diff --git a/CHANGES.md b/CHANGES.md index 10c0e8d8b..fda2560ad 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -6,9 +6,10 @@ Notable changes between releases. * Update Matchbox container image publishing ([#795](https://github.com/poseidon/matchbox/pull/795)) * Publish Matchbox images from internal infra to Quay (`quay.io/poseidon/matchbox`) - * Update Go version from v1.13.4 to v1.13.11 + * Update Go version from v1.13.4 to v1.14.9 * Update base image from `alpine:3.10` to `alpine:3.12` ([#784](https://github.com/poseidon/matchbox/pull/784)) -* Update Kubernetes manifests ([#791](https://github.com/poseidon/matchbox/pull/791)) +* Refresh docs and examples for Fedora CoreOS and Flatcar Linux ([#815](https://github.com/poseidon/matchbox/pull/815)) +* Update Kubernetes manifest examples ([#791](https://github.com/poseidon/matchbox/pull/791)) * Include `contrib/k8s` in release tarballs ([#788](https://github.com/poseidon/matchbox/pull/788)) * Remove RPM spec file (Copr publishing stopped in v0.6) diff --git a/README.md b/README.md index 9dc69e17b..5862b4688 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,11 @@ # matchbox [![Build Status](https://github.com/poseidon/matchbox/workflows/test/badge.svg)](https://github.com/poseidon/matchbox/actions?query=workflow%3Atest+branch%3Amaster) [![GoDoc](https://godoc.org/github.com/poseidon/matchbox?status.svg)](https://godoc.org/github.com/poseidon/matchbox) [![Quay](https://img.shields.io/badge/container-quay-green)](https://quay.io/repository/poseidon/matchbox) -`matchbox` is a service that matches bare-metal machines to profiles that PXE boot and provision clusters. Machines are matched by labels like MAC or UUID during PXE and profiles specify a kernel/initrd, iPXE config, and Container Linux or Fedora CoreOS config. +`matchbox` is a service that matches bare-metal machines to profiles that PXE boot and provision clusters. Machines are matched by labels like MAC or UUID during PXE and profiles specify a kernel/initrd, iPXE config, and Ignition config. ## Features * Chainload via iPXE and match hardware labels -* Provision Fedora CoreOS and Flatcar Linux (powered by [Ignition](https://github.com/coreos/ignition)) +* Provision Fedora CoreOS or Flatcar Linux (powered by [Ignition](https://github.com/coreos/ignition)) * Authenticated gRPC API for clients (e.g. Terraform) ## Documentation @@ -23,10 +23,11 @@ Matchbox can be installed from a binary or a container image. ## Tutorials -[Getting started](docs/getting-started.md) provisioning machines with Flatcar Linux. +[Getting started](docs/getting-started.md) provisioning machines with Fedora CoreOS or Flatcar Linux. -* Local QEMU/KVM - * [matchbox with Docker](docs/getting-started-docker.md) +* [Local QEMU/KVM](docs/getting-started-docker.md) + * Fedora CoreOS (live PXE or PXE install to disk) + * Flatcar Linux (live PXE or PXE install to disk) * Clusters * [etcd3](docs/getting-started-docker.md) - Install a 3-node etcd3 cluster * [etcd3](https://github.com/poseidon/matchbox/tree/master/examples/terraform/etcd3-install) - Install a 3-node etcd3 cluster (terraform-based) diff --git a/docs/getting-started-docker.md b/docs/getting-started-docker.md index 61c7ceb82..46d34ac84 100644 --- a/docs/getting-started-docker.md +++ b/docs/getting-started-docker.md @@ -1,8 +1,9 @@ # Getting started with Docker -In this tutorial, we'll run `matchbox` on your Linux machine with Docker to network boot and provision a cluster of QEMU/KVM Container Linux machines locally. You'll be able to create Kubernetes clusters, etcd3 clusters, and test network setups. +In this tutorial, we'll run `matchbox` on a Linux machine with Docker to network boot and provision local QEMU/KVM machines as Fedora CoreOS or Flatcar Linux machines. You'll be able to test network setups and Ignition provisioning. -*Note*: To provision physical machines, see [network setup](network-setup.md) and [deployment](deployment.md). +!!! note + To provision physical machines, see [network setup](network-setup.md) and [deployment](deployment.md). ## Requirements @@ -25,10 +26,11 @@ $ git clone https://github.com/poseidon/matchbox.git $ cd matchbox ``` -Download CoreOS Container Linux image assets referenced by the `etcd3` [example](../examples) to `examples/assets`. +Download Fedora CoreOS or Flatcar Linux image assets to `examples/assets`. ```sh -$ ./scripts/get-coreos stable 1967.3.0 ./examples/assets +$ ./scripts/get-fedora-coreos stable 32.20200923.3.0 ./examples/assets +$ ./scripts/get-flatcar stable 2605.6.0 ./examples/assets ``` For development convenience, add `/etc/hosts` entries for nodes so they may be referenced by name. @@ -45,10 +47,10 @@ For development convenience, add `/etc/hosts` entries for nodes so they may be r Run the `matchbox` and `dnsmasq` services on the `docker0` bridge. `dnsmasq` will run DHCP, DNS and TFTP services to create a suitable network boot environment. `matchbox` will serve configs to machines as they PXE boot. -The `devnet` convenience script can start these services and accepts the name of any example cluster in [examples](../examples). +The `devnet` convenience script can start these services and accepts the name of any example in [examples](https://github.com/poseidon/matchbox/tree/master/examples). ```sh -$ sudo ./scripts/devnet create etcd3 +$ sudo ./scripts/devnet create fedora-coreos ``` Inspect the logs. @@ -57,7 +59,7 @@ Inspect the logs. $ sudo ./scripts/devnet status ``` -Take a look at the [etcd3 groups](../examples/groups/etcd3) to get an idea of how machines are mapped to Profiles. Explore some endpoints exposed by the service, say for QEMU/KVM node1. +Inspect the examples and Matchbox endpoints to see how machines (e.g. node1 with MAC `52:54:00:a1:9c:ae`) are mapped to Profiles, and therefore iPXE and Ignition configs. * iPXE [http://127.0.0.1:8080/ipxe?mac=52:54:00:a1:9c:ae](http://127.0.0.1:8080/ipxe?mac=52:54:00:a1:9c:ae) * Ignition [http://127.0.0.1:8080/ignition?mac=52:54:00:a1:9c:ae](http://127.0.0.1:8080/ignition?mac=52:54:00:a1:9c:ae) @@ -68,7 +70,7 @@ Take a look at the [etcd3 groups](../examples/groups/etcd3) to get an idea of ho If you prefer to start the containers yourself, instead of using `devnet`, ```sh -$ sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/groups/etcd3:/var/lib/matchbox/groups:Z quay.io/poseidon/matchbox:latest -address=0.0.0.0:8080 -log-level=debug +$ sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/groups/fedora-coreos:/var/lib/matchbox/groups:Z quay.io/poseidon/matchbox:latest -address=0.0.0.0:8080 -log-level=debug $ sudo docker run --name dnsmasq --cap-add=NET_ADMIN -v $PWD/contrib/dnsmasq/docker0.conf:/etc/dnsmasq.conf:Z quay.io/poseidon/dnsmasq -d ``` @@ -101,15 +103,12 @@ $ sudo ./scripts/libvirt [start|reboot|shutdown|poweroff|destroy] ## Verify -The VMs should network boot and provision themselves into a three node etcd3 cluster, with other nodes behaving as etcd3 gateways. +The VMs should network boot and provision themselves as declared. -The example profile added autologin so you can verify that etcd3 works between nodes. - -```sh -$ systemctl status etcd-member -$ etcdctl set /message hello -$ etcdctl get /message ``` +cat /etc/os-release +``` + ## Clean up Clean up the containers and VM machines. @@ -119,6 +118,13 @@ $ sudo ./scripts/devnet destroy $ sudo ./scripts/libvirt destroy ``` -## Going further +## Going Further + +Learn more about [matchbox](matchbox.md) or explore the other [examples](https://github.com/poseidon/matchbox/tree/master/examples). + +Try different examples and Ignition declarations: + +* Declare an SSH authorized public key (see examples README) +* Declare a systemd unit +* Declare file or directory content -Learn more about [matchbox](matchbox.md) or explore the other [example](../examples) clusters. diff --git a/docs/getting-started.md b/docs/getting-started.md index 1a6b911b1..f3aea7ab8 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -1,12 +1,12 @@ # Getting started -In this tutorial, we'll show how to use terraform with `matchbox` to provision Container Linux machines. +In this tutorial, we'll use `matchbox` with Terraform to provision Container Linux machines. -You'll install the `matchbox` service, setup a PXE network boot environment, and then use terraform configs to describe your infrastructure and the terraform CLI to create those resources on `matchbox`. +We'll install the `matchbox` service, setup a PXE network boot environment, and use Terraform configs to declare infrastructure and apply resources on `matchbox`. ## matchbox -Install `matchbox` on a dedicated server or Kubernetes cluster. Generate TLS credentials and enable the gRPC API as directed. Save the `ca.crt`, `client.crt`, and `client.key` on your local machine (e.g. `~/.matchbox`). +Install `matchbox` on a host server or Kubernetes cluster. Generate TLS credentials and enable the gRPC API as directed. Save the `ca.crt`, `client.crt`, and `client.key` on your local machine (e.g. `~/.matchbox`). * Installing on [Container Linux / other distros](deployment.md) * Installing on [Kubernetes](deployment.md#kubernetes) diff --git a/docs/index.md b/docs/index.md index 5f6c9267c..4014c4d0c 100644 --- a/docs/index.md +++ b/docs/index.md @@ -1,11 +1,11 @@ # Matchbox -Matchbox is a service that matches bare-metal machines to profiles that PXE boot and provision clusters. Machines are matched by labels like MAC or UUID during PXE and profiles specify a kernel/initrd, iPXE config, and Container Linux or Fedora CoreOS config. +Matchbox is a service that matches bare-metal machines to profiles that PXE boot and provision clusters. Machines are matched by labels like MAC or UUID during PXE and profiles specify a kernel/initrd, iPXE config, and Ignition config. ## Features * Chainload via iPXE and match hardware labels -* Provision Container Linux and Fedora CoreOS (powered by [Ignition](https://github.com/coreos/ignition)) +* Provision Fedora CoreOS or Flatcar Linux (powered by [Ignition](https://github.com/coreos/ignition)) * Authenticated gRPC API for clients (e.g. Terraform) ## Installation @@ -17,10 +17,11 @@ Matchbox can be installed from a binary or a container image. ## Tutorials -[Getting started](getting-started.md) provisioning machines with Container Linux. +[Getting started](getting-started.md) provisioning machines with Fedora CoreOS or Flatcar Linux. -* Local QEMU/KVM - * [matchbox with Docker](getting-started-docker.md) +* [Local QEMU/KVM](getting-started-docker.md) + * Fedora CoreOS (live PXE or PXE install to disk) + * Flatcar Linux (live PXE or PXE install to disk) * Clusters * [etcd3](getting-started-docker.md) - Install a 3-node etcd3 cluster * [etcd3](https://github.com/poseidon/matchbox/tree/master/examples/terraform/etcd3-install) - Install a 3-node etcd3 cluster (terraform-based) diff --git a/examples/README.md b/examples/README.md index 98344e3a0..b14171e7f 100644 --- a/examples/README.md +++ b/examples/README.md @@ -13,41 +13,51 @@ These examples use [Terraform](https://www.terraform.io/intro/) as a client to M ### Customization -You are encouraged to look through the examples and Terraform modules. Implement your own profiles or package them as modules to meet your needs. We've just provided a starting point. Learn more about [matchbox](../docs/matchbox.md) and [Container Linux configs](../docs/container-linux-config.md). +Look through the examples and Terraform modules and use them as a starting point. Learn more about [matchbox](../docs/matchbox.md) and [Container Linux configs](../docs/container-linux-config.md). ## Manual Examples These examples mount raw Matchbox objects into a Matchbox server's `/var/lib/matchbox/` directory. -| Name | Description | CoreOS Container Linux Version | FS | Docs | -|------------|-------------|----------------|----|-----------| -| simple | CoreOS Container Linux with autologin, using iPXE | stable/1967.3.0 | RAM | [reference](https://coreos.com/os/docs/latest/booting-with-ipxe.html) | -| simple-install | CoreOS Container Linux Install, using iPXE | stable/1967.3.0 | RAM | [reference](https://coreos.com/os/docs/latest/booting-with-ipxe.html) | -| grub | CoreOS Container Linux via GRUB2 Netboot | stable/1967.3.0 | RAM | NA | -| etcd3 | PXE boot a 3-node etcd3 cluster with proxies | stable/1967.3.0 | RAM | None | -| etcd3-install | Install a 3-node etcd3 cluster to disk | stable/1967.3.0 | Disk | None | +| Name | Description | FS | Docs | +|---------------|------------------------------|-----|-------| +| fedora-coreos | Fedora CoreOS live PXE | RAM | [docs](https://docs.fedoraproject.org/en-US/fedora-coreos/live-booting-ipxe/) | +| fedora-coreos-install | Fedora CoreOS install | Disk | [docs](https://docs.fedoraproject.org/en-US/fedora-coreos/bare-metal/) | +| flatcar | Flatcar Linux live PXE | RAM | [docs](https://docs.flatcar-linux.org/os/booting-with-ipxe/) | +| flatcar-install | Flatcar Linux install | Disk | [docs](https://docs.flatcar-linux.org/os/booting-with-ipxe/) | ### Customization -#### Autologin +For Fedora CoreOS, add an SSH authorized key to Fedora CoreOS Config (`ignition/fedora-coreos.yaml`) and regenerate the Ignition Config. + +``` +variant: fcos +version: 1.1.0 +passwd: + users: + - name: core + ssh_authorized_keys: + - ssh-rsa pub-key-goes-here +``` + +``` +podman run -i --rm quay.io/coreos/fcct:release --pretty --strict < fedora-coreos.yaml > fedora-coreos.ign +``` + +For Flatcar Linux, add a Matchbox variable to a Group to set the SSH authorized key (or directly update the Container Linux Config). + +``` +# groups/flatcar-install/flatcar.json +{ + "id": "stage-1", + "name": "Flatcar Linux", + "profile": "flatcar", + "selector": { + "os": "installed" + }, + "metadata": { + "ssh_authorized_keys": ["ssh-rsa pub-key-goes-here"] + } +} +``` -Example profiles pass the `coreos.autologin` kernel argument. This skips the password prompt for development and troubleshooting and should be removed **before production**. - -## SSH Keys - -Example groups allow `ssh_authorized_keys` to be added for the `core` user as metadata. You might also include this directly in your Ignition. - - # /var/lib/matchbox/groups/default.json - { - "name": "Example Machine Group", - "profile": "pxe", - "metadata": { - "ssh_authorized_keys": ["ssh-rsa pub-key-goes-here"] - } - } - -#### Conditional Variables - -**"pxe"** - -Some examples check the `pxe` variable to determine whether to create a `/dev/sda1` filesystem and partition for PXEing with `root=/dev/sda1` ("pxe":"true") or to write files to the existing filesystem on `/dev/disk/by-label/ROOT` ("pxe":"false"). diff --git a/examples/groups/bootkube-install/install.json b/examples/groups/bootkube-install/install.json deleted file mode 100644 index f7734094e..000000000 --- a/examples/groups/bootkube-install/install.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "id": "coreos-install", - "name": "CoreOS Container Linux Install", - "profile": "install-reboot", - "metadata": { - "coreos_channel": "stable", - "coreos_version": "1967.3.0", - "ignition_endpoint": "http://matchbox.example.com:8080/ignition", - "baseurl": "http://matchbox.example.com:8080/assets/coreos" - } -} diff --git a/examples/groups/bootkube-install/node1.json b/examples/groups/bootkube-install/node1.json deleted file mode 100644 index b65e16ab3..000000000 --- a/examples/groups/bootkube-install/node1.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "id": "node1", - "name": "Controller Node", - "profile": "bootkube-controller", - "selector": { - "mac": "52:54:00:a1:9c:ae", - "os": "installed" - }, - "metadata": { - "domain_name": "node1.example.com", - "etcd_initial_cluster": "node1=https://node1.example.com:2380", - "etcd_name": "node1", - "k8s_dns_service_ip": "10.3.0.10", - "ssh_authorized_keys": [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPQFdwVLr+alsWIgYRz9OdqDhnx9jjuFbkdSdpqq4gd9uZApYlivMDD4UgjFazQpezx8DiNhu9ym7i6LgAcdwi+10hE4L9yoJv9uBgbBxOAd65znqLqF91NtV4mlKP5YfJtR7Ehs+pTB+IIC+o5veDbPn+BYgDMJ2x7Osbn1/gFSDken/yoOFbYbRMGMfVEQYjJzC4r/qCKH0bl/xuVNLxf9FkWSTCcQFKGOndwuGITDkshD4r2Kk8gUddXPxoahBv33/2QH0CY5zbKYjhgN6I6WtwO+O1uJwtNeV1AGhYjurdd60qggNwx+W7623uK3nIXvJd3hzDO8u5oa53/tIL fake-test-key-REMOVE-ME" - - ] - } -} diff --git a/examples/groups/bootkube-install/node2.json b/examples/groups/bootkube-install/node2.json deleted file mode 100644 index 9f23e40a6..000000000 --- a/examples/groups/bootkube-install/node2.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "id": "node2", - "name": "Worker Node", - "profile": "bootkube-worker", - "selector": { - "mac": "52:54:00:b2:2f:86", - "os": "installed" - }, - "metadata": { - "domain_name": "node2.example.com", - "k8s_dns_service_ip": "10.3.0.10", - "ssh_authorized_keys": [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPQFdwVLr+alsWIgYRz9OdqDhnx9jjuFbkdSdpqq4gd9uZApYlivMDD4UgjFazQpezx8DiNhu9ym7i6LgAcdwi+10hE4L9yoJv9uBgbBxOAd65znqLqF91NtV4mlKP5YfJtR7Ehs+pTB+IIC+o5veDbPn+BYgDMJ2x7Osbn1/gFSDken/yoOFbYbRMGMfVEQYjJzC4r/qCKH0bl/xuVNLxf9FkWSTCcQFKGOndwuGITDkshD4r2Kk8gUddXPxoahBv33/2QH0CY5zbKYjhgN6I6WtwO+O1uJwtNeV1AGhYjurdd60qggNwx+W7623uK3nIXvJd3hzDO8u5oa53/tIL fake-test-key-REMOVE-ME" - ] - } -} diff --git a/examples/groups/bootkube-install/node3.json b/examples/groups/bootkube-install/node3.json deleted file mode 100644 index 78ece7b67..000000000 --- a/examples/groups/bootkube-install/node3.