github-personal/cozystack
1
0
Fork 0
mirror of https://github.com/outbackdingo/cozystack.git synced 2026-01-28 10:18:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

build matchbox ready image

Browse Source 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
This commit is contained in:
Andrei Kvapil
2024-02-07 17:58:04 +01:00
parent 9e9144f8dc
commit 385183d7cd
17 changed files with 141 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.dockerignore Normal file
View File

@@ -0,0 +1 @@
_out

120
README.md
View File

@@ -32,56 +32,14 @@ Any Linux system installed on it (eg. Ubuntu should be enough)
### Netboot server
Write configuration:
Start matchbox with prebuilt Talos image for Cozystack:
```
mkdir -p matchbox/assets matchbox/groups matchbox/profiles
wget -O matchbox/assets/initramfs.xz \
https://github.com/aenix-io/cozystack/releases/download/v0.0.1/initramfs-metal-amd64.xz
wget -O matchbox/assets/vmlinuz \
https://github.com/aenix-io/cozystack/releases/download/v0.0.1/kernel-amd64
cat > matchbox/groups/default.json <<EOT
{
"id": "default",
"name": "default",
"profile": "default"
}
EOT
cat > matchbox/profiles/default.json <<EOT
{
"id": "default",
"name": "default",
"boot": {
"kernel": "/assets/vmlinuz",
"initrd": ["/assets/initramfs.xz"],
"args": [
"initrd=initramfs.xz",
"init_on_alloc=1",
"slab_nomerge",
"pti=on",
"console=tty0",
"console=ttyS0",
"printk.devkmsg=on",
"talos.platform=metal"
]
}
}
EOT
```
Start matchbox:
```
sudo docker run --name=matchbox -d --net=host -v ${PWD}/matchbox:/var/lib/matchbox:Z quay.io/poseidon/matchbox:v0.10.0 \
sudo docker run --name=matchbox -d --net=host ghcr.io/aenix-io/cozystack/matchbox:v0.0.1 \
-address=:8080 \
-log-level=debug
```
Start DHCP-Server:
```
sudo docker run --name=dnsmasq -d --cap-add=NET_ADMIN --net=host quay.io/poseidon/dnsmasq \
@@ -100,17 +58,27 @@ sudo docker run --name=dnsmasq -d --cap-add=NET_ADMIN --net=host quay.io/poseido
--dhcp-boot=tag:efi64,ipxe.efi \
--dhcp-userclass=set:ipxe,iPXE \
--dhcp-boot=tag:ipxe,http://192.168.100.250:8080/boot.ipxe \
--address=/matchbox.example.com/192.168.1.2 \
--log-queries \
--log-dhcp
```
Where:
- `192.168.100.3,192.168.100.254` range to allocate IPs from
- `192.168.100.1` your gateway
- `192.168.100.250` is address of your management server
Check status of containers:
```
docker ps
# CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
# e5e1323c014a quay.io/poseidon/dnsmasq "/usr/sbin/dnsmasq -…" 2 seconds ago Up 1 second dnsmasq
# d256b46ab9e9 quay.io/poseidon/matchbox:v0.10.0 "/matchbox -address=…" 43 seconds ago Up 42 seconds matchbox
```
Example output:
```
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
22044f26f74d quay.io/poseidon/dnsmasq "/usr/sbin/dnsmasq -…" 6 seconds ago Up 5 seconds dnsmasq
231ad81ff9e0 ghcr.io/aenix-io/cozystack/matchbox:v0.0.1 "/matchbox -address=…" 58 seconds ago Up 57 seconds matchbox
```
### Bootstrap cluster
@@ -173,16 +141,33 @@ cluster:
EOT
```
Run [talos-bootstrap](https://github.com/aenix-io/talos-bootstrap/) to deploy cluster
Run [talos-bootstrap](https://github.com/aenix-io/talos-bootstrap/) to deploy cluster:
```
talos-bootstrap install
```
Save admin kubeconfig to access your Kubernetes cluster:
```
cp -i kubeconfig ~/.kube/config
```
Check connection:
