PRODENG-3100 Linux native MCR install

- drop install.sh for all linux configurers
- linux configurer package based installers for el, sles and ubuntu
- move installer download into the configurers, and drop the download phase
	- configurer download code has downloads globally.
	- only windows configurer uses the installer downloader
- drop the installer download mke phase

TODO

- windows installs may fail for fips version, need to test

ALSO

- some more linting:
	- interface{} -> any

Signed-off-by: James Nesbitt <jnesbitt@mirantis.com>

Author: james-nesbitt

examples/terraform/aws-simple/terraform.tfvars.template

@@ -8,7 +8,7 @@ aws = {
 launchpad = {
   drain = false
 
-  mcr_version = "25.0.13"
+  mcr_version = "25.0.14.2"
   mke_version = "3.8.8"
   msr_version = "2.9.28"
 
@@ -32,7 +32,7 @@ subnets = {
   "main" = {
     "cidr" = "172.31.0.0/17",
     "private" = false,
-    "nodegroups" = ["MngrA",  "WrkA", "MsrA"]
+    "nodegroups" = ["MngrA",  "Wrkubuntu", "Wrkrhel", "Wrksles"]
   }
 }
 
@@ -46,22 +46,30 @@ nodegroups = {
     "role" = "manager",
     "user_data" = "sudo ufw allow 7946/tcp ; sudo ufw allow 10250/tcp "
   },
-  "WrkA" = {
-    "platform" = "ubuntu_22.04",
+  "Wrkrhel" = {
+    "platform" = "rhel-9",
     "count" = 1,
     "type" = "c6a.xlarge",
     "volume_size" = "100",
     "role" = "worker",
     "user_data" = "sudo ufw allow 7946/tcp ; sudo ufw allow 10250/tcp "
-  }
-  "MsrA" = {
+  },
+  "Wrkubuntu" = {
     "platform" = "ubuntu_22.04",
     "count" = 1,
     "type" = "c6a.xlarge",
     "volume_size" = "100",
-    "role" = "msr",
+    "role" = "worker",
     "user_data" = "sudo ufw allow 7946/tcp ; sudo ufw allow 10250/tcp "
-  }
+  },
+  "Wrksles" = {
+    "platform" = "sles-15",
+    "count" = 1,
+    "type" = "c6a.xlarge",
+    "volume_size" = "100",
+    "role" = "worker",
+    "user_data" = "sudo ufw allow 7946/tcp ; sudo ufw allow 10250/tcp "
+  },
 }
 
 // set a windows password, if you have windows nodes

jn-todo.org

@@ -0,0 +1,20 @@
+* JNesbitt informal todo list
+
+** code-quality
+
+*** TODO Move product/mke/api/host.go:Host.MCRConfigure to /pkg/configurer interfaces
+
+The MCRConfigure() method likely exists on the host as a convenience, but as we have common
+configurer functionality and the other MCR methods are on the configurer it doesn't belong
+on the host.
+
+Another option would be to move functionality to the /pkg/mcr package.
+
+On top of this, the configurer.MCRConfigPath should perhaps be an accessor pair of content,
+instead of a filepath. Maybe the configurer should have methods to write/read the MCR configuration.
+
+** linting
+
+*** general interface{} -> any replace
+
+There are a lot of `interface{}` types declared in the code base that should be changed to `any`

pkg/analytics/analytics_test.go

@@ -4,8 +4,8 @@ import (
 	"testing"
 
 	"github.com/Mirantis/launchpad/pkg/config/user"
-	"github.com/stretchr/testify/require"
 	"github.com/segmentio/analytics-go/v3"
+	"github.com/stretchr/testify/require"
 )
 
 type mockClient struct {

pkg/configurer/centos/centos.go

@@ -1,11 +1,8 @@
 package centos
 
 import (
-	"fmt"
-
 	"github.com/Mirantis/launchpad/pkg/configurer/enterpriselinux"
 	"github.com/k0sproject/rig"
-	"github.com/k0sproject/rig/os"
 	"github.com/k0sproject/rig/os/registry"
 )
 
