Merge pull request #311 from digitalrebar/k3s

Enable K3s Install for KRIB

Author: galthaus

krib/._RequiredFeatures.meta

@@ -1 +1 @@
-sane-exit-codes, job-exit-states, fsm-runner, workflows, default-workflow, http-range-header, roles, tenants, sprig
+sane-exit-codes, job-exit-states, fsm-runner, workflows, default-workflow, http-range-header, roles, tenants, sprig, log-has-head-method

krib/params/containerd-version.yaml

@@ -0,0 +1,16 @@
+---
+Name: "containerd/version"
+Description: "Version of containerd to use in cluster"
+Documentation: |
+  Allows operators to determine the version of containerd to install
+
+  String should NOT include v as as a prefix
+  Used to download from https://storage.googleapis.com/cri-containerd-release/cri-containerd-${VERSION}.linux-amd64.tar.gz path
+Schema:
+  type: "string"
+  default: "1.2.7"
+Meta:
+  color: "blue"
+  icon: "cubes"
+  title: "Community Content Copyright RackN 2019"
+  render: "semver"

krib/params/krib-k3s.yaml

@@ -0,0 +1,13 @@
+---
+Name: "krib/k3s"
+Description: "Use k3s for KRIB (instead of k8s)"
+Documentation: |
+  Informs tasks to use k3s instead of k8s
+  No need to include etcd stages when k3s is true
+Schema:
+  type: "boolean"
+  default: false
+Meta:
+  color: "blue"
+  icon: "cube"
+  title: "Community Content"

krib/stages/k3s-config.yaml

@@ -0,0 +1,22 @@
+---
+Name: "k3s-config"
+Description: "KRIB configure a K3s cluster master and nodes"
+Documentation: |
+  Designed to substitute for Kubernetes with K3s
+  Installs k3s using the KRIB process and params
+  with the goal of being able to use the same downstream stages
+RunnerWait: true
+Params:
+  "krib/k3s": true
+  "krib/container-runtime": "containerd"
+  "krib/repo": "https://github.com/rancher/k3s/releases"
+Tasks:
+  - "containerd-install"
+  - "krib-get-masters"
+  - "k3s-config"
+Meta:
+  icon: "ship"
+  color: "yellow"
+  title: "Community Content"
+  k3s: "true"
+  copyright: "RackN 2019"

krib/tasks/k3s-config.yaml

@@ -0,0 +1,24 @@
+---
+Description: "A task to configure k3s"
+Name: "k3s-config"
+Documentation: |
+  Sets Param: krib/cluster-join, krib/cluster-admin-conf
+  Configure K3s using built-in commands
+  This uses the Digital Rebar Cluster pattern so krib/cluster-profile must be set
+
+  Server is setup to also be an agent - all machines have workload
+
+  WARNING: Must NOT set etcd/cluster-profile when install k3s1
+RequiredParams:
+  - krib/cluster-profile
+Templates:
+  - ID: "k3s-config.sh.tmpl"
+    Name: "Config K3s"
+    Path: ""
+Meta:
+  icon: "ship"
+  color: "blue"
+  title: "Community Content"
+  feature-flags: "sane-exit-codes"
+  k3s: "true"
+  copyright: "RackN 2019"

krib/templates/containerd-install.sh.tmpl

@@ -2,12 +2,11 @@
 # Kubernetes Rebar Integrated Boot (KRIB) Docker Install
 set -e
 
+echo "starting containerd v{{.Param "containerd/version"}} install"
 # Get access and who we are.
 {{template "setup.tmpl" .}}
 [[ $RS_UUID ]] && export RS_UUID="{{.Machine.UUID}}"
 
-ETCD_CONTROLLER_IP={{.Param "etcd/controller-ip"}}
-
 {{if .ParamExists "kubectl/working-dir" -}}
 # Only do this if it exists.
 # if it isn't setup, don't use it.
@@ -19,14 +18,26 @@ fi
 
 # Allow for a local repository for installation files
 {{if .ParamExists "krib/package-repository" -}}
-KRIB_REPO={{.Param "krib/package-repository"}}
+  echo "local repo download containerd v{{.Param "containerd/version"}} binaries in {{.Param "krib/package-repository"}}"
+  curl -L {{.Param "krib/package-repository"}}/cri-containerd-{{.Param "containerd/version"}}.linux-amd64.tar.gz | tar xvz -C /
+{{else}}
+  BINARIES="cri-containerd-{{.Param "containerd/version"}}.linux-amd64.tar.gz"
+  if [[ ! -f $BINARIES ]] ; then
+	  echo "download containerd v{{.Param "containerd/version"}} to $BINARIES"
+	  curl -L https://storage.googleapis.com/cri-containerd-release/$BINARIES -o $BINARIES
+  else
+    echo "$BINARIES already downloaded"
+  fi
+  CHECK=$(sha256sum $BINARIES)
+  SHA256=$(curl -L https://storage.googleapis.com/cri-containerd-release/$BINARIES.sha256)
+  if [[ "$CHECK" == "$SHA256  $BINARIES" ]] ; then
+  	echo "verified checksum for $BINARIES!"
+    tar --no-overwrite-dir -C / -xzf $BINARIES
+  else
+  	echo "checksum does not match! computed $CHECK vs download $SHA256"
+  	exit 1
+  fi
 {{end -}}
-
-if [[ ! -z "$KRIB_REPO" ]] ; then
-  curl -L ${KRIB_REPO}/cri-containerd-{{.Param "containerd/version"}}.linux-amd64.tar.gz | tar xvz -C /
-else
-  curl -L https://storage.googleapis.com/cri-containerd-release/cri-containerd-{{.Param "containerd/version"}}.linux-amd64.tar.gz | tar xvz -C /
-fi
 # Configure containerd
 
