This repository has been archived by the owner on Jun 29, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 49
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1502 from kinvolk/kai/bare-metal-reprovisioning
baremetal: integrate automated (re-)provisioning logic
- Loading branch information
Showing
18 changed files
with
324 additions
and
29 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
6 changes: 6 additions & 0 deletions
6
assets/terraform-modules/bare-metal/flatcar-linux/kubernetes/controller_profiles.tf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,19 +1,25 @@ | ||
module "controller_profile" { | ||
source = "../../../matchbox-flatcar" | ||
count = length(var.controller_names) | ||
asset_dir = var.asset_dir | ||
node_name = var.controller_names[count.index] | ||
node_mac = var.controller_macs[count.index] | ||
node_domain = var.controller_domains[count.index] | ||
download_protocol = var.download_protocol | ||
os_channel = var.os_channel | ||
os_version = var.os_version | ||
http_endpoint = var.matchbox_http_endpoint | ||
kernel_args = var.kernel_args | ||
kernel_console = var.kernel_console | ||
installer_clc_snippets = lookup(var.installer_clc_snippets, var.controller_names[count.index], []) | ||
install_disk = var.install_disk | ||
install_to_smallest_disk = var.install_to_smallest_disk | ||
container_linux_oem = var.container_linux_oem | ||
ssh_keys = var.ssh_keys | ||
ignition_clc_config = module.controller[count.index].clc_config | ||
cached_install = var.cached_install | ||
wipe_additional_disks = var.wipe_additional_disks | ||
ignore_changes = true | ||
pxe_commands = var.pxe_commands | ||
install_pre_reboot_cmds = var.install_pre_reboot_cmds | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5 changes: 5 additions & 0 deletions
5
assets/terraform-modules/bare-metal/flatcar-linux/kubernetes/worker_profiles.tf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,19 +1,24 @@ | ||
module "worker_profile" { | ||
source = "../../../matchbox-flatcar" | ||
count = length(var.worker_names) | ||
asset_dir = var.asset_dir | ||
node_name = var.worker_names[count.index] | ||
node_mac = var.worker_macs[count.index] | ||
node_domain = var.worker_domains[count.index] | ||
download_protocol = var.download_protocol | ||
os_channel = var.os_channel | ||
os_version = var.os_version | ||
http_endpoint = var.matchbox_http_endpoint | ||
kernel_args = var.kernel_args | ||
kernel_console = var.kernel_console | ||
installer_clc_snippets = lookup(var.installer_clc_snippets, var.worker_names[count.index], []) | ||
install_disk = var.install_disk | ||
install_to_smallest_disk = var.install_to_smallest_disk | ||
container_linux_oem = var.container_linux_oem | ||
ssh_keys = var.ssh_keys | ||
ignition_clc_config = module.worker[count.index].clc_config | ||
cached_install = var.cached_install | ||
wipe_additional_disks = var.wipe_additional_disks | ||
pxe_commands = var.pxe_commands | ||
install_pre_reboot_cmds = var.install_pre_reboot_cmds | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
87 changes: 87 additions & 0 deletions
87
assets/terraform-modules/matchbox-flatcar/pxe-helper.sh.tmpl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
# (executed in-line, #!/... would be ignored) | ||
# Terraform template variable substitution: | ||
name=${name} | ||
domain=${domain} | ||
mac=${mac} | ||
asset_dir=${asset_dir} | ||
ignore_changes=${ignore_changes} | ||
kernel_args="${kernel_args}" | ||
kernel_console="${kernel_console}" | ||
ignition_endpoint="${ignition_endpoint}" | ||
# From now on use $var for dynamic shell substitution | ||
|
||
if test -f "$asset_dir/$mac" && [ "$(cat "$asset_dir/$mac")" = "$domain" ]; then | ||
echo "found $asset_dir/$mac containing $domain, skipping PXE install" | ||
node_exists=yes | ||
else | ||
echo "$asset_dir/$mac does not contain $domain, forcing PXE install" | ||
node_exists=no | ||
fi | ||
|
||
if [ $node_exists = yes ]; then | ||
if $ignore_changes ; then | ||
echo "Keeping old config because 'ignore_changes' is set." | ||
exit 0 | ||
else | ||
# run single commands that can be retried without a side effect in case the connection got disrupted | ||
count=30 | ||
