Merge pull request #23 from avestuk/master

Create Openshift 3.11 Demo - Update StorageOS image to 1.2.0

docker-sandbox/assets/bootstrap.sh

@@ -28,7 +28,7 @@ while [ -n "$HOST_ARRAY" ]; do
                 -e HOSTNAME="$HOST" -e ADVERTISE_IP=$(grep -m 1 "172.* $HOST" /etc/hosts | cut -d " " -f1 ) \
                 -e JOIN=$CLUSTER_ID --net=host --pid=host --privileged --cap-add SYS_ADMIN                  \
                 --device /dev/fuse -v /var/lib/storageos:/var/lib/storageos:rshared                         \
-                -v/run/docker/plugins:/run/docker/plugins -v /sys:/sys storageos/node:1.0.2                 \
+                -v/run/docker/plugins:/run/docker/plugins -v /sys:/sys storageos/node:1.2.0                 \
                 server"; then
 
                 # If the docker container starts successfully then remove that host

environments/docker/packer.json

@@ -131,7 +131,7 @@
 	       "echo options nbd nbds_max=1024 | sudo tee /etc/modprobe.d/nbd.conf",
 	       "sudo curl -sSL https://github.com/storageos/go-cli/releases/download/1.0.0/storageos_linux_amd64 -o /usr/local/bin/storageos",
 	      "sudo chmod +x /usr/local/bin/storageos",
-        "sudo docker pull storageos/node:1.0.2",
+        "sudo docker pull storageos/node:1.2.0",
         "sudo docker pull postgres:latest",
         "sudo docker pull microsoft/mssql-server-linux:2017-latest"
       ]

high-availability/assets/bootstrap.sh

@@ -28,7 +28,7 @@ for HOST in ${HOST_ARRAY[@]}; do
         -e HOSTNAME="$HOST" -e ADVERTISE_IP=$(grep -m 1 "172.* $HOST" /etc/hosts | cut -d " " -f1 ) \
         -e JOIN=$CLUSTER_ID --net=host --pid=host --privileged --cap-add SYS_ADMIN                  \
         --device /dev/fuse -v /var/lib/storageos:/var/lib/storageos:rshared                         \
-        -v/run/docker/plugins:/run/docker/plugins -v /sys:/sys storageos/node:1.0.2                 \
+        -v/run/docker/plugins:/run/docker/plugins -v /sys:/sys storageos/node:1.2.0                 \
         server"; then
 
         # On success print success out to console

install-with-docker/002-installation.md

@@ -31,7 +31,7 @@ In the first terminal:
   --volume=/var/lib/storageos:/var/lib/storageos:rshared \
   --volume=/run/docker/plugins:/run/docker/plugins \
   --volume=/sys:/sys \
-  storageos/node:1.0.2 server`{{execute T1}}`
+  storageos/node:1.2.0 server`{{execute T1}}`
 
 Wait until the container reports that it is healthy:
 

install-with-docker/003-second-node.md

@@ -25,7 +25,7 @@ In the second host terminal:
   --volume=/var/lib/storageos:/var/lib/storageos:rshared \
   --volume=/run/docker/plugins:/run/docker/plugins       \
   --volume=/sys:/sys                                     \
-  storageos/node:1.0.2 server`{{execute T2}}`
+  storageos/node:1.2.0 server`{{execute T2}}`
 
 Wait until the container reports that it is healthy:
 

install-with-docker/004-third-node.md

@@ -25,7 +25,7 @@ In the third host terminal:
   --volume=/var/lib/storageos:/var/lib/storageos:rshared \
   --volume=/run/docker/plugins:/run/docker/plugins       \
   --volume=/sys:/sys                                     \
-  storageos/node:1.0.2 server`{{execute T3}}`
+  storageos/node:1.2.0 server`{{execute T3}}`
 
