6 changed files with 75 additions and 90 deletions
--- a/scripts/.cleanup.sh
+++ b/scripts/.cleanup.sh
@ -1,12 +1,22 @@
 #!/bin/bash

 stopdls() {
-  if docker ps | grep -q " $DLS_CTR_NAME$"; then
+  if docker ps &>/dev/null | grep -q " $DLS_CTR_NAME$"; then
    pinfo "Stopping Direktil Local Server..."
    docker stop $DLS_CTR_NAME
  fi
 }

+destroyvms() {
+  for host in ${!hosts[*]}; do
+    if test -f $ctxdir/data/$host/pid ; then
+      pid=$(cat $ctxdir/data/$host/pid)
+      pinfo "Cleaning VM $host with PID $pid..."
+      kill $pid && sleep 1
+    fi
+  done
+}
+
 cleanuppaths() {
  PATHS="data secrets kubeconfig cache dist"
  cd $ctxdir
@ -19,13 +29,13 @@ cleanuppaths() {
 }

 cleanupnetwork() {
-  if iptables -L -n |grep -q $QEMU_BR_NAME; then
+  if iptables -L |grep -q $QEMU_BR_NAME; then
    pinfo "Cleaning iptables rules..."
    iptables -t nat -D POSTROUTING -j MASQUERADE -s $QEMU_BR_IP/$QEMU_BR_MASK \! -o $QEMU_BR_NAME
    iptables -D FORWARD -o $QEMU_BR_NAME -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
    iptables -D FORWARD -j ACCEPT -i $QEMU_BR_NAME
  fi
-  if ip li show $QEMU_BR_NAME &>/dev/null; then
+  if ip li show $QEMU_BR_NAME ; then
    pinfo "Cleaning existing interfaces..."
    ip li set $QEMU_BR_NAME down
    ip li del $QEMU_BR_NAME
@ -40,4 +50,3 @@ declare -A hosts
 get_hosts
 destroyvms
 cleanuppaths
-cleanupnetwork
--- a/scripts/.common
+++ b/scripts/.common
@ -1,6 +1,24 @@
 #!/bin/bash

-source $(dirname $0)/vars
+## Vars
+# Docker container name for dir2config
+D2C_CTR_NAME=dir2config
+# Docker container name for direktil local server
+DLS_CTR_NAME=dls
+
+# QEMU local bridge name. If you specificy a custom name, you may have to configure qemu bridge helper to allow it
+QEMU_BR_NAME=virbr0
+# QEMU VM default disk size
+QEMU_DISK_SIZE=30G
+# Allocated CPUs to QEMU VMs
+QEMU_VM_CPU=4
+# Allocated Memory to QEMU VMs
+QEMU_VM_MEM=8096
+################
+
+# Token file for dls
+tknfile=".dls_adm_token"
+

 ## Helper funcs

@ -13,10 +31,6 @@ perror() {
  exit 1
 }

-sshcmd() {
-  ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null $*
-}
-
 dls() {
  path=$1
  shift
@ -43,10 +57,9 @@ check_root() {
 }

 prereqs() {
-  set -e
+  # set -ex
  cd "$(dirname $0)/.."
  ctxdir="$PWD"
-  source scripts/vars
 }

 check_conf() {
@ -73,7 +86,7 @@ unlock_store() {
    pinfo "Direktil Local Server store already unlocked"
  else
    pinfo "Unlocking the DLS store ..."
-    DLS_ADM_TOKEN=$(dls /public/unlock-store -d '{"Name": "novit", "Passphrase": "'$(echo -n ${DLS_UNLOCK_TOKEN}|base64 -w0)'"}'|tr -d \")
+    DLS_ADM_TOKEN=$(dls /public/unlock-store -d "\"${DLS_UNLOCK_TOKEN}\""|tr -d \")
    pinfo "Admin access token is $DLS_ADM_TOKEN"
    echo $DLS_ADM_TOKEN > $tknfile
    chmod 444 $tknfile
@ -94,13 +107,23 @@ get_hosts() {
 get_parts() {
  for host in ${!hosts[*]}; do
    mkdir -p $ctxdir/data/$host
-    for part in kernel initrd
+    for part in kernel initrd-v2
    do
      partfile=$ctxdir/data/$host/$part
-      test -f $partfile || { pinfo "Downloading $part for host $host" && dls /hosts/$host/$part -o $partfile; }
+      test -f $partfile || dls /hosts/$host/$part -o $partfile
    done
    diskfile=$ctxdir/data/$host/disk
-    test -f $diskfile || { pinfo "Creating disk $diskfile" && truncate -s ${QEMU_DISK_SIZE:-30G} $diskfile; }
+    test -f $diskfile || truncate -s ${QEMU_DISK_SIZE:-30G} $diskfile
+  done
+}
+
+destroyvms() {
+  for host in ${!hosts[*]}; do
+    host=$1
+    if test -f $ctxdir/data/$host/pid ; then
+      pinfo "Detected a pid file, killing process in case VM was already started"
+      kill $(cat $ctxdir/data/$host/pid) && sleep 1
+    fi
  done
 }