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "id": "node3", - "name": "Worker Node", - "profile": "bootkube-worker", - "selector": { - "mac": "52:54:00:c3:61:77", - "os": "installed" - }, - "metadata": { - "domain_name": "node3.example.com", - "k8s_dns_service_ip": "10.3.0.10", - "ssh_authorized_keys": [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPQFdwVLr+alsWIgYRz9OdqDhnx9jjuFbkdSdpqq4gd9uZApYlivMDD4UgjFazQpezx8DiNhu9ym7i6LgAcdwi+10hE4L9yoJv9uBgbBxOAd65znqLqF91NtV4mlKP5YfJtR7Ehs+pTB+IIC+o5veDbPn+BYgDMJ2x7Osbn1/gFSDken/yoOFbYbRMGMfVEQYjJzC4r/qCKH0bl/xuVNLxf9FkWSTCcQFKGOndwuGITDkshD4r2Kk8gUddXPxoahBv33/2QH0CY5zbKYjhgN6I6WtwO+O1uJwtNeV1AGhYjurdd60qggNwx+W7623uK3nIXvJd3hzDO8u5oa53/tIL fake-test-key-REMOVE-ME" - ] - } -} diff --git a/examples/groups/bootkube/node1.json b/examples/groups/bootkube/node1.json deleted file mode 100644 index cdc86c5e2..000000000 --- a/examples/groups/bootkube/node1.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "id": "node1", - "name": "Controller Node", - "profile": "bootkube-controller", - "selector": { - "mac": "52:54:00:a1:9c:ae" - }, - "metadata": { - "domain_name": "node1.example.com", - "etcd_initial_cluster": "node1=https://node1.example.com:2380", - "etcd_name": "node1", - "k8s_dns_service_ip": "10.3.0.10", - "pxe": "true", - "ssh_authorized_keys": [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPQFdwVLr+alsWIgYRz9OdqDhnx9jjuFbkdSdpqq4gd9uZApYlivMDD4UgjFazQpezx8DiNhu9ym7i6LgAcdwi+10hE4L9yoJv9uBgbBxOAd65znqLqF91NtV4mlKP5YfJtR7Ehs+pTB+IIC+o5veDbPn+BYgDMJ2x7Osbn1/gFSDken/yoOFbYbRMGMfVEQYjJzC4r/qCKH0bl/xuVNLxf9FkWSTCcQFKGOndwuGITDkshD4r2Kk8gUddXPxoahBv33/2QH0CY5zbKYjhgN6I6WtwO+O1uJwtNeV1AGhYjurdd60qggNwx+W7623uK3nIXvJd3hzDO8u5oa53/tIL fake-test-key-REMOVE-ME" - ] - } -} diff --git a/examples/groups/bootkube/node2.json b/examples/groups/bootkube/node2.json deleted file mode 100644 index 70405473c..000000000 --- a/examples/groups/bootkube/node2.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "id": "node2", - "name": "Worker Node", - "profile": "bootkube-worker", - "selector": { - "mac": "52:54:00:b2:2f:86" - }, - "metadata": { - "domain_name": "node2.example.com", - "k8s_dns_service_ip": "10.3.0.10", - "pxe": "true", - "ssh_authorized_keys": [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPQFdwVLr+alsWIgYRz9OdqDhnx9jjuFbkdSdpqq4gd9uZApYlivMDD4UgjFazQpezx8DiNhu9ym7i6LgAcdwi+10hE4L9yoJv9uBgbBxOAd65znqLqF91NtV4mlKP5YfJtR7Ehs+pTB+IIC+o5veDbPn+BYgDMJ2x7Osbn1/gFSDken/yoOFbYbRMGMfVEQYjJzC4r/qCKH0bl/xuVNLxf9FkWSTCcQFKGOndwuGITDkshD4r2Kk8gUddXPxoahBv33/2QH0CY5zbKYjhgN6I6WtwO+O1uJwtNeV1AGhYjurdd60qggNwx+W7623uK3nIXvJd3hzDO8u5oa53/tIL fake-test-key-REMOVE-ME" - ] - } -} diff --git a/examples/groups/bootkube/node3.json b/examples/groups/bootkube/node3.json deleted file mode 100644 index b81ae98ef..000000000 --- a/examples/groups/bootkube/node3.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "id": "node3", - "name": "Worker Node", - "profile": "bootkube-worker", - "selector": { - "mac": "52:54:00:c3:61:77" - }, - "metadata": { - "domain_name": "node3.example.com", - "k8s_dns_service_ip": "10.3.0.10", - "pxe": "true", - "ssh_authorized_keys": [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPQFdwVLr+alsWIgYRz9OdqDhnx9jjuFbkdSdpqq4gd9uZApYlivMDD4UgjFazQpezx8DiNhu9ym7i6LgAcdwi+10hE4L9yoJv9uBgbBxOAd65znqLqF91NtV4mlKP5YfJtR7Ehs+pTB+IIC+o5veDbPn+BYgDMJ2x7Osbn1/gFSDken/yoOFbYbRMGMfVEQYjJzC4r/qCKH0bl/xuVNLxf9FkWSTCcQFKGOndwuGITDkshD4r2Kk8gUddXPxoahBv33/2QH0CY5zbKYjhgN6I6WtwO+O1uJwtNeV1AGhYjurdd60qggNwx+W7623uK3nIXvJd3hzDO8u5oa53/tIL fake-test-key-REMOVE-ME" - ] - } -} diff --git a/examples/groups/etcd3-install/gateway.json b/examples/groups/etcd3-install/gateway.json deleted file mode 100644 index 96a4c151b..000000000 --- a/examples/groups/etcd3-install/gateway.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "id": "default", - "name": "default", - "profile": "etcd3-gateway", - "selector": { - "os": "installed" - }, - "metadata": { - "etcd_endpoints": "node1.example.com:2379,node2.example.com:2379,node3.example.com:2379" - } -} diff --git a/examples/groups/etcd3-install/install.json b/examples/groups/etcd3-install/install.json deleted file mode 100644 index f7734094e..000000000 --- a/examples/groups/etcd3-install/install.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "id": "coreos-install", - "name": "CoreOS Container Linux Install", - "profile": "install-reboot", - "metadata": { - "coreos_channel": "stable", - "coreos_version": "1967.3.0", - "ignition_endpoint": "http://matchbox.example.com:8080/ignition", - "baseurl": "http://matchbox.example.com:8080/assets/coreos" - } -} diff --git a/examples/groups/etcd3-install/node1.json b/examples/groups/etcd3-install/node1.json deleted file mode 100644 index 3f0bcd072..000000000 --- a/examples/groups/etcd3-install/node1.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "id": "node1", - "name": "etcd Node 1", - "profile": "etcd3", - "selector": { - "mac": "52:54:00:a1:9c:ae", - "os": "installed" - }, - "metadata": { - "domain_name": "node1.example.com", - "etcd_name": "node1", - "etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - } -} diff --git a/examples/groups/etcd3-install/node2.json b/examples/groups/etcd3-install/node2.json deleted file mode 100644 index 02889d323..000000000 --- a/examples/groups/etcd3-install/node2.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "id": "node2", - "name": "etcd Node 2", - "profile": "etcd3", - "selector": { - "mac": "52:54:00:b2:2f:86", - "os": "installed" - }, - "metadata": { - "domain_name": "node2.example.com", - "etcd_name": "node2", - "etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - } -} diff --git a/examples/groups/etcd3-install/node3.json b/examples/groups/etcd3-install/node3.json deleted file mode 100644 index 5d8204d9e..000000000 --- a/examples/groups/etcd3-install/node3.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "id": "node3", - "name": "etcd Node 3", - "profile": "etcd3", - "selector": { - "mac": "52:54:00:c3:61:77", - "os": "installed" - }, - "metadata": { - "domain_name": "node3.example.com", - "etcd_name": "node3", - "etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - } -} diff --git a/examples/groups/etcd3/gateway.json b/examples/groups/etcd3/gateway.json deleted file mode 100644 index 2b9370be9..000000000 --- a/examples/groups/etcd3/gateway.