jgavinray/install_tinkerbell.sh

## install_tinkerbell.sh
#!/bin/bash

# Become the root user because I didn't verifiy sudo for every command.

# Install Tinkerbell
sudo apt-get update -y
sudo apt-get install -y apt-transport-https \
    ca-certificates \
    curl \
    gnupg-agent \
    ifupdown \
    jq \
    software-properties-common \
    git \
    build-essential \
    net-tools \
    ipmitool \
    wakeonlan \
    qemu-utils

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt-get update -y
sudo apt-get install -y docker-ce docker-ce-cli containerd.io

sudo curl -L \
"https://github.com/docker/compose/releases/download/1.26.0/docker-compose-$(uname -s)-$(uname -m)" \
-o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

sudo mkdir -p /srv/
cd /srv
git clone https://github.com/tinkerbell/sandbox.git tinkerbell
cd tinkerbell
git checkout tags/v0.4.0
INTERFACE=$(ip r | grep default |awk '{print $5}')
TINK_IP=$(ifconfig $INTERFACE | grep broadcast | awk '{print $2}')
TINK_CIDR=$(ip a | grep $TINK_IP | awk '{print $2}' | awk -F'/' '{print $2}')
./generate-envrc.sh $INTERFACE > .env
sed -i "s/export TINKERBELL_CIDR=29/export TINKERBELL_CIDR=$TINK_CIDR/g" .env
sed -i "s/export TINKERBELL_HOST_IP=192.168.1.1/export TINKERBELL_HOST_IP=$TINK_IP/g" .env

source .env
sudo bash setup.sh
cd deploy
docker-compose up -d

cd ..
echo "source /srv/tinkerbell/.env ; alias tink='docker exec -i deploy_tink-cli_1 tink'" > ~/.bash_aliases
source ~/.bash_aliases

# Load images
PUBLIC_REGISTRY="quay.io/tinkerbell-actions"
PRIVATE_REGISTRY=$TINK_IP
IMAGES=( "image2disk:v1.0.0" "kexec:v1.0.0" "rootio:v1.0.0" "archive2disk:v1.0.0" "cexec:v1.0.0" "writefile:v1.0.0" "slurp:v1.0.0" "oci2disk:v1.0.0" "syslinux:v1.0.0" )
for i in "${IMAGES[@]}"; do
    docker pull $PUBLIC_REGISTRY/$i
    docker tag $PUBLIC_REGISTRY/$i $PRIVATE_REGISTRY/$i
    docker push $PRIVATE_REGISTRY/$i
done
docker pull hello-world
docker tag hello-world $PRIVATE_REGISTRY/hello-world
docker push $PRIVATE_REGISTRY/hello-world

# Load Operating System Images
mkdir -p /srv/tinkerbell/deploy/state/webroot/images/
wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
qemu-img convert focal-server-cloudimg-amd64.img -O raw /srv/tinkerbell/deploy/state/webroot/images/focal-server-cloudimg-amd64.raw
gzip /srv/tinkerbell/deploy/state/webroot/images/focal-server-cloudimg-amd64.raw
rm -f focal-server-cloudimg-amd64.img

# Replace OSIE with Hook
cd
git clone https://github.com/linuxkit/linuxkit
cd linuxkit
git checkout
make
make install
cd ..
git clone https://github.com/tinkerbell/hook.git
cd hook
mkdir -p out ccece6a4889e15850dfbaf6d5170939c83edb103
linuxkit build -docker -pull -format kernel+initrd -name hook-x86_64 -dir out hook.yaml
mv out/hook-x86_64-kernel out/vmlinuz-x86_64
mv out/hook-x86_64-initrd.img out/initramfs-x86_64
mv /srv/tinkerbell/deploy/state/webroot/misc/osie/current/ /srv/tinkerbell/deploy/state/webroot/misc/osie/osie/
mv out/ /srv/tinkerbell/deploy/state/webroot/misc/osie/current/

