feat: Store host preflight results on disk (#638)

Signed-off-by: Evans Mungai <[email protected]>

Author: banjoh

Makefile

@@ -11,7 +11,7 @@ EMBEDDED_OPERATOR_CHART_URL = oci://registry.replicated.com/library
 EMBEDDED_OPERATOR_CHART_NAME = embedded-cluster-operator
 EMBEDDED_OPERATOR_CHART_VERSION = 0.36.2
 EMBEDDED_OPERATOR_UTILS_IMAGE = busybox:1.36.1
-EMBEDDED_CLUSTER_OPERATOR_IMAGE_OVERRIDE = 
+EMBEDDED_CLUSTER_OPERATOR_IMAGE_OVERRIDE =
 OPENEBS_CHART_URL = https://openebs.github.io/openebs
 OPENEBS_CHART_NAME = openebs/openebs
 OPENEBS_CHART_VERSION = 4.0.1
@@ -34,7 +34,7 @@ K0S_GO_VERSION = v1.29.5+k0s.0
 PREVIOUS_K0S_VERSION ?= v1.28.8+k0s.0
 K0S_BINARY_SOURCE_OVERRIDE = https://ec-k0s-binaries.s3.amazonaws.com/k0s-v1.29.5%2Bk0s.0-ec.0
 PREVIOUS_K0S_BINARY_SOURCE_OVERRIDE =
-TROUBLESHOOT_VERSION = v0.92.1
+TROUBLESHOOT_VERSION = v0.93.1
 KOTS_VERSION = v$(shell echo $(ADMIN_CONSOLE_CHART_VERSION) | sed 's/\([0-9]\+\.[0-9]\+\.[0-9]\+\).*/\1/')
 KOTS_BINARY_URL_OVERRIDE =
 LOCAL_ARTIFACT_MIRROR_IMAGE ?= registry.replicated.com/library/embedded-cluster-local-artifact-mirror
@@ -135,6 +135,7 @@ output/bin/embedded-cluster-release-builder:
 embedded-release: embedded-cluster-linux-amd64 output/tmp/release.tar.gz output/bin/embedded-cluster-release-builder
 	./output/bin/embedded-cluster-release-builder output/bin/embedded-cluster output/tmp/release.tar.gz output/bin/embedded-cluster
 
+.PHONY: go.mod
 go.mod: Makefile
 	go get github.com/k0sproject/k0s@$(K0S_GO_VERSION)
 	go mod tidy
@@ -146,7 +147,7 @@ static: pkg/goods/bins/k0s \
 	pkg/goods/bins/kubectl-support_bundle \
 	pkg/goods/bins/local-artifact-mirror \
 	pkg/goods/internal/bins/kubectl-kots
-	
+
 .PHONY: embedded-cluster-linux-amd64
 embedded-cluster-linux-amd64: static go.mod
 	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "$(LD_FLAGS)" -o ./output/bin/$(APP_NAME) ./cmd/embedded-cluster

cmd/embedded-cluster/install.go

@@ -88,6 +88,17 @@ func RunHostPreflights(c *cli.Context) error {
 	if err != nil {
 		return fmt.Errorf("unable to read host preflights: %w", err)
 	}
+
+	chpfs, err := preflights.GetClusterHostPreflights(c.Context)
+	if err != nil {
+		return fmt.Errorf("unable to get cluster host preflights: %w", err)
+	}
+
+	for _, h := range chpfs {
+		hpf.Collectors = append(hpf.Collectors, h.Spec.Collectors...)
+		hpf.Analyzers = append(hpf.Analyzers, h.Spec.Analyzers...)
+	}
+
 	return runHostPreflights(c, hpf)
 }
 