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "id": "default", - "name": "default", - "profile": "etcd3-gateway", - "metadata": { - "etcd_endpoints": "node1.example.com:2379,node2.example.com:2379,node3.example.com:2379" - } -} diff --git a/examples/groups/etcd3/node1.json b/examples/groups/etcd3/node1.json deleted file mode 100644 index a3814d009..000000000 --- a/examples/groups/etcd3/node1.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "id": "node1", - "name": "etcd Node 1", - "profile": "etcd3", - "selector": { - "mac": "52:54:00:a1:9c:ae" - }, - "metadata": { - "domain_name": "node1.example.com", - "etcd_name": "node1", - "etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - } -} diff --git a/examples/groups/etcd3/node2.json b/examples/groups/etcd3/node2.json deleted file mode 100644 index 788d524d1..000000000 --- a/examples/groups/etcd3/node2.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "id": "node2", - "name": "etcd Node 2", - "profile": "etcd3", - "selector": { - "mac": "52:54:00:b2:2f:86" - }, - "metadata": { - "domain_name": "node2.example.com", - "etcd_name": "node2", - "etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - } -} diff --git a/examples/groups/etcd3/node3.json b/examples/groups/etcd3/node3.json deleted file mode 100644 index a73c76605..000000000 --- a/examples/groups/etcd3/node3.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "id": "node3", - "name": "etcd Node 3", - "profile": "etcd3", - "selector": { - "mac": "52:54:00:c3:61:77" - }, - "metadata": { - "domain_name": "node3.example.com", - "etcd_name": "node3", - "etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - } -} diff --git a/examples/groups/fedora-coreos-install/default.json b/examples/groups/fedora-coreos-install/default.json new file mode 100644 index 000000000..1e7d3bc59 --- /dev/null +++ b/examples/groups/fedora-coreos-install/default.json @@ -0,0 +1,7 @@ +{ + "id": "default", + "name": "Fedora CoreOS install", + "profile": "fedora-coreos-install", + "selector": {}, + "metadata": {} +} diff --git a/examples/groups/fedora-coreos/default.json b/examples/groups/fedora-coreos/default.json new file mode 100644 index 000000000..4f3f03d42 --- /dev/null +++ b/examples/groups/fedora-coreos/default.json @@ -0,0 +1,7 @@ +{ + "id": "default", + "name": "Fedora CoreOS", + "profile": "fedora-coreos", + "selector": {}, + "metadata": {} +} diff --git a/examples/groups/flatcar-install/flatcar.json b/examples/groups/flatcar-install/flatcar.json new file mode 100644 index 000000000..43355284c --- /dev/null +++ b/examples/groups/flatcar-install/flatcar.json @@ -0,0 +1,10 @@ +{ + "id": "stage-1", + "name": "Flatcar Linux", + "profile": "flatcar", + "selector": { + "os": "installed" + }, + "metadata": { + } +} diff --git a/examples/groups/flatcar-install/install.json b/examples/groups/flatcar-install/install.json new file mode 100644 index 000000000..a6dba3845 --- /dev/null +++ b/examples/groups/flatcar-install/install.json @@ -0,0 +1,11 @@ +{ + "id": "stage-0", + "name": "Flatcar Linux install", + "profile": "flatcar-install", + "metadata": { + "os_channel": "stable", + "os_version": "2605.6.0", + "ignition_endpoint": "http://matchbox.example.com:8080/ignition", + "baseurl": "http://matchbox.example.com:8080/assets/flatcar" + } +} diff --git a/examples/groups/flatcar/default.json b/examples/groups/flatcar/default.json new file mode 100644 index 000000000..56f4724ba --- /dev/null +++ b/examples/groups/flatcar/default.json @@ -0,0 +1,7 @@ +{ + "id": "default", + "name": "Flatcar Linux", + "profile": "flatcar", + "selector": {}, + "metadata": {} +} diff --git a/examples/groups/grub/default.json b/examples/groups/grub/default.json deleted file mode 100644 index b69a8860b..000000000 --- a/examples/groups/grub/default.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "id": "default", - "name": "GRUB CoreOS Container Linux alpha", - "profile": "grub" -} diff --git a/examples/groups/simple-install/install.json b/examples/groups/simple-install/install.json deleted file mode 100644 index 09d92ca84..000000000 --- a/examples/groups/simple-install/install.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "id": "install", - "name": "Simple CoreOS Container Linux Install", - "profile": "simple-install", - "metadata": { - "coreos_channel": "stable", - "coreos_version": "1967.3.0", - "ignition_endpoint": "http://matchbox.example.com:8080/ignition", - "baseurl": "http://matchbox.example.com:8080/assets/coreos" - } -} diff --git a/examples/groups/simple-install/simple.json b/examples/groups/simple-install/simple.json deleted file mode 100644 index 212790000..000000000 --- a/examples/groups/simple-install/simple.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "id": "simple", - "name": "Simple CoreOS Container Linux Alpha", - "profile": "simple", - "selector": { - "os": "installed" - }, - "metadata": {} -} diff --git a/examples/groups/simple/default.json b/examples/groups/simple/default.json deleted file mode 100644 index 2db7201d2..000000000 --- a/examples/groups/simple/default.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "id": "default", - "name": "Simple CoreOS Container Linux Alpha with RAM disk", - "profile": "simple" -} diff --git a/examples/ignition/etcd3-gateway.yaml b/examples/ignition/etcd3-gateway.yaml deleted file mode 100644 index 153ad6e48..000000000 --- a/examples/ignition/etcd3-gateway.