kontena-cli 0.13.4 → 0.14.0

data/lib/kontena/cli/vault/write_command.rb

@@ -8,6 +8,8 @@ module Kontena::Cli::Vault
 
     def execute
       require_api_url
+      require_current_grid
+
       token = require_token
       secret = value
       if secret.to_s == ''

data/lib/kontena/cli/vpn/remove_command.rb

@@ -2,9 +2,12 @@ module Kontena::Cli::Vpn
   class RemoveCommand < Clamp::Command
     include Kontena::Cli::Common
 
+    option "--force", :flag, "Force remove", default: false, attribute_name: :forced
+
     def execute
       require_api_url
       token = require_token
+      confirm unless forced?
 
       vpn = client(token).get("services/#{current_grid}/vpn") rescue nil
       abort("VPN service does not exist") if vpn.nil?

data/lib/kontena/machine/azure/master_provisioner.rb

@@ -53,7 +53,7 @@ module Kontena
                 vm_name: vm_name,
                 vm_user: 'core',
                 location: opts[:location],
-                image: '2b171e93f07c4903bcad35bda10acf22__CoreOS-Stable-766.3.0',
+                image: '2b171e93f07c4903bcad35bda10acf22__CoreOS-Stable-1010.5.0',
                 custom_data: Base64.encode64(user_data(userdata_vars)),
                 ssh_key: opts[:ssh_key]
             }
@@ -64,7 +64,7 @@ module Kontena
                 virtual_network_name: opts[:virtual_network],
                 subnet_name: opts[:subnet],
                 tcp_endpoints: '80,443',
-                private_key_file: opts[:ssh_key],
+                private_key_file: File.expand_path(opts[:ssh_key]),
                 ssh_port: 22,
                 vm_size: opts[:size],
             }

data/lib/kontena/machine/azure/node_provisioner.rb

@@ -20,7 +20,7 @@ module Kontena
           abort('Invalid management certificate') unless File.exists?(File.expand_path(certificate))
 
           @client = ::Azure
-          client.management_certificate = certificate
+          client.management_certificate = File.expand_path(certificate)
           client.subscription_id        = subscription_id
           client.vm_management.initialize_external_logger(Logger.new) # We don't want all the output
         end
@@ -50,9 +50,9 @@ module Kontena
               vm_name: vm_name,
               vm_user: 'core',
               location: opts[:location],
-              image: '2b171e93f07c4903bcad35bda10acf22__CoreOS-Stable-766.3.0',
+              image: '2b171e93f07c4903bcad35bda10acf22__CoreOS-Stable-1010.5.0',
               custom_data: Base64.encode64(user_data(userdata_vars)),
-              ssh_key: opts[:ssh_key]
+              ssh_key: File.expand_path(opts[:ssh_key])
             }
             options = {
               cloud_service_name: cloud_service_name,
@@ -72,7 +72,10 @@ module Kontena
             sleep 2 until node = vm_exists_in_grid?(opts[:grid], vm_name)
           end
           if node
-            labels = ["region=#{cloud_service(cloud_service_name).location}"]
+            labels = [
+              "region=#{cloud_service(cloud_service_name).location}",
+              "az=#{cloud_service(cloud_service_name).location}"
+            ]
             set_labels(node, labels)
           end
         end

data/lib/kontena/machine/digital_ocean/node_provisioner.rb

@@ -47,7 +47,7 @@ module Kontena
           ShellSpinner "Waiting for node #{droplet.name.colorize(:cyan)} join to grid #{opts[:grid].colorize(:cyan)} " do
             sleep 2 until node = droplet_exists_in_grid?(opts[:grid], droplet)
           end
-          set_labels(node, ["region=#{opts[:region]}"])
+          set_labels(node, ["region=#{opts[:region]}", "az=#{opts[:region]}"])
         end
 
         def user_data(vars)

data/lib/kontena/machine/packet.rb

@@ -0,0 +1,17 @@
+begin
+  gem 'packethost', '>= 0.0.6'
+  require 'packethost'
+rescue LoadError
+  puts "It seems that you don't have Packet API installed."
+  puts "Install it using: gem install packethost"
+  exit 1
+end
+
+require_relative 'random_name'
+require_relative 'cert_helper'
+require_relative 'packet/packet_common'
+require_relative 'packet/node_provisioner'
+require_relative 'packet/node_destroyer'
+require_relative 'packet/node_restarter'
+require_relative 'packet/master_provisioner'
+

