consul-demo
42 строки · 3.5 Кб
1#!/bin/bash
2
3cd ~/acl/4
5consul acl bootstrap > consul.secret6cat ./consul.secret | grep SecretID | awk -F":" '{ print $2 }' | xargs > admin.token7
8cd policy9
10consul acl policy create -token-file ../admin.token -name "consul-template-deduplicate-kv-policy" -description "" -rules @consul-template-deduplicate-kv-policy.hcl11consul acl policy create -token-file ../admin.token -name "loadbalancer-discovery-policy" -description "" -rules @loadbalancer-discovery-policy.hcl12consul acl policy create -token-file ../admin.token -name "loadbalancer-vk-props-policy" -description "" -rules @loadbalancer-vk-props-policy.hcl13consul acl policy create -token-file ../admin.token -name "service-discovery-policy" -description "" -rules @service-discovery-policy.hcl14consul acl policy create -token-file ../admin.token -name "service-kv-policy" -description "" -rules @service-kv-policy.hcl15
16consul acl policy create -token-file ../admin.token -name "gateway-discovery-policy" -description "" -rules @gateway-discovery-policy.hcl17consul acl policy create -token-file ../admin.token -name "gateway-kv-policy" -description "" -rules @gateway-kv-policy.hcl18
19consul acl policy create -token-file ../admin.token -name "gateway-isolated-discovery-policy" -description "" -rules @gateway-isolated-discovery-policy.hcl20consul acl policy create -token-file ../admin.token -name "gateway-isolated-kv-policy" -description "" -rules @gateway-isolated-kv-policy.hcl21
22consul acl policy create -token-file ../admin.token -name "sec-policy" -description "" -rules @sec-policy.hcl23
24cd ..25
26consul acl role create -token-file ./admin.token -name "load-balancer-role" -description "" -policy-name "consul-template-deduplicate-kv-policy" -policy-name "loadbalancer-discovery-policy" -policy-name "loadbalancer-vk-props-policy"27consul acl role create -token-file ./admin.token -name "gateway-component-role" -description "" -policy-name "gateway-discovery-policy" -policy-name "gateway-kv-policy"28consul acl role create -token-file ./admin.token -name "gateway-isolated-component-role" -description "" -policy-name "gateway-isolated-discovery-policy" -policy-name "gateway-isolated-kv-policy"29consul acl role create -token-file ./admin.token -name "srv-component-role" -description "" -policy-name "service-discovery-policy" -policy-name "service-kv-policy"30consul acl role create -token-file ./admin.token -name "sec-role" -description "" -policy-name "sec-policy"31
32consul acl token create -token-file ./admin.token -description "token for loadbalancer" -role-name "load-balancer-role" > loadbalancer.token.output33consul acl token create -token-file ./admin.token -description "token for gateway" -role-name "gateway-component-role" > gateway.token.output34consul acl token create -token-file ./admin.token -description "token for gateway-isolated" -role-name "gateway-isolated-component-role" > gateway-isolated.token.output35consul acl token create -token-file ./admin.token -description "token for service" -role-name "srv-component-role" > srv.token.output36consul acl token create -token-file ./admin.token -description "token sec team" -role-name "sec-role" > sec.token.output37
38cat ./loadbalancer.token.output | grep SecretID | awk -F":" '{ print $2 }' | xargs > loadbalancer.token39cat ./gateway.token.output | grep SecretID | awk -F":" '{ print $2 }' | xargs > gateway.token40cat ./gateway-isolated.token.output | grep SecretID | awk -F":" '{ print $2 }' | xargs > gateway-isolated.token41cat ./srv.token.output | grep SecretID | awk -F":" '{ print $2 }' | xargs > srv.token42cat ./sec.token.output | grep SecretID | awk -F":" '{ print $2 }' | xargs > sec.token43