From 9b1cf3b509e117e1f5942b59abfcef064e8fa761 Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Sat, 7 Aug 2021 21:57:12 -0600 Subject: [PATCH] Add vagrant-libvirt: This gets the refactored sandbox back on par with the existing sandbox for vagrant-libvirt functionality. Signed-off-by: Jacob Weinstock --- deploy/.env | 8 +- deploy/compose/manifests/apply_manifests.sh | 4 + .../manifests/hardware/hardware-libvirt.json | 32 ++ .../compose/manifests/hardware/hardware.json | 2 +- .../manifests/template/ubuntu-libvirt.yaml | 74 +++++ deploy/compose/registry/registry_images.txt | 9 +- deploy/compose/registry/upload.sh | 7 +- deploy/docker-compose.yml | 4 +- deploy/vagrant/Vagrantfile | 77 ++++- docs/quickstarts/VAGRANTLVIRT.md | 289 +++++++++++++++++- 10 files changed, 481 insertions(+), 25 deletions(-) create mode 100644 deploy/compose/manifests/hardware/hardware-libvirt.json create mode 100644 deploy/compose/manifests/template/ubuntu-libvirt.yaml diff --git a/deploy/.env b/deploy/.env index 1e29d73..126ec6a 100644 --- a/deploy/.env +++ b/deploy/.env @@ -1,8 +1,10 @@ -OSIE_DOWNLOAD_URL="https://tinkerbell-oss.s3.amazonaws.com/osie-uploads/osie-v0-n=404,c=c35a5f8,b=master.tar.gz" +OSIE_DOWNLOAD_URL="https://tinkerbell-oss.s3.amazonaws.com/osie-uploads/osie-1790-23d78ea47f794d0e5c934b604579c26e5fce97f5.tar.gz" TINK_CLI_IMAGE="quay.io/tinkerbell/tink-cli:sha-8ea8a0e5" TINK_SERVER_IMAGE="quay.io/tinkerbell/tink:sha-8ea8a0e5" -BOOTS_SERVER_IMAGE="quay.io/tinkerbell/boots:sha-cb0290f8" +BOOTS_SERVER_IMAGE="quay.io/tinkerbell/boots:sha-94f43947" HEGEL_SERVER_IMAGE="quay.io/tinkerbell/hegel:sha-9f5da0a8" +TINKERBELL_HARDWARE_MANIFEST="/manifests/hardware/hardware.json" +TINKERBELL_TEMPLATE_MANIFEST="/manifests/template/ubuntu.yaml" TINKERBELL_HOST_IP=192.168.50.4 TINKERBELL_CLIENT_IP=192.168.50.43 -TINKERBELL_CLIENT_MAC=08:00:27:9E:F5:3A +TINKERBELL_CLIENT_MAC=08:00:27:9e:f5:3a diff --git a/deploy/compose/manifests/apply_manifests.sh b/deploy/compose/manifests/apply_manifests.sh index c20483b..6584f7b 100755 --- a/deploy/compose/manifests/apply_manifests.sh +++ b/deploy/compose/manifests/apply_manifests.sh @@ -56,6 +56,10 @@ workflow_exists() { return 0 fi local workflow_id=$(cat "${workflow_dir}"/workflow_id.txt) + if [ -z "${workflow_id}" ]; then + workflow "${workflow_dir}" "${mac_address}" + return 0 + fi tink workflow get | grep -q "${workflow_id}" local result=$? if [ "${result}" -ne 0 ]; then diff --git a/deploy/compose/manifests/hardware/hardware-libvirt.json b/deploy/compose/manifests/hardware/hardware-libvirt.json new file mode 100644 index 0000000..8efb60b --- /dev/null +++ b/deploy/compose/manifests/hardware/hardware-libvirt.json @@ -0,0 +1,32 @@ +{ + "id": "0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94", + "metadata": { + "facility": { + "facility_code": "onprem", + "plan_slug": "c2.medium.x86", + "plan_version_slug": "" + }, + "instance": {}, + "state": "provisioning" + }, + "network": { + "interfaces": [ + { + "dhcp": { + "arch": "x86_64", + "ip": { + "address": "192.168.50.43", + "gateway": "192.168.50.1", + "netmask": "255.255.255.0" + }, + "mac": "08:00:27:9e:f5:3a", + "uefi": false + }, + "netboot": { + "allow_pxe": true, + "allow_workflow": true + } + } + ] + } +} diff --git a/deploy/compose/manifests/hardware/hardware.json