data/lib/kontena/machine/packet/cloudinit.yml

@@ -0,0 +1,66 @@
+#cloud-config
+write_files:
+  - path: /etc/kontena-agent.env
+    permissions: 0600
+    owner: root
+    content: |
+      KONTENA_URI="<%= master_uri %>"
+      KONTENA_TOKEN="<%= grid_token %>"
+      KONTENA_PEER_INTERFACE=eth1
+      KONTENA_VERSION=<%= version %>
+      KONTENA_PRIVATE_IP=$private_ipv4
+  - path: /etc/systemd/system/docker.service.d/50-kontena.conf
+    content: |
+        [Service]
+        Environment='DOCKER_OPTS=--insecure-registry="10.81.0.0/19" --bip="172.17.43.1/16"'
+  - path: /etc/sysctl.d/99-inotify.conf
+    owner: root
+    permissions: 0644
+    content: |
+      fs.inotify.max_user_instances = 8192
+  - path: /etc/resolv.conf
+    permissions: 0644
+    owner: root
+    content: |
+      nameserver 172.17.43.1
+      nameserver 8.8.8.8
+      nameserver 8.8.4.4
+coreos:
+  units:
+    - name: 10-weave.network
+      runtime: false
+      content: |
+        [Match]
+        Type=bridge
+        Name=weave*
+
+        [Network]
+    - name: kontena-agent.service
+      command: start
+      enable: true
+      content: |
+        [Unit]
+        Description=kontena-agent
+        After=network-online.target
+        After=docker.service
+        Description=Kontena Agent
+        Documentation=http://www.kontena.io/
+        Requires=network-online.target
+        Requires=docker.service
+
+        [Service]
+        Restart=always
+        RestartSec=5
+        EnvironmentFile=/etc/kontena-agent.env
+        ExecStartPre=-/usr/bin/docker stop kontena-agent
+        ExecStartPre=-/usr/bin/docker rm kontena-agent
+        ExecStartPre=/usr/bin/docker pull kontena/agent:${KONTENA_VERSION}
+        ExecStart=/usr/bin/docker run --name kontena-agent \
+            -e KONTENA_URI=${KONTENA_URI} \
+            -e KONTENA_TOKEN=${KONTENA_TOKEN} \
+            -e KONTENA_PEER_INTERFACE=${KONTENA_PEER_INTERFACE} \
+            -e KONTENA_PRIVATE_IP=${KONTENA_PRIVATE_IP} \
+            -v=/var/run/docker.sock:/var/run/docker.sock \
+            -v=/etc/kontena-agent.env:/etc/kontena.env \
+            --net=host \
+            kontena/agent:${KONTENA_VERSION}

data/lib/kontena/machine/packet/cloudinit_master.yml

@@ -0,0 +1,118 @@
+#cloud-config
+write_files:
+  - path: /etc/kontena-server.env
+    permissions: 0600
+    owner: root
+    content: |
+      KONTENA_VERSION=<%= version %>
+      KONTENA_VAULT_KEY=<%= vault_secret %>
+      KONTENA_VAULT_IV=<%= vault_iv %>
+      <% if ssl_cert %>SSL_CERT="/etc/kontena-server.pem"
+
+  - path: /etc/kontena-server.pem
+    permissions: 0600
+    owner: root
+    content: | <% ssl_cert.split(/\n/).each do |row| %>
+      <%= row %><% end %><% end %>
+  - path: /opt/bin/kontena-haproxy.sh
+    permissions: 0755
+    owner: root
+    content: |
+      #!/bin/sh
+      if [ -n "$SSL_CERT" ]; then
+        SSL_CERT=$(awk 1 ORS='\\n' $SSL_CERT)
+      else
+        SSL_CERT="**None**"
+      fi
+      /usr/bin/docker run --name=kontena-server-haproxy \
+        --link kontena-server-api:kontena-server-api \
+        -e SSL_CERT="$SSL_CERT" \
+        -p 80:80 -p 443:443 kontena/haproxy:latest
+coreos:
+  units:
+<% unless mongodb_uri -%>
+    - name: kontena-server-mongo.service
+      command: start
+      enable: true
+      content: |
+        [Unit]
+        Description=kontena-server-mongo
+        After=network-online.target
+        After=docker.service
+        Description=Kontena Server MongoDB
+        Documentation=http://www.mongodb.org/
+        Requires=network-online.target
+        Requires=docker.service
+
+        [Service]
+        Restart=always
+        RestartSec=5
+        ExecStartPre=/usr/bin/docker pull mongo:3.0
+        ExecStartPre=-/usr/bin/docker create --name=kontena-server-mongo-data mongo:3.0
+        ExecStartPre=-/usr/bin/docker stop kontena-server-mongo
+        ExecStartPre=-/usr/bin/docker rm kontena-server-mongo
+        ExecStart=/usr/bin/docker run --name=kontena-server-mongo \
+            --volumes-from=kontena-server-mongo-data \
+            mongo:3.0 mongod --smallfiles
+<% end -%>
+    - name: kontena-server-api.service
+      command: start
+      enable: true
+      content: |
+        [Unit]
+        Description=kontena-server-api
+        After=network-online.target
+        After=docker.service
+        After=kontena-server-mongo.service
+        Description=Kontena Master
+        Documentation=http://www.kontena.io/
+        Before=kontena-server-haproxy.service
+        Wants=kontena-server-haproxy.service
+        Requires=network-online.target
+        Requires=docker.service
+<% unless mongodb_uri -%>
+        Requires=kontena-server-mongo.service
+<% end %>
+
+        [Service]
+        Restart=always
+        RestartSec=5
+        EnvironmentFile=/etc/kontena-server.env
+        ExecStartPre=-/usr/bin/docker stop kontena-server-api
+        ExecStartPre=-/usr/bin/docker rm kontena-server-api
+        ExecStartPre=/usr/bin/docker pull kontena/server:${KONTENA_VERSION}
+        ExecStart=/usr/bin/docker run --name kontena-server-api \
+<% if mongodb_uri -%>
+            -e MONGODB_URI=<%= mongodb_uri %> \
+<% else -%>
+            --link kontena-server-mongo:mongodb \
+            -e MONGODB_URI=mongodb://mongodb:27017/kontena_server \
+<% end -%>
+<% if auth_server %>
+            -e AUTH_API_URL=<%= auth_server %> \
+<% end -%>
+            -e VAULT_KEY=${KONTENA_VAULT_KEY} -e VAULT_IV=${KONTENA_VAULT_IV} \
+            kontena/server:${KONTENA_VERSION}
+
+    - name: kontena-server-haproxy.service
+      command: start
+      enable: true
+      content: |
+        [Unit]
+        Description=kontena-server-haproxy
+        After=network-online.target
+        After=docker.service
+        Description=Kontena Server HAProxy
+        Documentation=http://www.kontena.io/
+        Requires=network-online.target
+        Requires=docker.service
+        Requires=kontena-server-api.service
+
+        [Service]
+        Restart=always
+        RestartSec=5
+        EnvironmentFile=/etc/kontena-server.env
+        ExecStartPre=-/usr/bin/docker stop kontena-server-haproxy
+        ExecStartPre=-/usr/bin/docker rm kontena-server-haproxy
+        ExecStartPre=/usr/bin/docker pull kontena/haproxy:latest
+        ExecStart=/opt/bin/kontena-haproxy.sh

