Use uyuniadm to install the containerized server

Since uyuniadm install embeds all the logic to setup a containerized server use it to setup both k3s and podman containers.
uyuni-project · Aug 2, 2023 · 158c801 · 158c801
1 parent c9e3943
commit 158c801
Show file tree

Hide file tree

Showing 12 changed files with 75 additions and 305 deletions.
diff --git a/modules/server_containerized/main.tf b/modules/server_containerized/main.tf
@@ -46,6 +46,8 @@ module "server_containerized" {
     server_username                = var.server_username
     server_password                = var.server_password
     java_debugging                 = var.java_debugging
+    from_email                     = var.from_email
+    traceback_email                = var.traceback_email
     skip_changelog_import          = var.skip_changelog_import
     create_first_user              = var.create_first_user
     mgr_sync_autologin             = var.mgr_sync_autologin

diff --git a/modules/server_containerized/variables.tf b/modules/server_containerized/variables.tf
@@ -172,6 +172,11 @@ variable "from_email" {
   default     = null
 }
 
+variable "traceback_email" {
+  description = "recipient email address that will receive errors during usage"
+  default     = null
+}
+
 variable "smt" {
   description = "URL to an SMT server to get packages from"
   default     = null

diff --git a/salt/server_containerized/cert-manager-selfsigned-issuer.yaml b/salt/server_containerized/cert-manager-selfsigned-issuer.yaml
diff --git a/salt/server_containerized/chart-values.yaml b/salt/server_containerized/chart-values.yaml
@@ -1,15 +1 @@
-ingressSslAnnotations:
-  cert-manager.io/issuer: uyuni-ca-issuer
-{%- if grains.get("container_repository") %}
-repository: {{ grains.get("container_repository") }}
-{%- endif %}
 exposeJavaDebug: {{ grains.get("java_debugging") }}
-uyuniMailFrom: {{ grains.get("from_email") }}
-fqdn: {{ grains.get("fqdn") }}
-sccUser: {{ grains.get("cc_username") }}
-sccPass: {{ grains.get("cc_password") }}
-{%- set mirror_hostname = grains.get('server_mounted_mirror') if grains.get('server_mounted_mirror') else grains.get('mirror') %}
-{%- if mirror_hostname %}
-mirror:
-  hostPath: /srv/mirror
-{%- endif %}
diff --git a/salt/server_containerized/init.sls b/salt/server_containerized/init.sls
@@ -2,8 +2,7 @@ include:
   {% if 'build_image' not in grains.get('product_version') | default('', true) %}
   - repos
   {% endif %}
-  #- server.salt_master #required by sumaform monitoring
-  - server_containerized.install_{{ grains.get('container_runtime') | default('podman', true) }}
+  - server_containerized.install_uyuniadm
   - server_containerized.initial_content
   - server_containerized.tools
   - server_containerized.testsuite
diff --git a/salt/server_containerized/install_k3s.sls b/salt/server_containerized/install_k3s.sls
@@ -20,96 +20,8 @@ helm_install:
     - refresh: True
     - name: helm
 
