Skip to content

Commit

Permalink
adapt install script for cockroachdb. (#4593)
Browse files Browse the repository at this point in the history 
* feat: adapt install script for cockroachdb.

Signed-off-by: yy <lingdie.yy@outlook.com>
  • Loading branch information
@lingdie
lingdie committed Mar 15, 2024
1 parent 5c73e62 commit 055fe0b
Show file tree
Hide file tree
Showing 9 changed files with 198 additions and 64 deletions.
3 changes: 3 additions & 0 deletions deploy/cloud/etc/sealos/desktop-config.yaml
View file
Expand Up @@ -12,3 +12,6 @@ spec:
mongodb_uri: <your-mongodb-uri-base64>
jwt_secret: <your-jwt-secret-base64>
password_salt: <your-password-salt-base64>
jwt_secret_region: <your-jwt-secret-region-base64>
region_database_url: <your-region-database-url-base64>
global_database_url: <your-global-database-url-base64>
26 changes: 26 additions & 0 deletions deploy/cloud/manifests/cockroachdb.yaml
View file
@@ -0,0 +1,26 @@
apiVersion: crdb.cockroachlabs.com/v1alpha1
kind: CrdbCluster
metadata:
name: sealos-cockroachdb
namespace: sealos
spec:
dataStore:
pvc:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "3Gi"
volumeMode: Filesystem
resources:
requests:
cpu: 100m
memory: 0.5Gi
limits:
cpu: 1000m
memory: 2Gi
tlsEnabled: true
image:
name: docker.io/cockroachdb/cockroach:v23.1.11
nodes: 3
76 changes: 38 additions & 38 deletions deploy/cloud/manifests/mongodb.yaml.tmpl
View file
@@ -1,40 +1,3 @@
apiVersion: apps.kubeblocks.io/v1alpha1
kind: Cluster
metadata:
finalizers:
- cluster.kubeblocks.io/finalizer
generation: 1
labels:
clusterdefinition.kubeblocks.io/name: mongodb
clusterversion.kubeblocks.io/name: {{ .mongodbVersion }}
name: sealos-mongodb
namespace: sealos
spec:
clusterDefinitionRef: mongodb
clusterVersionRef: {{ .mongodbVersion }}
componentSpecs:
- componentDefRef: mongodb
monitor: true
name: mongodb
replicas: 1
resources:
limits:
cpu: "1"
memory: 2Gi
requests:
cpu: "0.5"
memory: 1Gi
serviceAccountName: sealos-mongodb-sa
volumeClaimTemplates:
- name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
terminationPolicy: Delete
---
apiVersion: v1
kind: ServiceAccount
metadata:
Expand Down Expand Up @@ -74,4 +37,41 @@ roleRef:
name: sealos-mongodb-role
subjects:
- kind: ServiceAccount
name: sealos-mongodb-sa
name: sealos-mongodb-sa
---
apiVersion: apps.kubeblocks.io/v1alpha1
kind: Cluster
metadata:
finalizers:
- cluster.kubeblocks.io/finalizer
generation: 1
labels:
clusterdefinition.kubeblocks.io/name: mongodb
clusterversion.kubeblocks.io/name: {{ .mongodbVersion }}
name: sealos-mongodb
namespace: sealos
spec:
clusterDefinitionRef: mongodb
clusterVersionRef: {{ .mongodbVersion }}
componentSpecs:
- componentDefRef: mongodb
monitor: true
name: mongodb
replicas: 1
resources:
limits:
cpu: "1"
memory: 2Gi
requests:
cpu: "0.5"
memory: 1Gi
serviceAccountName: sealos-mongodb-sa
volumeClaimTemplates:
- name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
terminationPolicy: Delete
10 changes: 10 additions & 0 deletions deploy/cloud/scripts/gen-cockroachdb-uri.sh
View file
@@ -0,0 +1,10 @@
#!/bin/bash
namespace="sealos"
user="sealos"
svc="sealos-cockroachdb-public"
password=$(tr -cd 'a-z0-9' </dev/urandom | head -c64 )

kubectl exec -q -n sealos sealos-cockroachdb-0 -- cockroach sql --certs-dir=/cockroach/cockroach-certs -e "CREATE USER IF NOT EXISTS $user WITH PASSWORD '$password'; GRANT admin TO $user; CREATE DATABASE IF NOT EXISTS local; CREATE DATABASE IF NOT EXISTS global;" >> /dev/null

cockroachdb_uri="postgresql://$user:$password@$svc.$namespace.svc.cluster.local:26257"
echo "$cockroachdb_uri"
97 changes: 85 additions & 12 deletions deploy/cloud/scripts/init.sh
View file
Expand Up @@ -4,6 +4,9 @@ set -e
cloudDomain="127.0.0.1.nip.io"
cloudPort=""
mongodbUri=""
cockroachdbUri=""
cockroachdbLocalUri=""
cockroachdbGlobalUri=""

tlsCrtPlaceholder="<tls-crt-placeholder>"
tlsKeyPlaceholder="<tls-key-placeholder>"
Expand All @@ -22,6 +25,9 @@ function prepare {
# gen mongodb uri
gen_mongodbUri

