starred/matchbox
1
0
Fork 0
mirror of https://github.com/poseidon/matchbox.git synced 2026-03-03 03:14:51 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Compare commits

base: starred:v0.7.1
Branches Tags
starred:main starred:pip starred:gh-pages starred:release-docs
starred:v0.11.0 starred:v0.10.0 starred:v0.9.1 starred:v0.9.0 starred:v0.8.3 starred:v0.8.0 starred:v0.7.1 starred:v0.7.0 starred:v0.6.1 starred:v0.6.0 starred:v0.5.0 starred:v0.4.2 starred:v0.4.1 starred:v0.4.0 starred:v0.3.0 starred:v0.2.0 starred:v0.1.0
...
compare: starred:v0.8.0
Branches Tags
starred:main starred:pip starred:gh-pages starred:release-docs
starred:v0.11.0 starred:v0.10.0 starred:v0.9.1 starred:v0.9.0 starred:v0.8.3 starred:v0.8.0 starred:v0.7.1 starred:v0.7.0 starred:v0.6.1 starred:v0.6.0 starred:v0.5.0 starred:v0.4.2 starred:v0.4.1 starred:v0.4.0 starred:v0.3.0 starred:v0.2.0 starred:v0.1.0

30 Commits
v0.7.1 ... v0.8.0

Author SHA1 Message Date
Dalton Hubble
b97328b6ec Prepare for Matchbox v0.8.0 release 2019-05-07 00:19:12 -07:00
Dalton Hubble
e1d2d8fcc9 Update Matchbox release signing process 
* Matchbox releases will be signed by my GPG key,
like other projects in the poseidon org
 2019-05-07 00:12:42 -07:00
Dalton Hubble
cefa31c8e4 Update Kubernetes cluster example to v1.14.1 
* Set terraform-provider-matchbox version to v0.2.3
* Set terraform-provider-ct version to v0.3.1
 2019-05-06 23:09:08 -07:00
Dalton Hubble
f4623c508f Fix name and versioning for quay.io/poseidon/dnsmasq 2019-05-02 23:44:24 -07:00
Dalton Hubble
901fda0e3e Update coreos/dnsmasq image and automate deploys 
* Update base image from alpine:3.6 to alpine:3.9
* Automatically publish dnsmasq image on merge to a branch
named "dnsmasq". Similar to how matchbox is automatically
published from master. Set the version based on git SHA
 2019-05-02 23:23:10 -07:00
Dalton Hubble
1cf7d6cd8c Build binaries with Go v1.11.7 
* Document that release binaries and the container image
binary will be built with Go v1.11.7
 2019-05-02 23:14:01 -07:00
Dalton Hubble
7628807c77 Fix README badges and links 2019-05-02 23:02:56 -07:00
Dalton Hubble
fe0b3a1ed3 Update links to Matchbox, Quay, and terraform provider plugins 
* Bump versions of terraform provider plugins to current
* Verify getting started with docker and etcd example
 2019-05-02 22:54:59 -07:00
Dalton Hubble
8a4da0cf7b Rename Go module/packages org to poseidon 
* Matchbox has moved to a new home in Poseidon
* Update Makefile so container image name uses
poseidon instead of coreos
* Publish container images to quay.io/poseidon/matchbox
 2019-05-02 22:12:29 -07:00
Dalton Hubble
5bfcb24003 Vendor Go module dependencies 2019-03-10 23:59:34 -07:00
Dalton Hubble
a7c13fbe5b Render Container Linux Configs as Ignition v2.2.0 
* Render Container Linux Configs referenced in Profiles
as Ignition v2.2.0 documents.
* Recall, configs suffixed with .ign/.ignition will be
served as-is, as raw Ignition. Parse warnings will be
shown
 2019-03-10 23:59:15 -07:00
Dalton Hubble
da35d4d567 Update ignition module from v0.22.0 to v0.31.0 
* Serve Ignition configs (ending in .ign/.ignition) with v2.1
or v2.2 formats (previously, configs above v2.1 produced warnings
that the config was too new)
 2019-03-10 23:39:09 -07:00
Dalton Hubble
94fef772a5 Update testify Go module dependency 
* Example of updating a small single module
 2019-03-10 23:01:43 -07:00
Dalton Hubble
c1d4c53c2c Remove unused smoke tests and Jenkinsfile 
* Matchbox has unit tests. It is no longer tested by
provisioning full Kubernetes clusters, since that's a
sizeable undertaking
 2019-03-10 22:40:07 -07:00
Dalton Hubble
8e3855bbb3 Re-vendor dependencies using make vendor 
* Vendor dependencies as-is, without updating any
 2019-03-10 22:25:26 -07:00
Dalton Hubble
67707d83a5 Switch to Go modules and use Go v1.11 
* Use Go 1.11 modules with `GO111MODULE=on`
* Change `make vendor` target to call `go mod vendor`
* Enforce builds and tests use the vendor directory by setting
the `-mod=vendor` flag (notice, travis does not fetch)
* Remove glide requirement and glide files
 2019-03-10 22:24:19 -07:00
Dalton Hubble
7c9a94c6dc Remove the squid proxy contrib docs 
* Squid proxy docs were added as a draft in 2017 to show a
containerized setup for caching images for network boot
environments
* These docs never matured to a point of viability, I don't
make use of squid, and they're unmaintained. Users would be
better served consulting the squid project
 2019-03-10 22:03:38 -07:00
Dalton Hubble
a5d3a8a4a7 Remove the rkt / acbuild based tutorial 
* Local QEMU/KVM tutorials use either docker or rkt/acbuild,
but they're dated. rkt and acbuild are no longer in mainstream
use since they successfully drove OCI standardization
* Remove the rkt examples, as they are just more difficult for
newcomers to use and seldom maintained at this point
* Retain Docker examples, although podman will likely supplant
all docker usage in future
 2019-03-10 21:57:47 -07:00
Dalton Hubble
dc0a098bf6 Update base container image from alpine:3.6 to alpine:3.9 2019-03-10 21:37:08 -07:00
Dalton Hubble
d34fbb6da6 Replace git-version script with the standard Makefile one-liner 2019-03-10 21:34:27 -07:00
Dalton Hubble
7fbce93101 Replace test script with Makefile test targets 2019-03-10 21:27:10 -07:00
Dalton Hubble
2eea9c7731 Re-vendor dependencies 2019-02-10 21:45:48 -08:00
Dalton Hubble
9cf216e937 Upgrade Sirupsen/logrus v0.10.0 to sirupsen v1.3.0 
* Upstream author changed case of his/her username (breaking)
* Fix to lowercase name so clients using Go modules can avoid
case-sensitive conflicts. Go modules do not handle this real-world
case well
 2019-02-10 21:39:17 -08:00
M. Haeckl
cac0881206 Fix docs on user:group ownership of /etc/matchbox 2019-01-26 16:58:00 -08:00
Dalton Hubble
832a95e53b Improve Terraform example and update to Kubernetes v1.13.2 
* Define the required versions of terraform-provider-matchbox
and terraform-provider-ct, with install instructions
* Refresh the tutorial for using Matchbox to PXE boot local
QEMU/KVM machines (using Terraform as a client)
 2019-01-24 01:35:28 -08:00
Dalton Hubble
b5a6888f3b Update Container Linux from 1911.4.0 to 1967.3.0 2019-01-24 00:53:20 -08:00
Dalton Hubble
65eff1203d Update Go version from v1.11.1 to v1.11.5 
* Push container images built with Go v1.11.5
 2019-01-24 00:12:24 -08:00
Dalton Hubble
0bc1cb8d77 Update Kubernetes (terraform) example to v1.12.3 2018-12-04 00:14:35 -08:00
Dalton Hubble
cd57013d5b Update Container Linux from 1576.5.0 to 1911.4.0 2018-12-03 21:52:03 -08:00
Dalton Hubble
b25a379d19 Add a MAINTAINERS file 2018-11-20 00:57:07 -08:00
642 changed files with 156115 additions and 47463 deletions
Expand all files Collapse all files

32
.travis.yml
View File

@@ -3,23 +3,27 @@ sudo: required
services:
- docker
go:
- 1.10.x
- 1.11.x
- 1.11.1
- tip
matrix:
allow_failures:
- go: tip
- "1.10.x"
- "1.11.x"
- "1.11.7"
- "1.12.x"
install:
- go get golang.org/x/lint/golint
script:
- make test
- make
deploy:
provider: script
script: scripts/dev/travis-docker-push
skip_cleanup: true
on:
branch: master
go: '1.11.1'
- provider: script
script: scripts/dev/travis-docker-push
skip_cleanup: true
on:
branch: master
go: '1.11.7'
- provider: script
script: contrib/dnsmasq/travis-deploy
skip_cleanup: true
on:
branch: dnsmasq
# pick one, so travis deploys once
go: '1.10.x'
notifications:
email: change

17
CHANGES.md
View File

@@ -4,6 +4,23 @@ Notable changes between releases.
## Latest
## v0.8.0
* Transfer Matchbox repo from coreos to poseidon GitHub Org
* Publish container images at [quay.io/poseidon/matchbox](https://quay.io/repository/poseidon/matchbox)
* Build Matchbox with Go v1.11.7 for images and binaries
* Update container image base from alpine:3.6 to alpine:3.9
* Render Container Linux Configs as Ignition v2.2.0
* Validate raw Ignition configs with the v2.2 spec (warn-only)
* Fix warnings that v2.2 configs are too new
Note: Release signing key [has changed](https://github.com/poseidon/matchbox/blob/v0.8.0/Documentation/deployment.md) with the project move.
### Examples
* Update Kubernetes example clusters to v1.14.1 (Terraform-based)
## v0.7.1 (2018-11-01)
* Add `kernel_args` variable to the terraform bootkube-install cluster definition

4
Dockerfile
View File

@@ -1,5 +1,5 @@
FROM alpine:3.6
MAINTAINER Dalton Hubble <dalton.hubble@coreos.com>
FROM alpine:3.9
LABEL maintainer="Dalton Hubble <dghubble@gmail.com>"
COPY bin/matchbox /matchbox
EXPOSE 8080
ENTRYPOINT ["/matchbox"]

10
Documentation/api.md
View File

@@ -39,8 +39,8 @@ GET http://matchbox.foo/ipxe?label=value
```
#!ipxe
kernel /assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz coreos.config.url=http://matchbox.foo:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp} coreos.first_boot=1 coreos.autologin
initrd /assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz
kernel /assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz coreos.config.url=http://matchbox.foo:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp} coreos.first_boot=1 coreos.autologin
initrd /assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz
boot
```
@@ -67,9 +67,9 @@ default=0
timeout=1
menuentry "CoreOS" {
echo "Loading kernel"
linuxefi "(http;matchbox.foo:8080)/assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz" "coreos.autologin" "coreos.config.url=http://matchbox.foo:8080/ignition" "coreos.first_boot"
linuxefi "(http;matchbox.foo:8080)/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz" "coreos.autologin" "coreos.config.url=http://matchbox.foo:8080/ignition" "coreos.first_boot"
echo "Loading initrd"
initrdefi "(http;matchbox.foo:8080)/assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz"
initrdefi "(http;matchbox.foo:8080)/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"
}
```
@@ -231,7 +231,7 @@ If you need to serve static assets (e.g. kernel, initrd), `matchbox` can serve a
```
matchbox.foo/assets/
└── coreos
└── 1576.5.0
└── 1967.3.0
├── coreos_production_pxe.vmlinuz
└── coreos_production_pxe_image.cpio.gz
└── 1153.0.0

8
Documentation/bootkube.md
View File

@@ -4,9 +4,9 @@ The Kubernetes example provisions a 3 node Kubernetes v1.8.5 cluster. [bootkube]
## Requirements
Ensure that you've gone through the [matchbox with rkt](getting-started-rkt.md) or [matchbox with docker](getting-started-docker.md) guide and understand the basics. In particular, you should be able to:
Ensure that you've gone through the [matchbox with docker](getting-started-docker.md) guide and understand the basics. In particular, you should be able to:
* Use rkt or Docker to start `matchbox`
* Use Docker to start `matchbox`
* Create a network boot environment with `coreos/dnsmasq`
* Create the example libvirt client VMs
* `/etc/hosts` entries for `node[1-3].example.com`
@@ -30,7 +30,7 @@ The [examples](../examples) statically assign IP addresses to libvirt client VMs
Download the CoreOS Container Linux image assets referenced in the target [profile](../examples/profiles).
```sh
$ ./scripts/get-coreos stable 1576.5.0 ./examples/assets
$ ./scripts/get-coreos stable 1967.3.0 ./examples/assets
```
Add your SSH public key to each machine group definition [as shown](../examples/README.md#ssh-keys).
@@ -54,7 +54,7 @@ Later, a controller will use `bootkube` to bootstrap these manifests and the cre
## Containers
Use rkt or docker to start `matchbox` and mount the desired example resources. Create a network boot environment and power-on your machines. Revisit [matchbox with rkt](getting-started-rkt.md) or [matchbox with Docker](getting-started-docker.md) for help.
Use docker to start `matchbox` and mount the desired example resources. Create a network boot environment and power-on your machines. Revisit [matchbox with Docker](getting-started-docker.md) for help.
Client machines should boot and provision themselves. Local client VMs should network boot Container Linux and become available via SSH in about 1 minute. If you chose `bootkube-install`, notice that machines install Container Linux and then reboot (in libvirt, you must hit "power" again). Time to network boot and provision physical hardware depends on a number of factors (POST duration, boot device iteration, network speed, etc.).

