Merge pull request #507 from cbosdo/systemd-free-setup

Systemd free setup

mgradm/cmd/inspect/kubernetes.go

@@ -47,7 +47,7 @@ func kuberneteInspect(
 	}
 
 	// Get the SCC credentials secret if existing
-	pullSecret, err := kubernetes.GetSCCSecret(namespace, &types.SCCCredentials{}, kubernetes.ServerApp)
+	pullSecret, err := kubernetes.GetRegistrySecret(namespace, &types.SCCCredentials{}, kubernetes.ServerApp)
 	if err != nil {
 		return err
 	}

mgradm/cmd/install/podman/podman.go

@@ -42,6 +42,7 @@ NOTE: installing on a remote podman is not supported yet!
 		},
 	}
 
+	adm_utils.AddMirrorFlag(cmd)
 	shared.AddInstallFlags(cmd)
 	podman.AddPodmanArgFlag(cmd)
 

mgradm/cmd/install/podman/podman_test.go

@@ -17,13 +17,15 @@ import (
 
 func TestParamsParsing(t *testing.T) {
 	args := flagstests.InstallFlagsTestArgs()
+	args = append(args, flagstests.MirrorFlagTestArgs...)
 	args = append(args, flagstests.PodmanFlagsTestArgs...)
 	args = append(args, "srv.fq.dn")
 
 	// Test function asserting that the args are properly parsed
 	tester := func(_ *types.GlobalFlags, flags *podmanInstallFlags,
 		_ *cobra.Command, args []string,
 	) error {
+		flagstests.AssertMirrorFlag(t, flags.Mirror)
 		flagstests.AssertInstallFlags(t, &flags.ServerFlags)
 		flagstests.AssertPodmanInstallFlags(t, &flags.Podman)
 		testutils.AssertEquals(t, "Wrong FQDN", "srv.fq.dn", args[0])

mgradm/cmd/install/podman/utils.go

@@ -6,8 +6,8 @@ package podman
 
 import (
 	"errors"
+	"fmt"
 	"os/exec"
-	"strings"
 
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
@@ -91,35 +91,23 @@ func installForPodman(
 		return err
 	}
 
-	cnx := shared.NewConnection("podman", shared_podman.ServerContainerName, "")
-	if err := waitForSystemStart(systemd, cnx, preparedImage, flags); err != nil {
-		return utils.Errorf(err, L("cannot wait for system start"))
+	if err := shared_podman.SetupNetwork(false); err != nil {
+		return utils.Errorf(err, L("cannot setup network"))
 	}
 
-	caPassword := flags.Installation.SSL.Password
-	if flags.Installation.SSL.UseExisting() {
-		// We need to have a password for the generated CA, even though it will be thrown away after install
-		caPassword = "dummy"
-	}
+	log.Info().Msg(L("Run setup command in the container"))
 
-	env := map[string]string{
-		"CERT_O":       flags.Installation.SSL.Org,
-		"CERT_OU":      flags.Installation.SSL.OU,
-		"CERT_CITY":    flags.Installation.SSL.City,
-		"CERT_STATE":   flags.Installation.SSL.State,
-		"CERT_COUNTRY": flags.Installation.SSL.Country,
-		"CERT_EMAIL":   flags.Installation.SSL.Email,
-		"CERT_CNAMES":  strings.Join(append([]string{fqdn}, flags.Installation.SSL.Cnames...), ","),
-		"CERT_PASS":    caPassword,
+	if err := runSetup(preparedImage, &flags.ServerFlags, fqdn); err != nil {
+		return err
 	}
 
-	log.Info().Msg(L("Run setup command in the container"))
+	cnx := shared.NewConnection("podman", shared_podman.ServerContainerName, "")
+	if err := waitForSystemStart(systemd, cnx, preparedImage, flags); err != nil {
+		return utils.Errorf(err, L("cannot wait for system start"))
+	}
 
-	if err := adm_utils.RunSetup(cnx, &flags.ServerFlags, fqdn, env); err != nil {
-		if stopErr := systemd.StopService(shared_podman.ServerService); stopErr != nil {
-			log.Error().Msgf(L("Failed to stop service: %v"), stopErr)
-		}
-		return err
+	if err := cnx.CopyCaCertificate(fqdn); err != nil {
+		return utils.Errorf(err, L("failed to add SSL CA certificate to host trusted certificates"))
 	}
 
 	if path, err := exec.LookPath("uyuni-payg-extract-data"); err == nil {
@@ -173,3 +161,44 @@ func installForPodman(
 	}
 	return nil
 }
+
+// runSetup execute the setup.
+func runSetup(image string, flags *adm_utils.ServerFlags, fqdn string) error {
+	env := adm_utils.GetSetupEnv(flags.Mirror, &flags.Installation, fqdn, false)
+	envNames := []string{}
+	envValues := []string{}
+	for key, value := range env {
+		envNames = append(envNames, "-e", key)
+		envValues = append(envValues, fmt.Sprintf("%s=%s", key, value))
+	}
+
+	command := []string{
+		"run",
+		"--rm",
+		"--shm-size=0",
+		"--shm-size-systemd=0",
+		"--name", "uyuni-setup",
+		"--network", shared_podman.UyuniNetwork,
+		"-e", "TZ=" + flags.Installation.TZ,
+	}
+	for _, volume := range utils.ServerVolumeMounts {
+		command = append(command, "-v", fmt.Sprintf("%s:%s:z", volume.Name, volume.MountPath))
+	}
+	command = append(command, envNames...)
+	command = append(command, image)
+
+	script, err := adm_utils.GenerateSetupScript(&flags.Installation, false)
+	if err != nil {
+		return err
+	}
+	command = append(command, "/usr/bin/sh", "-c", script)
+
+	if _, err := newRunner("podman", command...).Env(envValues).StdMapping().Exec(); err != nil {
+		return utils.Errorf(err, L("server setup failed"))
+	}
+
+	log.Info().Msgf(L("Server set up, login on https://%[1]s with %[2]s user"), fqdn, flags.Installation.Admin.Login)
+	return nil
+}
+
+var newRunner = utils.NewRunner

