Skip to content

Commit

Permalink
Update Exoscale install instructions to deploy the Exoscale CCM
Browse files Browse the repository at this point in the history
  • Loading branch information
@simu
simu committed Feb 6, 2025
1 parent 805d1db commit a9cdc39
Show file tree
Hide file tree
Showing 3 changed files with 52 additions and 8 deletions.
39 changes: 38 additions & 1 deletion docs/modules/ROOT/pages/how-tos/exoscale/install.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ include::partial$exoscale/environment-vars.adoc[]
include::partial$install/vshn-input.adoc[]

[#_create_iam_keys]
=== Create restricted Exoscale IAM keys for object storage, AppCat and CSI driver
=== Create restricted Exoscale IAM keys for object storage, AppCat, CSI driver and CCM

[NOTE]
====
Expand Down Expand Up @@ -148,6 +148,38 @@ export CSI_ACCESSKEY=$(echo "${csi_credentials}" | jq -r '.key')
export CSI_SECRETKEY=$(echo "${csi_credentials}" | jq -r '.secret')
----

. Create restricted API key for the Exoscale cloud-controller-manager
+
[source,bash]
----
# Create Exoscale CCM Exoscale IAM role, if it doesn't exist yet in the organization
ccm_role_id=$(exo iam role list -O json | \
jq -r '.[] | select(.name=="ccm-exoscale") | .key')
if [ -z "${ccm_role_id}" ]; then
echo '{
"default-service-strategy": "deny",
"services": {
"compute": {
"type": "rules",
"rules": [
{
"expression": "operation in ['add-service-to-load-balancer', 'create-load-balancer', 'delete-load-balancer', 'delete-load-balancer-service', 'get-instance', 'get-instance-type', 'get-load-balancer', 'get-load-balancer-service', 'get-operation', 'list-instances', 'list-load-balancers', 'list-zones', 'reset-load-balancer-field', 'reset-load-balancer-service-field', 'update-load-balancer', 'update-load-balancer-service']",
"action": "allow"
}
]
}
}
}' | \
exo iam role create ccm-exoscale \
--description "Exoscale CCM: TBD" \
--policy -
fi
# Create access key
ccm_credentials=$(exo iam api-key create -O json \
"${CLUSTER_ID}_ccm-exoscale" ccm-exoscale)
export CCM_ACCESSKEY=$(echo "${ccm_credentials}" | jq -r '.key')
export CCM_SECRETKEY=$(echo "${ccm_credentials}" | jq -r '.secret')
----

[#_bootstrap_bucket]
=== Set up S3 bucket for cluster bootstrap
Expand Down Expand Up @@ -225,6 +257,11 @@ vault kv put clusters/kv/${TENANT_ID}/${CLUSTER_ID}/appcat/provider-exoscale \
vault kv put clusters/kv/${TENANT_ID}/${CLUSTER_ID}/exoscale/csi_driver \
access_key=${CSI_ACCESSKEY} \
secret_key=${CSI_SECRETKEY}
# Set the CCM Exoscale Credentials
vault kv put clusters/kv/${TENANT_ID}/${CLUSTER_ID}/exoscale/ccm \
access_key=${CCM_ACCESSKEY} \
secret_key=${CCM_SECRETKEY}
----

include::partial$get-hieradata-token-from-vault.adoc[]
Expand Down
8 changes: 1 addition & 7 deletions docs/modules/ROOT/partials/install/install-config-cloudscale-exoscale.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,16 +16,10 @@ apiVersion: v1
metadata:
name: ${CLUSTER_ID} <1>
baseDomain: ${BASE_DOMAIN} <1>
ifeval::["{provider}" == "cloudscale"]
platform:
external:
platformName: cloudscale
platformName: {provider}
cloudControllerManager: External
endif::[]
ifeval::["{provider}" == "exoscale"]
platform:
none: {}
endif::[]
networking:
networkType: Cilium
pullSecret: |
Expand Down
13 changes: 13 additions & 0 deletions docs/modules/ROOT/partials/install/run-installer.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,19 @@ yq -i e ".stringData.access-token=\"${CLOUDSCALE_API_TOKEN}\"" \
${INSTALLER_DIR}/manifests/cloudscale-cloud-controller-manager_01_secret_0_secret.yml
----
endif::[]
ifeval::["{provider}" == "exoscale"]
. Copy cloud-controller-manager manifests
+
[source,bash,]
----
for f in catalog/manifests/exoscale-cloud-controller-manager/*; do
cp $f ${INSTALLER_DIR}/manifests/exoscale_ccm_$(basename $f)
done

yq -i e ".stringData.api-key=\"${CCM_ACCESSKEY}\",.stringData.api-secret=\"${CCM_SECRETKEY}\"" \
${INSTALLER_DIR}/manifests/exoscale_ccm_01_secret.yaml
----
endif::[]

. Copy pre-rendered Cilium manifests
+
Expand Down

0 comments on commit a9cdc39

Please sign in to comment.