env/lib/common.sh

   1 #!/usr/bin/env bash
   2 set -eu -o pipefail
   3
   4 IRONIC_DATA_DIR=${IRONIC_DATA_DIR:-"/opt/ironic"}
   5 NODES_FILE=${NODES_FILE:-"${IRONIC_DATA_DIR}/nodes.json"}
   6 #IRONIC_PROVISIONING_INTERFACE is required to be provisioning, don't change it
   7 IRONIC_INTERFACE=${IRONIC_INTERFACE:-}
   8 IRONIC_PROVISIONING_INTERFACE=${IRONIC_PROVISIONING_INTERFACE:-"provisioning"}
   9 IRONIC_IPMI_INTERFACE=${IRONIC_IPMI_INTERFACE:-}
  10 IRONIC_PROVISIONING_INTERFACE_IP=${IRONIC_PROVISIONING_INTERFACE_IP:-"172.22.0.1"}
  11 BM_IMAGE_URL=${BM_IMAGE_URL:-"https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img"}
  12 BM_IMAGE=${BM_IMAGE:-"focal-server-cloudimg-amd64.img"}
  13
  14 #Baremetal operator repository URL
  15 BMOREPO="${BMOREPO:-https://github.com/metal3-io/baremetal-operator.git}"
  16 #Path to clone the baremetal operator repo
  17 BMOPATH="/opt/src/github.com/metal3-io/baremetal-operator"
  18 #Bare Metal Operator version to use
  19 BMO_VERSION="capm3-v0.5.1"
  20
  21 #KuD repository URL
  22 KUDREPO="${KUDREPO:-https://github.com/onap/multicloud-k8s.git}"
  23 #Path to clone the KuD repo
  24 KUDPATH="/opt/src/github.com/onap/multicloud-k8s"
  25 #KuD version to use
  26 KUD_VERSION="ed96bca7fe415f1636d82c26af15d7474bdfe876"
  27
  28 #EMCO repository URL
  29 EMCOREPO="${EMCOREPO:-https://github.com/open-ness/EMCO.git}"
  30 #Path to clone the EMCO repo
  31 EMCOPATH="/opt/src/github.com/open-ness/EMCO"
  32 #EMCO version to use
  33 EMCO_VERSION="openness-21.03.06"
  34
  35 #Discard existing repo directory
  36 FORCE_REPO_UPDATE="${FORCE_REPO_UPDATE:-true}"
  37
  38 # The kustomize version to use
  39 KUSTOMIZE_VERSION="v4.3.0"
  40
  41 #Cluster API version to use
  42 CAPI_VERSION="v0.4.3"
  43
  44 #Cluster API version to use
  45 CAPM3_VERSION="v0.5.1"
  46
  47 #The flux version to use
  48 FLUX_VERSION="0.20.0"
  49
  50 #The sops version to use
  51 SOPS_VERSION="v3.7.1"
  52
  53 #refered from onap
  54 function call_api {
  55     #Runs curl with passed flags and provides
  56     #additional error handling and debug information
  57
  58     #Function outputs server response body
  59     #and performs validation of http_code
  60
  61     local status
  62     local curl_response_file="$(mktemp -p /tmp)"
  63     local curl_common_flags=(-s -w "%{http_code}" -o "${curl_response_file}")
  64     local command=(curl "${curl_common_flags[@]}" "$@")
  65
  66     echo "[INFO] Running '${command[@]}'" >&2
  67     if ! status="$("${command[@]}")"; then
  68         echo "[ERROR] Internal curl error! '$status'" >&2
  69         cat "${curl_response_file}"
  70         rm "${curl_response_file}"
  71         return 2
  72     else
  73         echo "[INFO] Server replied with status: ${status}" >&2
  74         cat "${curl_response_file}"
  75         rm "${curl_response_file}"
  76         if [[ "${status:0:1}" =~ [45] ]]; then
  77             return 1
  78         else
  79             return 0
  80         fi
  81     fi
  82 }
  83
  84 function list_nodes {
  85     if [ ! -f "$NODES_FILE" ]; then
  86         exit 1
  87     fi
  88
  89     # The boot MAC address must be specified when a port is included
  90     # in the IPMI driver address (i.e when using the VirtualBMC
  91     # controller).  Note that the below is a bit of a hack as it only
  92     # checks the first entry in NODES_FILE for the port.
