Gitiles
Code Review Sign In
osm.etsi.org / osm / devops / e3a84a51d60fedb4f4d9c021f492e9d43e2ea7d4 / . / installers / install_k3s_cluster.sh
blob: 3fc0b4a594d387a475798b9c501835b32719705d [file] [log] [blame]
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]1#!/bin/bash
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14#
15
16set +eux
17
18# K3s releases: https://github.com/k3s-io/k3s/releases/
garciadeblas72a25d52024-09-19 12:38:36 +0200[diff] [blame]19K8S_CLIENT_VERSION="v1.29.3"
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]20K8S_VERSION="v1.29.3+k3s1"
21
garciadeblas117fd4a2024-08-21 18:18:14 +0200[diff] [blame]22# configure registry
23function configure_registry() {
24 if [ -n "${DOCKER_PROXY_URL}" ]; then
25 echo "Configuring docker proxy URL in /etc/rancher/k3s/registries.yaml"
26 cat << EOF | sudo tee /etc/rancher/k3s/registries.yaml > /dev/null
27mirrors:
28 docker.io:
29 endpoint:
30 - "${DOCKER_PROXY_URL}"
31EOF
32 fi
garciadeblas2efb98b2024-08-21 21:19:36 +0200[diff] [blame]33 if [ -n "${DOCKER_REGISTRY_URL}" ]; then
34 echo "Configuring docker private registry in /etc/rancher/k3s/registries.yaml"
35 cat << EOF | sudo tee -a /etc/rancher/k3s/registries.yaml > /dev/null
36configs:
37 ${DOCKER_REGISTRY_URL}:
38 auth:
39 username: ${DOCKER_REGISTRY_USER}
40 password: ${DOCKER_REGISTRY_PASSWORD}
41EOF
42 fi
garciadeblas117fd4a2024-08-21 18:18:14 +0200[diff] [blame]43}
44
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]45# installs k3s
46function install_k3s() {
47 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
48 export INSTALL_K3S_EXEC="--disable traefik"
garciadeblase3a84a52024-09-27 11:34:55 +0200[diff] [blame^]49
50 # Regular installation of K3s
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]51 curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=${K8S_VERSION} sh -s -
garciadeblase3a84a52024-09-27 11:34:55 +0200[diff] [blame^]52
53 # If specified a public IP, K3s service is updated accordingly and restarted
54 if [ -n "${K3S_PUBLIC_IP}" ]; then
55 # Back-up service config file to home
56 cp /etc/systemd/system/k3s.service ~/BASE-k3s.service
57
58 # Generate new service config file with additions for using a public IP
59 (
60 cat ~/BASE-k3s.service | sed '${/^$/d}'
61 echo -e "\t'--node-external-ip' \\"
62 echo -e "\t'${K3S_PUBLIC_IP}' \\"
63 echo
64 )| \
65 tee ~/PUBLIC-k3s.service
66
67 # Replace service config and apply
68 sudo cp ~/PUBLIC-k3s.service /etc/systemd/system/k3s.service
69 sudo systemctl daemon-reload
70 sudo systemctl restart k3s
71
72 # Cleanup
73 rm ~/BASE-k3s.service ~/PUBLIC-k3s.service
74 fi
75
76 # Make kubeconfig permissions less restrictive
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]77 sudo chmod 644 /etc/rancher/k3s/k3s.yaml
78 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
79}
80
81# updates service nodeport range
82function update_service_nodeport_range() {
83 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
84 sudo k3s server --kube-apiserver-arg=service-node-port-range=80-32767
85 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
86}
87
88# checks cluster readiness
89function check_for_readiness() {
90 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
91 # Check for Ready node, takes ~30 seconds
92 echo "Waiting for K8s nodes to be ready"
93 local time_for_failure=60 # seconds broken
94 local sampling_period=5 # seconds
95 local counter=0
96 local cluster_ready=""
97 while (( counter < time_for_failure ))
98 do
99 kubectl get nodes |grep master |grep -v none | grep Ready
100 if [ $? -eq 0 ] ; then
101 echo "K8s cluster is ready"
102 cluster_ready="y"
103 break
104 else
105 echo "K8s cluster is not ready yet"
106 counter=$((counter + sampling_period))
107 sleep ${sampling_period}
108 fi
109 done
110 [ -n "$cluster_ready" ] || FATAL_TRACK k8scluster "K3s cluster nodes not ready after $time_for_failure seconds."
