diff --git a/assets/cloud-config/etcd-proxy.yaml b/assets/cloud-config/etcd-proxy.yml similarity index 54% rename from assets/cloud-config/etcd-proxy.yaml rename to assets/cloud-config/etcd-proxy.yml index 4ef4346..9600d92 100644 --- a/assets/cloud-config/etcd-proxy.yaml +++ b/assets/cloud-config/etcd-proxy.yml @@ -6,12 +6,11 @@ coreos: etcd2: proxy: on - # cluster endpoints listen-client-urls: http://0.0.0.0:2379 - initial-cluster: etcd-n1=http://<%= @host.params['etcd-n1'] %>:2380,etcd-n2=http://<%= @host.params['etcd-n2'] %>:2380,etcd-n3=http://<%= @host.params['etcd-n3'] -%>:2380 + initial-cluster: {{ .env.md.etcd_initial_cluster }} fleet: - metadata: "role=<%= @role %>,vlan=<%= @host.primary_interface.vlanid %>" + metadata: "{{ .boot.md.fleet_metadata }},vlan={{ .interface.subnet.vlan }}" units: - name: down-interfaces.service @@ -19,10 +18,10 @@ coreos: content: | [Service] Type=oneshot - ExecStart=/usr/bin/ip link set <%= @host.interfaces.first.identifier %> down - ExecStart=/usr/bin/ip addr flush dev <%= @host.interfaces.first.identifier %> - ExecStart=/usr/bin/ip link set <%= @host.interfaces.second.identifier %> down - ExecStart=/usr/bin/ip addr flush dev <%= @host.interfaces.second.identifier %> + {{- range $iface := .host.interfaces }} + ExecStart=/usr/bin/ip link set {{ $iface.identifier }} down + ExecStart=/usr/bin/ip addr flush dev {{ $iface.identifier }} + {{ end }} - name: systemd-networkd.service command: restart - name: etcd2.service @@ -60,26 +59,26 @@ write_files: Name=po0 [Link] - MACAddress=<%= @host.interfaces.first.mac %> + MACAddress={{ index .host "interfaces" 0 "mac"}} [Network] DHCP=ipv4 - BindCarrier=<%= @host.interfaces.first.identifier %> <%= @host.interfaces.second.identifier %> - - path: /etc/systemd/network/<%= @host.interfaces.first.identifier %>.network + BindCarrier={{ index .host "interfaces" 0 "identifier" }} {{ index .host "interfaces" 1 "identifier" }} + - path: /etc/systemd/network/{{ index .host "interfaces" 0 "identifier" }}.network permissions: 0644 owner: root content: | [Match] - Name=<%= @host.interfaces.first.identifier %> + Name={{ index .host "interfaces" 0 "identifier" }} [Network] Bond=po0 - - path: /etc/systemd/network/<%= @host.interfaces.second.identifier %>.network + - path: /etc/systemd/network/{{ index .host "interfaces" 1 "identifier" }}.network permissions: 0644 owner: root content: | [Match] - Name=<%= @host.interfaces.second.identifier %> + Name={{ index .host "interfaces" 1 "identifier" }} [Network] Bond=po0 diff --git a/assets/ignition/etcd-proxy.yaml b/assets/ignition/etcd-proxy.yaml deleted file mode 100644 index 7246f68..0000000 --- a/assets/ignition/etcd-proxy.yaml +++ /dev/null @@ -1,28 +0,0 @@ ---- -systemd: - units: - - name: etcd2.service - enable: true - dropins: - - name: 40-etcd-cluster.conf - contents: | - [Service] - Environment="ETCD_PROXY=on" - Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379" - Environment="ETCD_INITIAL_CLUSTER={{.env.etcd_initial_cluster}}" - - name: fleet.service - enable: true - dropins: - - name: fleet-metadata.conf - contents: | - [Service] - Environment="FLEET_METADATA={{.group.fleet_metadata}}" -{{ if index .env "ssh_authorized_keys" }} -passwd: - users: - - name: core - ssh_authorized_keys: - {{ range $element := .env.ssh_authorized_keys }} - - {{$element}} - {{end}} -{{end}} \ No newline at end of file diff --git a/assets/ignition/etcd.yaml b/assets/ignition/etcd.yaml deleted file mode 100644 index c751a0b..0000000 --- a/assets/ignition/etcd.