20
Documentation/config.md
View File

@@ -35,8 +35,8 @@ Configuration arguments can be provided as flags or as environment variables.
```sh
$ ./bin/matchbox -version
$ sudo rkt run quay.io/coreos/matchbox:latest -- -version
$ sudo docker run quay.io/coreos/matchbox:latest -version
$ sudo rkt run quay.io/poseidon/matchbox:latest -- -version
$ sudo docker run quay.io/poseidon/matchbox:latest -version
```
## Usage
@@ -50,13 +50,13 @@ $ ./bin/matchbox -address=0.0.0.0:8080 -log-level=debug -data-path=examples -ass
Run the latest ACI with rkt.
```sh
$ sudo rkt run --mount volume=assets,target=/var/lib/matchbox/assets --volume assets,kind=host,source=$PWD/examples/assets quay.io/coreos/matchbox:latest -- -address=0.0.0.0:8080 -log-level=debug
$ sudo rkt run --mount volume=assets,target=/var/lib/matchbox/assets --volume assets,kind=host,source=$PWD/examples/assets quay.io/poseidon/matchbox:latest -- -address=0.0.0.0:8080 -log-level=debug
```
Run the latest Docker image.
```sh
$ sudo docker run -p 8080:8080 --rm -v $PWD/examples/assets:/var/lib/matchbox/assets:Z quay.io/coreos/matchbox:latest -address=0.0.0.0:8080 -log-level=debug
$ sudo docker run -p 8080:8080 --rm -v $PWD/examples/assets:/var/lib/matchbox/assets:Z quay.io/poseidon/matchbox:latest -address=0.0.0.0:8080 -log-level=debug
```
### With examples
@@ -64,13 +64,13 @@ $ sudo docker run -p 8080:8080 --rm -v $PWD/examples/assets:/var/lib/matchbox/as
Mount `examples` to pre-load the [example](../examples/README.md) machine groups and profiles. Run the container with rkt,
```sh
$ sudo rkt run --net=metal0:IP=172.18.0.2 --mount volume=data,target=/var/lib/matchbox --volume data,kind=host,source=$PWD/examples --mount volume=groups,target=/var/lib/matchbox/groups --volume groups,kind=host,source=$PWD/examples/groups/etcd quay.io/coreos/matchbox:latest -- -address=0.0.0.0:8080 -log-level=debug
$ sudo rkt run --net=metal0:IP=172.18.0.2 --mount volume=data,target=/var/lib/matchbox --volume data,kind=host,source=$PWD/examples --mount volume=groups,target=/var/lib/matchbox/groups --volume groups,kind=host,source=$PWD/examples/groups/etcd quay.io/poseidon/matchbox:latest -- -address=0.0.0.0:8080 -log-level=debug
```
or with Docker.
```sh
$ sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/groups/etcd:/var/lib/matchbox/groups:Z quay.io/coreos/matchbox:latest -address=0.0.0.0:8080 -log-level=debug
$ sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/groups/etcd:/var/lib/matchbox/groups:Z quay.io/poseidon/matchbox:latest -address=0.0.0.0:8080 -log-level=debug
```
### With gRPC API
@@ -94,7 +94,7 @@ $ ./bin/bootcmd profile list --endpoints 127.0.0.1:8081 --ca-file examples/etc/m
Run the ACI with rkt and TLS credentials from `examples/etc/matchbox`.
```sh
$ sudo rkt run --net=metal0:IP=172.18.0.2 --mount volume=data,target=/var/lib/matchbox --volume data,kind=host,source=$PWD/examples,readOnly=true --mount volume=config,target=/etc/matchbox --volume config,kind=host,source=$PWD/examples/etc/matchbox --mount volume=groups,target=/var/lib/matchbox/groups --volume groups,kind=host,source=$PWD/examples/groups/etcd quay.io/coreos/matchbox:latest -- -address=0.0.0.0:8080 -rpc-address=0.0.0.0:8081 -log-level=debug
$ sudo rkt run --net=metal0:IP=172.18.0.2 --mount volume=data,target=/var/lib/matchbox --volume data,kind=host,source=$PWD/examples,readOnly=true --mount volume=config,target=/etc/matchbox --volume config,kind=host,source=$PWD/examples/etc/matchbox --mount volume=groups,target=/var/lib/matchbox/groups --volume groups,kind=host,source=$PWD/examples/groups/etcd quay.io/poseidon/matchbox:latest -- -address=0.0.0.0:8080 -rpc-address=0.0.0.0:8081 -log-level=debug
```
A `bootcmd` client can call the gRPC API running at the IP used in the rkt example.
@@ -108,7 +108,7 @@ $ ./bin/bootcmd profile list --endpoints 172.18.0.2:8081 --ca-file examples/etc/
Run the Docker image with TLS credentials from `examples/etc/matchbox`.
```sh
$ sudo docker run -p 8080:8080 -p 8081:8081 --rm -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/etc/matchbox:/etc/matchbox:Z,ro -v $PWD/examples/groups/etcd:/var/lib/matchbox/groups:Z quay.io/coreos/matchbox:latest -address=0.0.0.0:8080 -rpc-address=0.0.0.0:8081 -log-level=debug
$ sudo docker run -p 8080:8080 -p 8081:8081 --rm -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/etc/matchbox:/etc/matchbox:Z,ro -v $PWD/examples/groups/etcd:/var/lib/matchbox/groups:Z quay.io/poseidon/matchbox:latest -address=0.0.0.0:8080 -rpc-address=0.0.0.0:8081 -log-level=debug
```
A `bootcmd` client can call the gRPC API running at the IP used in the Docker example.
@@ -129,11 +129,11 @@ $ ./bin/matchbox -address=0.0.0.0:8080 -key-ring-path matchbox/sign/fixtures/sec
Run the ACI with a test key.
```sh
$ sudo rkt run --net=metal0:IP=172.18.0.2 --set-env=MATCHBOX_PASSPHRASE=test --mount volume=secrets,target=/secrets --volume secrets,kind=host,source=$PWD/matchbox/sign/fixtures --mount volume=data,target=/var/lib/matchbox --volume data,kind=host,source=$PWD/examples --mount volume=groups,target=/var/lib/matchbox/groups --volume groups,kind=host,source=$PWD/examples/groups/etcd quay.io/coreos/matchbox:latest -- -address=0.0.0.0:8080 -key-ring-path secrets/secring.gpg
$ sudo rkt run --net=metal0:IP=172.18.0.2 --set-env=MATCHBOX_PASSPHRASE=test --mount volume=secrets,target=/secrets --volume secrets,kind=host,source=$PWD/matchbox/sign/fixtures --mount volume=data,target=/var/lib/matchbox --volume data,kind=host,source=$PWD/examples --mount volume=groups,target=/var/lib/matchbox/groups --volume groups,kind=host,source=$PWD/examples/groups/etcd quay.io/poseidon/matchbox:latest -- -address=0.0.0.0:8080 -key-ring-path secrets/secring.gpg
```
Run the Docker image with a test key.
```sh
$ sudo docker run -p 8080:8080 --rm --env MATCHBOX_PASSPHRASE=test -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/groups/etcd:/var/lib/matchbox/groups:Z -v $PWD/matchbox/sign/fixtures:/secrets:Z quay.io/coreos/matchbox:latest -address=0.0.0.0:8080 -log-level=debug -key-ring-path secrets/secring.gpg
$ sudo docker run -p 8080:8080 --rm --env MATCHBOX_PASSPHRASE=test -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/groups/etcd:/var/lib/matchbox/groups:Z -v $PWD/matchbox/sign/fixtures:/secrets:Z quay.io/poseidon/matchbox:latest -address=0.0.0.0:8080 -log-level=debug -key-ring-path secrets/secring.gpg
```

46
Documentation/deployment.md
View File

@@ -17,26 +17,26 @@ Choose one of the supported installation options:
## Download
Download the latest matchbox [release](https://github.com/coreos/matchbox/releases) to the provisioner host.
Download the latest matchbox [release](https://github.com/poseidon/matchbox/releases) to the provisioner host.
```sh
$ wget https://github.com/coreos/matchbox/releases/download/v0.7.1/matchbox-v0.7.1-linux-amd64.tar.gz
$ wget https://github.com/coreos/matchbox/releases/download/v0.7.1/matchbox-v0.7.1-linux-amd64.tar.gz.asc
$ wget https://github.com/poseidon/matchbox/releases/download/v0.8.0/matchbox-v0.8.0-linux-amd64.tar.gz
$ wget https://github.com/poseidon/matchbox/releases/download/v0.8.0/matchbox-v0.8.0-linux-amd64.tar.gz.asc
```
Verify the release has been signed by the [CoreOS App Signing Key](https://coreos.com/security/app-signing-key/).
Verify the release has been signed by Dalton Hubble's [GPG Key 8F515AD1602065C8](https://keyserver.ubuntu.com/pks/lookup?search=0x8F515AD1602065C8&op=vindex).
```sh
$ gpg --keyserver pgp.mit.edu --recv-key 18AD5014C99EF7E3BA5F6CE950BDD3E0FC8A365E
$ gpg --verify matchbox-v0.7.1-linux-amd64.tar.gz.asc matchbox-v0.7.1-linux-amd64.tar.gz
# gpg: Good signature from "CoreOS Application Signing Key <security@coreos.com>"
$ gpg --keyserver keyserver.ubuntu.com --recv-key 8F515AD1602065C8
$ gpg --verify matchbox-v0.8.0-linux-amd64.tar.gz.asc matchbox-v0.8.0-linux-amd64.tar.gz
gpg: Good signature from "Dalton Hubble <dghubble@gmail.com>"
```
Untar the release.
```sh
$ tar xzvf matchbox-v0.7.1-linux-amd64.tar.gz
$ cd matchbox-v0.7.1-linux-amd64
$ tar xzvf matchbox-v0.8.0-linux-amd64.tar.gz
$ cd matchbox-v0.8.0-linux-amd64
```
## Install
@@ -159,6 +159,7 @@ Move TLS credentials to the matchbox server's default location.
```sh
$ sudo mkdir -p /etc/matchbox
$ sudo cp ca.crt server.crt server.key /etc/matchbox
$ sudo chown -R matchbox:matchbox /etc/matchbox
```
Save `client.crt`, `client.key`, and `ca.crt` for later use (e.g. `~/.matchbox`).
@@ -218,7 +219,7 @@ Certificate chain
Download a recent Container Linux [release](https://coreos.com/releases/) with signatures.
```sh
$ ./scripts/get-coreos stable 1576.5.0 . # note the "." 3rd argument
$ ./scripts/get-coreos stable 1967.3.0 . # note the "." 3rd argument
```
Move the images to `/var/lib/matchbox/assets`,
@@ -230,7 +231,7 @@ $ sudo cp -r coreos /var/lib/matchbox/assets
```
/var/lib/matchbox/assets/
├── coreos
│   └── 1576.5.0
│   └── 1967.3.0
│   ├── CoreOS_Image_Signing_Key.asc
│   ├── coreos_production_image.bin.bz2
│   ├── coreos_production_image.bin.bz2.sig
@@ -243,34 +244,21 @@ $ sudo cp -r coreos /var/lib/matchbox/assets
and verify the images are acessible.
```sh
$ curl http://matchbox.example.com:8080/assets/coreos/1576.5.0/
$ curl http://matchbox.example.com:8080/assets/coreos/1967.3.0/
<pre>...
```
For large production environments, use a cache proxy or mirror suitable for your environment to serve Container Linux images. See [contrib/squid](../contrib/squid/README.md) for details.
For large production environments, use a cache proxy or mirror suitable for your environment to serve Container Linux images.
## Network
Review [network setup](https://github.com/coreos/matchbox/blob/master/Documentation/network-setup.md) with your network administrator to set up DHCP, TFTP, and DNS services on your network. At a high level, your goals are to:
Review [network setup](https://github.com/poseidon/matchbox/blob/master/Documentation/network-setup.md) with your network administrator to set up DHCP, TFTP, and DNS services on your network. At a high level, your goals are to:
* Chainload PXE firmwares to iPXE
* Point iPXE client machines to the `matchbox` iPXE HTTP endpoint `http://matchbox.example.com:8080/boot.ipxe`
* Ensure `matchbox.example.com` resolves to your `matchbox` deployment
CoreOS provides [dnsmasq](https://github.com/coreos/matchbox/tree/master/contrib/dnsmasq) as `quay.io/coreos/dnsmasq`, if you wish to use rkt or Docker.
## rkt
Run the container image with rkt.
latest or most recent tagged `matchbox` [release](https://github.com/coreos/matchbox/releases) ACI. Trust the [CoreOS App Signing Key](https://coreos.com/security/app-signing-key/) for image signature verification.
```sh
$ mkdir -p /var/lib/matchbox/assets
$ sudo rkt run --net=host --mount volume=data,target=/var/lib/matchbox --volume data,kind=host,source=/var/lib/matchbox quay.io/coreos/matchbox:latest --mount volume=config,target=/etc/matchbox --volume config,kind=host,source=/etc/matchbox,readOnly=true -- -address=0.0.0.0:8080 -rpc-address=0.0.0.0:8081 -log-level=debug
```
Create machine profiles, groups, or Ignition configs by adding files to `/var/lib/matchbox`.
CoreOS provides [dnsmasq](https://github.com/poseidon/matchbox/tree/master/contrib/dnsmasq) as `quay.io/coreos/dnsmasq`, if you wish to use rkt or Docker.
## Docker
@@ -278,7 +266,7 @@ Run the container image with docker.
```sh
$ mkdir -p /var/lib/matchbox/assets
$ sudo docker run --net=host --rm -v /var/lib/matchbox:/var/lib/matchbox:Z -v /etc/matchbox:/etc/matchbox:Z,ro quay.io/coreos/matchbox:latest -address=0.0.0.0:8080 -rpc-address=0.0.0.0:8081 -log-level=debug
$ sudo docker run --net=host --rm -v /var/lib/matchbox:/var/lib/matchbox:Z -v /etc/matchbox:/etc/matchbox:Z,ro quay.io/poseidon/matchbox:latest -address=0.0.0.0:8080 -rpc-address=0.0.0.0:8081 -log-level=debug
```
Create machine profiles, groups, or Ignition configs by adding files to `/var/lib/matchbox`.

16
Documentation/dev/develop.md
View File

@@ -18,13 +18,7 @@ $ make test
## Container image
Build an ACI `matchbox.aci`.
```sh
$ make aci
```
Alternately, build a Docker image `coreos/matchbox:latest`.
Build a container image `coreos/matchbox:latest`.
```sh
$ make docker-image
@@ -34,7 +28,6 @@ $ make docker-image
```sh
$ ./bin/matchbox -version
$ sudo rkt --insecure-options=image run matchbox.aci -- -version
$ sudo docker run coreos/matchbox:latest -version
```
## Run
@@ -67,10 +60,11 @@ $ ./bin/bootcmd profile list --endpoints 172.18.0.2:8081 --cacert examples/etc/m
## Vendor
Use `glide` and `glide-vc` to manage dependencies committed to the `vendor` directory.
Add or update dependencies in `go.mod` and vendor.
```sh
$ make vendor
```
make update
make vendor
```
## Codegen

18
Documentation/dev/release.md
View File

@@ -8,7 +8,7 @@ This guide covers releasing new versions of matchbox.
Create a release commit which updates old version references.
```sh
$ export VERSION=v0.7.1
$ export VERSION=v0.8.0
```
## Tag
@@ -26,8 +26,8 @@ $ git push origin master
Travis CI will build the Docker image and push it to Quay.io when the tag is pushed to master. Verify the new image and version.
```sh
$ sudo docker run quay.io/coreos/matchbox:$VERSION -version
$ sudo rkt run --no-store quay.io/coreos/matchbox:$VERSION -- -version
$ sudo docker run quay.io/poseidon/matchbox:$VERSION -version
$ sudo rkt run --no-store quay.io/poseidon/matchbox:$VERSION -- -version
```
## Github release
@@ -45,19 +45,19 @@ $ make release
Verify the reported version.
```
./_output/matchbox-v0.7.1-linux-amd64/matchbox -version
./_output/matchbox-v0.8.0-linux-amd64/matchbox -version
```
## Signing
Sign the release tarballs and ACI with a [CoreOS App Signing Key](https://coreos.com/security/app-signing-key/) subkey.
Release tarballs are signed by Dalton Hubble's [GPG Key 8F515AD1602065C8](https://keyserver.ubuntu.com/pks/lookup?search=0x8F515AD1602065C8&op=vindex)
```sh
cd _output
gpg2 --armor --local-user A6F71EE5BEDDBA18! --detach-sign matchbox-$VERSION-linux-amd64.tar.gz
gpg2 --armor --local-user A6F71EE5BEDDBA18! --detach-sign matchbox-$VERSION-darwin-amd64.tar.gz
gpg2 --armor --local-user A6F71EE5BEDDBA18! --detach-sign matchbox-$VERSION-linux-arm.tar.gz
gpg2 --armor --local-user A6F71EE5BEDDBA18! --detach-sign matchbox-$VERSION-linux-arm64.tar.gz
gpg2 --armor --detach-sign matchbox-$VERSION-linux-amd64.tar.gz
gpg2 --armor --detach-sign matchbox-$VERSION-darwin-amd64.tar.gz
gpg2 --armor --detach-sign matchbox-$VERSION-linux-arm.tar.gz
gpg2 --armor --detach-sign matchbox-$VERSION-linux-arm64.tar.gz
```
Verify the signatures.

8
Documentation/getting-started-docker.md
View File

@@ -18,17 +18,17 @@ $ # check Docker's docs to install Docker 1.8+ on Debian/Ubuntu
$ sudo apt-get install virt-manager virtinst qemu-kvm
```
Clone the [matchbox](https://github.com/coreos/matchbox) source which contains the examples and scripts.
Clone the [matchbox](https://github.com/poseidon/matchbox) source which contains the examples and scripts.
```sh
$ git clone https://github.com/coreos/matchbox.git
$ git clone https://github.com/poseidon/matchbox.git
$ cd matchbox
```
Download CoreOS Container Linux image assets referenced by the `etcd3` [example](../examples) to `examples/assets`.
```sh
$ ./scripts/get-coreos stable 1576.5.0 ./examples/assets
$ ./scripts/get-coreos stable 1967.3.0 ./examples/assets
```
For development convenience, add `/etc/hosts` entries for nodes so they may be referenced by name.
@@ -68,7 +68,7 @@ Take a look at the [etcd3 groups](../examples/groups/etcd3) to get an idea of ho
If you prefer to start the containers yourself, instead of using `devnet`,
```sh
$ sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/groups/etcd3:/var/lib/matchbox/groups:Z quay.io/coreos/matchbox:latest -address=0.0.0.0:8080 -log-level=debug
$ sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/groups/etcd3:/var/lib/matchbox/groups:Z quay.io/poseidon/matchbox:latest -address=0.0.0.0:8080 -log-level=debug
$ sudo docker run --name dnsmasq --cap-add=NET_ADMIN -v $PWD/contrib/dnsmasq/docker0.conf:/etc/dnsmasq.conf:Z quay.io/coreos/dnsmasq -d
```

184
Documentation/getting-started-rkt.md
View File

@@ -1,184 +0,0 @@
# Getting started with rkt
In this tutorial, we'll run `matchbox` on your Linux machine with `rkt` and `CNI` to network boot and provision a cluster of QEMU/KVM Container Linux machines locally. You'll be able to create Kubernetes clustes, etcd3 clusters, and test network setups.
*Note*: To provision physical machines, see [network setup](network-setup.md) and [deployment](deployment.md).
## Requirements
Install [rkt](https://coreos.com/rkt/docs/latest/distributions.html) 1.12.0 or higher ([example script](https://github.com/dghubble/phoenix/blob/master/fedora/sources.sh)) and setup rkt [privilege separation](https://coreos.com/rkt/docs/latest/trying-out-rkt.html).
Next, install the package dependencies.
```sh
# Fedora
$ sudo dnf install virt-install virt-manager
# Debian/Ubuntu
$ sudo apt-get install virt-manager virtinst qemu-kvm systemd-container
```
**Note**: rkt does not yet integrate with SELinux on Fedora. As a workaround, temporarily set enforcement to permissive if you are comfortable (`sudo setenforce Permissive`). Check the rkt [distribution notes](https://github.com/coreos/rkt/blob/master/Documentation/distributions.md) or see the tracking [issue](https://github.com/coreos/rkt/issues/1727).
Clone the [matchbox](https://github.com/coreos/matchbox) source which contains the examples and scripts.
```sh
$ git clone https://github.com/coreos/matchbox.git
$ cd matchbox
```
Download CoreOS Container Linux image assets referenced by the `etcd3` [example](../examples) to `examples/assets`.
```sh
$ ./scripts/get-coreos stable 1576.5.0 ./examples/assets
```
## Network
Define the `metal0` virtual bridge with [CNI](https://github.com/appc/cni).
```bash
sudo mkdir -p /etc/rkt/net.d
sudo bash -c 'cat > /etc/rkt/net.d/20-metal.conf << EOF
{
"name": "metal0",
"type": "bridge",
"bridge": "metal0",
"isGateway": true,
"ipMasq": true,
"ipam": {
"type": "host-local",
"subnet": "172.18.0.0/24",
"routes" : [ { "dst" : "0.0.0.0/0" } ]
}
}
EOF'
```
On Fedora, add the `metal0` interface to the trusted zone in your firewall configuration.
```sh
$ sudo firewall-cmd --add-interface=metal0 --zone=trusted
$ sudo firewall-cmd --add-interface=metal0 --zone=trusted --permanent
```
For development convenience, you may wish to add `/etc/hosts` entries for nodes to refer to them by name.
```
# /etc/hosts
...
172.18.0.21 node1.example.com
172.18.0.22 node2.example.com
172.18.0.23 node3.example.com
```
## Containers
Run the `matchbox` and `dnsmasq` services on the `metal0` bridge. `dnsmasq` will run DHCP, DNS, and TFTP services to create a suitable network boot environment. `matchbox` will serve configs to machinesas they PXE boot.
The `devnet` convenience script can rkt run these services in systemd transient units and accepts the name of any example cluster in [examples](../examples).
```sh
$ export CONTAINER_RUNTIME=rkt
$ sudo -E ./scripts/devnet create etcd3
```
Inspect the journal logs.
```
$ sudo -E ./scripts/devnet status
$ journalctl -f -u dev-matchbox
$ journalctl -f -u dev-dnsmasq
```
Take a look at the [etcd3 groups](../examples/groups/etcd3) to get an idea of how machines are mapped to Profiles. Explore some endpoints exposed by the service, say for QEMU/KVM node1.
* iPXE [http://172.18.0.2:8080/ipxe?mac=52:54:00:a1:9c:ae](http://172.18.0.2:8080/ipxe?mac=52:54:00:a1:9c:ae)
* Ignition [http://172.18.0.2:8080/ignition?mac=52:54:00:a1:9c:ae](http://172.18.0.2:8080/ignition?mac=52:54:00:a1:9c:ae)
* Metadata [http://172.18.0.2:8080/metadata?mac=52:54:00:a1:9c:ae](http://172.18.0.2:8080/metadata?mac=52:54:00:a1:9c:ae)
### Manual
If you prefer to start the containers yourself, instead of using `devnet`,
```sh
sudo rkt run --net=metal0:IP=172.18.0.2 \
--mount volume=data,target=/var/lib/matchbox \
--volume data,kind=host,source=$PWD/examples \
--mount volume=groups,target=/var/lib/matchbox/groups \
--volume groups,kind=host,source=$PWD/examples/groups/etcd3 \
quay.io/coreos/matchbox:v0.7.1 -- -address=0.0.0.0:8080 -log-level=debug
```
```sh
sudo rkt run --net=metal0:IP=172.18.0.3 \
--dns=host \
--mount volume=config,target=/etc/dnsmasq.conf \
--volume config,kind=host,source=$PWD/contrib/dnsmasq/metal0.conf \
quay.io/coreos/dnsmasq:v0.4.1 \
--caps-retain=CAP_NET_ADMIN,CAP_NET_BIND_SERVICE,CAP_SETGID,CAP_SETUID,CAP_NET_RAW
```
If you get an error about the IP assignment, stop old pods and run garbage collection.
```sh
$ sudo rkt gc --grace-period=0
```
## Client VMs
Create QEMU/KVM VMs which have known hardware attributes. The nodes will be attached to the `metal0` bridge, where your pods run.
```sh
$ sudo ./scripts/libvirt create-rkt
```
You can connect to the serial console of any node (ctrl+] to exit). If you provisioned nodes with an SSH key, you can SSH after bring-up.
```sh
$ sudo virsh console node1
$ ssh core@node1.example.com
```
You can also use `virt-manager` to watch the console.
```sh
$ sudo virt-manager
```
Use the wrapper script to act on all nodes.
```sh
$ sudo ./scripts/libvirt [start|reboot|shutdown|poweroff|destroy]
```
## Verify
The VMs should network boot and provision themselves into a three node etcd3 cluster, with other nodes behaving as etcd3 gateways.
The example profile added autologin so you can verify that etcd3 works between nodes.
```sh
$ systemctl status etcd-member
$ etcdctl set /message hello
$ etcdctl get /message
```
## Clean up
Clean up the systemd units running `matchbox` and `dnsmasq`.
```sh
$ sudo -E ./scripts/devnet destroy
```
Clean up VM machines.
```sh
$ sudo ./scripts/libvirt destroy
```
Press ^] three times to stop any rkt pod.
## Going further
Learn more about [matchbox](matchbox.md) or explore the other [example](../examples) clusters. Try the [k8s example](bootkube.md) to produce a TLS-authenticated Kubernetes cluster you can access locally with `kubectl`.

24
Documentation/getting-started.md
View File

@@ -30,26 +30,24 @@ $ openssl s_client -connect matchbox.example.com:8081 \
## Terraform
Install [Terraform][terraform-dl] v0.9+ on your system.
Install [Terraform][terraform-dl] v0.11+ on your system.
```sh
$ terraform version
Terraform v0.9.4
Terraform v0.11.13
```
Add the `terraform-provider-matchbox` plugin binary on your system.
Add the [terraform-provider-matchbox](https://github.com/poseidon/terraform-provider-matchbox) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
$ wget https://github.com/coreos/terraform-provider-matchbox/releases/download/v0.1.0/terraform-provider-matchbox-v0.1.0-linux-amd64.tar.gz
$ tar xzf terraform-provider-matchbox-v0.1.0-linux-amd64.tar.gz
wget https://github.com/poseidon/terraform-provider-matchbox/releases/download/v0.2.3/terraform-provider-matchbox-v0.2.3-linux-amd64.tar.gz
tar xzf terraform-provider-matchbox-v0.2.3-linux-amd64.tar.gz
mv terraform-provider-matchbox-v0.2.3-linux-amd64/terraform-provider-matchbox ~/.terraform.d/plugins/terraform-provider-matchbox_v0.2.3
```
Add the plugin to your `~/.terraformrc`.
```hcl
providers {
matchbox = "/path/to/terraform-provider-matchbox"
}
```sh
$ wget https://github.com/poseidon/terraform-provider-matchbox/releases/download/v0.2.3/terraform-provider-matchbox-v0.2.3-linux-amd64.tar.gz
$ tar xzf terraform-provider-matchbox-v0.2.3-linux-amd64.tar.gz
```
## First cluster
@@ -57,7 +55,7 @@ providers {
Clone the matchbox source and take a look at the Terraform examples.
```sh
$ git clone https://github.com/coreos/matchbox.git
$ git clone https://github.com/poseidon/matchbox.git
$ cd matchbox/examples/terraform
```
@@ -169,7 +167,7 @@ Read [network-setup.md](network-setup.md) for the complete range of options. Net
* May configure subnets, architectures, or specific machines to delegate to matchbox
* May place matchbox behind a menu entry (timeout and default to matchbox)
If you've never setup a PXE-enabled network before or you're trying to setup a home lab, checkout the [quay.io/coreos/dnsmasq](https://quay.io/repository/coreos/dnsmasq) container image [copy-paste examples](https://github.com/coreos/matchbox/blob/master/Documentation/network-setup.md#coreosdnsmasq) and see the section about [proxy-DHCP](https://github.com/coreos/matchbox/blob/master/Documentation/network-setup.md#proxy-dhcp).
If you've never setup a PXE-enabled network before or you're trying to setup a home lab, checkout the [quay.io/coreos/dnsmasq](https://quay.io/repository/coreos/dnsmasq) container image [copy-paste examples](https://github.com/poseidon/matchbox/blob/master/Documentation/network-setup.md#coreosdnsmasq) and see the section about [proxy-DHCP](https://github.com/poseidon/matchbox/blob/master/Documentation/network-setup.md#proxy-dhcp).
## Boot

2
Documentation/grub.md
View File

@@ -8,7 +8,7 @@ For local development, install the dependencies for libvirt with UEFI.
* [UEFI with QEMU](https://fedoraproject.org/wiki/Using_UEFI_with_QEMU)
Ensure that you've gone through the [matchbox with rkt](getting-started-rkt.md) and [matchbox](matchbox.md) guides and understand the basics.
Ensure that you've gone through the [matchbox with docker](getting-started-docker.md) and [matchbox](matchbox.md) guides and understand the basics.
## Containers

9
Documentation/matchbox.md
View File

@@ -8,9 +8,8 @@ Network boot endpoints provide PXE, iPXE, GRUB support. `matchbox` can be deploy
## Getting started
Get started running `matchbox` on your Linux machine, with rkt or Docker.
Get started running `matchbox` on your Linux machine, with Docker.
* [matchbox with rkt](getting-started-rkt.md)
* [matchbox with Docker](getting-started-docker.md)
## Flags
@@ -20,7 +19,7 @@ See [configuration](config.md) flags and variables.
## API
* [HTTP API](api.md)
* [gRPC API](https://godoc.org/github.com/coreos/matchbox/matchbox/client)
* [gRPC API](https://godoc.org/github.com/poseidon/matchbox/matchbox/client)
## Data
@@ -64,8 +63,8 @@ Profiles reference an Ignition config, Cloud-Config, and/or generic config by na
"ignition_id": "etcd.yaml",
"generic_id": "some-service.cfg",
"boot": {
"kernel": "/assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz"],
"kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"],
"args": [
"coreos.config.url=http://matchbox.foo:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}",
"coreos.first_boot=yes",

63
Jenkinsfile vendored
View File

@@ -1,63 +0,0 @@
pipeline {
agent none
options {
timeout(time:45, unit:'MINUTES')
buildDiscarder(logRotator(numToKeepStr:'20'))
}
stages {
stage('Cluster Tests') {
steps {
parallel (
etcd3: {
node('fedora && bare-metal') {
timeout(time:5, unit:'MINUTES') {
checkout scm
sh '''#!/bin/bash -e
export ASSETS_DIR=~/assets; ./tests/smoke/etcd3
'''
deleteDir()
}
}
},
bootkube: {
node('fedora && bare-metal') {
timeout(time:60, unit:'MINUTES') {
checkout scm
sh '''#!/bin/bash -e
chmod 600 ./tests/smoke/fake_rsa
export ASSETS_DIR=~/assets; ./tests/smoke/bootkube
'''
deleteDir()
}
}
},
"etcd3-terraform": {
node('fedora && bare-metal') {
timeout(time:10, unit:'MINUTES') {
checkout scm
sh '''#!/bin/bash -e
export ASSETS_DIR=~/assets; export CONFIG_DIR=~/matchbox/examples/etc/matchbox; ./tests/smoke/etcd3-terraform
'''
deleteDir()
}
}
},
"bootkube-terraform": {
node('fedora && bare-metal') {
timeout(time:60, unit:'MINUTES') {
checkout scm
sh '''#!/bin/bash -e
chmod 600 ./tests/smoke/fake_rsa
export ASSETS_DIR=~/assets; export CONFIG_DIR=~/matchbox/examples/etc/matchbox; ./tests/smoke/bootkube-terraform
'''
deleteDir()
}
}
},
)
}
}
}
}

1
MAINTAINERS Normal file
View File

@@ -0,0 +1 @@
Dalton Hubble <dghubble@gmail.com> (@dghubble)

