# Save cluster config to <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kwok.yaml
mkdir -p <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>
mkdir -p <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki
# Generate PKI to <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki
mkdir -p <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki/etcd
docker pull docker.io/kindest/node:v1.32.2
mkdir -p <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki
mkdir -p <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/manifests
cat <<EOF ><ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kind.yaml
apiVersion: kind.x-k8s.io/v1alpha4
kind: Cluster
kubeadmConfigPatches:
- |
  apiServer:
    extraArgs:
      enable-priority-and-fairness: "false"
      max-mutating-requests-inflight: "0"
      max-requests-inflight: "0"
      v: "5"
    extraVolumes:
    - hostPath: /var/components/apiserver/extras/tmp
      mountPath: /extras/tmp
      name: tmp-apiserver
      pathType: DirectoryOrCreate
  apiVersion: kubeadm.k8s.io/v1beta3
  controllerManager:
    extraArgs:
      kube-api-burst: "10000"
      kube-api-qps: "5000"
      v: "5"
    extraVolumes:
    - hostPath: /var/components/controller-manager/extras/tmp
      mountPath: /extras/tmp
      name: tmp-controller-manager
      pathType: DirectoryOrCreate
  dns: {}
  etcd:
    local:
      dataDir: /var/lib/etcd
      extraArgs:
        log-level: debug
        quota-backend-bytes: "8589934592"
  kind: ClusterConfiguration
  networking: {}
  scheduler:
    extraArgs:
      kube-api-burst: "10000"
      kube-api-qps: "5000"
      v: "5"
    extraVolumes:
    - hostPath: /var/components/scheduler/extras/tmp
      mountPath: /extras/tmp
      name: tmp-scheduler
      pathType: DirectoryOrCreate
networking:
  apiServerPort: 32766
nodes:
- extraMounts:
  - containerPath: /etc/kwok/
    hostPath: <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>
  - containerPath: /etc/kubernetes/manifests
    hostPath: <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/manifests
  - containerPath: /etc/kubernetes/pki
    hostPath: <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/pki
  - containerPath: /var/components/apiserver/extras/tmp
    hostPath: <ROOT_DIR>/test/e2e/kwokctl/dryrun/extras/apiserver
  - containerPath: /var/components/controller-manager/extras/tmp
    hostPath: <ROOT_DIR>/test/e2e/kwokctl/dryrun/extras/controller-manager
  - containerPath: /var/components/scheduler/extras/tmp
    hostPath: <ROOT_DIR>/test/e2e/kwokctl/dryrun/extras/scheduler
  - containerPath: /var/components/controller/extras/tmp
    hostPath: <ROOT_DIR>/test/e2e/kwokctl/dryrun/extras/controller
  - containerPath: /var/components/prometheus/extras/tmp
    hostPath: <ROOT_DIR>/test/e2e/kwokctl/dryrun/extras/prometheus
  - containerPath: /var/components/prometheus/etc/prometheus/prometheus.yaml
    hostPath: <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/prometheus.yaml
  extraPortMappings:
  - containerPort: 9090
    hostPort: 9090
    protocol: TCP
  role: control-plane
EOF
docker pull registry.k8s.io/kwok/kwok:v0.7.0
cat <<EOF ><ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/manifests/kwok-controller.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  name: kwok-controller
  namespace: kube-system
spec:
  containers:
  - args:
    - --manage-all-nodes=false
    - --manage-nodes-with-annotation-selector=kwok.x-k8s.io/node=fake
    - --kubeconfig=~/.kube/config
    - --config=~/.kwok/kwok.yaml
    - --tls-cert-file=/etc/kubernetes/pki/admin.crt
    - --tls-private-key-file=/etc/kubernetes/pki/admin.key
    - --node-ip=$(POD_IP)
    - --node-name=kwok-controller.kube-system.svc
    - --node-port=10247
    - --server-address=0.0.0.0:10247
    - --node-lease-duration-seconds=40
    - --v=-4
    command:
    - kwok
    env:
    - name: TEST_KEY
      value: TEST_VALUE
    - name: POD_IP
      valueFrom:
        fieldRef:
          fieldPath: status.podIP
    image: registry.k8s.io/kwok/kwok:v0.7.0
    imagePullPolicy: Never
    name: kwok-controller
    ports:
    - containerPort: 10247
      hostPort: 10247
      name: http
      protocol: TCP
    resources: {}
    volumeMounts:
    - mountPath: ~/.kube/config
      name: volume-0
      readOnly: true
    - mountPath: /etc/kubernetes/pki/ca.crt
      name: volume-1
      readOnly: true
    - mountPath: /etc/kubernetes/pki/admin.crt
      name: volume-2
      readOnly: true
    - mountPath: /etc/kubernetes/pki/admin.key
      name: volume-3
      readOnly: true
    - mountPath: ~/.kwok/kwok.yaml
      name: volume-4
      readOnly: true
    - mountPath: /extras/tmp
      name: tmp-controller
  hostNetwork: true
  restartPolicy: Always
  securityContext:
    runAsGroup: 0
    runAsUser: 0
  volumes:
  - hostPath:
      path: /etc/kubernetes/admin.conf
    name: volume-0
  - hostPath:
      path: /etc/kubernetes/pki/ca.crt
    name: volume-1
  - hostPath:
      path: /etc/kubernetes/pki/admin.crt
    name: volume-2
  - hostPath:
