|
| 1 | +#!/bin/bash |
| 2 | +# |
| 3 | +# Copyright 2024 Red Hat, Inc. |
| 4 | +# |
| 5 | +# Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | +# you may not use this file except in compliance with the License. |
| 7 | +# You may obtain a copy of the License at |
| 8 | +# |
| 9 | +# http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | +# |
| 11 | +# Unless required by applicable law or agreed to in writing, software |
| 12 | +# distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | +# See the License for the specific language governing permissions and |
| 15 | +# limitations under the License. |
| 16 | +# |
| 17 | +# This script checks your SMCP and other resources for fields/features that need to be disabled |
| 18 | +# before safely migrationg to OSSM 3.0. |
| 19 | + |
| 20 | +set -o pipefail -eu |
| 21 | + |
| 22 | +BLUE='\033[1;34m' |
| 23 | +YELLOW='\033[1;33m' |
| 24 | +GREEN='\033[1;32m' |
| 25 | +BLANK='\033[0m' |
| 26 | +WARNING_EMOJI='\u2757' |
| 27 | +SPACER="-----------------------" |
| 28 | + |
| 29 | +LATEST_VERSION=v2.6 |
| 30 | +LATEST_CHART_VERSION=2.6.4 |
| 31 | +TOTAL_WARNINGS=0 |
| 32 | + |
| 33 | +SKIP_PROXY_CHECK=false |
| 34 | + |
| 35 | +# process command line args |
| 36 | +while [[ $# -gt 0 ]]; do |
| 37 | + key="$1" |
| 38 | + case $key in |
| 39 | + --skip-proxy-check) |
| 40 | + SKIP_PROXY_CHECK="${2}" |
| 41 | + shift;shift |
| 42 | + ;; |
| 43 | + -h|--help) |
| 44 | + cat <<HELPMSG |
| 45 | +Valid command line arguments: |
| 46 | + --skip-proxy-check |
| 47 | + If 'true', will skip checking proxies for the latest version. |
| 48 | + Default: false |
| 49 | +HELPMSG |
| 50 | + exit 1 |
| 51 | + ;; |
| 52 | + *) |
| 53 | + echo "ERROR: Unknown argument [$key]. Use --help to see valid arguments." |
| 54 | + exit 1 |
| 55 | + ;; |
| 56 | + esac |
| 57 | +done |
| 58 | + |
| 59 | +warning() { |
| 60 | + echo -e "${YELLOW}${WARNING_EMOJI}$1${BLANK}" |
| 61 | +} |
| 62 | + |
| 63 | +success() { |
| 64 | + echo -e "${GREEN}$1${BLANK}" |
| 65 | +} |
| 66 | + |
| 67 | +if ! command -v jq > /dev/null 2>&1 |
| 68 | +then |
| 69 | + echo "jq must be installed and present in PATH." |
| 70 | + exit 1 |
| 71 | +fi |
| 72 | + |
| 73 | +if ! command -v oc > /dev/null 2>&1 |
| 74 | +then |
| 75 | + echo "oc must be installed and present in PATH." |
| 76 | + exit 1 |
| 77 | +fi |
| 78 | + |
| 79 | +if ! oc whoami > /dev/null 2>&1 |
| 80 | +then |
| 81 | + echo "Unable to use oc. Ensure your cluster is online and you have logged in with 'oc login'" |
| 82 | + exit 1 |
| 83 | +fi |
| 84 | + |
| 85 | +check_smcp() { |
| 86 | + local name=$1 |
| 87 | + local namespace=$2 |
| 88 | + |
| 89 | + local num_warnings=0 |
| 90 | + |
| 91 | + echo -e "$SPACER\nServiceMeshControlPlane\nName: ${BLUE}$name${BLANK}\nNamespace: ${BLUE}$namespace${BLANK}\n" |
| 92 | + |
| 93 | + local smcp |
| 94 | + smcp=$(oc get smcp "$name" -n "$namespace" -o json) |
| 95 | + |
| 96 | + if [ "$(echo "$smcp" | jq -r '.spec.security.manageNetworkPolicy')" != "false" ]; then |
| 97 | + warning "Network Policy is still enabled. Please set '.spec.security.manageNetworkPolicy' = false" |
| 98 | + ((num_warnings+=1)) |
| 99 | + fi |
| 100 | + |
| 101 | + local current_version |
| 102 | + current_version=$(echo "$smcp" | jq -r '.spec.version') |
