diff --git a/deployments/node/README.md b/deployments/node/README.md index 6401f3c..fc068eb 100644 --- a/deployments/node/README.md +++ b/deployments/node/README.md @@ -38,6 +38,7 @@ A Helm chart for Fluidos Node | networkManager.pod.labels | object | `{}` | Labels for the network-manager pod. | | networkManager.pod.resources | object | `{"limits":{},"requests":{}}` | Resource requests and limits (https://kubernetes.io/docs/user-guide/compute-resources/) for the network-manager pod. | | networkManager.replicas | int | `1` | The number of Network Manager, which can be increased for active/passive high availability. | +| provider | string | `"your-provider"` | | | pullPolicy | string | `"IfNotPresent"` | The pullPolicy for fluidos-node pods. | | rearController.imageName | string | `"ghcr.io/fluidos-project/rear-controller"` | | | rearController.pod.annotations | object | `{}` | Annotations for the rear-controller pod. | diff --git a/deployments/node/templates/fluidos-liqo-controller-manager-role.yaml b/deployments/node/templates/fluidos-liqo-controller-manager-role.yaml new file mode 100644 index 0000000..ac225b6 --- /dev/null +++ b/deployments/node/templates/fluidos-liqo-controller-manager-role.yaml @@ -0,0 +1,9 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: liqo + name: liqo-controller-manager-role +rules: +- apiGroups: ["apps"] + resources: ["deployments"] + verbs: ["get", "patch"] \ No newline at end of file diff --git a/deployments/node/templates/fluidos-lqo-controller-manager-rolebinding.yaml b/deployments/node/templates/fluidos-lqo-controller-manager-rolebinding.yaml new file mode 100644 index 0000000..17b5931 --- /dev/null +++ b/deployments/node/templates/fluidos-lqo-controller-manager-rolebinding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: liqo-controller-manager-rolebinding + namespace: liqo +subjects: +- kind: ServiceAccount + name: default + namespace: fluidos +roleRef: + kind: Role + name: liqo-controller-manager-role + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/deployments/node/templates/fluidos-post-install-hook.yaml b/deployments/node/templates/fluidos-post-install-hook.yaml new file mode 100644 index 0000000..a710a34 --- /dev/null +++ b/deployments/node/templates/fluidos-post-install-hook.yaml @@ -0,0 +1,29 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: configure-liqo + labels: + app: liqo + annotations: + "helm.sh/hook": post-install + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + spec: + serviceAccountName: default + containers: + - name: configure-liqo + image: bitnami/kubectl:latest + command: ["/bin/sh", "-c", "cp /scripts/configure-liqo.sh /tmp/configure-liqo.sh && chmod +x /tmp/configure-liqo.sh && /tmp/configure-liqo.sh"] + volumeMounts: + - name: script + mountPath: /scripts + - name: tmp-scripts + mountPath: /tmp + restartPolicy: OnFailure + volumes: + - name: script + configMap: + name: configure-liqo-script + - name: tmp-scripts + emptyDir: {} \ No newline at end of file diff --git a/deployments/node/templates/fluidos-pre-install-hook-authz.yaml b/deployments/node/templates/fluidos-pre-install-hook-authz.yaml new file mode 100644 index 0000000..178fd1c --- /dev/null +++ b/deployments/node/templates/fluidos-pre-install-hook-authz.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: helm-service-account + namespace: fluidos + annotations: + "helm.sh/hook": pre-install + "helm.sh/hook-weight": "-2" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: admin-cluster-role + annotations: + "helm.sh/hook": pre-install + "helm.sh/hook-weight": "-2" +rules: + - apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: admin-cluster-rolebinding + annotations: + "helm.sh/hook": pre-install + "helm.sh/hook-weight": "-2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin-cluster-role +subjects: + - kind: ServiceAccount + name: helm-service-account + namespace: fluidos diff --git a/deployments/node/templates/fluidos-pre-install-hook-cm.yaml b/deployments/node/templates/fluidos-pre-install-hook-cm.yaml new file mode 100644 index 0000000..4785002 --- /dev/null +++ b/deployments/node/templates/fluidos-pre-install-hook-cm.yaml @@ -0,0 +1,94 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: pre-install-script + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install + "helm.sh/hook-weight": "-1" +data: + pre-install.sh: | + #!