From 29bd8096e025938cac471b28b5ec5edc7f022a02 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Thu, 28 Sep 2023 22:34:05 +0000 Subject: [PATCH] Added rook task. --- .taskfiles/_scripts/wait-for-k8s-job.sh | 14 ++++ .taskfiles/rook/Taskfile.yaml | 91 +++++++++++++++++++++++ .taskfiles/rook/WipeDiskJob.tmpl.yaml | 26 +++++++ .taskfiles/rook/WipeRookDataJob.tmpl.yaml | 29 ++++++++ Taskfile.yaml | 1 + 5 files changed, 161 insertions(+) create mode 100644 .taskfiles/_scripts/wait-for-k8s-job.sh create mode 100644 .taskfiles/rook/Taskfile.yaml create mode 100644 .taskfiles/rook/WipeDiskJob.tmpl.yaml create mode 100644 .taskfiles/rook/WipeRookDataJob.tmpl.yaml diff --git a/.taskfiles/_scripts/wait-for-k8s-job.sh b/.taskfiles/_scripts/wait-for-k8s-job.sh new file mode 100644 index 0000000..32feadd --- /dev/null +++ b/.taskfiles/_scripts/wait-for-k8s-job.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +JOB_NAME=$1 +NAMESPACE="${2:-default}" + +[[ -z "${JOB_NAME}" ]] && echo "Job name not specified" && exit 1 + +while true; do + STATUS="$(kubectl -n "${NAMESPACE}" get pod -l job-name="${JOB_NAME}" -o jsonpath='{.items[*].status.phase}')" + if [ "${STATUS}" == "Pending" ]; then + break + fi + sleep 1 +done diff --git a/.taskfiles/rook/Taskfile.yaml b/.taskfiles/rook/Taskfile.yaml new file mode 100644 index 0000000..5bbfb5c --- /dev/null +++ b/.taskfiles/rook/Taskfile.yaml @@ -0,0 +1,91 @@ +--- +version: "3" + +x-task-vars: &task-vars + node: "{{.node}}" + ceph_disk: "{{.ceph_disk}}" + ts: "{{.ts}}" + jobName: "{{.jobName}}" + +vars: + waitForJobScript: "../_scripts/wait-for-k8s-job.sh" + ts: '{{now | date "150405"}}' + +tasks: + wipe-node-aule: + desc: Trigger a wipe of Rook-Ceph data on node "aule" + cmds: + - task: wipe-disk + vars: + node: "{{.node}}" + ceph_disk: "/dev/disk/by-id/scsi-0HC_Volume_37460833" + - task: wipe-data + vars: + node: "{{.node}}" + vars: + node: aule + + wipe-node-eonwe: + desc: Trigger a wipe of Rook-Ceph data on node "eonwe" + cmds: + - task: wipe-disk + vars: + node: "{{.node}}" + ceph_disk: "/dev/disk/by-id/scsi-0HC_Volume_37460887" + - task: wipe-data + vars: + node: "{{.node}}" + vars: + node: eonwe + + wipe-node-arlen: + desc: Trigger a wipe of Rook-Ceph data on node "arlen" + cmds: + - task: wipe-disk + vars: + node: "{{.node}}" + ceph_disk: "/dev/disk/by-id/scsi-0HC_Volume_37460897" + - task: wipe-data + vars: + node: "{{.node}}" + vars: + node: arlen + + wipe-disk: + desc: Wipe all remnants of rook-ceph from a given disk (ex. task rook:wipe-disk node=aule ceph_disk="/dev/nvme0n1") + silent: true + internal: true + cmds: + - envsubst < <(cat {{.wipeRookDiskJobTemplate}}) | kubectl apply -f - + - bash {{.waitForJobScript}} {{.wipeCephDiskJobName}} default + - kubectl -n default wait job/{{.wipeCephDiskJobName}} --for condition=complete --timeout=1m + - kubectl -n default logs job/{{.wipeCephDiskJobName}} --container list + - kubectl -n default delete job {{.wipeCephDiskJobName}} + vars: + node: '{{ or .node (fail "`node` is required") }}' + ceph_disk: '{{ or .ceph_disk (fail "`ceph_disk` is required") }}' + jobName: 'wipe-disk-{{- .node -}}-{{- .ceph_disk | replace "/" "-" -}}-{{- .ts -}}' + wipeRookDiskJobTemplate: "WipeDiskJob.tmpl.yaml" + env: *task-vars + preconditions: + - sh: test -f {{.waitForJobScript}} + - sh: test -f {{.wipeRookDiskJobTemplate}} + + wipe-data: + desc: Wipe all remnants of rook-ceph from a given disk (ex. task rook:wipe-data node=aule) + silent: true + internal: true + cmds: + - envsubst < <(cat {{.wipeRookDataJobTemplate}}) | kubectl apply -f - + - bash {{.waitForJobScript}} {{.wipeRookDataJobName}} default + - kubectl -n default wait job/{{.wipeRookDataJobName}} --for condition=complete --timeout=1m + - kubectl -n default logs job/{{.wipeRookDataJobName}} --container list + - kubectl -n default delete job {{.wipeRookDataJobName}} + vars: + node: '{{ or .node (fail "`node` is required") }}' + jobName: "wipe-rook-data-{{- .node -}}-{{- .ts -}}" + wipeRookDataJobTemplate: "WipeRookDataJob.tmpl.yaml" + env: *task-vars + preconditions: + - sh: test -f {{.waitForJobScript}} + - sh: test -f {{.wipeRookDataJobTemplate}} diff --git a/.taskfiles/rook/WipeDiskJob.tmpl.yaml b/.taskfiles/rook/WipeDiskJob.tmpl.yaml new file mode 100644 index 0000000..13fa4f7 --- /dev/null +++ b/.taskfiles/rook/WipeDiskJob.tmpl.yaml @@ -0,0 +1,26 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: "${jobName}" + namespace: "default" +spec: + ttlSecondsAfterFinished: 3600 + template: + spec: + automountServiceAccountToken: false + restartPolicy: Never + nodeName: ${node} + containers: + - name: disk-wipe + image: ghcr.io/onedr0p/alpine:3.17.3@sha256:999384960b6114496a5e4036e945141c205d064ce23b87326bd3f8d878c5a9d4 + securityContext: + privileged: true + resources: {} + command: ["/bin/sh", "-c"] + args: + - apk add --no-cache sgdisk util-linux parted; + sgdisk --zap-all ${ceph_disk}; + blkdiscard ${ceph_disk}; + dd if=/dev/zero bs=1M count=10000 oflag=direct of=${ceph_disk}; + partprobe ${ceph_disk}; diff --git a/.taskfiles/rook/WipeRookDataJob.tmpl.yaml b/.taskfiles/rook/WipeRookDataJob.tmpl.yaml new file mode 100644 index 0000000..e5e5eef --- /dev/null +++ b/.taskfiles/rook/WipeRookDataJob.tmpl.yaml @@ -0,0 +1,29 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: "${jobName}" + namespace: "default" +spec: + ttlSecondsAfterFinished: 3600 + template: + spec: + automountServiceAccountToken: false + restartPolicy: Never + nodeName: ${node} + containers: + - name: disk-wipe + image: ghcr.io/onedr0p/alpine:3.17.3@sha256:999384960b6114496a5e4036e945141c205d064ce23b87326bd3f8d878c5a9d4 + securityContext: + privileged: true + resources: {} + command: ["/bin/sh", "-c"] + args: + - rm -rf /mnt/host_var/lib/rook + volumeMounts: + - mountPath: /mnt/host_var + name: host-var + volumes: + - name: host-var + hostPath: + path: /var diff --git a/Taskfile.yaml b/Taskfile.yaml index 443e678..e533d85 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -21,6 +21,7 @@ env: includes: volsync: .taskfiles/VolSync/Tasks.yaml precommit: .taskfiles/PreCommit/Tasks.yaml + rook: .taskfiles/rook/Taskfile.yaml tasks: