Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Systemd free setup #507

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion mgradm/cmd/inspect/kubernetes.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ func kuberneteInspect(
}

// Get the SCC credentials secret if existing
pullSecret, err := kubernetes.GetSCCSecret(namespace, &types.SCCCredentials{}, kubernetes.ServerApp)
pullSecret, err := kubernetes.GetRegistrySecret(namespace, &types.SCCCredentials{}, kubernetes.ServerApp)
if err != nil {
return err
}
Expand Down
1 change: 1 addition & 0 deletions mgradm/cmd/install/podman/podman.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ NOTE: installing on a remote podman is not supported yet!
},
}

adm_utils.AddMirrorFlag(cmd)
shared.AddInstallFlags(cmd)
podman.AddPodmanArgFlag(cmd)

Expand Down
2 changes: 2 additions & 0 deletions mgradm/cmd/install/podman/podman_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,13 +17,15 @@ import (

func TestParamsParsing(t *testing.T) {
args := flagstests.InstallFlagsTestArgs()
args = append(args, flagstests.MirrorFlagTestArgs...)
args = append(args, flagstests.PodmanFlagsTestArgs...)
args = append(args, "srv.fq.dn")

// Test function asserting that the args are properly parsed
tester := func(_ *types.GlobalFlags, flags *podmanInstallFlags,
_ *cobra.Command, args []string,
) error {
flagstests.AssertMirrorFlag(t, flags.Mirror)
flagstests.AssertInstallFlags(t, &flags.ServerFlags)
flagstests.AssertPodmanInstallFlags(t, &flags.Podman)
testutils.AssertEquals(t, "Wrong FQDN", "srv.fq.dn", args[0])
Expand Down
77 changes: 53 additions & 24 deletions mgradm/cmd/install/podman/utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ package podman

import (
"errors"
"fmt"
"os/exec"
"strings"

"github.com/rs/zerolog"
"github.com/rs/zerolog/log"
Expand Down Expand Up @@ -91,35 +91,23 @@ func installForPodman(
return err
}

cnx := shared.NewConnection("podman", shared_podman.ServerContainerName, "")
if err := waitForSystemStart(systemd, cnx, preparedImage, flags); err != nil {
return utils.Errorf(err, L("cannot wait for system start"))
if err := shared_podman.SetupNetwork(false); err != nil {
return utils.Errorf(err, L("cannot setup network"))
}

caPassword := flags.Installation.SSL.Password
if flags.Installation.SSL.UseExisting() {
// We need to have a password for the generated CA, even though it will be thrown away after install
caPassword = "dummy"
}
log.Info().Msg(L("Run setup command in the container"))

env := map[string]string{
"CERT_O": flags.Installation.SSL.Org,
"CERT_OU": flags.Installation.SSL.OU,
"CERT_CITY": flags.Installation.SSL.City,
"CERT_STATE": flags.Installation.SSL.State,
"CERT_COUNTRY": flags.Installation.SSL.Country,
"CERT_EMAIL": flags.Installation.SSL.Email,
"CERT_CNAMES": strings.Join(append([]string{fqdn}, flags.Installation.SSL.Cnames...), ","),
"CERT_PASS": caPassword,
if err := runSetup(preparedImage, &flags.ServerFlags, fqdn); err != nil {
return err
}

log.Info().Msg(L("Run setup command in the container"))
cnx := shared.NewConnection("podman", shared_podman.ServerContainerName, "")
if err := waitForSystemStart(systemd, cnx, preparedImage, flags); err != nil {
return utils.Errorf(err, L("cannot wait for system start"))
}

if err := adm_utils.RunSetup(cnx, &flags.ServerFlags, fqdn, env); err != nil {
if stopErr := systemd.StopService(shared_podman.ServerService); stopErr != nil {
log.Error().Msgf(L("Failed to stop service: %v"), stopErr)
}
return err
if err := cnx.CopyCaCertificate(fqdn); err != nil {
return utils.Errorf(err, L("failed to add SSL CA certificate to host trusted certificates"))
}

if path, err := exec.LookPath("uyuni-payg-extract-data"); err == nil {
Expand Down Expand Up @@ -173,3 +161,44 @@ func installForPodman(
}
return nil
}

// runSetup execute the setup.
func runSetup(image string, flags *adm_utils.ServerFlags, fqdn string) error {
env := adm_utils.GetSetupEnv(flags.Mirror, &flags.Installation, fqdn, false)
envNames := []string{}
envValues := []string{}
for key, value := range env {
envNames = append(envNames, "-e", key)
envValues = append(envValues, fmt.Sprintf("%s=%s", key, value))
}

command := []string{
"run",
"--rm",
"--shm-size=0",
"--shm-size-systemd=0",
"--name", "uyuni-setup",
"--network", shared_podman.UyuniNetwork,
"-e", "TZ=" + flags.Installation.TZ,
}
for _, volume := range utils.ServerVolumeMounts {
command = append(command, "-v", fmt.Sprintf("%s:%s:z", volume.Name, volume.MountPath))
}
command = append(command, envNames...)
command = append(command, image)

script, err := adm_utils.GenerateSetupScript(&flags.Installation, false)
if err != nil {
return err
}
command = append(command, "/usr/bin/sh", "-c", script)

if _, err := newRunner("podman", command...).Env(envValues).StdMapping().Exec(); err != nil {
return utils.Errorf(err, L("server setup failed"))
}

log.Info().Msgf(L("Server set up, login on https://%[1]s with %[2]s user"), fqdn, flags.Installation.Admin.Login)
return nil
}

var newRunner = utils.NewRunner
3 changes: 0 additions & 3 deletions mgradm/cmd/install/shared/flags.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ func AddInspectFlags(cmd *cobra.Command) {

// AddInstallFlags add flags to installa command.
func AddInstallFlags(cmd *cobra.Command) {
cmd_utils.AddMirrorFlag(cmd)
cmd.Flags().String("tz", "", L("Time zone to set on the server. Defaults to the host timezone"))
cmd.Flags().String("email", "[email protected]", L("Administrator e-mail"))
cmd.Flags().String("emailfrom", "[email protected]", L("E-Mail sending the notifications"))
Expand All @@ -31,7 +30,6 @@ func AddInstallFlags(cmd *cobra.Command) {
cmd.Flags().String("db-name", "susemanager", L("Database name"))
cmd.Flags().String("db-host", "localhost", L("Database host"))
cmd.Flags().Int("db-port", 5432, L("Database port"))
cmd.Flags().String("db-protocol", "tcp", L("Database protocol"))
cmd.Flags().String("db-admin-user", "", L("External database admin user name"))
cmd.Flags().String("db-admin-password", "", L("External database admin password"))
cmd.Flags().String("db-provider", "", L("External database provider. Possible values 'aws'"))
Expand All @@ -42,7 +40,6 @@ func AddInstallFlags(cmd *cobra.Command) {
_ = utils.AddFlagToHelpGroupID(cmd, "db-name", "db")
_ = utils.AddFlagToHelpGroupID(cmd, "db-host", "db")
_ = utils.AddFlagToHelpGroupID(cmd, "db-port", "db")
_ = utils.AddFlagToHelpGroupID(cmd, "db-protocol", "db")
_ = utils.AddFlagToHelpGroupID(cmd, "db-admin-user", "db")
_ = utils.AddFlagToHelpGroupID(cmd, "db-admin-password", "db")
_ = utils.AddFlagToHelpGroupID(cmd, "db-provider", "db")
Expand Down
2 changes: 1 addition & 1 deletion mgradm/cmd/migrate/kubernetes/utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func migrateToKubernetes(
}

// Create a secret using SCC credentials if any are provided
pullSecret, err := shared_kubernetes.GetSCCSecret(
pullSecret, err := shared_kubernetes.GetRegistrySecret(
flags.Kubernetes.Uyuni.Namespace, &flags.Installation.SCC, shared_kubernetes.ServerApp,
)
if err != nil {
Expand Down
17 changes: 14 additions & 3 deletions mgradm/shared/kubernetes/db.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@
package kubernetes

import (
"strings"

"github.com/rs/zerolog"
"github.com/uyuni-project/uyuni-tools/shared/kubernetes"
. "github.com/uyuni-project/uyuni-tools/shared/l10n"
core "k8s.io/api/core/v1"
Expand All @@ -19,12 +22,20 @@ const (
DBSecret = "db-credentials"
// ReportdbSecret is the name of the report database credentials secret.
ReportdbSecret = "reportdb-credentials"
SCCSecret = "scc-credentials"
secretUsername = "username"
secretPassword = "password"
)

// CreateDBSecret creates a secret containing the DB credentials.
func CreateDBSecret(namespace string, name string, user string, password string) error {
// CreateBasicAuthSecret creates a secret of type basic-auth.
func CreateBasicAuthSecret(namespace string, name string, user string, password string) error {
// Check if the secret is already existing
out, err := runCmdOutput(zerolog.DebugLevel, "kubectl", "get", "-n", namespace, "secret", name, "-o", "name")
if err == nil && strings.TrimSpace(string(out)) != "" {
return nil
}

// Create the secret
secret := core.Secret{
TypeMeta: meta.TypeMeta{APIVersion: "v1", Kind: "Secret"},
ObjectMeta: meta.ObjectMeta{
Expand All @@ -40,5 +51,5 @@ func CreateDBSecret(namespace string, name string, user string, password string)
Type: core.SecretTypeBasicAuth,
}

return kubernetes.Apply([]runtime.Object{&secret}, L("failed to create the database secret"))
return kubernetes.Apply([]runtime.Object{&secret}, L("failed to create the secret"))
}
Loading
Loading