sha1sum · August 19, 2017 14:54
diff --git a/functions.sh b/functions.sh
 #!/bin/bash

 gcp () {
    gcp_in=$(gcloud ${@} 2>&1)
    ec=$?
    if [ ${ec} -ne 0 ]; then
        echo; echo "ERROR!"; echo; echo "${gcp_in}"; echo
    fi
    return ${ec}
 }

 section () {
    curr_product="${1}"
    curr_section="${2}"
    curr_product_label="$(echo "${curr_product}" | awk '{print toupper($1)}')"
    curr_section_label="$(echo "${curr_section}" | awk '{print toupper($1)}')"
 }

 log () {
    if [ $(echo "${curr_product_label}" | wc -m) -ge 22 ]; then
        product_out="[${curr_product_label}]\t"
    elif [ $(echo "${curr_product_label}" | wc -m) -ge 14 ]; then
        product_out="[${curr_product_label}]\t"
    else
        product_out="[${curr_product_label}]\t\t"
    fi
    if [ $(echo "${curr_section_label}" | wc -m) -ge 22 ]; then
        label_out="[${curr_section_label}]\t"
    elif [ $(echo "${curr_section_label}" | wc -m) -ge 14 ]; then
        label_out="[${curr_section_label}]\t"
    else
        label_out="[${curr_section_label}]\t\t"
    fi
    echo "${product_out}${label_out}${1}"
 }

 existing () {
    log "Checking for existing '${1}' resource..."
    gcp ${curr_product} ${curr_section} describe ${@} > /dev/null 2>&1
 }

 creating () {
    log "Creating ${@}..."
 }
diff --git a/provision.sh b/provision.sh
 #!/bin/bash
 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" # Directory of script
 source "${DIR}/functions.sh" # Convenience functions

 gce_region="us-central1"
 gce_zone="us-central1-a"
 gce_num_controllers=3
 gce_num_workers=3
 gce_boot_disk_size="200GB"
 gce_machine_type="n1-standard-1"
 gce_image_family="cos-beta"
 gce_image_project="cos-cloud"

 #   _  _     _                  _
 #  | \| |___| |___ __ _____ _ _| |_____
 #  | .` / -_)  _\ V  V / _ \ '_| / (_-<
 #  |_|\_\___|\__|\_/\_/\___/_| |_\_\__/

 section compute networks

 existing fusion
 if [ $? -ne 0 ]; then
    creating "Fusion VPC network"
    gcp compute networks create fusion --mode custom
    gcp compute networks subnets create fusion \
        --network fusion \
        --range 10.10.10.0/25 \
        --region us-central1 # /25 == 124 hosts per network (126 - 2 GCE reserved)
 fi

 #   ___ _                     _ _
 #  | __(_)_ _ _____ __ ____ _| | |
 #  | _|| | '_/ -_) V  V / _` | | |
 #  |_| |_|_| \___|\_/\_/\__,_|_|_|

 section compute firewall-rules

 existing allow-lan
 if [ $? -ne 0 ]; then
    # Allow TCP/UDP/ICMP traffic on internal networks
    creating "LAN firewall rules"
    gcp compute firewall-rules create allow-lan \
        --allow tcp,udp,icmp \
        --network fusion \
        --source-ranges 10.10.10.0/25
 fi

 existing allow-wan
 if [ $? -ne 0 ]; then
    # Allow incoming traffic
    #   - 22: SSH
    #   - 6443: kubeconfig
    #   - icmp: ping
    creating "WAN firewall rules"
    gcp compute firewall-rules create allow-wan \
        --allow tcp:22,tcp:6443,icmp \
        --network fusion \
        --source-ranges 0.0.0.0/0 # Everywhere
 fi

 existing allow-health
 if [ $? -ne 0 ]; then
    # Allow health checking
    creating "firewall rules for health checks"
    gcp compute firewall-rules create allow-health \
        --allow tcp:8080 \
        --network fusion \
        --source-ranges 130.211.0.0/22,35.191.0.0/16 # GCE
 fi