b/deploy/compose/manifests/hardware/hardware.json index af0b4f4..3e89242 100644 --- a/deploy/compose/manifests/hardware/hardware.json +++ b/deploy/compose/manifests/hardware/hardware.json @@ -18,7 +18,7 @@ "address": "192.168.50.43", "netmask": "255.255.255.0" }, - "mac": "08:00:27:9E:F5:3A", + "mac": "08:00:27:9e:f5:3a", "uefi": false }, "netboot": { diff --git a/deploy/compose/manifests/template/ubuntu-libvirt.yaml b/deploy/compose/manifests/template/ubuntu-libvirt.yaml new file mode 100644 index 0000000..321074e --- /dev/null +++ b/deploy/compose/manifests/template/ubuntu-libvirt.yaml @@ -0,0 +1,74 @@ +version: "0.1" +name: debian_Focal +global_timeout: 1800 +tasks: + - name: "os-installation" + worker: "{{.device_1}}" + volumes: + - /dev:/dev + - /dev/console:/dev/console + - /lib/firmware:/lib/firmware:ro + actions: + - name: "stream-ubuntu-image" + image: image2disk:v1.0.0 + timeout: 600 + environment: + DEST_DISK: /dev/vda + IMG_URL: "http://192.168.50.4:8080/focal-server-cloudimg-amd64.raw.gz" + COMPRESSED: true + - name: "install-openssl" + image: cexec:v1.0.0 + timeout: 90 + environment: + BLOCK_DEVICE: /dev/vda1 + FS_TYPE: ext4 + CHROOT: y + DEFAULT_INTERPRETER: "/bin/sh -c" + CMD_LINE: "apt -y update && apt -y install openssl" + - name: "create-user" + image: cexec:v1.0.0 + timeout: 90 + environment: + BLOCK_DEVICE: /dev/vda1 + FS_TYPE: ext4 + CHROOT: y + DEFAULT_INTERPRETER: "/bin/sh -c" + CMD_LINE: "useradd -p $(openssl passwd -1 tink) -s /bin/bash -d /home/tink/ -m -G sudo tink" + - name: "enable-ssh" + image: cexec:v1.0.0 + timeout: 90 + environment: + BLOCK_DEVICE: /dev/vda1 + FS_TYPE: ext4 + CHROOT: y + DEFAULT_INTERPRETER: "/bin/sh -c" + CMD_LINE: "ssh-keygen -A; systemctl enable ssh.service; sed -i 's/^PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config" + - name: "disable-apparmor" + image: cexec:v1.0.0 + timeout: 90 + environment: + BLOCK_DEVICE: /dev/vda1 + FS_TYPE: ext4 + CHROOT: y + DEFAULT_INTERPRETER: "/bin/sh -c" + CMD_LINE: "systemctl disable apparmor; systemctl disable snapd" + - name: "write-netplan" + image: writefile:v1.0.0 + timeout: 90 + environment: + DEST_DISK: /dev/vda1 + FS_TYPE: ext4 + DEST_PATH: /etc/netplan/config.yaml + CONTENTS: | + network: + version: 2 + renderer: networkd + ethernets: + ens5: + dhcp4: true + ens6: + dhcp4: true + UID: 0 + GID: 0 + MODE: 0644 + DIRMODE: 0755 diff --git a/deploy/compose/registry/registry_images.txt b/deploy/compose/registry/registry_images.txt index 68cb7ab..02a9ebe 100644 --- a/deploy/compose/registry/registry_images.txt +++ b/deploy/compose/registry/registry_images.txt @@ -1,4 +1,5 @@ -quay.io/tinkerbell/tink-worker:latest -quay.io/tinkerbell-actions/image2disk:v1.0.0 -quay.io/tinkerbell-actions/cexec:v1.0.0 -quay.io/tinkerbell-actions/writefile:v1.0.0 \ No newline at end of file +quay.io/tinkerbell/tink-worker:latest tinkerbell/tink-worker:latest +quay.io/tinkerbell/tink-worker:latest tinkerbell/tink-worker:sha-5e1f0fd8 +quay.io/tinkerbell-actions/image2disk:v1.0.0 image2disk:v1.0.0 +quay.io/tinkerbell-actions/cexec:v1.0.0 cexec:v1.0.0 +quay.io/tinkerbell-actions/writefile:v1.0.0 writefile:v1.0.0 \ No newline at end of file diff --git a/deploy/compose/registry/upload.sh b/deploy/compose/registry/upload.sh index fada9c9..055f38d 