underpost 2.8.788 → 2.8.792

package/README.md

@@ -68,7 +68,7 @@ Run dev client server
 npm run dev
 ```
 <!-- -->
-## underpost ci/cd cli v2.8.788
+## underpost ci/cd cli v2.8.792
 
 ### Usage: `underpost [options] [command]`
   ```

package/bin/db.js

@@ -161,6 +161,7 @@ try {
           }
           break;
         case 'show-all':
+          // show dbs
           break;
         case 'show':
           break;

package/cli.md

@@ -1,4 +1,4 @@
-## underpost ci/cd cli v2.8.788
+## underpost ci/cd cli v2.8.792
 
 ### Usage: `underpost [options] [command]`
   ```
@@ -475,19 +475,28 @@ Options:
 Lxd management
 
 Options:
-  --init                    Init lxd
-  --reset                   Reset lxd on current machine
-  --install                 Install lxd on current machine
-  --dev                     Set dev context env
-  --create-virtual-network  Create lxd virtual network bridge
-  --create-admin-profile    Create admin profile for lxd management
-  --control                 set control node vm context
-  --worker                  set worker node context
-  --create-vm <vm-id>       Create default virtual machines
-  --init-vm <vm-id>         Get init vm underpost script
-  --info-vm <vm-id>         Get all info vm
-  --root-size <gb-size>     Set root size vm
-  -h, --help                display help for command
+  --init                           Init lxd
+  --reset                          Reset lxd on current machine
+  --install                        Install lxd on current machine
+  --dev                            Set dev context env
+  --create-virtual-network         Create lxd virtual network bridge
+  --create-admin-profile           Create admin profile for lxd management
+  --control                        set control node vm context
+  --worker                         set worker node context
+  --create-vm <vm-id>              Create default virtual machines
+  --init-vm <vm-id>                Get init vm underpost script
+  --info-vm <vm-id>                Get all info vm
+  --test <vm-id>                   Test health, status and network connectivity
+                                   for a VM
+  --root-size <gb-size>            Set root size vm
+  --join-node <nodes>              Comma separated worker and control node e.
+                                   g. k8s-worker-1,k8s-control
+  --expose <vm-name-ports>         Vm name and : separated with Comma separated
+                                   vm port to expose e. g. k8s-control:80,443
+  --delete-expose <vm-name-ports>  Vm name and : separated with Comma separated
+                                   vm port to remove expose e. g.
+                                   k8s-control:80,443
+  -h, --help                       display help for command
  
 ```
   

package/docker-compose.yml

@@ -58,7 +58,7 @@ services:
           cpus: '0.25'
           memory: 20M
     labels: # labels in Compose file instead of Dockerfile
-      engine.version: '2.8.788'
+      engine.version: '2.8.792'
     networks:
       - load-balancer
 

package/manifests/lxd/lxd-admin-profile.yaml

@@ -7,6 +7,7 @@ devices:
     name: eth0
     network: lxdbr0
     type: nic
+    ipv4.address: 10.250.250.100
   root:
     path: /
     pool: local # lxc storage list

package/manifests/lxd/underpost-setup.sh

@@ -27,6 +27,11 @@ resize2fs /dev/sda2
 echo "Disk and filesystem resized successfully."
 sudo dnf install -y tar
 sudo dnf install -y bzip2
+sudo dnf install -y git
+sudo dnf -y update
+sudo dnf -y install epel-release
+sudo dnf install -y ufw
+sudo systemctl enable --now ufw
 curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
 NVM_DIR="$([ -z "${XDG_CONFIG_HOME-}" ] && printf %s "${HOME}/.nvm" || printf %s "${XDG_CONFIG_HOME}/nvm")"
 [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm
@@ -77,17 +82,62 @@ echo "USE_WORKER = $USE_WORKER"
 underpost cluster --kubeadm
 underpost cluster --reset
 
