Install Replicated Control Planes

#!/bin/bash

set -euo pipefail

CTX="$1"

# Delete Istio in this cluster
kubectl --context=${CTX} delete ns istio-system sample --ignore-not-found

kubectl --context=${CTX} create namespace istio-system
kubectl --context=${CTX} create secret generic cacerts -n istio-system \
    --from-file=samples/certs/ca-cert.pem \
    --from-file=samples/certs/ca-key.pem \
    --from-file=samples/certs/root-cert.pem \
    --from-file=samples/certs/cert-chain.pem

bin/istioctl --context=${CTX} install \
    -f manifests/examples/multicluster/values-istio-multicluster-gateways.yaml

# Configure kubedns
kubectl --context=${CTX} apply -f - <<EOF
apiVersion: v1
kind: ConfigMap
metadata:
  name: kube-dns
  namespace: kube-system
data:
  stubDomains: |
    {"global": ["$(kubectl --context=${CTX} get svc -n istio-system istiocoredns -o jsonpath={.spec.clusterIP})"]}
EOF

# Configure coredns
kubectl --context=${CTX} apply -f - <<EOF
apiVersion: v1
kind: ConfigMap
metadata:
  name: coredns
  namespace: kube-system
data:
  Corefile: |
    .:53 {
        errors
        health
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
           pods insecure
           upstream
           fallthrough in-addr.arpa ip6.arpa
        }
        prometheus :9153
        forward . /etc/resolv.conf
        cache 30
        loop
        reload
        loadbalance
    }
    global:53 {
        errors
        cache 30
        forward . $(kubectl --context=${CTX} get svc -n istio-system istiocoredns -o jsonpath={.spec.clusterIP}):53
    }
EOF