set-cluster "$cluster" --server="$server" --certificate-authority="$ca_crt" --embed-certs >/dev/null
50 | kubectl config set-context "$context" --cluster="$cluster" --namespace="$namespace" --user="$serviceaccount" >/dev/null
51 | kubectl config use-context "$context" >/dev/null
52 | 
53 | cat "$KUBECONFIG"
54 | # vim: ft=sh :
55 | 


--------------------------------------------------------------------------------