Node management, registry addon

Author: antoineleclair

src/commands/init.ts

@@ -191,24 +191,30 @@ async function uploadLocalImage({image, ssh, verbose}: {image: string; ssh: Node
   }
 }
 
-async function installDockerIfNeeded({
+export async function installDockerIfNeeded({
   dockerAlreadyInstalled,
+  dockerVersion,
   verbose,
   ssh,
   progressBar,
 }: {
   dockerAlreadyInstalled: boolean
+  dockerVersion?: string,
   verbose: boolean
   ssh: NodeSSH
   progressBar: SingleBar | undefined
 }): Promise<void> {
   if (!dockerAlreadyInstalled) {
     if (verbose) {
-      process.stdout.write('Installing Docker\n')
+      if (dockerVersion === undefined) {
+        process.stdout.write('Installing Docker\n')
+      } else {
+        process.stdout.write(`Installing Docker ${dockerVersion}\n`)
+      }
     }
 
     try {
-      await installDocker({ssh, verbose, progressBar})
+      await installDocker({ssh, dockerVersion, verbose, progressBar})
     } catch (error) {
       if ((error as Error).toString().includes('Could not get lock')) {
         throw new Error(`Package manager already busy. Try again in a few minutes.`)
@@ -247,7 +253,7 @@ async function getSshPrivateKeyPaths(): Promise<string[]> {
   return privKeyPaths
 }
 
-async function connectSsh({
+export async function connectSsh({
   host,
   username,
   password,
@@ -291,17 +297,19 @@ async function connectSsh({
   throw new Error('Failed to connect with SSH')
 }
 
-async function checkDockerInstalled(ssh: NodeSSH): Promise<boolean> {
+export async function checkDockerInstalled(ssh: NodeSSH): Promise<boolean> {
   const {code} = await ssh.execCommand('command -v docker >/dev/null 2>&1')
   return code === 0
 }
 
 async function installDocker({
   ssh,
+  dockerVersion,
   verbose,
   progressBar,
 }: {
   ssh: NodeSSH
+  dockerVersion?: string
   verbose: boolean
   progressBar: SingleBar | undefined
 }): Promise<void> {
@@ -316,9 +324,21 @@ async function installDocker({
       '$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | ' +
       'sudo tee /etc/apt/sources.list.d/docker.list > /dev/null',
     'sudo apt-get update',
-    'DEBIAN_FRONTEND=noninteractive sudo apt-get install -y docker-ce docker-ce-cli ' +
-      'containerd.io docker-buildx-plugin docker-compose-plugin',
   ]
+  if (dockerVersion === undefined) {
+    commands.push(
+      'DEBIAN_FRONTEND=noninteractive sudo apt-get install -y docker-ce docker-ce-cli ' +
+        'containerd.io docker-buildx-plugin docker-compose-plugin',
+    )
+  } else {
+    commands.push(
+      `DEBIAN_FRONTEND=noninteractive sudo apt-get install -y \
+        docker-ce=$(apt-cache madison docker-ce | grep --fixed-strings ${dockerVersion} | head -1 | awk '{print $3}') \
+        docker-ce-cli=$(apt-cache madison docker-ce-cli | grep --fixed-strings ${dockerVersion} | head -1 | awk '{print $3}') \
+        containerd.io docker-buildx-plugin docker-compose-plugin`,
+    )
+  }
+
   for await (const command of commands) {
     await runSshCommand({ssh, command, verbose, progressBar})
   }
@@ -362,7 +382,7 @@ async function initDisco({
   return apiKey
 }
 
-function extractApiKey(output: string): string {
+export function extractApiKey(output: string): string {
   const match = output.match(/Created API key: ([a-z0-9]{32})/)
   if (!match) {
     throw new Error('could not extract API key')
@@ -371,7 +391,7 @@ function extractApiKey(output: string): string {
   return match[1]
 }
 
-async function runSshCommand({
+export async function runSshCommand({
   ssh,
   command,
   stdin,
@@ -422,7 +442,7 @@ async function runSshCommand({
   return stdout
 }
 