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -systemd: - units: - - name: etcd2.service - enable: true - dropins: - - name: 40-etcd-cluster.conf - contents: | - [Service] - Environment="ETCD_NAME={{.host.etcd_name}}" - Environment="ETCD_ADVERTISE_CLIENT_URLS=http://{{.host.ipv4_address}}:2379" - Environment="ETCD_INITIAL_ADVERTISE_PEER_URLS=http://{{.host.ipv4_address}}:2380" - Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379" - Environment="ETCD_LISTEN_PEER_URLS=http://{{.host.ipv4_address}}:2380" - Environment="ETCD_INITIAL_CLUSTER={{.env.etcd_initial_cluster}}" - Environment="ETCD_STRICT_RECONFIG_CHECK=true" - - name: fleet.service - enable: true - dropins: - - name: fleet-metadata.conf - contents: | - [Service] - Environment="FLEET_METADATA=role={{.group.fleet_role}},name={{.host.etcd_name}}" -networkd: - units: - - name: 10-static.network - contents: | - [Match] - MACAddress={{.host.mac}} - [Network] - Gateway={{.env.networkd_gateway}} - DNS={{.env.networkd_dns}} - Address={{.host.networkd_address}} -{{ if index .env "ssh_authorized_keys" }} -passwd: - users: - - name: core - ssh_authorized_keys: - {{ range $element := .env.ssh_authorized_keys }} - - {{$element}} - {{end}} -{{end}} diff --git a/assets/ignition/etcd.yml b/assets/ignition/etcd.yml new file mode 100644 index 0000000..878564f --- /dev/null +++ b/assets/ignition/etcd.yml @@ -0,0 +1,26 @@ +--- +networkd: + units: + - name: 10-static.network + contents: | + [Match] + MACAddress={{.interface.mac}} + [Network] + Gateway={{.interface.subnet.gateway}} + DNS={{ index .interface.subnet.dns 0 }} + Address={{ .interface.ipv4 }} + +systemd: + units: + {{- template "etcd2" .}} + + +{{ if index .env "ssh_authorized_keys" }} +passwd: + users: + - name: core + ssh_authorized_keys: + {{ range $element := .env.ssh_authorized_keys }} + - {{$element}} + {{end}} +{{end}} diff --git a/assets/ignition/snippets/etcd.yml b/assets/ignition/snippets/etcd.yml new file mode 100644 index 0000000..1372f21 --- /dev/null +++ b/assets/ignition/snippets/etcd.yml @@ -0,0 +1,15 @@ +{{ define "etcd2" }} + - name: etcd2.service + enable: true + dropins: + - name: 40-etcd-cluster.conf + contents: | + [Service] + Environment="ETCD_NAME={{.host.md.etcd_name}}" + Environment="ETCD_ADVERTISE_CLIENT_URLS=http://{{.interface.ipv4}}:2379" + Environment="ETCD_INITIAL_ADVERTISE_PEER_URLS=http://{{.interface.ipv4}}:2380" + Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379" + Environment="ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380" + Environment="ETCD_INITIAL_CLUSTER={{.env.md.etcd_initial_cluster}}" + Environment="ETCD_STRICT_RECONFIG_CHECK=true" +{{ end }} \ No newline at end of file diff --git a/assets/untyped/clevos-answers.provision b/assets/untyped/clevos-answers.provision index 0e0ce39..ee65a25 100644 --- a/assets/untyped/clevos-answers.provision +++ b/assets/untyped/clevos-answers.provision @@ -9,14 +9,25 @@ confirm = false reboot = true [post] -script: channel data port p6p1, p7p1 +script: channel data port p6p1, p6p2 channel data bonding balanced - channel data bond_xmit_policy layer2 - channel data ip {{.host.ipv4_address}} - channel data netmask {{.env.subnet.netmask}} - channel data gateway {{.env.subnet.gateway}} - system hostname {{.host.clever_name}} + {{ with index .host.interfaces 0 }} + channel data ip {{ .ipv4 }} + channel data netmask {{ .subnet.netmask }} + {{ end }} + channel client port em1, em2 + channel client bonding balanced + {{ with index .host.interfaces 1 }} + channel client ip {{ .ipv4 }} + channel client netmask {{ .subnet.netmask }} + channel client gateway {{ .subnet.gateway }} + {{ end }} + system hostname {{ .host.name }} system organization cdvr system city philadelphia system state pa system country us + system dns {{ range $i, $dns := .interface.subnet.dns }}{{ if $i }},{{ end }}{{ $dns }}{{ end }} + system ntpservers {{ range $i, $ntp := .interface.subnet.ntp }}{{ if $i }},{{ end }}{{ $ntp }}{{ end }} + manager ip {{ .host.metadata.manager }} + password {{ .boot.metadata.root_pass }} \ No newline at end of file diff --git a/host_groups/clevos.yml b/boot/clevos.yml similarity index 83% rename from host_groups/clevos.yml rename to boot/clevos.yml index 1671649..71cacd6 100644 --- a/host_groups/clevos.yml +++ b/boot/clevos.yml @@ -7,3 +7,6 @@ operating_system: clevos-basic # TODO: actually create a ClevOS object unattended: type: untyped use: clevos-answers.provision + +metadata: + root_pass: cisco123 \ No newline at end of file diff --git a/host_groups/etcd-cluster.yml b/boot/etcd-master.yml similarity index 66% rename from host_groups/etcd-cluster.yml rename to boot/etcd-master.yml index 92ed90d..8cc3403 100644 --- a/host_groups/etcd-cluster.yml +++ b/boot/etcd-master.yml @@ -1,12 +1,12 @@ --- -id: etcd-cluster -name: Etcd Cluster +id: etcd-master +name: Etcd Master operating_system: coreos-1053.2.0-stable unattended: type: ignition - use: etcd.yaml + use: etcd.yml metadata: fleet_role: etcd diff --git a/host_groups/etcd-proxy.yml b/boot/etcd-proxy.yml similarity index 87% rename from host_groups/etcd-proxy.yml rename to boot/etcd-proxy.yml index 8f8c61c..fb9a4e9 100644 --- a/host_groups/etcd-proxy.yml +++ b/boot/etcd-proxy.yml @@ -6,7 +6,7 @@ operating_system: coreos-1053.2.0-stable unattended: type: cloud-config - use: etcd-proxy.yaml + use: etcd-proxy.yml metadata: fleet_metadata: role=etcd-proxy diff --git a/os/clevos-basic.yml b/os/clevos-basic.yml index 33969dc..ed8bc89 100644 --- a/os/clevos-basic.yml +++ b/os/clevos-basic.yml @@ -6,9 +6,9 @@ minor_version: '7.2' os_family: ClevOS release_name: acc boot: - kernel: "{{.agent.url}}/files/boot/accclevos.vmlinuz" + kernel: "{{.env.agentURL}}/files/boot/accclevos.vmlinuz" initrd: - - "{{.agent.url}}/files/boot/acc/clevos.initrd" + - "{{.env.agentURL}}/files/boot/acc/clevos.initrd" cmdline: # Have to manually specify 'untyped' kernel opts lang: ' ' @@ -23,7 +23,7 @@ cmdline: ethdevice-timeout: '300' clevos.runinstall: noprompt: - clevos.installer.answers: "{{.host.configUrl}}" # configUrl is the full URL (with selectors) for this host's unattened config script + clevos.installer.answers: "{{.boot.configURL}}" # configUrl is the full URL (with selectors) for this host's unattened config script dhcp: config: fetch: \ No newline at end of file diff --git a/os/coreos-pxe.yml b/os/coreos-pxe.yml index 893284c..eda3f2d 100644 --- a/os/coreos-pxe.yml +++ b/os/coreos-pxe.yml @@ -6,8 +6,8 @@ minor_version: '2.0' os_family: CoreOS release_name: stable boot: - kernel: "{{.agent.url}}/files/coreos_production_pxe.vmlinuz" + kernel: "{{.env.agentURL}}/files/{{.boot.os.release_name}}/{{.boot.os.major_version}}/{{.boot.os.minor_version}}/coreos_production_pxe.vmlinuz" initrd: - - "{{.agent.url}}/files/coreos_production_pxe_image.cpio.gz" + - "{{.env.agentURL}}/files/coreos_production_pxe_image.cpio.gz" cmdline: coreos.autologin: '' diff --git a/sites/test-site/env.yml b/sites/test-site/env.yml index c7fde19..5678c94 100644 --- a/sites/test-site/env.yml +++ b/sites/test-site/env.yml @@ -1,22 +1,41 @@ --- name: Virtualenv Dev id: test-site +subnets: + - id: default + cidr: 10.10.10.0/24 + domain: foo.bar.com + gateway: 10.10.10.1 + dns: + - 8.8.8.8 + ntp: + - 10.10.10.1 + - id: clevos + cidr: 192.168.1.0/24 + domain: foo.bar.com + gateway: 192.168.1.1 + dns: + - 8.8.8.8 + - id: mgmt-subnet + cidr: 10.9.9.0/24 + dns: + - 8.8.8.8 + ntp: + - 10.10.10.1 +# Let's eventually replace this agent: url: "http://127.0.0.1" port: 24602 secure_url: "https://some.proper.domainname.com" secure_port: 443 cert_path: /etc/vaquero/certs/test-site.crt +# With this +#agent: id-for-agent-on-controller # gain this ID from the registration process + metadata: name: detroit-preprod kind: pre-prod etcd_initial_cluster: node1=http://10.10.10.10:2380,node2=http://10.10.10.11:2380,node3=http://10.10.10.12:2380 - networkd_gateway: 172.15.0.1 - networkd_dns: 172.15.0.3 - - subnet: - gateway: 192.168.1.1 - netmask: 255.255.255.0 ssh_authorized_keys: [] diff --git a/sites/test-site/inventory.yml b/sites/test-site/inventory.yml index 216bb06..f7ae62f 100644 --- a/sites/test-site/inventory.yml +++ b/sites/test-site/inventory.yml @@ -1,42 +1,82 @@ --- -host_group: etcd-proxy -hosts: -- name: proxy1 - selectors: - mac: 00:00:00:00:00:04 -- name: proxy2 - selectors: - mac: 00:00:00:00:00:05 ---- -host_group: etcd-cluster -hosts: -- name: host1 - selectors: +name: host1 +interfaces: + - type: physical + subnet: default mac: 00:00:00:00:00:01 - metadata: - ipv4_address: 10.10.10.10 - networkd_address: 10.10.10.10/16 + bmc: + type: ipmi + username: adam + password: schaub + identifier: eth0 + ipv4: 10.10.10.10 +metadata: etcd_name: node1 -- name: host2 - selectors: +workflow: etcd-master +--- +name: host2 +interfaces: + - type: physical + subnet: default mac: 00:00:00:00:00:02 - metadata: - ipv4_address: 10.10.10.11 - networkd_address: 10.10.10.11/16 + identifier: eth0 + ipv4: 10.10.10.11 +metadata: etcd_name: node2 -- name: host3 - selectors: +workflow: etcd-master +--- +name: host3 +interfaces: + - type: physical + subnet: default mac: 00:00:00:00:00:03 - metadata: - ipv4_address: 10.10.10.12 - networkd_address: 10.10.10.12/16 + identifier: eth0 + ipv4: 10.10.10.12 +metadata: etcd_name: node3 +workflow: etcd-master +--- +name: proxy1 +interfaces: + - type: physical + subnet: default + mac: 00:00:00:00:00:04 + identifier: eth0 + ipv4: 10.10.10.13 + - type: physical + subnet: default + mac: 00:00:00:00:00:14 + identifier: eth1 + ipv4: 10.10.10.23 +workflow: etcd-proxy +--- +name: proxy2 +interfaces: + - type: physical + subnet: default + mac: 00:00:00:00:00:05 + identifier: eth0 + ipv4: 10.10.10.14 + - type: physical + subnet: default + mac: 00:00:00:00:00:15 + identifier: eth1 + ipv4: 10.10.10.24 +workflow: etcd-proxy --- -host_group: clevos -hosts: -- name: clevos1 - selectors: +name: clevos1 +interfaces: + - type: physical + subnet: default mac: 00:00:00:00:00:06 - metadata: - ipv4_address: 192.128.1.16 - clever_name: haha \ No newline at end of file + ipv4: 10.10.10.15 + identifier: eth0 + hostname: clevos1 + - type: physical + subnet: clevos + mac: 00:00:00:00:01:06 + ipv4: 192.128.1.16 + identifier: eth1 +metadata: + manager: 10.10.10.10 +workflow: clevos \ No newline at end of file diff --git a/workflows/clevos.yml b/workflows/clevos.yml new file mode 100644 index 0000000..b028f33 --- /dev/null +++ b/workflows/clevos.yml @@ -0,0 +1,3 @@ +id: clevos +workflow: + - boot: clevos \ No newline at end of file diff --git a/workflows/etcd-master.yml b/workflows/etcd-master.yml new file mode 100644 index 0000000..7505c77 --- /dev/null +++ b/workflows/etcd-master.yml @@ -0,0 +1,9 @@ +# Workflows chain a series of "boots" together. A host will +# attach itself to a single workflow. A single "boot" is a +# complete provisioning (bootloader & unattended config/install) +id: etcd-master +# or boot-order? +workflow: + - boot: etcd-master + next-boot: etcd-master # next-boot is self, also implicit, as last item + # next-boot: wipe-disk # or go to first stage if rebooted diff --git a/workflows/etcd-proxy.yml b/workflows/etcd-proxy.yml new file mode 100644 index 0000000..a42d837 --- /dev/null +++ b/workflows/etcd-proxy.yml @@ -0,0 +1,3 @@ +id: etcd-proxy +workflow: + - boot: etcd-proxy \ No newline at end of file