fix(merge): merge of different fixes for testing

caos · Jan 13, 2022 · b024111 · b024111
2 parents a491ce6 + 6e37eb6
commit b024111
Show file tree

Hide file tree

Showing 43 changed files with 589 additions and 338 deletions.
diff --git a/cmd/nodeagent/main.go b/cmd/nodeagent/main.go
@@ -93,6 +93,8 @@ func main() {
 
 	go func() {
 		for sig := range signalChannel {
+			monitor.WithField("signal", sig.String()).Info("Received signal")
+			cancelCtx()
 			mutexActionChannel <- sig
 		}
 	}()
@@ -115,7 +117,7 @@ func main() {
 
 	pruned := strings.Split(string(repoKey), "-----")[2]
 	hashed := sha256.Sum256([]byte(pruned))
-	conv := conv.New(monitor, runningOnOS, fmt.Sprintf("%x", hashed[:]))
+	conv := conv.New(ctx, monitor, runningOnOS, fmt.Sprintf("%x", hashed[:]))
 
 	gitClient := git.New(ctx, monitor, fmt.Sprintf("Node Agent %s", *nodeAgentID), "node-agent@caos.ch")
 
@@ -161,8 +163,7 @@ func main() {
 		switch sig := action.(type) {
 		case os.Signal:
 			monitor.WithField("signal", sig.String()).Info("Shutting down")
-			cancelCtx()
-			os.Exit(int(sig.(syscall.Signal)))
+			os.Exit(0)
 		case iterateType:
 			monitor.Info("Starting iteration")
 			itFunc()

diff --git a/go.mod b/go.mod
@@ -30,6 +30,7 @@ require (
 	golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83
 	golang.org/x/net v0.0.0-20210614182718-04defd469f4e
 	golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f
+	golang.org/x/sys v0.0.0-20211013075003-97ac67df715c // indirect
 	google.golang.org/api v0.57.0
 	gopkg.in/raintank/schema.v1 v1.0.0
 	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b

diff --git a/go.sum b/go.sum
@@ -928,8 +928,9 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365 h1:6wSTsvPddg9gc/mVEEyk9oOAoxn+bT4Z9q1zx+4RwA4=
 golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211013075003-97ac67df715c h1:taxlMj0D/1sOAuv/CbSD+MMDof2vbyPTqz5FNYKpXt8=
+golang.org/x/sys v0.0.0-20211013075003-97ac67df715c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=

diff --git a/internal/operator/boom/application/applications/kubemetricsexporter/helm/default.go b/internal/operator/boom/application/applications/kubemetricsexporter/helm/default.go
@@ -77,12 +77,12 @@ func DefaultValues(imageTags map[string]string, image string) *Values {
 		},
 		Resources: &k8s.Resources{
 			Limits: corev1.ResourceList{
-				corev1.ResourceCPU:    resource.MustParse("20m"),
-				corev1.ResourceMemory: resource.MustParse("100Mi"),
+				corev1.ResourceCPU:    resource.MustParse("100m"),
+				corev1.ResourceMemory: resource.MustParse("400Mi"),
 			},
 			Requests: corev1.ResourceList{
-				corev1.ResourceCPU:    resource.MustParse("10m"),
-				corev1.ResourceMemory: resource.MustParse("50Mi"),
+				corev1.ResourceCPU:    resource.MustParse("50m"),
+				corev1.ResourceMemory: resource.MustParse("200Mi"),
 			},
 		},
 	}

diff --git a/internal/operator/boom/application/applications/logcollection/helm/default.go b/internal/operator/boom/application/applications/logcollection/helm/default.go
@@ -30,12 +30,12 @@ func DefaultValues(imageTags map[string]string, image string) *Values {
 		NodeSelector: map[string]string{},
 		Resources: &k8s.Resources{
 			Limits: corev1.ResourceList{
-				corev1.ResourceCPU:    resource.MustParse("250m"),
-				corev1.ResourceMemory: resource.MustParse("200Mi"),
+				corev1.ResourceCPU:    resource.MustParse("200m"),
+				corev1.ResourceMemory: resource.MustParse("400Mi"),
 			},
 			Requests: corev1.ResourceList{
-				corev1.ResourceCPU:    resource.MustParse("50m"),
-				corev1.ResourceMemory: resource.MustParse("100Mi"),
+				corev1.ResourceCPU:    resource.MustParse("100m"),
+				corev1.ResourceMemory: resource.MustParse("200Mi"),
 			},
 		},
 	}

