From c7216a38155b8ce30671ec610f7213ca575f0f77 Mon Sep 17 00:00:00 2001 From: thomassuedbroecker Date: Tue, 2 Mar 2021 11:51:25 +0100 Subject: [PATCH] update security workshop - modify istio-setup-telemetry.sh to show the port forward configuration - insert no script to delete NLB IP --- security/IKS/iks-rm-nlb-ips.sh | 36 +++++++++++++++++++++++++++ security/IKS/istio-setup-telemetry.sh | 3 ++- 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 security/IKS/iks-rm-nlb-ips.sh diff --git a/security/IKS/iks-rm-nlb-ips.sh b/security/IKS/iks-rm-nlb-ips.sh new file mode 100644 index 0000000..390ad4b --- /dev/null +++ b/security/IKS/iks-rm-nlb-ips.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +export ISTIOINGRESSIP=$(kubectl get svc -n istio-system | grep istio-ingressgateway | awk '{print $3}') +export STATUS="" + +function deleteNLBIPs(){ + array=("001" "002" "003") + for i in "${array[@]}" + do + echo "" + echo "------------------------------------------------------------------------" + echo "Check $i" + while : + do + FIND=$i + HOSTNAME=$(ibmcloud ks nlb-dns ls --cluster $MYCLUSTER | grep $FIND | awk '{print $1}') + echo "hostname: $HOSTNAME" + if [ "$STATUS" = "$HOSTNAME" ]; then + echo "$(date +'%F %H:%M:%S') Status: $FIND is not avaiable" + echo "------------------------------------------------------------------------" + break + else + ibmcloud ks nlb-dns rm classic --cluster $MYCLUSTER --ip $ISTIOINGRESSIP --nlb-host $HOSTNAME + echo "$(date +'%F %H:%M:%S') Status: $FIND($HOSTNAME) deleted" + echo "------------------------------------------------------------------------" + break + fi + sleep 5 + done + done +} + +ibmcloud ks nlb-dns ls --cluster $MYCLUSTER +deleteNLBIPs + + diff --git a/security/IKS/istio-setup-telemetry.sh b/security/IKS/istio-setup-telemetry.sh index 19f17da..183eaf7 100644 --- a/security/IKS/istio-setup-telemetry.sh +++ b/security/IKS/istio-setup-telemetry.sh @@ -21,7 +21,8 @@ function showCommands () { echo "kubectl port-forward svc/prometheus 3000:9090 -n istio-system" echo "-----------------------Jaeger------------------------------------------------" echo "kubectl port-forward svc/jaeger-query 3000:16686 -n istio-system" - + echo "-----------------------Kiali------------------------------------------------" + echo "kubectl port-forward svc/kiali 3000:20001 -n istio-system" } setuptelemetry