From ad00488d5b3392a7d1f9b55e2fbbadfc15112efa Mon Sep 17 00:00:00 2001 From: Gaurav Gahlot <gaurav.gahlot19@gmail.com> Date: Mon, 8 Jun 2020 18:39:57 +0530 Subject: [PATCH 01/12] using vagrant with libvirt and virtualbox Signed-off-by: Gaurav Gahlot <gaurav.gahlot19@gmail.com> --- deploy/vagrant/Vagrantfile | 56 +++++++++++++++ deploy/vagrant/scripts/tinkerbell.sh | 104 +++++++++++++++++++++++++++ 2 files changed, 160 insertions(+) create mode 100644 deploy/vagrant/Vagrantfile create mode 100644 deploy/vagrant/scripts/tinkerbell.sh diff --git a/deploy/vagrant/Vagrantfile b/deploy/vagrant/Vagrantfile new file mode 100644 index 000000000..16cad3905 --- /dev/null +++ b/deploy/vagrant/Vagrantfile @@ -0,0 +1,56 @@ +$provisioner_ip_address = '10.11.12.2' +ENV['VAGRANT_NO_PARALLEL'] = 'yes' + +Vagrant.configure('2') do |config| + + config.vm.define :provisioner do |provisioner| + provisioner.vm.box = 'generic/ubuntu1804' + provisioner.vm.hostname = 'provisioner' + provisioner.vm.synced_folder '.', '/vagrant', type: 'rsync' + provisioner.vm.provision :shell, path: 'tinkerbell.sh', args: [$provisioner_ip_address] + + provisioner.vm.provider :libvirt do |lv, override| + lv.memory = 2*1024 + lv.cpus = 2 + lv.cpu_mode = 'host-passthrough' + override.vm.network "private_network", + ip: $provisioner_ip_address, + libvirt__dhcp_enabled: false, + libvirt__forward_mode: 'none' + end + + provisioner.vm.provider :virtualbox do |vb, override| + vb.memory = 2*1024 + vb.cpus = 2 + override.vm.network "private_network", ip: $provisioner_ip_address + end + end + + config.vm.define "worker" do |worker| + worker.vm.box = nil + worker.vm.network "private_network", ip: $provisioner_ip_address, mac: "080027000001", auto_config: false + + worker.vm.provider :libvirt do |lv| + lv.memory = 1*1024 + lv.cpus = 1 + lv.boot 'network' + lv.mgmt_attach = false + end + + worker.vm.provider :virtualbox do |vb, worker| + worker.vm.box = 'generic/alpine38' + vb.memory = 1*1024 + vb.cpus = 1 + vb.gui = true + vb.customize [ + 'modifyvm', :id, + '--nic1', 'none', + '--boot1', 'net', + '--boot2', 'none', + '--boot3', 'none', + '--boot4', 'none', + '--macaddress1', '080027000001' + ] + end + end +end diff --git a/deploy/vagrant/scripts/tinkerbell.sh b/deploy/vagrant/scripts/tinkerbell.sh new file mode 100644 index 000000000..9e3295c53 --- /dev/null +++ b/deploy/vagrant/scripts/tinkerbell.sh @@ -0,0 +1,104 @@ +#!/bin/bash + +# abort this script on errors +set -euxo pipefail + +whoami + +cd /vagrant + +setup_docker() ( + # steps from https://docs.docker.com/engine/install/ubuntu/ + sudo apt-get install -y \ + apt-transport-https \ + ca-certificates \ + curl \ + gnupg-agent \ + software-properties-common + + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | + sudo apt-key add - + + local repo + repo=$( + printf "deb [arch=amd64] https://download.docker.com/linux/ubuntu %s stable" \ + "$(lsb_release -cs)" + ) + sudo add-apt-repository "$repo" + + sudo apt-get update + sudo apt-get install -y docker-ce docker-ce-cli containerd.io + + sudo usermod -aG docker "$USER" + + newgrp +) + +setup_docker_compose() ( + # from https://docs.docker.com/compose/install/ + sudo curl -L \ + "https://github.com/docker/compose/releases/download/1.26.0/docker-compose-$(uname -s)-$(uname -m)" \ + -o /usr/local/bin/docker-compose + + sudo chmod +x /usr/local/bin/docker-compose +) + +make_certs_writable() ( + local certdir="/etc/docker/certs.d/$TINKERBELL_HOST_IP" + sudo mkdir -p "$certdir" + sudo chown -R "$USER" "$certdir" +) + +secure_certs() ( + local certdir="/etc/docker/certs.d/$TINKERBELL_HOST_IP" + sudo chown "root" "$certdir" +) + +command_exists() ( + command -v "$@" >/dev/null 2>&1 +) + +mirror_hello_world() ( + # push the hello-world workflow action image + docker pull hello-world + docker tag hello-world "$TINKERBELL_HOST_IP/hello-world" + docker push "$TINKERBELL_HOST_IP/hello-world" +) + +main() ( + export DEBIAN_FRONTEND=noninteractive + + apt-get update + + if ! command_exists docker; then + setup_docker + fi + + if ! command_exists docker-compose; then + setup_docker_compose + fi + + if ! command_exists jq; then + sudo apt-get install -y jq + fi + + if [ ! -f ./envrc ]; then + ./generate-envrc.sh eth1 >envrc + fi + + # shellcheck disable=SC1091 + . ./envrc + + make_certs_writable + + ./setup.sh + + secure_certs + + mirror_hello_world + + cd deploy + docker-compose up -d +) + +main From 9cd0e6cad7e5db0c2581cd159d97dd66edc1cc9b Mon Sep 17 00:00:00 2001 From: Gaurav Gahlot <gaurav.gahlot19@gmail.com> Date: Tue, 16 Jun 2020 16:55:23 +0530 Subject: [PATCH 02/12] updated gitignore Signed-off-by: Gaurav Gahlot <gaurav.gahlot19@gmail.com> --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 15dbda4af..528a0a3d0 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,6 @@ cmd/tink-worker/tink-worker .terraform terraform.tfstate terraform.tfstate.backup + +# Vagrant +**/.vagrant From bb038a60e1d0d987fe879d3c14628a2ae16c2d77 Mon Sep 17 00:00:00 2001 From: Graham Christensen <graham@grahamc.com> Date: Tue, 16 Jun 2020 08:44:33 -0400 Subject: [PATCH 03/12] vagrantfile: call ./scripts/tinkerbell.sh --- deploy/vagrant/Vagrantfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/vagrant/Vagrantfile b/deploy/vagrant/Vagrantfile index 16cad3905..c263084c9 100644 --- a/deploy/vagrant/Vagrantfile +++ b/deploy/vagrant/Vagrantfile @@ -7,7 +7,7 @@ Vagrant.configure('2') do |config| provisioner.vm.box = 'generic/ubuntu1804' provisioner.vm.hostname = 'provisioner' provisioner.vm.synced_folder '.', '/vagrant', type: 'rsync' - provisioner.vm.provision :shell, path: 'tinkerbell.sh', args: [$provisioner_ip_address] + provisioner.vm.provision :shell, path: './scripts/tinkerbell.sh' provisioner.vm.provider :libvirt do |lv, override| lv.memory = 2*1024 From c88de056cb7a5cf3b680b1977c43f8b002894ff8 Mon Sep 17 00:00:00 2001 From: Graham Christensen <graham@grahamc.com> Date: Tue, 16 Jun 2020 08:44:54 -0400 Subject: [PATCH 04/12] vagrant: sync the entire tink repo --- deploy/vagrant/Vagrantfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/vagrant/Vagrantfile b/deploy/vagrant/Vagrantfile index c263084c9..f6b95b50f 100644 --- a/deploy/vagrant/Vagrantfile +++ b/deploy/vagrant/Vagrantfile @@ -6,7 +6,7 @@ Vagrant.configure('2') do |config| config.vm.define :provisioner do |provisioner| provisioner.vm.box = 'generic/ubuntu1804' provisioner.vm.hostname = 'provisioner' - provisioner.vm.synced_folder '.', '/vagrant', type: 'rsync' + provisioner.vm.synced_folder './../../', '/vagrant', type: 'rsync' provisioner.vm.provision :shell, path: './scripts/tinkerbell.sh' provisioner.vm.provider :libvirt do |lv, override| From 9559d8b0a938d89145a9b9eca7f1337b93cd7a7e Mon Sep 17 00:00:00 2001 From: Graham Christensen <graham@grahamc.com> Date: Tue, 16 Jun 2020 08:45:06 -0400 Subject: [PATCH 05/12] vagrant: Don't mirror hello-world or run docker-compose up --- deploy/vagrant/scripts/tinkerbell.sh | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/deploy/vagrant/scripts/tinkerbell.sh