README.md

# Ref: https://www.cockroachlabs.com/docs/stable/configure-cockroachdb-kubernetes.html

DEPLOY_PATH="manifests/cockroachdb"
OPERATOR_BASE_URL="https://raw.githubusercontent.com/cockroachdb/cockroach-operator/master"

mkdir -p ${DEPLOY_PATH}

# Apply Custom Resource Definition for the CockroachDB Operator
curl -o "${DEPLOY_PATH}/crds.yaml" "${OPERATOR_BASE_URL}/install/crds.yaml"
kubectl apply -f "${DEPLOY_PATH}/crds.yaml"

# Deploy CockroachDB Operator
curl -o "${DEPLOY_PATH}/operator.yaml" "${OPERATOR_BASE_URL}/install/operator.yaml"
# edit "${DEPLOY_PATH}/operator.yaml"
# - add env var: WATCH_NAMESPACE='crdb'
kubectl apply -f "${DEPLOY_PATH}/operator.yaml"

# Deploy CockroachDB
curl -o "${DEPLOY_PATH}/cluster.yaml" "${OPERATOR_BASE_URL}/examples/example.yaml"
# edit "${DEPLOY_PATH}/cluster.yaml"
# - set version
# - set number of replicas
kubectl create namespace crdb
kubectl apply --namespace crdb -f "${DEPLOY_PATH}/cluster.yaml"

# Deploy CockroachDB Client
curl -o "${DEPLOY_PATH}/client-secure-operator.yaml" "${OPERATOR_BASE_URL}/examples/client-secure-operator.yaml"
kubectl create --namespace crdb -f "${DEPLOY_PATH}/client-secure-operator.yaml"

# Add tfs user with admin rights
kubectl exec -it cockroachdb-client-secure --namespace crdb -- ./cockroach sql --certs-dir=/cockroach/cockroach-certs --host=cockroachdb-public
    CREATE USER tfs WITH PASSWORD 'tfs123';
    GRANT admin TO tfs;

# Expose CockroachDB SQL port (26257)
PORT=$(kubectl --namespace crdb get service cockroachdb-public -o 'jsonpath={.spec.ports[?(@.name=="sql")].port}')
PATCH='{"data": {"'${PORT}'": "crdb/cockroachdb-public:'${PORT}'"}}'
kubectl patch configmap nginx-ingress-tcp-microk8s-conf --namespace ingress --patch "${PATCH}"

PORT_MAP='{"containerPort": '${PORT}', "hostPort": '${PORT}'}'
CONTAINER='{"name": "nginx-ingress-microk8s", "ports": ['${PORT_MAP}']}'
PATCH='{"spec": {"template": {"spec": {"containers": ['${CONTAINER}']}}}}'
kubectl patch daemonset nginx-ingress-microk8s-controller --namespace ingress --patch "${PATCH}"

# Expose CockroachDB Console port (8080)
PORT=$(kubectl --namespace crdb get service cockroachdb-public -o 'jsonpath={.spec.ports[?(@.name=="http")].port}')
PATCH='{"data": {"'${PORT}'": "crdb/cockroachdb-public:'${PORT}'"}}'
kubectl patch configmap nginx-ingress-tcp-microk8s-conf --namespace ingress --patch "${PATCH}"

PORT_MAP='{"containerPort": '${PORT}', "hostPort": '${PORT}'}'
CONTAINER='{"name": "nginx-ingress-microk8s", "ports": ['${PORT_MAP}']}'
PATCH='{"spec": {"template": {"spec": {"containers": ['${CONTAINER}']}}}}'
kubectl patch daemonset nginx-ingress-microk8s-controller --namespace ingress --patch "${PATCH}"