Compare commits
13 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
09e63cf400 | ||
|
01a457ccfe | ||
|
a805e5d513 | ||
|
4877387140 | ||
|
64940c39bc | ||
|
a9399e57a0 | ||
|
29415f77d9 | ||
|
3769192fec | ||
|
b5734a4b0f | ||
|
ba59df1892 | ||
|
07b3c6dd48 | ||
|
6721e05387 | ||
|
d46b475e1b |
@ -1,22 +1,12 @@
|
||||
#!/bin/bash
|
||||
|
||||
stopdls() {
|
||||
if docker ps &>/dev/null | grep -q " $DLS_CTR_NAME$"; then
|
||||
if docker ps | grep -q " $DLS_CTR_NAME$"; then
|
||||
pinfo "Stopping Direktil Local Server..."
|
||||
docker stop $DLS_CTR_NAME
|
||||
fi
|
||||
}
|
||||
|
||||
destroyvms() {
|
||||
for host in ${!hosts[*]}; do
|
||||
if test -f $ctxdir/data/$host/pid ; then
|
||||
pid=$(cat $ctxdir/data/$host/pid)
|
||||
pinfo "Cleaning VM $host with PID $pid..."
|
||||
kill $pid && sleep 1
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
cleanuppaths() {
|
||||
PATHS="data secrets kubeconfig cache dist"
|
||||
cd $ctxdir
|
||||
@ -29,13 +19,13 @@ cleanuppaths() {
|
||||
}
|
||||
|
||||
cleanupnetwork() {
|
||||
if iptables -L |grep -q $QEMU_BR_NAME; then
|
||||
if iptables -L -n |grep -q $QEMU_BR_NAME; then
|
||||
pinfo "Cleaning iptables rules..."
|
||||
iptables -t nat -D POSTROUTING -j MASQUERADE -s $QEMU_BR_IP/$QEMU_BR_MASK \! -o $QEMU_BR_NAME
|
||||
iptables -D FORWARD -o $QEMU_BR_NAME -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
|
||||
iptables -D FORWARD -j ACCEPT -i $QEMU_BR_NAME
|
||||
fi
|
||||
if ip li show $QEMU_BR_NAME ; then
|
||||
if ip li show $QEMU_BR_NAME &>/dev/null; then
|
||||
pinfo "Cleaning existing interfaces..."
|
||||
ip li set $QEMU_BR_NAME down
|
||||
ip li del $QEMU_BR_NAME
|
||||
@ -50,3 +40,4 @@ declare -A hosts
|
||||
get_hosts
|
||||
destroyvms
|
||||
cleanuppaths
|
||||
cleanupnetwork
|
||||
|
@ -1,24 +1,6 @@
|
||||
#!/bin/bash
|
||||
|
||||
## Vars
|
||||
# Docker container name for dir2config
|
||||
D2C_CTR_NAME=dir2config
|
||||
# Docker container name for direktil local server
|
||||
DLS_CTR_NAME=dls
|
||||
|
||||
# QEMU local bridge name. If you specificy a custom name, you may have to configure qemu bridge helper to allow it
|
||||
QEMU_BR_NAME=virbr0
|
||||
# QEMU VM default disk size
|
||||
QEMU_DISK_SIZE=30G
|
||||
# Allocated CPUs to QEMU VMs
|
||||
QEMU_VM_CPU=4
|
||||
# Allocated Memory to QEMU VMs
|
||||
QEMU_VM_MEM=8096
|
||||
################
|
||||
|
||||
# Token file for dls
|
||||
tknfile=".dls_adm_token"
|
||||
|
||||
source $(dirname $0)/vars
|
||||
|
||||
## Helper funcs
|
||||
|
||||
@ -31,6 +13,10 @@ perror() {
|
||||
exit 1
|
||||
}
|
||||
|
||||
sshcmd() {
|
||||
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null $*
|
||||
}
|
||||
|
||||
dls() {
|
||||
path=$1
|
||||
shift
|
||||
@ -57,9 +43,10 @@ check_root() {
|
||||
}
|
||||
|
||||
prereqs() {
|
||||
# set -ex
|
||||
set -e
|
||||
cd "$(dirname $0)/.."