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -systemd: - units: - - name: etcd-member.service - enable: true - dropins: - - name: 40-etcd-cluster.conf - contents: | - [Service] - Environment="ETCD_IMAGE_TAG=v3.2.0" - ExecStart= - ExecStart=/usr/lib/coreos/etcd-wrapper gateway start \ - --listen-addr=127.0.0.1:2379 \ - --endpoints={{.etcd_endpoints}} - - name: locksmithd.service - dropins: - - name: 40-etcd-lock.conf - contents: | - [Service] - Environment="REBOOT_STRATEGY=etcd-lock" - -{{ if index . "ssh_authorized_keys" }} -passwd: - users: - - name: core - ssh_authorized_keys: - {{ range $element := .ssh_authorized_keys }} - - {{$element}} - {{end}} -{{end}} - diff --git a/examples/ignition/etcd3.yaml b/examples/ignition/etcd3.yaml deleted file mode 100644 index 8589e423b..000000000 --- a/examples/ignition/etcd3.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -systemd: - units: - - name: etcd-member.service - enable: true - dropins: - - name: 40-etcd-cluster.conf - contents: | - [Service] - Environment="ETCD_IMAGE_TAG=v3.2.0" - Environment="ETCD_NAME={{.etcd_name}}" - Environment="ETCD_ADVERTISE_CLIENT_URLS=http://{{.domain_name}}:2379" - Environment="ETCD_INITIAL_ADVERTISE_PEER_URLS=http://{{.domain_name}}:2380" - Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379" - Environment="ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380" - Environment="ETCD_INITIAL_CLUSTER={{.etcd_initial_cluster}}" - Environment="ETCD_STRICT_RECONFIG_CHECK=true" - - name: locksmithd.service - dropins: - - name: 40-etcd-lock.conf - contents: | - [Service] - Environment="REBOOT_STRATEGY=etcd-lock" - -{{ if index . "ssh_authorized_keys" }} -passwd: - users: - - name: core - ssh_authorized_keys: - {{ range $element := .ssh_authorized_keys }} - - {{$element}} - {{end}} -{{end}} diff --git a/examples/ignition/fedora-coreos.ign b/examples/ignition/fedora-coreos.ign new file mode 100644 index 000000000..90b8fb784 --- /dev/null +++ b/examples/ignition/fedora-coreos.ign @@ -0,0 +1,15 @@ +{ + "ignition": { + "version": "3.1.0" + }, + "passwd": { + "users": [ + { + "name": "core", + "sshAuthorizedKeys": [ + "ssh-rsa SET_PUBKEY_HERE" + ] + } + ] + } +} diff --git a/examples/ignition/fedora-coreos.yaml b/examples/ignition/fedora-coreos.yaml new file mode 100644 index 000000000..e63bd7a26 --- /dev/null +++ b/examples/ignition/fedora-coreos.yaml @@ -0,0 +1,8 @@ +variant: fcos +version: 1.1.0 +passwd: + users: + - name: core + ssh_authorized_keys: + - ssh-rsa SET_PUBKEY_HERE + diff --git a/examples/ignition/install-reboot.yaml b/examples/ignition/flatcar-install.yaml similarity index 79% rename from examples/ignition/install-reboot.yaml rename to examples/ignition/flatcar-install.yaml index 178bb3746..855e6f2f4 100644 --- a/examples/ignition/install-reboot.yaml +++ b/examples/ignition/flatcar-install.yaml @@ -21,7 +21,12 @@ storage: inline: | #!/bin/bash -ex curl --retry 10 --fail "{{.ignition_endpoint}}?{{.request.raw_query}}&os=installed" -o ignition.json - coreos-install -d /dev/sda -C {{.coreos_channel}} -V {{.coreos_version}} -i ignition.json {{if index . "baseurl"}}-b {{.baseurl}}{{end}} + flatcar-install \ + -d /dev/sda \ + -C {{.os_channel}} \ + -V {{.os_version}} \ + {{- if index . "baseurl"}}-b {{.baseurl}} \{{end}} + -i ignition.json udevadm settle systemctl reboot diff --git a/examples/ignition/ssh.yaml b/examples/ignition/flatcar.yaml similarity index 100% rename from examples/ignition/ssh.yaml rename to examples/ignition/flatcar.yaml diff --git a/examples/profiles/etcd3-gateway.json b/examples/profiles/etcd3-gateway.json deleted file mode 100644 index b5fa34643..000000000 --- a/examples/profiles/etcd3-gateway.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "id": "etcd3-gateway", - "name": "etcd3-gateway", - "boot": { - "kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz", - "initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"], - "args": [ - "initrd=coreos_production_pxe_image.cpio.gz", - "coreos.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}", - "coreos.first_boot=yes", - "console=tty0", - "console=ttyS0", - "coreos.autologin" - ] - }, - "ignition_id": "etcd3-gateway.yaml" -} diff --git a/examples/profiles/etcd3.json b/examples/profiles/etcd3.json deleted file mode 100644 index cc1a40177..000000000 --- a/examples/profiles/etcd3.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "id": "etcd3", - "name": "etcd3", - "boot": { - "kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz", - "initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"], - "args": [ - "initrd=coreos_production_pxe_image.cpio.gz", - "coreos.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}", - "coreos.first_boot=yes", - "console=tty0", - "console=ttyS0", - "coreos.autologin" - ] - }, - "ignition_id": "etcd3.yaml" -} diff --git a/examples/profiles/fedora-coreos-install.json b/examples/profiles/fedora-coreos-install.json new file mode 100644 index 000000000..490cbb9ad --- /dev/null +++ b/examples/profiles/fedora-coreos-install.json @@ -0,0 +1,19 @@ +{ + "id": "fedora-coreos-install", + "name": "Fedora CoreOS install to disk", + "boot": { + "kernel": "/assets/fedora-coreos/fedora-coreos-32.20200923.3.0-live-kernel-x86_64", + "initrd": [ + "/assets/fedora-coreos/fedora-coreos-32.20200923.3.0-live-initramfs.x86_64.img", + "/assets/fedora-coreos/fedora-coreos-32.20200923.3.0-live-rootfs.x86_64.img" + ], + "args": [ + "coreos.inst.install_dev=/dev/sda", + "coreos.inst.ignition_url=http://matchbox.example.com:8080/ignition?uuid=$${uuid}&mac=$${mac:hexhyp}", + "coreos.inst.image_url=http://matchbox.example.com:8080/assets/fedora-coreos/fedora-coreos-32.20200923.3.0-metal.x86_64.raw.xz", + "console=tty0", + "console=ttyS0" + ] + }, + "ignition_id": "fedora-coreos.ign" +} diff --git a/examples/profiles/fedora-coreos.json b/examples/profiles/fedora-coreos.json new file mode 100644 index 000000000..e26c9fdac --- /dev/null +++ b/examples/profiles/fedora-coreos.json @@ -0,0 +1,20 @@ +{ + "id": "fedora-coreos", + "name": "Fedora CoreOS", + "boot": { + "kernel": "/assets/fedora-coreos/fedora-coreos-32.20200923.3.0-live-kernel-x86_64", + "initrd": [ + "/assets/fedora-coreos/fedora-coreos-32.20200923.3.0-live-initramfs.x86_64.img", + "/assets/fedora-coreos/fedora-coreos-32.20200923.3.0-live-rootfs.x86_64.img" + ], + "args": [ + "ignition.firstboot", + "ignition.platform.id=metal", + "ignition.