github/kubeinvaders
1
0
Fork 0
mirror of https://github.com/lucky-sideburn/kubeinvaders.git synced 2026-04-05 09:56:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

add secrets when install KubeInvaders in Openshift

Browse Source
This commit is contained in:
luckysideburn
2019-10-06 04:10:20 -04:00
parent 1e13fcd088
commit b862ade3aa
3 changed files with 15 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@@ -33,7 +33,9 @@ Through KubeInvaders you can stress your Openshift cluster in a fun way and chec
To Install KubeInvaders on your Openshift Cluster clone this repo and launch the following commands:
```bash
TARGET_NAMESPACE=foobar
oc create clusterrole kubeinvaders-role --verb=watch,get,delete --resource=pods
TARGET_NAMESPACE=foobar,awesome-namespace
## You can define multiple namespaces ex: TARGET_NAMESPACE=foobar,foobar2
# Choose route host for your kubeinvaders instance.
@@ -45,12 +47,14 @@ IP_WHITELIST="93.44.96.4"
oc new-project kubeinvaders --display-name='KubeInvaders'
oc create sa kubeinvaders -n kubeinvaders
oc create sa kubeinvaders -n $TARGET_NAMESPACE
oc adm policy add-role-to-user edit -z kubeinvaders -n $TARGET_NAMESPACE
oc adm policy add-cluster-role-to-user kubeinvaders-role -z kubeinvaders -n kubeinvaders
TOKEN=$(oc describe secret -n $TARGET_NAMESPACE $(oc describe sa kubeinvaders -n $TARGET_NAMESPACE | grep Tokens | awk '{ print $2}') | grep 'token:'| awk '{ print $2}')
oc process -f openshift/KubeInvaders.yaml -p ROUTE_HOST=$ROUTE_HOST -p TARGET_NAMESPACE=$TARGET_NAMESPACE -p TOKEN=$TOKEN | oc create -f -
KUBEINVADERS_SECRET=$(oc get secret -n kubeinvaders --field-selector=type==kubernetes.io/service-account-token | grep 'kubeinvaders-token' | awk '{ print $1}' | head -n 1)
oc process -f openshift/KubeInvaders.yaml -p ROUTE_HOST=$ROUTE_HOST -p TARGET_NAMESPACE=$TARGET_NAMESPACE -p KUBEINVADERS_SECRET=$KUBEINVADERS_SECRET | oc create -f -
```
Below how the configuration of KubeInvaders DeploymentConfig should be (remember to use your TARGET_NAMESPACE and ROUTE_HOST).
![Alt Text](https://github.com/lucky-sideburn/KubeInvaders/blob/master/images/dcenv.png)
### Install KubeInvaders on Kubernetes

BIN
images/dcenv.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 117 KiB

9
openshift/KubeInvaders.yaml
View File

@@ -22,8 +22,8 @@ parameters:
value: kubeinvaders
- description: A namespaces to stress with KubeInvaders.
name: TARGET_NAMESPACE
- description: Token of a serviceAccount that can kill PODs in specific namespace.
name: TOKEN
- description: Secret of the serviceAccount that can kill PODs in specific namespace.
name: KUBEINVADERS_SECRET
objects:
- apiVersion: v1
kind: ServiceAccount
@@ -82,7 +82,10 @@ objects:
- name: NAMESPACE
value: "${TARGET_NAMESPACE}"
- name: TOKEN
value: "${TOKEN}"
valueFrom:
secretKeyRef:
name: "${KUBEINVADERS_SECRET}"
key: token
name: kubeinvaders
image: ${IMAGE_KUBEINVADERS}
imagePullPolicy: Always