111
112 echo "Waiting for pods to be ready"
113 local time_for_readiness=20 # seconds ready
114 local time_for_failure=100 # seconds broken
115
116 # Equivalent number of samples
117 oks_threshold=$((time_for_readiness/${sampling_period})) # No. ok samples to declare the system ready
118 failures_threshold=$((time_for_failure/${sampling_period})) # No. nok samples to declare the system broken
119 failures_in_a_row=0
120 oks_in_a_row=0
121 ####################################################################################
122 # Loop to check system readiness
123 ####################################################################################
124 K3S_NAMESPACE=kube-system
125 while [[ (${failures_in_a_row} -lt ${failures_threshold}) && (${oks_in_a_row} -lt ${oks_threshold}) ]]
126 do
127 # State of pods rather than completed jobs
128 K3S_PODS_STATE=$(kubectl get pod -n ${K3S_NAMESPACE} --no-headers |grep -v Completed 2>&1)
129 K3S_PODS_READY=$(echo "${K3S_PODS_STATE}" | awk '$2=="1/1" || $2=="2/2" {printf ("%s\t%s\t\n", $1, $2)}')
130 K3S_PODS_NOT_READY=$(echo "${K3S_PODS_STATE}" | awk '$2!="1/1" && $2!="2/2" {printf ("%s\t%s\t\n", $1, $2)}')
131 COUNT_K3S_PODS_READY=$(echo "${K3S_PODS_READY}"| grep -v -e '^$' | wc -l)
132 COUNT_K3S_PODS_NOT_READY=$(echo "${K3S_PODS_NOT_READY}" | grep -v -e '^$' | wc -l)
133
134 # OK sample
135 if [[ ${COUNT_K3S_PODS_NOT_READY} -eq 0 ]]
136 then
137 ((++oks_in_a_row))
138 failures_in_a_row=0
139 echo -ne ===\> Successful checks: "${oks_in_a_row}"/${oks_threshold}\\r
140 # NOK sample
141 else
142 ((++failures_in_a_row))
143 oks_in_a_row=0
144 echo
145 echo Bootstraping... "${failures_in_a_row}" checks of ${failures_threshold}
146
147 # Reports failed pods in K3S
148 if [[ "${COUNT_K3S_PODS_NOT_READY}" -ne 0 ]]
149 then
150 echo "K3S kube-system: Waiting for ${COUNT_K3S_PODS_NOT_READY} of $((${COUNT_K3S_PODS_NOT_READY}+${COUNT_K3S_PODS_READY})) pods to be ready:"
151 echo "${K3S_PODS_NOT_READY}"
152 echo
153 fi
154 fi
155
156 #------------ NEXT SAMPLE
157 sleep ${sampling_period}
158 done
159
160 ####################################################################################
161 # OUTCOME
162 ####################################################################################
163 if [[ (${failures_in_a_row} -ge ${failures_threshold}) ]]
164 then
165 echo
166 FATAL_TRACK k8scluster "K8S CLUSTER IS BROKEN"
167 else
168 echo
169 echo "K8S CLUSTER IS READY"
170 fi
171 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
172}
173
garciadeblas72a25d52024-09-19 12:38:36 +0200[diff] [blame]174# Install kubectl client
175function install_kubectl() {
176 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
177 curl -LO "https://dl.k8s.io/release/${K8S_CLIENT_VERSION}/bin/linux/amd64/kubectl"
178 sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
179 rm kubectl
180 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
181}
182
garciadeblas1f338482024-07-04 19:26:54 +0200[diff] [blame]183# Initializes kubeconfig file
184function save_kubeconfig() {
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]185 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
186 KUBEDIR="${HOME}/.kube"
187 KUBEFILE="$KUBEDIR/config"
188 mkdir -p "${KUBEDIR}"
garciadeblas1f338482024-07-04 19:26:54 +0200[diff] [blame]189 K3S_KUBECONFIG="/etc/rancher/k3s/k3s.yaml"
190 sudo cp "${K3S_KUBECONFIG}" "${KUBEFILE}"
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]191 sudo chown $(id -u):$(id -g) "${KUBEFILE}"