while [ $count -gt 0 ] && ! ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NumberOfPasswordPrompts=0 core@$domain sudo touch /boot/flatcar/first_boot; do | ||
sleep 1 | ||
count=$((count - 1)) | ||
done | ||
if [ $count -eq 0 ]; then | ||
echo "error reaching $domain via SSH, please remove the $asset_dir/$mac file to force a PXE install" | ||
exit 1 | ||
fi | ||
echo "created the first_boot flag file to reprovision $domain" | ||
count=5 | ||
while [ $count -gt 0 ] && ! ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NumberOfPasswordPrompts=0 core@$domain "printf 'set linux_append=\"$kernel_args ignition.config.url=$ignition_endpoint?mac=$mac&os=installed\"\\nset linux_console=\"$kernel_console\"\\n' | sudo tee /usr/share/oem/grub.cfg"; do | ||
sleep 1 | ||
count=$((count - 1)) | ||
done | ||
if [ $count -eq 0 ]; then | ||
echo "error reaching $domain via SSH, please retry" | ||
exit 1 | ||
fi | ||
count=5 | ||
while [ $count -gt 0 ] && ! ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NumberOfPasswordPrompts=0 core@$domain sudo systemctl reboot; do | ||
sleep 1 | ||
count=$((count - 1)) | ||
done | ||
if [ $count -eq 0 ]; then | ||
echo "error reaching $domain via SSH, please reboot manually" | ||
exit 1 | ||
fi | ||
echo "rebooted the $domain" | ||
fi | ||
else | ||
# the user may provide ipmitool commands or any other logic for forcing a PXE boot | ||
${pxe_commands} | ||
fi | ||
|
||
echo "checking that $domain comes up" | ||
count=600 | ||
# check that we can reach the node and that it has the flag file which we remove here, indicating a reboot happened which prevents a race when issuing the reboot takes longer (both the systemctl reboot and PXE case) | ||
# Just in case the connection breaks and SSH may report an error code but still execute successfully, we will first check file existence and then delete with "rm -f" to be able to rerun both commands. | ||
# This sequence gives us the same error reporting as just running "rm" once. | ||
while [ $count -gt 0 ] && ! ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NumberOfPasswordPrompts=0 core@$domain test -f /ignition_ran; do | ||
sleep 1 | ||
count=$((count - 1)) | ||
done | ||
if [ $count -eq 0 ]; then | ||
echo "error: failed verifying with SSH if $domain came up by checking the /ignition_ran flag file" | ||
exit 1 | ||
fi | ||
count=5 | ||
while [ $count -gt 0 ] && ! ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o NumberOfPasswordPrompts=0 core@$domain sudo rm -f /ignition_ran; do | ||
sleep 1 | ||
count=$((count - 1)) | ||
done | ||
if [ $count -eq 0 ]; then | ||
echo "error: failed to remove the /ignition_ran flag file on $domain" | ||
exit 1 | ||
else | ||
echo "$domain came up again" | ||
fi | ||
# only write the state file once the system is up, this allows to rerun lokoctl if the first PXE boot did not work and it will try again | ||
echo $domain > "$asset_dir/$mac" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
resource "null_resource" "reprovision-node-when-ignition-changes" { | ||
# Triggered when the Ignition Config changes | ||
triggers = { | ||
ignition_config = matchbox_profile.node.raw_ignition | ||
kernel_args = join(" ", var.kernel_args) | ||
kernel_console = join(" ", var.kernel_console) | ||
} | ||
# Wait for the new Ignition config object to be ready before rebooting | ||
depends_on = [matchbox_group.node] | ||
# Trigger running Ignition on the next reboot (first_boot flag file) and reboot the instance, or, if the instance needs to be (re)provisioned, run external commands for PXE booting (also runs on the first provisioning) | ||
provisioner "local-exec" { | ||
command = templatefile("${path.module}/pxe-helper.sh.tmpl", { domain = var.node_domain, name = var.node_name, mac = var.node_mac, pxe_commands = var.pxe_commands, asset_dir = var.asset_dir, kernel_args = join(" ", var.kernel_args), kernel_console = join(" ", var.kernel_console), ignition_endpoint = format("%s/ignition", var.http_endpoint), ignore_changes = var.ignore_changes }) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.