From b218464a67df6b92a16af036f1d0ab7b394d6bb1 Mon Sep 17 00:00:00 2001 From: jianli-97 Date: Thu, 7 Sep 2023 08:12:06 +0000 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E9=85=8D=E7=BD=AE=E6=A8=A1?= =?UTF-8?q?=E6=9D=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/apis/nkd/const.go | 5 +-- app/cmd/phases/config/print.go | 3 +- app/phases/cert/tools.go | 8 ++-- app/util/config/initconfiguration.go | 5 +-- .../systemd/release-image-pivot.service | 1 - .../systemd/release-image-pivot.service | 1 - data/terraform/master.tf.template | 40 +++++++++--------- data/terraform/worker.tf.template | 42 +++++++++---------- 8 files changed, 49 insertions(+), 56 deletions(-) diff --git a/app/apis/nkd/const.go b/app/apis/nkd/const.go index e0304bf..6d37072 100644 --- a/app/apis/nkd/const.go +++ b/app/apis/nkd/const.go @@ -45,12 +45,9 @@ var ( Openstack_Tenant_name = "" Openstack_Auth_url = "" Openstack_Region = "" - Openstack_MasterNodeName = []string{"master01", "master02", "master03"} - Openstack_WorkerNodeName = []string{"worker01", "worker02", "worker03"} Openstack_Internal_network = "" Openstack_External_network = "" Openstack_Master_ip = []string{"10.1.10.51", "10.1.10.52", "10.1.10.53"} - Openstack_Worker_ip = []string{"", "", ""} Openstack_Flavor_Name = "" Openstack_Glance_Name = "" @@ -108,5 +105,5 @@ var ( // containerdaemon PauseImageTag = "3.6" CorednsImageTag = "v1.8.6" - ReleaseImageURl = "hub.oepkgs.net/nestos/nestos-test@sha256:857058e7fb43155bec0f648d7e1004abf72266b0b45a49a92138881f334a1988" + ReleaseImageURl = "" ) diff --git a/app/cmd/phases/config/print.go b/app/cmd/phases/config/print.go index c86da25..d2b06a6 100644 --- a/app/cmd/phases/config/print.go +++ b/app/cmd/phases/config/print.go @@ -113,8 +113,7 @@ func DefaultedStaticWorkerConfiguration(internalconfig *nkd.Worker) *nkd.Worker } system1 := nkd.System{ - Count: nkd.Master_Count, - Ips: nkd.Openstack_Worker_ip, + Count: nkd.Worker_Count, WorkerHostName: nkd.WorkerHostName, MasterHostName: nkd.MasterHostName, Username: nkd.Username, diff --git a/app/phases/cert/tools.go b/app/phases/cert/tools.go index 4d10d39..a69e654 100644 --- a/app/phases/cert/tools.go +++ b/app/phases/cert/tools.go @@ -21,13 +21,13 @@ import ( "crypto/rsa" "crypto/x509" "encoding/pem" - "io/ioutil" + "os" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) -//PrivateKey负责生成密钥 +// PrivateKey负责生成密钥 func PrivateKey() (*rsa.PrivateKey, error) { rsaKey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { @@ -78,7 +78,7 @@ func PemToCertificate(data []byte) (*x509.Certificate, error) { // SaveCertificateToFile 将证书保存到文件 func (c *CertKey) SaveCertificateToFile(filename string) error { - err := ioutil.WriteFile(c.SavePath+"/"+filename, c.CertRaw, 0644) + err := os.WriteFile(c.SavePath+"/"+filename, c.CertRaw, 0644) if err != nil { logrus.Errorf("Faile to save %s: %v", filename, err) return err @@ -91,7 +91,7 @@ func (c *CertKey) SaveCertificateToFile(filename string) error { // SavePrivateKeyToFile 将私钥保存到文件 func (c *CertKey) SavePrivateKeyToFile(filename string) error { - err := ioutil.WriteFile(c.SavePath+"/"+filename, c.KeyRaw, 0600) + err := os.WriteFile(c.SavePath+"/"+filename, c.KeyRaw, 0600) if err != nil { logrus.Errorf("Faile to save %s: %v", filename, err) return err diff --git a/app/util/config/initconfiguration.go b/app/util/config/initconfiguration.go index 8a80207..6739734 100644 --- a/app/util/config/initconfiguration.go +++ b/app/util/config/initconfiguration.go @@ -17,14 +17,13 @@ limitations under the License. package config import ( - "io/ioutil" + "os" "nestos-kubernetes-deployer/app/apis/nkd" "gopkg.in/yaml.v2" ) -// func LoadOrDefaultInitConfiguration(cfgPath string, cfg *nkd.Master) (*nkd.Master, error) { func LoadOrDefaultInitConfiguration(cfgPath string) (interface{}, string, error) { if cfgPath != "" { cfg, nodetype, err := LoadInitConfigurationFromFile(cfgPath) @@ -44,7 +43,7 @@ func LoadOrDefaultInitConfiguration(cfgPath string) (interface{}, string, error) func LoadInitConfigurationFromFile(cfg string) (interface{}, string, error) { node := new(nkd.Node) - yamlFile, err := ioutil.ReadFile(cfg) + yamlFile, err := os.ReadFile(cfg) if err != nil { return nil, "", err diff --git a/data/ignition/master/systemd/release-image-pivot.service b/data/ignition/master/systemd/release-image-pivot.service index b5d02e8..9a81510 100644 --- a/data/ignition/master/systemd/release-image-pivot.service +++ b/data/ignition/master/systemd/release-image-pivot.service @@ -5,7 +5,6 @@ After=network-online.target ConditionPathExists=!