garciadeblas1f338482024-07-04 19:26:54 +0200[diff] [blame]192 sed -i "s#server: https://127.0.0.1#server: https://${DEFAULT_IP}#g" "${KUBEFILE}"
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]193 chmod 700 "${KUBEFILE}"
194 echo
195 echo "Credentials saved at ${KUBEFILE}"
196 echo
197 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
198}
199
200# main
garciadeblase3a84a52024-09-27 11:34:55 +0200[diff] [blame^]201while getopts ":D:i:e:p:d:u:P:-: " o; do
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]202 case "${o}" in
garciadeblas1f338482024-07-04 19:26:54 +0200[diff] [blame]203 i)
204 DEFAULT_IP="${OPTARG}"
205 ;;
garciadeblase3a84a52024-09-27 11:34:55 +0200[diff] [blame^]206 e)
207 K3S_PUBLIC_IP="${OPTARG}"
208 ;;
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]209 D)
210 OSM_DEVOPS="${OPTARG}"
211 ;;
garciadeblas117fd4a2024-08-21 18:18:14 +0200[diff] [blame]212 p)
213 DOCKER_PROXY_URL="${OPTARG}"
214 ;;
garciadeblas2efb98b2024-08-21 21:19:36 +0200[diff] [blame]215 d)
216 DOCKER_REGISTRY_URL="${OPTARG}"
217 ;;
218 u)
219 DOCKER_REGISTRY_USER="${OPTARG}"
220 ;;
221 P)
222 DOCKER_REGISTRY_PASSWORD="${OPTARG}"
223 ;;
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]224 -)
225 [ "${OPTARG}" == "debug" ] && DEBUG_INSTALL="y" && continue
226 echo -e "Invalid option: '--$OPTARG'\n" >&2
227 exit 1
228 ;;
229 :)
230 echo "Option -$OPTARG requires an argument" >&2
231 exit 1
232 ;;
233 \?)
234 echo -e "Invalid option: '-$OPTARG'\n" >&2
235 exit 1
236 ;;
237 *)
238 exit 1
239 ;;
240 esac
241done
242
garciadeblas82981162024-07-23 15:24:00 +0200[diff] [blame]243DEBUG_INSTALL=${DEBUG_INSTALL:-}
244DEFAULT_IP=${DEFAULT_IP:-"127.0.0.1"}
245OSM_DEVOPS=${OSM_DEVOPS:-"/usr/share/osm-devops"}
garciadeblas117fd4a2024-08-21 18:18:14 +0200[diff] [blame]246DOCKER_PROXY_URL=${DOCKER_PROXY_URL=-}
garciadeblas2efb98b2024-08-21 21:19:36 +0200[diff] [blame]247DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL=-}
248DOCKER_REGISTRY_USER=${DOCKER_REGISTRY_USER=-}
249DOCKER_REGISTRY_PASSWORD=${DOCKER_REGISTRY_PASSWORD=-}
garciadeblase3a84a52024-09-27 11:34:55 +0200[diff] [blame^]250K3S_PUBLIC_IP=${K3S_PUBLIC_IP:-}
garciadeblas1f338482024-07-04 19:26:54 +0200[diff] [blame]251echo "DEBUG_INSTALL=${DEBUG_INSTALL}"
252echo "DEFAULT_IP=${DEFAULT_IP}"
253echo "OSM_DEVOPS=${OSM_DEVOPS}"
garciadeblas117fd4a2024-08-21 18:18:14 +0200[diff] [blame]254echo "DOCKER_PROXY_URL=${DOCKER_PROXY_URL}"
garciadeblas2efb98b2024-08-21 21:19:36 +0200[diff] [blame]255echo "DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL}"
256echo "DOCKER_REGISTRY_USER=${DOCKER_REGISTRY_USER}"
garciadeblase3a84a52024-09-27 11:34:55 +0200[diff] [blame^]257echo "K3S_PUBLIC_IP=${K3S_PUBLIC_IP}"
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]258echo "HOME=$HOME"
259
garciadeblas82981162024-07-23 15:24:00 +0200[diff] [blame]260source $OSM_DEVOPS/common/logging
261source $OSM_DEVOPS/common/track
262
garciadeblas117fd4a2024-08-21 18:18:14 +0200[diff] [blame]263configure_registry
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]264install_k3s
265track k8scluster k3s_install_ok
266check_for_readiness
267track k8scluster k3s_node_ready_ok
268# update_service_nodeport_range
269# check_for_readiness
270# track k8scluster k3s_update_nodeport_range_ok
garciadeblas72a25d52024-09-19 12:38:36 +0200[diff] [blame]271install_kubectl
garciadeblas1f338482024-07-04 19:26:54 +0200[diff] [blame]272save_kubeconfig
garciadeblasb3797412024-06-06 14:26:24 +0200[diff] [blame]273track k8scluster k3s_creds_ok