update hack scripts to use CALICO_NETWORK_POLICY env variable

Abhinav Dahiya · Abhinav Dahiya · commit 593ae030e1b4 · 2017-06-16T10:05:33.000-07:00
Signed-off-by: Abhinav Dahiya &lt;abhinav.dahiya@coreos.com&gt;
diff --git a/hack/multi-node/bootkube-up b/hack/multi-node/bootkube-up
@@ -18,9 +18,17 @@ else
     etcd_render_flags="--etcd-servers=https://172.17.4.51:2379"
 fi
 
+CALICO_NETWORK_POLICY=${CALICO_NETWORK_POLICY:-false}
+if [ ${CALICO_NETWORK_POLICY} = "true" ]; then
+    echo "WARNING: THIS IS EXPERIMENTAL SUPPORT FOR NETWORK POLICY"
+    cnp_render_flags="--experimental-calico-network-policy"
+else
+    cnp_render_flags=""
+fi
+
 # Render assets
 if [ ! -d "cluster" ]; then
-  ../../_output/bin/${local_os}/bootkube render --asset-dir=cluster --api-servers=https://172.17.4.101:443 ${etcd_render_flags} --experimental-calico-network-policy
+  ../../_output/bin/${local_os}/bootkube render --asset-dir=cluster --api-servers=https://172.17.4.101:443 ${etcd_render_flags} ${cnp_render_flags}
   cp user-data.sample cluster/user-data-worker
   cp user-data.sample cluster/user-data-controller
   sed -i.bak -e '/node-role.kubernetes.io\/master/d' cluster/user-data-worker
diff --git a/hack/quickstart/init-master.sh b/hack/quickstart/init-master.sh
@@ -8,6 +8,7 @@ CLUSTER_DIR=${CLUSTER_DIR:-cluster}
 IDENT=${IDENT:-${HOME}/.ssh/id_rsa}
 SSH_OPTS=${SSH_OPTS:-}
 SELF_HOST_ETCD=${SELF_HOST_ETCD:-false}
+CALICO_NETWORK_POLICY=${CALICO_NETWORK_POLICY:-false}
 CLOUD_PROVIDER=${CLOUD_PROVIDER:-}
 
 function usage() {
@@ -56,8 +57,15 @@ function init_master_node() {
         etcd_render_flags="--etcd-servers=https://${COREOS_PRIVATE_IPV4}:2379"
     fi
 
+    if [ "$CALICO_NETWORK_POLICY" = true ]; then
+        echo "WARNING: THIS IS EXPERIMENTAL SUPPORT FOR NETWORK POLICY"
+        cnp_render_flags="--experimental-calico-network-policy"
+    else
+        cnp_render_flags=""
+    fi
+
     # Render cluster assets
-    /home/${REMOTE_USER}/bootkube render --asset-dir=/home/${REMOTE_USER}/assets ${etcd_render_flags} --experimental-calico-network-policy \
+    /home/${REMOTE_USER}/bootkube render --asset-dir=/home/${REMOTE_USER}/assets ${etcd_render_flags} ${cnp_render_flags} \
       --api-servers=https://${COREOS_PUBLIC_IPV4}:443,https://${COREOS_PRIVATE_IPV4}:443
 