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}", + "systemd.unified_cgroup_hierarchy=0", + "console=tty0", + "console=ttyS0" + ] + }, + "ignition_id": "fedora-coreos.ign" +} diff --git a/examples/profiles/flatcar-install.json b/examples/profiles/flatcar-install.json new file mode 100644 index 000000000..f82f78a9a --- /dev/null +++ b/examples/profiles/flatcar-install.json @@ -0,0 +1,19 @@ +{ + "id": "flatcar-install", + "name": "Flatcar Linux install to disk", + "boot": { + "kernel": "/assets/flatcar/2605.6.0/flatcar_production_pxe.vmlinuz", + "initrd": [ + "/assets/flatcar/2605.6.0/flatcar_production_pxe_image.cpio.gz" + ], + "args": [ + "initrd=flatcar_production_pxe_image.cpio.gz", + "flatcar.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}", + "flatcar.first_boot=yes", + "console=tty0", + "console=ttyS0", + "flatcar.autologin" + ] + }, + "ignition_id": "flatcar-install.yaml" +} diff --git a/examples/profiles/flatcar.json b/examples/profiles/flatcar.json new file mode 100644 index 000000000..4f84c2164 --- /dev/null +++ b/examples/profiles/flatcar.json @@ -0,0 +1,19 @@ +{ + "id": "flatcar", + "name": "Flatcar Linux", + "boot": { + "kernel": "/assets/flatcar/2605.6.0/flatcar_production_pxe.vmlinuz", + "initrd": [ + "/assets/flatcar/2605.6.0/flatcar_production_pxe_image.cpio.gz" + ], + "args": [ + "initrd=flatcar_production_pxe_image.cpio.gz", + "flatcar.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}", + "flatcar.first_boot=yes", + "console=tty0", + "console=ttyS0", + "flatcar.autologin" + ] + }, + "ignition_id": "flatcar.yaml" +} diff --git a/examples/profiles/grub.json b/examples/profiles/grub.json deleted file mode 100644 index bfc11a7c3..000000000 --- a/examples/profiles/grub.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "id": "grub", - "name": "CoreOS Container Linux via GRUB2", - "boot": { - "kernel": "(http;matchbox.example.com:8080)/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz", - "initrd": ["(http;matchbox.example.com:8080)/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"], - "args": [ - "coreos.config.url=http://matchbox.example.com:8080/ignition", - "coreos.first_boot=yes", - "console=tty0", - "console=ttyS0", - "coreos.autologin" - ] - }, - "ignition_id": "ssh.yaml" -} diff --git a/examples/profiles/install-reboot.json b/examples/profiles/install-reboot.json deleted file mode 100644 index d29a41852..000000000 --- a/examples/profiles/install-reboot.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "id": "install-reboot", - "name": "Install CoreOS Container Linux and Reboot", - "boot": { - "kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz", - "initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"], - "args": [ - "initrd=coreos_production_pxe_image.cpio.gz", - "coreos.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}", - "coreos.first_boot=yes", - "console=tty0", - "console=ttyS0", - "coreos.autologin" - ] - }, - "ignition_id": "install-reboot.yaml" -} diff --git a/examples/profiles/simple-install.json b/examples/profiles/simple-install.json deleted file mode 100644 index 031bf8df1..000000000 --- a/examples/profiles/simple-install.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "id": "simple-install", - "name": "Simple CoreOS Container Linux Alpha Install", - "boot": { - "kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz", - "initrd": ["/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"], - "args": [ - "initrd=coreos_production_pxe_image.cpio.gz", - "coreos.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}", - "coreos.first_boot=yes", - "console=tty0", - "console=ttyS0", - "coreos.autologin" - ] - }, - "ignition_id": "install-reboot.yaml" -} diff --git a/examples/profiles/simple.json b/examples/profiles/simple.json deleted file mode 100644 index a48c10fdd..000000000 --- a/examples/profiles/simple.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "id": "simple", - "name": "Simple CoreOS Container Linux Alpha", - "boot": { - "kernel": "/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz", - "initrd": [ - "/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz" - ], - "args": [ - "initrd=coreos_production_pxe_image.cpio.gz", - "coreos.config.url=http://matchbox.example.com:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}", - "coreos.first_boot=yes", - "console=tty0", - "console=ttyS0", - "coreos.autologin" - ] - }, - "ignition_id": "ssh.yaml" -} diff --git a/mkdocs.yml b/mkdocs.yml index 93f95d804..b2ff2e114 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -1,7 +1,7 @@ site_name: matchbox site_description: Network boot and provision bare-metal clusters site_author: Dalton Hubble -copyright: Poseidon Labs +copyright: Poseidon Laboratories repo_name: poseidon/matchbox repo_url: https://github.com/poseidon/matchbox theme: diff --git a/requirements.txt b/requirements.txt index 3fdd02574..f4e4883b6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ mkdocs==1.1.2 -mkdocs-material==6.0.1 +mkdocs-material==6.0.2 pygments==2.6.1 pymdown-extensions==7.1.0 diff --git a/scripts/README.md b/scripts/README.md index 83fe4cf13..737f7420c 100644 --- a/scripts/README.md +++ b/scripts/README.md @@ -1,25 +1,48 @@ - # Scripts -## get-coreos +## get-fedora-coreos + +Run the `get-fedora-coreos` script to download Fedora CoreOS images, verify them, and move them into `examples/assets`. + +``` +./scripts/get-fedora-coreos +./scripts/get-fedora-coreos stream version dest +``` + +This will create: + +``` +examples/assets/fedora-coreos/ +├── fedora-coreos-32.20200923.3.0-live-initramfs.x86_64.img +├── fedora-coreos-32.20200923.3.0-live-kernel-x86_64 +├── fedora-coreos-32.20200923.3.0-live-rootfs.x86_64.img +├── fedora-coreos-32.20200923.3.0-metal.x86_64.raw.xz +└── fedora-coreos-32.20200923.3.0-metal.x86_64.raw.xz.sig +``` + +## get-flatcar -Run the `get-coreos` script to download CoreOS Container Linux images, verify them, and move them into `examples/assets`. +Run the `get-flatcar` script to download Flatcar Linux images, verify them, and move them into `examples/assets`. - ./scripts/get-coreos - ./scripts/get-coreos channel version +``` +./scripts/get-flatcar +./scripts/get-flatcar channel version dest +``` This will create: - examples/assets/ - └── coreos - └── 1153.0.0 - ├── CoreOS_Image_Signing_Key.asc - ├── coreos_production_image.bin.bz2 - ├── coreos_production_image.bin.bz2.sig - ├── coreos_production_pxe_image.cpio.gz - ├── coreos_production_pxe_image.cpio.gz.sig - ├── coreos_production_pxe.vmlinuz - └── coreos_production_pxe.vmlinuz.sig +``` +examples/assets/flatcar/ +└── 2605.6.0 + ├── Flatcar_Image_Signing_Key.asc + ├── flatcar_production_image.bin.bz2 + ├── flatcar_production_image.bin.bz2.sig + ├── flatcar_production_pxe_image.cpio.gz + ├── flatcar_production_pxe_image.cpio.gz.sig + ├── flatcar_production_pxe.vmlinuz + ├── flatcar_production_pxe.vmlinuz.sig + └── version.txt +``` ## libvirt diff --git a/scripts/devnet b/scripts/devnet index bcb1dee7d..51fcd6f63 100755 --- a/scripts/devnet +++ b/scripts/devnet @@ -81,7 +81,7 @@ function docker_create { # Mount the given EXAMPLE DATA_MOUNT="-v $PWD/examples:/var/lib/matchbox:Z -v $DIR/../examples/groups/$EXAMPLE:/var/lib/matchbox/groups:Z" fi - + docker run --name matchbox \ -d \ -p 8080:8080 \ diff --git a/scripts/get-coreos b/scripts/get-coreos deleted file mode 100755 index 5233cbd6c..000000000 --- a/scripts/get-coreos +++ /dev/null @@ -1,83 +0,0 @@ -#!/usr/bin/env bash -# USAGE: ./scripts/get-coreos -# USAGE: ./scripts/get-coreos channel version dest -# -# ENV VARS: -# - OEM_ID - specify OEM image id to download, alongside the default one -set -eou pipefail - -GPG=${GPG:-/usr/bin/gpg} - -CHANNEL=${1:-"stable"} -VERSION=${2:-"1967.3.0"} -DEST_DIR=${3:-"$PWD/examples/assets"} -OEM_ID=${OEM_ID:-""} -DEST=$DEST_DIR/coreos/$VERSION -BASE_URL=https://$CHANNEL.release.core-os.net/amd64-usr/$VERSION - -# check channel/version exist based on the header response -if ! curl -s -I $BASE_URL/coreos_production_pxe.vmlinuz | grep -q -E '^HTTP/[0-9.]+ [23][0-9][0-9]' ; then - echo "Channel or Version not found" - exit 1 -fi - -if [ ! -d "$DEST" ]; then - echo "Creating directory $DEST" - mkdir -p $DEST -fi - -if [[ -n "${OEM_ID}" ]]; then - IMAGE_NAME="coreos_production_${OEM_ID}_image.bin.bz2" - - # check if the oem version exists based on the header response - if ! curl -s -I $BASE_URL/$IMAGE_NAME | grep -q -E '^HTTP/[0-9.]+ [23][0-9][0-9]' ; then - echo "OEM version not found" - exit 1 - fi -fi - -echo "Downloading CoreOS $CHANNEL $VERSION images and sigs to $DEST" - -echo "CoreOS Image Signing Key" -curl -# https://coreos.com/security/image-signing-key/CoreOS_Image_Signing_Key.asc -o $DEST/CoreOS_Image_Signing_Key.asc -$GPG --import < "$DEST/CoreOS_Image_Signing_Key.asc" || true - -# Version -echo "version.txt" -curl -# $BASE_URL/version.txt -o $DEST/version.txt - -# PXE kernel and sig -echo "coreos_production_pxe.vmlinuz..." -curl -# $BASE_URL/coreos_production_pxe.vmlinuz -o $DEST/coreos_production_pxe.vmlinuz -echo "coreos_production_pxe.vmlinuz.sig" -curl -# $BASE_URL/coreos_production_pxe.vmlinuz.sig -o $DEST/coreos_production_pxe.vmlinuz.sig - -# PXE initrd and sig -echo "coreos_production_pxe_image.cpio.gz" -curl -# $BASE_URL/coreos_production_pxe_image.cpio.gz -o $DEST/coreos_production_pxe_image.cpio.gz -echo "coreos_production_pxe_image.cpio.gz.sig" -curl -# $BASE_URL/coreos_production_pxe_image.cpio.gz.sig -o $DEST/coreos_production_pxe_image.cpio.gz.sig - -# Install image -echo "coreos_production_image.bin.bz2" -curl -# $BASE_URL/coreos_production_image.bin.bz2 -o $DEST/coreos_production_image.bin.bz2 -echo "coreos_production_image.bin.bz2.sig" -curl -# $BASE_URL/coreos_production_image.bin.bz2.sig -o $DEST/coreos_production_image.bin.bz2.sig - -# Install oem image -if [[ -n "${IMAGE_NAME-}" ]]; then - echo $IMAGE_NAME - curl -# $BASE_URL/$IMAGE_NAME -o $DEST/$IMAGE_NAME - echo "$IMAGE_NAME.sig" - curl -# $BASE_URL/$IMAGE_NAME.sig -o $DEST/$IMAGE_NAME.sig -fi - -# verify signatures -$GPG --verify $DEST/coreos_production_pxe.vmlinuz.sig -$GPG --verify $DEST/coreos_production_pxe_image.cpio.gz.sig -$GPG --verify $DEST/coreos_production_image.bin.bz2.sig - -# verify oem signature -if [[ -n "${IMAGE_NAME-}" ]]; then - $GPG --verify $DEST/$IMAGE_NAME.sig -fi diff --git a/scripts/get-fedora-coreos b/scripts/get-fedora-coreos index 09acc09e2..97743ac38 100755 --- a/scripts/get-fedora-coreos +++ b/scripts/get-fedora-coreos @@ -31,7 +31,13 @@ curl -# $BASE_URL/fedora-coreos-$VERSION-live-kernel-x86_64 -o $DEST/fedora-core echo "fedora-coreos-$VERSION-live-initramfs.x86_64.img" curl -# $BASE_URL/fedora-coreos-$VERSION-live-initramfs.x86_64.img -o $DEST/fedora-coreos-$VERSION-live-initramfs.x86_64.img +# rootfs +echo "fedora-coreos-$VERSION-live-rootfs.x86_64.img" +curl -# $BASE_URL/fedora-coreos-$VERSION-live-rootfs.x86_64.img -o $DEST/fedora-coreos-$VERSION-live-rootfs.x86_64.img + # Install image echo "fedora-coreos-$VERSION-metal.x86_64.raw.xz" curl -# $BASE_URL/fedora-coreos-$VERSION-metal.x86_64.raw.xz -o $DEST/fedora-coreos-$VERSION-metal.x86_64.raw.xz +echo "fedora-coreos-$VERSION-metal.x86_64.raw.xz.sig" +curl -# $BASE_URL/fedora-coreos-$VERSION-metal.x86_64.raw.xz.sig -o $DEST/fedora-coreos-$VERSION-metal.x86_64.raw.xz.sig diff --git a/scripts/libvirt b/scripts/libvirt index fff6bb0eb..cc2f6cc55 100755 --- a/scripts/libvirt +++ b/scripts/libvirt @@ -1,7 +1,7 @@ #!/usr/bin/env bash # Manage VM nodes which have a specific set of hardware attributes. -VM_MEMORY=${VM_MEMORY:-2048} +VM_MEMORY=${VM_MEMORY:-3072} VM_DISK=${VM_DISK:-10} if [ "$EUID" -ne 0 ]