diff --git a/internal/operator/common/software.go b/internal/operator/common/software.go
@@ -12,9 +12,10 @@ type Software struct {
 	Hostname         Package `yaml:",omitempty"`
 	Sysctl           Package `yaml:",omitempty"`
 	Health           Package `yaml:",omitempty"`
+	Kernel           Package `yaml:",omitempty"`
 }
 
-func (s *Software) Merge(sw Software) {
+func (s *Software) Merge(sw Software, forceKernel bool) {
 
 	zeroPkg := Package{}
 
@@ -54,6 +55,13 @@ func (s *Software) Merge(sw Software) {
 		s.Hostname = sw.Hostname
 	}
 
+	if !sw.Kernel.Equals(zeroPkg) &&
+		// If eighter this or that software has no kernel desired, ensure it using the upgrade software path
+		// TODO: Remove the following check in ORBOS v6 to speed up bootstrapping as for running v5 clusters this will be defined
+		(!s.Kernel.Equals(zeroPkg) || forceKernel) {
+		s.Kernel = sw.Kernel
+	}
+
 	if !sw.Sysctl.Equals(zeroPkg) && s.Sysctl.Config == nil {
 		s.Sysctl.Config = make(map[string]string)
 	}

diff --git a/internal/operator/networking/kinds/networking/core/current.go b/internal/operator/networking/kinds/networking/core/current.go
@@ -11,10 +11,6 @@ const queriedName = "networking"
 type NetworkingCurrent interface {
 	GetTlsCertName() string
 	GetDomain() string
-	GetIssuerSubDomain() string
-	GetConsoleSubDomain() string
-	GetAPISubDomain() string
-	GetAccountsSubDomain() string
 	GetReadyCertificate() core.EnsureFunc
 }
 

diff --git a/internal/operator/networking/kinds/networking/legacycf/app/dnsrecords.go b/internal/operator/networking/kinds/networking/legacycf/app/dnsrecords.go
@@ -44,7 +44,7 @@ func getRecordsToDelete(currentRecords []*cloudflare.DNSRecord, records []*cloud
 	for _, currentRecord := range currentRecords {
 		found := false
 		if records != nil {
-			if currentRecord.Type == "MX" {
+			if currentRecord.Type == "MX" || currentRecord.Type == "TXT" {
 				for _, record := range records {
 					if currentRecord.Type == record.Type &&
 						currentRecord.Name == record.Name &&
@@ -75,22 +75,20 @@ func getRecordsToCreateAndUpdate(domain string, currentRecords []*cloudflare.DNS
 
 	if records != nil {
 		for _, record := range records {
-			if record.Type == "MX" {
+			if record.Type == "MX" || record.Type == "TXT" {
 				found := false
 				for _, currentRecord := range currentRecords {
 					if record.Type == currentRecord.Type &&
 						record.Name == currentRecord.Name &&
 						(record.Content == currentRecord.Content || strings.ToLower(record.Content) == currentRecord.Content) {
 						found = true
+						break
 					}
 				}
 				if !found {
 					createRecords = append(createRecords, record)
 				}
-			}
-		}
-		for _, record := range records {
-			if record.Type != "MX" {
+			} else {
 				found := false
 				for _, currentRecord := range currentRecords {
 					if record.Type == currentRecord.Type &&
@@ -107,7 +105,7 @@ func getRecordsToCreateAndUpdate(domain string, currentRecords []*cloudflare.DNS
 						break
 					}
 				}
-				if found == false {
+				if !found {
 					createRecords = append(createRecords, record)
 				}
 			}

diff --git a/internal/operator/networking/kinds/networking/legacycf/config/external.go b/internal/operator/networking/kinds/networking/legacycf/config/external.go
@@ -3,7 +3,6 @@ package config
 import (
 	"errors"
 	"fmt"
-	"net"
 
 	"github.com/caos/orbos/mntr"
 