     # Move the local kubeconfig into expected location
@@ -101,7 +109,7 @@ if [ "${REMOTE_HOST}" != "local" ]; then
 
     # Copy self to remote host so script can be executed in "local" mode
     scp -i ${IDENT} -P ${REMOTE_PORT} ${SSH_OPTS} ${BASH_SOURCE[0]} ${REMOTE_USER}@${REMOTE_HOST}:/home/${REMOTE_USER}/init-master.sh
-    ssh -i ${IDENT} -p ${REMOTE_PORT} ${SSH_OPTS} ${REMOTE_USER}@${REMOTE_HOST} "sudo REMOTE_USER=${REMOTE_USER} CLOUD_PROVIDER=${CLOUD_PROVIDER} SELF_HOST_ETCD=${SELF_HOST_ETCD} /home/${REMOTE_USER}/init-master.sh local"
+    ssh -i ${IDENT} -p ${REMOTE_PORT} ${SSH_OPTS} ${REMOTE_USER}@${REMOTE_HOST} "sudo REMOTE_USER=${REMOTE_USER} CLOUD_PROVIDER=${CLOUD_PROVIDER} SELF_HOST_ETCD=${SELF_HOST_ETCD} CALICO_NETWORK_POLICY=${CALICO_NETWORK_POLICY} /home/${REMOTE_USER}/init-master.sh local"
 
     # Copy assets from remote host to a local directory. These can be used to launch additional nodes & contain TLS assets
     mkdir ${CLUSTER_DIR}
diff --git a/hack/single-node/bootkube-up b/hack/single-node/bootkube-up
@@ -17,9 +17,17 @@ else
     etcd_render_flags=""
 fi
 
+CALICO_NETWORK_POLICY=${CALICO_NETWORK_POLICY:-false}
+if [ ${CALICO_NETWORK_POLICY} = "true" ]; then
+    echo "WARNING: THIS IS EXPERIMENTAL SUPPORT FOR NETWORK POLICY"
+    cnp_render_flags="--experimental-calico-network-policy"
+else
+    cnp_render_flags=""
+fi
+
 # Render assets
 if [ ! -d "cluster" ]; then
-  ../../_output/bin/${local_os}/bootkube render --asset-dir=cluster --api-servers=https://172.17.4.100:443 ${etcd_render_flags} --experimental-calico-network-policy
+  ../../_output/bin/${local_os}/bootkube render --asset-dir=cluster --api-servers=https://172.17.4.100:443 ${etcd_render_flags} ${cnp_render_flags}
   cp user-data.sample cluster/user-data
 	if [ ${SELF_HOST_ETCD} = "false" ]; then
 		cat user-data-etcd.sample >> cluster/user-data
diff --git a/hack/terraform-quickstart/outputs.tf b/hack/terraform-quickstart/outputs.tf
@@ -13,3 +13,7 @@ output "master_ips" {
 output "self_host_etcd" {
   value = "${var.self_host_etcd}"
 }
+
+output "calico_network_policy" {
+  value = "${var.calico_network_policy}"
+}
diff --git a/hack/terraform-quickstart/start-cluster.sh b/hack/terraform-quickstart/start-cluster.sh
@@ -5,6 +5,7 @@ export BOOTSTRAP_IP=`terraform output bootstrap_node_ip`
 export WORKER_IPS=`terraform output -json worker_ips | jq -r '.value[]'`
 export MASTER_IPS=`terraform output -json master_ips | jq -r '.value[]'`
 export SELF_HOST_ETCD=`terraform output self_host_etcd`
+export CALICO_NETWORK_POLICY=`terraform output calico_network_policy`
 export SSH_OPTS=${SSH_OPTS:-}" -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
 export CLOUD_PROVIDER=${CLOUD_PROVIDER:-aws}
 
diff --git a/hack/terraform-quickstart/variables.tf b/hack/terraform-quickstart/variables.tf
@@ -27,6 +27,11 @@ variable "self_host_etcd" {
   default = "true"
 }
 
+variable "calico_network_policy" {
+  type    = "string"
+  default = "true"
+}
+
 variable "num_workers" {
   description = "number of worker nodes"
   type        = "string"

Original file line number	Diff line number	Diff line change
`@@ -13,3 +13,7 @@ output "master_ips" {`
`13`	`13`	`output "self_host_etcd" {`
`14`	`14`	`value = "${var.self_host_etcd}"`
`15`	`15`	`}`
	`16`	`+`
	`17`	`+output "calico_network_policy" {`
	`18`	`+ value = "${var.calico_network_policy}"`
	`19`	`+}`