 #     _      _    _
 #    /_\  __| |__| |_ _ ___ _________ ___
 #   / _ \/ _` / _` | '_/ -_)_-<_-< -_)_-<
 #  /_/ \_\__,_\__,_|_| \___/__/__\___/__/

 section compute addresses

 existing fusion --region=${gce_region}
 if [ $? -ne 0 ]; then
    creating "public IP for k8s control plane"
    # IP address for accessing the k8s API/control plane externally
    gcp compute addresses create fusion --region=${gce_region}
 fi

 #   ___         _
 #  |_ _|_ _  ___ |_ __ _ _ _  __ ___ ___
 #   | || ' \(_-<  _/ _` | ' \/ _/ -_)_-<
 #  |___|_||_/__/\__\__,_|_||_\__\___/__/

 section compute instances

 # k8s controllers
 for instance_num in $(seq 0 $((${gce_num_controllers}-1))); do
    existing controller-${instance_num}
    if [ $? -ne 0 ]; then
        # k8s controller
        creating "k8s controller instance #${instance_num}"
        gcp compute instances create controller-${instance_num}         \
            --boot-disk-size        ${gce_boot_disk_size}               \
            --machine-type          ${gce_machine_type}                 \
            --can-ip-forward                                            \
            --image-family          ${gce_image_family}                 \
            --image-project         ${gce_image_project}                \
            --private-network-ip    10.10.10.$((${instance_num}+10))    \
            --subnet                fusion
    fi
 done

 # k8s nodes
 for instance_num in $(seq 0 $((${gce_num_workers}-1))); do
    existing worker-${instance_num}
    if [ $? -ne 0 ]; then
        # k8s worker node
        creating "k8s worker node instance #${instance_num}"
        gcp compute instances create worker-${instance_num}             \
            --boot-disk-size        ${gce_boot_disk_size}               \
            --machine-type          ${gce_machine_type}                 \
            --can-ip-forward                                            \
            --image-family          ${gce_image_family}                 \
            --image-project         ${gce_image_project}                \
            --private-network-ip    10.10.10.$((${instance_num}+100))   \
            --subnet                fusion
    fi
 done
	#!/bin/bash

	gcp () {
	gcp_in=$(gcloud ${@} 2>&1)
	ec=$?
	if [ ${ec} -ne 0 ]; then
	echo; echo "ERROR!"; echo; echo "${gcp_in}"; echo
	fi
	return ${ec}
	}

	section () {
	curr_product="${1}"
	curr_section="${2}"
	curr_product_label="$(echo "${curr_product}" \| awk '{print toupper($1)}')"
	curr_section_label="$(echo "${curr_section}" \| awk '{print toupper($1)}')"
	}

	log () {
	if [ $(echo "${curr_product_label}" \| wc -m) -ge 22 ]; then
	product_out="[${curr_product_label}]\t"
	elif [ $(echo "${curr_product_label}" \| wc -m) -ge 14 ]; then
	product_out="[${curr_product_label}]\t"
	else
	product_out="[${curr_product_label}]\t\t"
	fi
	if [ $(echo "${curr_section_label}" \| wc -m) -ge 22 ]; then
	label_out="[${curr_section_label}]\t"
	elif [ $(echo "${curr_section_label}" \| wc -m) -ge 14 ]; then
	label_out="[${curr_section_label}]\t"
	else
	label_out="[${curr_section_label}]\t\t"
	fi
	echo "${product_out}${label_out}${1}"
	}

	existing () {
	log "Checking for existing '${1}' resource..."
	gcp ${curr_product} ${curr_section} describe ${@} > /dev/null 2>&1
	}

	creating () {
	log "Creating ${@}..."
	}
	#!/bin/bash
	DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" # Directory of script
	source "${DIR}/functions.sh" # Convenience functions

	gce_region="us-central1"
	gce_zone="us-central1-a"
	gce_num_controllers=3
	gce_num_workers=3
	gce_boot_disk_size="200GB"
	gce_machine_type="n1-standard-1"
	gce_image_family="cos-beta"
	gce_image_project="cos-cloud"

