forked from confidential-containers/cloud-api-adaptor
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathentrypoint.sh
executable file
·132 lines (114 loc) · 4.21 KB
/
entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
#!/bin/bash
CLOUD_PROVIDER=${1:-$CLOUD_PROVIDER}
CRI_RUNTIME_ENDPOINT=${CRI_RUNTIME_ENDPOINT:-/run/cri-runtime.sock}
optionals+=""
# Ensure you add a space before the closing quote (") when updating the optionals
# example:
# following is the correct method: optionals+="-option val "
# following is the incorrect method: optionals+="-option val"
[[ -S ${CRI_RUNTIME_ENDPOINT} ]] && optionals+="-cri-runtime-endpoint ${CRI_RUNTIME_ENDPOINT} "
[[ "${PAUSE_IMAGE}" ]] && optionals+="-pause-image ${PAUSE_IMAGE} "
[[ "${VXLAN_PORT}" ]] && optionals+="-vxlan-port ${VXLAN_PORT} "
test_vars() {
for i in "$@"; do
[ -z "${!i}" ] && echo "\$$i is NOT set" && EXT=1
done
[[ -n $EXT ]] && exit 1
}
aws() {
test_vars AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY
[[ "${PODVM_LAUNCHTEMPLATE_NAME}" ]] && optionals+="-use-lt -aws-lt-name ${PODVM_LAUNCHTEMPLATE_NAME} " # has precedence if set
[[ "${AWS_SG_IDS}" ]] && optionals+="-securitygroupids ${AWS_SG_IDS} " # MUST if template is not used
[[ "${PODVM_AMI_ID}" ]] && optionals+="-imageid ${PODVM_AMI_ID} " # MUST if template is not used
[[ "${PODVM_INSTANCE_TYPE}" ]] && optionals+="-instance-type ${PODVM_INSTANCE_TYPE} " # default t3.small
[[ "${SSH_KP_NAME}" ]] && optionals+="-keyname ${SSH_KP_NAME} " # if not retrieved from IMDS
[[ "${AWS_SUBNET_ID}" ]] && optionals+="-subnetid ${AWS_SUBNET_ID} " # if not set retrieved from IMDS
[[ "${AWS_REGION}" ]] && optionals+="-aws-region ${AWS_REGION} " # if not set retrieved from IMDS
set -x
exec cloud-api-adaptor aws \
-aws-region "${AWS_REGION}" \
-pods-dir /run/peerpod/pods \
${optionals} \
-socket /run/peerpod/hypervisor.sock
}
azure() {
test_vars AZURE_CLIENT_ID AZURE_CLIENT_SECRET AZURE_TENANT_ID AZURE_SUBSCRIPTION_ID AZURE_RESOURCE_GROUP AZURE_SUBNET_ID AZURE_IMAGE_ID
set -x
exec cloud-api-adaptor azure \
-subscriptionid "${AZURE_SUBSCRIPTION_ID}" \
-region "${AZURE_REGION}" \
-instance-size "${AZURE_INSTANCE_SIZE}" \
-resourcegroup "${AZURE_RESOURCE_GROUP}" \
-vxlan-port 8472 \
-subnetid "${AZURE_SUBNET_ID}" \
-securitygroupid "${AZURE_NSG_ID}" \
-imageid "${AZURE_IMAGE_ID}" \
${optionals}
}
ibmcloud() {
test_vars IBMCLOUD_API_KEY
set -x
exec cloud-api-adaptor ibmcloud \
-iam-service-url "${IBMCLOUD_IAM_ENDPOINT}" \
-vpc-service-url "${IBMCLOUD_VPC_ENDPOINT}" \
-resource-group-id "${IBMCLOUD_RESOURCE_GROUP_ID}" \
-key-id "${IBMCLOUD_SSH_KEY_ID}" \
-image-id "${IBMCLOUD_PODVM_IMAGE_ID}" \
-profile-name "${IBMCLOUD_PODVM_INSTANCE_PROFILE_NAME}" \
-zone-name "${IBMCLOUD_ZONE}" \
-primary-subnet-id "${IBMCLOUD_VPC_SUBNET_ID}" \
-primary-security-group-id "${IBMCLOUD_VPC_SG_ID}" \
-vpc-id "${IBMCLOUD_VPC_ID}" \
-pods-dir /run/peerpod/pods \
${optionals} \
-socket /run/peerpod/hypervisor.sock
}
libvirt() {
test_vars LIBVIRT_URI
set -x
exec cloud-api-adaptor libvirt \
-uri "${LIBVIRT_URI}" \
-data-dir /opt/data-dir \
-pods-dir /run/peerpod/pods \
-network-name "${LIBVIRT_NET:-default}" \
-pool-name "${LIBVIRT_POOL:-default}" \
${optionals} \
-socket /run/peerpod/hypervisor.sock
}
vsphere() {
test_vars GOVC_USERNAME GOVC_PASSWORD GOVC_URL GOVC_DATACENTER GOVC_DATASTORE
[[ "${GOVC_TEMPLATE}" ]] && optionals+="-template ${GOVC_TEMPLATE} "
[[ "${GOVC_VCLUSTER}" ]] && optionals+="-vcluster ${GOVC_VCLUSTER} "
[[ "${GOVC_RESOURCE_POOL}" ]] && optionals+="-resource-pool ${GOVC_RESOURCE_POOL} "
[[ "${GOVC_FOLDER}" ]] && optionals+="-deploy-folder ${GOVC_FOLDER} "
set -x
exec cloud-api-adaptor vsphere \
-vcenter-url ${GOVC_URL} \
-data-center ${GOVC_DATACENTER} \
-data-store ${GOVC_DATASTORE} \
${optionals} \
-socket /run/peerpod/hypervisor.sock
}
help_msg() {
cat <<EOF
Usage:
CLOUD_PROVIDER=aws|azure|ibmcloud|libvirt|vsphere $0
or
$0 aws|azure|ibmcloud|libvirt|vsphere
in addition all cloud provider specific env variables must be set and valid
(CLOUD_PROVIDER is currently set to "$CLOUD_PROVIDER")
EOF
}
if [[ "$CLOUD_PROVIDER" == "aws" ]]; then
aws
elif [[ "$CLOUD_PROVIDER" == "azure" ]]; then
azure
elif [[ "$CLOUD_PROVIDER" == "ibmcloud" ]]; then
ibmcloud
elif [[ "$CLOUD_PROVIDER" == "libvirt" ]]; then
libvirt
elif [[ "$CLOUD_PROVIDER" == "vsphere" ]]; then
vsphere
else
help_msg
fi