mgradm/cmd/install/shared/flags.go

@@ -20,7 +20,6 @@ func AddInspectFlags(cmd *cobra.Command) {
 
 // AddInstallFlags add flags to installa command.
 func AddInstallFlags(cmd *cobra.Command) {
-	cmd_utils.AddMirrorFlag(cmd)
 	cmd.Flags().String("tz", "", L("Time zone to set on the server. Defaults to the host timezone"))
 	cmd.Flags().String("email", "[email protected]", L("Administrator e-mail"))
 	cmd.Flags().String("emailfrom", "[email protected]", L("E-Mail sending the notifications"))
@@ -31,7 +30,6 @@ func AddInstallFlags(cmd *cobra.Command) {
 	cmd.Flags().String("db-name", "susemanager", L("Database name"))
 	cmd.Flags().String("db-host", "localhost", L("Database host"))
 	cmd.Flags().Int("db-port", 5432, L("Database port"))
-	cmd.Flags().String("db-protocol", "tcp", L("Database protocol"))
 	cmd.Flags().String("db-admin-user", "", L("External database admin user name"))
 	cmd.Flags().String("db-admin-password", "", L("External database admin password"))
 	cmd.Flags().String("db-provider", "", L("External database provider. Possible values 'aws'"))
@@ -42,7 +40,6 @@ func AddInstallFlags(cmd *cobra.Command) {
 	_ = utils.AddFlagToHelpGroupID(cmd, "db-name", "db")
 	_ = utils.AddFlagToHelpGroupID(cmd, "db-host", "db")
 	_ = utils.AddFlagToHelpGroupID(cmd, "db-port", "db")
-	_ = utils.AddFlagToHelpGroupID(cmd, "db-protocol", "db")
 	_ = utils.AddFlagToHelpGroupID(cmd, "db-admin-user", "db")
 	_ = utils.AddFlagToHelpGroupID(cmd, "db-admin-password", "db")
 	_ = utils.AddFlagToHelpGroupID(cmd, "db-provider", "db")

mgradm/cmd/migrate/kubernetes/utils.go

@@ -60,7 +60,7 @@ func migrateToKubernetes(
 	}
 
 	// Create a secret using SCC credentials if any are provided
-	pullSecret, err := shared_kubernetes.GetSCCSecret(
+	pullSecret, err := shared_kubernetes.GetRegistrySecret(
 		flags.Kubernetes.Uyuni.Namespace, &flags.Installation.SCC, shared_kubernetes.ServerApp,
 	)
 	if err != nil {

mgradm/shared/kubernetes/db.go

@@ -7,6 +7,9 @@
 package kubernetes
 
 import (
+	"strings"
+
+	"github.com/rs/zerolog"
 	"github.com/uyuni-project/uyuni-tools/shared/kubernetes"
 	. "github.com/uyuni-project/uyuni-tools/shared/l10n"
 	core "k8s.io/api/core/v1"
@@ -19,12 +22,20 @@ const (
 	DBSecret = "db-credentials"
 	// ReportdbSecret is the name of the report database credentials secret.
 	ReportdbSecret = "reportdb-credentials"
+	SCCSecret      = "scc-credentials"
 	secretUsername = "username"
 	secretPassword = "password"
 )
 
-// CreateDBSecret creates a secret containing the DB credentials.
-func CreateDBSecret(namespace string, name string, user string, password string) error {
+// CreateBasicAuthSecret creates a secret of type basic-auth.
+func CreateBasicAuthSecret(namespace string, name string, user string, password string) error {
+	// Check if the secret is already existing
+	out, err := runCmdOutput(zerolog.DebugLevel, "kubectl", "get", "-n", namespace, "secret", name, "-o", "name")
+	if err == nil && strings.TrimSpace(string(out)) != "" {
+		return nil
+	}
+
+	// Create the secret
 	secret := core.Secret{
 		TypeMeta: meta.TypeMeta{APIVersion: "v1", Kind: "Secret"},
 		ObjectMeta: meta.ObjectMeta{
@@ -40,5 +51,5 @@ func CreateDBSecret(namespace string, name string, user string, password string)
 		Type: core.SecretTypeBasicAuth,
 	}
 
-	return kubernetes.Apply([]runtime.Object{&secret}, L("failed to create the database secret"))
+	return kubernetes.Apply([]runtime.Object{&secret}, L("failed to create the secret"))
 }