Kubectl must be configured to point to the applicable kubernetes instance.
Nodeports exposed by the kubernetes instance must be accessible by the local machine - basically the kubernetes control plane IP needs to be accessible from the local machine.
-- Latest version of istio install
+- Latest version of istio installed
# Other requirements
- helm3
- bash
- cmd 'envsubst' must be installed (check by cmd: 'type envsubst' )
- cmd 'jq' must be installed (check by cmd: 'type jq' )
+- keytool
+- openssl
+
## Before installation
The following images need to be built manually. If remote or multi node cluster is used, then an image repo needs to be available to push the built images to.
#
global:
- extimagerepo: bjornmagnussonest/
+ extimagerepo:
numhttpsservers: 10
selector:
matchLabels:
app: message-router
- serviceName: message-router
replicas: 1
template:
metadata:
check_error $?
echo " Generating ca cert"
-cat <<__EOF__ | openssl req -new -x509 -nodes -days 365000 -key ca.key -out httpsca.crt 2> /dev/null
-SE
-.
-.
-EST
-EST
-$SRV
-.
-__EOF__
+openssl req -new -x509 -nodes -days 365000 -key ca.key -subj "/C=SE/ST=./L=./O=EST/OU=EST/CN=$SRV/emailAddress=a@example.com" -out httpsca.crt 2> /dev/null
+
check_error $?
SRV="pm-https-server-$i.pm-https-server.ran"
echo " Generating cert and key for server $SRV"
-cat <<__EOF__ | openssl req -newkey rsa:2048 -nodes -days 365000 -keyout https-$i.key -out https-req$i.crt 2> /dev/null
-SE
-.
-.
-ERIC
-ERIC
-$SRV
-.
-
-__EOF__
+ openssl req -newkey rsa:2048 -nodes -days 365000 -subj "/C=SE/ST=./L=./O=ERIC/OU=ERIC/CN=$SRV/emailAddress=a@example.com" -keyout https-$i.key -out https-req$i.crt 2> /dev/null
+
check_error $?
openssl x509 -req -days 365000 -set_serial 01 -in https-req$i.crt -out https-$i.crt -CA httpsca.crt -CAkey ca.key
done
echo "DONE"
-exit 0
\ No newline at end of file
+exit 0
+
done
# Save influx user api-token to secret
-INFLUXDB2_TOKEN=$(get_influxdb2_token influxdb2-0 nonrtric | base64)
+B64FLAG="-w 0"
+case "$OSTYPE" in
+ darwin*) B64FLAG="" ;;
+esac
+INFLUXDB2_TOKEN=$(get_influxdb2_token influxdb2-0 nonrtric | base64 $B64FLAG)
PATCHDATA='[{"op": "add", "path": "/data/token", "value": "'$INFLUXDB2_TOKEN'"}]'
kubectl patch secret influxdb-api-token -n nonrtric --type json -p "$PATCHDATA"