Merge pull request #762 from PureStorage-OpenConnect/761-pxb-refactor

refactor pxb scripts

Author: andrewh1978

assets/helm-backup/backup-grpc-api-svc.yml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: px-backup-api-grpc
+  namespace: central
+spec:
+  ports:
+  - name: grpc
+    port: 10002
+    protocol: TCP
+    targetPort: 10002
+  selector:
+    app: px-backup
+  type: NodePort

assets/helm-backup/namespace.yml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: central
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: pxc-credentials
+  namespace: central
+data:
+  mongodb-px-backup-password: UDBydHdvcnhCYWNrdXA=
+  mongodb-root-password: UDBydHdvcnhCYWNrdXA=
+  mongodb-replica-set-key: UDBydHdvcnhCYWNrdXA=
+  postgresql-password: UDBydHdvcnhCYWNrdXA=
+  mysql-password: UDBydHdvcnhCYWNrdXA=

assets/helm-backup/ocp-backup-ui-route.yml

@@ -0,0 +1,14 @@
+kind: Route
+apiVersion: route.openshift.io/v1
+metadata:
+  name: px-backup-ui
+  namespace: central
+spec:
+  to:
+    kind: Service
+    name: px-backup-ui
+    weight: 100
+  port:
+    targetPort: http
+  wildcardPolicy: None
+  

assets/helm-backup/ocp-central-ui-route.yml

@@ -0,0 +1,14 @@
+kind: Route
+apiVersion: route.openshift.io/v1
+metadata:
+  name: px-central-ui
+  namespace: central
+spec:
+  to:
+    kind: Service
+    name: px-central-ui
+    weight: 100
+  port:
+    targetPort: http
+  wildcardPolicy: None
+  

scripts/helm-backup

@@ -1,24 +1,7 @@
 NAMESPACE=central
-VERSION=2.10.1
-
-kubectl apply -f - <<EOF
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: central
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: pxc-credentials
-  namespace: central
-data:
-  mongodb-px-backup-password: UDBydHdvcnhCYWNrdXA=
-  mongodb-root-password: UDBydHdvcnhCYWNrdXA=
-  mongodb-replica-set-key: UDBydHdvcnhCYWNrdXA=
-  postgresql-password: UDBydHdvcnhCYWNrdXA=
-  mysql-password: UDBydHdvcnhCYWNrdXA=
-EOF
+VERSION=2.10.2
+
+kubectl apply -f /assets/helm-backup/namespace.yml
 
 curl -O https://raw.githubusercontent.com/portworx/helm/master/stable/px-central-$VERSION.tgz
 helm install px-central px-central-$VERSION.tgz --namespace $NAMESPACE --create-namespace --version $VERSION --set persistentStorage.enabled=true,persistentStorage.storageClassName="px-csi-db",pxbackup.enabled=true,oidc.centralOIDC.updateAdminProfile=false,installCRDs=true
@@ -44,6 +27,51 @@ kubectl delete job pxcentral-post-install-hook --namespace $NAMESPACE
 helm upgrade px-central px-central-$VERSION.tgz --namespace $NAMESPACE --version $VERSION --reuse-values --set pxmonitor.enabled=true --set pxmonitor.pxCentralEndpoint=$pubIP:$backupPort
 until (kubectl get po -n $NAMESPACE -ljob-name=pxcentral-post-install-hook  -o wide | awk '{print $1, $2, $3}' |grep "Completed"); do echo "Waiting for post install hook";sleep 3; done
 