 Wait until the container reports that it is healthy:
 

k8s-sandbox/000-install-storageos.sh

@@ -1,3 +1,3 @@
 launch.sh
 curl -sSLo storageos https://github.com/storageos/go-cli/releases/download/1.0.0/storageos_linux_amd64 && chmod +x storageos && sudo mv storageos /usr/local/bin/
-ssh  -o "StrictHostKeyChecking=no" root@[[HOST2_IP]] "docker run --name enable_lio --privileged --rm --cap-add=SYS_ADMIN -v /lib/modules:/lib/modules -v /sys:/sys:rshared storageos/init:0.1;docker -H [[HOST2_IP]]:2345 run -d --name storageos -e DISABLE_TELEMETRY=true -e HOSTNAME=node01  -e ADVERTISE_IP=[[HOST2_IP]] -e JOIN=[[HOST2_IP]] --net=host --pid=host --privileged --cap-add SYS_ADMIN --device /dev/fuse -v /sys:/sys -v /var/lib/storageos:/var/lib/storageos:rshared -v /run/docker/plugins:/run/docker/plugins storageos/node:1.0.2 server"
+ssh  -o "StrictHostKeyChecking=no" root@[[HOST2_IP]] "docker run --name enable_lio --privileged --rm --cap-add=SYS_ADMIN -v /lib/modules:/lib/modules -v /sys:/sys:rshared storageos/init:0.1;docker -H [[HOST2_IP]]:2345 run -d --name storageos -e DISABLE_TELEMETRY=true -e HOSTNAME=node01  -e ADVERTISE_IP=[[HOST2_IP]] -e JOIN=[[HOST2_IP]] --net=host --pid=host --privileged --cap-add SYS_ADMIN --device /dev/fuse -v /sys:/sys -v /var/lib/storageos:/var/lib/storageos:rshared -v /run/docker/plugins:/run/docker/plugins storageos/node:1.2.0 server"

k8s-sandbox/assets/storageos-daemonset.yaml

@@ -13,7 +13,7 @@ spec:
       hostNetwork: true
       containers:
       - name: storageos
-        image: storageos/node:1.0.2
+        image: storageos/node:1.2.0
         args:
         - server
         env:
@@ -29,6 +29,8 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: status.podIP
+        - name: DISABLE_TELEMETRY
+          value: "true"
         ports:
         - containerPort: 5705
           name: api

multitenancy/assets/bootstrap.sh

@@ -28,7 +28,7 @@ for HOST in ${HOST_ARRAY[@]}; do
         -e HOSTNAME="$HOST" -e ADVERTISE_IP=$(grep -m 1 "172.* $HOST" /etc/hosts | cut -d " " -f1 ) \
         -e JOIN=$CLUSTER_ID --net=host --pid=host --privileged --cap-add SYS_ADMIN                  \
         --device /dev/fuse -v /var/lib/storageos:/var/lib/storageos:rshared                         \
-        -v/run/docker/plugins:/run/docker/plugins -v /sys:/sys storageos/node:1.0.2                 \
+        -v/run/docker/plugins:/run/docker/plugins -v /sys:/sys storageos/node:1.2.0                 \
         server"; then
 
         # On success print success out to console

openshift311/000-install-storageos.md

@@ -0,0 +1,50 @@
+## Install the StorageOS Operator
+
+The StorageOS operator is an [OpenShift
+Operator](https://operatorhub.io/operator/stable/storageosoperator.v1.1.0) that
+is designed to help manage StorageOS installations. Using the Operator means
+that a lot of the manual configuration that is required for a StorageOS
+installation is no longer required.
+
+``
+git clone https://github.com/storageos/deploy.git storageos
+cd storageos/openshift/deploy-storageos/cluster-operator
+./deploy-operator.sh
+``{{execute}}
+
+## Verify the StorageOS Operator Installation
+
+Verify that a StorageOS operator has been created
+`oc get pods -n storageos-operator`{{execute}}
+
+## Create a StorageOS API secret
+
+A secret defining the StorageOS API username and password needs to be created
+so OpenShift can communicate with StorageOS via the StorageOS API. The API
+username and password will be used to create the default StorageOS account.
+These account details will be used to log in to the StorageOS UI and can be
+used with the StorageOS CLI.
+
+``
+oc create -f - <<END
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "storageos-api"
+  namespace: "default"
+  labels:
+    app: "storageos"
+type: "kubernetes.io/storageos"
+data:
+  apiUsername: c3RvcmFnZW9z
+  apiPassword: c3RvcmFnZW9z
+END
+``{{execute}}
+
+## Create Security Context Constraints (SCC) for StorageOS
+
+The StorageOS service account needs to be granted access to the privileged SCC
+as it creates pods on the behalf of the user.
+
+`oc adm policy add-scc-to-user privileged system:serviceaccount:storageos:storageos-daemonset-sa`{{execute}}
+