55
Makefile
View File

@@ -1,42 +1,59 @@
export CGO_ENABLED:=0
export GO111MODULE=on
export GOFLAGS=-mod=vendor
VERSION=$(shell ./scripts/dev/git-version)
LD_FLAGS="-w -X github.com/coreos/matchbox/matchbox/version.Version=$(VERSION)"
VERSION=$(shell git describe --tags --match=v* --always --dirty)
LD_FLAGS="-w -X github.com/poseidon/matchbox/matchbox/version.Version=$(VERSION)"
REPO=github.com/coreos/matchbox
IMAGE_REPO=coreos/matchbox
QUAY_REPO=quay.io/coreos/matchbox
REPO=github.com/poseidon/matchbox
LOCAL_REPO=poseidon/matchbox
IMAGE_REPO=quay.io/poseidon/matchbox
all: build
.PHONY: all
all: build test vet lint fmt
.PHONY: build
build: clean bin/matchbox
bin/%:
@go build -o bin/$* -v -ldflags $(LD_FLAGS) $(REPO)/cmd/$*
@go build -o bin/$* -ldflags $(LD_FLAGS) $(REPO)/cmd/$*
.PHONY: test
test:
@./scripts/dev/test
@go test ./... -cover
.PHONY: aci
aci: clean build
@sudo ./scripts/dev/build-aci
.PHONY: vet
vet:
@go vet -all ./...
.PHONY: lint
lint:
@golint -set_exit_status `go list ./... | grep -v pb`
.PHONY: fmt
fmt:
@test -z $$(go fmt ./...)
.PHONY: docker-image
docker-image:
@sudo docker build --rm=true -t $(IMAGE_REPO):$(VERSION) .
@sudo docker tag $(IMAGE_REPO):$(VERSION) $(IMAGE_REPO):latest
@sudo docker build --rm=true -t $(LOCAL_REPO):$(VERSION) .
@sudo docker tag $(LOCAL_REPO):$(VERSION) $(LOCAL_REPO):latest
.PHONY: docker-push
docker-push: docker-image
@sudo docker tag $(IMAGE_REPO):$(VERSION) $(QUAY_REPO):latest
@sudo docker tag $(IMAGE_REPO):$(VERSION) $(QUAY_REPO):$(VERSION)
@sudo docker push $(QUAY_REPO):latest
@sudo docker push $(QUAY_REPO):$(VERSION)
@sudo docker tag $(LOCAL_REPO):$(VERSION) $(IMAGE_REPO):latest
@sudo docker tag $(LOCAL_REPO):$(VERSION) $(IMAGE_REPO):$(VERSION)
@sudo docker push $(IMAGE_REPO):latest
@sudo docker push $(IMAGE_REPO):$(VERSION)
.PHONY: update
update:
@GOFLAGS="" go get -u
@go mod tidy
.PHONY: vendor
vendor:
@glide update --strip-vendor
@glide-vc --use-lock-file --no-tests --only-code
@go mod vendor
.PHONY: codegen
codegen: tools

19
README.md
View File

@@ -1,4 +1,4 @@
# matchbox [![Build Status](https://travis-ci.org/coreos/matchbox.svg?branch=master)](https://travis-ci.org/coreos/matchbox) [![GoDoc](https://godoc.org/github.com/coreos/matchbox?status.svg)](https://godoc.org/github.com/coreos/matchbox) [![Docker Repository on Quay](https://quay.io/repository/coreos/matchbox/status "Docker Repository on Quay")](https://quay.io/repository/coreos/matchbox) [![IRC](https://img.shields.io/badge/irc-%23coreos-449FD8.svg)](https://botbot.me/freenode/coreos)
# matchbox [![Build Status](https://travis-ci.org/poseidon/matchbox.svg?branch=master)](https://travis-ci.org/poseidon/matchbox) [![GoDoc](https://godoc.org/github.com/poseidon/matchbox?status.svg)](https://godoc.org/github.com/poseidon/matchbox) [![Docker Repository on Quay](https://quay.io/repository/poseidon/matchbox/status "Docker Repository on Quay")](https://quay.io/repository/poseidon/matchbox)
`matchbox` is a service that matches bare-metal machines (based on labels like MAC, UUID, etc.) to profiles that PXE boot and provision Container Linux clusters. Profiles specify the kernel/initrd, kernel arguments, iPXE config, GRUB config, [Container Linux Config][cl-config], or other configs a machine should use. Matchbox can be [installed](Documentation/deployment.md) as a binary, RPM, container image, or deployed on a Kubernetes cluster and it provides an authenticated gRPC API for clients like [Terraform][terraform].
@@ -10,7 +10,7 @@
* [Container Linux Config][cl-config]
* [Cloud-Config][cloud-config]
* [Configuration](Documentation/config.md)
* [HTTP API](Documentation/api.md) / [gRPC API](https://godoc.org/github.com/coreos/matchbox/matchbox/client)
* [HTTP API](Documentation/api.md) / [gRPC API](https://godoc.org/github.com/poseidon/matchbox/matchbox/client)
* [Background: Machine Lifecycle](Documentation/machine-lifecycle.md)
* [Background: PXE Booting](Documentation/network-booting.md)
@@ -27,26 +27,19 @@
* [Getting Started](Documentation/getting-started.md) - provision physical machines with Container Linux
* Local QEMU/KVM
* [matchbox with Docker](Documentation/getting-started-docker.md)
* [matchbox with rkt](Documentation/getting-started-rkt.md)
* Clusters
* [etcd3](Documentation/getting-started-rkt.md) - Install a 3-node etcd3 cluster
* [etcd3](Documentation/getting-started-docker.md) - Install a 3-node etcd3 cluster
* [Kubernetes](Documentation/bootkube.md) - Install a 3-node Kubernetes v1.8.5 cluster
* Clusters (Terraform-based)
* [etcd3](examples/terraform/etcd3-install/README.md) - Install a 3-node etcd3 cluster
* [Kubernetes](examples/terraform/bootkube-install/README.md) - Install a 3-node Kubernetes v1.10.3 cluster
### Projects
* [Tectonic](https://coreos.com/tectonic/docs/latest/index.html) - enterprise-ready Kubernetes
* [Typhoon](https://typhoon.psdn.io/) - minimal and free Kubernetes
* [Kubernetes](examples/terraform/bootkube-install/README.md) - Install a 3-node Kubernetes v1.14.1 cluster
## Contrib
* [dnsmasq](contrib/dnsmasq/README.md) - Run DHCP, TFTP, and DNS services with docker or rkt
* [squid](contrib/squid/README.md) - Run a transparent cache proxy
* [terraform-provider-matchbox](https://github.com/coreos/terraform-provider-matchbox) - Terraform provider plugin for Matchbox
* [terraform-provider-matchbox](https://github.com/poseidon/terraform-provider-matchbox) - Terraform provider plugin for Matchbox
[docs]: https://coreos.com/matchbox/docs/latest
[terraform]: https://github.com/coreos/terraform-provider-matchbox
[terraform]: https://github.com/poseidon/terraform-provider-matchbox
[cl-config]: Documentation/container-linux-config.md
[cloud-config]: Documentation/cloud-config.md

2
cmd/bootcmd/main.go
View File

@@ -1,6 +1,6 @@
package main
import "github.com/coreos/matchbox/matchbox/cli"
import "github.com/poseidon/matchbox/matchbox/cli"
func main() {
cli.Execute()

18
cmd/matchbox/main.go
View File

@@ -7,15 +7,15 @@ import (
"net/http"
"os"
"github.com/Sirupsen/logrus"
web "github.com/coreos/matchbox/matchbox/http"
"github.com/coreos/matchbox/matchbox/rpc"
"github.com/coreos/matchbox/matchbox/server"
"github.com/coreos/matchbox/matchbox/sign"
"github.com/coreos/matchbox/matchbox/storage"
"github.com/coreos/matchbox/matchbox/tlsutil"
"github.com/coreos/matchbox/matchbox/version"
"github.com/coreos/pkg/flagutil"
web "github.com/poseidon/matchbox/matchbox/http"
"github.com/poseidon/matchbox/matchbox/rpc"
"github.com/poseidon/matchbox/matchbox/server"
"github.com/poseidon/matchbox/matchbox/sign"
"github.com/poseidon/matchbox/matchbox/storage"
"github.com/poseidon/matchbox/matchbox/tlsutil"
"github.com/poseidon/matchbox/matchbox/version"
"github.com/sirupsen/logrus"
)
var (
@@ -45,7 +45,7 @@ func main() {
flag.StringVar(&flags.dataPath, "data-path", "/var/lib/matchbox", "Path to data directory")
flag.StringVar(&flags.assetsPath, "assets-path", "/var/lib/matchbox/assets", "Path to static assets")
// Log levels https://github.com/Sirupsen/logrus/blob/master/logrus.go#L36
// Log levels https://github.com/sirupsen/logrus/blob/master/logrus.go#L36
flag.StringVar(&flags.logLevel, "log-level", "info", "Set the logging level")
// gRPC Server TLS

4
contrib/dnsmasq/Dockerfile
View File

@@ -1,5 +1,5 @@
FROM alpine:3.6
MAINTAINER Dalton Hubble <dalton.hubble@coreos.com>
FROM alpine:3.9
LABEL maintainer="Dalton Hubble <dghubble@gmail.com>"
RUN apk -U add dnsmasq curl
COPY tftpboot /var/lib/tftpboot
EXPOSE 53 67 69

9
contrib/dnsmasq/Makefile
View File

@@ -1,14 +1,15 @@
VERSION=v0.5.0
DIR := $(abspath $(dir $(lastword $(MAKEFILE_LIST))))
VERSION=$(shell git rev-parse HEAD)
IMAGE_REPO=coreos/dnsmasq
QUAY_REPO=quay.io/coreos/dnsmasq
IMAGE_REPO=poseidon/dnsmasq
QUAY_REPO=quay.io/poseidon/dnsmasq
.PHONY: all
all: docker-image
.PHONY: tftp
tftp:
@./get-tftp-files
@$(DIR)/get-tftp-files
.PHONY: docker-image
docker-image: tftp

2
contrib/dnsmasq/README.md
View File

@@ -1,4 +1,4 @@
# dnsmasq [![Docker Repository on Quay](https://quay.io/repository/coreos/dnsmasq/status "Docker Repository on Quay")](https://quay.io/repository/coreos/dnsmasq)
# dnsmasq [![Docker Repository on Quay](https://quay.io/repository/poseidon/dnsmasq/status "Docker Repository on Quay")](https://quay.io/repository/poseidon/dnsmasq)
`dnsmasq` provides a container image for running DHCP, proxy DHCP, DNS, and/or TFTP with [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html). Use it to test different network setups with clusters of network bootable machines.

11
contrib/dnsmasq/travis-deploy Executable file
View File

@@ -0,0 +1,11 @@
#!/usr/bin/env bash
set -e
# dirty hack
cd "$(dirname $0)"
docker info
make docker-image
docker login -u="$DOCKER_USERNAME" -p=$DOCKER_PASSWORD quay.io
make docker-push

2
contrib/k8s/matchbox-deployment.yaml
View File

@@ -15,7 +15,7 @@ spec:
spec:
containers:
- name: matchbox
image: quay.io/coreos/matchbox:v0.7.1
image: quay.io/poseidon/matchbox:v0.8.0
env:
- name: MATCHBOX_ADDRESS
value: "0.0.0.0:8080"

96
contrib/squid/README.md
View File

@@ -1,96 +0,0 @@
# Squid Proxy (DRAFT)
This guide shows how to setup a [Squid](http://www.squid-cache.org/) cache proxy for providing kernel/initrd files to PXE, iPXE, or GRUB2 client machines. This setup runs Squid as a Docker container using the [sameersbn/squid](https://quay.io/repository/sameersbn/squid)
image.
The Squid container requires a squid.conf file to run. Download the example squid.conf file from the [sameersbn/docker-squid](https://github.com/sameersbn/docker-squid) repo:
```
curl -O https://raw.githubusercontent.com/sameersbn/docker-squid/master/squid.conf
```
Squid [interception caching](http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#Concepts_of_Interception_Caching) is required for proxying PXE, iPXE, or GRUB2 client machines. Set the intercept mode in squid.conf:
```
sed -ie 's/http_port 3128/http_port 3128 intercept/g' squid.conf
```
By default, Squid caches objects that are 4MB or less. Increase the maximum object size to cache large files such as kernel and initrd images. The following example increases the maximum object size to 300MB:
```
sed -ie 's/# maximum_object_size 4 MB/maximum_object_size 300 MB/g' squid.conf
```
Squid supports a wide range of cache configurations. Review the Squid [documentation](http://www.squid-cache.org/Doc/) to learn more about configuring Squid.
This example uses systemd to manage squid. Create the squid service systemd unit file:
```
cat /etc/systemd/system/squid.service
#/etc/systemd/system/squid.service
[Unit]
Description=squid proxy service
After=docker.service
Requires=docker.service
[Service]
Restart=always
TimeoutStartSec=0
ExecStart=/usr/bin/docker run --net=host --rm \
-v /path/to/squid.conf:/etc/squid3/squid.conf:Z \
-v /srv/docker/squid/cache:/var/spool/squid3:Z \
quay.io/sameersbn/squid
[Install]
WantedBy=multi-user.target
```
Start Squid:
```
systemctl start squid
```
If your Squid host is running iptables or firewalld, modify rules to allow the interception and redirection of traffic. In the following example, 192.168.10.1 is the IP address of the interface facing PXE, iPXE, or GRUB2 client machines. The default port number used by squid is 3128.
For firewalld:
```
firewall-cmd --permanent --zone=internal --add-forward-port=port=80:proto=tcp:toport=3128:toaddr=192.168.10.1
firewall-cmd --permanent --zone=internal --add-port=3128/tcp
firewall-cmd --reload
firewall-cmd --zone=internal --list-all
```
For iptables:
```
iptables -t nat -A POSTROUTING -o enp15s0 -j MASQUERADE
iptables -t nat -A PREROUTING -i enp14s0 -p tcp --dport 80 -j REDIRECT --to-port 3128
```
**Note**: enp14s0 faces PXE, iPXE, or GRUB2 clients and enp15s0 faces Internet access.
Your DHCP server should be configured so the Squid host is the default gateway for PXE, iPXE, or GRUB2 clients. For deployments that run Squid on the same host as dnsmasq, remove any DHCP option 3 settings. For example ```--dhcp-option=3,192.168.10.1"```
Update Matchbox policies to use the url of the Container Linux kernel/initrd download site:
```
cat policy/etcd3.json
{
"id": "etcd3",
"name": "etcd3",
"boot": {
"kernel": "http://stable.release.core-os.net/amd64-usr/1235.9.0/coreos_production_pxe.vmlinuz",
"initrd": ["http://stable.release.core-os.net/amd64-usr/1235.9.0/coreos_production_pxe_image.cpio.gz"],
"args": [
"coreos.config.url=http://matchbox.foo:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}",
"coreos.first_boot=yes",
"console=tty0",
"console=ttyS0",
"coreos.autologin"
]
},
"ignition_id": "etcd3.yaml"
}
```
(Optional) Configure Matchbox to not serve static assets by providing an empty assets-path value.
```
# /etc/systemd/system/matchbox.service.d/override.conf
[Service]
Environment="MATCHBOX_ASSETS_PATHS="
```
Boot your PXE, iPXE, or GRUB2 clients.

