Use butane for ignition configuration

Signed-off-by: Ondra Machacek <[email protected]>
kubev2v · Oct 7, 2024 · 3195cc6 · 3195cc6
1 parent fd857c7
commit 3195cc6
Show file tree

Hide file tree

Showing 12 changed files with 280 additions and 90 deletions.
diff --git a/Containerfile.agent b/Containerfile.agent
@@ -1,3 +1,10 @@
+FROM docker.io/library/alpine as ui
+
+WORKDIR /app
+RUN mkdir /app/www && \
+     wget -O /tmp/agent-1.0.0-alpha.tgz https://github.com/machacekondra/planner-agent-ui/releases/download/0.0.1/agent-1.0.0-alpha.tgz && \
+     tar xf /tmp/agent-1.0.0-alpha.tgz -C /app/www
+
 # Builder container
 FROM registry.access.redhat.com/ubi9/go-toolset as builder
 
@@ -15,6 +22,7 @@ FROM registry.access.redhat.com/ubi9/ubi-micro
 WORKDIR /app
 
 COPY --from=builder /planner-agent /app/
+COPY --from=ui /app/www/package/dist /app/www
 
 # Use non-root user
 RUN chown -R 1001:0 /app

diff --git a/Containerfile.api b/Containerfile.api
@@ -1,4 +1,8 @@
 # Builder container
+FROM registry.access.redhat.com/ubi9/go-toolset as iso
+WORKDIR /iso
+RUN curl -o /iso/rhcos-live.x86_64.iso https://mirror.openshift.com/pub/openshift-v4/dependencies/rhcos/latest/rhcos-live.x86_64.iso
+
 FROM registry.access.redhat.com/ubi9/go-toolset as builder
 
 WORKDIR /app
@@ -8,7 +12,6 @@ RUN go mod download
 COPY . .
 
 USER 0
-RUN curl -o /app/rhcos-live.x86_64.iso https://mirror.openshift.com/pub/openshift-v4/dependencies/rhcos/latest/rhcos-live.x86_64.iso
 RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -buildvcs=false -o /planner-api cmd/planner-api/main.go
 
 FROM registry.access.redhat.com/ubi9/ubi-micro
@@ -17,7 +20,7 @@ WORKDIR /app
 
 COPY /data /app/data/
 COPY --from=builder /planner-api /app/
-COPY --from=builder /app/rhcos-live.x86_64.iso /app/
+COPY --from=iso /iso/rhcos-live.x86_64.iso /app/
 
 # Use non-root user
 RUN chown -R 1001:0 /app

diff --git a/Makefile b/Makefile
@@ -84,6 +84,21 @@ push-containers: build-containers
 	podman push $(MIGRATION_PLANNER_COLLECTOR_IMAGE):latest
 	podman push $(MIGRATION_PLANNER_AGENT_IMAGE):latest
 
+deploy-on-openshift:
+	oc apply -f 'deploy/k8s/*-service.yaml'
+	oc apply -f 'deploy/k8s/*-secret.yaml'
+	oc create route edge planner --service=migration-planner-ui || true
+	oc expose service migration-planner-agent --name planner-agent || true
+	@config_server=$$(oc get route planner-agent -o jsonpath='{.spec.host}'); \
+	oc create secret generic migration-planner-secret --from-literal=config_server=http://$$config_server || true
+	oc apply -f deploy/k8s/
+
+undeploy-on-openshift:
+	oc delete route planner || true
+	oc delete route planner-agent || true
+	oc delete secret migration-planner-secret || true
+	oc delete -f deploy/k8s || true
+
 bin:
 	mkdir -p bin
 

diff --git a/data/AgentVM.ovf b/data/AgentVM.ovf
@@ -5,14 +5,14 @@
   </References>
   <NetworkSection>
     <Info>The list of logical networks</Info>
-    <Network ovf:name="nested-devqe-segment-222">
-      <Description>The nested-devqe-segment-222 network</Description>
+    <Network ovf:name="routable-network">
+      <Description>Routable network</Description>
     </Network>
   </NetworkSection>
   <VirtualSystem ovf:id="AgentVM">
     <Info>A Virtual system</Info>
     <Name>AgentVM</Name>
-    <OperatingSystemSection ovf:id="80" ovf:version="8" vmw:osType="rhel8_64Guest">
+    <OperatingSystemSection ovf:id="80" ovf:version="8" vmw:osType="rhel9_64Guest">
       <Info>The operating system installed</Info>
       <Description>Other Linux (64-bit)</Description>
     </OperatingSystemSection>
@@ -67,7 +67,7 @@
       <Item>
         <rasd:AddressOnParent>0</rasd:AddressOnParent>
         <rasd:AutomaticAllocation>true</rasd:AutomaticAllocation>
-        <rasd:Connection>nested-devqe-segment-222</rasd:Connection>
+        <rasd:Connection>routable-network</rasd:Connection>
         <rasd:ElementName>Network adapter 1</rasd:ElementName>
         <rasd:InstanceID>6</rasd:InstanceID>
         <rasd:ResourceSubType>E1000</rasd:ResourceSubType>

diff --git a/data/config.ign.template b/data/config.ign.template
@@ -1,51 +1,155 @@
-{
-  "ignition": { "version": "3.0.0" },
-  "passwd": {
-    "users": [
-          {
-            "name": "core",
-            "passwordHash": "$y$j9T$hUUbW8zoB.Qcmpwm4/RuK1$FMtuDAxNLp3sEa2PnGiJdXr8uYbvUNPlVDXpcJim529"
-          }
-    ]
-  },
-  "storage": {
-    "directories": [{
-      "path": "/var/home/core/vol",
-      "overwrite": true,
-      "user": {
-        "id": 1001
-      }
-    }, {
-      "path": "/var/home/core/vol/data",
-      "overwrite": true,
-      "user": {
-        "id": 1001
-      }
-    }, {
-      "path": "/var/home/core/vol/config",
-      "overwrite": true,
-      "user": {
-        "id": 1001
-      }
-    }],
-    "files": [{
-      "path": "/var/home/core/vol/config.yaml",
-      "mode": 400,
-      "user": {
-        "id": 1001
-      },
-      "contents": {"source": "data:text/plain;base64,@CONFIG_DATA@"}
-    }]
-  },
-  "systemd": {
-    "units": [{
-      "name": "planner-agent-collector.service",
-      "enabled": true,
-      "contents": "[Unit]\nDescription=Podman container-planner-colector.service\nDocumentation=man:podman-generate-systemd(1)\nWants=network-online.target\nAfter=network-online.target\nRequiresMountsFor=%t/containers\n\n[Service]\nType=oneshot\nRestartSec=2s\nExecStartPre=/usr/bin/podman run --rm -v myvol:/mnt:Z --name test-container alpine sh -c \"/usr/bin/test -f /mnt/data/credentials.json\"\nExecStartPre=/usr/bin/podman run -d -p 8181:8181 --network host --entrypoint /usr/bin/opa quay.io/kubev2v/forklift-validation:release-v2.6.4 run --server /usr/share/opa/policies\nEnvironment=PODMAN_SYSTEMD_UNIT=%n\nRestart=on-failure\nTimeoutStopSec=70\nExecStart=/usr/bin/podman run --network host --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -v myvol:/vol:Z --name planner-collector -d quay.io/machacekondra/collector /vol/data/credentials.json /vol/data/inventory.json\nExecStop=/usr/bin/podman stop --ignore -t 10 --cidfile=%t/%n.ctr-id\nExecStopPost=/usr/bin/podman rm -f --ignore -t 10 --cidfile=%t/%n.ctr-id\nType=notify\nNotifyAccess=all\n\n[Install]\nWantedBy=default.target"
-    }, {
-      "name": "planner-agent.service",
-      "enabled": true,
-      "contents": "[Unit]\nDescription=Podman container-planner-agent.service\nDocumentation=man:podman-generate-systemd(1)\nWants=network-online.target\nAfter=network-online.target\nRequiresMountsFor=%t/containers\n\n[Service]\nEnvironment=PODMAN_SYSTEMD_UNIT=%n\nRestart=on-failure\nTimeoutStopSec=70\nExecStartPre=/usr/bin/podman volume create myvol\nExecStartPre=/usr/sbin/setenforce 0 \nExecStartPre=/usr/bin/podman run --rm -v /var/home/core/vol:/src:Z -v myvol:/mnt:Z --name temp-container alpine sh -c \"cp -r /src/* /mnt/ && chmod -R a+rw /mnt\"\nExecStartPre=/usr/bin/podman run --rm -v myvol:/agent:Z --name www-container fedora sh -c \"curl -L https://github.com/machacekondra/planner-agent-ui/releases/download/0.0.1/agent-1.0.0-alpha.tgz -o /tmp/agent-1.0.0-alpha.tgz && mkdir /agent/www && tar xf /tmp/agent-1.0.0-alpha.tgz -C /agent/www package/dist\"\nExecStart=/usr/bin/podman run --network host -p 3333:3333 --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d -v myvol:/agent:Z --name planner-agent quay.io/machacekondra/planner-agent -config /agent/config.yaml\nExecStop=/usr/bin/podman stop --ignore -t 10 --cidfile=%t/%n.ctr-id\nExecStopPost=/usr/bin/podman rm -f --ignore -t 10 --cidfile=%t/%n.ctr-id\nType=notify\nNotifyAccess=all\n\n[Install]\nWantedBy=default.target"
-    }]
-  }
-}
+variant: fcos
+version: 1.4.0
+passwd:
+  users:
+    - name: core
+      password_hash: "$y$j9T$hUUbW8zoB.Qcmpwm4/RuK1$FMtuDAxNLp3sEa2PnGiJdXr8uYbvUNPlVDXpcJim529"
+
+storage:
+  links:
+    - path: /home/core/.config/systemd/user/timers.target.wants/podman-auto-update.timer
+      target: /usr/lib/systemd/user/podman-auto-update.timer
+      user:
+        name: core
+      group:
+        name: core
+  directories:
+    - path: /home/core/.config
+      overwrite: true
+      user:
+        name: core
+      group:
+        name: core
+    - path: /home/core/vol
+      overwrite: true
+      user:
+        name: core
+      group:
+        name: core
+    - path: /home/core/vol/config
+      overwrite: true
+      user:
+        name: core
+      group:
+        name: core
+    - path: /home/core/vol/data
+      overwrite: true
+      user:
+        name: core
+      group:
+        name: core
+  files:
+    - path: /etc/ssh/sshd_config.d/40-rhcos-defaults.conf
+      overwrite: true
+      contents:
+        inline: |
+          PasswordAuthentication yes
