Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spike rootfs build no ssh #49

Merged
merged 31 commits into from
Apr 4, 2021
Merged

Spike rootfs build no ssh #49

merged 31 commits into from
Apr 4, 2021

Conversation

radekg
Copy link
Member

@radekg radekg commented Mar 27, 2021

Spike implementation for #38.

radekg and others added 12 commits March 24, 2021 22:51
@radekg
Spike: rootfs build no ssh - new build context #38
1f0f2c8
@radekg
WIP: pushing out for contingency - grpc server / client with automati…
b4522e5 
…c build time CA
@radekg
Package the embedded CA nicely, godoc, lint
a7e5094
@radekg
Merge pull request #48 from combust-labs/spike-rootfs-build-no-ssh-grpc
bcec79f 
Spike rootfs build no ssh grpc
@radekg
Read main stage resources via grpc #38
4500bc2
@radekg
Logging in grpc impl, maxrecvmsgsize
0b9dac8
@radekg
Run test grpc server on random port
7359d5d
@radekg
Allow overriding CA key size from grpc server, use non-default for te…
c5bea3a 
…sts only
@radekg
Implement test server provider, closing of the grpc impl
c901924
@radekg
First iteration of the test client
a3c6172
@radekg
Test resources fetching
ede03c6
@radekg
Move no content grpc server tests to dedicated test file, resource te…
a602109 
…st does resource only
@radekg
Copy link
Member Author

radekg commented Mar 27, 2021
edited
Loading

Next steps on this PR:

  • test dependency resources for multi-stage builds
  • integrate the bootstrap server into the rootfs command
  • bootstrap metadata for vminit
  • vminit changes to handle bootstrap metadata: Mmds bootstrap firebuild-mmds#3

@radekg
Copy link
Member Author

radekg commented Apr 2, 2021
edited
Loading

At this stage bootstrapping Consul 1.9.4 via MMDS is working. The VM connects to the secure gRPC bootstrap server and bootstraps successfully. Resulting rootfs can be launched from, app starts as expected.

Next steps:

  • extract all TODO marked settings to rootfs flags
  • work out proper logging for the VM output sent via gRPC
  • trace relevant remote bootstrap server and embedded CA operations
  • documentation

@radekg
Copy link
Member Author

radekg commented Apr 3, 2021
edited
Loading

The vminit v0.0.10 is the first version where the MMDS bootstrap works fine for Alpine and Debian. It bootstraps Postgres 13, etcd 3.4.0, Consul 1.9.4 and Traefik 2.4.7.

There is a problem fetching direct HTTP resources which was a special case to handle and needs to be handled properly. The direct HTTP resource is downloaded to the host build temporary directory and should be transferred to the bootstrapper via gRPC. But it seems this isn't happening so some test coverage for such case needs to be added. The only trace in logs is:

2021-04-03T23:34:59.986Z [DEBUG] vminit.executing-deployer: executing ADD command: command="{<nil> ADD https://dl.minio.io/server/minio/release/linux-amd64/minio /usr/bin/minio /mnt/sde1/fc/cache/builds/bplnfgdsc2wd8f2qnfhk/sources/minio/latest/Dockerfile https://dl.minio.io/server/minio/release/linux-amd64/minio /usr/bin/minio { /} { 0:0} <nil>}"

Welcome to Alpine Linux 3.13
Kernel 5.8.0 on an x86_64 (ttyS0)

192 login: 2021-04-03T23:35:00.650Z [DEBUG] rootfs.build-server.grpc-impl: sending data with safe buffer size: traceId=6023c7afeea4e88d resource=/usr/bin/minio safe-buffer-size=3774873
2021-04-03T23:35:04.143Z [DEBUG] vminit.bootstrap: pinging server
2021-04-03T23:35:04.241Z [DEBUG] rootfs: received ping from bootstrap client: traceId=6023c7afeea4e88d
2021-04-03T23:35:09.147Z [DEBUG] vminit.bootstrap: pinging server
2021-04-03T23:35:09.245Z [DEBUG] rootfs: received ping from bootstrap client: traceId=6023c7afeea4e88d
2021-04-03T23:35:14.151Z [DEBUG] vminit.bootstrap: pinging server
...

The problem needs to be first investigated in shared library and when that works, attempt integration in vminit.

@radekg radekg mentioned this pull request Apr 4, 2021
Merged
@radekg radekg marked this pull request as ready for review April 4, 2021 14:01
@radekg radekg merged commit 0078830 into master Apr 4, 2021
@radekg radekg deleted the spike-rootfs-build-no-ssh branch April 4, 2021 16:14
@radekg radekg mentioned this pull request Apr 4, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@radekg