-cert_manager_install:
-  cmd.run:
-    - name: kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.yaml
-    - unless: kubectl get deployment -n cert-manager | grep cert-manager
-
-wait_cert_manager_ready:
-  cmd.script:
-    - name: salt://server_containerized/wait_for_kube_resource.py
-    - args: cert-manager deployment cert-manager-webhook
-    - use_vt: True
-    - template: jinja
-    - require:
-      - cmd: cert_manager_install
-
-ca_issuer_file:
-  file.managed:
-    - name: /root/cert-manager-issuer.yaml
-    - source: salt://server_containerized/cert-manager-selfsigned-issuer.yaml
-    - template: jinja
-
-ca_issuer:
-  cmd.run:
-    - name: kubectl apply -f /root/cert-manager-issuer.yaml
-    - unless: kubectl get issuer | grep uyuni-ca-issuer
-    - require:
-      - file: ca_issuer_file
-      - cmd: wait_cert_manager_ready
-
-wait_issuer_ready:
-  cmd.script:
-    - name: salt://server_containerized/wait_for_kube_resource.py
-    - args: default issuer uyuni-ca-issuer
-    - use_vt: True
-    - template: jinja
-    - require:
-      - cmd: ca_issuer
-
-get_ca:
-  cmd.run:
-    - name: kubectl get secret uyuni-ca -o=jsonpath='{.data.ca\.crt}' | base64 -d > /root/ca.crt
-    - creates: /root/ca.crt
-    - require:
-      - cmd: wait_issuer_ready
-
-ca_configmap_file:
-  cmd.run:
-    - name: kubectl create configmap uyuni-ca --from-file=/root/ca.crt --dry-run=client -o yaml >/root/uyuni-ca.yaml
-    - creates: /root/uyuni-ca.yaml
-    - require:
-      - cmd:  get_ca
-
-ca_configmap:
-  cmd.run:
-    - name: kubectl apply -f /root/uyuni-ca.yaml
-    - require:
-      - cmd: ca_configmap_file
-
 chart_values_file:
   file.managed:
     - name: /root/chart-values.yaml
     - source: salt://server_containerized/chart-values.yaml
     - template: jinja
-
-{% set helm_chart_default = 'oci://registry.opensuse.org/uyuni/server' %}
-
-chart_install:
-  cmd.run:
-    - name: helm upgrade --install uyuni {{ grains.get("helm_chart_url") | default(helm_chart_default, true) }} -f /root/chart-values.yaml
-    - env:
-      - KUBECONFIG: /etc/rancher/k3s/k3s.yaml
-    - unless: helm --kubeconfig /etc/rancher/k3s/k3s.yaml list | grep uyuni
-    - require:
-      - file: chart_values_file
-      - cmd: ca_configmap
-      - sls: server_containerized.install_common
-
-wait_pod_running:
-  cmd.script:
-    - name: salt://server_containerized/wait_for_kube_resource.py
-    - args: default pod -lapp=uyuni 
-    - use_vt: True
-    - template: jinja
-    - require:
-      - cmd: chart_install
-
-wait_for_setup_end:
-  cmd.script:
-    - name: salt://server_containerized/wait_for_setup_end.py
-    - args: {{ grains.get('container_runtime') }}
-    - use_vt: True
-    - template: jinja
-    - require:
-      - cmd: wait_pod_running
diff --git a/salt/server_containerized/install_podman.sls b/salt/server_containerized/install_podman.sls
@@ -1,93 +1,10 @@
 include:
   - server_containerized.install_common
 
