diff --git a/Dockerfile b/Dockerfile index 67ca5a36a..c20446232 100644 --- a/Dockerfile +++ b/Dockerfile @@ -87,15 +87,12 @@ COPY ./config ./config COPY ./templates ./templates COPY ./app/cluster-api-provider-sidero/config ./app/cluster-api-provider-sidero/config COPY ./app/metal-controller-manager/config ./app/metal-controller-manager/config -COPY ./app/metal-metadata-server/config ./app/metal-metadata-server/config ARG REGISTRY_AND_USERNAME ARG TAG RUN cd ./app/cluster-api-provider-sidero/config/manager \ && kustomize edit set image controller=${REGISTRY_AND_USERNAME}/cluster-api-provider-sidero:${TAG} RUN cd ./app/metal-controller-manager/config/manager \ && kustomize edit set image controller=${REGISTRY_AND_USERNAME}/metal-controller-manager:${TAG} -RUN cd ./app/metal-metadata-server/config/server \ - && kustomize edit set image server=${REGISTRY_AND_USERNAME}/metal-metadata-server:${TAG} RUN kustomize build config > /infrastructure-components.yaml \ && cp ./config/metadata/metadata.yaml /metadata.yaml \ && cp ./templates/cluster-template.yaml /cluster-template.yaml @@ -181,19 +178,6 @@ FROM metal-controller-manager-image AS metal-controller-manager LABEL org.opencontainers.image.source https://github.com/talos-systems/sidero ENTRYPOINT [ "/manager" ] -FROM base AS build-metal-metadata-server -ARG TARGETARCH -ARG GO_BUILDFLAGS -RUN --mount=type=cache,target=/.cache GOOS=linux GOARCH=${TARGETARCH} go build ${GO_BUILDFLAGS} -ldflags "-s -w" -o /metal-metadata-server ./app/metal-metadata-server -RUN chmod +x /metal-metadata-server - -FROM scratch AS metal-metadata-server -COPY --from=pkg-ca-certificates / / -COPY --from=pkg-fhs / / -COPY --from=build-metal-metadata-server /metal-metadata-server /metal-metadata-server -LABEL org.opencontainers.image.source https://github.com/talos-systems/sidero -ENTRYPOINT [ "/metal-metadata-server" ] - FROM base AS unit-tests-runner ARG TEST_PKGS RUN --mount=type=cache,target=/.cache --mount=type=cache,id=testspace,target=/tmp --mount=type=cache,target=/root/.cache/go-build go test -v -covermode=atomic -coverprofile=coverage.txt -count 1 ${TEST_PKGS} diff --git a/Makefile b/Makefile index 341c78722..3d6ad7fe6 100644 --- a/Makefile +++ b/Makefile @@ -40,7 +40,7 @@ COMMON_ARGS += --build-arg=TOOLS=$(TOOLS) COMMON_ARGS += --build-arg=TALOS_RELEASE=$(TALOS_RELEASE) COMMON_ARGS += --build-arg=GO_BUILDFLAGS="$(GO_BUILDFLAGS)" -all: manifests generate cluster-api-provider-sidero metal-controller-manager metal-metadata-server sfyra +all: manifests generate cluster-api-provider-sidero metal-controller-manager sfyra # Help Menu @@ -119,10 +119,6 @@ cluster-api-provider-sidero: ## Build the CAPI provider container image. metal-controller-manager: ## Build the CAPI provider container image. @$(MAKE) docker-$@ TARGET_ARGS="--push=$(PUSH)" NAME="$@" -.PHONY: metal-metadata-server -metal-metadata-server: ## Build the CAPI provider container image. - @$(MAKE) docker-$@ TARGET_ARGS="--push=$(PUSH)" NAME="$@" - .PHONY: release-notes release-notes: ARTIFACTS=$(ARTIFACTS) ./hack/release.sh $@ $(ARTIFACTS)/RELEASE_NOTES.md $(TAG) diff --git a/app/metal-controller-manager/config/manager/manager.yaml b/app/metal-controller-manager/config/manager/manager.yaml index b52f41194..49d7eaaf1 100644 --- a/app/metal-controller-manager/config/manager/manager.yaml +++ b/app/metal-controller-manager/config/manager/manager.yaml @@ -14,29 +14,16 @@ spec: apiVersion: v1 kind: Service metadata: - name: ipxe + name: http namespace: system spec: ports: - - port: 80 + - port: ${SIDERO_CONTROLLER_MANAGER_API_PORT:=8081} targetPort: http protocol: TCP selector: control-plane: metal-controller-manager --- -apiVersion: v1 -kind: Service -metadata: - name: api - namespace: system -spec: - ports: - - port: 50100 - targetPort: grpc - protocol: TCP - selector: - control-plane: metal-controller-manager ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -61,6 +48,7 @@ spec: args: - --metrics-addr=127.0.0.1:8080 - --api-endpoint=${SIDERO_CONTROLLER_MANAGER_API_ENDPOINT:=-} + - --api-port=${SIDERO_CONTROLLER_MANAGER_API_PORT:=8081} - --extra-agent-kernel-args=${SIDERO_CONTROLLER_MANAGER_EXTRA_AGENT_KERNEL_ARGS:=-} - --auto-accept-servers=${SIDERO_CONTROLLER_MANAGER_AUTO_ACCEPT_SERVERS:=false} - --insecure-wipe=${SIDERO_CONTROLLER_MANAGER_INSECURE_WIPE:=true} @@ -78,9 +66,6 @@ spec: - name: http containerPort: 8081 protocol: TCP - - name: grpc - containerPort: 50100 - protocol: TCP env: - name: API_ENDPOINT valueFrom: diff --git a/app/metal-controller-manager/internal/ipxe/ipxe_server.go b/app/metal-controller-manager/internal/ipxe/ipxe_server.go index bee83198f..948fcfd6a 100644 --- a/app/metal-controller-manager/internal/ipxe/ipxe_server.go +++ b/app/metal-controller-manager/internal/ipxe/ipxe_server.go @@ -28,7 +28,6 @@ import ( infrav1 "github.com/talos-systems/sidero/app/cluster-api-provider-sidero/api/v1alpha3" metalv1alpha1 "github.com/talos-systems/sidero/app/metal-controller-manager/api/v1alpha1" - "github.com/talos-systems/sidero/app/metal-controller-manager/internal/server" "github.com/talos-systems/sidero/app/metal-controller-manager/pkg/constants" ) @@ -37,8 +36,6 @@ var ( ErrBootFromDisk = errors.New("boot from disk") ) -const iPXEPort = 8081 - // bootFile is used when iPXE is booted without embedded script via iPXE request http://endpoint:8081/boot.ipxe. const bootFile = `#!ipxe chain ipxe?uuid=${uuid}&mac=${mac:hexhyp}&domain=${domain}&hostname=${hostname}&serial=${serial}&arch=${buildarch} @@ -65,6 +62,7 @@ exit var ( apiEndpoint string + apiPort int extraAgentKernelArgs string c client.Client ) @@ -171,8 +169,9 @@ func ipxeHandler(w http.ResponseWriter, r *http.Request) { } } -func ServeIPXE(endpoint, args string, mgrClient client.Client) error { +func RegisterIPXE(mux *http.ServeMux, endpoint string, port int, args string, iPXEPort int, mgrClient client.Client) error { apiEndpoint = endpoint + apiPort = port extraAgentKernelArgs = args c = mgrClient @@ -189,16 +188,12 @@ func ServeIPXE(endpoint, args string, mgrClient client.Client) error { return err } - mux := http.NewServeMux() - mux.Handle("/boot.ipxe", logRequest(http.HandlerFunc(bootFileHandler))) mux.Handle("/ipxe", logRequest(http.HandlerFunc(ipxeHandler))) mux.Handle("/env/", logRequest(http.StripPrefix("/env/", http.FileServer(http.Dir("/var/lib/sidero/env"))))) mux.Handle("/tftp/", logRequest(http.StripPrefix("/tftp/", http.FileServer(http.Dir("/var/lib/sidero/tftp"))))) - log.Println("Listening...") - - return http.ListenAndServe(fmt.Sprintf(":%d", iPXEPort), mux) + return nil } func logRequest(next http.Handler) http.Handler { @@ -324,7 +319,7 @@ func newAgentEnvironment(arch string) *metalv1alpha1.Environment { "console=tty0", "console=ttyS0", "printk.devkmsg=on", - fmt.Sprintf("%s=%s:%s", constants.AgentEndpointArg, apiEndpoint, server.Port), + fmt.Sprintf("%s=%s:%d", constants.AgentEndpointArg, apiEndpoint, apiPort), } cmdline := procfs.NewCmdline(strings.Join(args, " ")) diff --git a/app/metal-metadata-server/main.go b/app/metal-controller-manager/internal/metadata/metadata_server.go similarity index 92% rename from app/metal-metadata-server/main.go rename to app/metal-controller-manager/internal/metadata/metadata_server.go index d0ba93af2..c9b1ac785 100644 --- a/app/metal-metadata-server/main.go +++ b/app/metal-controller-manager/internal/metadata/metadata_server.go @@ -2,19 +2,17 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. -package main +package metadata import ( "context" "encoding/json" - "flag" "fmt" "log" "net/http" jsonpatch "github.com/evanphx/json-patch" "github.com/ghodss/yaml" - debug "github.com/talos-systems/go-debug" "github.com/talos-systems/talos/pkg/machinery/config/configloader" "github.com/talos-systems/talos/pkg/machinery/config/types/v1alpha1" v1 "k8s.io/api/core/v1" @@ -25,16 +23,6 @@ import ( "github.com/talos-systems/sidero/app/cluster-api-provider-sidero/api/v1alpha3" metalv1alpha1 "github.com/talos-systems/sidero/app/metal-controller-manager/api/v1alpha1" - "github.com/talos-systems/sidero/internal/client" -) - -const ( - debugAddr = ":9993" -) - -var ( - kubeconfigPath *string - port *string ) type errorWithCode struct { @@ -51,32 +39,14 @@ func throwError(w http.ResponseWriter, ewc errorWithCode) { log.Println(ewc.errorObj) } -func main() { - kubeconfigPath = flag.String("kubeconfig-path", "", "absolute path to the kubeconfig file") - port = flag.String("port", "8080", "port to use for serving metadata") - flag.Parse() - - go func() { - debugLogFunc := func(msg string) { - log.Print(msg) - } - if err := debug.ListenAndServe(context.TODO(), debugAddr, debugLogFunc); err != nil { - log.Fatalf("failed to start debug server: %s", err) - } - }() - - k8sClient, err := client.NewClient(kubeconfigPath) - if err != nil { - log.Fatal(fmt.Errorf("failure talking to kubernetes: %s", err)) - } - +func RegisterServer(mux *http.ServeMux, k8sClient runtimeclient.Client) error { mm := metadataConfigs{ client: k8sClient, } - mux := http.NewServeMux() mux.HandleFunc("/configdata", mm.FetchConfig) - log.Fatal(http.ListenAndServe(":"+*port, mux)) + + return nil } func (m *metadataConfigs) FetchConfig(w http.ResponseWriter, r *http.Request) { diff --git a/app/metal-controller-manager/internal/server/server.go b/app/metal-controller-manager/internal/server/server.go index 4d414d019..f6e4ce57d 100644 --- a/app/metal-controller-manager/internal/server/server.go +++ b/app/metal-controller-manager/internal/server/server.go @@ -6,9 +6,7 @@ package server import ( "context" - "fmt" "log" - "net" "reflect" "time" @@ -29,10 +27,6 @@ import ( "github.com/talos-systems/sidero/app/metal-controller-manager/internal/api" ) -const ( - Port = "50100" -) - type server struct { api.UnimplementedAgentServer @@ -360,12 +354,7 @@ func (s *server) UpdateBMCInfo(ctx context.Context, in *api.UpdateBMCInfoRequest return resp, nil } -func Serve(c controllerclient.Client, recorder record.EventRecorder, scheme *runtime.Scheme, autoAccept, insecureWipe, autoBMC bool, rebootTimeout time.Duration) error { - lis, err := net.Listen("tcp", ":"+Port) - if err != nil { - return fmt.Errorf("failed to listen: %v", err) - } - +func CreateServer(c controllerclient.Client, recorder record.EventRecorder, scheme *runtime.Scheme, autoAccept, insecureWipe, autoBMC bool, rebootTimeout time.Duration) *grpc.Server { s := grpc.NewServer() api.RegisterAgentServer(s, &server{ @@ -378,9 +367,5 @@ func Serve(c controllerclient.Client, recorder record.EventRecorder, scheme *run rebootTimeout: rebootTimeout, }) - if err := s.Serve(lis); err != nil { - return fmt.Errorf("failed to serve: %v", err) - } - - return nil + return s } diff --git a/app/metal-controller-manager/main.go b/app/metal-controller-manager/main.go index 412e6393c..a048c8609 100644 --- a/app/metal-controller-manager/main.go +++ b/app/metal-controller-manager/main.go @@ -8,10 +8,15 @@ import ( "context" "flag" "fmt" + "net/http" "os" + "strings" "time" debug "github.com/talos-systems/go-debug" + "golang.org/x/net/http2" + "golang.org/x/net/http2/h2c" + "golang.org/x/sync/errgroup" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/kubernetes" @@ -19,6 +24,7 @@ import ( typedcorev1 "k8s.io/client-go/kubernetes/typed/core/v1" _ "k8s.io/client-go/plugin/pkg/client/auth/gcp" "k8s.io/client-go/tools/record" + capi "sigs.k8s.io/cluster-api/api/v1alpha3" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/log/zap" @@ -27,6 +33,7 @@ import ( metalv1alpha1 "github.com/talos-systems/sidero/app/metal-controller-manager/api/v1alpha1" "github.com/talos-systems/sidero/app/metal-controller-manager/controllers" "github.com/talos-systems/sidero/app/metal-controller-manager/internal/ipxe" + "github.com/talos-systems/sidero/app/metal-controller-manager/internal/metadata" "github.com/talos-systems/sidero/app/metal-controller-manager/internal/power/api" "github.com/talos-systems/sidero/app/metal-controller-manager/internal/server" "github.com/talos-systems/sidero/app/metal-controller-manager/internal/tftp" @@ -38,6 +45,7 @@ import ( const ( defaultMaxConcurrentReconciles = 10 debugAddr = ":9992" + httpPort = 8081 ) var ( @@ -48,6 +56,7 @@ var ( //nolint:wsl func init() { _ = clientgoscheme.AddToScheme(scheme) + _ = capi.AddToScheme(scheme) _ = metalv1alpha1.AddToScheme(scheme) _ = infrav1.AddToScheme(scheme) @@ -58,6 +67,7 @@ func main() { var ( metricsAddr string apiEndpoint string + apiPort int extraAgentKernelArgs string enableLeaderElection bool autoAcceptServers bool @@ -69,7 +79,8 @@ func main() { testPowerSimulatedSilentFailureProb float64 ) - flag.StringVar(&apiEndpoint, "api-endpoint", "", "The endpoint used by the discovery environment.") + flag.StringVar(&apiEndpoint, "api-endpoint", "", "The endpoint (hostname or IP address) Sidero can be reached at from the servers.") + flag.IntVar(&apiPort, "api-port", httpPort, "The TCP port Sidero components can be reached at from the servers.") flag.StringVar(&metricsAddr, "metrics-addr", ":8081", "The address the metric endpoint binds to.") flag.StringVar(&extraAgentKernelArgs, "extra-agent-kernel-args", "", "A comma delimited list of key-value pairs to be added to the agent environment kernel parameters.") flag.BoolVar(&enableLeaderElection, "enable-leader-election", true, "Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager.") @@ -176,36 +187,38 @@ func main() { } }() - setupLog.Info("starting iPXE server") + httpMux := http.NewServeMux() - go func() { - if apiEndpoint == "" { - if endpoint, ok := os.LookupEnv("API_ENDPOINT"); ok { - apiEndpoint = endpoint - } else { - setupLog.Error(fmt.Errorf("no api endpoint found"), "unable to start iPXE server", "controller", "Environment") - os.Exit(1) - } - } + setupLog.Info("starting iPXE server") - if err := ipxe.ServeIPXE(apiEndpoint, extraAgentKernelArgs, mgr.GetClient()); err != nil { - setupLog.Error(err, "unable to start iPXE server", "controller", "Environment") + if apiEndpoint == "" { + if endpoint, ok := os.LookupEnv("API_ENDPOINT"); ok { + apiEndpoint = endpoint + } else { + setupLog.Error(fmt.Errorf("no api endpoint found"), "unable to start iPXE server", "controller", "Environment") os.Exit(1) } - }() + } + + if err := ipxe.RegisterIPXE(httpMux, apiEndpoint, apiPort, extraAgentKernelArgs, apiPort, mgr.GetClient()); err != nil { + setupLog.Error(err, "unable to start iPXE server", "controller", "Environment") + os.Exit(1) + } + + setupLog.Info("starting metadata server") + + if err := metadata.RegisterServer(httpMux, mgr.GetClient()); err != nil { + setupLog.Error(err, "unable to start metadata