data/lib/kontena/machine/packet/master_provisioner.rb

@@ -0,0 +1,93 @@
+require 'shell-spinner'
+
+module Kontena
+  module Machine
+    module Packet
+      class MasterProvisioner
+        include RandomName
+        include Machine::CertHelper
+        include PacketCommon
+
+        attr_reader :client, :http_client
+
+        # @param [String] token Packet token
+        def initialize(token)
+          @client = login(token)
+        end
+
+        def run!(opts)
+          abort('Project does not exist in Packet') unless project = find_project(opts[:project])
+          abort('Facility does not exist in Packet') unless facility = find_facility(opts[:facility])
+          abort('Operating system coreos_stable does not exist in Packet') unless os = find_os('coreos_stable')
+          abort('Device type does not exist in Packet') unless plan = find_plan(opts[:plan])
+
+          check_or_create_ssh_key(File.expand_path(opts[:ssh_key])) if opts[:ssh_key]
+
+          if opts[:ssl_cert]
+            abort('Invalid ssl cert') unless File.exists?(File.expand_path(opts[:ssl_cert]))
+            ssl_cert = File.read(File.expand_path(opts[:ssl_cert]))
+          else
+            ShellSpinner "Generating self-signed SSL certificate" do
+              ssl_cert = generate_self_signed_cert
+            end
+          end
+
+          userdata_vars = {
+            ssl_cert: ssl_cert,
+            auth_server: opts[:auth_server],
+            version: opts[:version],
+            vault_secret: opts[:vault_secret],
+            vault_iv: opts[:vault_iv],
+            mongodb_uri: opts[:mongodb_uri]
+          }
+
+          device = project.new_device(
+            hostname: generate_name,
+            facility: facility.to_hash,
+            operating_system: os.to_hash,
+            plan: plan.to_hash,
+            billing_cycle: opts[:billing],
+            locked: true,
+            userdata: user_data(userdata_vars, 'cloudinit_master.yml')
+          )
+
+          ShellSpinner "Creating Packet device #{device.hostname.colorize(:cyan)} " do
+            api_retry "Packet API reported an error, please try again" do
+              response = client.create_device(device)
+              raise response.body unless response.success?
+            end
+
+            until device && [:active, :provisioning, :powering_on].include?(device.state)
+              device = find_device(project.id, device.hostname) rescue nil
+              sleep 5
+            end
+          end
+
+          public_ip = device_public_ip(device)
+          master_url = "https://#{public_ip['address']}"
+
+          Excon.defaults[:ssl_verify_peer] = false
+          @http_client = Excon.new("#{master_url}", :connect_timeout => 10)
+
+          ShellSpinner "Waiting for #{device.hostname.colorize(:cyan)} to start (estimate 4 minutes)" do
+            sleep 5 until master_running?
+          end
+
+          puts "Kontena Master is now running at #{master_url}"
+          puts "Use #{"kontena login --name=#{device.hostname.sub('kontena-master-', '')} #{master_url}".colorize(:light_black)} to complete Kontena Master setup"
+        end
+
+        def generate_name
+          "kontena-master-#{super}-#{rand(1..9)}"
+        end
+
+        def master_running?
+          http_client.get(path: '/').status == 200
+        rescue
+          false
+        end
+
+      end
+    end
+  end
+end

data/lib/kontena/machine/packet/node_destroyer.rb

@@ -0,0 +1,42 @@
+require 'shell-spinner'
+
+module Kontena
+  module Machine
+    module Packet
+      class NodeDestroyer
+        include RandomName
+        include PacketCommon
+
+        attr_reader :client, :api_client
+
+        # @param [Kontena::Client] api_client Kontena api client
+        # @param [String] token Packet api token
+        def initialize(api_client, token)
+          @api_client = api_client
+          @client = login(token)
+        end
+
+        def run!(grid, project_id, name)
+          device = client.list_devices(project_id).find{|d| d.hostname == name}
+          abort("Device #{name.colorize(:cyan)} not found in Packet") unless device
+
+          ShellSpinner "Terminating Packet device #{name.colorize(:cyan)} " do
+            begin
+              response = client.delete_device(device.id)
+              raise unless response.success?
+            rescue
+              abort "Cannot delete device #{name.colorize(:cyan)} in Packet"
+            end
+          end
+
+          node = api_client.get("grids/#{grid['id']}/nodes")['nodes'].find{|n| n['name'] == name}
+          if node
+            ShellSpinner "Removing node #{name.colorize(:cyan)} from grid #{grid['name'].colorize(:cyan)} " do
+              api_client.delete("grids/#{grid['id']}/nodes/#{name}")
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/kontena/machine/packet/node_provisioner.rb

@@ -0,0 +1,77 @@
+require 'shell-spinner'
+
+module Kontena
+  module Machine
+    module Packet
+      class NodeProvisioner
+        include RandomName
+        include PacketCommon
+
+        attr_reader :client, :api_client
+
+        # @param [Kontena::Client] api_client Kontena api client
+        # @param [String] token Digital Ocean token
+        def initialize(api_client, token)
+          @api_client = api_client
+          @client = login(token)
+        end
+
+        def run!(opts)
+          abort('Project does not exist in Packet') unless project = find_project(opts[:project])
+          abort('Facility does not exist in Packet') unless facility = find_facility(opts[:facility])
+          abort('Operating system coreos_stable does not exist in Packet') unless os = find_os('coreos_stable')
+          abort('Device type does not exist in Packet') unless plan = find_plan(opts[:plan])
+
+          check_or_create_ssh_key(opts[:ssh_key]) if opts[:ssh_key]
+
+          userdata_vars = {
+            version: opts[:version],
+            master_uri: opts[:master_uri],
+            grid_token: opts[:grid_token],
+          }
+
+          device = project.new_device(
+            hostname: generate_name,
+            facility: facility.to_hash,
+            operating_system: os.to_hash,
+            plan: plan.to_hash,
+            billing_cycle: opts[:billing],
+            locked: false,
+            userdata: user_data(userdata_vars, 'cloudinit.yml')
+          )
+
+          ShellSpinner "Creating Packet device #{device.hostname.colorize(:cyan)} " do
+            api_retry "Packet API reported an error, please try again" do
+              response = client.create_device(device)
+              raise response.body unless response.success?
+            end
+
+            until device && [:active, :provisioning, :powering_on].include?(device.state)
+              device = find_device(project.id, device.hostname) rescue nil
+              sleep 5
+            end
+          end
+
+          node = nil
+          ShellSpinner "Waiting for node #{device.hostname.colorize(:cyan)} join to grid #{opts[:grid].colorize(:cyan)} (estimate 4 minutes) " do
+            sleep 2 until node = device_exists_in_grid?(opts[:grid], device)
+          end
+          set_labels(node, ["region=#{opts[:facility]}", "provider=packet"])
+        end
+
+        def generate_name
+          "#{super}-#{rand(1..99)}"
+        end
+
+        def device_exists_in_grid?(grid, device)
+          api_client.get("grids/#{grid}/nodes")['nodes'].find{|n| n['name'] == device.hostname}
+        end
+
+        def set_labels(node, labels)
+          data = {labels: labels}
+          api_client.put("nodes/#{node['id']}", data, {}, {'Kontena-Grid-Token' => node['grid']['token']})
+        end
+      end
+    end
+  end
+end