* Label Templates: rework collection of 'System Data' info
Allow automatic conversion of data to map[string]interface{} (Template
Labels format) using reflection where all data can be useful.
Still do manual collection of data in the map[string]interface{} when
dropping of part of the data is needed.
Use the original hostinfo field names, drop spaces in the keys.
Import also the SMBIOS data from hostinfo, since are there (so also
without dmidecode tool some SMBIOS info will be available).
Keep support of old HARDWARE variable (to be deprecated sooner or
later).
* register/dumpdata: rework initial version adding more options
notably the "label" output format, which is now the default
* register: send both legacy and new Label Templates variables
we don't want to break possible setups using the older Label Templates
variables: send both.
* tests: check new hostinfo Label Templates format
---------
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
'dumpdata' allows to inspect host data from the running host as they are
collected during the registration phase: those are the data made
available in the Elemental Label Templates feature.
This subcommand was developed while working at #834 and since could be
handy for debugging and even for users (elemental sysadmins) adding it
to the elemental-register binary.
'version' is the very first step in moving the elemental-register flags
to command, as requested by #832.
Related to issues: #832, #834
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator/register: merge network config retrieval with registration
use the same websocket connection to exchange all the data
* tests: fix tests
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator: introduce support to IPAM assigned IP address
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* Add nmstate support
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
---------
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
Co-authored-by: Francesco Giudici <francesco.giudici@suse.com>
Remove the static check to re-register only after 24 hours.
The re-registration will then happen every time the elemental-register
client is called.
This static timer was introduced to limit as much as possible the
communication form the host to Rancher and save communication bandwidth
for remote clients.
Anyway, this makes not much sense as long as the elemental-system-agent
is running, which will in any case keep connecting to Rancher.
The call to the elemental-register binary is performed on official
Elemental SLE Micro images every 30 minutes and at each boot.
Fixes https://github.com/rancher/elemental-operator/issues/811
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* Implement ManagedOSVersion controller and finalizer
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
* Remove unused ManagedOSVersion Status
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
---------
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
Co-authored-by: Francesco Giudici <francesco.giudici@gmail.com>
* Use dynamic system agent applied dir
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
* Use dynamic RKE2 data-dir
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
---------
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
* Update system-upgrade-controller API
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
* Update Fleet API
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
* Sanitize dependencies
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
---------
Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>
* Add DeviceSelector types
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Implement device-selector
This commit adds the implementation for picking the installation device
during registration based on a deviceSelector in the
MachineRegistration.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
---------
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
This commit moves the synchronization logic to allways happen in a Pod,
regardless being a Custom or JSON syncer. This allows having a simpler Pod
lifecycle management as part of the channel controller logic.
In addition, syncer pod logs are read on succeeded state instate of
running state to simplify Pod lifecycle management.
As a result channel updates trigger a new channel synchronization
without having to wait for the next scheduled sync.
Signed-off-by: David Cassany <dcassany@suse.com>
When hosts are registered with the --no-toolkit option no OS management
is possible, so we set a new os.unmanaged annotation to reflect this
and skip any attempt to reset if this is found.
Currently the sytem-agent-config is only generated as part of the cloudInitConfigs
when installing, but when registering a pre-installed host it is useful to have
the option to generate the system-agent-config without any OS install.
After discussion it has been suggested to enable this via a --no-toolkit flag
which can optionally be specified for pre-installed hosts, in this mode we will
only write out the system-agent config files.
- Added full registration config and statefile path parameters on elemental-register
- Remove support for multiple configuration files
- Added (hardcoded) timer to skip registration updates for 24 hours
- Store emulated TPM seed for future registration updates
- Exit with error code in case of failures (systemd will manage restarts)
- Use virtual filesystem where possible
Also, change the default image to the one build with Docker.seedimage.
The expected image should have the following binaries available:
- xorriso
- curl
- base64
The image should also have as the default entrypoint an http server
starting on port 80 serving files from the working dir.