4
contrib/systemd/matchbox-for-tectonic.service
View File

@@ -3,8 +3,8 @@ Description=CoreOS matchbox Server
Documentation=https://github.com/coreos/matchbox
[Service]
Environment="IMAGE=quay.io/coreos/matchbox"
Environment="VERSION=v0.7.1"
Environment="IMAGE=quay.io/poseidon/matchbox"
Environment="VERSION=v0.8.0"
Environment="MATCHBOX_ADDRESS=0.0.0.0:8080"
Environment="MATCHBOX_RPC_ADDRESS=0.0.0.0:8081"
Environment="MATCHBOX_LOG_LEVEL=debug"

4
contrib/systemd/matchbox-on-coreos.service
View File

@@ -3,8 +3,8 @@ Description=CoreOS matchbox Server
Documentation=https://github.com/coreos/matchbox
[Service]
Environment="IMAGE=quay.io/coreos/matchbox"
Environment="VERSION=v0.7.1"
Environment="IMAGE=quay.io/poseidon/matchbox"
Environment="VERSION=v0.8.0"
Environment="MATCHBOX_ADDRESS=0.0.0.0:8080"
ExecStartPre=/usr/bin/mkdir -p /etc/matchbox
ExecStartPre=/usr/bin/mkdir -p /var/lib/matchbox/assets

16
examples/README.md
View File

@@ -10,7 +10,7 @@ These examples use [Terraform](https://www.terraform.io/intro/) as a client to M
|-------------------------------|-------------------------------|
| [simple-install](terraform/simple-install/) | Install Container Linux with an SSH key |
| [etcd3-install](terraform/etcd3-install/) | Install a 3-node etcd3 cluster |
| [bootkube-install](terraform/bootkube-install/) | Install a 3-node Kubernetes v1.10.3 cluster |
| [bootkube-install](terraform/bootkube-install/) | Install a 3-node Kubernetes v1.14.1 cluster |
### Customization
@@ -22,13 +22,13 @@ These examples mount raw Matchbox objects into a Matchbox server's `/var/lib/mat
| Name | Description | CoreOS Container Linux Version | FS | Docs |
|------------|-------------|----------------|----|-----------|
| simple | CoreOS Container Linux with autologin, using iPXE | stable/1576.5.0 | RAM | [reference](https://coreos.com/os/docs/latest/booting-with-ipxe.html) |
| simple-install | CoreOS Container Linux Install, using iPXE | stable/1576.5.0 | RAM | [reference](https://coreos.com/os/docs/latest/booting-with-ipxe.html) |
| grub | CoreOS Container Linux via GRUB2 Netboot | stable/1576.5.0 | RAM | NA |
| etcd3 | PXE boot a 3-node etcd3 cluster with proxies | stable/1576.5.0 | RAM | None |
| etcd3-install | Install a 3-node etcd3 cluster to disk | stable/1576.5.0 | Disk | None |
| bootkube | PXE boot a 3-node Kubernetes v1.8.5 cluster | stable/1576.5.0 | Disk | [tutorial](../Documentation/bootkube.md) |
| bootkube-install | Install a 3-node Kubernetes v1.8.5 cluster | stable/1576.5.0 | Disk | [tutorial](../Documentation/bootkube.md) |
| simple | CoreOS Container Linux with autologin, using iPXE | stable/1967.3.0 | RAM | [reference](https://coreos.com/os/docs/latest/booting-with-ipxe.html) |
| simple-install | CoreOS Container Linux Install, using iPXE | stable/1967.3.0 | RAM | [reference](https://coreos.com/os/docs/latest/booting-with-ipxe.html) |
| grub | CoreOS Container Linux via GRUB2 Netboot | stable/1967.3.0 | RAM | NA |
| etcd3 | PXE boot a 3-node etcd3 cluster with proxies | stable/1967.3.0 | RAM | None |
| etcd3-install | Install a 3-node etcd3 cluster to disk | stable/1967.3.0 | Disk | None |
| bootkube | PXE boot a 3-node Kubernetes v1.8.5 cluster | stable/1967.3.0 | Disk | [tutorial](../Documentation/bootkube.md) |
| bootkube-install | Install a 3-node Kubernetes v1.8.5 cluster | stable/1967.3.0 | Disk | [tutorial](../Documentation/bootkube.md) |
### Customization

2
examples/groups/bootkube-install/install.json
View File

@@ -4,7 +4,7 @@
"profile": "install-reboot",
"metadata": {
"coreos_channel": "stable",
"coreos_version": "1576.5.0",
"coreos_version": "1967.3.0",
"ignition_endpoint": "http://matchbox.example.com:8080/ignition",
"baseurl": "http://matchbox.example.com:8080/assets/coreos"
}

2
examples/groups/etcd3-install/install.json
View File

@@ -4,7 +4,7 @@
"profile": "install-reboot",
"metadata": {
"coreos_channel": "stable",
"coreos_version": "1576.5.0",
"coreos_version": "1967.3.0",
"ignition_endpoint": "http://matchbox.example.com:8080/ignition",
"baseurl": "http://matchbox.example.com:8080/assets/coreos"
}

2
examples/groups/simple-install/install.json
View File

@@ -4,7 +4,7 @@
"profile": "simple-install",
"metadata": {
"coreos_channel": "stable",
"coreos_version": "1576.5.0",
"coreos_version": "1967.3.0",
"ignition_endpoint": "http://matchbox.example.com:8080/ignition",
"baseurl": "http://matchbox.example.com:8080/assets/coreos"
}

4
examples/profiles/bootkube-controller.json
View File

@@ -2,8 +2,8 @@
"id": "bootkube-controller",
"name": "bootkube Ready Controller",
"boot": {
"kernel": "/assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz"],
"kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"],
"args": [
"initrd=coreos_production_pxe_image.cpio.gz",
"root=/dev/sda1",

4
examples/profiles/bootkube-worker.json
View File

@@ -2,8 +2,8 @@
"id": "bootkube-worker",
"name": "bootkube Ready Worker",
"boot": {
"kernel": "/assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz"],
"kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"],
"args": [
"initrd=coreos_production_pxe_image.cpio.gz",
"root=/dev/sda1",

4
examples/profiles/etcd3-gateway.json
View File

@@ -2,8 +2,8 @@
"id": "etcd3-gateway",
"name": "etcd3-gateway",
"boot": {
"kernel": "/assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz"],
"kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"],
"args": [
"initrd=coreos_production_pxe_image.cpio.gz",
"coreos.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}",

4
examples/profiles/etcd3.json
View File

@@ -2,8 +2,8 @@
"id": "etcd3",
"name": "etcd3",
"boot": {
"kernel": "/assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz"],
"kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"],
"args": [
"initrd=coreos_production_pxe_image.cpio.gz",
"coreos.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}",

4
examples/profiles/grub.json
View File

@@ -2,8 +2,8 @@
"id": "grub",
"name": "CoreOS Container Linux via GRUB2",
"boot": {
"kernel": "(http;matchbox.example.com:8080)/assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz",
"initrd": ["(http;matchbox.example.com:8080)/assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz"],
"kernel": "(http;matchbox.example.com:8080)/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz",
"initrd": ["(http;matchbox.example.com:8080)/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"],
"args": [
"coreos.config.url=http://matchbox.example.com:8080/ignition",
"coreos.first_boot=yes",

4
examples/profiles/install-reboot.json
View File

@@ -2,8 +2,8 @@
"id": "install-reboot",
"name": "Install CoreOS Container Linux and Reboot",
"boot": {
"kernel": "/assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz"],
"kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"],
"args": [
"initrd=coreos_production_pxe_image.cpio.gz",
"coreos.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}",

4
examples/profiles/simple-install.json
View File

@@ -2,8 +2,8 @@
"id": "simple-install",
"name": "Simple CoreOS Container Linux Alpha Install",
"boot": {
"kernel": "/assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz"],
"kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz",
"initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"],
"args": [
"initrd=coreos_production_pxe_image.cpio.gz",
"coreos.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}",

4
examples/profiles/simple.json
View File

@@ -2,9 +2,9 @@
"id": "simple",
"name": "Simple CoreOS Container Linux Alpha",
"boot": {
"kernel": "/assets/coreos/1576.5.0/coreos_production_pxe.vmlinuz",
"kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz",
"initrd": [
"/assets/coreos/1576.5.0/coreos_production_pxe_image.cpio.gz"
"/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"
],
"args": [
"initrd=coreos_production_pxe_image.cpio.gz",