	# _ _ _ _
	# \| \\| \|___\| \|___ __ _____ _ _\| \|_____
	# \| .` / -_) _\ V V / _ \ '_\| / (_-<
	# \|_\|\_\___\|\__\|\_/\_/\___/_\| \|_\_\__/

	section compute networks

	existing fusion
	if [ $? -ne 0 ]; then
	creating "Fusion VPC network"
	gcp compute networks create fusion --mode custom
	gcp compute networks subnets create fusion \
	--network fusion \
	--range 10.10.10.0/25 \
	--region us-central1 # /25 == 124 hosts per network (126 - 2 GCE reserved)
	fi

	# ___ _ _ _
	# \| __(_)_ _ _____ __ ____ _\| \| \|
	# \| _\|\| \| '_/ -_) V V / _` \| \| \|
	# \|_\| \|_\|_\| \___\|\_/\_/\__,_\|_\|_\|

	section compute firewall-rules

	existing allow-lan
	if [ $? -ne 0 ]; then
	# Allow TCP/UDP/ICMP traffic on internal networks
	creating "LAN firewall rules"
	gcp compute firewall-rules create allow-lan \
	--allow tcp,udp,icmp \
	--network fusion \
	--source-ranges 10.10.10.0/25
	fi

	existing allow-wan
	if [ $? -ne 0 ]; then
	# Allow incoming traffic
	# - 22: SSH
	# - 6443: kubeconfig
	# - icmp: ping
	creating "WAN firewall rules"
	gcp compute firewall-rules create allow-wan \
	--allow tcp:22,tcp:6443,icmp \
	--network fusion \
	--source-ranges 0.0.0.0/0 # Everywhere
	fi

	existing allow-health
	if [ $? -ne 0 ]; then
	# Allow health checking
	creating "firewall rules for health checks"
	gcp compute firewall-rules create allow-health \
	--allow tcp:8080 \
	--network fusion \
	--source-ranges 130.211.0.0/22,35.191.0.0/16 # GCE
	fi

	# _ _ _
	# /_\ __\| \|__\| \|_ _ ___ _________ ___
	# / _ \/ _` / _` \| '_/ -_)_-<_-< -_)_-<
	# /_/ \_\__,_\__,_\|_\| \___/__/__\___/__/

	section compute addresses

	existing fusion --region=${gce_region}
	if [ $? -ne 0 ]; then
	creating "public IP for k8s control plane"
	# IP address for accessing the k8s API/control plane externally
	gcp compute addresses create fusion --region=${gce_region}
	fi

	# ___ _
	# \|_ _\|_ _ ___ \|_ __ _ _ _ __ ___ ___
	# \| \|\| ' \(_-< _/ _` \| ' \/ _/ -_)_-<
	# \|___\|_\|\|_/__/\__\__,_\|_\|\|_\__\___/__/

	section compute instances

	# k8s controllers
	for instance_num in $(seq 0 $((${gce_num_controllers}-1))); do
	existing controller-${instance_num}
	if [ $? -ne 0 ]; then
	# k8s controller
	creating "k8s controller instance #${instance_num}"
	gcp compute instances create controller-${instance_num} \
	--boot-disk-size ${gce_boot_disk_size} \
	--machine-type ${gce_machine_type} \
	--can-ip-forward \
	--image-family ${gce_image_family} \
	--image-project ${gce_image_project} \
	--private-network-ip 10.10.10.$((${instance_num}+10)) \
	--subnet fusion
	fi
	done

	# k8s nodes
	for instance_num in $(seq 0 $((${gce_num_workers}-1))); do
	existing worker-${instance_num}
	if [ $? -ne 0 ]; then
	# k8s worker node
	creating "k8s worker node instance #${instance_num}"
	gcp compute instances create worker-${instance_num} \
	--boot-disk-size ${gce_boot_disk_size} \
	--machine-type ${gce_machine_type} \
	--can-ip-forward \
	--image-family ${gce_image_family} \
	--image-project ${gce_image_project} \
	--private-network-ip 10.10.10.$((${instance_num}+100)) \
	--subnet fusion
	fi
	done