From b5b7d27abd96a7a767d22fa46802afe68ab14b89 Mon Sep 17 00:00:00 2001 From: Dmitry Dunaev Date: Fri, 22 Oct 2021 18:08:07 +0300 Subject: [PATCH] [WIFI-3162] Add: readiness_check script that is using cli to check if system is ready --- Dockerfile | 4 +++- helm/values.yaml | 15 +++++++++---- readiness_check | 58 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 72 insertions(+), 5 deletions(-) create mode 100755 readiness_check diff --git a/Dockerfile b/Dockerfile index ec10d3f..e53169a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -59,7 +59,7 @@ RUN addgroup -S "$OWSEC_USER" && \ RUN mkdir /openwifi RUN mkdir -p "$OWSEC_ROOT" "$OWSEC_CONFIG" && \ chown "$OWSEC_USER": "$OWSEC_ROOT" "$OWSEC_CONFIG" -RUN apk add --update --no-cache librdkafka mariadb-connector-c libpq unixodbc su-exec gettext ca-certificates libcurl curl-dev +RUN apk add --update --no-cache librdkafka mariadb-connector-c libpq unixodbc su-exec gettext ca-certificates libcurl curl-dev bash jq curl COPY --from=builder /owsec/cmake-build/owsec /openwifi/owsec COPY --from=builder /cppkafka/cmake-build/src/lib/* /lib/ COPY --from=builder /poco/cmake-build/lib/* /lib/ @@ -74,6 +74,8 @@ COPY docker-entrypoint.sh / RUN wget https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentral-deploy/main/docker-compose/certs/restapi-ca.pem \ -O /usr/local/share/ca-certificates/restapi-ca-selfsigned.pem +COPY readiness_check /readiness_check + EXPOSE 16001 17001 16101 ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/helm/values.yaml b/helm/values.yaml index ac64443..a9e10cf 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -35,9 +35,10 @@ checks: path: / port: 16101 readiness: - httpGet: - path: / - port: 16101 + exec: + command: + - /readiness_check + failureThreshold: 1 ingresses: restapi: @@ -106,8 +107,14 @@ persistence: public_env_variables: OWSEC_ROOT: /owsec-data OWSEC_CONFIG: /owsec-data + # Environment variables required for the readiness checks using script + FLAGS: "-s --connect-timeout 3" + # NOTE in order for readiness check to use system info you need to set READINESS_METHOD to "systeminfo" and set OWSEC to the OWSEC's REST API endpoint + #READINESS_METHOD: systeminfo -secret_env_variables: {} +secret_env_variables: + OWSEC_USERNAME: tip@ucentral.com + OWSEC_PASSWORD: openwifi configProperties: # -> Public part diff --git a/readiness_check b/readiness_check new file mode 100755 index 0000000..f2c383a --- /dev/null +++ b/readiness_check @@ -0,0 +1,58 @@ +#!/bin/bash +set -e + +if [[ "$(which jq)" == "" ]] +then + echo "You need the package jq installed to use this script." + exit 1 +fi + +if [[ "$(which curl)" == "" ]] +then + echo "You need the package curl installed to use this script." + exit 1 +fi + +if [[ "${OWSEC_USERNAME}" == "" ]] +then + echo "You must set the variable OWSEC_USERNAME in order to use this script. Something like" + echo "OWSEC_USERNAME=tip@ucentral.com" + exit 1 +fi + +if [[ "${OWSEC_PASSWORD}" == "" ]] +then + echo "You must set the variable OWSEC_PASSWORD in order to use this script. Something like" + echo "OWSEC_PASSWORD=openwifi" + exit 1 +fi + +if [[ "${READINESS_METHOD}" == "systeminfo" ]] +then + export RESTAPI_PORT=$(grep 'openwifi.restapi.host.0.port' $OWSEC_CONFIG/owsec.properties | awk -F '=' '{print $2}' | xargs | envsubst) + # Get OAuth token from OWSEC and cache it or use cached one + payload="{ \"userId\" : \"$OWSEC_USERNAME\" , \"password\" : \"$OWSEC_PASSWORD\" }" + if [[ -f "/tmp/token" ]] + then + token=$(cat /tmp/token) + else + token=$(curl ${FLAGS} -k -X POST -H "Content-Type: application/json" -d "$payload" "https://localhost:$RESTAPI_PORT/api/v1/oauth2" | jq -r '.access_token') + fi + if [[ "${token}" == "" ]] + then + echo "Could not login. Please verify the host and username/password." + exit 13 + fi + echo -n $token > /tmp/token + + # Make systeminfo request to the local owsec instance + curl ${FLAGS} -k -X GET "https://localhost:$RESTAPI_PORT/api/v1/system?command=info" \ + -H "accept: application/json" \ + -H "Authorization: Bearer ${token}" > /tmp/result.json + exit_code=$? + jq < /tmp/result.json + exit $exit_code +else + export ALB_PORT=$(grep 'alb.port' $OWSEC_CONFIG/owsec.properties | awk -F '=' '{print $2}' | xargs | envsubst) + curl localhost:$ALB_PORT +fi