      path: /etc/kubernetes/pki/admin.key
    name: volume-3
  - hostPath:
      path: /etc/kwok/kwok.yaml
    name: volume-4
  - hostPath:
      path: <ROOT_DIR>/test/e2e/kwokctl/dryrun/extras/controller
      type: DirectoryOrCreate
    name: tmp-controller
status: {}
EOF
docker pull docker.io/prom/prometheus:v2.53.0
cat <<EOF ><ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/manifests/prometheus.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  name: prometheus
  namespace: kube-system
spec:
  containers:
  - args:
    - --config.file=/etc/prometheus/prometheus.yaml
    - --web.listen-address=0.0.0.0:9090
    - --log.level=debug
    command:
    - prometheus
    env:
    - name: TEST_KEY
      value: TEST_VALUE
    image: docker.io/prom/prometheus:v2.53.0
    imagePullPolicy: Never
    name: prometheus
    ports:
    - containerPort: 9090
      hostPort: 9090
      name: http
      protocol: TCP
    resources: {}
    volumeMounts:
    - mountPath: /etc/prometheus/prometheus.yaml
      name: volume-0
      readOnly: true
    - mountPath: /etc/kubernetes/pki/admin.crt
      name: volume-1
      readOnly: true
    - mountPath: /etc/kubernetes/pki/admin.key
      name: volume-2
      readOnly: true
    - mountPath: /etc/kubernetes/pki/apiserver-etcd-client.crt
      name: volume-3
      readOnly: true
    - mountPath: /etc/kubernetes/pki/apiserver-etcd-client.key
      name: volume-4
      readOnly: true
    - mountPath: /extras/tmp
      name: tmp-prometheus
  hostNetwork: true
  restartPolicy: Always
  securityContext:
    runAsGroup: 0
    runAsUser: 0
  volumes:
  - hostPath:
      path: /var/components/prometheus/etc/prometheus/prometheus.yaml
    name: volume-0
  - hostPath:
      path: /etc/kubernetes/pki/admin.crt
    name: volume-1
  - hostPath:
      path: /etc/kubernetes/pki/admin.key
    name: volume-2
  - hostPath:
      path: /etc/kubernetes/pki/apiserver-etcd-client.crt
    name: volume-3
  - hostPath:
      path: /etc/kubernetes/pki/apiserver-etcd-client.key
    name: volume-4
  - hostPath:
      path: <ROOT_DIR>/test/e2e/kwokctl/dryrun/extras/prometheus
      type: DirectoryOrCreate
    name: tmp-prometheus
status: {}
EOF
cat <<EOF ><ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/prometheus.yaml
global:
  evaluation_interval: 15s
  scrape_interval: 15s
  scrape_timeout: 10s
scrape_configs:
- enable_http2: true
  follow_redirects: true
  honor_timestamps: true
  job_name: etcd
  metrics_path: /metrics
  scheme: https
  static_configs:
  - targets:
    - 127.0.0.1:2379
  tls_config:
    cert_file: /etc/kubernetes/pki/apiserver-etcd-client.crt
    insecure_skip_verify: true
    key_file: /etc/kubernetes/pki/apiserver-etcd-client.key
- enable_http2: true
  follow_redirects: true
  honor_timestamps: true
  job_name: kube-apiserver
  metrics_path: /metrics
  scheme: https
  static_configs:
  - targets:
    - 127.0.0.1:6443
  tls_config:
    cert_file: /etc/kubernetes/pki/admin.crt
    insecure_skip_verify: true
    key_file: /etc/kubernetes/pki/admin.key
- enable_http2: true
  follow_redirects: true
  honor_timestamps: true
  job_name: kube-controller-manager
  metrics_path: /metrics
  scheme: https
  static_configs:
  - targets:
    - 127.0.0.1:10257
  tls_config:
    cert_file: /etc/kubernetes/pki/admin.crt
    insecure_skip_verify: true
    key_file: /etc/kubernetes/pki/admin.key
- enable_http2: true
  follow_redirects: true
  honor_timestamps: true
  job_name: kube-scheduler
  metrics_path: /metrics
  scheme: https
  static_configs:
  - targets:
    - 127.0.0.1:10259
  tls_config:
    cert_file: /etc/kubernetes/pki/admin.crt
    insecure_skip_verify: true
    key_file: /etc/kubernetes/pki/admin.key
- http_sd_configs:
  - url: http://127.0.0.1:10247/discovery/prometheus
  job_name: kwok-controller-metrics-discovery
- enable_http2: true
  follow_redirects: true
  honor_timestamps: true
  job_name: kwok-controller
  metrics_path: /metrics
  scheme: http
  static_configs:
  - targets:
    - 127.0.0.1:10247
- enable_http2: true
  follow_redirects: true
  honor_timestamps: true
  job_name: prometheus
  metrics_path: /metrics
  scheme: http
  static_configs:
  - targets:
    - 127.0.0.1:9090
EOF
# Save cluster config to <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kwok.yaml
KIND_EXPERIMENTAL_PROVIDER=docker kind create cluster --config <ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kind.yaml --name kwok-<CLUSTER_NAME> --image docker.io/kindest/node:v1.32.2 --wait 29m
KIND_EXPERIMENTAL_PROVIDER=docker kind load docker-image registry.k8s.io/kwok/kwok:v0.7.0 --name kwok-<CLUSTER_NAME>
KIND_EXPERIMENTAL_PROVIDER=docker kind load docker-image docker.io/prom/prometheus:v2.53.0 --name kwok-<CLUSTER_NAME>
kubectl config view --minify=true --raw=true
cat <<EOF ><ROOT_DIR>/workdir/clusters/<CLUSTER_NAME>/kubeconfig.yaml
EOF
kubectl cordon kwok-<CLUSTER_NAME>-control-plane
docker exec kwok-<CLUSTER_NAME>-control-plane chmod -R +r /etc/kubernetes/pki
# Add context kwok-<CLUSTER_NAME> to ~/.kube/config