130
examples/terraform/bootkube-install/README.md
View File

@@ -1,6 +1,6 @@
# Kubernetes
The Kubernetes example shows how to use Matchbox to network boot and provision a 3 node Kubernetes v1.10.3 cluster. This example uses [Terraform](https://www.terraform.io/intro/index.html) and a module provided by [Typhoon](https://github.com/poseidon/typhoon) to describe cluster resources. [kubernetes-incubator/bootkube](https://github.com/kubernetes-incubator/bootkube) is run once to bootstrap the Kubernetes control plane.
The Kubernetes example shows how to use Matchbox to network boot and provision a 3 node Kubernetes v1.14.1 cluster. This example uses [Terraform](https://www.terraform.io/intro/index.html) and a module provided by [Typhoon](https://github.com/poseidon/typhoon) to describe cluster resources. [kubernetes-incubator/bootkube](https://github.com/kubernetes-incubator/bootkube) is run once to bootstrap the Kubernetes control plane.
## Requirements
@@ -9,69 +9,69 @@ Follow the getting started [tutorial](../../../Documentation/getting-started.md)
* Matchbox v0.6+ [installation](../../../Documentation/deployment.md) with gRPC API enabled
* Matchbox provider credentials `client.crt`, `client.key`, and `ca.crt`
* PXE [network boot](../../../Documentation/network-setup.md) environment
* Terraform v0.10.x or v0.11.x and [terraform-provider-matchbox](https://github.com/coreos/terraform-provider-matchbox) installed locally on your system
* Terraform v0.11.x, [terraform-provider-matchbox](https://github.com/poseidon/terraform-provider-matchbox), and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Machines with known DNS names and MAC addresses
If you prefer to provision QEMU/KVM VMs on your local Linux machine, set up the matchbox [development environment](../../../Documentation/getting-started-rkt.md).
If you prefer to provision QEMU/KVM VMs on your local Linux machine, set up the matchbox [development environment](../../../Documentation/getting-started-docker.md).
```sh
sudo ./scripts/devnet create
```
## Usage
## Terraform Setup
Clone the [matchbox](https://github.com/coreos/matchbox) project and take a look at the cluster examples.
Install [Terraform](https://www.terraform.io/downloads.html) v0.11.x on your system.
```sh
$ git clone https://github.com/coreos/matchbox.git
$ terraform version
Terraform v0.11.7
```
Add the [terraform-provider-matchbox](https://github.com/poseidon/terraform-provider-matchbox) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-matchbox/releases/download/v0.2.3/terraform-provider-matchbox-v0.2.3-linux-amd64.tar.gz
tar xzf terraform-provider-matchbox-v0.2.3-linux-amd64.tar.gz
mv terraform-provider-matchbox-v0.2.3-linux-amd64/terraform-provider-matchbox ~/.terraform.d/plugins/terraform-provider-matchbox_v0.2.3
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.3.1/terraform-provider-ct-v0.3.1-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.3.1-linux-amd64.tar.gz
mv terraform-provider-ct-v0.3.1-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.3.1
```
## Usage
Clone the [matchbox](https://github.com/poseidon/matchbox) project and take a look at the cluster examples.
```sh
$ git clone https://github.com/poseidon/matchbox.git
$ cd matchbox/examples/terraform/bootkube-install
```
Copy the `terraform.tfvars.example` file to `terraform.tfvars`. Ensure `provider.tf` references your matchbox credentials.
Configure the Matchbox provider to use your Matchbox API endpoint and client certificate in a `providers.tf` file.
```hcl
matchbox_http_endpoint = "http://matchbox.example.com:8080"
matchbox_rpc_endpoint = "matchbox.example.com:8081"
ssh_authorized_key = "ADD ME"
```
provider "matchbox" {
version = "0.2.3"
endpoint = "matchbox.example.com:8081"
client_cert = "${file("~/.matchbox/client.crt")}"
client_key = "${file("~/.matchbox/client.key")}"
ca = "${file("~/.matchbox/ca.crt")}"
}
cluster_name = "demo"
os_channel = "coreos-stable"
os_version = "1576.5.0"
provider "ct" {
version = "0.3.1"
}
...
```
Provide an ordered list of controller names, MAC addresses, and domain names. Provide an ordered list of worker names, MAC addresses, and domain names.
Copy the `terraform.tfvars.example` file to `terraform.tfvars`. It defines a few variables needed for examples. Set your `ssh_authorized_key` to use in the cluster definition.
```hcl
controller_names = ["node1"]
controller_macs = ["52:54:00:a1:9c:ae"]
controller_domains = ["node1.example.com"]
worker_names = ["node2", "node3"]
worker_macs = ["52:54:00:b2:2f:86", "52:54:00:c3:61:77"]
worker_domains = ["node2.example.com", "node3.example.com"]
```
Provide an `assets_dir` for generated manifests and a DNS name which you've setup to resolves to controller(s) (e.g. round-robin). Worker nodes and your kubeconfig will communicate via this endpoint.
```hcl
k8s_domain_name = "cluster.example.com"
asset_dir = "assets"
```
Note: The `cached-container-linux-install` profile will PXE boot and install Container Linux from matchbox [assets](https://github.com/coreos/matchbox/blob/master/Documentation/api.md#assets). If you have not populated the assets cache, use the `container-linux-install` profile to use public images (slower).
### Optional
You may set certain optional variables to override defaults. Set `networking` to either "flannel" or "calico" to set the networking provider. [Check upstream](https://typhoon.psdn.io/bare-metal/) for the full list of options.
```hcl
# Optional (defaults)
# cached_install = "false"
# install_disk = "/dev/sda"
# container_linux_oem = ""
# networking = "flannel"
```
The default is to create a Kubernetes cluster with 1 controller and 2 workers as an example, but check `multi-controller.tfvars.example` for an example which defines 3 controllers and 1 worker.
Note: With `cached_install="true"`, machines will PXE boot and install Container Linux from matchbox [assets](https://github.com/poseidon/matchbox/blob/master/Documentation/api.md#assets). For convenience, `scripts/get-coreos` can download needed images.
## Terraform
@@ -81,20 +81,11 @@ Initialize Terraform from the `bootkube-install` directory.
terraform init
```
Get or update Terraform modules.
```sh
$ terraform get # downloads missing modules
$ terraform get --update # updates all modules
Get: git::https://github.com/poseidon/typhoon (update)
Get: git::https://github.com/poseidon/bootkube-terraform.git?ref=v0.11.0 (update)
```
Plan the resources to be created.
```sh
$ terraform plan
Plan: 55 to add, 0 to change, 0 to destroy.
Plan: 75 to add, 0 to change, 0 to destroy.
```
Terraform will configure matchbox with profiles (e.g. `cached-container-linux-install`, `bootkube-controller`, `bootkube-worker`) and add groups to match machines by MAC address to a profile. These resources declare that each machine should PXE boot and install Container Linux to disk. `node1` will provision itself as a controller, while `node2` and `node3` provision themselves as workers.
@@ -115,6 +106,7 @@ ssh-add -L
Apply the changes.
```sh
$ terraform apply
module.cluster.null_resource.copy-secrets.0: Still creating... (5m0s elapsed)
module.cluster.null_resource.copy-secrets.1: Still creating... (5m0s elapsed)
module.cluster.null_resource.copy-secrets.2: Still creating... (5m0s elapsed)
@@ -149,19 +141,20 @@ $ sudo ./scripts/libvirt [start|reboot|shutdown|poweroff|destroy]
$ export KUBECONFIG=assets/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
node1.example.com Ready 11m v1.10.0
node2.example.com Ready 11m v1.10.0
node3.example.com Ready 11m v1.10.0
node1.example.com Ready 11m v1.14.1
node2.example.com Ready 11m v1.14.1
node3.example.com Ready 11m v1.14.1
$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system kube-flannel-fqp7f 2/2 Running 1 11m
kube-system kube-flannel-gnjrm 2/2 Running 0 11m
kube-system kube-flannel-llbgt 2/2 Running 0 11m
kube-system coredns-1187388186-mx9rt 3/3 Running 0 11m
kube-system coredns-1187388186-dsfk3 3/3 Running 0 11m
kube-system flannel-fqp7f 2/2 Running 1 11m
kube-system flannel-gnjrm 2/2 Running 0 11m
kube-system flannel-llbgt 2/2 Running 0 11m
kube-system kube-apiserver-7336w 1/1 Running 0 11m
kube-system kube-controller-manager-3271970485-b9chx 1/1 Running 0 11m
kube-system kube-controller-manager-3271970485-v30js 1/1 Running 1 11m
kube-system kube-dns-1187388186-mx9rt 3/3 Running 0 11m
kube-system kube-proxy-50sd4 1/1 Running 0 11m
kube-system kube-proxy-bczhp 1/1 Running 0 11m
kube-system kube-proxy-mp2fw 1/1 Running 0 11m
@@ -171,6 +164,17 @@ kube-system pod-checkpointer-wf65d 1/1 Running 0
kube-system pod-checkpointer-wf65d-node1.example.com 1/1 Running 0 11m
```
## Optional
Several Terraform module variables can override cluster defaults. [Check upstream](https://typhoon.psdn.io/bare-metal/) for the full list of options.
```hcl
...
cached_install = "false"
install_disk = "/dev/sda"
networking = "calico"
```
## Addons
Install **important** cluster [addons](../../../Documentation/cluster-addons.md).

53
examples/terraform/bootkube-install/cluster.tf
View File

@@ -1,37 +1,46 @@
// Kubernetes cluster
module "cluster" {
source = "git::https://github.com/poseidon/typhoon//bare-metal/container-linux/kubernetes?ref=v1.10.3"
source = "git::https://github.com/poseidon/typhoon//bare-metal/container-linux/kubernetes?ref=v1.14.1"
providers = {
local = "local.default"
null = "null.default"
local = "local.default"
null = "null.default"
template = "template.default"
tls = "tls.default"
tls = "tls.default"
}
# bare-metal
cluster_name = "${var.cluster_name}"
matchbox_http_endpoint = "${var.matchbox_http_endpoint}"
os_channel = "${var.os_channel}"
os_version = "${var.os_version}"
cluster_name = "example"
matchbox_http_endpoint = "${var.matchbox_http_endpoint}"
os_channel = "coreos-stable"
os_version = "1967.3.0"
# default iPXE firmware (used in dnsmasq image) doesn't offer https
download_protocol = "http"
# configuration
k8s_domain_name = "${var.k8s_domain_name}"
k8s_domain_name = "cluster.example.com"
ssh_authorized_key = "${var.ssh_authorized_key}"
asset_dir = "${var.asset_dir}"
asset_dir = "assets"
cached_install = "true"
# machines
controller_names = "${var.controller_names}"
controller_macs = "${var.controller_macs}"
controller_domains = "${var.controller_domains}"
worker_names = "${var.worker_names}"
worker_macs = "${var.worker_macs}"
worker_domains = "${var.worker_domains}"
controller_names = ["node1"]
controller_macs = ["52:54:00:a1:9c:ae"]
controller_domains = ["node1.example.com"]
# optional
networking = "${var.networking}"
cached_install = "${var.cached_install}"
install_disk = "${var.install_disk}"
container_linux_oem = "${var.container_linux_oem}"
kernel_args = "${var.kernel_args}"
worker_names = [
"node2",
"node3",
]
worker_macs = [
"52:54:00:b2:2f:86",
"52:54:00:c3:61:77",
]
worker_domains = [
"node2.example.com",
"node3.example.com",
]
}

22
examples/terraform/bootkube-install/multi-controller.tfvars.example
View File

@@ -1,22 +0,0 @@
matchbox_http_endpoint = "http://matchbox.example.com:8080"
matchbox_rpc_endpoint = "matchbox.example.com:8081"
# ssh_authorized_key = "ADD ME"
cluster_name = "example"
os_channel = "coreos-stable"
os_version = "1576.5.0"
# Machines
controller_names = ["node1", "node2", "node3"]
controller_macs = ["52:54:00:a1:9c:ae", "52:54:00:b2:2f:86", "52:54:00:c3:61:77"]
controller_domains = ["node1.example.com", "node2.example.com", "node3.example.com"]
worker_names = ["node4"]
worker_macs = ["52:54:00:d7:99:c7"]
worker_domains = ["node4.example.com"]
# Bootkube
k8s_domain_name = "cluster.example.com"
asset_dir = "assets"
# Optional
# container_linux_oem = ""

13
examples/terraform/bootkube-install/provider.tf
View File

@@ -1,27 +1,32 @@
// Configure the matchbox provider
provider "matchbox" {
version = "0.2.3"
endpoint = "${var.matchbox_rpc_endpoint}"
client_cert = "${file("~/.matchbox/client.crt")}"
client_key = "${file("~/.matchbox/client.key")}"
ca = "${file("~/.matchbox/ca.crt")}"
}
provider "ct" {
version = "0.3.1"
}
provider "local" {
version = "~> 1.0"
alias = "default"
alias = "default"
}
provider "null" {
version = "~> 1.0"
alias = "default"
alias = "default"
}
provider "template" {
version = "~> 1.0"
alias = "default"
alias = "default"
}
provider "tls" {
version = "~> 1.0"
alias = "default"
alias = "default"
}

24
examples/terraform/bootkube-install/terraform.tfvars.example
View File

@@ -1,25 +1,3 @@
matchbox_http_endpoint = "http://matchbox.example.com:8080"
matchbox_rpc_endpoint = "matchbox.example.com:8081"
# ssh_authorized_key = "ADD ME"
cluster_name = "example"
os_channel = "coreos-stable"
os_version = "1576.5.0"
# Machines
controller_names = ["node1"]
controller_macs = ["52:54:00:a1:9c:ae"]
controller_domains = ["node1.example.com"]
worker_names = ["node2", "node3"]
worker_macs = ["52:54:00:b2:2f:86", "52:54:00:c3:61:77"]
worker_domains = ["node2.example.com", "node3.example.com"]
# Bootkube
k8s_domain_name = "cluster.example.com"
asset_dir = "assets"
# Optional (defaults)
cached_install = "true"
# install_disk = "/dev/sda"
# container_linux_oem = ""
# networking = "flannel"
ssh_authorized_key = "ADD ME"

102
examples/terraform/bootkube-install/variables.tf
View File

@@ -8,109 +8,7 @@ variable "matchbox_rpc_endpoint" {
description = "Matchbox gRPC API endpoint, without the protocol (e.g. matchbox.example.com:8081)"
}
variable "os_channel" {
type = "string"
description = "Channel for a Container Linux derivative"
}
variable "os_version" {
type = "string"
description = "Version for a Container Linux to PXE and install"
}
variable "cluster_name" {
type = "string"
description = "Cluster name"
}
variable "ssh_authorized_key" {
type = "string"
description = "SSH public key to set as an authorized_key on machines"
}
# Machines
# Terraform's crude "type system" does properly support lists of maps so we do this.
variable "controller_names" {
type = "list"
}
variable "controller_macs" {
type = "list"
}
variable "controller_domains" {
type = "list"
}
variable "worker_names" {
type = "list"
}
variable "worker_macs" {
type = "list"
}
variable "worker_domains" {
type = "list"
}
# bootkube assets
variable "k8s_domain_name" {
description = "Controller DNS name which resolves to a controller instance. Workers and kubeconfig's will communicate with this endpoint (e.g. cluster.example.com)"
type = "string"
}
variable "networking" {
description = "Choice of networking provider (flannel or calico)"
type = "string"
default = "flannel"
}
variable "asset_dir" {
description = "Path to a directory where generated assets should be placed (contains secrets)"
type = "string"
}
variable "pod_cidr" {
description = "CIDR IP range to assign Kubernetes pods"
type = "string"
default = "10.2.0.0/16"
}
variable "service_cidr" {
description = <<EOD
CIDR IP range to assign Kubernetes services.
The 1st IP will be reserved for kube_apiserver, the 10th IP will be reserved for kube-dns, the 15th IP will be reserved for self-hosted etcd, and the 200th IP will be reserved for bootstrap self-hosted etcd.
EOD
type = "string"
default = "10.3.0.0/16"
}
# optional
variable "cached_install" {
type = "string"
default = "false"
description = "Whether Container Linux should PXE boot and install from matchbox /assets cache. Note that the admin must have downloaded the os_version into matchbox assets."
}
variable "install_disk" {
type = "string"
default = "/dev/sda"
description = "Disk device to which the install profiles should install Container Linux (e.g. /dev/sda)"
}
variable "container_linux_oem" {
type = "string"
default = ""
description = "Specify an OEM image id to use as base for the installation (e.g. ami, vmware_raw, xen) or leave blank for the default image"
}
variable "kernel_args" {
description = "Additional kernel arguments to provide at PXE boot."
type = "list"
default = []
}

10
examples/terraform/etcd3-install/README.md
View File

@@ -9,10 +9,10 @@ Follow the getting started [tutorial](../../../Documentation/getting-started.md)
* Matchbox v0.6+ [installation](../../../Documentation/deployment.md) with gRPC API enabled
* Matchbox provider credentials `client.crt`, `client.key`, and `ca.crt`
* PXE [network boot](../../../Documentation/network-setup.md) environment
* Terraform v0.9+ and [terraform-provider-matchbox](https://github.com/coreos/terraform-provider-matchbox) installed locally on your system
* Terraform v0.9+ and [terraform-provider-matchbox](https://github.com/poseidon/terraform-provider-matchbox) installed locally on your system
* 3 machines with known DNS names and MAC addresses
If you prefer to provision QEMU/KVM VMs on your local Linux machine, set up the matchbox [development environment](../../../Documentation/getting-started-rkt.md).
If you prefer to provision QEMU/KVM VMs on your local Linux machine, set up the matchbox [development environment](../../../Documentation/getting-started-docker.md).
```sh
sudo ./scripts/devnet create
@@ -20,10 +20,10 @@ sudo ./scripts/devnet create
## Usage
Clone the [matchbox](https://github.com/coreos/matchbox) project and take a look at the cluster examples.
Clone the [matchbox](https://github.com/poseidon/matchbox) project and take a look at the cluster examples.
```sh
$ git clone https://github.com/coreos/matchbox.git
$ git clone https://github.com/poseidon/matchbox.git
$ cd matchbox/examples/terraform/etcd3-install
```
@@ -37,7 +37,7 @@ ssh_authorized_key = "ADD ME"
Configs in `etcd3-install` configure the matchbox provider, define profiles (e.g. `cached-container-linux-install`, `etcd3`), and define 3 groups which match machines by MAC address to a profile. These resources declare that the machines should PXE boot, install Container Linux to disk, and provision themselves into peers in a 3-node etcd3 cluster.
Note: The `cached-container-linux-install` profile will PXE boot and install Container Linux from matchbox [assets](https://github.com/coreos/matchbox/blob/master/Documentation/api.md#assets). If you have not populated the assets cache, use the `container-linux-install` profile to use public images (slower).
Note: The `cached-container-linux-install` profile will PXE boot and install Container Linux from matchbox [assets](https://github.com/poseidon/matchbox/blob/master/Documentation/api.md#assets). If you have not populated the assets cache, use the `container-linux-install` profile to use public images (slower).
### Optional

2
examples/terraform/etcd3-install/etcd3.tf
View File

@@ -2,7 +2,7 @@
module "profiles" {
source = "../modules/profiles"
matchbox_http_endpoint = "${var.matchbox_http_endpoint}"
container_linux_version = "1576.5.0"
container_linux_version = "1967.3.0"
container_linux_channel = "stable"
install_disk = "${var.install_disk}"
container_linux_oem = "${var.container_linux_oem}"

