github.com/rancher/elemental/tests@v0.0.0-20240517125144-ae048c615b3f/scripts/deploy-airgap (about) 1 #!/bin/bash 2 3 # Deploy Airgap 4 5 set -x 6 7 # Retry skopeo command in case of sporadic issue 8 function RunSkopeoCmdWithRetry() { 9 CMD=$* 10 11 # Wait for a maximum of 1 minute 12 for ((i=0; i<60; i++)); do 13 # If skopeo command is OK then we simply return (exit the function) 14 ERRMSG=$(skopeo ${CMD} 2>&1 > /dev/null) && return 15 16 # If resource access is denied retry with local access 17 case ${ERRMSG} in 18 *requested\ access\ to\ the\ resource\ is\ denied*) 19 CMD=${CMD/docker:\/\//docker-daemon:} 20 ;; 21 *Storing\ signatures\ for\ docker\ tar\ files\ is\ not\ supported*) 22 CMD=${CMD/copy/copy --remove-signatures} 23 ;; 24 esac 25 26 # Wait a little 27 sleep 5 28 done 29 30 # If we are here then an error happened! 31 exit 1 32 } 33 34 # Variable(s) 35 K3S_UPSTREAM_VERSION=$1 36 OPT_RANCHER=/opt/rancher 37 38 # Format upstream version 39 TMP_UPSTREAM_VERSION=${K3S_UPSTREAM_VERSION/+*} 40 K8S_UPSTREAM_VERSION=${TMP_UPSTREAM_VERSION/v} 41 42 # Install k3s 43 cd ${OPT_RANCHER}/k3s_${K8S_UPSTREAM_VERSION} 44 sudo sh -c ' 45 mkdir -p /var/lib/rancher/k3s/agent/images /etc/rancher/k3s 46 cp k3s-airgap-images-amd64.tar.zst /var/lib/rancher/k3s/agent/images/ 47 chmod +x k3s install.sh 48 cp k3s /usr/local/bin/ 49 ' 50 51 # Add registry configuration 52 cat <<EOF | sudo tee /etc/rancher/k3s/registries.yaml 53 mirrors: 54 "rancher-manager.test:5000": 55 endpoint: 56 - "http://rancher-manager.test:5000" 57 configs: 58 "rancher-manager.test:5000": 59 tls: 60 insecure_skip_verify: true 61 EOF 62 63 # Pre-load registry image 64 rsync -avP ${OPT_RANCHER}/images/registry/registry.tar /var/lib/rancher/k3s/agent/images/ 65 66 # Install k3s 67 INSTALL_K3S_SKIP_DOWNLOAD=true INSTALL_K3S_VERSION=${K3S_UPSTREAM_VERSION} ./install.sh 68 systemctl enable --now k3s 69 70 # Wait and add link 71 sleep 30 72 mkdir -p ${HOME}/.kube 73 ln -sf /etc/rancher/k3s/k3s.yaml ${HOME}/.kube/config 74 75 # Run local registry 76 cat <<EOF | kubectl apply -f - 77 apiVersion: apps/v1 78 kind: DaemonSet 79 metadata: 80 name: registry 81 labels: 82 app: registry 83 spec: 84 selector: 85 matchLabels: 86 app: registry 87 template: 88 metadata: 89 labels: 90 app: registry 91 spec: 92 containers: 93 - name: registry 94 image: registry 95 imagePullPolicy: Never 96 ports: 97 - name: registry 98 containerPort: 5000 99 securityContext: 100 capabilities: 101 add: 102 - NET_BIND_SERVICE 103 volumeMounts: 104 - name: registry 105 mountPath: /var/lib/registry 106 volumes: 107 - name: registry 108 hostPath: 109 path: ${OPT_RANCHER}/registry 110 hostNetwork: true 111 EOF 112 113 # Wait for registry to be ready 114 sleep 1m 115 116 # Load images inside the local registry 117 IMAGES_PATH=${OPT_RANCHER}/images 118 119 # Elemental + Cert-Manager + Rancher 120 loop=0 121 for file in $(find ${IMAGES_PATH} -name '*.tar' 2>/dev/null); do 122 LOCAL_PATH="${file#*${IMAGES_PATH}}" 123 DOCKER_PATH="rancher-manager.test:5000${LOCAL_PATH/.tar}" 124 125 # Add to local registry 126 RunSkopeoCmdWithRetry copy docker-archive:${file} docker://${DOCKER_PATH/_/:} --dest-tls-verify=false & 127 128 # Wait for skopeo jobs to finish if we already have too much jobs in parallel 129 # This is to avoid the "too many requests to registry" error! 130 if (( ++loop > 50 )); then 131 echo "Wait for sync..." 132 wait 133 134 # Reset loop counter 135 loop=0 136 fi 137 done 138 139 # Wait for *ALL* skopeo jobs to finish 140 wait