+PORTS=(
+    22    # SSH
+    80    # HTTP
+    443   # HTTPS
+    53    # DNS (TCP/UDP)
+    66    # TFTP
+    67    # DHCP
+    69    # TFTP
+    111   # rpcbind
+    179   # Calico BGP
+    2049  # NFS
+    20048 # NFS mountd
+    4011  # PXE boot
+    5240  # snapd API
+    5248  # Juju controller
+    6443  # Kubernetes API
+    9153  # CoreDNS metrics
+    10250 # Kubelet API
+    10251 # kube-scheduler
+    10252 # kube-controller-manager
+    10255 # Kubelet read-only (deprecated)
+    10257 # controller-manager (v1.23+)
+    10259 # scheduler (v1.23+)
+)
+
+PORT_RANGES=(
+    2379:2380 # etcd
+    # 30000:32767 # NodePort range
+    # 3000:3100 # App node ports
+    32765:32766 # Ephemeral ports
+    6783:6784   # Weave Net
+)
+
+# Open individual ports
+for PORT in "${PORTS[@]}"; do
+    ufw allow ${PORT}/tcp
+    ufw allow ${PORT}/udp
+done
+
+# Open port ranges
+for RANGE in "${PORT_RANGES[@]}"; do
+    ufw allow ${RANGE}/tcp
+    ufw allow ${RANGE}/udp
+done
+
 # Behavior based on flags
 if $USE_KUBEADM; then
     echo "Running control node with kubeadm..."
     underpost cluster --kubeadm
-    kubectl get pods --all-namespaces -o wide -w
+    # kubectl get pods --all-namespaces -o wide -w
 fi
 
 if $USE_KIND; then
     echo "Running control node with kind..."
     underpost cluster
-    kubectl get pods --all-namespaces -o wide -w
+    # kubectl get pods --all-namespaces -o wide -w
 fi
 
 if $USE_WORKER; then

package/package.json

@@ -2,7 +2,7 @@
     "type": "module",
     "main": "src/index.js",
     "name": "underpost",
-    "version": "2.8.788",
+    "version": "2.8.792",
     "description": "pwa api rest template",
     "scripts": {
         "start": "env-cmd -f .env.production node --max-old-space-size=8192 src/server",

package/src/cli/cluster.js

@@ -293,6 +293,18 @@ class UnderpostCluster {
       shellExec(`sudo systemctl daemon-reload`);
       shellExec(`sudo systemctl restart containerd`);
       shellExec(`sysctl net.bridge.bridge-nf-call-iptables=1`);
+      // Clean ip tables
+      shellExec(`sudo iptables -F`);
+      shellExec(`sudo iptables -X`);
+      shellExec(`sudo iptables -t nat -F`);
+      shellExec(`sudo iptables -t nat -X`);
+      shellExec(`sudo iptables -t raw -F`);
+      shellExec(`sudo iptables -t raw -X`);
+      shellExec(`sudo iptables -t mangle -F`);
+      shellExec(`sudo iptables -t mangle -X`);
+      shellExec(`sudo iptables -P INPUT ACCEPT`);
+      shellExec(`sudo iptables -P FORWARD ACCEPT`);
+      shellExec(`sudo iptables -P OUTPUT ACCEPT`);
     },
     chown() {
       shellExec(`mkdir -p ~/.kube`);
@@ -475,9 +487,6 @@ Allocatable:
       return resources;
     },
     initHost() {
-      // Base
-      shellExec(`sudo dnf -y update`);
-      shellExec(`sudo dnf -y install epel-release`);
       // Install docker
       shellExec(`sudo dnf -y install dnf-plugins-core
 sudo dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo`);

