Add support for deploying k3s

[tserong]

This does a couple of things:

1. Lets us use sesdev to deploy k3s, just for the sake of having an easy way to create little VM clusters running k3s (think: arbitrary k3s dev/test playground)
2. Adds the ability to deploy rook on top of k3s, for the sake of testing rook/ceph for ongoing SES maintenance.

[tserong]

AFAICT those remaining lint failures aren't actually in code I touched in this PR.

[trociny]

sesdev create k3s --deploy-ses failed for me with:

    master: ++ curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
    master: In order to verify checksum, openssl must first be installed.
    master: Please install openssl or set VERIFY_CHECKSUM=false in your environment.
    master: Failed to install helm

After I added export VERIFY_CHECKSUM=false into seslib/templates/k3s/provision.sh.j2 the deploy succeeded and the cluster is working.

Great job! Thanks!

[trociny]

Just a note. It might be useful to have the toolbox pod installed during deploy or have a hint message at the end of the deployment :

kubectl create -f ~/cluster/rook-ceph/examples/toolbox.yaml

[kshtsk]

AFAICT those remaining lint failures aren't actually in code I touched in this PR.

even though they must be fixed

[kshtsk]

@tserong btw, the deployment test is still failing how about to fix the repo issues or/and switch to the newer ses version in self test.

[tserong]

@trociny I've updated this to explicitly install openssl to fix helm's VERIFY_CHECKSUM thing. I've also added toolbox deployment, because I agree that seems pretty useful. I've done that as separate commits so it's easy to see changes, but can squash later.

@kshtsk I've cherry picked your commits from #683 here to hopefully get a clean jenkins and tox run, but I'm happy to rebase this if you want to merge your PR before merging this one.

[kshtsk]

@tserong I gonna try this PR pretty soon

[kshtsk]

Looks interesting, could you please rebase and merge.

[tserong]

Rebased

[kshtsk]

    master: ++ ceph status
    master: 2023-03-07T10:11:23.938+0000 7faa9004e700 -1 auth: unable to find a keyring on /etc/ceph/ceph.client.admin.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin,: (2) No such file or directory
    master: 2023-03-07T10:11:23.938+0000 7faa9004e700 -1 AuthRegistry(0x7faa8805f158) no keyring found at /etc/ceph/ceph.client.admin.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin,, disabling cephx
    master: 2023-03-07T10:11:24.046+0000 7faa9004e700 -1 auth: unable to find a keyring on /etc/ceph/ceph.client.admin.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin,: (2) No such file or directory
    master: 2023-03-07T10:11:24.046+0000 7faa9004e700 -1 AuthRegistry(0x7faa9004cf50) no keyring found at /etc/ceph/ceph.client.admin.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin,, disabling cephx
    master: 2023-03-07T10:11:24.246+0000 7faa8ddea700 -1 monclient(hunting): handle_auth_bad_method server allowed_methods [2] but i only support [1]
    master: 2023-03-07T10:11:24.250+0000 7faa9004e700 -1 monclient: authenticate NOTE: no keyring found; disabled cephx authentication
    master: [errno 13] RADOS permission denied (error connecting to the cluster)
    master: +++ err_report 638
    master: +++ local hn
    master: +++ set +x
    master: Error in provisioner script trapped!

[kshtsk]

Just wonder why it wasn't failing before rebase, and btw, it is not reproducible on master now.

[kshtsk]

so, gonna merge this?

[tserong]

so, gonna merge this?

Yep :-)