@@ -17,7 +16,6 @@ import (
 type ExternalConfig struct {
 	Verbose       bool
 	Domain        string
-	IP            string
 	Rules         []*Rule
 	Groups        []*Group     `yaml:"groups"`
 	Credentials   *Credentials `yaml:"credentials"`
@@ -29,7 +27,6 @@ func (i *ExternalConfig) IsZero() bool {
 	if (i.Credentials == nil || i.Credentials.IsZero()) &&
 		!i.Verbose &&
 		i.Domain == "" &&
-		i.IP == "" &&
 		i.Groups == nil &&
 		i.Prefix == "" &&
 		i.Rules == nil &&
@@ -62,9 +59,6 @@ func (e *ExternalConfig) Validate() (err error) {
 	if e.Domain == "" {
 		return errors.New("no domain configured")
 	}
-	if net.ParseIP(e.IP) == nil {
-		return fmt.Errorf("%s is not a valid ip address", e.IP)
-	}
 	return nil
 }
 
@@ -92,13 +86,7 @@ func (e *ExternalConfig) ValidateSecrets() (err error) {
 
 func (e *ExternalConfig) internalDomain() (*InternalDomain, *current) {
 
-	// TODO: Remove
-	subdomains := []*Subdomain{
-		subdomain("accounts", e.IP),
-		subdomain("api", e.IP),
-		subdomain("console", e.IP),
-		subdomain("issuer", e.IP),
-	}
+	subdomains := make([]*Subdomain, 0)
 	for _, sd := range e.AdditionalDNS {
 		subdomains = append(subdomains, sd)
 	}
@@ -109,57 +97,25 @@ func (e *ExternalConfig) internalDomain() (*InternalDomain, *current) {
 			Rules:      e.Rules,
 		},
 		&current{
-			domain:            e.Domain,
-			issureSubdomain:   "issuer",
-			consoleSubdomain:  "console",
-			apiSubdomain:      "api",
-			accountsSubdomain: "accounts",
-			tlsCertName:       "tls-cert-wildcard",
+			domain:      e.Domain,
+			tlsCertName: "tls-cert-wildcard",
 		}
 }
 
-func subdomain(subdomain string, ip string) *Subdomain {
-	return &Subdomain{
-		Subdomain: subdomain,
-		IP:        ip,
-		Proxied:   boolPtr(true),
-		TTL:       0,
-		Type:      "A",
-	}
-}
-
 var _ core.NetworkingCurrent = (*current)(nil)
 
 type current struct {
-	domain            string `yaml:"-"`
-	issureSubdomain   string `yaml:"-"`
-	consoleSubdomain  string `yaml:"-"`
-	apiSubdomain      string `yaml:"-"`
-	accountsSubdomain string `yaml:"-"`
-	tlsCertName       string `yaml:"-"`
-	ReadyCertificate  core2.EnsureFunc
+	domain           string `yaml:"-"`
+	tlsCertName      string `yaml:"-"`
+	ReadyCertificate core2.EnsureFunc
 }
 
 func (c *current) GetDomain() string {
 	return c.domain
 }
-func (c *current) GetIssuerSubDomain() string {
-	return c.issureSubdomain
-}
-func (c *current) GetConsoleSubDomain() string {
-	return c.consoleSubdomain
-}
-func (c *current) GetAPISubDomain() string {
-	return c.apiSubdomain
-}
-func (c *current) GetAccountsSubDomain() string {
-	return c.accountsSubdomain
-}
 func (c *current) GetReadyCertificate() core2.EnsureFunc {
 	return c.ReadyCertificate
 }
 func (c *current) GetTlsCertName() string {
 	return c.tlsCertName
 }
-
-func boolPtr(b bool) *bool { return &b }
diff --git a/internal/operator/nodeagent/dep/conv/converter.go b/internal/operator/nodeagent/dep/conv/converter.go
@@ -1,11 +1,10 @@
 package conv
 
 import (
-	"bytes"
+	"context"
 	"fmt"
-	"os"
-	"os/exec"
-	"strings"
+
+	"github.com/caos/orbos/internal/operator/nodeagent/dep/kernel"
 