package/src/cli/index.js

@@ -283,7 +283,17 @@ program
   .option('--create-vm <vm-id>', 'Create default virtual machines')
   .option('--init-vm <vm-id>', 'Get init vm underpost script')
   .option('--info-vm <vm-id>', 'Get all info vm')
+  .option('--test <vm-id>', 'Test health, status and network connectivity for a VM')
   .option('--root-size <gb-size>', 'Set root size vm')
+  .option('--join-node <nodes>', 'Comma separated worker and control node e. g. k8s-worker-1,k8s-control')
+  .option(
+    '--expose <vm-name-ports>',
+    'Vm name and : separated with Comma separated vm port to expose e. g. k8s-control:80,443',
+  )
+  .option(
+    '--delete-expose <vm-name-ports>',
+    'Vm name and : separated with Comma separated vm port to remove expose e. g. k8s-control:80,443',
+  )
   .description('Lxd management')
   .action(UnderpostLxd.API.callback);
 

package/src/cli/lxd.js

@@ -3,8 +3,34 @@ import { getLocalIPv4Address } from '../server/dns.js';
 import { pbcopy, shellExec } from '../server/process.js';
 import fs from 'fs-extra';
 
+/**
+ * @class UnderpostLxd
+ * @description Provides a set of static methods to interact with LXD,
+ * encapsulating common LXD operations for VM management and network testing.
+ */
 class UnderpostLxd {
   static API = {
+    /**
+     * @method callback
+     * @description Main entry point for LXD operations based on provided options.
+     * @param {object} options - Configuration options for LXD operations.
+     * @param {boolean} [options.init=false] - Initialize LXD.
+     * @param {boolean} [options.reset=false] - Reset LXD installation.
+     * @param {boolean} [options.dev=false] - Run in development mode (adjusts paths).
+     * @param {boolean} [options.install=false] - Install LXD snap.
+     * @param {boolean} [options.createVirtualNetwork=false] - Create default LXD bridge network (lxdbr0).
+     * @param {boolean} [options.createAdminProfile=false] - Create admin-profile for VMs.
+     * @param {boolean} [options.control=false] - Flag for control plane VM initialization.
+     * @param {boolean} [options.worker=false] - Flag for worker node VM initialization.
+     * @param {string} [options.initVm=''] - Initialize a specific VM.
+     * @param {string} [options.createVm=''] - Create a new VM with the given name.
+     * @param {string} [options.infoVm=''] - Display information about a specific VM.
+     * @param {string} [options.rootSize=''] - Root disk size for new VMs (e.g., '32GiB').
+     * @param {string} [options.joinNode=''] - Join a worker node to a control plane (format: 'workerName,controlName').
+     * @param {string} [options.expose=''] - Expose ports from a VM to the host (format: 'vmName:port1,port2').
+     * @param {string} [options.deleteExpose=''] - Delete exposed ports from a VM (format: 'vmName:port1,port2').
+     * @param {string} [options.test=''] - Test health, status and network connectivity for a VM.
+     */
     async callback(
       options = {
         init: false,
@@ -12,12 +38,17 @@ class UnderpostLxd {
         dev: false,
         install: false,
         createVirtualNetwork: false,
+        createAdminProfile: false,
         control: false,
         worker: false,
         initVm: '',
         createVm: '',
         infoVm: '',
         rootSize: '',
+        joinNode: '',
+        expose: '',
+        deleteExpose: '',
+        test: '',
       },
     ) {
       const npmRoot = getNpmRootPath();
@@ -62,17 +93,185 @@ ipv6.address=none`);
         let flag = '';
         if (options.control === true) {
           flag = ' -s -- --kubeadm';
+          shellExec(`lxc exec ${options.initVm} -- bash -c 'mkdir -p /home/dd/engine'`);
+          shellExec(`lxc file push /home/dd/engine/engine-private ${options.initVm}/home/dd/engine --recursive`);
+          shellExec(`lxc file push /home/dd/engine/manifests ${options.initVm}/home/dd/engine --recursive`);
         } else if (options.worker == true) {
           flag = ' -s -- --worker';