Related to:
https://github.com/rancher/elemental-operator/issues/374
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* Add cloud-init support to seedImage
This commit adds a field to the SeedImage Spec for a cloud-config that
will be included in the built ISO.
If the cloud-config field is not set an empty file will be added to the
ISOs iso-config dir.
The reconciliation will take place in case the cloud-config is changed
and the base64 encoded value is used in an annotation in order to see if
the value has changed.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Linting
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Add seedImage unit-tests
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
---------
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* operator: add SeedImage CRD and controller
* SeedImage: add Ready condition to track resource status
* SeedImage: add Pod and Service creation in the reconcile loop
* SeedImage: manage Pod lifecycle and set the download URL
* SeedImage: allow the pod to fail if something goes wrong
* SeedImage: add SeedImageReady condition
* SeedImage: improve status condition updates
* SeedImage: add controller tests
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator: build-image API POD lifecycle management
Only one POD at a time allowed (for now).
* elemental-operator: improve build-image logging
* operator: add build-image Service
* operator: build-image API: delete Pod and Service on failure
* operator: add functions to manage registration cache
* operator: finalize build-image API Pod lifecycle
* operator: fix build-image API tests
* operator: ensure clean-up of build-image pods
* operator: add Services creation/deletion to Elemental ClusterRole
* operator: build-image: set download URL when job is completed
* operator: build-image: retry build job Pod creation if needed
* operator: build-image: in case of job Failure leave the Pod there
* operator: build-image: increase the time for job completion
* operator: make Code scanning happy
* operator: build-image: use NodePort Service
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* register client: aggregate args to the Register function
Since we basically pass almost all the Registration struct parameters
one by one, let's pass a reference to the structure directly.
* register client: introduce authClient interface
The register client code is tightly coupled with TPM attestation.
While this is not a problem right now as we just support authentication
through TPM, it may be good to better separate TPM attestation from the
registration process itself for two reasons:
- better code readibility
- support of alternative authentication methods
Note that on the operator side (register "server") the code is already
structured to allow alternative authentication methods.
This commit introduces an interface with the required authentication
methods: the TPM related code in now completely isolated in the interface
implementation.
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* Return registration errors to client
Introduces two new message-types (MsgError and MsgConfig).
MsgError is sent when an error is encountered during the registration
process.
MsgConfig is used to send the elemental configuration to the client,
before this was just a raw message with no type so we need to check in
the server if the client supports the message, otherwise fallback to the
raw message.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Change registration error message
unknown -> unexpected
Co-authored-by: Francesco Giudici <francesco.giudici@gmail.com>
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@gmail.com>
* Remove InventoryServer receiver argument
From writeError method
Co-authored-by: Francesco Giudici <francesco.giudici@gmail.com>
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
With kubebuilder we moved to sigs.k8s.io/controller-runtime logs.
Still, the registration part of the operator uses logrus for logging.
The operator debug config just enables verbose logging on the newer
controller-runtime logs: allow to enable verbose logging on registration
too.
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator/registration: switch to Kubebuilder client
Fixes#239
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator/registration: adapt tests to Kubebuilder client
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* unit-tests: vendor controller-runtime fake client
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator: add yaml annotations for correct marshalling
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator/RBAC: add "get" verb to ServiceAccount resources
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator: generate rbac
make generate-manifests
make build-rbac
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* Add elementalcli package
Create a separate package to deal with elemental-cli installation.
This brings the elemental-cli functions declared in the config package
to a new package that just parses a map[string]interface argument.
This is a step to enable usage of the elemental-cli functions with the
new elementalv1.Config.Elemental.Install type.
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* register: switch to Kubebuilder api
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* register: add mapstructure annotations for correct marshalling
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* register: reduce complexity of the run function
Make linter happy:
"cyclomatic complexity 16 of func `run` is high (> 15) (gocyclo)"
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* register: drop io/ioutil in favor of os package
io/ioutil is deprecated
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
Francesco Giudici