2
examples/terraform/modules/README.md
View File

@@ -4,7 +4,7 @@ Matchbox provides Terraform [modules](https://www.terraform.io/docs/modules/usag
```hcl
module "profiles" {
source = "git::https://github.com/coreos/matchbox.git//examples/terraform/modules/profiles?ref=08f4e9908b167fba608e60169ec6a803df9db37f"
source = "git::https://github.com/poseidon/matchbox.git//examples/terraform/modules/profiles?ref=08f4e9908b167fba608e60169ec6a803df9db37f"
matchbox_http_endpoint = "${var.matchbox_http_endpoint}"
container_linux_version = "${var.container_linux_version}"
container_linux_channel = "${var.container_linux_channel}"

126
glide.lock generated
View File

@@ -1,126 +0,0 @@
hash: b404b094b7ff5d83fac658393148a51f2b3f74ce1026502524be71772c30e9b2
updated: 2017-11-06T13:24:02.819805752-08:00
imports:
- name: github.com/ajeddeloh/go-json
version: 73d058cf8437a1989030afe571eeab9f90eebbbd
- name: github.com/ajeddeloh/yaml
version: 6b94386aeefd8c4b8470aee72bfca084c2f91da9
- name: github.com/alecthomas/units
version: 6b4e7dc5e3143b85ea77909c72caf89416fc2915
- name: github.com/camlistore/camlistore
version: 9106ce829629773474c689b34aacd7d3aaa99426
- name: github.com/coreos/container-linux-config-transpiler
version: be4cb16b0aaf0f6b4fdf63b8b2a081397276bf0f
subpackages:
- config
- config/astyaml
- config/platform
- config/templating
- config/types
- config/types/util
- name: github.com/coreos/coreos-cloudinit
version: 5be99bf577f2768193c7fb587ef5a8806c1503cf
subpackages:
- config
- name: github.com/coreos/go-semver
version: 5e3acbb5668c4c3deb4842615c4098eb61fb6b1e
subpackages:
- semver
- name: github.com/coreos/go-systemd
version: 43e4800a6165b4e02bb2a36673c54b230d6f7b26
subpackages:
- journal
- unit
- name: github.com/coreos/ignition
version: 01c039a5ce59acd39e5741713e59abfcb74d0782
subpackages:
- config
- config/types
- config/v1
- config/v1/types
- config/v2_0
- config/v2_0/types
- config/v2_1
- config/v2_1/types
- config/validate
- config/validate/astjson
- config/validate/astnode
- config/validate/report
- name: github.com/coreos/pkg
version: 66fe44ad037ccb80329115cb4db0dbe8e9beb03a
subpackages:
- flagutil
- name: github.com/coreos/yaml
version: 6b16a5714269b2f70720a45406b1babd947a17ef
- name: github.com/davecgh/go-spew
version: 5215b55f46b2b919f50a1df0eaa5886afe4e3b3d
subpackages:
- spew
- name: github.com/golang/protobuf
version: 2bba0603135d7d7f5cb73b2125beeda19c09f4ef
subpackages:
- proto
- protoc-gen-go
- name: github.com/inconshreveable/mousetrap
version: 76626ae9c91c4f2a10f34cad8ce83ea42c93bb75
- name: github.com/pmezard/go-difflib
version: 792786c7400a136282c1664665ae0a8db921c6c2
subpackages:
- difflib
- name: github.com/Sirupsen/logrus
version: 4b6ea7319e214d98c938f12692336f7ca9348d6b
subpackages:
- hooks/test
- name: github.com/spf13/cobra
version: 65a708cee0a4424f4e353d031ce440643e312f92
- name: github.com/spf13/pflag
version: 7f60f83a2c81bc3c3c0d5297f61ddfa68da9d3b7
- name: github.com/stretchr/testify
version: 1f4a1643a57e798696635ea4c126e9127adb7d3c
subpackages:
- assert
- name: github.com/vincent-petithory/dataurl
version: 9a301d65acbb728fcc3ace14f45f511a4cfeea9c
- name: go4.org
version: 03efcb870d84809319ea509714dd6d19a1498483
subpackages:
- errorutil
- name: golang.org/x/crypto
version: 7e9105388ebff089b3f99f0ef676ea55a6da3a7e
subpackages:
- cast5
- openpgp
- openpgp/armor
- openpgp/elgamal
- openpgp/errors
- openpgp/packet
- openpgp/s2k
- name: golang.org/x/net
version: fb93926129b8ec0056f2f458b1f519654814edf0
subpackages:
- context
- http2
- http2/hpack
- internal/timeseries
- trace
- name: golang.org/x/sys
version: 8f0908ab3b2457e2e15403d3697c9ef5cb4b57a9
subpackages:
- unix
- name: google.golang.org/grpc
version: 8050b9cbc271307e5a716a9d782803d09b0d6f2d
subpackages:
- codes
- credentials
- grpclog
- internal
- keepalive
- metadata
- naming
- peer
- stats
- tap
- transport
- name: gopkg.in/yaml.v2
version: f7716cbe52baa25d2e9b0d0da546fcf909fc16b4
testImports: []

100
glide.yaml
View File

@@ -1,100 +0,0 @@
package: github.com/coreos/matchbox
import:
# gRPC and protobuf are used for the gRPC API
- package: github.com/golang/protobuf
version: 2bba0603135d7d7f5cb73b2125beeda19c09f4ef
subpackages:
- proto
- protoc-gen-go
- package: google.golang.org/grpc
version: 1.2.1
subpackages:
- codes
- credentials
- grpclog
- internal
- metadata
- naming
- peer
- transport
# Container Linux Config Transpiler and Ignition
- package: github.com/coreos/container-linux-config-transpiler
version: v0.5.0
subpackages:
- config
- config/types
- config/templating
- package: github.com/coreos/ignition
version: v0.19.0
subpackages:
- config
- config/types
- config/v1
- config/v1/types
- config/validate
- config/validate/astjson
- config/validate/report
- package: github.com/ajeddeloh/yaml
version: 6b94386aeefd8c4b8470aee72bfca084c2f91da9
- package: github.com/vincent-petithory/dataurl
version: 9a301d65acbb728fcc3ace14f45f511a4cfeea9c
- package: github.com/alecthomas/units
version: 6b4e7dc5e3143b85ea77909c72caf89416fc2915
- package: github.com/coreos/go-semver
version: 5e3acbb5668c4c3deb4842615c4098eb61fb6b1e
subpackages:
- semver
- package: github.com/coreos/coreos-cloudinit
version: v1.13.0
subpackages:
- config
- package: github.com/coreos/pkg
version: 66fe44ad037ccb80329115cb4db0dbe8e9beb03a
subpackages:
- flagutil
- package: github.com/Sirupsen/logrus
version: v0.10.0
subpackages:
- hooks/test
- package: github.com/spf13/cobra
version: 65a708cee0a4424f4e353d031ce440643e312f92
- package: golang.org/x/crypto
version: 7e9105388ebff089b3f99f0ef676ea55a6da3a7e
subpackages:
- cast5
- openpgp
- package: golang.org/x/net
version: fb93926129b8ec0056f2f458b1f519654814edf0
subpackages:
- context
- http2
- internal/timeseries
- trace
- package: github.com/stretchr/testify
version: 1f4a1643a57e798696635ea4c126e9127adb7d3c
subpackages:
- assert
- package: gopkg.in/yaml.v2
version: f7716cbe52baa25d2e9b0d0da546fcf909fc16b4
- package: github.com/coreos/yaml
version: 6b16a5714269b2f70720a45406b1babd947a17ef
- package: github.com/camlistore/camlistore
version: 9106ce829629773474c689b34aacd7d3aaa99426
- package: github.com/coreos/go-systemd
version: v12
subpackages:
- journal
- package: github.com/davecgh/go-spew
version: 5215b55f46b2b919f50a1df0eaa5886afe4e3b3d
subpackages:
- spew
- package: github.com/pmezard/go-difflib
version: 792786c7400a136282c1664665ae0a8db921c6c2
subpackages:
- difflib
- package: github.com/spf13/pflag
version: 7f60f83a2c81bc3c3c0d5297f61ddfa68da9d3b7
- package: go4.org
version: 03efcb870d84809319ea509714dd6d19a1498483
subpackages:
- errorutil

30
go.mod Normal file
View File

@@ -0,0 +1,30 @@
module github.com/poseidon/matchbox
require (
github.com/ajeddeloh/go-json v0.0.0-20160803184958-73d058cf8437 // indirect
github.com/ajeddeloh/yaml v0.0.0-20170912190910-6b94386aeefd // indirect
github.com/alecthomas/units v0.0.0-20150109002421-6b4e7dc5e314 // indirect
github.com/coreos/container-linux-config-transpiler v0.9.0
github.com/coreos/coreos-cloudinit v1.13.0
github.com/coreos/go-semver v0.0.0-20170209201757-5e3acbb5668c // indirect
github.com/coreos/go-systemd v0.0.0-20160826104600-43e4800a6165 // indirect
github.com/coreos/ignition v0.31.0
github.com/coreos/pkg v0.0.0-20160221035341-66fe44ad037c
github.com/coreos/yaml v0.0.0-20141224210557-6b16a5714269 // indirect
github.com/golang/protobuf v0.0.0-20170331031902-2bba0603135d
github.com/inconshreveable/mousetrap v1.0.0 // indirect
github.com/kr/pretty v0.1.0 // indirect
github.com/sirupsen/logrus v1.3.0
github.com/spf13/cobra v0.0.0-20160208220627-65a708cee0a4
github.com/spf13/pflag v0.0.0-20151218134703-7f60f83a2c81 // indirect
github.com/stretchr/testify v1.3.0
github.com/vincent-petithory/dataurl v0.0.0-20160330182126-9a301d65acbb // indirect
go4.org v0.0.0-20160314031811-03efcb870d84 // indirect
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793
golang.org/x/net v0.0.0-20160412225635-fb93926129b8
golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6 // indirect
golang.org/x/sys v0.0.0-20190209173611-3b5209105503 // indirect
google.golang.org/grpc v1.2.1
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
gopkg.in/yaml.v2 v2.0.0-20151201162745-f7716cbe52ba // indirect
)

68
go.sum Normal file
View File

@@ -0,0 +1,68 @@
github.com/ajeddeloh/go-json v0.0.0-20160803184958-73d058cf8437 h1:gZCtZ+Hh/e3CGEX8q/yAcp8wWu5ZS6NMk6VGzpQhI3s=
github.com/ajeddeloh/go-json v0.0.0-20160803184958-73d058cf8437/go.mod h1:otnto4/Icqn88WCcM4bhIJNSgsh9VLBuspyyCfvof9c=
github.com/ajeddeloh/yaml v0.0.0-20170912190910-6b94386aeefd h1:NlKlOv3aVJ5ODMC0JWPvddw05KENkL3cZttIuu8kJRo=
github.com/ajeddeloh/yaml v0.0.0-20170912190910-6b94386aeefd/go.mod h1:idhzw68Q7v4j+rQ2AGyq3OlZW2Jij9mdmGA4/Sk6J0E=
github.com/alecthomas/units v0.0.0-20150109002421-6b4e7dc5e314 h1:NWdGjCRUTTqEqDwJRojRLiwXDW1ZJM2DSiyGfBWx874=
github.com/alecthomas/units v0.0.0-20150109002421-6b4e7dc5e314/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/coreos/container-linux-config-transpiler v0.9.0 h1:UBGpT8qWqzi48hNLrzMAgAUNJsR0LW8Gk5/dR/caI8U=
github.com/coreos/container-linux-config-transpiler v0.9.0/go.mod h1:SlcxXZQ2c42knj8pezMiQsM1f+ADxFMjGetuMKR/YSQ=
github.com/coreos/coreos-cloudinit v1.13.0 h1:NAJMy7cdj722Nm6+THzKx9fH/vCb39Z1JndsKS4TS6c=
github.com/coreos/coreos-cloudinit v1.13.0/go.mod h1:hV3swhSwq+bRX5apuk57gG+3fsQacgbrZVxjPTqo0zo=
github.com/coreos/go-semver v0.0.0-20170209201757-5e3acbb5668c h1:+wuUamXDDSjSegI1+8PkeQ0oY7azHxu0jlLJ9Cc/oLE=
github.com/coreos/go-semver v0.0.0-20170209201757-5e3acbb5668c/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
github.com/coreos/go-systemd v0.0.0-20160826104600-43e4800a6165 h1:vjIPZX2iMVczdBreXAY5t+nGoR4z3rb4M1W1F1aGwsE=
github.com/coreos/go-systemd v0.0.0-20160826104600-43e4800a6165/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
github.com/coreos/ignition v0.31.0 h1:e6ktS2Flcxq6SIKc1JN9NV1gQxmH2gaVwpdgtJIGep4=
github.com/coreos/ignition v0.31.0/go.mod h1:WJQapxzEn9DE0ryxsGvm8QnBajm/XsS/PkrDqSpz+bA=
github.com/coreos/pkg v0.0.0-20160221035341-66fe44ad037c h1:YYKUGUx+21jb01m4f292UtXWBauM5oQH6tywwQNZxdU=
github.com/coreos/pkg v0.0.0-20160221035341-66fe44ad037c/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
github.com/coreos/yaml v0.0.0-20141224210557-6b16a5714269 h1:/1sjrpK5Mb6IwyFOKd+u7321tXfNAsj0Ci8CivZmSlo=
github.com/coreos/yaml v0.0.0-20141224210557-6b16a5714269/go.mod h1:Bl1D/T9QJhVdu6eFoLrGxN90+admDLGaLz2HXH/VzDc=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/golang/protobuf v0.0.0-20170331031902-2bba0603135d h1:KmiEmEGA5sqizMpKnexwioxj8zEUSBc7p9UTQu36lpQ=
github.com/golang/protobuf v0.0.0-20170331031902-2bba0603135d/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/sirupsen/logrus v1.3.0 h1:hI/7Q+DtNZ2kINb6qt/lS+IyXnHQe9e90POfeewL/ME=
github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
github.com/spf13/cobra v0.0.0-20160208220627-65a708cee0a4 h1:YWnu4r9zC05ic4XVJR+X7zxHI/lv5Ha9QPYx3gZvQHw=
github.com/spf13/cobra v0.0.0-20160208220627-65a708cee0a4/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
github.com/spf13/pflag v0.0.0-20151218134703-7f60f83a2c81 h1:e8OMOPK+iXlzdnq5GOtSZDnw9HJi1faEKhCoEIxVUrY=
github.com/spf13/pflag v0.0.0-20151218134703-7f60f83a2c81/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A=
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/vincent-petithory/dataurl v0.0.0-20160330182126-9a301d65acbb h1:lyL3z7vYwTWXf4/bI+A01+cCSnfhKIBhy+SQ46Z/ml8=
github.com/vincent-petithory/dataurl v0.0.0-20160330182126-9a301d65acbb/go.mod h1:FHafX5vmDzyP+1CQATJn7WFKc9CvnvxyvZy6I1MrG/U=
go4.org v0.0.0-20160314031811-03efcb870d84 h1:WZkGC1qzoax/QSt84wmvIxk+ZOmGIChsTzdrv9t4nvk=
go4.org v0.0.0-20160314031811-03efcb870d84/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793 h1:u+LnwYTOOW7Ukr/fppxEb1Nwz0AtPflrblfvUudpo+I=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/net v0.0.0-20160412225635-fb93926129b8 h1:5Lew4KHjm6QAzkboL0Sdg03Nc3VtVcno+Mdcvclquco=
golang.org/x/net v0.0.0-20160412225635-fb93926129b8/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6 h1:bjcUS9ztw9kFmmIxJInhon/0Is3p+EHBKNgquIzo1OI=
golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190209173611-3b5209105503 h1:5SvYFrOM3W8Mexn9/oA44Ji7vhXAZQ9hiP+1Q/DMrWg=
golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
google.golang.org/grpc v1.2.1 h1:uXbsPclX7+aYIzPCched4e5D5dguzKH7wW8cyJ9r2Pk=
google.golang.org/grpc v1.2.1/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v2 v2.0.0-20151201162745-f7716cbe52ba h1:zs5kJPNmBQxScpRIdp+2eZySRHFWheLSbXfME4zAxgw=
gopkg.in/yaml.v2 v2.0.0-20151201162745-f7716cbe52ba/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=

2
matchbox/cli/generic_create.go
View File

@@ -7,7 +7,7 @@ import (
"context"
"github.com/spf13/cobra"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// genericPutCmd creates and updates Generic templates.

4
matchbox/cli/group_create.go
View File

@@ -6,8 +6,8 @@ import (
"context"
"github.com/spf13/cobra"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
)
// groupPutCmd creates and updates Groups.

2
matchbox/cli/group_describe.go
View File

@@ -7,7 +7,7 @@ import (
"context"
"github.com/spf13/cobra"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// groupDescribeCmd describes a Group.

2
matchbox/cli/group_list.go
View File

@@ -7,7 +7,7 @@ import (
"context"
"github.com/spf13/cobra"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// groupListCmd lists Groups.

2
matchbox/cli/ignition_create.go
View File

@@ -7,7 +7,7 @@ import (
"context"
"github.com/spf13/cobra"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// ignitionPutCmd creates and updates Ignition templates.

4
matchbox/cli/profile_create.go
View File

@@ -6,8 +6,8 @@ import (
"context"
"github.com/spf13/cobra"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
)
// profilePutCmd creates and updates Profiles.

2
matchbox/cli/profile_describe.go
View File

@@ -7,7 +7,7 @@ import (
"context"
"github.com/spf13/cobra"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// profileDescribeCmd describes a Profile.

2
matchbox/cli/profile_list.go
View File

@@ -7,7 +7,7 @@ import (
"context"
"github.com/spf13/cobra"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// profileListCmd lists Profiles.

4
matchbox/cli/root.go
View File

@@ -6,8 +6,8 @@ import (
"github.com/spf13/cobra"
"github.com/coreos/matchbox/matchbox/client"
"github.com/coreos/matchbox/matchbox/tlsutil"
"github.com/poseidon/matchbox/matchbox/client"
"github.com/poseidon/matchbox/matchbox/tlsutil"
)
var (

2
matchbox/client/client.go
View File

@@ -10,7 +10,7 @@ import (
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
"github.com/coreos/matchbox/matchbox/rpc/rpcpb"
"github.com/poseidon/matchbox/matchbox/rpc/rpcpb"
)
var (

8
matchbox/http/cloud.go
View File

@@ -6,11 +6,11 @@ import (
"strings"
"time"
"github.com/Sirupsen/logrus"
cloudinit "github.com/coreos/coreos-cloudinit/config"
"github.com/sirupsen/logrus"
"github.com/coreos/matchbox/matchbox/server"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/server"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// CloudConfig defines a cloud-init config.
@@ -21,7 +21,7 @@ type CloudConfig struct {
// cloudHandler returns a handler that responds with the cloud config matching
// the request.
// DEPRECATED: Please migrate to using Container Linux configs.
// https://github.com/coreos/matchbox/blob/master/Documentation/cloud-config.md
// https://github.com/poseidon/matchbox/blob/master/Documentation/cloud-config.md
func (s *Server) cloudHandler(core server.Server) http.Handler {
fn := func(w http.ResponseWriter, req *http.Request) {
ctx := req.Context()

8
matchbox/http/cloud_test.go
View File

@@ -6,12 +6,12 @@ import (
"testing"
"context"
logtest "github.com/Sirupsen/logrus/hooks/test"
logtest "github.com/sirupsen/logrus/hooks/test"
"github.com/stretchr/testify/assert"
"github.com/coreos/matchbox/matchbox/server"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
fake "github.com/coreos/matchbox/matchbox/storage/testfakes"
"github.com/poseidon/matchbox/matchbox/server"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
fake "github.com/poseidon/matchbox/matchbox/storage/testfakes"
)
func TestCloudHandler(t *testing.T) {

2
matchbox/http/context.go
View File

@@ -5,7 +5,7 @@ import (
"context"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
)
// unexported key prevents collisions

2
matchbox/http/context_test.go
View File

@@ -6,7 +6,7 @@ import (
"context"
"github.com/stretchr/testify/assert"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
)
func TestContextProfile(t *testing.T) {

6
matchbox/http/generic.go
View File

@@ -6,10 +6,10 @@ import (
"strings"
"time"
"github.com/Sirupsen/logrus"
"github.com/sirupsen/logrus"
"github.com/coreos/matchbox/matchbox/server"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/server"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// genericHandler returns a handler that responds with the generic config

8
matchbox/http/generic_test.go
View File

@@ -6,12 +6,12 @@ import (
"testing"
"context"
logtest "github.com/Sirupsen/logrus/hooks/test"
logtest "github.com/sirupsen/logrus/hooks/test"
"github.com/stretchr/testify/assert"
"github.com/coreos/matchbox/matchbox/server"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
fake "github.com/coreos/matchbox/matchbox/storage/testfakes"
"github.com/poseidon/matchbox/matchbox/server"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
fake "github.com/poseidon/matchbox/matchbox/storage/testfakes"
)
func TestGenericHandler(t *testing.T) {

2
matchbox/http/grub.go
View File

@@ -5,7 +5,7 @@ import (
"net/http"
"text/template"
"github.com/Sirupsen/logrus"
"github.com/sirupsen/logrus"
)
var grubTemplate = template.Must(template.New("GRUB2 config").Parse(`default=0

4
matchbox/http/grub_test.go
View File

@@ -6,10 +6,10 @@ import (
"testing"
"context"
logtest "github.com/Sirupsen/logrus/hooks/test"
logtest "github.com/sirupsen/logrus/hooks/test"
"github.com/stretchr/testify/assert"
fake "github.com/coreos/matchbox/matchbox/storage/testfakes"
fake "github.com/poseidon/matchbox/matchbox/storage/testfakes"
)
func TestGrubHandler(t *testing.T) {

4
matchbox/http/handlers.go
View File

@@ -4,8 +4,8 @@ import (
"fmt"
"net/http"
"github.com/coreos/matchbox/matchbox/server"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/server"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// homeHandler shows the server name for rooted requests. Otherwise, a 404 is

8
matchbox/http/handlers_test.go
View File

@@ -6,12 +6,12 @@ import (
"net/http/httptest"
"testing"
logtest "github.com/Sirupsen/logrus/hooks/test"
logtest "github.com/sirupsen/logrus/hooks/test"
"github.com/stretchr/testify/assert"
"github.com/coreos/matchbox/matchbox/server"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
fake "github.com/coreos/matchbox/matchbox/storage/testfakes"
"github.com/poseidon/matchbox/matchbox/server"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
fake "github.com/poseidon/matchbox/matchbox/storage/testfakes"
)
func TestSelectGroup(t *testing.T) {

10
matchbox/http/ignition.go
View File

@@ -5,12 +5,12 @@ import (
"net/http"
"strings"
"github.com/Sirupsen/logrus"
ct "github.com/coreos/container-linux-config-transpiler/config"
ignition "github.com/coreos/ignition/config"
ignition "github.com/coreos/ignition/config/v2_2"
"github.com/sirupsen/logrus"
"github.com/coreos/matchbox/matchbox/server"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/server"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// ignitionHandler returns a handler that responds with the Ignition config
@@ -97,7 +97,7 @@ func (s *Server) ignitionHandler(core server.Server) http.Handler {
}
// Convert Container Linux Config into an Ignition Config
ign, report := ct.ConvertAs2_0(config, "", ast)
ign, report := ct.Convert(config, "", ast)
if report.IsFatal() {
s.logger.Errorf("error converting Container Linux config: %s", report.String())
http.NotFound(w, req)

41
matchbox/http/ignition_test.go
View File

@@ -6,15 +6,15 @@ import (
"testing"
"context"
logtest "github.com/Sirupsen/logrus/hooks/test"
logtest "github.com/sirupsen/logrus/hooks/test"
"github.com/stretchr/testify/assert"
"github.com/coreos/matchbox/matchbox/server"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
fake "github.com/coreos/matchbox/matchbox/storage/testfakes"
"github.com/poseidon/matchbox/matchbox/server"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
fake "github.com/poseidon/matchbox/matchbox/storage/testfakes"
)
func TestIgnitionHandler_V2JSON(t *testing.T) {
func TestIgnitionHandler_V2_1_JSON(t *testing.T) {
content := `{"ignition":{"version":"2.1.0","config":{}},"storage":{},"systemd":{"units":[{"name":"etcd2.service","enable":true}]},"networkd":{},"passwd":{}}`
profile := &storagepb.Profile{
Id: fake.Group.Profile,
@@ -39,7 +39,32 @@ func TestIgnitionHandler_V2JSON(t *testing.T) {
assert.Equal(t, content, w.Body.String())
}
func TestIgnitionHandler_V2YAML(t *testing.T) {
func TestIgnitionHandler_V2_2_JSON(t *testing.T) {
content := `{"ignition":{"version":"2.2.0","config":{}},"storage":{},"systemd":{"units":[{"name":"etcd2.service","enable":true}]},"networkd":{},"passwd":{}}`
profile := &storagepb.Profile{
Id: fake.Group.Profile,
IgnitionId: "file.ign",
}
store := &fake.FixedStore{
Profiles: map[string]*storagepb.Profile{fake.Group.Profile: profile},
IgnitionConfigs: map[string]string{"file.ign": content},
}
logger, _ := logtest.NewNullLogger()
srv := NewServer(&Config{Logger: logger})
c := server.NewServer(&server.Config{Store: store})
h := srv.ignitionHandler(c)
ctx := withGroup(context.Background(), fake.Group)
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/", nil)
h.ServeHTTP(w, req.WithContext(ctx))
// assert that:
// - raw Ignition config served directly
assert.Equal(t, http.StatusOK, w.Code)
assert.Equal(t, jsonContentType, w.HeaderMap.Get(contentType))
assert.Equal(t, content, w.Body.String())
}
func TestIgnitionHandler_CL_YAML(t *testing.T) {
// exercise templating features, not a realistic Container Linux Config template
content := `
systemd:
@@ -52,7 +77,7 @@ systemd:
enable: true
contents: {{.request.raw_query}}
`
expectedIgnitionV2 := `{"ignition":{"config":{},"timeouts":{},"version":"2.1.0"},"networkd":{},"passwd":{},"storage":{},"systemd":{"units":[{"enable":true,"name":"etcd2.service"},{"enable":true,"name":"a1b2c3d4.service"},{"contents":"foo=some-param\u0026bar=b","enable":true,"name":"some-param.service"}]}}`
expectedIgnition := `{"ignition":{"config":{},"security":{"tls":{}},"timeouts":{},"version":"2.2.0"},"networkd":{},"passwd":{},"storage":{},"systemd":{"units":[{"enable":true,"name":"etcd2.service"},{"enable":true,"name":"a1b2c3d4.service"},{"contents":"foo=some-param\u0026bar=b","enable":true,"name":"some-param.service"}]}}`
store := &fake.FixedStore{
Profiles: map[string]*storagepb.Profile{fake.Group.Profile: testProfileIgnitionYAML},
IgnitionConfigs: map[string]string{testProfileIgnitionYAML.IgnitionId: content},
@@ -70,7 +95,7 @@ systemd:
// - Transformed to an Ignition config (JSON)
assert.Equal(t, http.StatusOK, w.Code)
assert.Equal(t, jsonContentType, w.HeaderMap.Get(contentType))
assert.Equal(t, expectedIgnitionV2, w.Body.String())
assert.Equal(t, expectedIgnition, w.Body.String())
}
func TestIgnitionHandler_MissingCtxProfile(t *testing.T) {

2
matchbox/http/ipxe.go
View File

@@ -6,7 +6,7 @@ import (
"net/http"
"text/template"
"github.com/Sirupsen/logrus"
"github.com/sirupsen/logrus"
)
const ipxeBootstrap = `#!ipxe

6
matchbox/http/ipxe_test.go
View File

@@ -6,11 +6,11 @@ import (
"testing"
"context"
logtest "github.com/Sirupsen/logrus/hooks/test"
logtest "github.com/sirupsen/logrus/hooks/test"
"github.com/stretchr/testify/assert"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
fake "github.com/coreos/matchbox/matchbox/storage/testfakes"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
fake "github.com/poseidon/matchbox/matchbox/storage/testfakes"
)
func TestIPXEInspect(t *testing.T) {

2
matchbox/http/metadata.go
View File

@@ -6,7 +6,7 @@ import (
"net/http"
"strings"
"github.com/Sirupsen/logrus"
"github.com/sirupsen/logrus"
)
const plainContentType = "plain/text"

4
matchbox/http/metadata_test.go
View File

@@ -8,10 +8,10 @@ import (
"testing"
"context"
logtest "github.com/Sirupsen/logrus/hooks/test"
logtest "github.com/sirupsen/logrus/hooks/test"
"github.com/stretchr/testify/assert"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
)
func TestMetadataHandler(t *testing.T) {

4
matchbox/http/parse.go
View File

@@ -6,9 +6,9 @@ import (
"net/http"
"strings"
"github.com/Sirupsen/logrus"
"github.com/sirupsen/logrus"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
)
// collectVariables collects group selectors, metadata, and request-scoped

2
matchbox/http/parse_test.go
View File

@@ -4,7 +4,7 @@ import (
"net/http"
"testing"
logtest "github.com/Sirupsen/logrus/hooks/test"
logtest "github.com/sirupsen/logrus/hooks/test"
"github.com/stretchr/testify/assert"
)

2
matchbox/http/render_test.go
View File

@@ -6,7 +6,7 @@ import (
"net/http/httptest"
"testing"
logtest "github.com/Sirupsen/logrus/hooks/test"
logtest "github.com/sirupsen/logrus/hooks/test"
"github.com/stretchr/testify/assert"
)

6
matchbox/http/server.go
View File

@@ -3,10 +3,10 @@ package http
import (
"net/http"
"github.com/Sirupsen/logrus"
"github.com/sirupsen/logrus"
"github.com/coreos/matchbox/matchbox/server"
"github.com/coreos/matchbox/matchbox/sign"
"github.com/poseidon/matchbox/matchbox/server"
"github.com/poseidon/matchbox/matchbox/sign"
)
// Config configures a Server.

2
matchbox/http/test_fixtures.go
View File

@@ -1,7 +1,7 @@
package http
import (
"github.com/coreos/matchbox/matchbox/storage/storagepb"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
)
var (

2
matchbox/rpc/errors.go
View File

@@ -4,7 +4,7 @@ import (
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"github.com/coreos/matchbox/matchbox/server"
"github.com/poseidon/matchbox/matchbox/server"
)
var (

2
matchbox/rpc/errors_test.go
View File

@@ -7,7 +7,7 @@ import (
"github.com/stretchr/testify/assert"
"google.golang.org/grpc/codes"
"github.com/coreos/matchbox/matchbox/server"
"github.com/poseidon/matchbox/matchbox/server"
)
func TestGRPCError(t *testing.T) {

6
matchbox/rpc/generic.go
View File

@@ -3,9 +3,9 @@ package rpc
import (
"golang.org/x/net/context"
"github.com/coreos/matchbox/matchbox/rpc/rpcpb"
"github.com/coreos/matchbox/matchbox/server"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/rpc/rpcpb"
"github.com/poseidon/matchbox/matchbox/server"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// genericServer takes a matchbox Server and implements a gRPC GenericServer.

6
matchbox/rpc/groups.go
View File

@@ -3,9 +3,9 @@ package rpc
import (
"golang.org/x/net/context"
"github.com/coreos/matchbox/matchbox/rpc/rpcpb"
"github.com/coreos/matchbox/matchbox/server"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/rpc/rpcpb"
"github.com/poseidon/matchbox/matchbox/server"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// groupServer takes a matchbox Server and implements a gRPC GroupsServer.

4
matchbox/rpc/grpc.go
View File

@@ -6,8 +6,8 @@ import (
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
"github.com/coreos/matchbox/matchbox/rpc/rpcpb"
"github.com/coreos/matchbox/matchbox/server"
"github.com/poseidon/matchbox/matchbox/rpc/rpcpb"
"github.com/poseidon/matchbox/matchbox/server"
)
// NewServer wraps the matchbox Server to return a new gRPC Server.

6
matchbox/rpc/ignition.go
View File

@@ -3,9 +3,9 @@ package rpc
import (
"golang.org/x/net/context"
"github.com/coreos/matchbox/matchbox/rpc/rpcpb"
"github.com/coreos/matchbox/matchbox/server"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/rpc/rpcpb"
"github.com/poseidon/matchbox/matchbox/server"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// ignitionServer takes a matchbox Server and implements a gRPC IgnitionServer.

6
matchbox/rpc/profiles.go
View File

@@ -3,9 +3,9 @@ package rpc
import (
"golang.org/x/net/context"
"github.com/coreos/matchbox/matchbox/rpc/rpcpb"
"github.com/coreos/matchbox/matchbox/server"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/rpc/rpcpb"
"github.com/poseidon/matchbox/matchbox/server"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// profileServer takes a matchbox Server and implements a gRPC ProfilesServer.

2
matchbox/rpc/rpcpb/rpc.pb.go
View File

@@ -15,7 +15,7 @@ package rpcpb
import proto "github.com/golang/protobuf/proto"
import fmt "fmt"
import math "math"
import serverpb "github.com/coreos/matchbox/matchbox/server/serverpb"
import serverpb "github.com/poseidon/matchbox/matchbox/server/serverpb"
import (
context "golang.org/x/net/context"

6
matchbox/rpc/select.go
View File

@@ -3,9 +3,9 @@ package rpc
import (
"golang.org/x/net/context"
"github.com/coreos/matchbox/matchbox/rpc/rpcpb"
"github.com/coreos/matchbox/matchbox/server"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/rpc/rpcpb"
"github.com/poseidon/matchbox/matchbox/server"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
)
// selectServer wraps a matchbox Server to be suitable for gRPC registration.

6
matchbox/server/server.go
View File

@@ -6,9 +6,9 @@ import (
"context"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/coreos/matchbox/matchbox/storage"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/storage"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
)
// Possible service errors

8
matchbox/server/server_test.go
View File

@@ -6,10 +6,10 @@ import (
"context"
"github.com/stretchr/testify/assert"
pb "github.com/coreos/matchbox/matchbox/server/serverpb"
"github.com/coreos/matchbox/matchbox/storage"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
fake "github.com/coreos/matchbox/matchbox/storage/testfakes"
pb "github.com/poseidon/matchbox/matchbox/server/serverpb"
"github.com/poseidon/matchbox/matchbox/storage"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
fake "github.com/poseidon/matchbox/matchbox/storage/testfakes"
)
func TestSelectGroup(t *testing.T) {

2
matchbox/server/serverpb/messages.pb.go
View File

@@ -47,7 +47,7 @@ package serverpb
import proto "github.com/golang/protobuf/proto"
import fmt "fmt"
import math "math"
import storagepb "github.com/coreos/matchbox/matchbox/storage/storagepb"
import storagepb "github.com/poseidon/matchbox/matchbox/storage/storagepb"
// Reference imports to suppress errors if they are not otherwise used.
var _ = proto.Marshal

4
matchbox/storage/filestore.go
View File

@@ -5,8 +5,8 @@ import (
"path/filepath"
"strings"
"github.com/Sirupsen/logrus"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
"github.com/sirupsen/logrus"
)
// Config initializes a fileStore.

4
matchbox/storage/filestore_test.go
View File

@@ -9,8 +9,8 @@ import (
"github.com/stretchr/testify/assert"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
fake "github.com/coreos/matchbox/matchbox/storage/testfakes"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
fake "github.com/poseidon/matchbox/matchbox/storage/testfakes"
)
func TestGroupCRUD(t *testing.T) {

2
matchbox/storage/storage.go
View File

@@ -3,7 +3,7 @@ package storage
import (
"errors"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
)
// Storage errors

2
matchbox/storage/testfakes/broken_store.go
View File

@@ -3,7 +3,7 @@ package testfakes
import (
"errors"
"github.com/coreos/matchbox/matchbox/storage/storagepb"
"github.com/poseidon/matchbox/matchbox/storage/storagepb"
)
var (

Some files were not shown because too many files have changed in this diff Show More