@ -122,18 +145,10 @@ create_kubeconfig() {
  chmod 444 $ctxdir/kubeconfig
 }

-
-destroyvms() {
-  for host in ${!hosts[*]}; do
-    if test -f $ctxdir/data/$host/pid ; then
-      pid=$(cat $ctxdir/data/$host/pid)
-      if ! test -d /proc/$pid ; then
-        pinfo "VM $host seems not running"
-      else
-        pinfo "Cleaning VM $host with PID $pid..."
-        kill $pid && sleep 1
-      fi
-    fi
-  done
+clean() {
+  set +e
+  sudo iptables -t nat -D POSTROUTING -j MASQUERADE -s $QEMU_BR_IP \! -o $QEMU_BR_NAME &>/dev/null
+  sudo iptables -D FORWARD -o $QEMU_BR_NAME -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT &>/dev/null
+  sudo iptables -D FORWARD -j ACCEPT -i $QEMU_BR_NAME &>/dev/null
 }

--- a/scripts/0.start_dls.sh
+++ b/scripts/0.start_dls.sh
@ -1,5 +1,11 @@
 #!/bin/bash
 #
+# Admin token to unlock the DLS store
+DLS_UNLOCK_TOKEN=changeme
+#
+#
+D2C_IMG=novit.tech/direktil/local-server:b6fa941
+DLS_IMG=novit.tech/direktil/local-server:b6fa941

 prereqs_dls() {
  command -v docker 1>/dev/null || perror "Docker is needed, please install it and run again."
@ -27,13 +33,14 @@ start_store() {
      -e HTTPS_PROXY=$HTTPS_PROXY \
      -v .:/var/lib/direktil \
      $DLS_IMG &
+#      -auto-unlock 'N0v!T'
  sleep 2
 }

 source $(dirname $0)/.common
 check_root
-prereqs
 prereqs_dls
+prereqs
 dir2config
 start_store
 unlock_store
--- a/scripts/1.qemu.sh
+++ b/scripts/1.qemu.sh
@ -14,7 +14,7 @@ prereqs_qemu() {
  done
 }
 setup_network_qemu() {
-  if ! ip li show $QEMU_BR_NAME &>/dev/null ; then
+  if ! ip li show $QEMU_BR_NAME ; then
    ip li add name $QEMU_BR_NAME type bridge
    ip li set $QEMU_BR_NAME up
  fi
@ -33,11 +33,10 @@ setup_network_qemu() {
  if ! test -d /etc/qemu; then
    mkdir -p /etc/qemu
  fi
-  if ! grep -qs "allow $QEMU_BR_NAME" /etc/qemu/bridge.conf; then
+  if ! grep -q "allow $QEMU_BR_NAME" /etc/qemu/bridge.conf; then
    echo "allow $QEMU_BR_NAME" >> /etc/qemu/bridge.conf
  fi
 }
-
 run_qemu() {
  id=1
  for host in ${!hosts[*]}; do
@ -46,7 +45,7 @@ run_qemu() {
    pinfo "Starting host $host with ip ${hosts[$host]}"
    qemu-system-x86_64 -enable-kvm -smp $QEMU_VM_CPU -m $QEMU_VM_MEM \
      -nic bridge,br=$QEMU_BR_NAME,mac=42:42:42:42:42:0${id} \
-      -kernel $ctxdir/data/$host/kernel -initrd $ctxdir/data/$host/initrd -vga qxl \
+      -kernel $ctxdir/data/$host/kernel -initrd $ctxdir/data/$host/initrd-v2 -vga qxl \
      -drive format=raw,file=$ctxdir/data/$host/disk &
    echo $! >$ctxdir/data/$host/pid
    ((++id))
@ -55,8 +54,6 @@ run_qemu() {
 }
 # # # # # # # #