|
||||
ctxdir="$PWD"
|
||||
source scripts/vars
|
||||
}
|
||||
|
||||
check_conf() {
|
||||
@ -86,7 +73,7 @@ unlock_store() {
|
||||
pinfo "Direktil Local Server store already unlocked"
|
||||
else
|
||||
pinfo "Unlocking the DLS store ..."
|
||||
DLS_ADM_TOKEN=$(dls /public/unlock-store -d "\"${DLS_UNLOCK_TOKEN}\""|tr -d \")
|
||||
DLS_ADM_TOKEN=$(dls /public/unlock-store -d '{"Name": "novit", "Passphrase": "'$(echo -n ${DLS_UNLOCK_TOKEN}|base64 -w0)'"}'|tr -d \")
|
||||
pinfo "Admin access token is $DLS_ADM_TOKEN"
|
||||
echo $DLS_ADM_TOKEN > $tknfile
|
||||
chmod 444 $tknfile
|
||||
@ -107,23 +94,13 @@ get_hosts() {
|
||||
get_parts() {
|
||||
for host in ${!hosts[*]}; do
|
||||
mkdir -p $ctxdir/data/$host
|
||||
for part in kernel initrd-v2
|
||||
for part in kernel initrd
|
||||
do
|
||||
partfile=$ctxdir/data/$host/$part
|
||||
test -f $partfile || dls /hosts/$host/$part -o $partfile
|
||||
test -f $partfile || { pinfo "Downloading $part for host $host" && dls /hosts/$host/$part -o $partfile; }
|
||||
done
|
||||
diskfile=$ctxdir/data/$host/disk
|
||||
test -f $diskfile || truncate -s ${QEMU_DISK_SIZE:-30G} $diskfile
|
||||
done
|
||||
}
|
||||
|
||||
destroyvms() {
|
||||
for host in ${!hosts[*]}; do
|
||||
host=$1
|
||||
if test -f $ctxdir/data/$host/pid ; then
|
||||
pinfo "Detected a pid file, killing process in case VM was already started"
|
||||
kill $(cat $ctxdir/data/$host/pid) && sleep 1
|
||||
fi
|
||||
test -f $diskfile || { pinfo "Creating disk $diskfile" && truncate -s ${QEMU_DISK_SIZE:-30G} $diskfile; }
|
||||
done
|
||||
}
|
||||
|
||||
@ -145,10 +122,18 @@ create_kubeconfig() {
|
||||
chmod 444 $ctxdir/kubeconfig
|
||||
}
|
||||
|
||||
clean() {
|
||||
set +e
|
||||
sudo iptables -t nat -D POSTROUTING -j MASQUERADE -s $QEMU_BR_IP \! -o $QEMU_BR_NAME &>/dev/null
|
||||
sudo iptables -D FORWARD -o $QEMU_BR_NAME -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT &>/dev/null
|
||||
sudo iptables -D FORWARD -j ACCEPT -i $QEMU_BR_NAME &>/dev/null
|
||||
|
||||
destroyvms() {
|
||||
for host in ${!hosts[*]}; do
|
||||
if test -f $ctxdir/data/$host/pid ; then
|
||||
pid=$(cat $ctxdir/data/$host/pid)
|
||||
if ! test -d /proc/$pid ; then
|
||||
pinfo "VM $host seems not running"
|
||||
else
|
||||
pinfo "Cleaning VM $host with PID $pid..."
|
||||
kill $pid && sleep 1
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
|
@ -1,11 +1,5 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# Admin token to unlock the DLS store
|
||||
DLS_UNLOCK_TOKEN=changeme
|
||||
#
|
||||
#
|
||||
D2C_IMG=novit.tech/direktil/local-server:b6fa941
|
||||
DLS_IMG=novit.tech/direktil/local-server:b6fa941
|
||||
|
||||
prereqs_dls() {
|
||||
command -v docker 1>/dev/null || perror "Docker is needed, please install it and run again."