server", "controller", "Environment") + os.Exit(1) + } setupLog.Info("starting internal API server") - go func() { - recorder := eventBroadcaster.NewRecorder( - mgr.GetScheme(), - corev1.EventSource{Component: "sidero-server"}) + apiRecorder := eventBroadcaster.NewRecorder( + mgr.GetScheme(), + corev1.EventSource{Component: "sidero-server"}) - if err := server.Serve(mgr.GetClient(), recorder, mgr.GetScheme(), autoAcceptServers, insecureWipe, autoBMCSetup, serverRebootTimeout); err != nil { - setupLog.Error(err, "unable to start API server", "controller", "Environment") - os.Exit(1) - } - }() + grpcServer := server.CreateServer(mgr.GetClient(), apiRecorder, mgr.GetScheme(), autoAcceptServers, insecureWipe, autoBMCSetup, serverRebootTimeout) k8sClient, err := client.NewClient(nil) if err != nil { @@ -218,10 +231,49 @@ func main() { os.Exit(1) } - setupLog.Info("starting manager") + setupLog.Info("starting manager and HTTP server") + + var eg errgroup.Group + + eg.Go(func() error { + err := mgr.Start(ctrl.SetupSignalHandler()) + if err != nil { + setupLog.Error(err, "problem running manager") + } + + return err + }) + + eg.Go(func() error { + // Go standard library doesn't support running HTTP/2 on non-TLS HTTP connections. + // Package h2c provides handling for HTTP/2 over plaintext connection. + // gRPC provides its own HTTP/2 server implementation, so that's not an issue for gRPC, + // but as we unify all endpoints under a single HTTP endpoint, we have to provide additional + // layer of support here. + h2s := &http2.Server{} + + grpcHandler := http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + if req.ProtoMajor == 2 && strings.HasPrefix( + req.Header.Get("Content-Type"), "application/grpc") { + // grpcServer provides internal gRPC API server + grpcServer.ServeHTTP(w, req) + + return + } + + // httpMux contains iPXE server and metadata server handlers + httpMux.ServeHTTP(w, req) + }) + + err := http.ListenAndServe(fmt.Sprintf(":%d", httpPort), h2c.NewHandler(grpcHandler, h2s)) + if err != nil { + setupLog.Error(err, "problem running HTTP server") + } + + return err + }) - if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { - setupLog.Error(err, "problem running manager") + if err := eg.Wait(); err != nil { os.Exit(1) } } diff --git a/app/metal-metadata-server/config/kustomization.yaml b/app/metal-metadata-server/config/kustomization.yaml deleted file mode 100644 index 67d20e3c2..000000000 --- a/app/metal-metadata-server/config/kustomization.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -bases: - - rbac - - server - -namePrefix: sidero- - -namespace: sidero-system \ No newline at end of file diff --git a/app/metal-metadata-server/config/rbac/cluster_role.yaml b/app/metal-metadata-server/config/rbac/cluster_role.yaml deleted file mode 100644 index ec7256678..000000000 --- a/app/metal-metadata-server/config/rbac/cluster_role.yaml +++ /dev/null @@ -1,32 +0,0 @@ - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - name: metadata-server-role -rules: -- apiGroups: - - cluster.x-k8s.io - resources: - - machines - verbs: - - get -- apiGroups: - - infrastructure.cluster.x-k8s.io - resources: - - metalmachines - verbs: - - list -- apiGroups: - - metal.sidero.dev - resources: - - servers - verbs: - - get -- apiGroups: - - "" - resources: - - secrets - verbs: - - get diff --git a/app/metal-metadata-server/config/rbac/cluster_role_binding.yaml b/app/metal-metadata-server/config/rbac/cluster_role_binding.yaml deleted file mode 100644 index e395592d9..000000000 --- a/app/metal-metadata-server/config/rbac/cluster_role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: metadata-server-role -subjects: - - kind: ServiceAccount - name: default - namespace: system diff --git a/app/metal-metadata-server/config/rbac/kustomization.yaml b/app/metal-metadata-server/config/rbac/kustomization.yaml deleted file mode 100644 index b8d7ee1d8..000000000 --- a/app/metal-metadata-server/config/rbac/kustomization.yaml +++ /dev/null @@ -1,3 +0,0 @@ -resources: - - cluster_role.yaml - - cluster_role_binding.yaml diff --git a/app/metal-metadata-server/config/server/kustomization.yaml b/app/metal-metadata-server/config/server/kustomization.yaml deleted file mode 100644 index b07afcd04..000000000 --- a/app/metal-metadata-server/config/server/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: - - server.yaml diff --git a/app/metal-metadata-server/config/server/server.yaml b/app/metal-metadata-server/config/server/server.yaml deleted file mode 100644 index 074ea17e2..000000000 --- a/app/metal-metadata-server/config/server/server.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: metadata-server - namespace: system -spec: - ports: - - port: 80 - protocol: TCP - targetPort: http - selector: - app: server - control-plane: metal-metadata-server ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: metadata-server - namespace: system -spec: - replicas: 1 - selector: - matchLabels: - app: server - control-plane: metal-metadata-server - template: - metadata: - labels: - control-plane: metal-metadata-server - spec: - hostNetwork: ${SIDERO_METADATA_SERVER_HOST_NETWORK:=false} - containers: - - image: server:latest - imagePullPolicy: Always - args: - - --port=${SIDERO_METADATA_SERVER_PORT:=8080} - name: server - ports: - - containerPort: ${SIDERO_METADATA_SERVER_PORT:=8080} - name: http - protocol: TCP - resources: - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 100m - memory: 128Mi - terminationGracePeriodSeconds: 10 diff --git a/config/kustomization.yaml b/config/kustomization.yaml index 2de81bf8b..7b94e1792 100644 --- a/config/kustomization.yaml +++ b/config/kustomization.yaml @@ -4,7 +4,6 @@ resources: bases: - ../app/cluster-api-provider-sidero/config - ../app/metal-controller-manager/config - - ../app/metal-metadata-server/config commonLabels: app: sidero diff --git a/docs/website/content/docs/v0.3/Configuration/environments.md b/docs/website/content/docs/v0.3/Configuration/environments.md index be9309df7..f76f3ceff 100644 --- a/docs/website/content/docs/v0.3/Configuration/environments.md +++ b/docs/website/content/docs/v0.3/Configuration/environments.md @@ -45,7 +45,7 @@ spec: - panic=0 - printk.devkmsg=on - talos.platform=metal - - talos.config=http://$PUBLIC_IP:9091/configdata?uuid= + - talos.config=http://$PUBLIC_IP:8081/configdata?uuid= initrd: url: "https://github.com/talos-systems/talos/releases/download/v0.8.1/initramfs-amd64.xz" sha512: "" diff --git a/docs/website/content/docs/v0.3/Getting Started/installation.md b/docs/website/content/docs/v0.3/Getting Started/installation.md index 80bc3f4d3..7a5508168 100644 --- a/docs/website/content/docs/v0.3/Getting Started/installation.md +++ b/docs/website/content/docs/v0.3/Getting Started/installation.md @@ -18,10 +18,9 @@ variables or as variables in the `clusterctl` configuration: * `SIDERO_CONTROLLER_MANAGER_HOST_NETWORK` (`false`): run `sidero-controller-manager` on host network * `SIDERO_CONTROLLER_MANAGER_API_ENDPOINT` (empty): specifies the IP address controller manager can be reached on, defaults to the node IP +* `SIDERO_CONTROLLER_MANAGER_API_PORT` (8081): specifies the port controller manager can be reached on * `SIDERO_CONTROLLER_MANAGER_EXTRA_AGENT_KERNEL_ARGS` (empty): specifies additional Linux