 	"github.com/caos/orbos/internal/operator/nodeagent/dep/health"
 
@@ -33,15 +32,16 @@ type Converter interface {
 }
 
 type dependencies struct {
+	ctx     context.Context
 	monitor mntr.Monitor
 	os      dep.OperatingSystemMajor
 	pm      *dep.PackageManager
 	sysd    *dep.SystemD
 	cipher  string
 }
 
-func New(monitor mntr.Monitor, os dep.OperatingSystemMajor, cipher string) Converter {
-	return &dependencies{monitor, os, nil, nil, cipher}
+func New(ctx context.Context, monitor mntr.Monitor, os dep.OperatingSystemMajor, cipher string) Converter {
+	return &dependencies{ctx, monitor, os, nil, nil, cipher}
 }
 
 func (d *dependencies) Init() func() error {
@@ -50,38 +50,43 @@ func (d *dependencies) Init() func() error {
 	d.pm = dep.NewPackageManager(d.monitor, d.os.OperatingSystem, d.sysd)
 
 	return func() error {
-		if err := d.pm.Init(); err != nil {
+		if err := d.pm.RefreshInstalled(append(d.InstalledFilter(),
+			"yum-cron",
+			"yum-utils",
+			"yum-plugin-versionlock",
+			"firewalld",
+		)); err != nil {
 			return err
 		}
-		if err := d.pm.RefreshInstalled(); err != nil {
+		if err := d.pm.Init(); err != nil {
 			return err
 		}
 		sw := d.pm.CurrentVersions("yum-cron")
 		if len(sw) == 0 {
 			return nil
 		}
-		errBuf := new(bytes.Buffer)
-		defer errBuf.Reset()
-		cmd := exec.Command("yum", "--assumeyes", "remove", "yum-cron")
-		cmd.Stderr = errBuf
-		if d.monitor.IsVerbose() {
-			fmt.Println(strings.Join(cmd.Args, " "))
-			cmd.Stdout = os.Stdout
-		}
-		if err := cmd.Run(); err != nil {
-			return fmt.Errorf("removing yum-cron failed with stderr %s: %w", errBuf.String(), err)
-		}
-		return nil
+		return d.pm.Remove(sw...)
 	}
 }
 
 func (d *dependencies) Update() error {
 	return d.pm.Update()
 }
 
+func (d *dependencies) InstalledFilter() []string {
+	var query []string
+	for _, dep := range d.ToDependencies(common.Software{}) {
+		query = append(query, dep.Installer.InstalledFilter()...)
+	}
+	return query
+}
+
 func (d *dependencies) ToDependencies(sw common.Software) []*nodeagent.Dependency {
 
 	dependencies := []*nodeagent.Dependency{{
+		Desired:   sw.Kernel,
+		Installer: kernel.New(d.ctx, d.monitor, d.pm),
+	}, {
 		Desired:   sw.Sysctl,
 		Installer: sysctl.New(d.monitor),
 	}, {
@@ -128,6 +133,8 @@ func (d *dependencies) ToSoftware(dependencies []*nodeagent.Dependency, pkg func
 
 	for _, dependency := range dependencies {
 		switch i := middleware.Unwrap(dependency.Installer).(type) {
+		case kernel.Installer:
+			sw.Kernel = pkg(*dependency)
 		case sysctl.Installer:
 			sw.Sysctl = pkg(*dependency)
 		case health.Installer:

diff --git a/internal/operator/nodeagent/dep/cri/dep.go b/internal/operator/nodeagent/dep/cri/dep.go
@@ -16,7 +16,7 @@ import (
 	"github.com/caos/orbos/mntr"
 )
 
-const containerdVersion = "1.4.3"
+const installContainerdVersion = "1.4.3"
 
 type Installer interface {
 	isCRI()
@@ -51,6 +51,10 @@ func (s *criDep) Equals(other nodeagent.Installer) bool {
 	return ok
 }
 
+func (c *criDep) InstalledFilter() []string {
+	return []string{"docker-ce", "containerd.io", "device-mapper-persistent-data", "lvm2"}
+}
+
 func (c *criDep) Current() (pkg common.Package, err error) {
 	if !c.systemd.Active("docker") {
 		return pkg, err