         }
         pbcopy(`cat ${underpostRoot}/manifests/lxd/underpost-setup.sh | lxc exec ${options.initVm} -- bash${flag}`);
       }
+      if (options.joinNode && typeof options.joinNode === 'string') {
+        const [workerNode, controlNode] = options.joinNode.split(',');
+        const token = shellExec(
+          `echo "$(lxc exec ${controlNode} -- bash -c 'sudo kubeadm token create --print-join-command')"`,
+          { stdout: true },
+        );
+        shellExec(`lxc exec ${workerNode} -- bash -c '${token}'`);
+      }
       if (options.infoVm && typeof options.infoVm === 'string') {
         shellExec(`lxc config show ${options.infoVm}`);
         shellExec(`lxc info --show-log ${options.infoVm}`);
         shellExec(`lxc info ${options.infoVm}`);
         shellExec(`lxc list ${options.infoVm}`);
       }
+      if (options.expose && typeof options.expose === 'string') {
+        const [controlNode, ports] = options.expose.split(':');
+        console.log({ controlNode, ports });
+        const protocols = ['tcp']; // udp
+        const hostIp = getLocalIPv4Address();
+        const vmIp = shellExec(
+          `lxc list ${controlNode} --format json | jq -r '.[0].state.network.enp5s0.addresses[] | select(.family=="inet") | .address'`,
+          { stdout: true },
+        ).trim();
+        for (const port of ports.split(',')) {
+          for (const protocol of protocols) {
+            shellExec(`lxc config device remove ${controlNode} ${controlNode}-${protocol}-port-${port}`);
+            shellExec(
+              `lxc config device add ${controlNode} ${controlNode}-${protocol}-port-${port} proxy listen=${protocol}:${hostIp}:${port} connect=${protocol}:${vmIp}:${port} nat=true`,
+            );
+          }
+        }
+      }
+      if (options.deleteExpose && typeof options.deleteExpose === 'string') {
+        const [controlNode, ports] = options.deleteExpose.split(':');
+        console.log({ controlNode, ports });
+        const protocols = ['tcp']; // udp
+        for (const port of ports.split(',')) {
+          for (const protocol of protocols) {
+            shellExec(`lxc config device remove ${controlNode} ${controlNode}-${protocol}-port-${port}`);
+          }
+        }
+      }
+
+      // New 'test' option implementation
+      if (options.test && typeof options.test === 'string') {
+        const vmName = options.test;
+        console.log(`Starting comprehensive test for VM: ${vmName}`);
+
+        // 1. Monitor for IPv4 address
+        let vmIp = '';
+        let retries = 0;
+        const maxRetries = 10;
+        const delayMs = 5000; // 5 seconds
+
+        while (!vmIp && retries < maxRetries) {
+          try {
+            console.log(`Attempting to get IPv4 address for ${vmName} (Attempt ${retries + 1}/${maxRetries})...`);
+            vmIp = shellExec(
+              `lxc list ${vmName} --format json | jq -r '.[0].state.network.enp5s0.addresses[] | select(.family=="inet") | .address'`,
+              { stdout: true },
+            ).trim();
+            if (vmIp) {
+              console.log(`IPv4 address found for ${vmName}: ${vmIp}`);
+            } else {
+              console.log(`IPv4 address not yet available for ${vmName}. Retrying in ${delayMs / 1000} seconds...`);
+              await new Promise((resolve) => setTimeout(resolve, delayMs));
+            }
+          } catch (error) {
+            console.error(`Error getting IPv4 address: ${error.message}`);
+            console.log(`Retrying in ${delayMs / 1000} seconds...`);
+            await new Promise((resolve) => setTimeout(resolve, delayMs));
+          }
+          retries++;
+        }
+
+        if (!vmIp) {
+          console.error(`Failed to get IPv4 address for ${vmName} after ${maxRetries} attempts. Aborting tests.`);
+          return;
+        }
+
+        // 2. Iteratively check connection to google.cl
+        let connectedToGoogle = false;
+        retries = 0;
+        while (!connectedToGoogle && retries < maxRetries) {
