diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index be58bdb8..0f1f2c1e 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -5,6 +5,7 @@ ## General * Added the ability to automatically copy files into the built images filesystem +* Kubernetes manifests are now applied in a systemd service ## API diff --git a/pkg/combustion/kubernetes_test.go b/pkg/combustion/kubernetes_test.go index 6984cf3b..71d1c922 100644 --- a/pkg/combustion/kubernetes_test.go +++ b/pkg/combustion/kubernetes_test.go @@ -782,8 +782,8 @@ func TestConfigureKubernetes_SuccessfulRKE2ServerWithManifests(t *testing.T) { assert.Contains(t, contents, "export INSTALL_RKE2_ARTIFACT_PATH=$ARTEFACTS_DIR/kubernetes/install") assert.Contains(t, contents, "sh $ARTEFACTS_DIR/kubernetes/install-k8s.sh") assert.Contains(t, contents, "systemctl enable rke2-server.service") - assert.Contains(t, contents, "mkdir -p /var/lib/rancher/rke2/server/manifests/") - assert.Contains(t, contents, "cp $ARTEFACTS_DIR/kubernetes/manifests/* /var/lib/rancher/rke2/server/manifests/") + assert.Contains(t, contents, "mkdir -p /opt/eib-k8s/manifests") + assert.Contains(t, contents, "cp $ARTEFACTS_DIR/kubernetes/manifests/* /opt/eib-k8s/manifests/") assert.Contains(t, contents, "cp $ARTEFACTS_DIR/kubernetes/registries.yaml /etc/rancher/rke2/registries.yaml") // Config file assertions diff --git a/pkg/combustion/templates/k3s-multi-node-installer.sh.tpl b/pkg/combustion/templates/k3s-multi-node-installer.sh.tpl index aa0d59b0..42322189 100644 --- a/pkg/combustion/templates/k3s-multi-node-installer.sh.tpl +++ b/pkg/combustion/templates/k3s-multi-node-installer.sh.tpl @@ -27,19 +27,43 @@ mount /var mkdir -p /var/lib/rancher/k3s/agent/images/ cp {{ .imagesPath }}/* /var/lib/rancher/k3s/agent/images/ +umount /var + CONFIGFILE={{ .configFilePath }}/$NODETYPE.yaml if [ "$HOSTNAME" = {{ .initialiser }} ]; then - CONFIGFILE={{ .configFilePath }}/{{ .initialiserConfigFile }} - - {{- if .manifestsPath }} - mkdir -p /var/lib/rancher/k3s/server/manifests/ - cp {{ .manifestsPath }}/* /var/lib/rancher/k3s/server/manifests/ - {{- end }} +CONFIGFILE={{ .configFilePath }}/{{ .initialiserConfigFile }} + +{{ if .manifestsPath }} +mkdir -p /opt/eib-k8s/manifests +cp {{ .manifestsPath }}/* /opt/eib-k8s/manifests/ + +cat <<- EOF > /etc/systemd/system/kubernetes-resources-install.service +[Unit] +Description=Kubernetes Resources Install +Requires=k3s.service +After=k3s.service +ConditionPathExists=/opt/bin/kubectl +ConditionPathExists=/etc/rancher/k3s/k3s.yaml + +[Install] +WantedBy=multi-user.target + +[Service] +Type=oneshot +Restart=on-failure +RestartSec=60 +ExecStart=/opt/bin/kubectl apply -f /opt/eib-k8s/manifests --kubeconfig=/etc/rancher/k3s/k3s.yaml +# Disable the service and clean up +ExecStartPost=/bin/sh -c "systemctl disable kubernetes-resources-install.service" +ExecStartPost=rm -f /etc/systemd/system/kubernetes-resources-install.service +ExecStartPost=rm -rf /opt/eib-k8s +EOF + +systemctl enable kubernetes-resources-install.service +{{- end }} fi -umount /var - {{- if and .apiVIP .apiHost }} echo "{{ .apiVIP }} {{ .apiHost }}" >> /etc/hosts {{- end }} diff --git a/pkg/combustion/templates/k3s-single-node-installer.sh.tpl b/pkg/combustion/templates/k3s-single-node-installer.sh.tpl index 4ae281bb..f3c25e22 100644 --- a/pkg/combustion/templates/k3s-single-node-installer.sh.tpl +++ b/pkg/combustion/templates/k3s-single-node-installer.sh.tpl @@ -6,13 +6,37 @@ mount /var mkdir -p /var/lib/rancher/k3s/agent/images/ cp {{ .imagesPath }}/* /var/lib/rancher/k3s/agent/images/ +umount /var + {{- if .manifestsPath }} -mkdir -p /var/lib/rancher/k3s/server/manifests/ -cp {{ .manifestsPath }}/* /var/lib/rancher/k3s/server/manifests/ +mkdir -p /opt/eib-k8s/manifests +cp {{ .manifestsPath }}/* /opt/eib-k8s/manifests/ + +cat <<- EOF > /etc/systemd/system/kubernetes-resources-install.service +[Unit] +Description=Kubernetes Resources Install +Requires=k3s.service +After=k3s.service +ConditionPathExists=/opt/bin/kubectl +ConditionPathExists=/etc/rancher/k3s/k3s.yaml + +[Install] +WantedBy=multi-user.target + +[Service] +Type=oneshot +Restart=on-failure +RestartSec=60 +ExecStart=/opt/bin/kubectl apply -f /opt/eib-k8s/manifests --kubeconfig=/etc/rancher/k3s/k3s.yaml +# Disable the service and clean up +ExecStartPost=/bin/sh -c "systemctl disable kubernetes-resources-install.service" +ExecStartPost=rm -f /etc/systemd/system/kubernetes-resources-install.service +ExecStartPost=rm -rf /opt/eib-k8s +EOF + +systemctl enable kubernetes-resources-install.service {{- end }} -umount /var - {{- if and .apiVIP .apiHost }} echo "{{ .apiVIP }} {{ .apiHost }}" >> /etc/hosts {{- end }} diff --git a/pkg/combustion/templates/rke2-multi-node-installer.sh.tpl b/pkg/combustion/templates/rke2-multi-node-installer.sh.tpl index 0a4da7b7..94df592d 100644 --- a/pkg/combustion/templates/rke2-multi-node-installer.sh.tpl +++ b/pkg/combustion/templates/rke2-multi-node-installer.sh.tpl @@ -27,19 +27,45 @@ mount /var mkdir -p /var/lib/rancher/rke2/agent/images/ cp {{ .imagesPath }}/* /var/lib/rancher/rke2/agent/images/ +umount /var + CONFIGFILE={{ .configFilePath }}/$NODETYPE.yaml if [ "$HOSTNAME" = {{ .initialiser }} ]; then - CONFIGFILE={{ .configFilePath }}/{{ .initialiserConfigFile }} - - {{- if .manifestsPath }} - mkdir -p /var/lib/rancher/rke2/server/manifests/ - cp {{ .manifestsPath }}/* /var/lib/rancher/rke2/server/manifests/ - {{- end }} +CONFIGFILE={{ .configFilePath }}/{{ .initialiserConfigFile }} + +{{ if .manifestsPath }} +mkdir -p /opt/eib-k8s/manifests +cp {{ .manifestsPath }}/* /opt/eib-k8s/manifests/ + +cat <<- EOF > /etc/systemd/system/kubernetes-resources-install.service +[Unit] +Description=Kubernetes Resources Install +Requires=rke2-server.service +After=rke2-server.service +ConditionPathExists=/var/lib/rancher/rke2/bin/kubectl +ConditionPathExists=/etc/rancher/rke2/rke2.yaml + +[Install] +WantedBy=multi-user.target + +[Service] +Type=oneshot +Restart=on-failure +RestartSec=60 +# Copy kubectl in order to avoid SELinux permission issues +ExecStartPre=cp /var/lib/rancher/rke2/bin/kubectl /opt/eib-k8s/kubectl +ExecStart=/opt/eib-k8s/kubectl apply -f /opt/eib-k8s/manifests --kubeconfig /etc/rancher/rke2/rke2.yaml +# Disable the service and clean up +ExecStartPost=/bin/sh -c "systemctl disable kubernetes-resources-install.service" +ExecStartPost=rm -f /etc/systemd/system/kubernetes-resources-install.service +ExecStartPost=rm -rf /opt/eib-k8s +EOF + +systemctl enable kubernetes-resources-install.service +{{- end }} fi -umount /var - {{- if .apiHost }} echo "{{ .apiVIP }} {{ .apiHost }}" >> /etc/hosts {{- end }} diff --git a/pkg/combustion/templates/rke2-single-node-installer.sh.tpl b/pkg/combustion/templates/rke2-single-node-installer.sh.tpl index b884a99f..3928463b 100644 --- a/pkg/combustion/templates/rke2-single-node-installer.sh.tpl +++ b/pkg/combustion/templates/rke2-single-node-installer.sh.tpl @@ -6,13 +6,39 @@ mount /var mkdir -p /var/lib/rancher/rke2/agent/images/ cp {{ .imagesPath }}/* /var/lib/rancher/rke2/agent/images/ +umount /var + {{- if .manifestsPath }} -mkdir -p /var/lib/rancher/rke2/server/manifests/ -cp {{ .manifestsPath }}/* /var/lib/rancher/rke2/server/manifests/ +mkdir -p /opt/eib-k8s/manifests +cp {{ .manifestsPath }}/* /opt/eib-k8s/manifests/ + +cat <<- EOF > /etc/systemd/system/kubernetes-resources-install.service +[Unit] +Description=Kubernetes Resources Install +Requires=rke2-server.service +After=rke2-server.service +ConditionPathExists=/var/lib/rancher/rke2/bin/kubectl +ConditionPathExists=/etc/rancher/rke2/rke2.yaml + +[Install] +WantedBy=multi-user.target + +[Service] +Type=oneshot +Restart=on-failure +RestartSec=60 +# Copy kubectl in order to avoid SELinux permission issues +ExecStartPre=cp /var/lib/rancher/rke2/bin/kubectl /opt/eib-k8s/kubectl +ExecStart=/opt/eib-k8s/kubectl apply -f /opt/eib-k8s/manifests --kubeconfig /etc/rancher/rke2/rke2.yaml +# Disable the service and clean up +ExecStartPost=/bin/sh -c "systemctl disable kubernetes-resources-install.service" +ExecStartPost=rm -f /etc/systemd/system/kubernetes-resources-install.service +ExecStartPost=rm -rf /opt/eib-k8s +EOF + +systemctl enable kubernetes-resources-install.service {{- end }} -umount /var - {{- if and .apiVIP .apiHost }} echo "{{ .apiVIP }} {{ .apiHost }}" >> /etc/hosts {{- end }}