From 19d9cd3ae269265c1e3147918a3a2287fc006bda Mon Sep 17 00:00:00 2001
From: Sahil Lakhwani <sahilakhwani@gmail.com>
Date: Fri, 23 Jul 2021 01:11:08 +0530
Subject: [PATCH] longhorn recipe (#28)

Signed-off-by: sahil-lakhwani <sahilakhwani@gmail.com>

* longhorn recipe

* upgrade ingress to v1

* longhorn: daemonset to install iscsi

* ingress-nginx

* add descriptions for longhorn and ingress-nginx

* longhorn: create secret from literal
---
 recipes/ingress-nginx.yaml | 24 ++++++++++++++
 recipes/longhorn.yaml      | 68 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 92 insertions(+)
 create mode 100644 recipes/ingress-nginx.yaml
 create mode 100644 recipes/longhorn.yaml

diff --git a/recipes/ingress-nginx.yaml b/recipes/ingress-nginx.yaml
new file mode 100644
index 0000000..5bb03e8
--- /dev/null
+++ b/recipes/ingress-nginx.yaml
@@ -0,0 +1,24 @@
+# ingress-nginx
+# Description: Detects Kubernetes provider type and install ingress-nginx controller
+# Tested on:
+# - EKS eks.5
+# - GKE 1.19.9-gke.1900
+# - Digital Ocean 1.21.2-do.2
+apiVersion: v1
+kind: kbrew
+app:
+  args:
+    # annotation for EKS
+    controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-type": '{{ $providerID := (index (lookup "v1" "Node" "" "").items 0).spec.providerID }}{{ if hasPrefix "aws" $providerID }}nlb{{end}}'
+    # annotations for Digital Ocean
+    controller.service.annotations."service\.beta\.kubernetes\.io/do-loadbalancer-enable-proxy-protocol": '{{ $providerID := (index (lookup "v1" "Node" "" "").items 0).spec.providerID }}{{ if hasPrefix "digitalocean" $providerID }}true{{end}}'
+    controller.config."use-proxy-protocol": '{{ $providerID := (index (lookup "v1" "Node" "" "").items 0).spec.providerID }}{{ if hasPrefix "digitalocean" $providerID }}true{{end}}'
+  repository:
+    name: ingress-nginx
+    url: https://kubernetes.github.io/ingress-nginx
+    type: helm
+  namespace: ingress-nginx
+  version: 3.34.0
+  post_cleanup:
+    steps:
+      - kubectl delete namespace ingress-nginx
diff --git a/recipes/longhorn.yaml b/recipes/longhorn.yaml
new file mode 100644
index 0000000..38413ae
--- /dev/null
+++ b/recipes/longhorn.yaml
@@ -0,0 +1,68 @@
+# Longhorn recipe
+# Description: Installs iscsi daemonset, longhorn and ingress-nginx
+# Tested on:
+# - EKS eks.5
+# - GKE 1.19.9-gke.1900
+# - Digital Ocean 1.21.2-do.2
+apiVersion: v1
+kind: kbrew
+app:
+  repository:
+    name: longhorn
+    url: https://charts.longhorn.io
+    type: helm
+  namespace: "longhorn-system"
+  pre_install:
+  - steps:
+    - openssl version
+      # Recipe needs USER and PASSWORD environment variables for ingress basic auth
+    - ': "${USERNAME:?Variable USERNAME not set or empty}" : "${PASSWORD:?Variable PASSWORD not set or empty}"'
+    - curl -s https://raw.githubusercontent.com/longhorn/longhorn/v1.1.1/scripts/environment_check.sh | bash
+      # daemonset for iscsi service installation
+    - kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn-manager/master/deploy/prerequisite/longhorn-iscsi-installation.yaml
+  post_install:
+  - apps:
+    - ingress-nginx
+  - steps:
+    - kubectl -n longhorn-system create secret generic basic-auth --from-literal=auth=$(echo ${USERNAME}:$(echo ${PASSWORD} | openssl passwd -stdin -apr1))
+    - |
+      echo "
+      apiVersion: networking.k8s.io/v1
+      kind: Ingress
+      metadata:
+        name: longhorn-ingress
+        namespace: longhorn-system
+        annotations:
+          # type of authentication
+          nginx.ingress.kubernetes.io/auth-type: basic
+          # prevent the controller from redirecting (308) to HTTPS
+          nginx.ingress.kubernetes.io/ssl-redirect: 'false'
+          # name of the secret that contains the user/password definitions
+          nginx.ingress.kubernetes.io/auth-secret: basic-auth
+          # message to display with an appropriate context why the authentication is required
+          nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required '
+      spec:
+        rules:
+        - http:
+            paths:
+            - path: /
+              pathType: Prefix
+              backend:
+                service:
+                  name: longhorn-frontend
+                  port:
+                    number: 80
+      " | kubectl -n longhorn-system create -f -
+    # post installation checks
+    - kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/master/examples/simple_pvc.yaml
+    - kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/master/examples/simple_pod.yaml
+  pre_cleanup:
+    steps:
+      - kubectl delete -f https://raw.githubusercontent.com/longhorn/longhorn/master/examples/simple_pod.yaml
+      - kubectl delete -f https://raw.githubusercontent.com/longhorn/longhorn/master/examples/simple_pvc.yaml
+  post_cleanup:
+    steps:
+      - kubectl delete secret basic-auth -n longhorn-system
+      - kubectl delete -f https://raw.githubusercontent.com/longhorn/longhorn-manager/master/deploy/prerequisite/longhorn-iscsi-installation.yaml
+      - kubectl delete ingress longhorn-ingress -n longhorn-system
+      - kubectl delete ns longhorn-system