 {{if .ParamExists "containerd/config" -}}
@@ -42,5 +53,6 @@ echo "Skipping custom etc/containerd/config.toml: No containerd/config defined"
 # start containerd
 systemctl start containerd
 
-echo "Containerd installed successfully"
+ctr --version
+echo "Containerd v{{.Param "containerd/version"}} installed successfully"
 exit 0

krib/templates/k3s-config.sh.tmpl

@@ -0,0 +1,159 @@
+#!/usr/bin/env bash
+# k3s part of Kubernetes Rebar Integrated Boot (KRIB) Kubeadm Installer
+# Copyright RackN 2019
+set -e
+
+# Get access and who we are.
+{{ template "setup.tmpl" .}}
+
+if [[ {{ .Param "krib/k3s" }} != true ]]; then
+  echo "krib/k3s must be true"
+  exit 1
+fi
+
+# Fix hostname lookup
+echo "{{.Machine.Address}} $(hostname -s) $(hostname)" >> /etc/hosts
+
+echo "Starting krib/k3s enabled stage"
+drpcli machines update $RS_UUID "{\"Meta\":{\"color\":\"black\", \"icon\": \"cube\" }}" | jq .Meta
+
+{{ if .ParamExists "krib/cluster-profile" -}}
+CLUSTER_PROFILE={{ .Param "krib/cluster-profile" }}
+PROFILE_TOKEN={{ .GenerateProfileToken (.Param "krib/cluster-profile") 7200 }}
+{{ else -}}
+xiterr 1 "Missing krib/cluster-profile on the machine!"
+{{ end -}}
+
+{{ template "krib-lib.sh.tmpl" .}}
+
+echo "Download k3s (for now only use latest and AMD64 arch)"
+
+KRIB_REPO={{ .Param "krib/repo" }}
+RELEASE=`curl -w "%{url_effective}" -I -L -s -S ${KRIB_REPO}/latest -o /dev/null | sed -e 's|.*/||'`
+TMP_DIR=/tmp/k3s-tmp
+INSTALL_DIR=/usr/bin
+SYSTEMD_DIR="/etc/systemd/system"
+K3SBIN="$INSTALL_DIR/k3s"
+
+if ! which k3s ; then
+  echo "Download k3s ${RELEASE} from ${KRIB_REPO}/download/${RELEASE}/k3s to $K3SBIN"
+  if [[ ! -z "$KRIB_REPO" ]] ; then
+    download -L --remote-name-all "${KRIB_REPO}/download/${RELEASE}/k3s" -o $K3SBIN
+  else
+    echo "missing REPO AND RELEASE"
+    exit 1
+  fi
+  if [ -f $K3SBIN ] ; then
+    chmod +x $K3SBIN
+  else
+    echo "$K3SBIN not installed on system"
+    exit 1
+  fi
+else
+  echo "found $K3SBIN binary, moving on..."
+fi
+
+echo "Configure master or nodes..."
+
+{{ if .ParamExists "krib/ip" -}}
+KRIB_IP={{ .Param "krib/ip" }}
+{{ else -}}
+KRIB_IP={{ .Machine.Address }}
+{{ end -}}
+
+# we need a random backoff to avoid races.
+SLEEP=$[ ( $RANDOM % 25 ) ]
+sleep $SLEEP
+
+MASTER_INDEX=$(find_me $KRIB_MASTERS_PARAM "Uuid" $RS_UUID)
+echo "My Master index is $MASTER_INDEX"
+echo "k3s version: $(k3s -v)"
+
+CLUSTERNAME={{ .Param "krib/cluster-name" }}
+
+if [[ $MASTER_INDEX != notme ]] ; then
+
+  echo "I am master - run k3s server"
+
+  EXECSTART="${K3SBIN} server --bind-address={{ .Param "krib/cluster-master-vip" }} --https-listen-port={{ .Param "krib/cluster-api-port" }}"
+  SYSTEMD_TYPE="notify"
+
+  drpcli machines update $RS_UUID "{\"Meta\":{\"color\":\"yellow\", \"icon\": \"anchor\" }}" | jq .Meta
+
+else
+
+  echo "I am a node - run k3s agent"
+
+  wait_for_variable $KRIB_JOIN_PARAM
+  # we need to get the decoded version
+  TOKEN=$(drpcli -T $PROFILE_TOKEN profiles get $CLUSTER_PROFILE param $KRIB_JOIN_PARAM --decode)
+
+  echo "Running Agent: join $TOKEN"
+  EXECSTART="${K3SBIN} agent --token $TOKEN"
+  SYSTEMD_TYPE="exec"
+
+  # Set machine icon and color for KRIB cluster building
+  drpcli machines update $RS_UUID "{\"Meta\":{\"color\":\"yellow\", \"icon\": \"ship\" }}" | jq .Meta
+
+fi
+
+MODEPROBE=$(which modprobe)
+
+## Build Systemd environment vars
+tee /etc/systemd/system/k3s.service.env >/dev/null << EOF
+K3S_URL=https://{{ .Param "krib/cluster-master-vip" }}:{{ .Param "krib/cluster-api-port" }}
+EOF
+
+## Build Systemd service
+tee /etc/systemd/system/k3s.service >/dev/null << EOF
+[Unit]
+Description=Lightweight Kubernetes
+Documentation=https://k3s.io
+After=network-online.target
+
+[Service]
+Type=${SYSTEMD_TYPE}
+EnvironmentFile=/etc/systemd/system/k3s.service.env
+ExecStartPre=${MODEPROBE} br_netfilter
+ExecStartPre=${MODEPROBE} overlay
+ExecStart=${EXECSTART}
+KillMode=process
+Delegate=yes
+LimitNOFILE=infinity
+LimitNPROC=infinity
+LimitCORE=infinity
+TasksMax=infinity
+TimeoutStartSec=0
+Restart=always
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+systemctl daemon-reload && systemctl start k3s
+sleep 15
+
+if [[ $MASTER_INDEX != notme ]] ; then
+  # need more delay for master
+  sleep 15
+  echo "verify install"
+  k3s kubectl get nodes
+  echo "Recording cluster admin config ..."
+  drpcli -T $PROFILE_TOKEN profiles add $CLUSTER_PROFILE param $KRIB_ADMIN_CONF_PARAM to - < /etc/rancher/k3s/k3s.yaml
+  if [[ -f /var/lib/rancher/k3s/server/node-token ]] ; then
+    # collect the cluster bootstrap token, then store it on the Param
+    TOKEN=$(cat /var/lib/rancher/k3s/server/node-token)
+    drpcli -T $PROFILE_TOKEN profiles add $CLUSTER_PROFILE param $KRIB_JOIN_PARAM to "$TOKEN"
+  else
+    echo "halting, could not find /var/lib/rancher/k3s/server/node-token"
+    exit 1
+  fi
+  drpcli machines update $RS_UUID "{\"Meta\":{\"color\":\"green\", \"icon\": \"anchor\" }}" | jq .Meta
+else
+  # Set machine icon and color for KRIB cluster building
+  drpcli machines update $RS_UUID "{\"Meta\":{\"color\":\"green\", \"icon\": \"ship\" }}" | jq .Meta
+fi
+
+echo "Finished successfully"
+exit 0