| 103 | + if [ "$current_version" != "$LATEST_VERSION" ]; then |
| 104 | + warning "Your ServiceMeshControlPlane is not on the latest version. Current version: '$current_version'. Latest version: '$LATEST_VERSION'. Please upgrade your ServiceMeshControlPlane to the latest version." |
| 105 | + ((num_warnings+=1)) |
| 106 | + fi |
| 107 | + |
| 108 | + local current_chart_version |
| 109 | + current_chart_version=$(echo "$smcp" | jq -r '.status.chartVersion') |
| 110 | + if [ "$current_chart_version" != "$LATEST_CHART_VERSION" ]; then |
| 111 | + warning "Your ServiceMeshControlPlane does not have the latest z-stream release. If your ServiceMeshControlPlane is already on the latest version, please ensure your Service Mesh operator is also updated to the latest version. Current version: '$current_chart_version'. Latest version: '$LATEST_CHART_VERSION'." |
| 112 | + ((num_warnings+=1)) |
| 113 | + fi |
| 114 | + |
| 115 | + # Addons |
| 116 | + if [ "$(echo "$smcp" | jq -r '.spec.addons.prometheus.enabled')" != "false" ]; then |
| 117 | + warning "Prometheus addon is still enabled. Please disable the addon by setting '.spec.addons.prometheus.enabled' = false" |
| 118 | + ((num_warnings+=1)) |
| 119 | + fi |
| 120 | + |
| 121 | + if [ "$(echo "$smcp" | jq -r '.spec.addons.kiali.enabled')" != "false" ]; then |
| 122 | + warning "Kiali addon is still enabled. Please disable the addon by setting '.spec.addons.kiali.enabled' = false" |
| 123 | + ((num_warnings+=1)) |
| 124 | + fi |
| 125 | + |
| 126 | + if [ "$(echo "$smcp" | jq -r '.spec.addons.grafana.enabled')" != "false" ]; then |
| 127 | + warning "Grafana addon is enabled. Grafana is no longer supported with Service Mesh 3.x." |
| 128 | + ((num_warnings+=1)) |
| 129 | + fi |
| 130 | + |
| 131 | + if [ "$(echo "$smcp" | jq -r '.spec.tracing.type')" != "None" ]; then |
| 132 | + warning "Tracing addon is still enabled. Please disable the addon by setting '.spec.tracing.type' = None" |
| 133 | + ((num_warnings+=1)) |
| 134 | + fi |
| 135 | + |
| 136 | + if [ "$(echo "$smcp" | jq -r '.spec.gateways.enabled')" != "false" ]; then |
| 137 | + warning "Gateways are still enabled. Please disable gateways by setting '.spec.gateways.enabled' = false" |
| 138 | + ((num_warnings+=1)) |
| 139 | + fi |
| 140 | + |
| 141 | + # IOR is included in the above check since if this top level gateways field |
| 142 | + # is disabled then IOR is disabled too because there won't be any gateways but |
| 143 | + # we're checking it here to remind users to disable it. |
| 144 | + # Default is 'false' so only log a warning if someone has set it to 'true'. |
| 145 | + if [ "$(echo "$smcp" | jq -r '.spec.gateways.openshiftRoute.enabled')" == "true" ]; then |
| 146 | + warning "IOR is still enabled. Please disable IOR gateways by setting '.spec.gateways.openshiftRoute.enabled' = false" |
| 147 | + ((num_warnings+=1)) |
| 148 | + fi |
| 149 | + |
| 150 | + if [ "$num_warnings" -gt 0 ]; then |
| 151 | + ((TOTAL_WARNINGS += num_warnings)) |
| 152 | + echo -e "\n${YELLOW}$num_warnings warnings${BLANK}" |
| 153 | + else |
| 154 | + success "No issues detected with the ServiceMeshControlPlane $name/$namespace." |
| 155 | + fi |
| 156 | +} |
| 157 | + |
| 158 | +check_federation() { |
| 159 | + echo -e "Checking for federation resources...\n" |
| 160 | + local num_warnings=0 |