# Do a little cleanup
cd
rm -rf hook linuxkit

## run_deployment.sh
#!/bin/bash
tink hardware push < server01.json
TEMPLATE_ID=$(tink template create < templates/ubuntu_20.04.yaml | awk '{print $3}')
tink workflow create -t $TEMPLATE_ID -r '
{
  "global":{
    "http_mirror": "http://192.168.161.2:8080"
  },
  "hardware": {
    "mac_address": "00:23:24:52:d5:d4",
    "nic_name": "enp2s0",
    "disk": {
      "dev": "/dev/sda",
      "partition": "/dev/sda1"
    }
  },
  "identity": {
    "hostname": "myinstance",
    "username": "ubuntu",
    "ssh_keys": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG59R8J3C4g4ltTV8yV/XO4cBysJxytZNioT3IO12tQ1",
    "user_data": "IyEvYmluL2Jhc2gKZWNobyAiSGVsbG8gd29ybGQgZnJvbSB0aW5rZXJiZWxsISIgPiAvcm9vdC9oZWxsb193b3JsZC50eHQK"
  }
}'

## seed_http_files.sh
#!/bin/bash
# Download Ubuntu image
SANDBOX_WEB_ROOT="/srv/tinkerbell/deploy/state/webroot"
apt-get update -y
apt-get install -y qemu-utils
mkdir -p $SANDBOX_REPO_ROOT/images/
wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
qemu-img convert focal-server-cloudimg-amd64.img -O raw $SANDBOX_WEB_ROOT/images/focal-server-cloudimg-amd64.raw
gzip $SANDBOX_WEB_ROOT/images/focal-server-cloudimg-amd64.raw
rm -f focal-server-cloudimg-amd64.img

# Place the netplan file
mkdir -p $SANDBOX_WEB_ROOT/configs
cat <<-EOF > $SANDBOX_WEB_ROOT/configs/netplan.yaml
network:
  ethernets:
    __INTERFACE__:
      dhcp4: true
  version: 2
EOF

## server01.json
{
  "id": "6da7c158-1095-4974-8f8f-b90b166da77e",
  "network": {
    "interfaces": [
      {
        "dhcp": {
          "arch": "x86_64",
          "hostname": "server01",
          "ip": {
            "address": "192.168.161.5",
            "gateway": "192.168.161.254",
            "netmask": "255.255.255.0"
          },
          "mac": "00:23:24:52:d5:d4",
          "uefi": false
        },
        "netboot": {
          "allow_pxe": true,
          "allow_workflow": true
        }
      }
    ]
  }
}

## ubuntu_20.04.yaml
version: "0.1"
name: Ubuntu_Focal_Image
global_timeout: 1800
tasks:
  - name: "os-installation"
    worker: "{{.hardware.mac_address}}"
    volumes:
      - /dev:/dev
      - /dev/console:/dev/console
      - /lib/firmware:/lib/firmware:ro
    actions:
      - name: "stream-os-image"
        image: image2disk:v1.0.0
        timeout: 600
        environment:
          DEST_DISK: "{{.hardware.disk.dev}}"
          IMG_URL: "{{.global.http_mirror}}/images/focal-server-cloudimg-amd64.raw.gz"
          COMPRESSED: true
      - name: grow-root-fs
        image: cexec:v1.0.0
        timeout: 90
        environment:
          BLOCK_DEVICE: "{{.hardware.disk.partition}}"
          FS_TYPE: ext4
          CHROOT: y
          DEFAULT_INTERPRETER: "/bin/sh -c"
          CMD_LINE:
            growpart {{.hardware.disk.dev}} 1;
            resize2fs {{.hardware.disk.partition}}
      - name: set-hostname
        image: cexec:v1.0.0
        timeout: 90
        environment:
          BLOCK_DEVICE: "{{.hardware.disk.partition}}"
          FS_TYPE: ext4
          CHROOT: y
          DEFAULT_INTERPRETER: "/bin/sh -c"
          CMD_LINE:
            echo {{.identity.hostname}} > /etc/hostname
      - name: enable-passwordless-sudo
        image: cexec:v1.0.0
        timeout: 90
        environment:
          BLOCK_DEVICE: "{{.hardware.disk.partition}}"
          FS_TYPE: ext4
          CHROOT: y
          DEFAULT_INTERPRETER: "/bin/sh -c"
          CMD_LINE:
            sed -i "s/%sudo\tALL=(ALL:ALL) ALL/%sudo\tALL=(ALL:ALL) NOPASSWD:ALL/g" /etc/sudoers
      - name: "generate-ssh-keys"
        image: cexec:v1.0.0
        timeout: 90
        environment:
          BLOCK_DEVICE: "{{.hardware.disk.partition}}"
          FS_TYPE: ext4
          CHROOT: y
          DEFAULT_INTERPRETER: "/bin/sh -c"
          CMD_LINE:
            ssh-keygen -A
      - name: "set-root-password"
        image: cexec:v1.0.0
        timeout: 90
        environment:
          BLOCK_DEVICE: "{{.hardware.disk.partition}}"
          FS_TYPE: ext4
          CHROOT: y
          DEFAULT_INTERPRETER: "/bin/sh -c"
          CMD_LINE:
            echo 'root:L3tM3!nM@n' | chpasswd
      - name: "configure-user"
        image: cexec:v1.0.0
        timeout: 90
        environment:
          BLOCK_DEVICE: "{{.hardware.disk.partition}}"
          FS_TYPE: ext4
          CHROOT: y
          DEFAULT_INTERPRETER: "/bin/sh -c"
          CMD_LINE:
            useradd -s /bin/bash -G sudo {{.identity.username}};
            mkdir -p /home/{{.identity.username}}/.ssh;
            echo {{.identity.ssh_keys}} >> /home/{{.identity.username}}/.ssh/authorized_keys;
            chown -R {{.identity.username}}:{{.identity.username}} /home/{{.identity.username}};
            chmod 0700 /home/{{.identity.username}}/.ssh;
            chmod 0600 /home/{{.identity.username}}/.ssh/authorized_keys
      - name: "add-network-config"
        image: cexec:v1.0.0
        timeout: 90
        environment:
          BLOCK_DEVICE: "{{.hardware.disk.partition}}"
          FS_TYPE: ext4
          CHROOT: y
          DEFAULT_INTERPRETER: "/bin/sh -c"
          CMD_LINE:
            curl -Lo /etc/netplan/00-tinkerbell-config.yaml {{.global.http_mirror}}/configs/netplan.yaml;
            sed -i "s/__INTERFACE__/{{.hardware.nic_name}}/g" /etc/netplan/00-tinkerbell-config.yaml
      - name: "kexec-os"
        image: kexec:v1.0.0
        timeout: 90
        pid: host
        environment:
          BLOCK_DEVICE: "{{.hardware.disk.partition}}"
          FS_TYPE: ext4
	#!/bin/bash

