From 6c3bd9f608fea922b2f2aa76f779c16fd2d89fb9 Mon Sep 17 00:00:00 2001 From: yy <56745951+lingdie@users.noreply.github.com> Date: Fri, 30 Jun 2023 18:06:52 +0800 Subject: [PATCH] feat: update sealos cloud cluster image (#3448) * update sealos cloud cluster image --- .github/workflows/cloud.yml | 4 +- deploy/cloud/etc/sealos/desktop-config.yaml | 14 ++++ deploy/cloud/init.sh | 3 +- deploy/cloud/manifests/mongodb.yaml | 77 +++++++++++++++++++ deploy/cloud/scripts/gen-mongodb-uri.sh | 18 +++++ deploy/cloud/scripts/init.sh | 66 ++++++++++++++-- frontend/desktop/deploy/Kubefile | 4 + frontend/desktop/deploy/README.md | 1 + .../desktop/deploy/manifests/deploy.yaml.tmpl | 8 +- frontend/desktop/deploy/manifests/secret.yaml | 2 +- frontend/providers/terminal/deploy/Kubefile | 2 + .../{deploy.yaml => deploy.yaml.tmpl} | 5 ++ 12 files changed, 189 insertions(+), 15 deletions(-) create mode 100644 deploy/cloud/etc/sealos/desktop-config.yaml create mode 100644 deploy/cloud/manifests/mongodb.yaml create mode 100644 deploy/cloud/scripts/gen-mongodb-uri.sh rename frontend/providers/terminal/deploy/manifests/{deploy.yaml => deploy.yaml.tmpl} (90%) diff --git a/.github/workflows/cloud.yml b/.github/workflows/cloud.yml index e04caec2cb6..6472056707a 100644 --- a/.github/workflows/cloud.yml +++ b/.github/workflows/cloud.yml @@ -90,7 +90,9 @@ jobs: - name: Build sealos cloud cluster image working-directory: deploy/cloud run: | - sed -i "s#nightly#${{ inputs.build_from }}#g" init.sh + [ -z "${{ inputs.build_from }}" ] && BuildFromTag="nightly" || BuildFromTag="${{ inputs.build_from }}"; echo "BuildFromTag=${BuildFromTag}" + sed -i "s#nightly#${BuildFromTag}#g" init.sh + sed -i "s#nightly#${BuildFromTag}#g" etc/sealos/desktop-config.yaml sudo bash init.sh sudo sealos build -t ${{ steps.prepare.outputs.repo }}:${{ steps.prepare.outputs.tag_name }} -f Kubefile sudo sealos push ${{ steps.prepare.outputs.repo }}:${{ steps.prepare.outputs.tag_name }} diff --git a/deploy/cloud/etc/sealos/desktop-config.yaml b/deploy/cloud/etc/sealos/desktop-config.yaml new file mode 100644 index 00000000000..6ec039f3458 --- /dev/null +++ b/deploy/cloud/etc/sealos/desktop-config.yaml @@ -0,0 +1,14 @@ +apiVersion: apps.sealos.io/v1beta1 +kind: Config +metadata: + name: secret +spec: + path: manifests/secret.yaml + # do not modify this image, it's used by ci. + match: ghcr.io/labring/sealos-cloud-desktop-frontend:nightly + strategy: merge + data: | + data: + mongodb_uri: + jwt_secret: + password_salt: diff --git a/deploy/cloud/init.sh b/deploy/cloud/init.sh index 6d628ee41fa..07562c6efea 100644 --- a/deploy/cloud/init.sh +++ b/deploy/cloud/init.sh @@ -6,6 +6,7 @@ sealos pull ghcr.io/labring/sealos-cloud-app-controller:nightly sealos pull ghcr.io/labring/sealos-cloud-desktop-frontend:nightly sealos pull ghcr.io/labring/sealos-cloud-terminal-frontend:nightly sealos pull ghcr.io/labring/sealos-cloud-applaunchpad-frontend:nightly +sealos pull ghcr.io/labring/sealos-cloud-dbprovider-frontend:nightly @@ -15,4 +16,4 @@ sealos save -o tars/app.tar ghcr.io/labring/sealos-cloud-app-controller:nightly sealos save -o tars/frontend-desktop.tar ghcr.io/labring/sealos-cloud-desktop-frontend:nightly sealos save -o tars/frontend-terminal.tar ghcr.io/labring/sealos-cloud-terminal-frontend:nightly sealos save -o tars/frontend-applaunchpad.tar ghcr.io/labring/sealos-cloud-applaunchpad-frontend:nightly - +sealos save -o tars/frontend-dbprovider.tar ghcr.io/labring/sealos-cloud-dbprovider-frontend:nightly diff --git a/deploy/cloud/manifests/mongodb.yaml b/deploy/cloud/manifests/mongodb.yaml new file mode 100644 index 00000000000..739a584bb7a --- /dev/null +++ b/deploy/cloud/manifests/mongodb.yaml @@ -0,0 +1,77 @@ +apiVersion: apps.kubeblocks.io/v1alpha1 +kind: Cluster +metadata: + finalizers: + - cluster.kubeblocks.io/finalizer + generation: 1 + labels: + clusterdefinition.kubeblocks.io/name: mongodb + clusterversion.kubeblocks.io/name: mongodb-5.0.14 + name: sealos-mongodb + namespace: sealos +spec: + clusterDefinitionRef: mongodb + clusterVersionRef: mongodb-5.0.14 + componentSpecs: + - componentDefRef: mongodb + monitor: true + name: mongodb + replicas: 1 + resources: + limits: + cpu: "1" + memory: 2Gi + requests: + cpu: "0.5" + memory: 1Gi + serviceAccountName: sealos-mongodb-sa + volumeClaimTemplates: + - name: data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 30Gi + terminationPolicy: Delete +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: mongo-name + app.kubernetes.io/managed-by: kbcli + name: sealos-mongodb-sa + namespace: sealos +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/instance: mongo-name + app.kubernetes.io/managed-by: kbcli + name: sealos-mongodb-role + namespace: sealos +rules: + - apiGroups: + - "" + resources: + - events + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/instance: mongo-name + app.kubernetes.io/managed-by: kbcli + name: sealos-mongodb-rolebinding + namespace: sealos +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: sealos-mongodb-role +subjects: + - kind: ServiceAccount + name: sealos-mongodb-sa \ No newline at end of file diff --git a/deploy/cloud/scripts/gen-mongodb-uri.sh b/deploy/cloud/scripts/gen-mongodb-uri.sh new file mode 100644 index 00000000000..0f757917cc2 --- /dev/null +++ b/deploy/cloud/scripts/gen-mongodb-uri.sh @@ -0,0 +1,18 @@ +#!/bin/bash +namespace="sealos" +secret_name="sealos-mongodb-conn-credential" + +secret_data=$(kubectl get secret -n $namespace $secret_name -o go-template='{{range $k,$v := .data}}{{printf "%s: " $k}}{{if not $v}}{{$v}}{{else}}{{$v | base64decode}}{{end}}{{"\n"}}{{end}}') + +endpoint=$(echo "$secret_data" | awk -F': ' '/endpoint/ {print $2}') +headlessEndpoint=$(echo "$secret_data" | awk -F': ' '/headlessEndpoint/ {print $2}') +headlessHost=$(echo "$secret_data" | awk -F': ' '/headlessHost/ {print $2}') +headlessPort=$(echo "$secret_data" | awk -F': ' '/headlessPort/ {print $2}') +host=$(echo "$secret_data" | awk -F': ' '/host/ {print $2}') +password=$(echo "$secret_data" | awk -F': ' '/password/ {print $2}') +port=$(echo "$secret_data" | awk -F': ' '/port/ {print $2}') +username=$(echo "$secret_data" | awk -F': ' '/username/ {print $2}') + +mongodb_uri="mongodb://$username:$password@$headlessEndpoint" + +echo "$mongodb_uri" \ No newline at end of file diff --git a/deploy/cloud/scripts/init.sh b/deploy/cloud/scripts/init.sh index 61c499f80f4..ebdd02475de 100644 --- a/deploy/cloud/scripts/init.sh +++ b/deploy/cloud/scripts/init.sh @@ -4,6 +4,7 @@ set -e cloudDomain="cloud.io" tlsCrtPlaceholder="" tlsKeyPlaceholder="" +mongodb_uri="" function read_env { source $1 @@ -27,33 +28,82 @@ function sealos_run_controller { sealos run tars/user.tar # run terminal controller - sealos run tars/terminal.tar --env cloudDomain=$cloudDomain --env userNamespace="user-system" --env wildcardCertSecretName="wildcard-cert" --env wildcardCertSecretNamespace="sealos-system" + sealos run tars/terminal.tar \ + --env cloudDomain=$cloudDomain \ + --env userNamespace="user-system" \ + --env wildcardCertSecretName="wildcard-cert" \ + --env wildcardCertSecretNamespace="sealos-system" # run app controller sealos run tars/app.tar } +function gen_mongodb_uri() { + # if mongodb_uri is empty then apply kubeblocks mongodb cr and gen mongodb uri + if [ -z "$mongodb_uri" ]; then + kubectl apply -f manifests/mongodb.yaml + # if there is no sealos-mongodb-conn-credential secret then wait for mongodb ready + while [ -z "$(kubectl get secret -n sealos sealos-mongodb-conn-credential)" ]; do + echo "waiting for mongodb secret generated" + sleep 5 + done + chmod +x scripts/gen-mongodb-uri.sh + mongodb_uri=$(scripts/gen-mongodb-uri.sh) + fi +} function sealos_run_frontend { - sealos run tars/frontend-desktop.tar --env cloudDomain=$cloudDomain --env certSecretName="wildcard-cert" + # mutate desktop config before running desktop + echo "mutate desktop config" + mutate_desktop_config + + echo "run desktop frontend" + sealos run tars/frontend-desktop.tar \ + --env cloudDomain=$cloudDomain \ + --env certSecretName="wildcard-cert" \ + --env passwordEnabled="true" \ + --config-file etc/sealos/desktop-config.yaml - sealos run tars/frontend-applaunchpad.tar --env cloudDomain=$cloudDomain --env certSecretName="wildcard-cert" + echo "run applaunchpad frontend" + sealos run tars/frontend-applaunchpad.tar \ + --env cloudDomain=$cloudDomain \ + --env certSecretName="wildcard-cert" - sealos run tars/frontend-terminal.tar --env cloudDomain=$cloudDomain --env certSecretName="wildcard-cert" + echo "run terminal frontend" + sealos run tars/frontend-terminal.tar \ + --env cloudDomain=$cloudDomain \ + --env certSecretName="wildcard-cert" + + echo "run dbprovider frontend" + sealos run tars/frontend-dbprovider.tar \ + --env cloudDomain=$cloudDomain \ + --env certSecretName="wildcard-cert" } +function mutate_desktop_config() { + # mutate etc/sealos/desktop-config.yaml by using mongodb uri and two random base64 string + sed -i -e "s;;$(echo -n "$mongodb_uri" | base64 -w 0);" etc/sealos/desktop-config.yaml + sed -i -e "s;;$(tr -cd 'a-z0-9' ;$(tr -cd 'a-z0-9'