jesus/provisioning
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0a837aed54
provisioning/taskservs/kubernetes/default/_postrun
Jesús Pérez 50745b0f22 chore: add current provisioning state before migration
2025-09-22 23:11:41 +01:00

115 lines
4.8 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Info: Postrun for kubernetes default installation
# Author: JesusPerezLorenzo
# Release: 1.0.2
# Date: 30-12-2023
set +o errexit
set +o pipefail
SETTINGS_FILE=$1
SERVER_POS=$2
TASK_POS=$3
SETTINGS_ROOT=$4
RUN_ROOT=$(dirname "$0")
[ -z "$SETTINGS_FILE" ] && [ -z "$SERVER_POS" ] && [ -z "$TASK_POS" ] && exit 0
YQ=$(type -P yq)
JQ=$(type -P jq)
[ -z "$YQ" ] && echo "yq not installed " && exit 1
[ -z "$JQ" ] && echo "jq not installed " && exit 1
[ -r "$RUN_ROOT/env-kubernetes" ] && . "$RUN_ROOT"/env-kubernetes
provision_path=$($YQ e '.taskserv.prov_etcd_path' < "$SETTINGS_FILE" | sed 's/"//g' | sed 's/null//g' | sed "s,~,$HOME,g")
#cluster_name=$($YQ e '.taskserv.cluster_name' < "$SETTINGS_FILE" | sed 's/null//g')
[ -z "$PROVISIONING" ] && echo "PROVISIONING not found in environment" && exit 1
. "$PROVISIONING"/core/lib/sops
K8S_MODE="$($YQ e '.taskserv.mode' < "$SETTINGS_FILE" | sed 's/"//g' | sed 's/null//g')"
TEMPLATES_PATH="$RUN_ROOT"/templates
WORK_PATH=${WORK_PATH:-/tmp}
[ ! -d "$WORK_PATH" ] && mkdir -p "$WORK_PATH"
export LC_CTYPE=C.UTF-8
export LANG=C.UTF-8
_load_file() {
local target_file
local hostname
local ssh_key_path
local source_host
[ -z "$ERR_OUT" ] && ERR_OUT=/dev/null
[ -z "$SSH_USER" ] && SSH_USER=$($YQ -er < "$SETTINGS_FILE" '.defaults.installer_user ' 2>"$ERR_OUT" | sed 's/"//g' | sed 's/null//g')
SSH_OPS="-o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/dev/null"
ssh_key_path=$($YQ -er < "$SETTINGS_FILE" '.defaults.ssh_key_path ' 2>"$ERR_OUT" | sed 's/"//g' | sed 's/null//g')
source_host=$($YQ -er < "$SETTINGS_FILE" ".servers[$SERVER_POS].network_public_ip" 2>"$ERR_OUT" | sed 's/"//g' | sed 's/null//g'
if ssh $SSH_OPS -i "${ssh_key_path//.pub/}" "$SSH_USER@$source_host" "sudo ls $TARGET_FILE" 2>"$ERR_OUT" ; then
scp $SSH_OPS -i "${ssh_key_path//.pub/}" "$SSH_USER@$source_host:$TARGET_FILE" /tmp 2>"$ERR_OUT"
else
echo "Error load file $GET_FILE from $source_host"
exit 1
fi
}
_copy_certs() {
local src
local etcd_certs_path
local etcd_cluster_name
local etcd_peer
src="$SETTINGS_ROOT/$provision_path"
[ -z "$provision_path" ] && echo "Error prov_etcd_path not found" && exit 1
etcd_certs_path=$($YQ e '.taskserv.etcd_certs_path' < "$SETTINGS_FILE" | sed 's/"//g' | sed 's/null//g' | sed "s,~,$HOME,g")
[ -z "$etcd_certs_path" ] && echo "Error etcd_certs_path not found" && exit 1
[ ! -d "$RUN_ROOT/$etcd_certs_path" ] && mkdir -p "$RUN_ROOT/$etcd_certs_path"
etcd_cluster_name=$($YQ e '.taskserv.etcd_cluster_name' < "$SETTINGS_FILE" | sed 's/null//g')
etcd_peer=$($YQ e '.taskserv.etcd_peers' < "$SETTINGS_FILE" | sed 's/null//g')
for name in ca $etcd_peer $etcd_cluster_name
do
[ ! -r "$src/$name.key" ] && continue
if [ -n "$($YQ -er '.sops' < "$src/$name.key" 2>/dev/null | sed 's/null//g' )" ] ; then
_decode_sops_file "$src/$name.key" "$RUN_ROOT/$etcd_certs_path/$name.key" "quiet"
else
cp "$src/$name.key" "$RUN_ROOT/$etcd_certs_path/$name.key"
fi
done
if [ -r "$RUN_ROOT/$etcd_certs_path/$etcd_peer.key" ] ; then
cp "$RUN_ROOT/$etcd_certs_path/$etcd_peer.key" "$RUN_ROOT/$etcd_certs_path/server.key"
mv "$RUN_ROOT/$etcd_certs_path/$etcd_peer.key" "$RUN_ROOT/$etcd_certs_path/peer.key"
fi
[ -r "$src/ca.crt" ] && cp "$src/ca.crt" "$RUN_ROOT/$etcd_certs_path/ca.crt"
if [ -r "$src/$etcd_peer.crt" ] ; then
cp "$src/$etcd_peer.crt" "$RUN_ROOT/$etcd_certs_path/server.crt"
cp "$src/$etcd_peer.crt" "$RUN_ROOT/$etcd_certs_path/peer.crt"
fi
if [ -r "$RUN_ROOT/$etcd_certs_path/$etcd_cluster_name.key" ] ; then
mv "$RUN_ROOT/$etcd_certs_path/$etcd_cluster_name.key" "$RUN_ROOT/$etcd_certs_path/healthcheck-client.key"
fi
if [ -r "$src/$etcd_cluster_name.crt" ] ; then
cp "$src/$etcd_cluster_name.crt" "$RUN_ROOT/$etcd_certs_path/healthcheck-client.crt"
fi
echo "ETCD Certs copied from $src to $RUN_ROOT/$etcd_certs_path"
}
# If HOSTNAME == K8S_MASTER it will be MASTER_0
# othewise set HOSTNAME value to be resolved in same K8S_MASTER network
# By using -cp- as part of HOSTNAME will be consider node as controlpanel
# Other options = "-wk-0" or "-wkr-0" for worker nodes
[[ "$HOSTNAME" == *-cp-* ]] && [ "$K8S_MODE" != "controlplane" ] && K8S_MODE="controlplane"
if [ -n "$HOSTNAME" ] && [ "$HOSTNAME" == "$K8S_MASTER" ] && [ "$K8S_MODE" == "controlplane" ] && [ -n "$K8S_TPL" ]; then
[ ! -d "$RUN_ROOT/resources" ] && mkdir -p "$RUN_ROOT/resources"
"/tmp/k8s_join.sh"
if [ -r "$TEMPLATES_PATH/$K8S_TPL" ] ; then
cp "$TEMPLATES_PATH/$K8S_TPL" "$RUN_ROOT/resources/$K8S_CONFIG.j2"
elif [ -r "$TEMPLATES_PATH/${K8S_TPL/.j2/}" ] ; then
cp "$TEMPLATES_PATH/${K8S_TPL/.j2/}" "$RUN_ROOT/resources/$K8S_CONFIG"
fi
fi
[ "$K8S_MODE" == "controlplane" ] && [ "$ETCD_MODE" == "external" ] && _copy_certs
rm -rf "$RUN_ROOT/templates"
Reference in New Issue View Git Blame Copy Permalink