-async function userCanSudoWitoutPassword({ssh, verbose}: {ssh: NodeSSH; verbose: boolean}): Promise<boolean> {
+export async function userCanSudoWitoutPassword({ssh, verbose}: {ssh: NodeSSH; verbose: boolean}): Promise<boolean> {
   try {
     await runSshCommand({ssh, command: 'sudo -n true', verbose, progressBar: undefined})
     if (verbose) {
@@ -439,7 +459,7 @@ async function userCanSudoWitoutPassword({ssh, verbose}: {ssh: NodeSSH; verbose:
   }
 }
 
-async function setupRootSshAccess({
+export async function setupRootSshAccess({
   ssh,
   verbose,
   password,

src/commands/nodes/add.ts

@@ -1,100 +1,144 @@
 import {Args, Command, Flags} from '@oclif/core'
-
+import {NodeSSH} from 'node-ssh'
+import inquirerPassword from '@inquirer/password'
+import {SingleBar} from 'cli-progress'
 import {getDisco} from '../../config.js'
 import {request} from '../../auth-request.js'
-
-import * as fs from 'node:fs'
-import * as os from 'node:os'
-import * as path from 'node:path'
-import {NodeSSH} from 'node-ssh'
-
-const GET_NODE_SCRIPT_URL = (version: string) => `https://downloads.letsdisco.dev/${version}/node`
+import { checkDockerInstalled, connectSsh, installDockerIfNeeded, runSshCommand, setupRootSshAccess, userCanSudoWitoutPassword } from '../init.js'
 
 export default class NodesAdd extends Command {
-  static override args = {
-    sshString: Args.string({description: 'ssh user@IP to connect to new machine', required: true}),
+  static args = {
+    sshString: Args.string({required: true}),
   }
 
-  static override description = 'add a new server to your deployment'
+  static description = 'initializes a new server'
 
-  static override examples = ['<%= config.bin %> <%= command.id %> [email protected]']
+  static examples = [
+    '<%= config.bin %> <%= command.id %> [email protected]',
+    '<%= config.bin %> <%= command.id %> [email protected] --version 0.4.0',
+  ]
 
-  static override flags = {
+  static flags = {
+    verbose: Flags.boolean({default: false, description: 'show extra output'}),
+    'identity-file': Flags.string({
+      char: 'i',
+      description: 'SSH key to use for authentication',
+    }),
     disco: Flags.string({required: false}),
-    version: Flags.string({required: false, default: 'latest'}),
   }
 
   public async run(): Promise<void> {
     const {args, flags} = await this.parse(NodesAdd)
-    const discoConfig = getDisco(flags.disco || null)
-    // eslint-disable-next-line new-cap
-    const nodeScriptUrl = GET_NODE_SCRIPT_URL(flags.version)
+    const {verbose, 'identity-file': identityFile, disco} = flags
+
+    const discoConfig = getDisco(disco || null)
 
     const url = `https://${discoConfig.host}/api/disco/swarm/join-token`
     const res = await request({
       method: 'GET',
       url,
       discoConfig,
     })
-    const data = (await res.json()) as any
-
-    const token = data.joinToken
-    const {ip} = data
-    const command = `curl ${nodeScriptUrl} | sudo IP=${ip} TOKEN=${token} sh`
+    const {joinToken, ip: leaderIp, dockerVersion, registryHost} = (await res.json()) as {
+      joinToken: string
+      ip: string
+      dockerVersion: string
+      registryHost: null | string
+    }
 
-    // TODO centralize this code which is identical to code in init.ts
+    if (registryHost === null) {
+      this.log("Image registry not configured")
+      this.log("You can install the addon by using the command disco registry:addon:install. For example:")
+      this.log(`disco registry:addon:install --domain registry.example.com --disco ${discoConfig.name}`)
+      return;
+    }
 
-    const [username, host] = args.sshString.split('@')
+    const [argUsername, host] = args.sshString.split('@')
 
-    const sshKeyPaths = [
-      path.join(os.homedir(), '.ssh', 'id_ed25519'),
-      path.join(os.homedir(), '.ssh', 'id_rsa'),
-    ].filter((p) => {
-      try {
-        return fs.statSync(p).isFile()
-      } catch {
-        return false
-      }
-    })
+    let username = argUsername
 