# gen cockroachdb uri
gen_cockroachdbUri

# gen saltKey if not set or not found in secret
gen_saltKey

Expand All @@ -32,13 +38,37 @@ function prepare {
create_tls_secret
}

# Function to retry `kubectl apply -f` command until it succeeds or reaches a maximum number of attempts
retry_kubectl_apply() {
local file_path=$1 # The path to the Kubernetes manifest file
local max_attempts=6 # Maximum number of attempts
local attempt=0 # Current attempt counter
local wait_seconds=10 # Seconds to wait before retrying

while [ $attempt -lt $max_attempts ]; do
# Attempt to execute the kubectl command
kubectl apply -f "$file_path" >> /dev/null && {
return 0 # Exit the function successfully
}
# If the command did not execute successfully, increase the attempt counter and report failure
attempt=$((attempt + 1))
# If the maximum number of attempts has been reached, stop retrying
if [ $attempt -eq $max_attempts ]; then
return 1 # Exit the function with failure
fi
# Wait for a specified time before retrying
sleep $wait_seconds
done
}


function gen_mongodbUri() {
# if mongodbUri is empty then create mongodb and gen mongodb uri
if [ -z "$mongodbUri" ]; then
echo "no mongodb uri found, create mongodb and gen mongodb uri"
kubectl apply -f manifests/mongodb.yaml
retry_kubectl_apply "manifests/mongodb.yaml"
echo "waiting for mongodb secret generated"
message="Waiting for MongoDB ready"
message="waiting for mongodb ready"
# if there is no sealos-mongodb-conn-credential secret then wait for mongodb ready
while [ -z "$(kubectl get secret -n sealos sealos-mongodb-conn-credential 2>/dev/null)" ]; do
echo -ne "\r$message \e[K"
Expand All @@ -56,6 +86,45 @@ function gen_mongodbUri() {
fi
}

function gen_cockroachdbUri() {
if [ -z "$cockroachdbUri" ]; then
echo "no cockroachdb uri found, create cockroachdb and gen cockroachdb uri"
retry_kubectl_apply "manifests/cockroachdb.yaml"
message="waiting for cockroachdb ready"

NAMESPACE="sealos"
STATEFULSET_NAME="sealos-cockroachdb"

while : ; do
kubectl get statefulset $STATEFULSET_NAME -n $NAMESPACE >/dev/null 2>&1 && break
done

while : ; do
REPLICAS=$(kubectl get statefulset $STATEFULSET_NAME -n $NAMESPACE -o jsonpath='{.spec.replicas}')
READY_REPLICAS=$(kubectl get statefulset $STATEFULSET_NAME -n $NAMESPACE -o jsonpath='{.status.readyReplicas}')
if [ "$READY_REPLICAS" == "$REPLICAS" ]; then
echo -e "\rcockroachdb is ready."
break
else
echo -ne "\r$message \e[K"
sleep 0.5
echo -ne "\r$message . \e[K"
sleep 0.5
echo -ne "\r$message .. \e[K"
sleep 0.5
echo -ne "\r$message ...\e[K"
sleep 0.5
fi
done

echo "cockroachdb secret has been generated successfully."
chmod +x scripts/gen-cockroachdb-uri.sh
cockroachdbUri=$(scripts/gen-cockroachdb-uri.sh)
fi
cockroachdbLocalUri="$cockroachdbUri/local"
cockroachdbGlobalUri="$cockroachdbUri/global"
}

function gen_saltKey() {
password_salt=$(kubectl get secret desktop-frontend-secret -n sealos -o jsonpath="{.data.password_salt}" 2>/dev/null || true)
if [[ -z "$password_salt" ]]; then
Expand All @@ -69,7 +138,10 @@ function mutate_desktop_config() {
# mutate etc/sealos/desktop-config.yaml by using mongodb uri and two random base64 string
sed -i -e "s;<your-mongodb-uri-base64>;$(echo -n "${mongodbUri}/sealos-auth?authSource=admin" | base64 -w 0);" etc/sealos/desktop-config.yaml
sed -i -e "s;<your-jwt-secret-base64>;$(tr -cd 'a-z0-9' </dev/urandom | head -c64 | base64 -w 0);" etc/sealos/desktop-config.yaml
sed -i -e "s;<your-jwt-secret-region-base64>;$(tr -cd 'a-z0-9' </dev/urandom | head -c64 | base64 -w 0);" etc/sealos/desktop-config.yaml
sed -i -e "s;<your-password-salt-base64>;$saltKey;" etc/sealos/desktop-config.yaml
sed -i -e "s;<your-region-database-url-base64>;$(echo -n "${cockroachdbLocalUri}" | base64 -w 0);" etc/sealos/desktop-config.yaml
sed -i -e "s;<your-global-database-url-base64>;$(echo -n "${cockroachdbGlobalUri}" | base64 -w 0);" etc/sealos/desktop-config.yaml
}

function create_tls_secret {
Expand Down Expand Up @@ -112,8 +184,8 @@ function sealos_run_controller {
--env DEFAULT_NAMESPACE="account-system"