  93     if cat "$NODES_FILE" |
  94             jq -r '.nodes[0].ipmi_driver_info.address' | grep -c ':[0-9]\+$' >/dev/null; then
  95         BOOT_LINK=$(cat "$NODES_FILE" |
  96                         jq -r '.nodes[0].net.links | map(.id=="provisioning_nic") | index(true)')
  97         cat "$NODES_FILE" |
  98             jq -r --argjson BOOT_LINK $BOOT_LINK '.nodes[] | [
  99                .name,
 100                .ipmi_driver_info.username,
 101                .ipmi_driver_info.password,
 102                .ipmi_driver_info.address,
 103                .net.links[$BOOT_LINK].ethernet_mac_address,
 104                .os.username,
 105                .os.password,
 106                .os.image_name
 107                ] | @csv' |
 108             sed 's/"//g'
 109     else
 110         cat "$NODES_FILE" |
 111             jq -r '.nodes[] | [
 112                .name,
 113                .ipmi_driver_info.username,
 114                .ipmi_driver_info.password,
 115                .ipmi_driver_info.address,
 116                "",
 117                .os.username,
 118                .os.password,
 119                .os.image_name
 120                ] | @csv' |
 121             sed 's/"//g'
 122     fi
 123 }
 124
 125 function node_userdata {
 126     name="$1"
 127     username="$2"
 128     password="$3"
 129     COMPUTE_NODE_FQDN="$name.akraino.icn.org"
 130
 131     # validate that the user isn't expecting the deprecated
 132     # COMPUTE_NODE_PASSWORD to be used
 133     if [ "$password" != "${COMPUTE_NODE_PASSWORD:-$password}" ]; then
 134         cat <<EOF
 135 COMPUTE_NODE_PASSWORD "$COMPUTE_NODE_PASSWORD" not equal to nodes.json $name password "$password".
 136 Unset COMPUTE_NODE_PASSWORD and retry.
 137 EOF
 138         exit 1
 139     fi
 140
 141     printf "userData:\n"
 142     if [ -n "$username" ]; then
 143         printf "  name: ${username}\n"
 144     fi
 145     if [ -n "$password" ]; then
 146         passwd=$(mkpasswd --method=SHA-512 --rounds 4096 "$password")
 147         printf "  hashedPassword: ${passwd}\n"
 148     fi
 149
 150     if [ -n "$COMPUTE_NODE_FQDN" ]; then
 151         printf "  fqdn: ${COMPUTE_NODE_FQDN}\n"
 152     fi
 153
 154     if [ ! -f $HOME/.ssh/id_rsa.pub ]; then
 155         yes y | ssh-keygen -t rsa -N "" -f $HOME/.ssh/id_rsa
 156     fi
 157
 158     printf "  sshAuthorizedKey: $(cat $HOME/.ssh/id_rsa.pub)\n"
 159 }
 160
 161 # Returns "null" when the field is not present
 162 function networkdata_networks_field {
 163     name=$1
 164     network=$2
 165     field=$3
 166     cat $NODES_FILE | jq -c -r --arg name "$name" --arg network "$network" --arg field "$field" '.nodes[] | select(.name==$name) | .net.networks[] | select(.id==$network).'${field}
 167 }
 168
 169 # Returns "null" when the field is not present
 170 function networkdata_links_field {
 171     name=$1
 172     link=$2
 173     field=$3
 174     cat $NODES_FILE | jq -c -r --arg name "$name" --arg link "$link" --arg field "$field" '.nodes[] | select(.name==$name) | .net.links[] | select(.id==$link).'${field}
 175 }
 176
 177 function node_networkdata {
 178     name=$1
 179
 180     if [ ! -f "$NODES_FILE" ]; then
 181         exit 1
 182     fi
 183
 184     printf "networks:\n"
 185     for network in $(cat $NODES_FILE | jq -r --arg name "$name" '.nodes[] | select(.name==$name) | .net.networks[].id'); do
 186         link=$(networkdata_networks_field $name $network "link")
 187         type=$(networkdata_networks_field $name $network "type")
 188         mac=$(networkdata_links_field $name $link "ethernet_mac_address")
 189
 190         # Optional values
 191         ip_address=$(networkdata_networks_field $name $network "ip_address")
 192         gateway=$(networkdata_networks_field $name $network "gateway")
 193         dns_nameservers=$(networkdata_networks_field $name $network "dns_nameservers")
 194
 195         printf "  ${network}:\n"
 196         printf "    macAddress: ${mac}\n"
 197         printf "    type: ${type}\n"
 198         if [[ $ip_address != "null" ]]; then
 199             printf "    ipAddress: ${ip_address}\n"
 200         fi
 201         if [[ $gateway != "null" ]]; then
 202             printf "    gateway: ${gateway}\n"
 203         fi
 204         if [[ $dns_nameservers != "null" ]]; then
 205             printf "    nameservers: ${dns_nameservers}\n"
 206         fi
 207     done
 208 }
 209
 210 function wait_for {
 211     local -r interval=${WAIT_FOR_INTERVAL:-30s}
 212     local -r max_tries=${WAIT_FOR_TRIES:-20}
 213     local try=0
 214     until "$@"; do
 215         echo "[${try}/${max_tries}] - Waiting ${interval} for $*"
 216         sleep ${interval}
 217         try=$((try+1))
 218         if [[ ${try} -ge ${max_tries} ]]; then
 219             return 1
 220         fi
 221     done
 222 }
 223
 224 # This is intended to be used together with list_nodes in the
 225 # following way:
 226 #   list_nodes | while IFS=',' read -r name ipmi_username ipmi_password ipmi_address boot_mac os_username os_password os_image_name; do ...