kernel arguments for the Sidero agent (for example, different console settings) * `SIDERO_CONTROLLER_MANAGER_AUTO_ACCEPT_SERVERS` (`false`): automatically accept discovered servers, by default `.spec.accepted` should be changed to `true` to accept the server * `SIDERO_CONTROLLER_MANAGER_AUTO_BMC_SETUP` (`true`): automatically attempt to configure the BMC with a `sidero` user that will be used for all IPMI tasks. * `SIDERO_CONTROLLER_MANAGER_INSECURE_WIPE` (`true`): wipe only the first megabyte of each disk on the server, otherwise wipe the full disk * `SIDERO_CONTROLLER_MANAGER_SERVER_REBOOT_TIMEOUT` (`20m`): timeout for the server reboot (how long it might take for the server to be rebooted before Sidero retries an IPMI reboot operation) -* `SIDERO_METADATA_SERVER_HOST_NETWORK` (`false`): run `sidero-metadta-server` on host network -* `SIDERO_METADATA_SERVER_PORT` (`8080`): port to use for the metadata server diff --git a/docs/website/content/docs/v0.3/Guides/bootstrapping.md b/docs/website/content/docs/v0.3/Guides/bootstrapping.md index a006c1db3..e477b0d2f 100644 --- a/docs/website/content/docs/v0.3/Guides/bootstrapping.md +++ b/docs/website/content/docs/v0.3/Guides/bootstrapping.md @@ -90,7 +90,7 @@ Issue the following to create a single-node cluster: ```bash talosctl cluster create \ - -p 69:69/udp,8081:8081/tcp,9091:9091/tcp,50100:50100/tcp \ + -p 69:69/udp,8081:8081/tcp \ --workers 0 \ --endpoint $PUBLIC_IP ``` @@ -116,9 +116,7 @@ As of Cluster API version 0.3.9, Sidero is included as a default infrastructure To install Sidero and the other Talos providers, simply issue: ```bash -SIDERO_METADATA_SERVER_HOST_NETWORK=true \ - SIDERO_METADATA_SERVER_PORT=9091 \ - SIDERO_CONTROLLER_MANAGER_HOST_NETWORK=true \ +SIDERO_CONTROLLER_MANAGER_HOST_NETWORK=true \ SIDERO_CONTROLLER_MANAGER_API_ENDPOINT=$PUBLIC_IP \ clusterctl init -b talos -c talos -i sidero ``` @@ -184,7 +182,7 @@ spec: - panic=0 - printk.devkmsg=on - talos.platform=metal - - talos.config=http://$PUBLIC_IP:9091/configdata?uuid= + - talos.config=http://$PUBLIC_IP:8081/configdata?uuid= initrd: url: "https://github.com/talos-systems/talos/releases/latest/download/initramfs-amd64.xz" sha512: "" diff --git a/docs/website/content/docs/v0.3/Guides/first-cluster.md b/docs/website/content/docs/v0.3/Guides/first-cluster.md index 13f52966f..a71fc453f 100644 --- a/docs/website/content/docs/v0.3/Guides/first-cluster.md +++ b/docs/website/content/docs/v0.3/Guides/first-cluster.md @@ -27,16 +27,6 @@ Metal Controller Manager: kubectl patch deploy -n sidero-system sidero-controller-manager --type='json' -p='[{"op": "add", "path": "/spec/template/spec/hostNetwork", "value": true}]' ``` -Metadata Server: - -```bash -# Convert metadata server service to nodeport -kubectl patch service -n sidero-system sidero-metadata-server --type='json' -p='[{"op": "replace", "path": "/spec/type", "value": "NodePort"}]' - -## Set a known nodeport for metadata server -kubectl patch service -n sidero-system sidero-metadata-server --type='json' -p='[{"op": "replace", "path": "/spec/ports", "value": [{"port": 80, "protocol": "TCP", "targetPort": "http", "nodePort": 30005}]}]' -``` - #### Update Environment The metadata server's information needs to be updated in the default environment. diff --git a/docs/website/content/docs/v0.3/Guides/patching.md b/docs/website/content/docs/v0.3/Guides/patching.md index d2efce468..d477c0710 100644 --- a/docs/website/content/docs/v0.3/Guides/patching.md +++ b/docs/website/content/docs/v0.3/Guides/patching.md @@ -41,7 +41,7 @@ before actual server is provisioned with the config. This can be achieved by querying the