	# Become the root user because I didn't verifiy sudo for every command.

	# Install Tinkerbell
	sudo apt-get update -y
	sudo apt-get install -y apt-transport-https \
	ca-certificates \
	curl \
	gnupg-agent \
	ifupdown \
	jq \
	software-properties-common \
	git \
	build-essential \
	net-tools \
	ipmitool \
	wakeonlan \
	qemu-utils

	curl -fsSL https://download.docker.com/linux/ubuntu/gpg \| sudo apt-key add -
	sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
	sudo apt-get update -y
	sudo apt-get install -y docker-ce docker-ce-cli containerd.io

	sudo curl -L \
	"https://github.com/docker/compose/releases/download/1.26.0/docker-compose-$(uname -s)-$(uname -m)" \
	-o /usr/local/bin/docker-compose
	sudo chmod +x /usr/local/bin/docker-compose

	sudo mkdir -p /srv/
	cd /srv
	git clone https://github.com/tinkerbell/sandbox.git tinkerbell
	cd tinkerbell
	git checkout tags/v0.4.0
	INTERFACE=$(ip r \| grep default \|awk '{print $5}')
	TINK_IP=$(ifconfig $INTERFACE \| grep broadcast \| awk '{print $2}')
	TINK_CIDR=$(ip a \| grep $TINK_IP \| awk '{print $2}' \| awk -F'/' '{print $2}')
	./generate-envrc.sh $INTERFACE > .env
	sed -i "s/export TINKERBELL_CIDR=29/export TINKERBELL_CIDR=$TINK_CIDR/g" .env
	sed -i "s/export TINKERBELL_HOST_IP=192.168.1.1/export TINKERBELL_HOST_IP=$TINK_IP/g" .env

	source .env
	sudo bash setup.sh
	cd deploy
	docker-compose up -d

	cd ..
	echo "source /srv/tinkerbell/.env ; alias tink='docker exec -i deploy_tink-cli_1 tink'" > ~/.bash_aliases
	source ~/.bash_aliases

	# Load images
	PUBLIC_REGISTRY="quay.io/tinkerbell-actions"
	PRIVATE_REGISTRY=$TINK_IP
	IMAGES=( "image2disk:v1.0.0" "kexec:v1.0.0" "rootio:v1.0.0" "archive2disk:v1.0.0" "cexec:v1.0.0" "writefile:v1.0.0" "slurp:v1.0.0" "oci2disk:v1.0.0" "syslinux:v1.0.0" )
	for i in "${IMAGES[@]}"; do
	docker pull $PUBLIC_REGISTRY/$i
	docker tag $PUBLIC_REGISTRY/$i $PRIVATE_REGISTRY/$i
	docker push $PRIVATE_REGISTRY/$i
	done
	docker pull hello-world
	docker tag hello-world $PRIVATE_REGISTRY/hello-world
	docker push $PRIVATE_REGISTRY/hello-world

	# Load Operating System Images
	mkdir -p /srv/tinkerbell/deploy/state/webroot/images/
	wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
	qemu-img convert focal-server-cloudimg-amd64.img -O raw /srv/tinkerbell/deploy/state/webroot/images/focal-server-cloudimg-amd64.raw
	gzip /srv/tinkerbell/deploy/state/webroot/images/focal-server-cloudimg-amd64.raw
	rm -f focal-server-cloudimg-amd64.img

	# Replace OSIE with Hook
	cd
	git clone https://github.com/linuxkit/linuxkit
	cd linuxkit
	git checkout
	make
	make install
	cd ..
	git clone https://github.com/tinkerbell/hook.git
	cd hook
	mkdir -p out ccece6a4889e15850dfbaf6d5170939c83edb103
	linuxkit build -docker -pull -format kernel+initrd -name hook-x86_64 -dir out hook.yaml
	mv out/hook-x86_64-kernel out/vmlinuz-x86_64
	mv out/hook-x86_64-initrd.img out/initramfs-x86_64
	mv /srv/tinkerbell/deploy/state/webroot/misc/osie/current/ /srv/tinkerbell/deploy/state/webroot/misc/osie/osie/
	mv out/ /srv/tinkerbell/deploy/state/webroot/misc/osie/current/

	# Do a little cleanup
	cd
	rm -rf hook linuxkit
	#!/bin/bash
	tink hardware push < server01.json
	TEMPLATE_ID=$(tink template create < templates/ubuntu_20.04.yaml \| awk '{print $3}')
	tink workflow create -t $TEMPLATE_ID -r '
	{
	"global":{
	"http_mirror": "http://192.168.161.2:8080"
	},
	"hardware": {
	"mac_address": "00:23:24:52:d5:d4",
	"nic_name": "enp2s0",
	"disk": {
	"dev": "/dev/sda",
	"partition": "/dev/sda1"
	}
	},
	"identity": {
	"hostname": "myinstance",
	"username": "ubuntu",
	"ssh_keys": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG59R8J3C4g4ltTV8yV/XO4cBysJxytZNioT3IO12tQ1",
	"user_data": "IyEvYmluL2Jhc2gKZWNobyAiSGVsbG8gd29ybGQgZnJvbSB0aW5rZXJiZWxsISIgPiAvcm9vdC9oZWxsb193b3JsZC50eHQK"
	}
	}'
	#!/bin/bash
	# Download Ubuntu image
	SANDBOX_WEB_ROOT="/srv/tinkerbell/deploy/state/webroot"
	apt-get update -y
	apt-get install -y qemu-utils
	mkdir -p $SANDBOX_REPO_ROOT/images/
	wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
	qemu-img convert focal-server-cloudimg-amd64.img -O raw $SANDBOX_WEB_ROOT/images/focal-server-cloudimg-amd64.raw
	gzip $SANDBOX_WEB_ROOT/images/focal-server-cloudimg-amd64.raw
	rm -f focal-server-cloudimg-amd64.img

	# Place the netplan file
	mkdir -p $SANDBOX_WEB_ROOT/configs
	cat <<-EOF > $SANDBOX_WEB_ROOT/configs/netplan.yaml
	network:
	ethernets:
	__INTERFACE__:
	dhcp4: true
	version: 2
	EOF
	{
	"id": "6da7c158-1095-4974-8f8f-b90b166da77e",
	"network": {
	"interfaces": [
	{
	"dhcp": {
	"arch": "x86_64",
	"hostname": "server01",
	"ip": {
	"address": "192.168.161.5",
	"gateway": "192.168.161.254",
	"netmask": "255.255.255.0"
	},
	"mac": "00:23:24:52:d5:d4",
	"uefi": false
	},
	"netboot": {
	"allow_pxe": true,
	"allow_workflow": true
	}
	}
	]
	}
	}
	version: "0.1"
	name: Ubuntu_Focal_Image
	global_timeout: 1800
	tasks:
	- name: "os-installation"
	worker: "{{.hardware.mac_address}}"
	volumes:
	- /dev:/dev
	- /dev/console:/dev/console
	- /lib/firmware:/lib/firmware:ro
	actions:
	- name: "stream-os-image"
	image: image2disk:v1.0.0
	timeout: 600
	environment:
	DEST_DISK: "{{.hardware.disk.dev}}"
	IMG_URL: "{{.global.http_mirror}}/images/focal-server-cloudimg-amd64.raw.gz"
	COMPRESSED: true
	- name: grow-root-fs
	image: cexec:v1.0.0
	timeout: 90
	environment:
	BLOCK_DEVICE: "{{.hardware.disk.partition}}"
	FS_TYPE: ext4
	CHROOT: y
	DEFAULT_INTERPRETER: "/bin/sh -c"
	CMD_LINE:
	growpart {{.hardware.disk.dev}} 1;
	resize2fs {{.hardware.disk.partition}}
	- name: set-hostname
	image: cexec:v1.0.0
	timeout: 90
	environment:
	BLOCK_DEVICE: "{{.hardware.disk.partition}}"
	FS_TYPE: ext4
	CHROOT: y
	DEFAULT_INTERPRETER: "/bin/sh -c"
	CMD_LINE:
	echo {{.identity.hostname}} > /etc/hostname
	- name: enable-passwordless-sudo
	image: cexec:v1.0.0
	timeout: 90
	environment:
	BLOCK_DEVICE: "{{.hardware.disk.partition}}"
	FS_TYPE: ext4
	CHROOT: y
	DEFAULT_INTERPRETER: "/bin/sh -c"
	CMD_LINE:
	sed -i "s/%sudo\tALL=(ALL:ALL) ALL/%sudo\tALL=(ALL:ALL) NOPASSWD:ALL/g" /etc/sudoers
	- name: "generate-ssh-keys"
	image: cexec:v1.0.0
	timeout: 90
	environment:
	BLOCK_DEVICE: "{{.hardware.disk.partition}}"
	FS_TYPE: ext4
	CHROOT: y
	DEFAULT_INTERPRETER: "/bin/sh -c"
	CMD_LINE:
	ssh-keygen -A
	- name: "set-root-password"
	image: cexec:v1.0.0
	timeout: 90
	environment:
	BLOCK_DEVICE: "{{.hardware.disk.partition}}"
	FS_TYPE: ext4
	CHROOT: y
	DEFAULT_INTERPRETER: "/bin/sh -c"
	CMD_LINE:
	echo 'root:L3tM3!nM@n' \| chpasswd
	- name: "configure-user"
	image: cexec:v1.0.0
	timeout: 90
	environment:
	BLOCK_DEVICE: "{{.hardware.disk.partition}}"
	FS_TYPE: ext4
	CHROOT: y
	DEFAULT_INTERPRETER: "/bin/sh -c"
	CMD_LINE:
	useradd -s /bin/bash -G sudo {{.identity.username}};
	mkdir -p /home/{{.identity.username}}/.ssh;
	echo {{.identity.ssh_keys}} >> /home/{{.identity.username}}/.ssh/authorized_keys;
	chown -R {{.identity.username}}:{{.identity.username}} /home/{{.identity.username}};
	chmod 0700 /home/{{.identity.username}}/.ssh;
	chmod 0600 /home/{{.identity.username}}/.ssh/authorized_keys
	- name: "add-network-config"
	image: cexec:v1.0.0
	timeout: 90
	environment:
	BLOCK_DEVICE: "{{.hardware.disk.partition}}"
	FS_TYPE: ext4
	CHROOT: y
	DEFAULT_INTERPRETER: "/bin/sh -c"
	CMD_LINE:
	curl -Lo /etc/netplan/00-tinkerbell-config.yaml {{.global.http_mirror}}/configs/netplan.yaml;
	sed -i "s/__INTERFACE__/{{.hardware.nic_name}}/g" /etc/netplan/00-tinkerbell-config.yaml
	- name: "kexec-os"
	image: kexec:v1.0.0
	timeout: 90
	pid: host
	environment:
	BLOCK_DEVICE: "{{.hardware.disk.partition}}"
	FS_TYPE: ext4