/var/log/node-pivot.stamp [Service] -ExecStart=sh /etc/nkd/node-pivot.sh ExecStart=/bin/bash -c "/etc/nkd/node-pivot.sh && touch /var/log/node-pivot.stamp && systemctl reboot" Restart=on-failure diff --git a/data/ignition/worker/systemd/release-image-pivot.service b/data/ignition/worker/systemd/release-image-pivot.service index f51489a..2c93d5f 100644 --- a/data/ignition/worker/systemd/release-image-pivot.service +++ b/data/ignition/worker/systemd/release-image-pivot.service @@ -5,7 +5,6 @@ After=network-online.target ConditionPathExists=!/var/log/node-pivot.stamp [Service] -ExecStart=sh /etc/nkd/node-pivot.sh ExecStart=/bin/bash -c "/etc/nkd/node-pivot.sh && touch /var/log/node-pivot.stamp && systemctl reboot" Restart=on-failure diff --git a/data/terraform/master.tf.template b/data/terraform/master.tf.template index bc3ac68..b5edefa 100644 --- a/data/terraform/master.tf.template +++ b/data/terraform/master.tf.template @@ -16,7 +16,7 @@ provider "openstack" { } variable "instance_count" { - default = "3" + default = "{{.System.Count}}" } variable "create_flavor" { @@ -36,24 +36,24 @@ resource "openstack_compute_flavor_v2" "flavor" { is_public = "true" } -# resource "openstack_compute_secgroup_v2" "secgroup" { -# name = "k8s_master_secgroup" -# description = "secgroup for k8s master" -# -# rule { -# from_port = 22 -# to_port = 22 -# ip_protocol = "tcp" -# cidr = "0.0.0.0/0" -# } -# -# rule { -# from_port = -1 -# to_port = -1 -# ip_protocol = "icmp" -# cidr = "0.0.0.0/0" -# } -# } +resource "openstack_compute_secgroup_v2" "secgroup" { + name = "k8s_master_secgroup" + description = "secgroup for k8s master" + + rule { + from_port = 22 + to_port = 22 + ip_protocol = "tcp" + cidr = "0.0.0.0/0" + } + + rule { + from_port = -1 + to_port = -1 + ip_protocol = "icmp" + cidr = "0.0.0.0/0" + } +} resource "openstack_compute_instance_v2" "instance" { count = var.instance_count @@ -61,7 +61,7 @@ resource "openstack_compute_instance_v2" "instance" { image_name = "{{.Infra.Openstack.Glance}}" flavor_name = var.instance_name key_pair = "" - security_groups = ["K8S"] + security_groups = [openstack_compute_secgroup_v2.secgroup.name] availability_zone = "" user_data = file(format("../master/${var.instance_name}%d.ign", count.index + 1)) diff --git a/data/terraform/worker.tf.template b/data/terraform/worker.tf.template index 7cdb46b..f563346 100644 --- a/data/terraform/worker.tf.template +++ b/data/terraform/worker.tf.template @@ -16,7 +16,7 @@ provider "openstack" { } variable "instance_count" { - default = "3" + default = "{{.System.Count}}" } variable "create_flavor" { @@ -36,24 +36,24 @@ resource "openstack_compute_flavor_v2" "flavor" { is_public = "true" } -# resource "openstack_compute_secgroup_v2" "secgroup" { -# name = "k8s_worker_secgroup" -# description = "secgroup for k8s worker" -# -# rule { -# from_port = 22 -# to_port = 22 -# ip_protocol = "tcp" -# cidr = "0.0.0.0/0" -# } -# -# rule { -# from_port = -1 -# to_port = -1 -# ip_protocol = "icmp" -# cidr = "0.0.0.0/0" -# } -# } +resource "openstack_compute_secgroup_v2" "secgroup" { + name = "k8s_worker_secgroup" + description = "secgroup for k8s worker" + + rule { + from_port = 22 + to_port = 22 + ip_protocol = "tcp" + cidr = "0.0.0.0/0" + } + + rule { + from_port = -1 + to_port = -1 + ip_protocol = "icmp" + cidr = "0.0.0.0/0" + } +} resource "openstack_compute_instance_v2" "instance" { count = var.instance_count @@ -61,9 +61,9 @@ resource "openstack_compute_instance_v2" "instance" { image_name = "{{.Infra.Openstack.Glance}}" flavor_name = var.instance_name key_pair = "" - security_groups = ["K8S"] + security_groups = [openstack_compute_secgroup_v2.secgroup.name] availability_zone = "" - user_data = file("${format("../worker/${var.instance_name}%d.ign", count.index + 1)}") + user_data = file(format("../worker/${var.instance_name}%d.ign", count.index + 1)) network { name = "{{.Infra.Openstack.Internal_network}}" -- Gitee