@@ -96,25 +107,61 @@ func runHostPreflights(c *cli.Context, hpf *v1beta2.HostPreflightSpec) error {
 		return nil
 	}
 	pb := spinner.Start()
-	pb.Infof("Running host preflights on node")
+	if c.Bool("skip-host-preflights") {
+		pb.Infof("Skipping host preflights")
+		pb.Close()
+		return nil
+	}
+	pb.Infof("Running host preflights")
 	output, err := preflights.Run(c.Context, hpf)
 	if err != nil {
 		pb.CloseWithError()
 		return fmt.Errorf("host preflights failed: %w", err)
 	}
+
+	err = output.SaveToDisk()
+	if err != nil {
+		pb.CloseWithError()
+		return fmt.Errorf("failed to save preflights output: %w", err)
+	}
+
 	if output.HasFail() {
+		s := "failures"
+		if len(output.Fail) == 1 {
+			s = "failure"
+		}
+		msg := fmt.Sprintf("Host preflights have %d %s", len(output.Fail), s)
+		if output.HasWarn() {
+			s = "warnings"
+			if len(output.Warn) == 1 {
+				s = "warning"
+			}
+			msg += fmt.Sprintf(" and %d %s", len(output.Warn), s)
+		}
+
+		pb.Errorf(msg)
 		pb.CloseWithError()
-		output.PrintTable()
+		output.PrintTableWithoutInfo()
 		return fmt.Errorf("preflights haven't passed on the host")
 	}
-	if !output.HasWarn() || c.Bool("no-prompt") {
+	if !output.HasWarn() {
 		pb.Close()
-		output.PrintTable()
 		return nil
 	}
+	if c.Bool("no-prompt") {
+		// We have warnings but we are not in interactive mode
+		// so we just print the warnings and continue
+		pb.Close()
+		output.PrintTableWithoutInfo()
+		return nil
+	}
+	s := "warnings"
+	if len(output.Warn) == 1 {
+		s = "warning"
+	}
+	pb.Warnf("Host preflights have %d %s", len(output.Warn), s)
 	pb.CloseWithError()
-	output.PrintTable()
-	logrus.Infof("Host preflights have warnings")
+	output.PrintTableWithoutInfo()
 	if !prompts.New().Confirm("Do you want to continue ?", false) {
 		return fmt.Errorf("user aborted")
 	}
@@ -390,7 +437,7 @@ func waitForK0s() error {
 }
 
 // runOutro calls Outro() in all enabled addons by means of Applier.
-func runOutro(c *cli.Context) error {
+func runOutro(c *cli.Context, adminConsolePwd string) error {
 	os.Setenv("KUBECONFIG", defaults.PathToKubeConfig())
 	opts := []addons.Option{}
 
@@ -413,12 +460,33 @@ func runOutro(c *cli.Context) error {
 	if ab := c.String("airgap-bundle"); ab != "" {
 		opts = append(opts, addons.WithAirgapBundle(ab))
 	}
+	opts = append(opts, addons.WithAdminConsolePassword(adminConsolePwd))
 	if c.String("http-proxy") != "" || c.String("https-proxy") != "" || c.String("no-proxy") != "" {
 		opts = append(opts, addons.WithProxyFromArgs(c.String("http-proxy"), c.String("https-proxy"), c.String("no-proxy")))
 	}
 	return addons.NewApplier(opts...).Outro(c.Context)
 }
 