# run license controller
sealos run tars/license.tar \
--env MONGO_URI="$mongodbUri"
# sealos run tars/license.tar \
# --env MONGO_URI="$mongodbUri"
}


Expand All @@ -139,7 +211,8 @@ function sealos_run_frontend {
--config-file etc/sealos/desktop-config.yaml

# sealos authorize !!must run after sealos_run_controller frontend-desktop.tar and before sealos_run_frontend
sealos_authorize
# TODO fix sealos_authorize in controller/job/init
# sealos_authorize

echo "run applaunchpad frontend"
sealos run tars/frontend-applaunchpad.tar \
Expand Down Expand Up @@ -173,13 +246,13 @@ function sealos_run_frontend {
--env cloudPort="$cloudPort" \
--env certSecretName="wildcard-cert"

echo "run license frontend"
sealos run tars/frontend-license.tar \
--env cloudDomain=$cloudDomain \
--env cloudPort="$cloudPort" \
--env certSecretName="wildcard-cert" \
--env MONGODB_URI="${mongodbUri}/sealos-license?authSource=admin" \
--env licensePurchaseDomain="license.sealos.io"
# echo "run license frontend"
# sealos run tars/frontend-license.tar \
# --env cloudDomain=$cloudDomain \
# --env cloudPort="$cloudPort" \
# --env certSecretName="wildcard-cert" \
# --env MONGODB_URI="${mongodbUri}/sealos-license?authSource=admin" \
# --env licensePurchaseDomain="license.sealos.io"

echo "run cronjob frontend"
sealos run tars/frontend-cronjob.tar \
Expand Down
19 changes: 19 additions & 0 deletions frontend/desktop/deploy/manifests/deploy.yaml.tmpl
View file
Expand Up @@ -69,6 +69,25 @@ spec:
app: desktop-frontend
spec:
serviceAccountName: desktop-frontend
initContainers:
- name: init-database
image: ghcr.io/labring/sealos-desktop-frontend:latest
command: ["/bin/sh", "-c"]
args:
- |
prisma migrate deploy --schema /app/desktop/prisma/global/schema.prisma
prisma migrate deploy --schema /app/desktop/prisma/region/schema.prisma
env:
- name: GLOBAL_DATABASE_URL
valueFrom:
secretKeyRef:
key: global_database_url
name: desktop-frontend-secret
- name: REGION_DATABASE_URL
valueFrom:
secretKeyRef:
key: region_database_url
name: desktop-frontend-secret
containers:
- name: desktop-frontend
env:
Expand Down
2 changes: 2 additions & 0 deletions frontend/desktop/deploy/manifests/secret.yaml
View file
Expand Up @@ -6,6 +6,7 @@ metadata:
type: Opaque
data:
# base64 encode account service url, required
# default value is "http://account-service.account-system.svc:2333"
billing_uri: "aHR0cDovL2FjY291bnQtc2VydmljZS5hY2NvdW50LXN5c3RlbS5zdmM6MjMzMw=="


Expand All @@ -23,6 +24,7 @@ data:
jwt_secret_app: ""

# base64 encoded current region , required
# default value is "ed257b4d-6832-437a-9e06-d683e7edb320"
region_uid: "ZWQyNTdiNGQtNjgzMi00MzdhLTllMDYtZDY4M2U3ZWRiMzIw"
# base64 encoded password salt, required if env PASSWORD_ENABLED is true
# please use a random string and do not change it after deployment
Expand Down
5 changes: 3 additions & 2 deletions scripts/cloud/build-offline-tar.sh
View file
Expand Up @@ -9,14 +9,15 @@ mkdir -p output/tars

images=(
docker.io/labring/sealos-cloud:$CLOUD_VERSION
docker.io/labring/kubernetes:v1.25.6
docker.io/labring/kubernetes:v1.27.11
docker.io/labring/helm:v3.12.0
docker.io/labring/cilium:v1.12.14
docker.io/labring/cert-manager:v1.8.0
docker.io/labring/openebs:v3.4.0
docker.io/labring/kube-prometheus-stack:v0.63.0
docker.io/labring/ingress-nginx:v1.5.1
docker.io/labring/kubeblocks:v0.6.4
docker.io/labring/cockroach-operator:v2.13.0
docker.io/labring/metrics-server:v0.6.4
)

Expand All @@ -32,7 +33,7 @@ done
# get and save cli
mkdir -p output/cli

VERSION="v4.3.7"
VERSION="v5.0.0-beta5"

wget https://github.com/labring/sealos/releases/download/${VERSION}/sealos_${VERSION#v}_linux_${ARCH}.tar.gz \
&& tar zxvf sealos_${VERSION#v}_linux_${ARCH}.tar.gz sealos && chmod +x sealos && mv sealos output/cli
Expand Down

0 comments on commit 055fe0b

Please sign in to comment.