krib/templates/krib-config.sh.tmpl

@@ -187,6 +187,7 @@ if [[ $MASTER_INDEX != notme ]] ; then
     esac
 
   else
+    echo "waiting for $KRIB_MASTER_CERTS_PARAM"
     wait_for_variable $KRIB_MASTER_CERTS_PARAM
 
     cd /
@@ -275,6 +276,7 @@ do
 done
 
 # Wait for KRIB config to be updated from bootstrap node
+echo "waiting for $KRIB_ADMIN_CONF_PARAM"
 wait_for_variable $KRIB_ADMIN_CONF_PARAM > label.conf
 
 # Set labels for nodes / runs on all nodes

krib/templates/krib-get-masters.sh.tmpl

@@ -39,7 +39,11 @@ KRIB_IP={{ .Machine.Address }}
 KRIB_MASTER_COUNT={{.Param "krib/cluster-master-count"}}
 echo "Creating $KRIB_MASTER_COUNT k8s masters"
 
-if [[ $MASTER_ON_ETCDS == true ]] ; then
+if [[ {{ .Param "krib/k3s" }} == true ]] ; then
+  echo "K3s, add $KRIB_MASTERS_PARAM to $CLUSTER_PROFILE"
+  drpcli -T "$PROFILE_TOKEN" profiles add "$CLUSTER_PROFILE" param "$KRIB_MASTERS_PARAM" to "[]" || true
+  echo "K3s, skipping etcd config"
+elif [[ $MASTER_ON_ETCDS == true ]] ; then
   if (( $KRIB_MASTER_COUNT >= $ETCD_COUNT )) ; then
     # If we have the same or more masters than etcd, start with the etcd list.
     ETCD_MASTERS=$(get_param $ETCD_SERVERS_PARAM)

krib/workflows/k3s-cluster.yaml

@@ -0,0 +1,13 @@
+Description: "KRIB built K3s cluster"
+Errors: []
+Meta:
+  color: "yellow"
+  icon: "ship"
+  title: "k3s cluster"
+  k3s: "true"
+  copyright: "RackN 2019"
+Name: "k3s-cluster"
+ReadOnly: false
+Stages:
+  - "k3s-config"
+  - "krib-live-wait"