-server_packages:
+podman_package:
   pkg.installed:
-    - refresh: True
-    - name: uyuni-server-systemd-services
+    - name: podman
     - require:
       {% if 'build_image' not in grains.get('product_version') | default('', true) %}
       - sls: repos
       {% endif %}
-
-uyuni_server_services_config_sccuser:
-  file.replace:
-    - name: /etc/sysconfig/uyuni-server-systemd-services
-    - pattern: ^SCC_USER=.*$
-    - repl: SCC_USER="{{ grains.get('cc_username') }}"
-    - append_if_not_found: True
-
-uyuni_server_services_config_sccpass:
-  file.replace:
-    - name: /etc/sysconfig/uyuni-server-systemd-services
-    - pattern: ^SCC_PASS=.*$
-    - repl: SCC_PASS="{{ grains.get('cc_password') }}"
-    - append_if_not_found: True
-
-uyuni_server_services_config_fqdn:
-  file.replace:
-    - name: /etc/sysconfig/uyuni-server-systemd-services
-    - pattern: ^(REPORT_DB_HOST|UYUNI_FQDN)=.*$
-    - repl: \1="{{ grains.get('fqdn') }}"
-    - append_if_not_found: True
-
-{% if grains.get("java_debugging") %}
-uyuni_server_services_config_debug:
-  file.replace:
-    - name: /etc/sysconfig/uyuni-server-systemd-services
-    - pattern: ^EXTRA_POD_ARGS='([^']*)'$
-    - repl: EXTRA_POD_ARGS='-p 8000:8000 -p 8001:8001 \1'
-    - append_if_not_found: True
-{% endif %}
-
-{% if grains.get("container_repository") -%}
-uyuni-server-services_config:
-  file.replace:
-    - name: /etc/sysconfig/uyuni-server-systemd-services
-    - pattern: ^NAMESPACE=.*$
-    - repl: NAMESPACE="{{ grains.get('container_repository') }}"
-    - append_if_not_found: True
-{%- endif %}
-
-{%- set mirror_hostname = grains.get('server_mounted_mirror') if grains.get('server_mounted_mirror') else grains.get('mirror') %}
-{% if mirror_hostname -%}
-uyuni_server_services_config_mirror:
-  file.replace:
-    - name: /etc/sysconfig/uyuni-server-systemd-services
-    - pattern: ^EXTRA_POD_ARGS='([^']*)'$
-    - repl: EXTRA_POD_ARGS='-v=/srv/mirror:/mirror -e MIRROR_PATH=/mirror \1'
-    - append_if_not_found: True
-{%- endif %}
-
-uyuni-server_service:
-  service.running:
-    - name: uyuni-server
-    - enable: True
-    - require:
-      - pkg: uyuni-server-systemd-services
-      - sls: server_containerized.install_common
-      - file: uyuni_server_services_config_sccuser
-      - file: uyuni_server_services_config_sccpass
-      - file: uyuni_server_services_config_fqdn
-{% if grains.get("java_debugging") %}
-      - file: uyuni_server_services_config_debug
-{% endif %}
-{% if mirror_hostname %}
-      - file: uyuni_server_services_config_mirror
-{% endif %}
-{% if grains.get("container_repository") %}
-      - file: uyuni-server-services_config
-    - watch:
-      - file: uyuni-server-services_config
-{% endif %}
-
-wait_for_setup_end:
-  cmd.script:
-    - name: salt://server_containerized/wait_for_setup_end.py
-    - args: {{ grains.get('container_runtime') }}
-    - use_vt: True
-    - template: jinja
-    - require:
-      - sls: server_containerized.install_common
-      - service: uyuni-server_service
-
diff --git a/salt/server_containerized/install_uyuniadm.sls b/salt/server_containerized/install_uyuniadm.sls
@@ -0,0 +1,25 @@
+include:
+  - server_containerized.install_{{ grains.get('container_runtime') | default('podman', true) }}
+
+uyuniadm_config:
+  file.managed:
+    - name: /root/uyuniadm.yaml
+    - source: salt://server_containerized/uyuniadm.yaml
+    - template: jinja
+
+uyuniadm_install:
+  cmd.run:
+    - name: uyuniadm install --config /root/uyuniadm.yaml {{ grains.get("fqdn") }}
+    - env:
+      - KUBECONFIG: /etc/rancher/k3s/k3s.yaml
+{%- if grains.get('container_runtime') | default('podman', true) == 'podman' %}
+    - unless: podman ps | grep uyuni-server
+{%- else %}
+    - unless: helm --kubeconfig /etc/rancher/k3s/k3s.yaml list | grep uyuni
+{%- endif %}
+    - require:
+      - sls: server_containerized.tools
+      - sls: server_containerized.install_common
+      - sls: server_containerized.install_{{ grains.get('container_runtime') | default('podman', true) }}
+      - file: uyuniadm_config
+
diff --git a/salt/server_containerized/tools.sls b/salt/server_containerized/tools.sls
@@ -25,3 +25,10 @@ uyunictl_symlink:
     - target: /root/uyuni-tools/bin/uyunictl
     - require:
       - cmd: tools_built
+
+uyuniadm_symlink:
+  file.symlink:
+    - name: /usr/bin/uyuniadm
+    - target: /root/uyuni-tools/bin/uyuniadm
+    - require:
+      - cmd: tools_built
diff --git a/salt/server_containerized/uyuniadm.yaml b/salt/server_containerized/uyuniadm.yaml
@@ -0,0 +1,33 @@
+db:
+  password: spacewalk
+cert:
+  password: spacewalk
+scc:
+  user: {{ grains.get("cc_username") }}
+  password: {{ grains.get("cc_password") }}
+email: {{ grains.get("traceback_email") | default('galaxy-noise@suse.de', true) }}
+emailFrom: {{ grains.get("from_email") | default('galaxy-noise@suse.de', true) }}
+{%- if grains.get('container_repository') %}
+image: {{ grains.get('container_repository') }}/server
+{% endif %}
+{%- set mirror_hostname = grains.get('server_mounted_mirror') if grains.get('server_mounted_mirror') else grains.get('mirror') %}
+{%- if mirror_hostname %}
+mirrorPath: /srv/mirror
+{% endif -%}
+{% set helm_chart_default = 'oci://registry.opensuse.org/uyuni/server' %}
+helm:
+  uyuni:
+    chart: {{ grains.get("helm_chart_url") | default(helm_chart_default, true) }}
+    values: /root/chart-values.yaml
+podman:
+  arg:
+{%- if mirror_hostname %}
+    - -v=/srv/mirror:/mirror
+{%- endif %}
+{%- if grains.get("java_debugging") %}
+    - -p
+    - 8000:8000
+    - -p
+    - 8001:8001
+{%- endif %}
+    - ""
diff --git a/salt/server_containerized/wait_for_kube_resource.py b/salt/server_containerized/wait_for_kube_resource.py