100755 --- a/deploy/compose/registry/upload.sh +++ b/deploy/compose/registry/upload.sh @@ -10,9 +10,10 @@ main() { local images_file="$4" # this confusing IFS= and the || is to capture the last line of the file if there is no newline at the end while IFS= read -r img || [ -n "${img}" ]; do - # trim trailing whitespace - local imgr="$(echo "${img}" | sed 's/ *$//g')" - skopeo copy --all --dest-tls-verify=false --dest-creds="${reg_user}":"${reg_pw}" docker://"${imgr}" docker://"${reg_url}"/$(basename "${imgr}") + # file is expected to have src and dst images delimited by a space + local src_img="$(echo "${img}" | cut -d' ' -f1)" + local dst_img="$(echo "${img}" | cut -d' ' -f2)" + skopeo copy --all --dest-tls-verify=false --dest-creds="${reg_user}":"${reg_pw}" docker://"${src_img}" docker://"${reg_url}"/"${dst_img}" done <"${images_file}" } diff --git a/deploy/docker-compose.yml b/deploy/docker-compose.yml index 9312dd3..f7bd6f3 100644 --- a/deploy/docker-compose.yml +++ b/deploy/docker-compose.yml @@ -72,8 +72,8 @@ services: entrypoint: /manifests/apply_manifests.sh command: [ - "/manifests/hardware/hardware.json", - "/manifests/template/ubuntu.yaml", + "$TINKERBELL_HARDWARE_MANIFEST", + "$TINKERBELL_TEMPLATE_MANIFEST", "/manifests/workflow", "$TINKERBELL_HOST_IP", "$TINKERBELL_CLIENT_IP", diff --git a/deploy/vagrant/Vagrantfile b/deploy/vagrant/Vagrantfile index 8c1f6ee..90faab6 100644 --- a/deploy/vagrant/Vagrantfile +++ b/deploy/vagrant/Vagrantfile @@ -4,6 +4,11 @@ PROVISIONER_IP = "192.168.50.4" MACHINE1_IP = "192.168.50.43" +$script = <<-SCRIPT +ip addr add 192.168.50.4/24 dev eth1 +ip link set dev eth1 up +SCRIPT + unless Vagrant.has_plugin?("vagrant-docker-compose") system("vagrant plugin install vagrant-docker-compose") puts "Dependencies installed, please try the command again." @@ -14,20 +19,74 @@ Vagrant.configure("2") do |config| config.vm.define "provisioner" do |provisioner| provisioner.vm.box = "generic/ubuntu2004" provisioner.vm.synced_folder '../', '/vagrant' - provisioner.vm.provider "virtualbox" do |v| + provisioner.vm.provision :docker + provisioner.vm.provision "shell", inline: $script + provisioner.vm.network "private_network", ip: PROVISIONER_IP, + libvirt__network_name: "tink_network", + libvirt__host_ip: '192.168.50.1', + libvirt__netmask: "255.255.255.0", + libvirt__dhcp_enabled: false, + auto_config: false + + provisioner.vm.provider "virtualbox" do |v, override| v.memory = 2048 v.cpus = 2 + override.vm.synced_folder '../', '/vagrant' + # vagrant plugin install vagrant-docker-compose + override.vm.provision :docker_compose, + compose_version: "1.29.1", + yml: "/vagrant/docker-compose.yml", + run:"always", + env: { + "TINKERBELL_HOST_IP": PROVISIONER_IP, + "TINKERBELL_CLIENT_IP": MACHINE1_IP, + "REPO_TOP_LEVEL": "/vagrant", + "TINKERBELL_HARDWARE_MANIFEST": "/manifests/hardware/hardware.json", + "TINKERBELL_TEMPLATE_MANIFEST": "/manifests/template/ubuntu.yaml" + } end - provisioner.vm.network "private_network", ip: PROVISIONER_IP - provisioner.vm.provision :docker - # vagrant plugin install vagrant-docker-compose - provisioner.vm.provision :docker_compose, compose_version: "1.29.1", yml: "/vagrant/docker-compose.yml", run:"always", env: {"TINKERBELL_HOST_IP": PROVISIONER_IP, "TINKERBELL_CLIENT_IP": MACHINE1_IP, "REPO_TOP_LEVEL": "/vagrant"} + provisioner.vm.provider "libvirt" do |l, override| + override.vm.synced_folder '../', '/vagrant', type: "nfs", nfs_version: 4, "nfs_udp": false, mount_options: ["rw", "vers=4", "tcp"] + # vagrant plugin install vagrant-docker-compose + override.vm.provision :docker_compose, + compose_version: "1.29.1", + yml: "/vagrant/docker-compose.yml", + run:"always", + env: { + "TINKERBELL_HOST_IP": PROVISIONER_IP, + "TINKERBELL_CLIENT_IP": MACHINE1_IP, + "REPO_TOP_LEVEL": "/vagrant", + "TINKERBELL_HARDWARE_MANIFEST": "/manifests/hardware/hardware-libvirt.json", + "TINKERBELL_TEMPLATE_MANIFEST": "/manifests/template/ubuntu-libvirt.yaml" + } + end end config.vm.define :machine1, autostart: false do |machine1| - machine1.vm.box = 'jtyr/pxe' - machine1.vm.provider "virtualbox" do |v| + + machine1.ssh.insert_key = false + machine1.vm.boot_timeout = 10 + machine1.vm.synced_folder '.', '/vagrant', disabled: true + machine1.vm.network :private_network, ip: MACHINE1_IP, + mac: "0800279EF53A", + adapter: 1, + libvirt__network_name: "tink_network", + libvirt__dhcp_enabled: false, + libvirt__forward_mode: 'nat' + + machine1.vm.provider "libvirt" do |v| + v.storage :file, :size => '20G' + v.memory = 4096 + v.cpus = 2 + v.boot 'hd' + v.boot 'network' + v.graphics_ip = '0.0.0.0' + v.machine_arch = 'x86_64' + end + + machine1.vm.provider "virtualbox" do |v, override| + override.vm.box = 'jtyr/pxe' v.memory = 2048 v.cpus = 2 v.gui = true @@ -35,9 +94,5 @@ Vagrant.configure("2") do |config| v.customize ['setextradata', :id, 'GUI/ScaleFactor', '3.0'] v.check_guest_additions = false end - machine1.ssh.insert_key = false - machine1.vm.boot_timeout = 10 - machine1.vm.synced_folder '.', '/vagrant', disabled: true - machine1.vm.network "private_network", ip: MACHINE1_IP, mac: "0800279EF53A", adapter: 1 end end diff --git a/docs/quickstarts/VAGRANTLVIRT.md b/docs/quickstarts/VAGRANTLVIRT.md index daa4748..f4865ce 100644 --- a/docs/quickstarts/VAGRANTLVIRT.md +++ b/docs/quickstarts/VAGRANTLVIRT.md @@ -1,3 +1,290 @@ # Quick start guide for Vagrant and Libvirt -> coming soon... +This option will stand up the provisioner in Libvirt using Vagrant. +This option will also show you how to create a machine to provision. + +## Prerequisites + +- [Vagrant](https://www.vagrantup.com/downloads) is installed +- [Libvirt](https://ubuntu.com/server/docs/virtualization-libvirt) is installed + +## Steps + +1. Clone this repository + + ```bash + git clone https://github.com/tinkerbell/sandbox.git + cd sandbox + ``` + +2. Start the provisioner + + ```bash + cd deploy/vagrant + vagrant up + # This process will take about 5-10 minutes depending on your internet connection. + # OSIE is about 2GB in size and the Ubuntu Focal image is about 500MB + ``` + +
