Initial Phoenix Sankofa Cloud setup

- Complete project structure with Next.js frontend - GraphQL API backend with Apollo Server - Portal application with NextAuth - Crossplane Proxmox provider - GitOps configurations - CI/CD pipelines - Testing infrastructure (Vitest, Jest, Go tests) - Error handling and monitoring - Security hardening - UI component library - Documentation
2025-11-28 12:54:33 -08:00
commit 6f28146ac3
229 changed files with 43136 additions and 0 deletions
--- a/scripts/bootstrap-cluster.sh
+++ b/scripts/bootstrap-cluster.sh
@@ -0,0 +1,167 @@
+#!/bin/bash
+set -euo pipefail
+
+# Kubernetes Cluster Bootstrap Script
+# Supports RKE2 and k3s
+
+K8S_DISTRO="${K8S_DISTRO:-rke2}"
+K8S_VERSION="${K8S_VERSION:-latest}"
+NODE_TYPE="${NODE_TYPE:-server}"
+MASTER_NODES="${MASTER_NODES:-}"
+TOKEN="${TOKEN:-}"
+
+log() {
+    echo "[$(date +'%Y-%m-%d %H:%M:%S')] $*" >&2
+}
+
+error() {
+    log "ERROR: $*"
+    exit 1
+}
+
+install_rke2() {
+    log "Installing RKE2 ${K8S_VERSION}..."
+    
+    # Install RKE2
+    curl -sfL https://get.rke2.io | INSTALL_RKE2_VERSION="${K8S_VERSION}" sh -
+    
+    # Configure RKE2
+    mkdir -p /etc/rancher/rke2
+    
+    if [ "${NODE_TYPE}" = "server" ]; then
+        cat > /etc/rancher/rke2/config.yaml <<EOF
+token: ${TOKEN:-$(openssl rand -hex 32)}
+cluster-cidr: "10.42.0.0/16"
+service-cidr: "10.43.0.0/16"
+cluster-dns: "10.43.0.10"
+EOF
+        
+        # Enable required features
+        systemctl enable rke2-server.service
+        systemctl start rke2-server.service
+    else
+        cat > /etc/rancher/rke2/config.yaml <<EOF
+server: https://${MASTER_NODES}:9345
+token: ${TOKEN}
+EOF
+        
+        systemctl enable rke2-agent.service
+        systemctl start rke2-agent.service
+    fi
+    
+    # Wait for service to be ready
+    log "Waiting for RKE2 to be ready..."
+    sleep 30
+    
+    # Install kubectl
+    if [ "${NODE_TYPE}" = "server" ]; then
+        mkdir -p /usr/local/bin
+        cp /var/lib/rancher/rke2/bin/kubectl /usr/local/bin/kubectl
+        chmod +x /usr/local/bin/kubectl
+        
+        # Configure kubeconfig
+        mkdir -p ~/.kube
+        cp /etc/rancher/rke2/rke2.yaml ~/.kube/config
+        chmod 600 ~/.kube/config
+    fi
+}
+
+install_k3s() {
+    log "Installing k3s ${K8S_VERSION}..."
+    
+    if [ "${NODE_TYPE}" = "server" ]; then
+        curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION="${K8S_VERSION}" sh -s - server \
+            --cluster-init \
+            --cluster-cidr 10.42.0.0/16 \
+            --service-cidr 10.43.0.0/16
+        
+        # Wait for k3s to be ready
+        log "Waiting for k3s to be ready..."
+        sleep 30
+        
+        # Configure kubeconfig
+        mkdir -p ~/.kube
+        cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
+        chmod 600 ~/.kube/config
+    else
+        curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION="${K8S_VERSION}" K3S_URL=https://${MASTER_NODES}:6443 K3S_TOKEN=${TOKEN} sh -
+    fi
+}
+
+setup_system() {
+    log "Setting up system prerequisites..."
+    
+    # Disable swap
+    swapoff -a
+    sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
+    
+    # Load required kernel modules
+    modprobe overlay
+    modprobe br_netfilter
+    
+    # Configure sysctl
+    cat > /etc/sysctl.d/99-kubernetes-cri.conf <<EOF
+net.bridge.bridge-nf-call-iptables  = 1
+net.ipv4.ip_forward                 = 1
+net.bridge.bridge-nf-call-ip6tables = 1
+EOF
+    sysctl --system
+    
+    # Install required packages
+    if command -v apt-get &> /dev/null; then
+        apt-get update
+        apt-get install -y curl wget git jq
+    elif command -v yum &> /dev/null; then
+        yum install -y curl wget git jq
+    fi
+}
+
+install_network_plugin() {
+    log "Installing network plugin (Cilium)..."
+    
+    kubectl apply -f https://raw.githubusercontent.com/cilium/cilium/1.14.0/install/kubernetes/quick-install.yaml
+    
+    log "Waiting for Cilium to be ready..."
+    kubectl wait --for=condition=ready pod -l k8s-app=cilium -n kube-system --timeout=300s
+}
+
+install_storage_class() {
+    log "Installing local-path storage class..."
+    
+    kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/v0.0.24/deploy/local-path-storage.yaml
+    
+    # Set as default
+    kubectl patch storageclass local-path -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
+}
+
+main() {
+    log "Starting Kubernetes cluster bootstrap..."
+    
+    setup_system
+    
+    case "${K8S_DISTRO}" in
+        rke2)
+            install_rke2
+            ;;
+        k3s)
+            install_k3s
+            ;;
+        *)
+            error "Unsupported Kubernetes distribution: ${K8S_DISTRO}"
+            ;;
+    esac
+    
+    if [ "${NODE_TYPE}" = "server" ]; then
+        install_network_plugin
+        install_storage_class
+        
+        log "Kubernetes cluster bootstrap completed!"
+        log "Kubeconfig location: ~/.kube/config"
+        kubectl get nodes
+    else
+        log "Agent node setup completed!"
+    fi
+}
+
+main "$@"
+