Skip to content

Instantly share code, notes, and snippets.

@williamcaban
Created January 27, 2021 14:24
Show Gist options
  • Save williamcaban/6b3c0b328c27d6b1915e2d82f27c402a to your computer and use it in GitHub Desktop.
Save williamcaban/6b3c0b328c27d6b1915e2d82f27c402a to your computer and use it in GitHub Desktop.
#!/bin/bash
source ~/set-environment
ADDING_NODES=${1:-"add-nodes"}
USE_RENDERED=${2:-"true"}
# path to rhcos-live iso
export RHCOS_LIVE=~/images/rhcos-live.x86_64.iso
if [ ! -f rhcos-live.x86_64.iso ]; then
if [ -f ${RHCOS_LIVE} ]; then
echo "Taking copy of live ISO"
cp ${RHCOS_LIVE} .
else
echo "Can not fine live ISO on local directory or ${RHCOS_LIVE}"
exit 1
fi
fi
show_usage(){
echo -e "$0 [new|add-nodes][true|false]"
echo -e "\t new: create Live ISO images for new deployment using UPI based ignition files"
echo -e "\t add-nodes: create Live ISO image to add nodes out of rendered MCP or from existing UPI base ignition file"
echo -e "\t add-nodes true : will use rendered ignition files from api-int (default behaviour)"
echo -e "\t add-nodes false: will use UPI base ignition file"
}
COREOSINSTALLER="podman run --privileged --rm --env-host -v /dev:/dev -v /run/udev:/run/udev -v $PWD:/data -w /data quay.io/coreos/coreos-installer:release"
generate_iso(){
role=$1
echo "Generating ISO image for $role"
rm -f ./${CLUSTER_NAME}-$role.iso
bash create-ign-for-live-iso.sh
$COREOSINSTALLER iso ignition embed -fi iso.ign -o /data/${CLUSTER_NAME}-$role.iso rhcos-live.x86_64.iso
cp -f ./${CLUSTER_NAME}-$role.iso /opt/nginx/html/${CLUSTER_NAME}-$role.iso
}
if [ $ADDING_NODES == "add-nodes" ]; then
echo "Using 'add-nodes' flows"
# If doing live ISOs for adding nodes to an existing control plane
for MCP_NAME in ${MCP_RWN[*]}; do
if [ $USE_RENDERED == "false" ]; then
echo "Using existing worker.ign as base for new MCP"
# Creating base Ign for MCPs
sed "s/worker/${role}/g" ~/${CLUSTER_NAME}/worker.ign > config.ign
else
# Pulling rendered MCP
echo "Using rendered MCP as source ignition file"
curl -o preconfig.ign -H "Accept: application/vnd.coreos.ignition+json; version=3.1.0" -Lk https://api-int.${CLUSTER_NAME}.${BASE_DOMAIN}:22623/config/$MCP
# Inject console password (unix1234)
cat preconfig.ign | jq '.passwd.users[0] += {"passwordHash": "$1$f9F1p5ap$VIFGF2QHttm6xPeGMh/YA/"}' > config.ign
generate_iso $MCP_NAME
fi
done
elif [ $ADDING_NODES == "new" ]; then
# If doing local profiles for new UPI install
MCP_LIST=( bootstrap master worker )
for MCP_NAME in ${MCP_LIST[*]}; do
cp ~/${CLUSTER_NAME}/${MCP_NAME}.ign config.ign
generate_iso $MCP_NAME
done
else
echo "Not a valid option"
show_usage
exit 1
fi
#!/bin/bash
SSH_KEY_PATH=~/.ssh/id_rsa.pub
IGN_ISO_TEMPLATE=iso.ign.template
IGN_ISO_OUTPUT=iso.ign
IGN_NODE_CONFIG=config.ign
LIVE_ISO_SCRIPT=live-iso.sh
if [[ ! -f "$SSH_KEY_PATH" ]]; then
echo "Missing ssh public key $SSH_KEY_PATH"
exit 1
fi
if [[ ! -f "$IGN_ISO_TEMPLATE" ]]; then
echo "Missing $IGN_ISO_TEMPLATE"
exit 1
fi
if [[ -f "$IGN_NODE_CONFIG" ]]; then
ignition_file=$(cat "$IGN_NODE_CONFIG" | base64 -w0)
else
echo "Missing $IGN_NODE_CONFIG"
exit 1
fi
if [[ -f "$LIVE_ISO_SCRIPT" ]]; then
iso_script=$(cat "$LIVE_ISO_SCRIPT" | base64 -w0)
else
echo "Missing $LIVE_ISO_SCRIPT"
exit 1
fi
# Load SSH as valid JSON file and merge it
SSH_KEY=$( echo "{'passwd':{'users':[{'name':'core','sshAuthorizedKeys':['$(cat ~/.ssh/id_rsa.pub)']}]}}" | sed 's/'\''/"/g' )
cat iso.ign.template | jq -s ".[0] * $SSH_KEY" > $IGN_ISO_OUTPUT-ssh
# Embed node ignition file (this procedure work around the size of rendered ign files)
IGNITION_FILE=$ignition_file
IGN_EMBED_JSON=$( echo "{'source':'data:text/plain;charset=utf-8;base64,$IGNITION_FILE'}" | sed 's/'\''/"/g' )
echo "
{'storage': {
'files':[ {
'contents': {
'source': 'data:text/plain;charset=utf-8;base64,$IGNITION_FILE',
'verification': {}
},
'filesystem': 'root',
'mode': 420,
'overwrite': true,
'path': '/root/config.ign'
}
]
}
} " | sed 's/'\''/"/g' | jq -c . > foo.json
jq -s '.[0].storage.files[1]=.[1].storage.files[0] | .[0]' $IGN_ISO_OUTPUT-ssh foo.json | jq -c . > $IGN_ISO_OUTPUT-ign
# embed ISO script (assuming small script, otherwise previous procedure required)
ISO_SCRIPT=$iso_script
sed "s/ISO_SCRIPT/$iso_script/g" $IGN_ISO_OUTPUT-ign > $IGN_ISO_OUTPUT
#
# END OF FILE
#
{
"ignition": {
"config": {},
"version": "3.0.0"
},
"networkd": {},
"passwd": {
"users": [
{
"name": "core",
"sshAuthorizedKeys": [
"$SSH_KEY"
],
"passwordHash": "$1$f9F1p5ap$VIFGF2QHttm6xPeGMh/YA/"
}
]
},
"storage": {
"files": [
{
"contents": {
"source": "data:,auto-installer",
"verification": {}
},
"filesystem": "root",
"mode": 420,
"overwrite": true,
"path": "/etc/hostname"
},
{
"contents": {
"source": "data:text/plain;charset=utf-8;base64,IGNITION_FILE",
"verification": {}
},
"filesystem": "root",
"mode": 420,
"overwrite": true,
"path": "/root/config.ign"
},
{
"contents": {
"source": "data:text/plain;charset=utf-8;base64,ISO_SCRIPT",
"verification": {}
},
"filesystem": "root",
"mode": 448,
"path": "/usr/local/bin/first.sh"
}
]
},
"systemd": {
"units": [
{
"contents": "[Service]\nType=oneshot\nExecStart=/usr/local/bin/first.sh\n[Install]\nWantedBy=multi-user.target\n",
"enabled": true,
"name": "first-boot.service"
}
]
}
}
#!/bin/bash
firstboot_args='console=tty0 rd.neednet=1'
#KERNEL_ARGS="ip=<node-ip>::<default-gw>:<mask>:<hostname>:<nic>:none:<dns>"
# Remove any existing VGs and PVs
for vg in $(vgs -o name --noheadings) ; do vgremove -y $vg ; done
for pv in $(pvs -o name --noheadings) ; do pvremove -y $pv ; done
if [ -b /dev/nvme2n1 ]; then
install_device='/dev/nvme2n1'
elif [ -b /dev/sdb ] && [ "$(lsblk /dev/sdb)" != "" ] ; then
install_device='/dev/sdb'
else
# when prefered block device not detected
# use the first block device
first_block_dev=$(lsblk -lpdn -o NAME | head -n1)
if [[ $first_block_dev ]]; then
install_device=$first_block_dev
else
echo "Can't find block device for installation"
exit 1
fi
fi
#cmd="coreos-installer install --firstboot-args=\"${firstboot_args}\" --append-karg=\"${KERNEL_ARGS}\" --ignition=/root/config.ign ${install_device}"
cmd="coreos-installer install --firstboot-args=\"${firstboot_args} ${KERNEL_ARGS}\" --ignition=/root/config.ign ${install_device}"
bash -c "$cmd"
if [ "$?" == "0" ] ; then
echo "Install Succeeded!"
reboot
else
echo "Install Failed!"
exit 1
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment