Add vagrant-libvirt:

This gets the refactored sandbox back on par with the existing sandbox for vagrant-libvirt functionality. Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
2021-08-07 21:57:12 -06:00
parent 6b841fee7c
commit 9b1cf3b509
10 changed files with 481 additions and 25 deletions
--- a/deploy/compose/manifests/apply_manifests.sh
+++ b/deploy/compose/manifests/apply_manifests.sh
@@ -56,6 +56,10 @@ workflow_exists() {
 		return 0
 	fi
 	local workflow_id=$(cat "${workflow_dir}"/workflow_id.txt)
+	if [ -z "${workflow_id}" ]; then
+		workflow "${workflow_dir}" "${mac_address}"
+		return 0
+	fi
 	tink workflow get | grep -q "${workflow_id}"
 	local result=$?
 	if [ "${result}" -ne 0 ]; then
--- a/deploy/compose/manifests/hardware/hardware-libvirt.json
+++ b/deploy/compose/manifests/hardware/hardware-libvirt.json
@@ -0,0 +1,32 @@
+{
+  "id": "0eba0bf8-3772-4b4a-ab9f-6ebe93b90a94",
+  "metadata": {
+    "facility": {
+      "facility_code": "onprem",
+      "plan_slug": "c2.medium.x86",
+      "plan_version_slug": ""
+    },
+    "instance": {},
+    "state": "provisioning"
+  },
+  "network": {
+    "interfaces": [
+      {
+        "dhcp": {
+          "arch": "x86_64",
+          "ip": {
+            "address": "192.168.50.43",
+            "gateway": "192.168.50.1",
+            "netmask": "255.255.255.0"
+          },
+          "mac": "08:00:27:9e:f5:3a",
+          "uefi": false
+        },
+        "netboot": {
+          "allow_pxe": true,
+          "allow_workflow": true
+        }
+      }
+    ]
+  }
+}
--- a/deploy/compose/manifests/hardware/hardware.json
+++ b/deploy/compose/manifests/hardware/hardware.json
@@ -18,7 +18,7 @@
            "address": "192.168.50.43",
            "netmask": "255.255.255.0"
          },
-          "mac": "08:00:27:9E:F5:3A",
+          "mac": "08:00:27:9e:f5:3a",
          "uefi": false
        },
        "netboot": {
--- a/deploy/compose/manifests/template/ubuntu-libvirt.yaml
+++ b/deploy/compose/manifests/template/ubuntu-libvirt.yaml
@@ -0,0 +1,74 @@
+version: "0.1"
+name: debian_Focal
+global_timeout: 1800
+tasks:
+  - name: "os-installation"
+    worker: "{{.device_1}}"
+    volumes:
+      - /dev:/dev
+      - /dev/console:/dev/console
+      - /lib/firmware:/lib/firmware:ro
+    actions:
+      - name: "stream-ubuntu-image"
+        image: image2disk:v1.0.0
+        timeout: 600
+        environment:
+          DEST_DISK: /dev/vda
+          IMG_URL: "http://192.168.50.4:8080/focal-server-cloudimg-amd64.raw.gz"
+          COMPRESSED: true
+      - name: "install-openssl"
+        image: cexec:v1.0.0
+        timeout: 90
+        environment:
+          BLOCK_DEVICE: /dev/vda1
+          FS_TYPE: ext4
+          CHROOT: y
+          DEFAULT_INTERPRETER: "/bin/sh -c"
+          CMD_LINE: "apt -y update && apt -y install openssl"
+      - name: "create-user"
+        image: cexec:v1.0.0
+        timeout: 90
+        environment:
+          BLOCK_DEVICE: /dev/vda1
+          FS_TYPE: ext4
+          CHROOT: y
+          DEFAULT_INTERPRETER: "/bin/sh -c"
+          CMD_LINE: "useradd -p $(openssl passwd -1 tink) -s /bin/bash -d /home/tink/ -m -G sudo tink"
+      - name: "enable-ssh"
+        image: cexec:v1.0.0
+        timeout: 90
+        environment:
+          BLOCK_DEVICE: /dev/vda1
+          FS_TYPE: ext4
+          CHROOT: y
+          DEFAULT_INTERPRETER: "/bin/sh -c"
+          CMD_LINE: "ssh-keygen -A; systemctl enable ssh.service; sed -i 's/^PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config"
+      - name: "disable-apparmor"
+        image: cexec:v1.0.0
+        timeout: 90
+        environment:
+          BLOCK_DEVICE: /dev/vda1
+          FS_TYPE: ext4
+          CHROOT: y
+          DEFAULT_INTERPRETER: "/bin/sh -c"
+          CMD_LINE: "systemctl disable apparmor; systemctl disable snapd"
+      - name: "write-netplan"
+        image: writefile:v1.0.0
+        timeout: 90
+        environment:
+          DEST_DISK: /dev/vda1
+          FS_TYPE: ext4
+          DEST_PATH: /etc/netplan/config.yaml
+          CONTENTS: |
+            network:
+                version: 2
+                renderer: networkd
+                ethernets:
+                    ens5:
+                        dhcp4: true
+                    ens6:
+                        dhcp4: true
+          UID: 0
+          GID: 0
+          MODE: 0644
+          DIRMODE: 0755
--- a/deploy/compose/registry/registry_images.txt
+++ b/deploy/compose/registry/registry_images.txt
@@ -1,4 +1,5 @@
-quay.io/tinkerbell/tink-worker:latest
-quay.io/tinkerbell-actions/image2disk:v1.0.0
-quay.io/tinkerbell-actions/cexec:v1.0.0
-quay.io/tinkerbell-actions/writefile:v1.0.0
+quay.io/tinkerbell/tink-worker:latest tinkerbell/tink-worker:latest
+quay.io/tinkerbell/tink-worker:latest tinkerbell/tink-worker:sha-5e1f0fd8
+quay.io/tinkerbell-actions/image2disk:v1.0.0 image2disk:v1.0.0
+quay.io/tinkerbell-actions/cexec:v1.0.0 cexec:v1.0.0
+quay.io/tinkerbell-actions/writefile:v1.0.0 writefile:v1.0.0
--- a/deploy/compose/registry/upload.sh
+++ b/deploy/compose/registry/upload.sh
@@ -10,9 +10,10 @@ main() {
 	local images_file="$4"
 	# this confusing IFS= and the || is to capture the last line of the file if there is no newline at the end
 	while IFS= read -r img || [ -n "${img}" ]; do
-		# trim trailing whitespace
-		local imgr="$(echo "${img}" | sed 's/ *$//g')"
-		skopeo copy --all --dest-tls-verify=false --dest-creds="${reg_user}":"${reg_pw}" docker://"${imgr}" docker://"${reg_url}"/$(basename "${imgr}")
+		# file is expected to have src and dst images delimited by a space
+		local src_img="$(echo "${img}" | cut -d' ' -f1)"
+		local dst_img="$(echo "${img}" | cut -d' ' -f2)"
+		skopeo copy --all --dest-tls-verify=false --dest-creds="${reg_user}":"${reg_pw}" docker://"${src_img}" docker://"${reg_url}"/"${dst_img}"
 	done <"${images_file}"
 }