b/deploy/vagrant/scripts/tinkerbell.sh index 9e3295c53..d8d64d3af 100644 --- a/deploy/vagrant/scripts/tinkerbell.sh +++ b/deploy/vagrant/scripts/tinkerbell.sh @@ -58,13 +58,6 @@ command_exists() ( command -v "$@" >/dev/null 2>&1 ) -mirror_hello_world() ( - # push the hello-world workflow action image - docker pull hello-world - docker tag hello-world "$TINKERBELL_HOST_IP/hello-world" - docker push "$TINKERBELL_HOST_IP/hello-world" -) - main() ( export DEBIAN_FRONTEND=noninteractive @@ -94,11 +87,6 @@ main() ( ./setup.sh secure_certs - - mirror_hello_world - - cd deploy - docker-compose up -d ) main From 29e252f6307e916fda4b2876425b35bbdbec1f41 Mon Sep 17 00:00:00 2001 From: Graham Christensen <graham@grahamc.com> Date: Tue, 16 Jun 2020 08:54:30 -0400 Subject: [PATCH 06/12] vagrant: add the vagrant user to the docker group --- deploy/vagrant/scripts/tinkerbell.sh | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/deploy/vagrant/scripts/tinkerbell.sh b/deploy/vagrant/scripts/tinkerbell.sh index d8d64d3af..f69c92676 100644 --- a/deploy/vagrant/scripts/tinkerbell.sh +++ b/deploy/vagrant/scripts/tinkerbell.sh @@ -28,10 +28,6 @@ setup_docker() ( sudo apt-get update sudo apt-get install -y docker-ce docker-ce-cli containerd.io - - sudo usermod -aG docker "$USER" - - newgrp ) setup_docker_compose() ( @@ -87,6 +83,8 @@ main() ( ./setup.sh secure_certs + + sudo usermod -aG docker vagrant ) main From e85f7d932b5c0931ba070906f48ae58be23db2b3 Mon Sep 17 00:00:00 2001 From: Graham Christensen <graham@grahamc.com> Date: Tue, 16 Jun 2020 09:04:46 -0400 Subject: [PATCH 07/12] vagrant: configure the vagrant user with docker creds --- deploy/vagrant/scripts/tinkerbell.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/deploy/vagrant/scripts/tinkerbell.sh b/deploy/vagrant/scripts/tinkerbell.sh index f69c92676..c9a41e880 100644 --- a/deploy/vagrant/scripts/tinkerbell.sh +++ b/deploy/vagrant/scripts/tinkerbell.sh @@ -54,6 +54,15 @@ command_exists() ( command -v "$@" >/dev/null 2>&1 ) +configure_vagrant_user() ( + sudo usermod -aG docker vagrant + + echo -n "$TINKERBELL_REGISTRY_PASSWORD" | + sudo -iu vagrant docker login \ + --username="$TINKERBELL_REGISTRY_USERNAME" \ + --password-stdin "$TINKERBELL_HOST_IP" +) + main() ( export DEBIAN_FRONTEND=noninteractive @@ -84,7 +93,8 @@ main() ( secure_certs - sudo usermod -aG docker vagrant + configure_vagrant_user + ) main From 7fe9e54e9cda7ac1e3ee9110f46e559146d089ee Mon Sep 17 00:00:00 2001 From: Graham Christensen <graham@grahamc.com> Date: Tue, 16 Jun 2020 09:26:14 -0400 Subject: [PATCH 08/12] vagrant: Sync folders dynamically --- deploy/vagrant/Vagrantfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/vagrant/Vagrantfile b/deploy/vagrant/Vagrantfile index f6b95b50f..d17730688 100644 --- a/deploy/vagrant/Vagrantfile +++ b/deploy/vagrant/Vagrantfile @@ -6,7 +6,7 @@ Vagrant.configure('2') do |config| config.vm.define :provisioner do |provisioner| provisioner.vm.box = 'generic/ubuntu1804' provisioner.vm.hostname = 'provisioner' - provisioner.vm.synced_folder './../../', '/vagrant', type: 'rsync' + provisioner.vm.synced_folder './../../', '/vagrant' provisioner.vm.provision :shell, path: './scripts/tinkerbell.sh' provisioner.vm.provider :libvirt do |lv, override| From 63e30d2b7a0f6dd7e22b26f477a13e0d9e5a43a0 Mon Sep 17 00:00:00 2001 From: Graham Christensen <graham@grahamc.com> Date: Tue, 16 Jun 2020 09:26:34 -0400 Subject: [PATCH 09/12] vagrant: vbox: don't config the NIC automatically --- deploy/vagrant/Vagrantfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/deploy/vagrant/Vagrantfile b/deploy/vagrant/Vagrantfile index d17730688..fe3a92c66 100644 --- a/deploy/vagrant/Vagrantfile +++ b/deploy/vagrant/Vagrantfile @@ -22,7 +22,10 @@ Vagrant.configure('2') do |config| provisioner.vm.provider :virtualbox do |vb, override| vb.memory = 2*1024 vb.cpus = 2 - override.vm.network "private_network", ip: $provisioner_ip_address + override.vm.network "private_network", + virtualbox_intnet: "tink_network", + auto_config: false + end end From d7317bf6c2db6862ac6a6375e46b2cd102aa9f9b Mon Sep 17 00:00:00 2001 From: Graham Christensen <graham@grahamc.com> Date: Tue, 16 Jun 2020 09:26:51 -0400 Subject: [PATCH 10/12] setup: unpack osie if either osie or workflow are missing --- setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.sh b/setup.sh index 71227581b..7233f89b9 100755 --- a/setup.sh +++ b/setup.sh @@ -251,7 +251,7 @@ setup_osie() ( local osie_current=$STATEDIR/webroot/misc/osie/current local tink_workflow=$STATEDIR/webroot/workflow/ - if [ ! -d "$osie_current" ] && [ ! -d "$tink_workflow" ]; then + if [ ! -d "$osie_current" ] || [ ! -d "$tink_workflow" ]; then mkdir -p "$osie_current" mkdir -p "$tink_workflow" pushd "$SCRATCH" From a71057a36e49a25f057540df5d23a19d3c320919 Mon Sep 17 00:00:00 2001 From: Graham Christensen <graham@grahamc.com> Date: Tue, 16 Jun 2020 09:38:13 -0400 Subject: [PATCH 11/12] vagrant: provisioner: unconfigure the private network --- deploy/vagrant/Vagrantfile | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/deploy/vagrant/Vagrantfile b/deploy/vagrant/Vagrantfile index fe3a92c66..7c15ff7a3 100644 --- a/deploy/vagrant/Vagrantfile +++ b/deploy/vagrant/Vagrantfile @@ -9,23 +9,21 @@ Vagrant.configure('2') do |config| provisioner.vm.synced_folder './../../', '/vagrant' provisioner.vm.provision :shell, path: './scripts/tinkerbell.sh' + provisioner.vm.network :private_network, + virtualbox__intnet: "tink_network", + libvirt__dhcp_enabled: false, + libvirt__forward_mode: 'none', + auto_config: false + provisioner.vm.provider :libvirt do |lv, override| lv.memory = 2*1024 lv.cpus = 2 lv.cpu_mode = 'host-passthrough' - override.vm.network "private_network", - ip: $provisioner_ip_address, - libvirt__dhcp_enabled: false, - libvirt__forward_mode: 'none' end provisioner.vm.provider :virtualbox do |vb, override| vb.memory = 2*1024 vb.cpus = 2 - override.vm.network "private_network", - virtualbox_intnet: "tink_network", - auto_config: false - end end From eae335b105cd917a89be113bfeed6b3616d812fb Mon Sep 17 00:00:00 2001 From: Graham Christensen <graham@grahamc.com> Date: Tue, 16 Jun 2020 09:48:12 -0400 Subject: [PATCH 12/12] Configure the worker the same way --- deploy/vagrant/Vagrantfile | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/deploy/vagrant/Vagrantfile b/deploy/vagrant/Vagrantfile index 7c15ff7a3..8e686299e 100644 --- a/deploy/vagrant/Vagrantfile +++ b/deploy/vagrant/Vagrantfile @@ -1,4 +1,3 @@ -$provisioner_ip_address = '10.11.12.2' ENV['VAGRANT_NO_PARALLEL'] = 'yes' Vagrant.configure('2') do |config| @@ -29,7 +28,12 @@ Vagrant.configure('2') do |config| config.vm.define "worker" do |worker| worker.vm.box = nil - worker.vm.network "private_network", ip: $provisioner_ip_address, mac: "080027000001", auto_config: false + worker.vm.network :private_network, + mac: "080027000001", + virtualbox__intnet: "tink_network", + libvirt__dhcp_enabled: false, + libvirt__forward_mode: 'none', + auto_config: false worker.vm.provider :libvirt do |lv| lv.memory = 1*1024