| 161 | + |
| 162 | + if [ "$(oc get exportedservicesets.federation.maistra.io -A -o jsonpath='{.items}' | jq 'length')" != 0 ]; then |
| 163 | + warning "Detected federation resources 'exportedservicesets'. Migrating federation to 3.0 is not supported. Please remove your federation resources." |
| 164 | + ((num_warnings+=1)) |
| 165 | + fi |
| 166 | + |
| 167 | + if [ "$(oc get importedservicesets.federation.maistra.io -A -o jsonpath='{.items}' | jq 'length')" != 0 ]; then |
| 168 | + warning "Detected federation resources 'importedservicesets'. Migrating federation to 3.0 is not supported. Please remove your federation resources." |
| 169 | + ((num_warnings+=1)) |
| 170 | + fi |
| 171 | + |
| 172 | + if [ "$num_warnings" -gt 0 ]; then |
| 173 | + ((TOTAL_WARNINGS += num_warnings)) |
| 174 | + else |
| 175 | + success "No federation resources found in the cluster." |
| 176 | + fi |
| 177 | + |
| 178 | + echo -e "$SPACER" |
| 179 | +} |
| 180 | + |
| 181 | +check_proxies_updated() { |
| 182 | + echo -e "Checking proxies are up to date...\n" |
| 183 | + local num_warnings=0 |
| 184 | + # Find pods and check each one. |
| 185 | + # Format is name/namespace/version. |
| 186 | + for pod in $(oc get pods -A -l maistra-version -o jsonpath='{range .items[*]}{.metadata.name}/{.metadata.namespace}/{.metadata.labels.maistra-version}{" "}{end}'); do |
| 187 | + IFS="/" read -r name namespace version <<< "$pod" |
| 188 | + # label version format: 2.6.4 --> 2.6 |
| 189 | + local sanitized_version |
| 190 | + sanitized_version=$(cut -c1-3 <<< "$version") |
| 191 | + # latest version format: v2.6 --> 2.6 |
| 192 | + local sanitized_latest_version |
| 193 | + sanitized_latest_version=$(cut -c2- <<< "$LATEST_VERSION") |
| 194 | + if [ "$sanitized_version" != "$sanitized_latest_version" ]; then |
| 195 | + warning "pod: $name/$namespace is running a proxy at an older version: $sanitized_version Please update your ServiceMeshControlPlane to the latest version: ${LATEST_VERSION} and then restart this workload." |
| 196 | + ((num_warnings+=1)) |
| 197 | + fi |
| 198 | + done |
| 199 | + |
| 200 | + if [ "$num_warnings" -gt 0 ]; then |
| 201 | + ((TOTAL_WARNINGS += num_warnings)) |
| 202 | + else |
| 203 | + success "All proxies are on the latest version." |
| 204 | + fi |
| 205 | + |
| 206 | + echo -e "$SPACER" |
| 207 | +} |
| 208 | + |
| 209 | +check_smcps() { |
| 210 | + echo -e "Checking ServiceMeshControlPlanes...\n" |
| 211 | + # Find smcps and check each one. |
| 212 | + # Format is name/namespace. |
| 213 | + for smcp in $(oc get smcp -A -o jsonpath='{range .items[*]}{.metadata.name}/{.metadata.namespace}{" "}{end}'); do |
| 214 | + IFS="/" read -r name namespace <<< "$smcp" |
| 215 | + check_smcp "$name" "$namespace" |
| 216 | + done |
| 217 | + |
| 218 | + echo -e "$SPACER" |
| 219 | +} |
| 220 | + |
| 221 | +check_smcps |
| 222 | +check_federation |
| 223 | +if [ "$SKIP_PROXY_CHECK" != "true" ]; then |
| 224 | + check_proxies_updated |
| 225 | +fi |
| 226 | + |
| 227 | +echo -e "Summary\n" |
| 228 | +if [ "$TOTAL_WARNINGS" -eq 0 ]; then |
| 229 | + success "No issues detected. Proceed with the 2.6 --> 3.0 migration." |
| 230 | +else |
| 231 | + warning "Detected $TOTAL_WARNINGS issues. Please fix these before proceeding with the migration." |
| 232 | +fi |
0 commit comments