From aa377b7696d3534c6efb3be1daec532428061491 Mon Sep 17 00:00:00 2001 From: ymmt Date: Thu, 19 Jul 2018 11:06:12 +0900 Subject: [PATCH 1/3] WIP --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 548a7899..5c94879e 100644 --- a/README.md +++ b/README.md @@ -60,10 +60,11 @@ Features Programs -------- -This repository contains two programs: +This repository contains these programs: * `sabakan`: the network service to manage servers. * `sabactl`: CLI tool for `sabakan`. +* `sabakan-cryptsetup`: a utility to encrypt a block device using [dm-crypt][]. To see their usage, run them with `-h` option. @@ -72,6 +73,8 @@ Documentation [docs](docs/) directory contains tutorials and specifications. +Read [getting started](docs/getting_started.md) first. + License ------- @@ -82,3 +85,4 @@ Sabakan is licensed under MIT license. [etcd]: https://coreos.com/etcd/ [HTTPBoot]: https://github.com/tianocore/tianocore.github.io/wiki/HTTP-Boot [iPXE]: https://ipxe.org/ +[dm-crypt]: https://gitlab.com/cryptsetup/cryptsetup/wikis/DMCrypt From b11ce615afe19ea596e4b22f8bfa7796307c9552 Mon Sep 17 00:00:00 2001 From: ymmt Date: Tue, 24 Jul 2018 15:47:54 +0900 Subject: [PATCH 2/3] Add documents and changelog file. --- CHANGELOG.md | 18 +++++ README.md | 14 ++-- cmd/sabakan/sabakan.service | 15 ++++ docs/getting_started.md | 139 ++++++++++++++++++++++++++---------- docs/machine.md | 3 +- 5 files changed, 141 insertions(+), 48 deletions(-) create mode 100644 CHANGELOG.md create mode 100644 cmd/sabakan/sabakan.service diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 00000000..baa73341 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,18 @@ +# Change Log + +All notable changes to this project will be documented in this file. +This project adheres to [Semantic Versioning](http://semver.org/). + +## [Unreleased] + +### Added +- Add integration tests using [placemat][] VMs. + +## [0.14] - 2018-07-18 + +### Changed +- Fix but in image deletion (#86). + +[placemat]: https://github.com/cybozu-go/placemat +[Unreleased]: https://github.com/cybozu-go/sabakan/compare/v0.14...HEAD +[0.14]: https://github.com/cybozu-go/sabakan/compare/v0.13...v0.14 diff --git a/README.md b/README.md index 5c94879e..18d99ab0 100644 --- a/README.md +++ b/README.md @@ -37,6 +37,12 @@ Features Sabakan serves OS images to machines via HTTP. +* Distributed asset management + + In order to help initialization of client servers, sabakan can work + as a file server from which clients can download assets via HTTP. + Assets are automatically synchronized between sabakan servers. + * Encryption key store Sabakan provides REST API to store and retrieve encryption keys @@ -44,13 +50,7 @@ Features * Life-cycle management - Sabakan provides API to change server status for life-cycle management. - -* Distributed asset management - - In order to help initialization of client servers, sabakan can work - as a file server from which clients can download assets via HTTP. - Assets are automatically synchronized between sabakan servers. + Sabakan provides API to change server status for [life-cycle management](docs/lifecycle.md). * Audit logs diff --git a/cmd/sabakan/sabakan.service b/cmd/sabakan/sabakan.service new file mode 100644 index 00000000..5bdd6847 --- /dev/null +++ b/cmd/sabakan/sabakan.service @@ -0,0 +1,15 @@ +[Unit] +Description=sabakan +Wants=network-online.target +After=network-online.target + +[Service] +Type=simple +Restart=on-failure +# RestartForceExitStatus=SIGPIPE is critically important for Go programs w/ +# journald logging. See https://github.com/cybozu-go/cmd/issues/13 +RestartForceExitStatus=SIGPIPE +ExecStart=/usr/local/sbin/sabakan -config-file /usr/local/etc/sabakan.yml + +[Install] +WantedBy=multi-user.target diff --git a/docs/getting_started.md b/docs/getting_started.md index b2e6b9ef..eff94254 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -1,50 +1,75 @@ Getting started =============== -* [Setup sabakan](#setupsabakan) - * [Prepare etcd](#prepareetcd) - * [Install sabakan and sabactl](#installsabakan) +This document quickly guides you to configure sabakan and netboot +your servers with CoreOS Container Linux. + +* [Setup sabakan](#setup) + * [Prepare etcd](#etcd) * [Prepare data directory](#datadir) - * [Run sabakan](#runsabakan) - * [Configure sabakan](#configuresabakan) + * [Prepare sabakan.yml](#configure) + * [Run sabakan](#run) * [Netboot](#netboot) -* [Test](#test) + * [Configure IPAM](#ipam) + * [Configure DHCP](#dhcp) + * [Upload CoreOS Container Linux](#upload) + * [Register machines](#register) * [What's next](#whatsnext) -## Setup sabakan - -### Prepare etcd +## Setup sabakan -Sabakan requires [etcd][]. Install and run it at somewhere. +### Prepare etcd -### Install sabakan and sabactl - -Install `sabakan` and `sabactl`: +Sabakan requires [etcd][]. Install and run it at `localhsot`. +You may use docker to run etcd as follows: ```console -$ go get -u github.com/cybozu-go/sabakan/cmd/sabakan -$ go get -u github.com/cybozu-go/sabakan/cmd/sabactl +$ docker pull