+func askAdminConsolePassword(c *cli.Context) (string, error) {
+	defaultPass := "password"
+	if c.Bool("no-prompt") {
+		logrus.Infof("Admin Console password set to: %s", defaultPass)
+		return defaultPass, nil
+	}
+	maxTries := 3
+	for i := 0; i < maxTries; i++ {
+		promptA := prompts.New().Password("Enter an Admin Console password:")
+		promptB := prompts.New().Password("Confirm password:")
+
+		if promptA == promptB {
+			// TODO: Should we add extra password validation here? e.g length, complexity etc
+			return promptA, nil
+		}
+		logrus.Info("Passwords don't match, please try again.")
+	}
+	return "", fmt.Errorf("unable to set Admin Console password after %d tries", maxTries)
+}
+
 // installCommands executes the "install" command. This will ensure that a k0s.yaml file exists
 // and then run `k0s install` to apply the cluster. Once this is finished then a "kubeconfig"
 // file is created. Resulting kubeconfig is stored in the configuration dir.
@@ -476,6 +544,11 @@ var installCommand = &cli.Command{
 			Usage:  "Use the system proxy settings for the install operation. These variables are currently only passed through to Velero and the Admin Console.",
 			Hidden: true,
 		},
+		&cli.BoolFlag{
+			Name:  "skip-host-preflights",
+			Usage: "Skip host preflight checks. This is not recommended unless you are sure your system is compatible.",
+			Value: false,
+		},
 	},
 	Action: func(c *cli.Context) error {
 		logrus.Debugf("checking if %s is already installed", binName)
@@ -510,6 +583,11 @@ var installCommand = &cli.Command{
 			metrics.ReportApplyFinished(c, err)
 			return err
 		}
+		adminConsolePwd, err := askAdminConsolePassword(c)
+		if err != nil {
+			metrics.ReportApplyFinished(c, err)
+			return err
+		}
 		logrus.Debugf("running host preflights")
 		if err := RunHostPreflights(c); err != nil {
 			err := fmt.Errorf("unable to finish preflight checks: %w", err)
@@ -549,7 +627,7 @@ var installCommand = &cli.Command{
 			return err
 		}
 		logrus.Debugf("running outro")
-		if err := runOutro(c); err != nil {
+		if err := runOutro(c, adminConsolePwd); err != nil {
 			metrics.ReportApplyFinished(c, err)
 			return err
 		}

cmd/embedded-cluster/join.go

@@ -124,6 +124,11 @@ var joinCommand = &cli.Command{
 			Usage:  "Enable high availability",
 			Hidden: true,
 		},
+		&cli.BoolFlag{
+			Name:  "skip-host-preflights",
+			Usage: "Skip host preflight checks. This is not recommended unless you are sure your system is compatible.",
+			Value: false,
+		},
 	},
 	Before: func(c *cli.Context) error {
 		if os.Getuid() != 0 {

cmd/embedded-cluster/restore.go

@@ -823,6 +823,11 @@ var restoreCommand = &cli.Command{
 			Usage:  "Use the system proxy settings for the restore operation. These variables are currently only passed through to Velero.",
 			Hidden: true,
 		},
+		&cli.BoolFlag{
+			Name:  "skip-host-preflights",
+			Usage: "Skip host preflight checks. This is not recommended unless you are sure your system is compatible.",
+			Value: false,
+		},
 	},
 	Before: func(c *cli.Context) error {
 		if os.Getuid() != 0 {

e2e/install_test.go

@@ -249,7 +249,7 @@ func TestHostPreflight(t *testing.T) {
 
 	t.Logf("%s: installing test dependencies on node 0", time.Now().Format(time.RFC3339))
 	commands := [][]string{
-		{"dnf", "install", "-y", "openssh-server", "binutils", "tar"},
+		{"dnf", "install", "-y", "openssh-server", "binutils", "tar", "fio"},
 		{"systemctl", "enable", "sshd"},
 		{"systemctl", "start", "sshd"},
 	}

e2e/scripts/default-install.sh

@@ -56,12 +56,12 @@ check_openebs_storage_class() {
 }
 
 main() {
-    if embedded-cluster install --no-prompt --license /assets/license.yaml 2>&1 | tee /tmp/log ; then
+    if embedded-cluster install --no-prompt --skip-host-preflights --license /assets/license.yaml 2>&1 | tee /tmp/log ; then
         echo "Expected installation to fail with a license provided"
         exit 1
     fi
 