+          try {
+            console.log(`Checking connectivity to google.cl from ${vmName} (Attempt ${retries + 1}/${maxRetries})...`);
+            const curlOutput = shellExec(
+              `lxc exec ${vmName} -- curl -s -o /dev/null -w "%{http_code}" http://google.cl`,
+              { stdout: true },
+            );
+            if (curlOutput.startsWith('2') || curlOutput.startsWith('3')) {
+              console.log(`Successfully connected to google.cl from ${vmName}.`);
+              connectedToGoogle = true;
+            } else {
+              console.log(`Connectivity to google.cl not yet verified. Retrying in ${delayMs / 1000} seconds...`);
+              await new Promise((resolve) => setTimeout(resolve, delayMs));
+            }
+          } catch (error) {
+            console.error(`Error checking connectivity to google.cl: ${error.message}`);
+            console.log(`Retrying in ${delayMs / 1000} seconds...`);
+            await new Promise((resolve) => setTimeout(resolve, delayMs));
+          }
+          retries++;
+        }
+
+        if (!connectedToGoogle) {
+          console.error(
+            `Failed to connect to google.cl from ${vmName} after ${maxRetries} attempts. Aborting further tests.`,
+          );
+          return;
+        }
+
+        // 3. Check other connectivity, network, and VM health parameters
+        console.log(`\n--- Comprehensive Health Report for ${vmName} ---`);
+
+        // VM Status
+        console.log('\n--- VM Status ---');
+        try {
+          const vmStatus = shellExec(`lxc list ${vmName} --format json`, { stdout: true, silent: true });
+          console.log(JSON.stringify(JSON.parse(vmStatus), null, 2));
+        } catch (error) {
+          console.error(`Error getting VM status: ${error.message}`);
+        }
+
+        // CPU Usage
+        console.log('\n--- CPU Usage ---');
+        try {
+          const cpuUsage = shellExec(`lxc exec ${vmName} -- bash -c 'top -bn1 | grep "Cpu(s)"'`, { stdout: true });
+          console.log(cpuUsage.trim());
+        } catch (error) {
+          console.error(`Error getting CPU usage: ${error.message}`);
+        }
+
+        // Memory Usage
+        console.log('\n--- Memory Usage ---');
+        try {
+          const memoryUsage = shellExec(`lxc exec ${vmName} -- bash -c 'free -m'`, { stdout: true });
+          console.log(memoryUsage.trim());
+        } catch (error) {
+          console.error(`Error getting memory usage: ${error.message}`);
+        }
+
+        // Disk Usage
+        console.log('\n--- Disk Usage (Root Partition) ---');
+        try {
+          const diskUsage = shellExec(`lxc exec ${vmName} -- bash -c 'df -h /'`, { stdout: true });
+          console.log(diskUsage.trim());
+        } catch (error) {
+          console.error(`Error getting disk usage: ${error.message}`);
+        }
+
+        // Network Interface Status
+        console.log('\n--- Network Interface Status (ip a) ---');
+        try {
+          const ipA = shellExec(`lxc exec ${vmName} -- bash -c 'ip a'`, { stdout: true });
+          console.log(ipA.trim());
+        } catch (error) {
+          console.error(`Error getting network interface status: ${error.message}`);
+        }
+
+        // DNS Resolution (resolv.conf)
+        console.log('\n--- DNS Configuration (/etc/resolv.conf) ---');
+        try {
+          const resolvConf = shellExec(`lxc exec ${vmName} -- bash -c 'cat /etc/resolv.conf'`, { stdout: true });
+          console.log(resolvConf.trim());
+        } catch (error) {
+          console.error(`Error getting DNS configuration: ${error.message}`);
+        }
+
+        console.log(`\nComprehensive test for VM: ${vmName} completed.`);
+      }
     },
   };
 }

package/src/index.js

@@ -31,7 +31,7 @@ class Underpost {
    * @type {String}
    * @memberof Underpost
    */
-  static version = 'v2.8.788';
+  static version = 'v2.8.792';
   /**
    * Repository cli API
    * @static