Add dev iso build and documentation (#1203)

* Add dev iso build and documentation

Signed-off-by: Andrea Mazzotti <andrea.mazzotti@suse.com>

Author: anmazzotti

Dockerfile.dev.iso

@@ -0,0 +1,10 @@
+ARG ELEMENTAL_OS_IMAGE
+
+FROM ${ELEMENTAL_OS_IMAGE} as os
+
+COPY manifest.yaml manifest.yaml
+RUN elemental --debug --config-dir . build-iso -o /output -n "elemental-dev" dir:/
+
+FROM busybox:stable
+
+COPY --from=os /output /elemental-iso

Dockerfile.dev.os

@@ -0,0 +1,80 @@
+ARG ELEMENTAL_TOOLKIT
+ARG ELEMENTAL_REGISTER
+
+FROM ${ELEMENTAL_REGISTER} as register 
+FROM ${ELEMENTAL_TOOLKIT} as toolkit
+
+# OS base image of our choice
+FROM registry.opensuse.org/opensuse/leap:15.5 as OS
+
+ARG RANCHER_SYSTEM_AGENT_VERSION
+
+# install kernel, systemd, dracut, grub2 and other required tools
+RUN ARCH=$(uname -m); \
+    [[ "${ARCH}" == "aarch64" ]] && ARCH="arm64"; \
+    zypper --non-interactive install --no-recommends -- \
+      kernel-default \
+      device-mapper \
+      dracut \
+      grub2 \
+      grub2-${ARCH}-efi \
+      shim \
+      haveged \
+      systemd \
+      NetworkManager \
+      openssh-server \
+      openssh-clients \
+      timezone \
+      parted \
+      e2fsprogs \
+      dosfstools \
+      mtools \
+      xorriso \
+      findutils \
+      gptfdisk \
+      rsync \
+      squashfs \
+      lvm2 \
+      tar \
+      gzip \
+      vim \
+      which \
+      less \
+      sudo \
+      curl \
+      iproute2 \
+      podman \
+      sed
+
+# elemental-register dependencies
+RUN ARCH=$(uname -m); \
+    [[ "${ARCH}" == "aarch64" ]] && ARCH="arm64"; \
+    zypper --non-interactive install --no-recommends -- \
+      dmidecode
+
+# Add system files
+COPY framework/files/ /
+# Add elemental-register
+COPY --from=register /usr/sbin/elemental-register /usr/sbin/elemental-register
+COPY --from=register /usr/sbin/elemental-support /usr/sbin/elemental-support
+# Add the elemental cli
+COPY --from=toolkit /usr/bin/elemental /usr/bin/elemental
+
+# Add the elemental-system-agent
+ADD --chmod=0755 https://github.com/rancher/system-agent/releases/download/${RANCHER_SYSTEM_AGENT_VERSION}/rancher-system-agent-amd64 /usr/sbin/elemental-system-agent
+
+# Enable essential services
+RUN systemctl enable NetworkManager.service
+
+# Enable /tmp to be on tmpfs
+RUN cp /usr/share/systemd/tmp.mount /etc/systemd/system
+
+# Generate initrd with required elemental services
+RUN elemental init --debug --force
+
+# Update os-release file with some metadata
+RUN echo TIMESTAMP="`date +'%Y%m%d%H%M%S'`" >> /etc/os-release && \
+    echo GRUB_ENTRY_NAME=\"Elemental Dev\" >> /etc/os-release
+
+# Good for validation after the build
+CMD /bin/bash

Makefile

@@ -0,0 +1,27 @@
+DOCKER?=docker
+ELEMENTAL_OS_IMAGE?=docker.io/local/elemental-os:dev 
+ELEMENTAL_ISO_IMAGE?=docker.io/local/elemental-iso:dev 
+ELEMENTAL_REGISTER?=docker.io/local/elemental-register:dev 
+ELEMENTAL_TOOLKIT?=docker.io/local/elemental-toolkit:dev 
+
+RANCHER_SYSTEM_AGENT_VERSION?=v0.3.4
+
+.PHONY: build-dev-os
+build-dev-os: 
+	$(DOCKER) build \
+			--build-arg ELEMENTAL_TOOLKIT=$(ELEMENTAL_TOOLKIT) \
+			--build-arg ELEMENTAL_REGISTER=$(ELEMENTAL_REGISTER) \
+			--build-arg RANCHER_SYSTEM_AGENT_VERSION=$(RANCHER_SYSTEM_AGENT_VERSION) \
+			-t $(ELEMENTAL_OS_IMAGE) \
+			-f Dockerfile.dev.os .
+
+.PHONY: build-dev-iso
+build-dev-iso: build-dev-os
+	$(DOCKER) build \
+			--build-arg ELEMENTAL_OS_IMAGE=$(ELEMENTAL_OS_IMAGE) \
+			-t $(ELEMENTAL_ISO_IMAGE) \
+			-f Dockerfile.dev.iso .
+
+.PHONY: kind-load-dev-iso
+kind-load-dev-iso: build-dev-iso
+	kind load docker-image $(ELEMENTAL_ISO_IMAGE) --name operator-e2e