openshift311/010-check-cluster.md

@@ -0,0 +1,58 @@
+## Create a StorageOS Cluster
+
+To create a StorageOS cluster a StorageOSCluster resource is created.
+
+A StorageOSCluster is a custom resource acted upon by the StorageOS operator.
+When the StorageOS operator detects a StorageOSCluster resource it will create
+a StorageOS cluster based on the StorageOSCluster resource.
+
+``
+oc create -f - <<END
+apiVersion: "storageos.com/v1"
+kind: StorageOSCluster
+metadata:
+  name: "example-storageos"
+spec:
+  secretRefName: "storageos-api"
+  secretRefNamespace: "default"
+  images:
+    nodeContainer: "storageos/node:1.2.0"
+  disableTelemetry: true
+END
+``{{execute}}
+
+Verify that the pod enters a 1/1 running state. StorageOS pods take
+65s to enter the running state as the node bootstraps and tries to
+discover other cluster members.
+
+`oc get pods -n storageos -w`{{execute}}
+
+Once the pod is running use Ctrl+C to return to the shell. 
+## Check StorageOS status
+
+There are other ways to check the health of the StorageOS cluster 
+
+1. Using StorageOS CLI: ``storageos node ls``{{execute}}
+
+2. Check the health REST API endpoint directly by: ``curl 127.0.0.1:5706/health``{{execute}}
+
+3. Use the StorageOS Web UI
+
+
+## Web UI
+
+StorageOS container spins up a lightweight UI from which you can see and control volumes, nodes, etc.
+
+https://[[HOST_SUBDOMAIN]]-5705-[[KATACODA_HOST]].environments.katacoda.com/
+
+Access the StorageOS UI by clicking on the **StorageOS** tab in the console
+frame of this browser window or use the hyperlink above. This will open the web
+console in another tab or window of your browser.
+
+You should see an **StorageOS login** window with **Username** and **Password** forms.
+
+**Username:** ``storageos``{{copy}}
+**Password:** ``storageos``{{copy}}
+
+The Username and password that are created are defined by in the storageos-api
+secret that was created previously.

openshift311/020-use-volumes.md

@@ -0,0 +1,17 @@
+## Create Persistent Volume Claim
+
+Change directories
+`cd ~`{{execute}}
+
+Then create a PersistentVolumeClaim (PVC)
+`oc create -f pvc.yaml`{{execute}}
+
+Creating a PVC also causes a PersistentVolume to be created
+`oc get pv,pvc`{{execute}}
+
+The PV is provisioned by StorageOS and can be viewed with the StorageOS CLI 
+`storageos volume ls`{{execute}}
+
+See the status of the volume with the oc cli and verify the volume has been successfully provisioned.
+`oc describe pvc`{{execute}}
+

openshift311/025-test-pods.md

@@ -0,0 +1,36 @@
+## Test pods
+
+In this section, we create a pod that mounts a PVC and writes the string
+`Testing StorageOS with Openshift` to a file located on a StorageOS volume.
+Once the pod is finished, we start a different pod that mounts the same volume
+and prints the data to STDOUT.
+
+Create a pod that writes `Testing StorageOS with Openshift` to a file.
+
+`oc create -f pod-write.yaml`{{execute}}
+
+The pod finishes as soon as the file has been written to. 
+
+Once the pod is in a completed state check the data in the volume by attaching
+it to a new pod that will print the  written data to STDOUT.
+
+Wait until the `write` pod finishes.
+
+`until oc get pod write --no-headers | grep -q "Completed"; do echo "Waiting for pod to complete"; sleep 3; done `{{execute}}
+
+`oc delete pod write`{{execute}}
+
+Create the `read` pod. 
+
+`oc create -f pod-read.yaml`{{execute}}
+
+`until oc get pod read --no-headers | grep -q "Completed"; do echo "Waiting for pod to complete"; sleep 3; done `{{execute}}
+
+Check the output of the read pod coming from the persisted volume.
+
+`oc logs read`{{execute}}
+
+You can see that the string `Testing StorageOS with Openshift` has been
+persisted between executions. Keep in mind that it wouldn't have mattered if the pod
+`read` had run on a different host than the `write` pod as StorageOS can
+present volumes across hosts.

openshift311/assets/enable-lio.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+
+set -e
+
+# Configfs can be built in the kernel, hence the module
+# initstate file will not exist. Even though, the mount
+# is present and working
+echo "Checking configfs"
+if mount | grep -q "^configfs on /sys/kernel/config"; then
+    echo "configfs mounted on sys/kernel/config"
+else
+    echo "configfs not mounted, checking if kmod is loaded"
+    state_file=/sys/module/configfs/initstate
+    if [ -f "$state_file" ] && grep -q live "$state_file"; then
+        echo "configfs mod is loaded"
+    else
+        echo "configfs not loaded, executing: modprobe -b configfs"
+        modprobe -b configfs
+    fi
+
+    if mount | grep -q configfs; then
+        echo "configfs mounted"
+    else
+        echo "mounting configfs /sys/kernel/config"
+        mount -t configfs configfs /sys/kernel/config
+    fi
+fi
+
+# Enable a mod if not present
+# /sys/module/$modname/initstate has got the word "live"
+# in case the kernel module is loaded and running
+for mod in target_core_mod tcm_loop target_core_file; do
+    state_file=/sys/module/$mod/initstate
+    if [ -f "$state_file" ] && grep -q live "$state_file"; then
+        echo "Module $mod is running"
+    else
+        echo "Module $mod is not running"
+        echo "executing modprobe -b $mod"
+        modprobe -b $mod
+    fi
+done
+
+# Check if the modules loaded have its
+# directories available on top of configfs
+target_dir=/sys/kernel/config/target
+core_dir="$target_dir"/core
+loop_dir="$target_dir"/loopback
+
+[ ! -d "$target_dir" ] && echo "$target_dir doesn't exist" && exit 1 # Should exist from enabling module
+[ ! -d "$core_dir" ]   && echo "$core_dir doesn't exist"   && exit 1
+[ ! -d "$loop_dir" ]   && echo "$loop_dir doesn't exist. Creating dir manually..." && mkdir $loop_dir
+
+echo "LIO set up is ready!"

openshift311/assets/pod-read.yaml

@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: read
+spec:
+  containers:
+    - name: test
+      image: centos:7
+      command: [ "/bin/sh" ]
+      args:
+      - "-c"
+      - "cat  /mnt/data"
+      volumeMounts:
+        - mountPath: /mnt
+          name: vol
+  volumes:
+    - name: vol
+      persistentVolumeClaim:
+        claimName: pvc001
+

openshift311/assets/pod-write.yaml

@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: write
+spec:
+  restartPolicy: Never
+  containers:
+    - name: test
+      image: centos:7
+      command: [ "/bin/sh" ]
+      args:
+      - "-c"
+      - "echo Testing StorageOS with Openshift > /mnt/data"
+      volumeMounts:
+        - mountPath: /mnt
+          name: vol
+  volumes:
+    - name: vol
+      persistentVolumeClaim:
+        claimName: pvc001

openshift311/assets/pvc.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: pvc001
+  annotations:
+    volume.beta.kubernetes.io/storage-class: fast
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi

openshift311/env-init.sh

@@ -0,0 +1,6 @@
+#ssh root@host01 'sed -i -e "s/slave/rshared/" /etc/systemd/system/multi-user.target.wants/docker.service'
+#ssh root@host01 'systemctl daemon-reload && systemctl restart docker.service'
+ssh root@host01 'curl -skSL https://github.com/storageos/go-cli/releases/download/1.2.0/storageos_linux_amd64 > /usr/local/bin/storageos && chmod +x /usr/local/bin/storageos'
+ssh root@host01 'for i in {1..200}; do oc policy add-role-to-user system:image-puller system:anonymous && break || sleep 1; done'
+ssh root@host01 'oc adm policy add-cluster-role-to-group sudoer system:authenticated'
+ssh root@host01 'for i in {1..200}; do oc get project/openshift && break || sleep 1; done'

openshift311/finish.md

@@ -0,0 +1,15 @@
+<script>
+// Ugly way to log a user completed (moused over the finished bar) with a hubspot tracked page.
+
+function logFinished() {
+  var ifrm = document.createElement("iframe");
+  ifrm.setAttribute("src", "https://resources.storageos.com/tutorial-complete");
+  ifrm.style.width = "0px";
+  ifrm.style.height = "0px";
+  document.body.appendChild(ifrm);
+}
+
+var el = document.getElementById("finished");
+  el.addEventListener("mouseover", logFinished, {once: true});
+</script>
+