-#BACKUP_POD_NAME=$(kubectl get pods -n $NAMESPACE -l app=px-backup -o jsonpath='{.items[0].metadata.name}' 2>/dev/null)
-#kubectl cp -n $NAMESPACE $BACKUP_POD_NAME:pxbackupctl/linux/pxbackupctl /usr/bin/pxbackupctl
-#chmod +x /usr/bin/pxbackupctl
+ADMIN_PW=$(kubectl get secret pxcentral-keycloak-http -n central -o jsonpath="{.data.password}" | base64 --decode)
+
+while [ ! -f /usr/local/bin/px ]; do
+  echo "missing px cli. please install manually in /usr/local/bin to proceed"
+  sleep 30
+done
+
+if [ "$platform" = ocp4 ]; then
+  # create ocp route for backup UI
+  kubectl apply -f /assets/helm-backup/ocp-backup-ui-route.yml
+  kubectl apply -f /assets/helm-backup/ocp-central-ui-route.yml
+
+  # expose px-backup service to run pxbackupctl
+  kubectl patch svc px-backup -n central -p '{"spec":{"type":"LoadBalancer"}}'
+  backupIP=$(kubectl get svc px-backup -n central -o json | jq -r ".status.loadBalancer.ingress[0].hostname")
+ 
+  while [ $backupIP = "null" ]; do
+    sleep 2
+    echo "PX Backup grpc LB not assigned"
+    backupIP=$(kubectl get svc px-backup -n central -o json | jq -r ".status.loadBalancer.ingress[0].hostname")
+  done
+  echo "PX Backup grpc LB assigned: $backupIP"
+  
+  backupPort=10002
+  authIP=$(kubectl get route px-central-ui -n central -o json |jq -r ".status.ingress[0].host")
+  authPort=80
+  PXB_URL=$(kubectl get route px-backup-ui -n central -o json |jq -r ".status.ingress[0].host")
+
+else  # platform is k8s on aws
+  IMDSTOKEN=$(curl -s -X PUT 'http://169.254.169.254/latest/api/token' -H 'X-aws-ec2-metadata-token-ttl-seconds: 120')
+  backupIP=$(curl -H "X-aws-ec2-metadata-token: $IMDSTOKEN" -s http://169.254.169.254/latest/meta-data/public-ipv4)
+  authIP=$backupIP
+  authPort=$(kubectl get svc px-central-ui -n central -o=jsonpath='{.spec.ports[?(@.port==80)].nodePort}')
+  #expose px-backup api grpc endpoint
+  kubectl apply -f /assets/helm-backup/backup-grpc-api-svc.yml
+  backupPort=$(kubectl get svc px-backup-api-grpc -n central -o=jsonpath='{.spec.ports[?(@.port==10002)].nodePort}')
+  PXB_URL=$(kubectl get svc px-backup-ui -n central -o=jsonpath='{.status.loadBalancer.ingress[0].hostname}')
+fi
+
+px pxb init config  --px-backup-api-url http://$backupIP:$backupPort --pxcentral-auth-url http://$authIP:$authPort
+px pxb set config --pxcentral-verify-ssl false
+px pxb login --username admin --password $ADMIN_PW
+
+while ! px pxb version; do
+        echo "waiting for grpc availability"
+        sleep 2
+done
+

scripts/helm-backup-apps

@@ -0,0 +1,32 @@
+AWS_ACCESS_KEY=$(sed -n 's/aws_access_key_id[ =]*//p' /root/.aws/credentials 2>/dev/null)
+AWS_SECRET_KEY=$(sed -n 's/aws_secret_access_key[ =]*//p' /root/.aws/credentials 2>/dev/null)
+
+ADMIN_PW=$(kubectl get secret pxcentral-keycloak-http -n central -o jsonpath="{.data.password}" | base64 --decode)
+
+px pxb create cloudcredential --name aws-credential --provider aws --aws-access-key $AWS_ACCESS_KEY --aws-secret-key $AWS_SECRET_KEY
+px pxb create backuplocation --name s3 --provider s3 --path $BACKUP_BUCKET --cloud-credential-name aws-credential --s3-endpoint s3.amazonaws.com --s3-region $aws_region
+px pxb create schedulepolicy --name 15min-schedule --interval-minutes 15 --interval-retain 12
+
+px pxb connect cluster --name cluster-1 --kubeconfig /root/.kube/config
+
+for i in $(seq 2 $clusters); do
+  ssh master-$i cat /root/.kube/config > /tmp/cluster-$i-kube-config
+  px pxb connect cluster --name cluster-$i --kubeconfig /tmp/cluster-$i-kube-config
+done
+
+if [ "$platform" = ocp4 ]; then
+  PXB_URL=$(kubectl get route px-backup-ui -n central -o json |jq -r ".status.ingress[0].host")
+else
+  PXB_URL=$(kubectl get svc px-backup-ui -n central -o=jsonpath='{.status.loadBalancer.ingress[0].hostname}')
+fi
+
+cat <<EOF >> /etc/motd
++================================================+
+SAVE THE FOLLOWING DETAILS FOR FUTURE REFERENCES
++================================================+
+PX-Central User Interface Access URL : http://$PXB_URL
+PX-Central admin user name: admin
+PX-Central admin user password: $ADMIN_PW
++================================================+
+EOF
+

scripts/helm-backup-postinstall

@@ -141,7 +141,7 @@ done
 kubectl apply -f /tmp/px.yml
 
 # Install px cli
-curl -L -o /tmp/pxcli.tgz https://mirrors.portworx.com/packages/px-cli/v1.0.0/px-v1.0.0.linux.amd64.tar.gz
+curl -L -o /tmp/pxcli.tgz https://mirrors.portworx.com/packages/px-cli/v1.1.0/px-v1.1.0.linux.amd64.tar.gz
 tar -xzf /tmp/pxcli.tgz  -C /tmp/
 chmod +x /tmp/px/bin/px* 
 cp /tmp/px/bin/* /usr/local/bin/

scripts/install-px

@@ -7,7 +7,7 @@ clusters: 2
 nodes: 5
 cluster:
   - id: 1
-    scripts: ["helm-backup", "helm-backup-apps"]
+    scripts: ["helm-backup", "helm-backup-postinstall"]
   - id: 2
     scripts: ["clusterpair"]
 env:

templates/ocp-backup.yml

@@ -9,7 +9,7 @@ cloud: "aws"
 clusters: 2
 cluster:
   - id: 1
-    scripts: [ "kubevirt-apps", "helm-backup", "helm-backup-apps"]
+    scripts: [ "kubevirt-apps", "helm-backup", "helm-backup-postinstall"]
   - id: 2
     scripts: ["clusterpair"]
 env: