# Save cluster config to <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kwok.yaml
mkdir -p <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>
mkdir -p <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki
# Generate PKI to <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki
mkdir -p <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/etcd
docker pull registry.k8s.io/etcd:3.5.15-0
docker pull registry.k8s.io/kube-apiserver:v1.32.2
docker pull registry.k8s.io/kube-controller-manager:v1.32.2
docker pull registry.k8s.io/kube-scheduler:v1.32.2
docker pull registry.k8s.io/kwok/kwok:v0.7.0
cat <<EOF ><ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kubeconfig.yaml
apiVersion: v1
clusters:
- cluster:
    certificate-authority: <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/ca.crt
    server: https://127.0.0.1:32766
  name: kwok-<CLUSTER_NAME>
contexts:
- context:
    cluster: kwok-<CLUSTER_NAME>
    user: kwok-<CLUSTER_NAME>
  name: kwok-<CLUSTER_NAME>
current-context: kwok-<CLUSTER_NAME>
kind: Config
preferences: {}
users:
- name: kwok-<CLUSTER_NAME>
  user:
    client-certificate: <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/admin.crt
    client-key: <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/admin.key
EOF
cat <<EOF ><ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kubeconfig
apiVersion: v1
clusters:
- cluster:
    certificate-authority: /etc/kubernetes/pki/ca.crt
    server: https://kwok-<CLUSTER_NAME>-kube-apiserver:6443
  name: kwok-<CLUSTER_NAME>
contexts:
- context:
    cluster: kwok-<CLUSTER_NAME>
    user: kwok-<CLUSTER_NAME>
  name: kwok-<CLUSTER_NAME>
current-context: kwok-<CLUSTER_NAME>
kind: Config
preferences: {}
users:
- name: kwok-<CLUSTER_NAME>
  user:
    client-certificate: /etc/kubernetes/pki/admin.crt
    client-key: /etc/kubernetes/pki/admin.key
EOF
# Save cluster config to <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kwok.yaml
docker network create kwok-<CLUSTER_NAME> --label=com.docker.compose.project=kwok-<CLUSTER_NAME>
docker create --name=kwok-<CLUSTER_NAME>-etcd --pull=never --entrypoint=etcd --network=kwok-<CLUSTER_NAME> --restart=unless-stopped --label=com.docker.compose.project=kwok-<CLUSTER_NAME> registry.k8s.io/etcd:3.5.15-0 --name=node0 --auto-compaction-retention=1 --quota-backend-bytes=8589934592 --data-dir=/etcd-data --initial-advertise-peer-urls=http://0.0.0.0:2380 --listen-peer-urls=http://0.0.0.0:2380 --advertise-client-urls=http://0.0.0.0:2379 --listen-client-urls=http://0.0.0.0:2379 --initial-cluster=node0=http://0.0.0.0:2380
docker create --name=kwok-<CLUSTER_NAME>-kube-apiserver --pull=never --entrypoint=kube-apiserver --network=kwok-<CLUSTER_NAME> --link=kwok-<CLUSTER_NAME>-etcd --restart=unless-stopped --label=com.docker.compose.project=kwok-<CLUSTER_NAME> --publish=32766:6443/tcp --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/admin.key:/etc/kubernetes/pki/admin.key:ro registry.k8s.io/kube-apiserver:v1.32.2 --etcd-prefix=/registry --allow-privileged=true --max-requests-inflight=0 --max-mutating-requests-inflight=0 --enable-priority-and-fairness=false --etcd-servers=http://kwok-<CLUSTER_NAME>-etcd:2379 --bind-address=0.0.0.0 --secure-port=6443 --tls-cert-file=/etc/kubernetes/pki/admin.crt --tls-private-key-file=/etc/kubernetes/pki/admin.key --client-ca-file=/etc/kubernetes/pki/ca.crt --service-account-key-file=/etc/kubernetes/pki/admin.key --service-account-signing-key-file=/etc/kubernetes/pki/admin.key --service-account-issuer=https://kubernetes.default.svc.cluster.local --proxy-client-key-file=/etc/kubernetes/pki/admin.key --proxy-client-cert-file=/etc/kubernetes/pki/admin.crt
docker create --name=kwok-<CLUSTER_NAME>-kube-controller-manager --pull=never --entrypoint=kube-controller-manager --network=kwok-<CLUSTER_NAME> --link=kwok-<CLUSTER_NAME>-kube-apiserver --restart=unless-stopped --label=com.docker.compose.project=kwok-<CLUSTER_NAME> --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kubeconfig:~/.kube/config:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/admin.key:/etc/kubernetes/pki/admin.key:ro registry.k8s.io/kube-controller-manager:v1.32.2 --node-monitor-period=25s --node-monitor-grace-period=3m20s --kubeconfig=~/.kube/config --authorization-always-allow-paths=/healthz,/readyz,/livez,/metrics --bind-address=0.0.0.0 --secure-port=10257 --kube-api-qps=5000 --kube-api-burst=10000
docker create --name=kwok-<CLUSTER_NAME>-kube-scheduler --pull=never --entrypoint=kube-scheduler --network=kwok-<CLUSTER_NAME> --link=kwok-<CLUSTER_NAME>-kube-apiserver --restart=unless-stopped --label=com.docker.compose.project=kwok-<CLUSTER_NAME> --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kubeconfig:~/.kube/config:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/admin.key:/etc/kubernetes/pki/admin.key:ro registry.k8s.io/kube-scheduler:v1.32.2 --kubeconfig=~/.kube/config --authorization-always-allow-paths=/healthz,/readyz,/livez,/metrics --bind-address=0.0.0.0 --secure-port=10259 --kube-api-qps=5000 --kube-api-burst=10000
docker create --name=kwok-<CLUSTER_NAME>-kwok-controller --pull=never --entrypoint=kwok --network=kwok-<CLUSTER_NAME> --link=kwok-<CLUSTER_NAME>-kube-apiserver --restart=unless-stopped --label=com.docker.compose.project=kwok-<CLUSTER_NAME> --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kubeconfig:~/.kube/config:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/ca.crt:/etc/kubernetes/pki/ca.crt:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/admin.crt:/etc/kubernetes/pki/admin.crt:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/admin.key:/etc/kubernetes/pki/admin.key:ro --volume=<ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kwok.yaml:~/.kwok/kwok.yaml:ro registry.k8s.io/kwok/kwok:v0.7.0 --manage-all-nodes=true --kubeconfig=~/.kube/config --config=~/.kwok/kwok.yaml --tls-cert-file=/etc/kubernetes/pki/admin.crt --tls-private-key-file=/etc/kubernetes/pki/admin.key --node-ip= --node-name=kwok-<CLUSTER_NAME>-kwok-controller --node-port=10247 --server-address=0.0.0.0:10247 --node-lease-duration-seconds=200
# Add context kwok-<CLUSTER_NAME> to ~/.kube/config
docker start kwok-<CLUSTER_NAME>-etcd
docker start kwok-<CLUSTER_NAME>-kube-apiserver
docker start kwok-<CLUSTER_NAME>-kube-controller-manager
docker start kwok-<CLUSTER_NAME>-kube-scheduler
docker start kwok-<CLUSTER_NAME>-kwok-controller