doc/DEVELOPMENT.md

@@ -0,0 +1,163 @@
+# Elemental Stack Development
+
+## Pre-requisites
+
+Clone the following repositories in your development environment:
+
+- <https://github.com/rancher/elemental>
+  
+  This repo is needed to build a development Elemental image that includes the `elemental-register` and it's ready to be used with the `elemental-operator`.  
+
+- <https://github.com/rancher/elemental-toolkit>
+  
+  This repo is needed to build a development image containing the `elemental-toolkit` binary.  
+  This image can be then referenced when building a development Elemental iso.  
+
+- <https://github.com/rancher/elemental-operator>
+
+  This repo is needed to build a development image containing the `elemental-registry` binary.  
+  It also contains a convenient test cluster that can be automatically provisioned.  
+  The test cluster includes a locally built version of the `elemental-operator`, a version of Rancher, and a test registry that can be used when testing Elemental [upgrades](https://elemental.docs.rancher.com/upgrade) through a `ManagedOSImage`.
+
+## Setup a development environment
+
+1. Provision the test cluster
+
+    Using the `elemental-operator` repo:  
+
+    ```bash
+    make setup-full-cluster 
+    ```
+
+    If everything succeeded, you should be able to login into Rancher at: <https://172.18.0.2.sslip.io>
+    The password is `rancherpassword`.  
+    Note that it uses a self-signed certificate.  
+
+    At this stage you may want to enable Extensions and install the Elemental extension from the Rancher web UI.  
+
+1. Build a local image containing the `elemental-register` binary
+
+    Using the `elemental-operator` repo:  
+
+    ```bash
+    make build-docker-register 
+    ```
+
+    This will build a `docker.io/local/elemental-register:dev` image that can be referenced in the following steps.  
+    Note that before building this image you are free to checkout a different version of the `elemental-operator`, for example to test compatibility issues between mismatching `elemental-operator` and `elemental-register` versions.  
+
+1. Build a local image containing the `elemental-toolkit`
+
+    Using the `elemental-toolkit` repo:  
+
+    ```bash
+    make VERSION=dev build
+    ```
+
+    This will build a `docker.io/local/elemental-toolkit:dev` image that can be referenced in the following steps.  
+    Note that before building this image you are free to checkout a different version of the `elemental-toolkit`, in order to generate *old* or *new* OS images that can be used to test downgrade/upgrade scenarios.  
+
+1. Build and load the Elemental Dev ISO into the test cluster
+
+    Using the `elemental` repo:
+
+    ```bash
+    make kind-load-dev-iso 
+    ```
+
+    By default this will use the previously built `docker.io/local/elemental-register:dev` and `docker.io/local/elemental-toolkit:dev` to generate a `docker.io/local/elemental-iso:dev` that can be used as a base Elemental image.  
+    Since the image is also loaded into the test cluster, you can easily reference it in your `SeedImage` definition, for example:  
+
+    ```yaml
+    apiVersion: elemental.cattle.io/v1beta1
+    kind: SeedImage
+    metadata:
+    name: fire-img
+    namespace: fleet-default
+    spec:
+    type: iso
+    baseImage: docker.io/local/elemental-iso:dev
+    registrationRef:
+        apiVersion: elemental.cattle.io/v1beta1
+        kind: MachineRegistration
+        name: fire-nodes
+        namespace: fleet-default
+    ```
+
+1. Apply a test Elemental manifest and download the Dev ISO
+
+    Using the `elemental` repo:
+
+    ```bash
+    kubectl apply -f tests/manifests/elemental-dev-example.yaml
+    ```
+
+    ```bash
+    kubectl wait --for=condition=ready pod -n fleet-default fire-img
+    ```
+
+    ```bash
+    wget --no-check-certificate `kubectl get seedimage -n fleet-default fire-img -o jsonpath="{.status.downloadURL}"` -O elemental-dev.x86_64.iso
+    ```
+
+    You can now use this ISO to provision Elemental machines, for example using an hypervisor on your dev environment.  
+    The machines must be able to connect to the test Rancher environment `172.18.0.2:443`, and to the test registry when testing upgrade/downgrade scenarios `172.18.0.2:30000`.  
+
+## Testing an Elemental upgrade scenario
+
+Given that the development environment is ready and an Elemental machine was already provisioned, you can prepare a test OS version and use it for upgrades.  
+The steps are equivalent for downgrades, by just checking out older versions of the components.  
+
+1. Build local images containing the `elemental-register` and/or the `elemental-toolkit` on your next feature branch  
+
+    Using the `elemental-operator` repo:  
+
+    ```bash
+    git checkout my-next-feature-branch
+    make build-docker-register 
+    ```
+
+    Using the `elemental-toolkit` repo:  
+
+    ```bash
+    git checkout my-next-feature-branch
+    make VERSION=dev build
+    ```
+
+1. Build a local OS image and push it to the test registry  
+
+    Using the `elemental` repo:
+
+    ```bash
+    ELEMENTAL_OS_IMAGE="172.18.0.2:30000/elemental-os:dev-next" make build-dev-os
+    ```
+
+    In order to push this image to the test registry, you have add this in your Docker config: `/etc/docker/daemon.json`
+
+    ```json
+    { "insecure-registries":["172.18.0.2:30000"] } 
+    ```
+
+    Then restart docker:  
+
+    ```bash
+    sudo systemctl restart docker
+    ```
+
+    Finally push the OS image to the test registry:  
+
+    ```bash
+    docker push 172.18.0.2:30000/elemental-os:dev-next
+    ```
+
+1. Trigger the upgrade (on a Cluster level)
+
+    Using the `elemental` repo:
+
+    ```bash
+    kubectl apply -f tests/manifests/elemental-dev-upgrade-example.yaml
+    ```
+
+1. Troubleshoot eventual issues
+
+    In case of errors, refer to the [upgrade troubleshooting documentation](https://elemental.docs.rancher.com/troubleshooting-upgrade).

manifest.yaml

@@ -0,0 +1,5 @@
+iso:
+  bootloader-in-rootfs: true
+  grub-entry-name: "Elemental Dev Install"
+
+squash-no-compression: true

tests/manifests/elemental-dev-example.yaml

@@ -0,0 +1,96 @@
+apiVersion: elemental.cattle.io/v1beta1
+kind: MachineInventorySelectorTemplate
+metadata:
+  name: fire-machine-selector
+  namespace: fleet-default
+spec:
+  template:
+    spec:
+      selector:
+        matchExpressions:
+          - key: element
+            operator: In
+            values: [ 'fire' ]
+---
+kind: Cluster
+apiVersion: provisioning.cattle.io/v1
+metadata:
+  name: volcano
+  namespace: fleet-default
+spec:
+  rkeConfig:
+    machineGlobalConfig:
+      etcd-expose-metrics: false
+      profile: null
+    machinePools:
+      - controlPlaneRole: true
+        etcdRole: true
+        machineConfigRef:
+          apiVersion: elemental.cattle.io/v1beta1
+          kind: MachineInventorySelectorTemplate
+          name: fire-machine-selector
+        name: fire-pool
+        quantity: 1
+        unhealthyNodeTimeout: 0s
+        workerRole: true
+    machineSelectorConfig:
+      - config:
+          protect-kernel-defaults: false
+    registries: 
+      mirrors:
+        "172.18.0.2:30000":
+          endpoint:
+            - "http://172.18.0.2:30000"
+      configs:
+        "172.18.0.2:30000":
+          insecureSkipVerify: true    
+  kubernetesVersion: v1.27.10+k3s1
+---
+apiVersion: elemental.cattle.io/v1beta1
+kind: MachineRegistration
+metadata:
+  name: fire-nodes
+  namespace: fleet-default
+spec:
+  machineName: test-${System Information/UUID}
+  config:
+    cloud-config:
+      users:
+        - name: root
+          passwd: root
+    elemental:
+      reset:
+        debug: true
+        enabled: true
+        reset-persistent: true
+        reset-oem: true
+      install:
+        reboot: true
+        device-selector:
+        - key: Name
+          operator: In
+          values:
+          - /dev/sda
+          - /dev/vda
+          - /dev/nvme0
+        debug: true
+  machineInventoryLabels:
+    element: fire
+    manufacturer: "${System Information/Manufacturer}"
+    productName: "${System Information/Product Name}"
+    serialNumber: "${System Information/Serial Number}"
+    machineUUID: "${System Information/UUID}"
+---
+apiVersion: elemental.cattle.io/v1beta1
+kind: SeedImage
+metadata:
+  name: fire-img
+  namespace: fleet-default
+spec:
+  type: iso
+  baseImage: docker.io/local/elemental-iso:dev
+  registrationRef:
+    apiVersion: elemental.cattle.io/v1beta1
+    kind: MachineRegistration
+    name: fire-nodes
+    namespace: fleet-default

tests/manifests/elemental-dev-upgrade-example.yaml

@@ -0,0 +1,10 @@
+apiVersion: elemental.cattle.io/v1beta1
+kind: ManagedOSImage
+metadata:
+  name: dev-upgrade
+  namespace: fleet-default
+spec:
+  # Set to the new Elemental version you would like to upgrade to or track the latest tag
+  osImage: "172.18.0.2:30000/elemental-os:dev-next"
+  clusterTargets:
+    - clusterName: volcano