 227 function node_machine_values {
 228     printf "machineName: ${name}\n"
 229     printf "machineLabels:\n"
 230     printf "  machine: ${name}\n"
 231     printf "bmcUsername: ${ipmi_username}\n"
 232     printf "bmcPassword: ${ipmi_password}\n"
 233     printf "bmcAddress: ipmi://${ipmi_address}\n"
 234     if [[ ! -z ${boot_mac} ]]; then
 235         printf "bootMACAddress: ${boot_mac}\n"
 236     fi
 237     printf "imageName: ${BM_IMAGE}\n"
 238     node_userdata ${name} ${os_username} ${os_password}
 239     node_networkdata ${name}
 240 }
 241
 242 function clone_repository {
 243     local -r path=$1
 244     local -r repo=$2
 245     local -r version=$3
 246     mkdir -p $(dirname ${path})
 247     if [[ -d ${path} && "${FORCE_REPO_UPDATE}" == "true" ]]; then
 248        rm -rf "${path}"
 249     fi
 250     if [ ! -d "${path}" ] ; then
 251         pushd $(dirname ${path})
 252         git clone "${repo}"
 253         popd
 254     else
 255        pushd "${path}"
 256        git fetch
 257        popd
 258     fi
 259     pushd "${path}"
 260     git reset --hard "${version}"
 261     popd
 262 }
 263
 264 function clone_baremetal_operator_repository {
 265     clone_repository ${BMOPATH} ${BMOREPO} ${BMO_VERSION}
 266 }
 267
 268 function clone_kud_repository {
 269     clone_repository ${KUDPATH} ${KUDREPO} ${KUD_VERSION}
 270 }
 271
 272 function clone_emco_repository {
 273     clone_repository ${EMCOPATH} ${EMCOREPO} ${EMCO_VERSION}
 274 }
 275
 276 function install_kustomize {
 277     curl -sL "https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2F${KUSTOMIZE_VERSION}/kustomize_${KUSTOMIZE_VERSION}_linux_amd64.tar.gz" -o kustomize_${KUSTOMIZE_VERSION}_linux_amd64.tar.gz
 278     tar xzf kustomize_${KUSTOMIZE_VERSION}_linux_amd64.tar.gz --no-same-owner
 279     sudo install -o root -g root -m 0755 kustomize /usr/local/bin/kustomize
 280     rm kustomize_${KUSTOMIZE_VERSION}_linux_amd64.tar.gz kustomize
 281     kustomize version
 282 }
 283
 284 function install_clusterctl {
 285     curl -L https://github.com/kubernetes-sigs/cluster-api/releases/download/${CAPI_VERSION}/clusterctl-linux-amd64 -o clusterctl
 286     sudo install -o root -g root -m 0755 clusterctl /usr/local/bin/clusterctl
 287     rm clusterctl
 288     clusterctl version
 289 }
 290
 291 function install_flux_cli {
 292     export FLUX_VERSION
 293     curl -s https://fluxcd.io/install.sh | sudo -E bash
 294     flux --version
 295 }
 296
 297 function install_emcoctl {
 298     clone_emco_repository
 299     make -C ${EMCOPATH}/src/tools/emcoctl
 300     sudo install -o root -g root -m 0755 ${EMCOPATH}/bin/emcoctl/emcoctl /usr/local/bin/emcoctl
 301 }
 302
 303 function install_sops {
 304     curl -L https://github.com/mozilla/sops/releases/download/${SOPS_VERSION}/sops-${SOPS_VERSION}.linux -o sops
 305     sudo install -o root -g root -m 0755 sops /usr/local/bin/sops
 306     rm sops
 307     sops --version
 308 }
 309
 310 function fetch_image {
 311     if [[ "${BM_IMAGE_URL}" && "${BM_IMAGE}" ]]; then
 312        mkdir -p "${IRONIC_DATA_DIR}/html/images"
 313        pushd ${IRONIC_DATA_DIR}/html/images
 314        local_checksum="0"
 315        if [[ -f "${BM_IMAGE}" ]]; then
 316            local_checksum=$(md5sum ${BM_IMAGE} | awk '{print $1}')
 317        fi
 318        remote_checksum=$(curl -sL "$(dirname ${BM_IMAGE_URL})/MD5SUMS" | grep ${BM_IMAGE} | awk '{print $1}')
 319        if [[ ${local_checksum} != ${remote_checksum} ]]; then
 320             curl -o ${BM_IMAGE} --insecure --compressed -O -L ${BM_IMAGE_URL}
 321             md5sum ${BM_IMAGE} | awk '{print $1}' > ${BM_IMAGE}.md5sum
 322        fi
 323        popd
 324     fi
 325 }