+ expected output + + ```bash + Bringing machine 'provisioner' up with 'libvirt' provider... + ==> provisioner: Checking if box 'generic/ubuntu2004' version '3.3.4' is up to date... + ==> provisioner: Creating image (snapshot of base box volume). + ==> provisioner: Creating domain with the following settings... + ==> provisioner: -- Name: vagrant_provisioner + ==> provisioner: -- Domain type: kvm + ==> provisioner: -- Cpus: 2 + ==> provisioner: -- Feature: acpi + ==> provisioner: -- Feature: apic + ==> provisioner: -- Feature: pae + ==> provisioner: -- Memory: 2048M + ==> provisioner: -- Management MAC: + ==> provisioner: -- Loader: + ==> provisioner: -- Nvram: + ==> provisioner: -- Base box: generic/ubuntu2004 + ==> provisioner: -- Storage pool: default + ==> provisioner: -- Image: /var/lib/libvirt/images/vagrant_provisioner.img (128G) + ==> provisioner: -- Volume Cache: default + ==> provisioner: -- Kernel: + ==> provisioner: -- Initrd: + ==> provisioner: -- Graphics Type: vnc + ==> provisioner: -- Graphics Port: -1 + ==> provisioner: -- Graphics IP: 127.0.0.1 + ==> provisioner: -- Graphics Password: Not defined + ==> provisioner: -- Video Type: cirrus + ==> provisioner: -- Video VRAM: 256 + ==> provisioner: -- Sound Type: + ==> provisioner: -- Keymap: en-us + ==> provisioner: -- TPM Path: + ==> provisioner: -- INPUT: type=mouse, bus=ps2 + ==> provisioner: Pruning invalid NFS exports. Administrator privileges will be required... + [sudo] password for tink: + ==> provisioner: Creating shared folders metadata... + ==> provisioner: Starting domain. + ==> provisioner: Waiting for domain to get an IP address... + ==> provisioner: Waiting for SSH to become available... + provisioner: + provisioner: Vagrant insecure key detected. Vagrant will automatically replace + provisioner: this with a newly generated keypair for better security. + provisioner: + provisioner: Inserting generated public key within guest... + provisioner: Removing insecure key from the guest if it's present... + provisioner: Key inserted! Disconnecting and reconnecting using new SSH key... + ==> provisioner: Configuring and enabling network interfaces... + ==> provisioner: Installing NFS client... + ==> provisioner: Exporting NFS shared folders... + ==> provisioner: Preparing to edit /etc/exports. Administrator privileges will be required... + ==> provisioner: Mounting NFS shared folders... + ==> provisioner: Running provisioner: docker... + provisioner: Installing Docker onto machine... + ==> provisioner: Running provisioner: shell... + provisioner: Running: inline script + ==> provisioner: Running provisioner: docker_compose... + provisioner: Checking for Docker Compose installation... + provisioner: Getting machine and kernel name from guest machine... + provisioner: Downloading Docker Compose 1.29.1 for Linux x86_64 + provisioner: Downloaded Docker Compose 1.29.1 has SHA256 signature 8097769d32e34314125847333593c8edb0dfc4a5b350e4839bef8c2fe8d09de7 + provisioner: Uploading Docker Compose 1.29.1 to guest machine... + provisioner: Installing Docker Compose 1.29.1 in guest machine... + provisioner: Symlinking Docker Compose 1.29.1 in guest machine... + provisioner: Running docker-compose up... + ==> provisioner: Creating network "vagrant_default" with the default driver + ==> provisioner: Creating volume "vagrant_postgres_data" with default driver + ==> provisioner: Creating volume "vagrant_certs" with default driver + ==> provisioner: Creating volume "vagrant_auth" with default driver + ==> provisioner: Pulling tls-gen (cfssl/cfssl:)... + provisioner: latest: Pulling from cfssl/cfssl + provisioner: Digest: sha256:c21e852f3904e2ba77960e9cba23c69d9231467795a8a160ce1d848e621381ea + provisioner: Status: Downloaded newer image for cfssl/cfssl:latest + ==> provisioner: Pulling registry-auth (httpd:2)... + provisioner: 2: Pulling from library/httpd + provisioner: Digest: sha256:eacdd6c7419ab95b43a258321fc6b38cf56004de4f6a952fc0d96a12730e04de + provisioner: Status: Downloaded newer image for httpd:2 + ==> provisioner: Pulling osie-work (alpine:)... + provisioner: latest: Pulling from library/alpine + provisioner: Digest: sha256:eb3e4e175ba6d212ba1d6e04fc0782916c08e1c9d7b45892e9796141b1d379ae + provisioner: Status: Downloaded newer image for alpine:latest + ==> provisioner: Pulling ubuntu-image-setup (ubuntu:)... + provisioner: latest: Pulling from library/ubuntu + provisioner: Digest: sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3 + provisioner: Status: Downloaded newer image for ubuntu:latest + ==> provisioner: Pulling db (postgres:10-alpine)... + provisioner: 10-alpine: Pulling from library/postgres + provisioner: Digest: sha256:07bb8292fa57fbe87f5426841105a19db7229e8e684299642e9c2046203abb10 + provisioner: Status: Downloaded newer image for postgres:10-alpine + ==> provisioner: Pulling tink-server-migration (quay.io/tinkerbell/tink:sha-8ea8a0e5)... + provisioner: sha-8ea8a0e5: Pulling from tinkerbell/tink + provisioner: Digest: sha256:84fc83f8562901d0b27e7ebb453a7f27e5797d17fb0b6899f92002df840fbf21 + provisioner: Status: Downloaded newer image for quay.io/tinkerbell/tink:sha-8ea8a0e5 + ==> provisioner: Pulling create-tink-records (quay.io/tinkerbell/tink-cli:sha-8ea8a0e5)... + provisioner: sha-8ea8a0e5: Pulling from tinkerbell/tink-cli + provisioner: Digest: sha256:0fc5441e9ef6e94eff7bf1ae9cf9a15a98581c742890d2d7130fd9542b12802d + provisioner: Status: Downloaded newer image for quay.io/tinkerbell/tink-cli:sha-8ea8a0e5 + ==> provisioner: Pulling registry (registry:2.7.1)... + provisioner: 2.7.1: Pulling from library/registry + provisioner: Digest: sha256:121baf25069a56749f249819e36b386d655ba67116d9c1c6c8594061852de4da + provisioner: Status: Downloaded newer image for registry:2.7.1 + ==> provisioner: Pulling images-to-local-registry (quay.io/containers/skopeo:latest)... + provisioner: latest: Pulling from containers/skopeo + provisioner: Digest: sha256:7ae70111960190f0f638191a707a57301e6b71c2571be2d188c692ead47e9a23 + provisioner: Status: Downloaded newer image for quay.io/containers/skopeo:latest + ==> provisioner: Pulling boots (quay.io/tinkerbell/boots:sha-94f43947)... + provisioner: sha-94f43947: Pulling from tinkerbell/boots + provisioner: Digest: sha256:def67c645dc0517a166bb3ef7eba955e2112a28583ac908a8f84d1382b6046e8 + provisioner: Status: Downloaded newer image for quay.io/tinkerbell/boots:sha-94f43947 + ==> provisioner: Pulling osie-bootloader (nginx:alpine)... + provisioner: alpine: Pulling from library/nginx + provisioner: Digest: sha256:bead42240255ae1485653a956ef41c9e458eb077fcb6dc664cbc3aa9701a05ce + provisioner: Status: Downloaded newer image for nginx:alpine + ==> provisioner: Pulling hegel (quay.io/tinkerbell/hegel:sha-9f5da0a8)... + provisioner: sha-9f5da0a8: Pulling from tinkerbell/hegel + provisioner: Digest: sha256:9d3c6d5e4bc957cedafbeec22da4f59d94c78b65d84adbd0c8f947c51cf3668b + provisioner: Status: Downloaded newer image for quay.io/tinkerbell/hegel:sha-9f5da0a8 + ==> provisioner: Creating vagrant_registry-auth_1 ... + ==> provisioner: Creating