-    if ! embedded-cluster install --no-prompt 2>&1 | tee /tmp/log ; then
+    if ! embedded-cluster install --no-prompt --skip-host-preflights 2>&1 | tee /tmp/log ; then
         cat /etc/os-release
         echo "Failed to install embedded-cluster"
         exit 1

e2e/scripts/embedded-preflight.sh

@@ -124,10 +124,13 @@ embed_preflight() {
 }
 
 has_applied_host_preflight() {
-    if ! grep -q "Port 24 is available" /tmp/log ; then
+    if ! grep -q "Another process was already listening on port 22" /tmp/log ; then
         return 1
     fi
-    if ! grep -q "Another process was already listening on port 22" /tmp/log ; then
+}
+
+has_stored_host_preflight_results() {
+    if [ ! -f /var/lib/embedded-cluster/support/host-preflight-results.json ]; then
         return 1
     fi
 }
@@ -151,29 +154,40 @@ wait_for_healthy_node() {
 main() {
     cp -Rfp /usr/local/bin/embedded-cluster /usr/local/bin/embedded-cluster-copy
     embed_preflight "$preflight_with_failure"
-    if embedded-cluster install --no-prompt 2>&1 | tee /tmp/log ; then
+    if /usr/local/bin/embedded-cluster install --no-prompt 2>&1 | tee /tmp/log ; then
         cat /tmp/log
-        echo "Expected installation to fail"
+        echo "preflight_with_failure: Expected installation to fail"
         exit 1
     fi
     if ! has_applied_host_preflight; then
-        echo "Install hasn't applied host preflight"
+        echo "preflight_with_failure: Install hasn't applied host preflight"
+        cat /tmp/log
+        exit 1
+    fi
+    if ! has_stored_host_preflight_results; then
+        echo "preflight_with_failure: Install hasn't stored host preflight results to disk"
         cat /tmp/log
         exit 1
     fi
+    rm /var/lib/embedded-cluster/support/host-preflight-results.json
     mv /tmp/log /tmp/log-failure
     embed_preflight "$preflight_with_warning"
-    if ! embedded-cluster install --no-prompt 2>&1 | tee /tmp/log ; then
+    if ! /usr/local/bin/embedded-cluster install --no-prompt 2>&1 | tee /tmp/log ; then
         cat /etc/os-release
-        echo "Failed to install embedded-cluster"
+        echo "preflight_with_warning: Failed to install embedded-cluster"
         exit 1
     fi
     if ! grep -q "Admin Console is ready!" /tmp/log; then
-        echo "Failed to validate that the Admin Console is ready"
+        echo "preflight_with_warning: Failed to validate that the Admin Console is ready"
         exit 1
     fi
     if ! has_applied_host_preflight; then
-        echo "Install hasn't applied host preflight"
+        echo "preflight_with_warning: Install hasn't applied host preflight"
+        cat /tmp/log
+        exit 1
+    fi
+    if ! has_stored_host_preflight_results; then
+        echo "preflight_with_warning: Install hasn't stored host preflight results to disk"
         cat /tmp/log
         exit 1
     fi

e2e/scripts/restore-installation-airgap.exp

@@ -12,7 +12,7 @@ set dr_aws_s3_prefix [lindex $argv 3]
 set dr_aws_access_key_id [lindex $argv 4]
 set dr_aws_secret_access_key [lindex $argv 5]
 
-spawn embedded-cluster restore --airgap-bundle /assets/release.airgap --proxy
+spawn embedded-cluster restore --skip-host-preflights --airgap-bundle /assets/release.airgap --proxy
 
 expect {
     "Enter information to configure access to your backup storage location." {}

e2e/scripts/restore-installation.exp

@@ -12,7 +12,7 @@ set dr_aws_s3_prefix [lindex $argv 3]
 set dr_aws_access_key_id [lindex $argv 4]
 set dr_aws_secret_access_key [lindex $argv 5]
 
-spawn embedded-cluster restore
+spawn embedded-cluster restore --skip-host-preflights
 
 expect {
     "Enter information to configure access to your backup storage location." {}

e2e/scripts/restore-multi-node-airgap-phase1.exp

@@ -12,7 +12,7 @@ set dr_aws_s3_prefix [lindex $argv 3]
 set dr_aws_access_key_id [lindex $argv 4]
 set dr_aws_secret_access_key [lindex $argv 5]
 
-spawn embedded-cluster restore --airgap-bundle /assets/release.airgap --proxy
+spawn embedded-cluster restore --skip-host-preflights --airgap-bundle /assets/release.airgap --proxy
 
 expect {
     "Enter information to configure access to your backup storage location." {}