metadata server endpoint directly: ```sh -$ curl http://$PUBLIC_IP:9091/configdata?uuid=$SERVER_UUID +$ curl http://$PUBLIC_IP:8081/configdata?uuid=$SERVER_UUID version: v1alpha1 ... ``` diff --git a/go.mod b/go.mod index e0977304e..c28297861 100644 --- a/go.mod +++ b/go.mod @@ -33,6 +33,7 @@ require ( go.uber.org/zap v1.16.0 // indirect golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392 // indirect golang.org/x/mod v0.4.0 // indirect + golang.org/x/net v0.0.0-20210505214959-0714010a04ed golang.org/x/sync v0.0.0-20210220032951-036812b2e83c golang.org/x/sys v0.0.0-20210503173754-0981d6026fa6 golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c // indirect diff --git a/hack/release.toml b/hack/release.toml index 5b9cdfbc9..2b844454a 100644 --- a/hack/release.toml +++ b/hack/release.toml @@ -42,4 +42,14 @@ Sidero now creates ServerClass `any` which matches all servers. title = "Install and Upgrade Variables" description = """\ Some aspects of Sidero installation can now be [controlled](https://www.sidero.dev/docs/v0.3/getting-started/installation/) via environment variables or `clusterctl` variables. +""" + + [notes.ports] + title = "`metal-controller-manager` External Ports Change" + description = """\ +Component `metal-metadata-server` was merged into `metal-controller-manager`, and three separate HTTP endpoints were merged into one endpoint on port `:8081`: + +* iPXE server (which used to be on port 8081) +* internal gRPC server (Sidero agent uses it to talk back to Sidero service), previously was 50001 +* metadata server endpoint (used to be separate deployment and service, docs used port 9091) """ diff --git a/sfyra/pkg/capi/capi.go b/sfyra/pkg/capi/capi.go index 2ad445fd6..14e9eed61 100644 --- a/sfyra/pkg/capi/capi.go +++ b/sfyra/pkg/capi/capi.go @@ -120,9 +120,6 @@ func (clusterAPI *Manager) Install(ctx context.Context) error { } // set template environment variables - os.Setenv("SIDERO_METADATA_SERVER_PORT", "9091") - os.Setenv("SIDERO_METADATA_SERVER_HOST_NETWORK", "true") - os.Setenv("SIDERO_CONTROLLER_MANAGER_HOST_NETWORK", "true") os.Setenv("SIDERO_CONTROLLER_MANAGER_API_ENDPOINT", clusterAPI.cluster.SideroComponentsIP().String()) os.Setenv("SIDERO_CONTROLLER_MANAGER_SERVER_REBOOT_TIMEOUT", "30s") // wiping/reboot is fast in the test environment diff --git a/sfyra/pkg/tests/environment.go b/sfyra/pkg/tests/environment.go index fe0cc9431..9ee5e7bda 100644 --- a/sfyra/pkg/tests/environment.go +++ b/sfyra/pkg/tests/environment.go @@ -43,7 +43,7 @@ func TestEnvironmentDefault(ctx context.Context, metalClient client.Client, clus cmdline.Append("panic", "1") cmdline.Append("talos.platform", "metal") cmdline.Append("talos.shutdown", "halt") - cmdline.Append("talos.config", fmt.Sprintf("http://%s:9091/configdata?uuid=", cluster.SideroComponentsIP())) + cmdline.Append("talos.config", fmt.Sprintf("http://%s:8081/configdata?uuid=", cluster.SideroComponentsIP())) cmdline.Append("initrd", "initramfs.xz") environment.APIVersion = constants.SideroAPIVersion diff --git a/sfyra/pkg/tests/server_class.go b/sfyra/pkg/tests/server_class.go index 1af921aa0..8f86adba4 100644 --- a/sfyra/pkg/tests/server_class.go +++ b/sfyra/pkg/tests/server_class.go @@ -220,7 +220,7 @@ func TestServerClassPatch(ctx context.Context, metalClient client.Client, cluste } // Wait for metadata server to return a 200 for that UUID, then verify it has patch. - metadataEndpoint := fmt.Sprintf("http://%s:9091/configdata?uuid=dummyserver-0", cluster.SideroComponentsIP()) + metadataEndpoint := fmt.Sprintf("http://%s:8081/configdata?uuid=dummyserver-0", cluster.SideroComponentsIP()) var metadataBytes []byte