quay.io/cybozu/etcd:3.3 +$ docker run -d --rm --name etcd --network=host --uts=host quay.io/cybozu/etcd:3.3 ``` -`sabakan` Docker image is so available at [quay.io/cybozu/sabakan](https://quay.io/cybozu/sabakan) - ### Prepare data directory ```console $ sudo mkdir -p /var/lib/sabakan ``` -### Run sabakan +### Prepare sabakan.yml + +Save the following contents as `/usr/local/etc/sabakan.yml`: + +```yaml +etcd-servers: + - http://localhost:2379 +dhcp-bind: 0.0.0.0:67 +``` + +For other options, read [sabakan.md](sabakan.md). + +### Run sabakan + +Compile and run sabakan as follows: ```console -$ sabakan -etcd-servers http://etcd-host:2379 +$ GOPATH=$HOME/go +$ mkdir -p $GOPATH/src +$ export GOPATH +$ go get -u github.com/cybozu-go/sabakan/... +$ sudo $GOPATH/bin/sabakan -config-file /usr/local/etc/sabakan.yml ``` -### Configure sabakan +A sample systemd service file is available at +[cmd/sabakan/sabakan.service](../cmd/sabakan/sabakan.service). + +Alternatively, you may use docker to run sabakan: +* Repository: [quay.io/cybozu/sabakan](https://quay.io/cybozu/sabakan) +* Usage: https://github.com/cybozu/neco-containers/blob/master/sabakan/README.md + +## Netboot -First of all, prepare JSON files +### Configure IPAM -- ipam.json +Prepare `ipam.json` as follows: ```json { "max-nodes-in-rack": 28, @@ -60,42 +85,78 @@ First of all, prepare JSON files } ``` -Read [ipam](ipam.md) if you want to know meaning of each parameter. +Then put the JSON to sabakan: +```console +$ sabactl ipam set -f ipam.json +``` -- dhcp.json +Read [ipam.md](ipam.md) for details. + +### Configure DHCP + +Prepare `dhcp.json` as follows: ```json { - "gateway-offset": 100, - "lease-minutes": 120 + "gateway-offset": 1, } ``` -Read [dhcp](dhcp.md) if you want to know meaning of each parameter. - -Use `sabactl` to configure `sabakan`. - +Then put the JSON to sabakan: ```console -$ sabactl ipam set -f ipam.json $ sabactl dhcp set -f dhcp.json ``` -Make sure current configuration. +Read [dhcp.md](dhcp.md) for details. + +### Upload CoreOS Container Linux + +Download CoreOS PXE boot images: +```console +$ curl -o kernel -Lf http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz +$ curl -o initrd.gz -Lf http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz +``` +Upload them to sabakan as follows: ```console -$ sabactl ipam get -$ sabactl dhcp get +$ sabactl images upload ID kernel initrd.gz ``` -Each output will be the same as [above JSON](#configuresabakan) +### Register machines -## Netboot +Prepare `machines.json` as follows: +```json +[ + { + "serial": "1234abcd", + "product": "Dell R640", + "datacenter": "tokyo1", + "rack": 0, + "role": "boot", + "bmc": { + "type": "IPMI-2.0", + "ipv4": "10.72.17.37" + } + }, + { + // another machine + } +] +``` -**ToDo** +Then put the JSON to sabakan: +```console +$ sabactl machines create -f machines.json +``` -## Test +Each object in the array is [`MachineSpec`](machine.md#machinespec-struct). +Sabakan identifies physical servers by `serial`. -**ToDo** +Once machines are properly registered with sabakan, they can netboot +CoreOS Container Linux using [UEFI HTTP Boot][HTTPBoot]. ## What's next Learn sabakan [concepts](concepts.md), then read other specifications. + +[etcd]: https://github.com/coreos/etcd +[HTTPBoot]: https://github.com/tianocore/tianocore.github.io/wiki/HTTP-Boot diff --git a/docs/machine.md b/docs/machine.md index 39319d27..87b47282 100644 --- a/docs/machine.md +++ b/docs/machine.md @@ -12,7 +12,7 @@ MachineSpec struct Field | Type | Description --------------- | -------- | ----------- -`serial` | string | Serial number of the machine. +`serial` | string | SMBIOS serial number of the machine. `product` | string | Product name of the machine `datacenter` | string | Data center name where the machine exists. `rack` | int | Logical rack number (LRN) where the machine exists. @@ -48,7 +48,6 @@ A JSON representation of `Machine` looks like: "role": "boot", "ipv4": ["10.69.0.69", "10.69.0.133"], "ipv6": [], - "state": "healthy", "bmc": { "type": "iDRAC-9", "ipv4": "10.72.17.37" From 2dffeb03971b9555b4b3771c7640f201bc19f5ce Mon Sep 17 00:00:00 2001 From: ymmt Date: Tue, 24 Jul 2018 16:59:34 +0900 Subject: [PATCH 3/3] Add ignition descriptions. --- docs/getting_started.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/getting_started.md b/docs/getting_started.md index eff94254..a7255cde 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -154,9 +154,14 @@ Sabakan identifies physical servers by `serial`. Once machines are properly registered with sabakan, they can netboot CoreOS Container Linux using [UEFI HTTP Boot][HTTPBoot]. +CoreOS can be initialized at first boot by [ignition][]. +Sabakan can generate ignition configuration from templates. +Read [ignition.md](ignition.md) for details. + ## What's next Learn sabakan [concepts](concepts.md), then read other specifications. [etcd]: https://github.com/coreos/etcd [HTTPBoot]: https://github.com/tianocore/tianocore.github.io/wiki/HTTP-Boot +[ignition]: https://coreos.com/ignition/docs/latest/