|
||||
@ -33,14 +27,13 @@ start_store() {
|
||||
-e HTTPS_PROXY=$HTTPS_PROXY \
|
||||
-v .:/var/lib/direktil \
|
||||
$DLS_IMG &
|
||||
# -auto-unlock 'N0v!T'
|
||||
sleep 2
|
||||
}
|
||||
|
||||
source $(dirname $0)/.common
|
||||
check_root
|
||||
prereqs_dls
|
||||
prereqs
|
||||
prereqs_dls
|
||||
dir2config
|
||||
start_store
|
||||
unlock_store
|
||||
|
@ -14,7 +14,7 @@ prereqs_qemu() {
|
||||
done
|
||||
}
|
||||
setup_network_qemu() {
|
||||
if ! ip li show $QEMU_BR_NAME ; then
|
||||
if ! ip li show $QEMU_BR_NAME &>/dev/null ; then
|
||||
ip li add name $QEMU_BR_NAME type bridge
|
||||
ip li set $QEMU_BR_NAME up
|
||||
fi
|
||||
@ -33,10 +33,11 @@ setup_network_qemu() {
|
||||
if ! test -d /etc/qemu; then
|
||||
mkdir -p /etc/qemu
|
||||
fi
|
||||
if ! grep -q "allow $QEMU_BR_NAME" /etc/qemu/bridge.conf; then
|
||||
if ! grep -qs "allow $QEMU_BR_NAME" /etc/qemu/bridge.conf; then
|
||||
echo "allow $QEMU_BR_NAME" >> /etc/qemu/bridge.conf
|
||||
fi
|
||||
}
|
||||
|
||||
run_qemu() {
|
||||
id=1
|
||||
for host in ${!hosts[*]}; do
|
||||
@ -45,7 +46,7 @@ run_qemu() {
|
||||
pinfo "Starting host $host with ip ${hosts[$host]}"
|
||||
qemu-system-x86_64 -enable-kvm -smp $QEMU_VM_CPU -m $QEMU_VM_MEM \
|
||||
-nic bridge,br=$QEMU_BR_NAME,mac=42:42:42:42:42:0${id} \
|
||||
-kernel $ctxdir/data/$host/kernel -initrd $ctxdir/data/$host/initrd-v2 -vga qxl \
|
||||
-kernel $ctxdir/data/$host/kernel -initrd $ctxdir/data/$host/initrd -vga qxl \
|
||||
-drive format=raw,file=$ctxdir/data/$host/disk &
|
||||
echo $! >$ctxdir/data/$host/pid
|
||||
((++id))
|
||||
@ -54,6 +55,8 @@ run_qemu() {
|
||||
}
|
||||
# # # # # # # #
|
||||
|
||||
|
||||
|
||||
source $(dirname $0)/.common
|
||||
check_root
|
||||
prereqs
|
||||
@ -66,5 +69,4 @@ get_hosts
|
||||
get_parts
|
||||
destroyvms
|
||||
run_qemu
|
||||
#clean
|
||||
|
||||
|
@ -21,13 +21,13 @@ checkup() {
|
||||
while :
|
||||
do
|
||||
pinfo "Checking availability of node $host..."
|
||||
ssh root@${hosts[$host]} <<< true &>/dev/null
|
||||
if [ $? == 0 ]; then
|
||||
if true | sshcmd -q root@${hosts[$host]};
|
||||
then
|
||||
pinfo "VM $host is up!"
|
||||
break
|
||||
else
|
||||
((tries--))
|
||||
if [ $tries < 1 ]; then
|
||||
if [ "$tries" -lt "1" ]; then
|
||||
pinfo "Timeout waiting for node detection, please investigate why node $host is not up by now"
|
||||
break
|
||||
fi
|
||||
@ -39,7 +39,7 @@ checkup() {
|
||||
|
||||
start_control_plane() {
|
||||
for host in ${!hosts[*]}; do
|
||||
ssh root@${hosts[$host]} << EOF
|
||||
sshcmd -q root@${hosts[$host]} << EOF
|
||||
if ls /etc/kubernetes/manifests.static/* &>/dev/null ; then
|
||||
mv /etc/kubernetes/manifests.static/* /var/lib/kubelet/manifests/
|
||||
fi
|
||||
@ -47,6 +47,23 @@ EOF
|
||||
done
|
||||
}
|
||||
|
||||
wait_for_apiserver() {
|
||||
vip=$(extract_var clusters public_vip)
|
||||
vip_api_port=$(extract_var clusters api_port)
|
||||
|
||||
while :
|
||||
do
|
||||
pinfo "Waiting for apiserver availability ($vip:$vip_api_port). Images may still being pulled... "
|
||||
if kctl get node &>/dev/null ; then
|
||||
pinfo "API is up!"
|
||||
break
|
||||
else
|
||||
sleep 20
|
||||
fi
|
||||
done
|
||||
|
||||
}
|
||||
|
||||
install_addons() {
|
||||
body='{"Kind":"cluster","Name":"'$cluster'","Assets":["addons"]}'
|
||||
download_id=$(dls /authorize-download -d "$body"|tr -d \")
|
||||
@ -55,20 +72,20 @@ install_addons() {
|
||||
}
|
||||
|
||||
approve_kubelet_certificates() {
|
||||
tries=5
|
||||
tries=10
|
||||
nodes_num=$(kctl get node -oname|wc -l)
|
||||
while [ "$nodes_num" != "${#hosts[*]}" ] ; do
|
||||
pinfo "Waiting for certificates requests to be created by Kubelet when it's ready... ($tries/5)"
|
||||
sleep 60s
|
||||
while [ "$nodes_num" -lt "${#hosts[*]}" ] ; do
|
||||
pinfo "Waiting for certificates requests to be created by Kubelet when it's ready... ($tries tries out of 10)"
|
||||
sleep 20s
|
||||
csrs="$(kctl get csr|awk '/Pending/ {print $1}')"
|
||||
if [ "$csrs" != "" ]; then
|
||||
kctl certificate approve $csrs
|
||||
fi
|
||||
((tries--))
|
||||
if [ "$tries" < 1 ]; then
|
||||
pinfo "Timeout waiting for kubelet certificates creation, please investigate why all nodes are not up by now"
|
||||
break
|
||||
if [ "$tries" -lt "1" ]; then
|
||||
perror "Timeout waiting for kubelet certificates creation, please investigate why all nodes are not up by now"
|
||||
fi
|
||||
nodes_num=$(kctl get node -oname|wc -l)
|
||||
done
|
||||
pinfo "All kubelets ($nodes_num) are up, enjoy !"
|
||||
}
|
||||
@ -83,6 +100,7 @@ declare -A hosts && get_hosts
|
||||
checkup
|
||||
start_control_plane
|
||||
create_kubeconfig
|
||||
wait_for_apiserver
|
||||
install_addons
|
||||
approve_kubelet_certificates # clients and serving certs
|
||||
|
||||
|
26
scripts/vars
Normal file
26
scripts/vars
Normal file
@ -0,0 +1,26 @@
|
||||
## Vars
|
||||
|
||||
# Admin token to unlock the DLS store, replace it!
|
||||
DLS_UNLOCK_TOKEN=changeme
|
||||
|
||||
# Docker container name for dir2config
|
||||
D2C_IMG=novit.tech/direktil/local-server:latest
|
||||
D2C_CTR_NAME=dir2config
|
||||
|
||||
# Docker container name for direktil local server
|
||||
DLS_IMG=novit.tech/direktil/local-server:latest
|
||||
DLS_CTR_NAME=dls
|
||||
|
||||
# QEMU local bridge name. If you specificy a custom name, you may have to configure qemu bridge helper to allow it
|
||||
QEMU_BR_NAME=virbr0
|
||||
# QEMU VM default disk size
|
||||
QEMU_DISK_SIZE=30G
|
||||
# Allocated CPUs to QEMU VMs
|
||||
QEMU_VM_CPU=4
|
||||
# Allocated Memory to QEMU VMs
|
||||
QEMU_VM_MEM=4096
|
||||
################
|
||||
|
||||
# Token file for dls
|
||||
tknfile=".dls_adm_token"
|
||||
|
Loading…
Reference in New Issue
Block a user