@@ -14,20 +11,12 @@ type Configurer struct {
 	enterpriselinux.Configurer
 }
 
-// InstallMKEBasePackages install all the needed base packages on the host.
-func (c Configurer) InstallMKEBasePackages(h os.Host) error {
-	if err := c.InstallPackage(h, "curl", "socat", "iptables", "iputils", "gzip"); err != nil {
-		return fmt.Errorf("failed to install base packages: %w", err)
-	}
-	return nil
-}
-
 func init() {
 	registry.RegisterOSModule(
 		func(os rig.OSVersion) bool {
 			return os.ID == "centos"
 		},
-		func() interface{} {
+		func() any {
 			return Configurer{}
 		},
 	)

pkg/configurer/enterpriselinux/el.go

@@ -26,8 +26,45 @@ func (c Configurer) InstallMKEBasePackages(h os.Host) error {
 	return nil
 }
 
+// InstallMCR install Docker EE engine on Linux.
+func (c Configurer) InstallMCR(h os.Host, engineConfig commonconfig.MCRConfig) error {
+	ver, verErr := configurer.ResolveLinux(h)
+	if verErr != nil {
+		return fmt.Errorf("could not discover Linux version information")
+	}
+
+	if isEC2 := c.isAWSInstance(h); !isEC2 {
+		log.Debugf("%s: confirmed that this is not an AWS instance", h)
+	} else if c.InstallPackage(h, "rh-amazon-rhui-client") == nil {
+		log.Infof("%s: appears to be an AWS EC2 instance, installed rh-amazon-rhui-client", h)
+	}
+
+	// e.g. https://repos.mirantis.com/rhel/$releasever/$basearch/<update-channel>
+	baseURL := fmt.Sprintf("%s/%s/%s/%s/%s", engineConfig.RepoURL, ver.ID, "$releasever", "$basearch", engineConfig.Channel)
+	// e.g. https://repos.mirantis.com/oraclelinux/gpg
+	gpgURL := fmt.Sprintf("%s/%s/gpg", engineConfig.RepoURL, ver.ID)
+	elRepoFilePath := "/etc/yum.repos.d/docker-ee.repo"
+	elRepoTemplate := `[mirantis]
+name=Mirantis Container Runtime
+baseurl=%s
+enabled=1
+gpgcheck=1
+gpgkey=%s
+`
+	elRepo := fmt.Sprintf(elRepoTemplate, baseURL, gpgURL)
+
+	if err := c.WriteFile(h, elRepoFilePath, elRepo, "0600"); err != nil {
+		return fmt.Errorf("could not write Yum repo file for MCR")
+	}
+
+	if err := c.InstallPackage(h, "docker.ee"); err != nil {
+		return fmt.Errorf("package manager could not install docker-ee")
+	}
+	return nil
+}
+
 // UninstallMCR uninstalls docker-ee engine.
-func (c Configurer) UninstallMCR(h os.Host, _ string, engineConfig commonconfig.MCRConfig) error {
+func (c Configurer) UninstallMCR(h os.Host, engineConfig commonconfig.MCRConfig) error {
 	info, getDockerError := c.GetDockerInfo(h)
 	if engineConfig.Prune {
 		defer c.CleanupLingeringMCR(h, info)
@@ -53,20 +90,6 @@ func (c Configurer) UninstallMCR(h os.Host, _ string, engineConfig commonconfig.
 	return nil
 }
 
-// InstallMCR install Docker EE engine on Linux.
-func (c Configurer) InstallMCR(h os.Host, scriptPath string, engineConfig commonconfig.MCRConfig) error {
-	if isEC2 := c.isAWSInstance(h); !isEC2 {
-		log.Debugf("%s: confirmed that this is not an AWS instance", h)
-	} else if c.InstallPackage(h, "rh-amazon-rhui-client") == nil {
-		log.Infof("%s: appears to be an AWS EC2 instance, installed rh-amazon-rhui-client", h)
-	}
-
-	if err := c.LinuxConfigurer.InstallMCR(h, scriptPath, engineConfig); err != nil {
-		return fmt.Errorf("failed to install MCR: %w", err)
-	}
-	return nil
-}
-
 // function to check if the host is an AWS instance - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html
 func (c Configurer) isAWSInstance(h os.Host) bool {
 	found, err := h.ExecOutput("curl -s -m 5 http://169.254.169.254/latest/dynamic/instance-identity/document | grep region")

pkg/configurer/enterpriselinux/rhel.go

@@ -15,7 +15,7 @@ func init() {
 		func(os rig.OSVersion) bool {
 			return os.ID == "rhel"
 		},
-		func() interface{} {
+		func() any {
 			return Rhel{}
 		},
 	)

pkg/configurer/enterpriselinux/rockylinux.go

@@ -15,7 +15,7 @@ func init() {
 		func(os rig.OSVersion) bool {
 			return os.ID == "rocky"
 		},
-		func() interface{} {
+		func() any {
 			return RockyLinux{}
 		},
 	)

pkg/configurer/installer.go

@@ -0,0 +1,124 @@
+package configurer
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"os"
+	"strings"
+
+	"github.com/Mirantis/launchpad/pkg/util/fileutil"
+	log "github.com/sirupsen/logrus"
+)
+
+var (
+	downloadedInstallers       = map[string]string{} // Global list of downloaded installers, to prevent repetition.
+	ErrInstallerDownloadFailed = errors.New("could not download installer")
+)
+
+func GetInstaller(source string) (string, error) {
+	path, ok := downloadedInstallers[source]
+	if ok {
+		return path, nil
+	}
+
+	if path == "" {
+		return "", fmt.Errorf("%w; skipping failed installer download", ErrInstallerDownloadFailed)
+	}
+
+	path, getErr := downloadInstaller(source)
+	if getErr != nil {
+		return "", fmt.Errorf("%w, installer download failed; %s", ErrInstallerDownloadFailed, getErr.Error())
+	}
+	downloadedInstallers[source] = path
+	return path, nil
+}
+
+// Run does all the prep work on the hosts in parallel.
+func downloadInstaller(path string) (string, error) {
+	winScript, err := getScript(path)
+	if err != nil {
+		return "", fmt.Errorf("failed to get Windows installer script: %w", err)
+	}
+	f, err := os.CreateTemp("", "installerWindows")
+	if err != nil {
+		return "", fmt.Errorf("failed to create temporary file for windows installer script: %w", err)
+	}
+
+	_, err = f.WriteString(winScript)
+	if err != nil {
+		return "", fmt.Errorf("failed to write to temporary file for windows installer script: %w", err)
+	}
+
+	return f.Name(), nil
+}
+
+func parseURL(uri string) (*url.URL, error) {
+	if !strings.Contains(uri, "://") {
+		return &url.URL{Path: uri, Scheme: "file"}, nil
+	}
+
+	u, err := url.ParseRequestURI(uri)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse installer URL: %w", err)
+	}
+	return u, nil
+}
+
+var errInvalidScript = fmt.Errorf("invalid container runtime install script")
+
+func getScript(uri string) (string, error) {
+	u, err := parseURL(uri)
+	if err != nil {
+		return "", err
+	}
+
+	var data string
+
+	if u.Scheme == "file" {
+		data, err = readFile(u.Path)
+	} else {
+		data, err = downloadFile(uri)
+	}
+
+	log.Debugf("read %d bytes from %s", len(data), uri)
+
+	if err != nil {
+		return "", err
+	}
+
+	if len(data) < 10 {
+		// cant fit an installer into that!
+		return "", fmt.Errorf("%w: script is too short", errInvalidScript)
+	}
+
+	if !strings.HasPrefix(data, "#") {
+		log.Warnf("possibly invalid container runtime install script in %s", uri)
+	}
+
+	return data, nil
+}
+
+func downloadFile(url string) (string, error) {
+	log.Infof("downloading container runtime install script from %s", url)
+	resp, err := http.Get(url) //nolint:gosec // "G107: Url provided to HTTP request as taint input" -- user-provided URL is ok here
+	if err != nil {
+		return "", fmt.Errorf("failed to download container runtime install script: %w", err)
+	}
+	defer resp.Body.Close()
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return "", fmt.Errorf("failed to read response body: %w", err)
+	}
+	return string(body), nil
+}
+
+func readFile(path string) (string, error) {
+	log.Infof("reading container runtime install script from %s", path)
+
+	data, err := fileutil.LoadExternalFile(path)
+	return string(data), err
+}