+    - path: /home/core/vol/config.yaml
+      contents:
+        inline: |
+          config-dir: /agent/config
+          data-dir: /agent/data
+          www-dir: /app/www
+          log-level: debug
+          source-id: @CONFIG_ID@
+          update-interval: 5s
+          planner-service:
+            service:
+              server: @CONFIG_SERVER@
+      mode: 0644
+      user:
+        name: core
+      group:
+        name: core
+    - path: /home/core/.config/containers/systemd/collector.network
+      contents:
+        inline: |
+          [Network]
+      user:
+        name: core
+      group:
+        name: core
+    - path: /home/core/.config/containers/systemd/planner.volume
+      contents:
+        inline: |
+          [Volume]
+          VolumeName=planner.volume
+      user:
+        name: core
+      group:
+        name: core
+    - path: /home/core/.config/systemd/user/planner-setup.service
+      mode: 0644
+      contents:
+        inline: |
+          [Unit]
+          Description=Prepare data volume for the container
+          Before=planner-agent.service
+
+          [Service]
+          ExecStart=/usr/bin/podman run --rm -v planner.volume:/agent -v /home/core/vol:/mnt:Z alpine sh -c "cp -r /mnt/* /agent/ && chmod -R a+rwx /agent"
+
+          Type=oneshot
+          RemainAfterExit=yes
+
+          [Install]
+          WantedBy=multi-user.target
+    - path: /home/core/.config/containers/systemd/planner-agent.container
+      mode: 0644
+      contents:
+        inline: |
+          [Unit]
+          Description=Planner agent quadlet
+          Wants=planner-setup.service
+
+          [Container]
+          Image=quay.io/kubev2v/migration-planner-agent
+          ContainerName=planner-agent
+          AutoUpdate=registry
+          Exec= -config /agent/config.yaml
+          PublishPort=3333:3333
+          Volume=planner.volume:/agent
+
+          [Install]
+          WantedBy=multi-user.target default.target
+    - path: /home/core/.config/containers/systemd/planner-agent-opa.container
+      mode: 0644
+      contents:
+        inline: |
+          [Unit]
+          Description=Collector quadlet
+          Before=planner-agent-collector.service
+
+          [Container]
+          ContainerName=opa
+          Image=quay.io/kubev2v/forklift-validation:release-v2.6.4
+          Entrypoint=/usr/bin/opa
+          PublishPort=8181:8181
+          Exec=run --server /usr/share/opa/policies
+          Network=collector.network
+
+          [Install]
+          WantedBy=multi-user.target default.target
+
+    - path: /home/core/.config/containers/systemd/planner-agent-collector.container
+      mode: 0644
+      contents:
+        inline: |
+          [Unit]
+          Description=Collector quadlet
+          Wants=planner-agent-opa.service
+
+          [Container]
+          Image=quay.io/kubev2v/migration-planner-collector
+          ContainerName=migration-planner-collector
+          AutoUpdate=registry
+          Exec=/vol/data/credentials.json /vol/data/inventory.json
+          Volume=planner.volume:/vol
+          Environment=OPA_SERVER=opa:8181
+          Network=collector.network
+
+          [Service]
+          Restart=on-failure
+
+          [Install]
+          WantedBy=multi-user.target default.target
diff --git a/data/config.yaml.template b/data/config.yaml.template
diff --git a/deploy/k8s/migration-planner-ui-service.yaml b/deploy/k8s/migration-planner-ui-service.yaml
@@ -0,0 +1,12 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: migration-planner-ui
+spec:
+  type: LoadBalancer
+  ports:
+    - port: 8080
+      targetPort: 8080
+      protocol: TCP
+  selector:
+    app: migration-planner-ui
diff --git a/deploy/k8s/migration-planner-ui.yaml b/deploy/k8s/migration-planner-ui.yaml
@@ -0,0 +1,21 @@
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: migration-planner-ui
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: migration-planner-ui
+  template:
+    metadata:
+      labels:
+        app: migration-planner-ui
+    spec:
+      containers:
+        - name: migration-planner-ui
+          image: quay.io/machacekondra/migration-planner-ui
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 8080
+      restartPolicy: Always
diff --git a/deploy/k8s/migration-planner.yaml b/deploy/k8s/migration-planner.yaml
@@ -21,7 +21,7 @@ spec:
             requests:
               cpu: 300m
               memory: 400Mi
-          image: quay.io/machacekondra/migration-planner
+          image: quay.io/kubev2v/migration-planner-api
           imagePullPolicy: Always
           ports:
             - containerPort: 3443