/bin/bash + + # Function to check if a Helm release is installed + is_helm_installed() { + helm ls --all --short -n $1 | grep -q "^$2\$" + } + + # Function to check if a Kubernetes resource exists + is_k8s_resource_present() { + kubectl get $1 -n $2 &> /dev/null + } + + # Function to install metrics-server if not installed + install_metrics_server() { + if ! is_helm_installed "default" "metrics-server" && ! is_k8s_resource_present "deployment/metrics-server" "kube-system"; then + echo "Installing metrics-server..." + helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/ + helm repo update + helm install metrics-server metrics-server/metrics-server -n kube-system --set defaultArgs='{--kubelet-insecure-tls,--kubelet-preferred-address-types=InternalIP\,ExternalIP\,Hostname,--cert-dir=/tmp,--kubelet-use-node-status-port}' + echo "Waiting for metrics-server to be ready" + kubectl wait --for=condition=ready pod -l k8s-app=metrics-server -n kube-system --timeout=400s + else + echo "metrics-server is already installed." + fi + } + + # Function to install cert-manager if not installed + install_cert_manager() { + if ! is_helm_installed "cert-manager" "cert-manager" && ! is_k8s_resource_present "deployment/cert-manager" "cert-manager"; then + echo "Installing cert-manager..." + helm repo add jetstack https://charts.jetstack.io + helm repo update + kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml + helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace + else + echo "cert-manager is already installed." + fi + } + + # Function to install liqo if not installed + install_liqo() { + local provider=$1 + + if [ -z "$provider" ]; then + echo "Provider not specified for liqo. Usage: $0 " + exit 1 + fi + + if ! is_helm_installed "default" "liqo" && ! is_k8s_resource_present "deployment/liqo" "liqo"; then + echo "Installing liqo with provider $provider..." + curl -sL https://github.com/liqotech/liqo/releases/download/v0.4.0/liqoctl-linux-amd64 -o /usr/local/bin/liqoctl + chmod +x /usr/local/bin/liqoctl + liqoctl install $provider --cluster-name $provider --only-output-values --dump-values-path="values-liqo.yaml" + helm repo add liqo https://helm.liqo.io/ + helm repo update + helm install liqo liqo/liqo -f values-liqo.yaml -n liqo --create-namespace + rm values-liqo.yaml + else + echo "liqo is already installed." + fi + } + + # Main script + main() { + # Check if Helm is installed + if ! command -v helm &> /dev/null; then + echo "Helm is not installed. Please install Helm first." + exit 1 + fi + + # Check if kubectl is installed + if ! command -v kubectl &> /dev/null; then + echo "kubectl is not installed. Please install kubectl first." + exit 1 + fi + + # Install dependencies + install_metrics_server + install_cert_manager + install_liqo $1 + } + + # Run the main script with provider as parameter + main $1 \ No newline at end of file diff --git a/deployments/node/templates/fluidos-pre-install-hook-job.yaml b/deployments/node/templates/fluidos-pre-install-hook-job.yaml new file mode 100644 index 0000000..cb36a59 --- /dev/null +++ b/deployments/node/templates/fluidos-pre-install-hook-job.yaml @@ -0,0 +1,24 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: pre-install-job + namespace: {{ .Release.Namespace }} + labels: + app: my-app +spec: + template: + spec: + hostNetwork: true + serviceAccountName: helm-service-account + containers: + - name: pre-install-container + image: dtzar/helm-kubectl:latest + command: ["/bin/sh", "-c", "sh /scripts/pre-install.sh {{ .Values.provider }}"] + volumeMounts: + - name: script + mountPath: /scripts + restartPolicy: OnFailure + volumes: + - name: script + configMap: + name: pre-install-script diff --git a/deployments/node/templates/fuidos-configure-liqo-script-cm.yaml b/deployments/node/templates/fuidos-configure-liqo-script-cm.yaml new file mode 100644 index 0000000..e6e737f --- /dev/null +++ b/deployments/node/templates/fuidos-configure-liqo-script-cm.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: configure-liqo-script + labels: + app: liqo +data: + configure-liqo.sh: | + #!