Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Distro-Agnostic Zarf Registry Bootstrap #329

Merged
merged 92 commits into from
Mar 11, 2022
Merged

Distro-Agnostic Zarf Registry Bootstrap #329

merged 92 commits into from
Mar 11, 2022

Conversation

jeff-mccoy
Copy link
Contributor

@jeff-mccoy jeff-mccoy commented Feb 16, 2022
edited
Loading

Fixes #335
Fixes #264

This PR provides a mechanism for injecting a OCI image into a K8s cluster using only the given Kube context. This prevents the user from having to worry about network routing, TLS, firewall rules, etc to push the initial image into the cluster so Zarf can complete the init process in an air gapped environment.

Changes:

  • Cleaned up PKI flow / removed user interaction from zarf init
  • Add injector system, see Readme
  • Change zarf seed config from array to single image
  • Add several additional K8s functions to the k8s package
  • Add arch diagram
  • Resolve some issues with system architecture flags and packages

@jeff-mccoy
post multi-distro pki cleanup
e5cfdf4
@jeff-mccoy
wip: placeholder for injection work
36b6e35
@jeff-mccoy
continue inject work
1bc26b0
@jeff-mccoy
add missing busybox source files
17f2d98
@jeff-mccoy
cleanup seed logic for in-cluster injection
ccecdec
@jeff-mccoy
update payload hash
87cfc3b
@jeff-mccoy
rename busybox binary
fe8f85e
@jeff-mccoy
update payload hash
0ab643d
@jeff-mccoy
add echo to busybox for inline sha256sum
06f9cb3
@jeff-mccoy
move shasums to env var
0370c83
@jeff-mccoy
more realist resources for distribution/distribution
3459dd7
@jeff-mccoy
update zarf shasum for testing
38bae55
@jeff-mccoy
more injection.sh testing
925dfb2
@jeff-mccoy
add configmap functions
40f98f0
@jeff-mccoy
add pod and image k8s functions
a8acfb5
@jeff-mccoy
add pod creation stages
a3b9344
@jeff-mccoy
continue injector implementation
ca38178 
- add runtime pod/svc/configmap creation
- move registry to standalone binary due to os / arch mismatch possibilities, shrink to 13 megs for registry binary
- implemented up until final binary TCP messaging
@jeff-mccoy jeff-mccoy linked an issue Feb 16, 2022 that may be closed by this pull request
Distro-Agnostic Zarf Registry Bootstrap #335
Closed
@jeff-mccoy jeff-mccoy marked this pull request as ready for review February 17, 2022 11:07
@jeff-mccoy
Copy link
Contributor Author

This is still very brittle around the TCP transport of the tar ball from go -> busybox. Seems to be a go TCP dialer thing that needs some more testing. It did work on clean K3D/Kind/EKS clusters--but the EKS cluster failed due to likely race conditions twice before finally bootstrapping properly. Will continue cleaning up / testing in the AM.

Screen Shot 2022-02-17 at 5 00 38 AM

Screen Shot 2022-02-17 at 5 00 24 AM

@RothAndrew RothAndrew changed the title Feature/injection support Distro-Agnostic Zarf Registry Bootstrap Feb 18, 2022
@YrrepNoj
Copy link
Contributor

As you're working on this can you go mod tidy and push up the updated go.sum. Seem to be some new dependencies for some azure stuff.

YrrepNoj
YrrepNoj reviewed Feb 23, 2022
View reviewed changes
Makefile Outdated Show resolved Hide resolved
@jeff-mccoy jeff-mccoy force-pushed the feature/injection-support branch from 020395a to 568e29f Compare March 11, 2022 03:13
@jeff-mccoy jeff-mccoy force-pushed the feature/injection-support branch from d208878 to 5d772b1 Compare March 11, 2022 06:44
@jeff-mccoy jeff-mccoy removed needs-adr needs-docs PR Label - Docs required to merge labels Mar 11, 2022
@jeff-mccoy jeff-mccoy requested a review from YrrepNoj March 11, 2022 13:23
@jeff-mccoy
Copy link
Contributor Author

Ready for final review

YrrepNoj
YrrepNoj suggested changes Mar 11, 2022
View reviewed changes
Copy link
Contributor

@YrrepNoj YrrepNoj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mostly small docs suggestions

docs/adr/0002-image-injection-into-remote-clusters-without-native-support.md Outdated Show resolved Hide resolved
docs/adr/0002-image-injection-into-remote-clusters-without-native-support.md Outdated Show resolved Hide resolved
docs/adr/0002-image-injection-into-remote-clusters-without-native-support.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
@RothAndrew
Copy link
Contributor

RothAndrew commented Mar 11, 2022
edited
Loading

Can we rename .images/architecture.svg to signify it is an editable file? Maybe .images/architecture.drawio.svg?

Edit: nevermind, I see there is a separate file named .drawio. Should we not just use an editable SVG which can be pulled directly into drawio and also appears as a regular image in the markdown document?

Screen Shot 2022-03-11 at 8 58 12 AM

@jeff-mccoy jeff-mccoy force-pushed the feature/injection-support branch from 07c63cd to 2826ace Compare March 11, 2022 19:25
@jeff-mccoy jeff-mccoy requested a review from YrrepNoj March 11, 2022 19:27
@jeff-mccoy
Copy link
Contributor Author

changes made, will need @RothAndrew and @YrrepNoj to verify and mark changes approved.

@jeff-mccoy jeff-mccoy force-pushed the feature/injection-support branch 2 times, most recently from d9a75ac to c9adaf3 Compare March 11, 2022 19:30
@jeff-mccoy jeff-mccoy force-pushed the feature/injection-support branch from c9adaf3 to 45d0d42 Compare March 11, 2022 19:31
@RothAndrew
Copy link
Contributor

about half-way through the changes, still working through it

@jeff-mccoy
Copy link
Contributor Author

that ADR rename and image rename + merge conflict made that last set of changes fun.......

@jeff-mccoy
Copy link
Contributor Author

For typos I just ran the ADR and README section through grammarly

@RothAndrew RothAndrew mentioned this pull request Mar 11, 2022
Closed
@jeff-mccoy jeff-mccoy merged commit 53376d5 into master Mar 11, 2022
@jeff-mccoy jeff-mccoy deleted the feature/injection-support branch March 11, 2022 20:40
@jeff-mccoy jeff-mccoy mentioned this pull request Mar 11, 2022
Merged
@jeff-mccoy jeff-mccoy mentioned this pull request Mar 22, 2022
Open
Noxsios pushed a commit that referenced this pull request Mar 8, 2023
@jeff-mccoy
Distro-Agnostic Zarf Registry Bootstrap (#329)
29fbb63 
Enables Zarf to init any K8s cluster given only a kube context.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@YrrepNoj YrrepNoj YrrepNoj approved these changes

@RothAndrew RothAndrew RothAndrew approved these changes

Assignees

@jeff-mccoy jeff-mccoy

Labels
enhancement ✨ New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Distro-Agnostic Zarf Registry Bootstrap Zarf support for EKS
3 participants
@jeff-mccoy @YrrepNoj @RothAndrew