Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add presentations for cloudnative meetup Berlin, FOSDEM 2024 #8

Merged
merged 1 commit into from
Feb 26, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added FOSDEM2024/2034px-FOSDEM_logo.svg.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
201 changes: 201 additions & 0 deletions FOSDEM2024/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,201 @@
## Preparation

You need:
bzip2 curl python qemu ssh vim docker

Get the second-latest Alpha version for the demos.
Don't use the latest release so update demo will work.
There's a helper script for that; run

./fetch_os_image.sh

to fetch the OS image into the local directory.
The script will also create a pristine copy which can be used to re-set the
base image to the default state (e.g. for re-provisioning).

Lastly, download the latest wasmtime sysext from
https://github.com/flatcar/sysext-bakery/releases/tag/latest
(`wasmtime-17.0.1-x86-64.raw` at the time of writing) into the "webserver"
sub-directory:
```
( cd webserver; curl -LO \
https://github.com/flatcar/sysext-bakery/releases/download/latest/wasmtime-17.0.1-x86-64.raw \
)
```

There are 3 demos:
- Provision a simple web server + content.
- Update the node
- Provision a custom sysext. We use wasmtime.


## Provisioning Demo (provision a simple web server)


Show web server butane config. Inline HTML and logo image file are interesting.
Also, the config disasbles updates to not interfere with the demo.
```
vim web.yaml
```

Transpile to ignition. This will also inline the logo into the JSON.
```
cat web.yaml | docker run --rm -v $(pwd):/files \
-i quay.io/coreos/butane:latest --files-dir /files > web.json
```

Open a web browser and point it to http://localhost:8080 - nothing there.

Start the VM, which will provision the web server
```
./flatcar_production_qemu.sh -i web.json -p 8080-:80,hostfwd=tcp::2222 -nographic
```
This will put you right on the VM's serial console.

Reload http://localhost:8080 - after a few seconds the web page will appear.

Run this on the VM serial console to show the files we provisioned, and that the
"caddy" webserver is running.
```
ls -la /srv/www/html
docker ps
```

## Update demo

This can be done with the same deployment used for the web server demo as we're
not provisoining anything new.

Via the serial console, first enable update engine
```
sudo systemctl unmask update-engine
sudo systemctl start update-engine
```

Check for update status. Most likely it will report 'idle', and that it never
checked for updates.
```
update_engine_client -status
```

Make it check for updates. It should find an update.
```
update_engine_client -check_for_update
update_engine_client -status
```

Run status a number of times to show download progress.
```
update_engine_client -status
```
Continue after status switched to "reboot required".

Reload the web page at http://localhost:8080 to show the web app is still
running.

Show OS version and kernel version prior to reboot.
```
cat /etc/os-release
uname -a
```

Now reboot
```
sudo reboot
```
The VM will restart and again put the terminal on the VM serial console.

Show the new OS and kernel versions.
```
cat /etc/os-release
uname -a
```


Show the web app alive and happy at http://localhost:8080.


# Sysext demo

This is a from-scratch demo with its own provisioning so we need to reset the
OS image.
Power off the machine if it's still running
```
sudo shutdown now --poweroff
```

Now overwrite the OS image with the pristine backup
```
cp flatcar_production_qemu_image.img.pristine flatcar_production_qemu_image.img
```


The demo will need a temporary web server running on the host (we use python's
built-in http:server). Flatcar from inside the VM will need a well-known IP
address to connect to (`wasm.yaml` uses 172.16.0.99), so we add it to the
loopback interface:
```
sudo ip a a 172.16.0.99/32 dev lo
```

First, show the configuration. It's much simpler this time.
```
vim wasm.yaml
```

Transpile to JSON
```
cat wasm.yaml | docker run --rm -i quay.io/coreos/butane:latest > wasm.json
```

In a separate terminal, start the web server to serve the wasmtime sysext
```
cd webserver
ls -la
./start.sh
```
You will be able to see HTTP requests served by the server in this terminal.

Start Flatcar.
```
./flatcar_production_qemu.sh -i wasm.json -nographic
```
It's worth looking at the web server terminal while Flatcar is booting so we
see Ignition requesting and downloading the wasmtime sysext.

Once the Flatcar command line is available, verify the sysext was downloaded.
```
ls -la /opt/extensions/wasmtime/
```

Show that sysext does not yet know of wasmtime.
```
sudo systemd-sysext list
```
No wasmtime.

Expose wasmtime to systemd-sysext by creating a symlink to `/etc/extensions`
```
sudo ln -s /opt/extensions/wasmtime/wasmtime-17.0.1-x86-64.raw \
/etc/extensions/wasmtime.raw
sudo systemd-sysext list
```
Systemd knows about wasmtime now but it's not merged.

No wasmtime:
```
wasmtime --version
ls -la /usr/bin/wasmtime
```

Merge it and check status
```
sudo systemd-sysext refresh
```

Now it's there
```
sudo systemd-sysext status
wasmtime --version
ls -la /usr/bin/wasmtime
```
34 changes: 34 additions & 0 deletions FOSDEM2024/fetch_os_image.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
#!/bin/bash
set -euo pipefail
# This will return the second-to-last alpha version
version=$(curl -s "https://www.flatcar.org/releases-json/releases.json" \
| jq -r 'to_entries[] | select (.value.channel=="alpha") | .key | match("[0-9]+\\.[0-9]+\\.[0-9]+") | .string' \
| sort -Vr | head -n2 | tail -n1)

board=amd64-usr
# board=arm64-usr

echo
echo Downloading
echo

url="https://alpha.release.flatcar-linux.net/${board}/${version}/"
curl -fLO --progress-bar --retry-delay 1 --retry 60 --retry-connrefused \
--retry-max-time 60 --connect-timeout 20 \
"${url}/flatcar_production_qemu.sh"
curl -fLO --progress-bar --retry-delay 1 --retry 60 --retry-connrefused \
--retry-max-time 60 --connect-timeout 20 \
"${url}/flatcar_production_qemu_image.img.bz2"

echo
echo Uncompressing
echo

bunzip2 flatcar_production_qemu_image.img.bz2
chmod 755 flatcar_production_qemu.sh

echo
echo Creating pristine copy
echo

cp flatcar_production_qemu_image.img flatcar_production_qemu_image.img.pristine
Binary file not shown.
20 changes: 20 additions & 0 deletions FOSDEM2024/wasm.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
variant: flatcar
version: 1.0.0

storage:
files:
- path: /opt/extensions/wasmtime/wasmtime-17.0.1-x86-64.raw
mode: 0644
contents:
source: "http://172.16.0.99:8000/wasmtime-17.0.1-x86-64.raw"
- path: /etc/flatcar/update.conf
overwrite: true
contents:
inline: |
REBOOT_STRATEGY=off
mode: 0420

systemd:
units:
- name: update-engine.service
mask: true
62 changes: 62 additions & 0 deletions FOSDEM2024/web.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
variant: flatcar
version: 1.0.0

passwd:
users:
- name: caddy
no_create_home: true
groups: [ docker ]

storage:
files:
- path: /srv/www/html/index.html
mode: 0644
user:
name: caddy
group:
name: caddy
contents:
inline: |
<html><body align="center">
<h1>Hello FOSDEM Containers Devroom!</h1>
<img src="2034px-FOSDEM_logo.svg.png" alt="FOSDEM logo" width="500px" />
</body></html>
- path: /srv/www/html/2034px-FOSDEM_logo.svg.png
mode: 0644
user:
name: caddy
group:
name: caddy
contents:
local: 2034px-FOSDEM_logo.svg.png
- path: /etc/flatcar/update.conf
overwrite: true
contents:
inline: |
REBOOT_STRATEGY=off
mode: 0420

systemd:
units:
- name: update-engine.service
mask: true
- name: demo-webserver.service
enabled: true
contents: |
[Unit]
Description=KCD example static web server
After=docker.service
Requires=docker.service
[Service]
User=caddy
TimeoutStartSec=0
ExecStartPre=-/usr/bin/docker rm --force caddy
ExecStart=/usr/bin/docker run -i -p 80:80 --name caddy \
-v /srv/www/html:/usr/share/caddy \
docker.io/caddy caddy file-server \
--root /usr/share/caddy --access-log
ExecStop=/usr/bin/docker stop caddy
Restart=always
RestartSec=5s
[Install]
WantedBy=multi-user.target
3 changes: 3 additions & 0 deletions FOSDEM2024/webserver/start.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
set -x

python3 -m http.server
Loading