Setup NFS by default, for use by kubernetes persistent volumes.

docc-lab · Aug 25, 2021 · 2b01a86 · 2b01a86
1 parent d50a2cd
commit 2b01a86
Show file tree

Hide file tree

Showing 6 changed files with 133 additions and 2 deletions.
diff --git a/profile.py b/profile.py
@@ -179,6 +179,11 @@
     [("proxy","Web Proxy")],
     advanced=True,
     longDescription="Choose where you want the SSL certificates deployed.  Currently the only option is for them to be configured as part of the web proxy to the dashboard.")
+pc.defineParameter(
+    "doNFS","Enable NFS",
+    portal.ParameterType.BOOLEAN,True,
+    longDescription="We enable NFS by default, to be used by persistent volumes in Kubernetes services.",
+    advanced=True)
 
 #
 # Get any input parameter values that will override our defaults.

diff --git a/setup-disk-space.sh b/setup-disk-space.sh
@@ -27,7 +27,6 @@ if [ -f $LOCALSETTINGS ]; then
     . $LOCALSETTINGS
 fi
 
-STORAGEDIR=/storage
 VGNAME="emulab"
 ARCH=`uname -m`
 

diff --git a/setup-driver.sh b/setup-driver.sh
@@ -3,7 +3,8 @@
 set -x
 
 ALLNODESCRIPTS="setup-ssh.sh setup-disk-space.sh"
-HEADNODESCRIPTS="setup-nginx.sh setup-ssl.sh setup-kubespray.sh setup-kubernetes-extra.sh setup-end.sh"
+HEADNODESCRIPTS="setup-nfs-server.sh setup-nginx.sh setup-ssl.sh setup-kubespray.sh setup-kubernetes-extra.sh setup-end.sh"
+WORKERNODESCRIPTS="setup-nfs-client.sh"
 
 export SRC=`dirname $0`
 cd $SRC
@@ -23,6 +24,11 @@ if [ "$HOSTNAME" = "node-0" ]; then
 	cd $SRC
 	$SRC/$script | tee - $OURDIR/${script}.log 2>&1
     done
+else
+    for script in $WORKERNODESCRIPTS ; do
+	cd $SRC
+	$SRC/$script | tee - $OURDIR/${script}.log 2>&1
+    done
 fi
 
 exit 0
diff --git a/setup-lib.sh b/setup-lib.sh
@@ -107,6 +107,10 @@ SINGLENODE_MGMT_NETMASK=255.255.0.0
 SINGLENODE_MGMT_NETBITS=16
 SINGLENODE_MGMT_CIDR=${SINGLENODE_MGMT_IP}/${SINGLENODE_MGMT_NETBITS}
 DOLOCALREGISTRY=1
+STORAGEDIR=/storage
+DONFS=1
+NFSEXPORTDIR=$STORAGEDIR/nfs
+NFSMOUNTDIR=/nfs
 
 #
 # We have an 'admin' user that gets a random password that comes in from
@@ -581,6 +585,23 @@ getnetmaskprefix() {
     echo $prefix
 }
 
+getnetworkip() {
+    node=$1
+    network=$2
+    nodeip=`getnodeip $node $network`
+    netmask=`getnetmask $network`
+
+    IFS=.
+    read -r i1 i2 i3 i4 <<EOF
+$nodeip
+EOF
+    read -r m1 m2 m3 m4 <<EOF
+$netmask
+EOF
+    unset IFS
+    printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
+}
+
 ##
 ## Util functions.
 ##

diff --git a/setup-nfs-client.sh b/setup-nfs-client.sh
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -x
+
+if [ -z "$EUID" ]; then
+    EUID=`id -u`
+fi
+
+# Grab our libs
+. "`dirname $0`/setup-lib.sh"
+
+if [ -f $OURDIR/nfs-client-done ]; then
+    exit 0
+fi
+
+logtstart "nfs-client"
+
+if [ -f $SETTINGS ]; then
+    . $SETTINGS
+fi
+if [ -f $LOCALSETTINGS ]; then
+    . $LOCALSETTINGS
+fi
+
+maybe_install_packages nfs-common
+service_enable rpcbind
+service_start rpcbind
+
+dataip=`getnodeip $HEAD $DATALAN`
+prefix=`getnetmaskprefix $DATALAN`
+
+while ! (rpcinfo -s $dataip | grep -q nfs); do
+    echo "Waiting for NFS server $dataip..."
+    sleep 10
+done
+
+$SUDO mkdir -p $NFSMOUNTDIR
+$SUDO chmod 755 $NFSMOUNTDIR
+echo "$dataip:$NFSEXPORTDIR $NFSMOUNTDIR nfs rw,bg,sync,hard,intr 0 0" | $SUDO tee -a /etc/fstab
+while ! $SUDO mount $NFSMOUNTDIR ; do
+    echo "Mounting $dataip:$NFSEXPORTDIR..."
+    sleep 10
+done
+
+logtend "nfs-client"
+
+touch $OURDIR/nfs-client-done
diff --git a/setup-nfs-server.sh b/setup-nfs-server.sh
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -x
+
+if [ -z "$EUID" ]; then
+    EUID=`id -u`
+fi
+
+# Grab our libs
+. "`dirname $0`/setup-lib.sh"
+
+if [ -f $OURDIR/nfs-server-done ]; then
+    exit 0
+fi
+
+logtstart "nfs-server"
+
+if [ -f $SETTINGS ]; then
+    . $SETTINGS
+fi
+if [ -f $LOCALSETTINGS ]; then
+    . $LOCALSETTINGS
+fi
+
+maybe_install_packages nfs-kernel-server
+service_stop nfs-kernel-server
+
+$SUDO mkdir -p $NFSEXPORTDIR
+$SUDO chmod 755 $NFSEXPORTDIR
+
+dataip=`getnodeip $HEAD $DATALAN`
+prefix=`getnetmaskprefix $DATALAN`
+networkip=`getnetworkip $HEAD $DATALAN`
+
+echo "$NFSEXPORTDIR $networkip/$prefix(rw,sync,no_root_squash,no_subtree_check,fsid=0)" | $SUDO tee -a /etc/exports
+
+echo "OPTIONS=\"-l -h 127.0.0.1 -h $dataip\"" | $SUDO tee /etc/default/rpcbind
+$SUDO sed -i.bak -e "s/^rpcbind/#rpcbind/" /etc/hosts.deny
+echo "rpcbind: ALL EXCEPT 127.0.0.1, $networkip/$prefix" | $SUDO tee -a /etc/hosts.deny
+
+service_enable rpcbind
+service_restart rpcbind
+service_enable nfs-kernel-server
+service_restart nfs-kernel-server
+
+$SUDO mkdir -p $NFSMOUNTDIR
+$SUDO chmod 755 $NFSMOUNTDIR
+echo "$NFSEXPORTDIR $NFSMOUNTDIR none defaults,bind 0 0" | $SUDO tee -a /etc/fstab
+$SUDO mount $NFSMOUNTDIR
+
+logtend "nfs-server"
+
+touch $OURDIR/nfs-server-done