mirror of https://github.com/istio/istio.io.git
85 lines
2.8 KiB
Bash
85 lines
2.8 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
# Copyright Istio Authors
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
set -e
|
|
set -u
|
|
set -o pipefail
|
|
set -x
|
|
|
|
function setup_cluster_for_vms() {
|
|
snip_setup_wd
|
|
|
|
snip_setup_iop
|
|
|
|
echo y | snip_install_istio
|
|
|
|
snip_install_eastwest
|
|
|
|
snip_expose_istio
|
|
}
|
|
|
|
function setup_vm() {
|
|
snip_install_namespace || true
|
|
snip_install_sa || true
|
|
|
|
snip_create_wg
|
|
snip_apply_wg
|
|
snip_configure_wg
|
|
|
|
# Rather than spinning up a real VM, we will use a docker container
|
|
# We do the implicit "Securely transfer the files from "${WORK_DIR}" to the virtual machine." step by
|
|
# a volume mount
|
|
# shellcheck disable=SC2086
|
|
docker run --rm -it --init -d --network=kind --name vm \
|
|
-v "${WORK_DIR}:/root" -v "${PWD}/content/en/docs/setup/install/virtual-machine:/test" \
|
|
${EXTRA_VM_ARGS:-} \
|
|
-w "/root" \
|
|
gcr.io/istio-release/base:${BASE_VERSION}
|
|
|
|
POD_CIDR=$(kubectl get node -ojsonpath='{.items[0].spec.podCIDR}')
|
|
DOCKER_IP=$(docker inspect -f "{{ .NetworkSettings.Networks.kind.IPAddress }}" istio-testing-control-plane)
|
|
# Here, we run the snippets *inside* the docker VM. This mirrors the docs telling to run the commands
|
|
# on the VM
|
|
docker exec --privileged vm bash -c "
|
|
# Setup connectivity
|
|
ip route add ${POD_CIDR} via ${DOCKER_IP}
|
|
# Docker sets up a bunch of rules for DNS which messes with things. Just remove all of them
|
|
sudo iptables -P INPUT ACCEPT
|
|
sudo iptables -P FORWARD ACCEPT
|
|
sudo iptables -P OUTPUT ACCEPT
|
|
sudo iptables -t nat -F
|
|
sudo iptables -t mangle -F
|
|
sudo iptables -F
|
|
sudo iptables -X
|
|
echo nameserver 8.8.8.8 | sudo tee /etc/resolv.conf
|
|
source /test/snips.sh
|
|
snip_configure_the_virtual_machine_1
|
|
snip_configure_the_virtual_machine_2
|
|
# TODO: we should probably have a better way to get the debian package
|
|
curl -LO https://storage.googleapis.com/istio-build/dev/${TAG}/deb/istio-sidecar.deb
|
|
sudo dpkg -i istio-sidecar.deb
|
|
snip_configure_the_virtual_machine_5
|
|
snip_configure_the_virtual_machine_6
|
|
snip_configure_the_virtual_machine_7
|
|
snip_configure_the_virtual_machine_8
|
|
"
|
|
}
|
|
|
|
function start_vm() {
|
|
# We cannot use systemd inside docker (since its a pain). Just run it directly.
|
|
docker exec --privileged -w / -e ISTIO_AGENT_FLAGS="--log_output_level=dns:debug" -d vm /usr/local/bin/istio-start.sh
|
|
}
|