forked from camunda-community-hub/camunda-8-helm-profiles
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathMakefile
107 lines (85 loc) · 4.39 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# ------------------------------------
# Set the following for your specific environment
# Already have a Cluster? Set these values to point to your existing environment
# Otherwise, these values will be used to create a new Cluster
region ?= us-east-1
zones ?= ['us-east-1a', 'us-east-1b']
clusterName ?= CLUSTER_NAME
machineType ?= c6i.4xlarge
# TODO: Currently, auto scaling configuration using these scripts for AWS is not working
# desiredSize is used as the starting size of the cluster
desiredSize ?= 3
minSize ?= 1
maxSize ?= 6
certEmail ?= [email protected]
# ------------------------------------
# The following variables should not be changed except for advanced use cases
clusterVersion ?= 1.23
volumeSize ?= 128
root ?= $(shell pwd)/../../../..
# Camunda components will be installed into the following Kubernetes namespace
namespace ?= camunda
# Helm release name
release ?= camunda
# Helm chart coordinates for Camunda
chart ?= camunda/camunda-platform
# This file will be generated by make targets
chartValues ?= camunda-values-nginx-aws.yaml
.PHONY: all
all: cert-manager letsencrypt-prod ingress-nginx-tls camunda-values-nginx-aws.yaml camunda annotate-ingress-tls external-urls
# 0 kube from aks.mk: Create Kubernetes cluster. (No aplication gateway required)
.PHONY: kube
kube: kube-aws oidc-provider metrics
# 1 cert-manager from cert-manager.mk: create certificate manager for tls
# 2 letsencrypt-staging/-prod from cert-manager.mk: create letsencrypt cert issuer
# TODO: both google and aws use this. we can combine this into an include possibly?
# 3 create nginx ingress controller with dns and tls
.PHONY: ingress-nginx-tls
ingress-nginx-tls:
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update ingress-nginx
helm search repo ingress-nginx
helm install ingress-nginx ingress-nginx/ingress-nginx --namespace ingress-nginx --create-namespace --wait \
--set controller.service.annotations."nginx\.ingress.kubernetes.io/ssl-redirect"="true" \
--set controller.service.annotations."cert-manager.io/cluster-issuer"="letsencrypt"
# 4 create camunda-values-aws.yaml with external ip from ingress controller's Loadbalancer
.PHONY: await-elb
await-elb:
$(root)/aws/ingress/nginx/tls/aws-ingress.sh
.PHONY: ingress-aws-ip-from-service
ingress-aws-ip-from-service: await-elb
$(eval ELB_ID := $(shell kubectl get service -w ingress-nginx-controller -o 'go-template={{with .status.loadBalancer.ingress}}{{range .}}{{.hostname}}{{"\n"}}{{end}}{{.err}}{{end}}' -n ingress-nginx 2>/dev/null | head -n1 | cut -d'.' -f 1 | cut -d'-' -f 1))
@echo "AWS ELB id: $(ELB_ID)"
$(eval IP_TMP := $(shell aws ec2 describe-network-interfaces --filters Name=description,Values="ELB ${ELB_ID}" --query 'NetworkInterfaces[0].PrivateIpAddresses[*].Association.PublicIp' --output text))
#$(eval IP := $(shell echo ${IP_TMP} | sed 's/\./-/g'))
$(eval IP := $(shell echo ${IP_TMP} ))
#@echo "AWS ELB IP: ec2-$(IP).compute-1.amazonaws.com"
@echo "AWS ELB IP: $(IP).nip.io"
camunda-values-nginx-aws.yaml: ingress-aws-ip-from-service
#sed "s/YOUR_HOSTNAME/ec2-$(IP).compute-1.amazonaws.com/g;" $(root)/ingress-nginx/camunda-values.yaml > ./camunda-values-nginx-aws.yaml
sed "s/YOUR_HOSTNAME/$(IP).nip.io/g;" $(root)/ingress-nginx/camunda-values.yaml > ./camunda-values-nginx-aws.yaml
# 5 helm install camunda from camunda.mk with own tls config, combined ingress
# 6 annotate-ingress-tls from cert-manager.mk: add cluster-issuer annotation to nginx
# 7 Show external URLs
.PHONY: external-urls
external-urls: ingress-aws-ip-from-service
@echo https://$(IP).nip.io/auth
@echo https://$(IP).nip.io/identity
@echo https://$(IP).nip.io/operate
@echo https://$(IP).nip.io/tasklist
@echo https://$(IP).nip.io/optimize
@echo zbctl status --address $(IP).nip.io:443
# Getting url for grafana is vendor specific
.PHONY: url-grafana
url-grafana:
@echo "http://`kubectl get svc metrics-grafana-loadbalancer -n default -o 'custom-columns=ip:status.loadBalancer.ingress[0].hostname' | tail -n 1`/d/I4lo7_EZk/zeebe?var-namespace=$(namespace)"
.PHONY: clean-kube
clean-kube: clean-metrics clean-kube-aws
.PHONY: clean
clean: clean-camunda clean-ingress clean-cert-manager
rm -f $(root)/aws/ingress/nginx/tls/camunda-values-nginx-aws.yaml
include $(root)/include/camunda.mk
include $(root)/include/ingress-nginx.mk
include $(root)/include/cert-manager.mk
include $(root)/aws/include/kubernetes-aws.mk
include $(root)/metrics/metrics.mk