/bin/sh + kubectl patch deployment liqo-controller-manager -n liqo --type='json' -p='[ + { + "op": "add", + "path": "/spec/template/spec/containers/0/args/-", + "value": "--enable-resource-enforcement" + }, + { + "op": "add", + "path": "/spec/template/spec/containers/0/args/-", + "value": "--resource-plugin-address=node-rear-controller-grpc.fluidos:2710" + } + ]' \ No newline at end of file diff --git a/deployments/node/values.yaml b/deployments/node/values.yaml index ba92994..d605652 100644 --- a/deployments/node/values.yaml +++ b/deployments/node/values.yaml @@ -147,3 +147,5 @@ networkManager: ip: # -- The NodeID is a UUID that identifies the FLUIDOS Node. It is used to generate the FQDN of the owned FLUIDOS Nodes and it is unique in the FLUIDOS closed domain nodeID: + +provider: "your-provider" diff --git a/tools/scripts/installation.sh b/tools/scripts/installation.sh index 9e3b6c6..16ae296 100644 --- a/tools/scripts/installation.sh +++ b/tools/scripts/installation.sh @@ -173,29 +173,7 @@ function install_components() { # Get the kubeconfig file which depends on variable installation_type KUBECONFIG=$(jq -r '.kubeconfig' <<< "${clusters[$cluster]}") - echo "The KUBECONFIG is $KUBECONFIG" - - # Skip the installation of the metrics-server if the cluster is a provider and its installation type is not kind - if [ "$(jq -r '.role' <<< "${clusters[$cluster]}")" == "provider" ] && [ "$installation_type" != "kind" ]; then - echo "Skipping metrics-server installation in a cluster not managed by the user." - else - # Check if metrics-server is installed - echo "Checking if metrics-server is installed" - if ! kubectl get deployment metrics-server -n kube-system --kubeconfig "$KUBECONFIG" &>/dev/null; then - echo "Metrics-server is not installed. Installing it..." - # Apply the metrics-server - kubectl apply -f "$SCRIPT_DIR"/../../quickstart/utils/metrics-server.yaml --kubeconfig "$KUBECONFIG" - - # Wait for the metrics-server to be ready - echo "Waiting for metrics-server to be ready" - kubectl wait --for=condition=ready pod -l k8s-app=metrics-server -n kube-system --timeout=300s --kubeconfig "$KUBECONFIG" - else - echo "Metrics-server is already installed" - fi - fi - - # Decide value file to use based on the role of the cluster if [ "$(jq -r '.role' <<< "${clusters[$cluster]}")" == "consumer" ]; then @@ -228,7 +206,6 @@ function install_components() { fi fi - # Skipping the installation of the node Helm chart if the cluster is a provider and its installation type is not kind if [ "$(jq -r '.role' <<< "${clusters[$cluster]}")" == "provider" ] && [ "$installation_type" != "kind" ]; then echo "Skipping FLUIDOS Node installation in a cluster not managed by the user" @@ -247,30 +224,19 @@ function install_components() { helm upgrade --install node $SCRIPT_DIR/../../deployments/node \ -n fluidos --create-namespace -f $value_file $IMAGE_SET_STRING \ --set tag=$VERSION \ + --set "provider=$installation_type" \ --set "networkManager.configMaps.nodeIdentity.ip=$ip:$port" \ --set "networkManager.configMaps.providers.local=${providers_ips[$cluster]}" \ --kubeconfig $KUBECONFIG else echo "Installing remote repositories in cluster $cluster with local resource manager" helm upgrade --install node fluidos/node -n fluidos --create-namespace -f "$value_file" \ + --set "provider=$installation_type" \ --set "networkManager.configMaps.nodeIdentity.ip=$ip:$port" \ --set 'networkManager.configMaps.providers.local'="${providers_ips[$cluster]}" \ --kubeconfig "$KUBECONFIG" fi fi - - # Skip the installation of LIQO if the cluster is a provider and its installation type is not kind - if [ "$(jq -r '.role' <<< "${clusters[$cluster]}")" == "provider" ] && [ "$installation_type" != "kind" ]; then - echo "Skipping LIQO installation in a cluster not managed by the user." - else - echo "Installing LIQO in cluster $cluster" - echo "Cluster type is $installation_type" - liqoctl install "$installation_type" \ - --cluster-name "$cluster" \ - --set controllerManager.config.resourcePluginAddress=node-rear-controller-grpc.fluidos:2710 \ - --set controllerManager.config.enableResourceEnforcement=true \ - --kubeconfig "$KUBECONFIG" - fi ) & # Save the PID of the process pids+=($!) diff --git a/tools/scripts/requirements.sh b/tools/scripts/requirements.sh index dad80bf..37b7934 100644 --- a/tools/scripts/requirements.sh +++ b/tools/scripts/requirements.sh @@ -163,7 +163,7 @@ function check_liqoctl() { # Ask the user if they want to install liqoctl read -r -p "Do you want to install liqoctl? (y/n): " install_liqoctl if [ "$install_liqoctl" == "y" ]; then - install_liqo + install_liqoctl else echo "LIQO is required to continue. Exiting..." exit 1