vagrant_osie-work_1 ... + ==> provisioner: Creating vagrant_db_1 ... + ==> provisioner: Creating vagrant_ubuntu-image-setup_1 ... + ==> provisioner: Creating vagrant_tls-gen_1 ... + ==> provisioner: Creating vagrant_osie-work_1 ... done + ==> provisioner: Creating vagrant_ubuntu-image-setup_1 ... done + ==> provisioner: Creating vagrant_db_1 ... done + ==> provisioner: Creating vagrant_tls-gen_1 ... done + ==> provisioner: Creating vagrant_registry-auth_1 ... done + ==> provisioner: Creating vagrant_registry_1 ... + ==> provisioner: Creating vagrant_registry_1 ... done + ==> provisioner: Creating vagrant_tink-server-migration_1 ... + ==> provisioner: Creating vagrant_tink-server-migration_1 ... done + ==> provisioner: Creating vagrant_tink-server_1 ... + ==> provisioner: Creating vagrant_images-to-local-registry_1 ... + ==> provisioner: Creating vagrant_tink-server_1 ... done + ==> provisioner: Creating vagrant_images-to-local-registry_1 ... done + ==> provisioner: Creating vagrant_hegel_1 ... + ==> provisioner: Creating vagrant_boots_1 ... + ==> provisioner: Creating vagrant_create-tink-records_1 ... + ==> provisioner: Creating vagrant_tink-cli_1 ... + ==> provisioner: Creating vagrant_registry-ca-crt-download_1 ... + ==> provisioner: Creating vagrant_boots_1 ... done + ==> provisioner: Creating vagrant_tink-cli_1 ... done + ==> provisioner: Creating vagrant_hegel_1 ... done + ==> provisioner: Creating vagrant_create-tink-records_1 ... done + ==> provisioner: Creating vagrant_registry-ca-crt-download_1 ... done + ==> provisioner: Creating vagrant_osie-bootloader_1 ... + ==> provisioner: Creating vagrant_osie-bootloader_1 ... done + ``` + +
+ +3. Start the machine to be provisioned + + ```bash + vagrant up machine1 + # This will start a VM to pxe boot. + ``` + +
+ expected output + + ```bash + Bringing machine 'machine1' up with 'libvirt' provider... + ==> machine1: Creating domain with the following settings... + ==> machine1: -- Name: vagrant_machine1 + ==> machine1: -- Domain type: kvm + ==> machine1: -- Cpus: 2 + ==> machine1: -- Feature: acpi + ==> machine1: -- Feature: apic + ==> machine1: -- Feature: pae + ==> machine1: -- Memory: 4096M + ==> machine1: -- Management MAC: + ==> machine1: -- Loader: + ==> machine1: -- Nvram: + ==> machine1: -- Storage pool: default + ==> machine1: -- Image: (G) + ==> machine1: -- Volume Cache: default + ==> machine1: -- Kernel: + ==> machine1: -- Initrd: + ==> machine1: -- Graphics Type: vnc + ==> machine1: -- Graphics Port: -1 + ==> machine1: -- Graphics IP: 0.0.0.0 + ==> machine1: -- Graphics Password: Not defined + ==> machine1: -- Video Type: cirrus + ==> machine1: -- Video VRAM: 9216 + ==> machine1: -- Sound Type: + ==> machine1: -- Keymap: en-us + ==> machine1: -- TPM Path: + ==> machine1: -- Boot device: hd + ==> machine1: -- Boot device: network + ==> machine1: -- Disks: vdb(qcow2,20G) + ==> machine1: -- Disk(vdb): /var/lib/libvirt/images/vagrant_machine1-vdb.qcow2 Not created - using existed. + ==> machine1: -- INPUT: type=mouse, bus=ps2 + ==> machine1: Starting domain. + ``` + +
+ +4. Watch the provision complete + + ```bash + # log in to the provisioner + vagrant ssh provisioner + # watch the workflow events and status for workflow completion + # once the workflow is complete (see the expected output below for completion), move on to the next step + wid=$(cat /vagrant/compose/manifests/workflow/workflow_id.txt); docker exec -it vagrant_tink-cli_1 watch "tink workflow events ${wid}; tink workflow state ${wid}" + ``` + +
+ expected output + + ```bash + +--------------------------------------+-----------------+---------------------+----------------+---------------------------------+---------------+ + | WORKER ID | TASK NAME | ACTION NAME | EXECUTION TIME | MESSAGE | ACTION STATUS | + +--------------------------------------+-----------------+---------------------+----------------+---------------------------------+---------------+ + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | stream-ubuntu-image | 0 | Started execution | STATE_RUNNING | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | stream-ubuntu-image | 15 | finished execution successfully | STATE_SUCCESS | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | install-openssl | 0 | Started execution | STATE_RUNNING | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | install-openssl | 1 | finished execution successfully | STATE_SUCCESS | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | create-user | 0 | Started execution | STATE_RUNNING | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | create-user | 0 | finished execution successfully | STATE_SUCCESS | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | enable-ssh | 0 | Started execution | STATE_RUNNING | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | enable-ssh | 0 | finished execution successfully | STATE_SUCCESS | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | disable-apparmor | 0 | Started execution | STATE_RUNNING | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | disable-apparmor | 0 | finished execution successfully | STATE_SUCCESS | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | write-netplan | 0 | Started execution | STATE_RUNNING | + | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | os-installation | write-netplan | 0 | finished execution successfully | STATE_SUCCESS | + +--------------------------------------+-----------------+---------------------+----------------+---------------------------------+---------------+ + +----------------------+--------------------------------------+ + | FIELD NAME | VALUES | + +----------------------+--------------------------------------+ + | Workflow ID | 3107919b-e59d-11eb-bf99-0242ac120005 | + | Workflow Progress | 100% | + | Current Task | os-installation | + | Current Action | write-netplan | + | Current Worker | 0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94 | + | Current Action State | STATE_SUCCESS | + +----------------------+--------------------------------------+ + ``` + +
+ +5. Reboot the machine + + ```bash + # crtl-c to exit the watch + # exit the provisioner + vagrant@ubuntu2004:~$ exit + # restart machine1 + # the output will be the same as step 3, once the command line control is returned to you, you can move on to the next step. + vagrant reload machine1 + ``` + +6. Login to the machine + + The machine has been provisioned with Ubuntu Focal. + You can now SSH into the machine. + + ```bash + vagrant ssh provisioner + ssh tink@192.168.50.43 # user/pass => tink/tink + ```