-    if (sshKeyPaths.length === 0) {
-      this.error('could not find an SSH key in ~/.ssh')
+    let ssh
+    let password
+    try {
+      ;({ssh, password} = await connectSsh({host, username, identityFile}))
+    } catch {
+      this.error('could not connect to SSH')
     }
 
-    const ssh = new NodeSSH()
+    if (username !== 'root') {
+      const canSudoWithoutPassword = await userCanSudoWitoutPassword({ssh, verbose})
+      // use password if provided, or ask for one if needed
+      const passwordToUse =
+        password === undefined
+          ? canSudoWithoutPassword
+            ? undefined
+            : await inquirerPassword({message: `${username}@${host}'s password:`})
+          : password
+      if (verbose) {
+        if (passwordToUse === undefined) {
+          process.stdout.write('Will not use password\n')
+        } else {
+          process.stdout.write('Will use password\n')
+        }
+      }
 
-    let connected = false
-    for await (const sshKeyPath of sshKeyPaths) {
+      await setupRootSshAccess({ssh, password: passwordToUse, verbose})
+      username = 'root'
       try {
-        await ssh.connect({
-          host,
-          privateKeyPath: sshKeyPath,
-          username,
-        })
-        connected = true
-        break
+        ;({ssh, password} = await connectSsh({host, username, identityFile}))
       } catch {
-        // skip error
+        this.error('could not connect to SSH as root')
       }
     }
 
-    if (!connected) {
-      this.error('could not connect to server')
+    const dockerAlreadyInstalled = await checkDockerInstalled(ssh)
+    let progressBar
+    if (!verbose) {
+      const dockerInstallOutputCount = 309
+      const count = dockerAlreadyInstalled ? 0 : dockerInstallOutputCount;
+      progressBar = new SingleBar({format: '[{bar}] {percentage}%', clearOnComplete: true})
+      progressBar.start(count, 0)
     }
 
-    this.log('connected')
+    await installDockerIfNeeded({dockerAlreadyInstalled, verbose, ssh, dockerVersion, progressBar})
 
-    // do something with stderr output?
-    const {code} = await ssh.execCommand(command, {
-      onStdout(chunk) {
-        const str = chunk.toString('utf8')
-        process.stdout.write(str)
-      },
-    })
-    if (code !== 0) {
-      this.error('failed to run ssh script')
+
+    if (verbose) {
+      this.log('Joining Swarm')
     }
 
+    await joinSwarm({
+      ssh,
+      joinToken,
+      leaderIp,
+      verbose,
+      progressBar,
+    })
+
     ssh.dispose()
+    if (progressBar !== undefined) {
+      progressBar.stop()
+    }
+
+    this.log('Done')
   }
 }
+
+
+async function joinSwarm({
+  ssh,
+  joinToken,
+  leaderIp,
+  verbose,
+  progressBar,
+}: {
+  ssh: NodeSSH
+  joinToken: string,
+  leaderIp: string,
+  verbose: boolean
+  progressBar: SingleBar | undefined
+}): Promise<void> {
+  const command = `docker swarm join --token ${joinToken} ${leaderIp}:2377`;
+  await runSshCommand({ssh, command, verbose, progressBar})
+}
+

src/commands/nodes/list.ts

@@ -0,0 +1,42 @@
+import {Command, Flags} from '@oclif/core'
+import {getDisco} from '../../config.js'
+import {request} from '../../auth-request.js'
+
+export default class NodesList extends Command {
+  static description = 'show node list'
+
+  static examples = [
+    '<%= config.bin %> <%= command.id %>',
+  ]
+
+  static flags = {
+    disco: Flags.string({required: false}),
+  }
+
+  public async run(): Promise<void> {
+    const {flags} = await this.parse(NodesList)
+    const {disco} = flags
+
+    const discoConfig = getDisco(disco || null)
+
+    const url = `https://${discoConfig.host}/api/disco/swarm/nodes`
+    const res = await request({
+      method: 'GET',
+      url,
+      discoConfig,
+    })
+    const {nodes} = (await res.json()) as {
+      nodes: {
+        created: string,
+        name: string,
+        state: string,
+        address: string,
+        isLeader: boolean,
+      }[]
+    }
+
+    for (const node of nodes) {
+      this.log(`${node.name}${node.isLeader ? ' (main)' : ''}`);
+    }
+  }
+}