```
kubectl get ns
```
example output:
```
NAME STATUS AGE
default Active 7m56s
kube-node-lease Active 7m56s
kube-public Active 7m56s
kube-system Active 7m56s
```
### Install Cozystack
create namespace:
```
kubectl create ns cozy-system
```
write config for cozystack:
@@ -204,8 +189,10 @@ data:
EOT
```
Install cozystack system components:
Create namesapce and install Cozystack system components:
```
kubectl create ns cozy-system
kubectl apply -f cozystack-config.yaml
kubectl apply -f manifests/cozystack-installer.yaml
```
@@ -215,7 +202,7 @@ kubectl apply -f manifests/cozystack-installer.yaml
kubectl logs -n cozy-system deploy/cozystack
```
Check the status of installation:
Wait for a while, then check the status of installation:
```
kubectl get hr -A
```
@@ -287,9 +274,9 @@ example output:
+-------------------------------------------+
| Size | Rotational | Nodes |
|===========================================|
| 34359738368 | True | srv3[/dev/sda] |
| | | srv1[/dev/sda] |
| | | srv2[/dev/sda] |
| 34359738368 | True | srv3[/dev/sdb] |
| | | srv1[/dev/sdb] |
| | | srv2[/dev/sdb] |
+-------------------------------------------+
```
@@ -297,9 +284,9 @@ example output:
create storage pools:
```
linstor ps cdp lvm srv1 /dev/sda --pool-name data
linstor ps cdp lvm srv2 /dev/sda --pool-name data
linstor ps cdp lvm srv3 /dev/sda --pool-name data
linstor ps cdp lvm srv1 /dev/sdb --pool-name data --storage-pool data
linstor ps cdp lvm srv2 /dev/sdb --pool-name data --storage-pool data
linstor ps cdp lvm srv3 /dev/sdb --pool-name data --storage-pool data
```
list storage pools:
@@ -496,7 +483,14 @@ Now you can get public IP of ingress controller:
kubectl get svc -n tenant-root root-ingress-controller
```
Use `grafana.example.org` to access system monitoring, where `example.org` is your domain specified for `tenant-root`
example output:
```
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
root-ingress-controller LoadBalancer 10.96.101.234 192.168.100.200 80:31879/TCP,443:31262/TCP 49s
```
Use `grafana.example.org` (under 192.168.100.200) to access system monitoring, where `example.org` is your domain specified for `tenant-root`
- login: `admin`
- password:

4
manifests/cozystack-installer.yaml
View File

@@ -72,14 +72,14 @@ spec:
serviceAccountName: cozystack
containers:
- name: cozystack
image: "ghcr.io/aenix-io/cozystack/installer:latest@sha256:4939b5347be6a7b4209c8f14fffe87840c076588938d64248c99cedd6bb6dd3f"
image: "ghcr.io/aenix-io/cozystack/installer:v0.0.1@sha256:d198c1131ed0952dba70918f970bb25764547e64d4e12a455e5b7bfe3040d5e6"
env:
- name: KUBERNETES_SERVICE_HOST
value: localhost
- name: KUBERNETES_SERVICE_PORT
value: "7445"
- name: darkhttpd
image: "ghcr.io/aenix-io/cozystack/installer:latest@sha256:4939b5347be6a7b4209c8f14fffe87840c076588938d64248c99cedd6bb6dd3f"
image: "ghcr.io/aenix-io/cozystack/installer:v0.0.1@sha256:d198c1131ed0952dba70918f970bb25764547e64d4e12a455e5b7bfe3040d5e6"
command:
- /usr/bin/darkhttpd
- /cozystack/assets

32
packages/core/installer/Makefile
View File

@@ -4,6 +4,7 @@ PUSH := 1
LOAD := 0
REGISTRY := ghcr.io/aenix-io/cozystack
TAG := v0.0.1
TALOS_VERSION=$(shell awk '/^version:/ {print $$2}' images/talos/profiles/installer.yaml)
show:
helm template -n $(NAMESPACE) $(NAME) .