-
-
 source $(dirname $0)/.common
 check_root
 prereqs
@ -69,4 +66,5 @@ get_hosts
 get_parts
 destroyvms
 run_qemu
+#clean

--- a/scripts/2.first_start_k8s.sh
+++ b/scripts/2.first_start_k8s.sh
@ -21,13 +21,13 @@ checkup() {
    while :
    do
      pinfo "Checking availability of node $host..."
-      if true | sshcmd -q root@${hosts[$host]};
-      then
+      ssh root@${hosts[$host]} <<< true &>/dev/null
+      if [ $? == 0 ]; then
        pinfo "VM $host is up!"
        break
      else
        ((tries--))
-        if [ "$tries" -lt "1" ]; then
+        if [ $tries < 1 ]; then
          pinfo "Timeout waiting for node detection, please investigate why node $host is not up by now"
          break
        fi
@ -39,7 +39,7 @@ checkup() {

 start_control_plane() {
  for host in ${!hosts[*]}; do
-    sshcmd -q root@${hosts[$host]} << EOF
+    ssh root@${hosts[$host]} << EOF
      if ls /etc/kubernetes/manifests.static/* &>/dev/null ; then
        mv /etc/kubernetes/manifests.static/* /var/lib/kubelet/manifests/
      fi
@ -47,23 +47,6 @@ EOF
  done
 }

-wait_for_apiserver() {
-  vip=$(extract_var clusters public_vip)
-  vip_api_port=$(extract_var clusters api_port)
-
-  while :
-  do
-    pinfo "Waiting for apiserver availability ($vip:$vip_api_port). Images may still being pulled... "
-    if kctl get node &>/dev/null ; then
-      pinfo "API is up!"
-      break
-    else
-      sleep 20
-    fi
-  done
-
-}
-
 install_addons() {
  body='{"Kind":"cluster","Name":"'$cluster'","Assets":["addons"]}'
  download_id=$(dls /authorize-download -d "$body"|tr -d \")
@ -72,20 +55,20 @@ install_addons() {
 }

 approve_kubelet_certificates() {
-  tries=10
+  tries=5
  nodes_num=$(kctl get node -oname|wc -l)
-  while [ "$nodes_num" -lt "${#hosts[*]}" ] ; do
-    pinfo "Waiting for certificates requests to be created by Kubelet when it's ready... ($tries tries out of 10)"
-    sleep 20s
+  while [ "$nodes_num" != "${#hosts[*]}" ] ; do
+    pinfo "Waiting for certificates requests to be created by Kubelet when it's ready... ($tries/5)"
+    sleep 60s
    csrs="$(kctl get csr|awk '/Pending/ {print $1}')"
    if [ "$csrs" != "" ]; then
      kctl certificate approve $csrs
    fi
    ((tries--))
-    if [ "$tries" -lt "1" ]; then
-      perror "Timeout waiting for kubelet certificates creation, please investigate why all nodes are not up by now"
+    if [ "$tries" < 1 ]; then
+      pinfo "Timeout waiting for kubelet certificates creation, please investigate why all nodes are not up by now"
+      break
    fi
-    nodes_num=$(kctl get node -oname|wc -l)
  done
  pinfo "All kubelets ($nodes_num) are up, enjoy !"
 }
@ -100,7 +83,6 @@ declare -A hosts && get_hosts
 checkup
 start_control_plane
 create_kubeconfig
-wait_for_apiserver
 install_addons
 approve_kubelet_certificates # clients and serving certs

--- a/scripts/vars
+++ b/scripts/vars
@ -1,26 +0,0 @@
-## Vars
-
-# Admin token to unlock the DLS store, replace it!
-DLS_UNLOCK_TOKEN=changeme
-
-# Docker container name for dir2config
-D2C_IMG=novit.tech/direktil/local-server:latest
-D2C_CTR_NAME=dir2config
-
-# Docker container name for direktil local server
-DLS_IMG=novit.tech/direktil/local-server:latest
-DLS_CTR_NAME=dls
-
-# QEMU local bridge name. If you specificy a custom name, you may have to configure qemu bridge helper to allow it
-QEMU_BR_NAME=virbr0
-# QEMU VM default disk size
-QEMU_DISK_SIZE=30G
-# Allocated CPUs to QEMU VMs
-QEMU_VM_CPU=4
-# Allocated Memory to QEMU VMs
-QEMU_VM_MEM=4096
-################
-
-# Token file for dls
-tknfile=".dls_adm_token"
-