@@ -14,7 +15,12 @@ apply:
diff:
helm template -n $(NAMESPACE) $(NAME) . | kubectl diff -f -
image:
update:
hack/gen-profiles.sh
image: image-installer image-talos image-matchbox
image-installer:
docker buildx build -f images/installer/Dockerfile ../../.. \
--provenance false \
--tag $(REGISTRY)/installer:$(TAG) \
@@ -24,3 +30,27 @@ image:
--push=$(PUSH) \
--load=$(LOAD)
echo "$(REGISTRY)/installer:$(TAG)" > images/installer.tag
image-talos:
test -f ../../../_out/assets/installer-amd64.tar || make talos-installer
docker load -i ../../../_out/assets/installer-amd64.tar
docker tag ghcr.io/siderolabs/installer:$(TALOS_VERSION) ghcr.io/aenix-io/cozystack/talos:$(TALOS_VERSION)
docker push ghcr.io/aenix-io/cozystack/talos:$(TALOS_VERSION)
image-matchbox:
test -f ../../../_out/assets/kernel-amd64 || make talos-kernel
test -f ../../../_out/assets/initramfs-metal-amd64.xz || make talos-initramfs
docker buildx build -f images/matchbox/Dockerfile ../../.. \
--provenance false \
--tag $(REGISTRY)/matchbox:$(TAG) \
--cache-from type=registry,ref=$(REGISTRY)/matchbox:$(TAG) \
--cache-to type=inline \
--metadata-file images/matchbox.json \
--push=$(PUSH) \
--load=$(LOAD)
echo "$(REGISTRY)/matchbox:$(TAG)" > images/matchbox.tag
assets: talos-iso
talos-initramfs talos-kernel talos-installer talos-iso:
cat images/talos/profiles/$(subst talos-,,$@).yaml | docker run --rm -i -v $${PWD}/../../../_out/assets:/out -v /dev:/dev --privileged "ghcr.io/siderolabs/imager:$(TALOS_VERSION)" -

6
packages/core/talos/hack/gen-profiles.sh → packages/core/installer/hack/gen-profiles.sh
View File

@@ -6,7 +6,7 @@ PROFILES="initramfs kernel iso installer"
FIRMWARES="amd-ucode amdgpu-firmware bnx2-bnx2x i915-ucode intel-ice-firmware intel-ucode qlogic-firmware"
EXTENSIONS="drbd zfs"
mkdir -p profiles
mkdir -p images/talos/profiles
printf "fetching talos version: "
talos_version=${1:-$(skopeo --override-os linux --override-arch amd64 list-tags docker://ghcr.io/siderolabs/imager | jq -r '.Tags[]' | grep '^v[0-9]\+.[0-9]\+.[0-9]\+$' | sort -V | tail -n 1)}
@@ -31,8 +31,8 @@ for extension in $EXTENSIONS; do
done
for profile in $PROFILES; do
echo "writing profile profiles/$profile.yaml"
cat > profiles/$profile.yaml <<EOT
echo "writing profile images/talos/profiles/$profile.yaml"
cat > images/talos/profiles/$profile.yaml <<EOT
# this file generated by hack/gen-profiles.sh
# do not edit it
arch: amd64

0
packages/core/talos/hack/gen-versions.sh → packages/core/installer/hack/gen-versions.sh
View File

6
packages/core/installer/images/installer.json
View File

@@ -1,14 +1,14 @@
{
"containerimage.config.digest": "sha256:2cef76bb260c9a5fb0c7685e76e4bd311ab1decbe5611078beb5b292ec4ac38b",
"containerimage.config.digest": "sha256:fad46f3695123e4675805045d07394722b6afa36a2fb8becc0af63169585d851",
"containerimage.descriptor": {
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:d9458837b3ea4fd207c3e36cd0f2c296ab05f1bdad53747fb71b3f6e0635581f",
"digest": "sha256:d198c1131ed0952dba70918f970bb25764547e64d4e12a455e5b7bfe3040d5e6",
"size": 2074,
"platform": {
"architecture": "amd64",
"os": "linux"
}
},
"containerimage.digest": "sha256:d9458837b3ea4fd207c3e36cd0f2c296ab05f1bdad53747fb71b3f6e0635581f",
"containerimage.digest": "sha256:d198c1131ed0952dba70918f970bb25764547e64d4e12a455e5b7bfe3040d5e6",
"image.name": "ghcr.io/aenix-io/cozystack/installer:v0.0.1"
}

14
packages/core/installer/images/matchbox.json Normal file
View File

@@ -0,0 +1,14 @@
{
"containerimage.config.digest": "sha256:cad05df29f104bbb20796b6a2d2358552ab43fb23fcf77fdf39ec4266f603e66",
"containerimage.descriptor": {
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:eb6e15aad1de388e72c04d0573c394aadfbc7fef0dc43abc713bc36d4b486d70",
"size": 1488,
"platform": {
"architecture": "amd64",
"os": "linux"
}
},
"containerimage.digest": "sha256:eb6e15aad1de388e72c04d0573c394aadfbc7fef0dc43abc713bc36d4b486d70",
"image.name": "ghcr.io/aenix-io/cozystack/matchbox:v0.0.1"
}

1
packages/core/installer/images/matchbox.tag Normal file
View File

@@ -0,0 +1 @@
ghcr.io/aenix-io/cozystack/matchbox:v0.0.1

6
packages/core/installer/images/matchbox/Dockerfile Normal file
View File

@@ -0,0 +1,6 @@
FROM quay.io/poseidon/matchbox:v0.10.0
COPY _out/assets/initramfs-metal-amd64.xz /var/lib/matchbox/assets/initramfs.xz
COPY _out/assets/kernel-amd64 /var/lib/matchbox/assets/vmlinuz
COPY packages/core/installer/images/matchbox/groups /var/lib/matchbox/groups
COPY packages/core/installer/images/matchbox/profiles /var/lib/matchbox/profiles

5
packages/core/installer/images/matchbox/groups/default.json Normal file
View File

@@ -0,0 +1,5 @@
{
"id": "default",
"name": "default",
"profile": "default"
}

18
packages/core/installer/images/matchbox/profiles/default.json Normal file
View File

@@ -0,0 +1,18 @@
{
"id": "default",
"name": "default",
"boot": {
"kernel": "/assets/vmlinuz",
"initrd": ["/assets/initramfs.xz"],
"args": [
"initrd=initramfs.xz",
"init_on_alloc=1",
"slab_nomerge",
"pti=on",
"console=tty0",
"console=ttyS0",
"printk.devkmsg=on",
"talos.platform=metal"
]
}
}

0
packages/core/talos/profiles/initramfs.yaml → packages/core/installer/images/talos/profiles/initramfs.yaml
View File

0
packages/core/talos/profiles/installer.yaml → packages/core/installer/images/talos/profiles/installer.yaml
View File

0
packages/core/talos/profiles/iso.yaml → packages/core/installer/images/talos/profiles/iso.yaml
View File

0
packages/core/talos/profiles/kernel.yaml → packages/core/installer/images/talos/profiles/kernel.yaml
View File

15
packages/core/talos/Makefile
View File

@@ -1,15 +0,0 @@
TALOS_VERSION=$(shell awk '/^version:/ {print $$2}' profiles/installer.yaml)
gen-profiles:
hack/gen-profiles.sh
assets: kernel initramfs iso
initramfs kernel installer iso:
cat profiles/$@.yaml | docker run --rm -i -v $${PWD}/../../../_out/images:/out -v /dev:/dev --privileged "ghcr.io/siderolabs/imager:$(TALOS_VERSION)" -
image:
test -f ../../../_out/images/installer-amd64.tar || make installer
docker load -i ../../../_out/images/installer-amd64.tar
docker tag ghcr.io/siderolabs/installer:$(TALOS_VERSION) ghcr.io/aenix-io/cozystack/talos:$(TALOS_VERSION)
docker push ghcr.io/aenix-io/cozystack/talos:$(TALOS_VERSION)