Updates for DevOps World

.gitignore

@@ -1,6 +1,7 @@
 demo.state.yaml
+*.env
 logs
 kubeconfig_*
 .bash_history
 agent/v_kube
-agent/v_tmp
+agent/v_tmp

README.adoc

@@ -233,27 +233,27 @@ The demonstration agent contains all the required tools and configuration for th
 The script `agent/run.sh` build and run the agent for you.   
 
 * The container will be binding the source code of the demo in `/root/demo-scm` to be able to run the commands listed under _Operation script reference_ section. On the other hand, it would be using the `$HOME/.aws` configuration from the Docker host.
-* Additionally, a couple of docker volumens will be attached, one for saving the kubectl config configuration (`v_kube`) and another with all temporal files created during the demo execution (`v_tmp`).
+* Additionally, a couple of docker volumes will be attached, one for saving the kubectl config configuration (`v_kube`) and another with all temporal files created during the demo execution (`v_tmp`).
 
 === Demo Configuration 
 
-The configuration of the demo is centralized in the file `demo.profile.sh` 
+The configuration of the demo is centralized in the file `demo.env`.
 
-Configure your own AWS environment by updating the required parameters `AWS_PROFILE`, `ROUTE_53_DOMAIN`, `ROUTE_53_ZONE_ID` in the `demo.profile.sh` file. 
+Make a copy of `demo.env.example` and rename it to `demo.env`. Then, configure your own AWS environment by updating the required parameters `AWS_PROFILE`, `ROUTE_53_DOMAIN`, `ROUTE_53_ZONE_ID` in the `demo.env` file. 
 
 * `AWS_PROFILE` requires to be included into `$HOME/.aws/config`
 * `ROUTE_53_ZONE_ID` requires an existing Hosted Zone. 
-* `ROUTE_53_DOMAIN` could be a new or exiting domain but it required to be managed by `ROUTE_53_ZONE_ID` (above)
+* `ROUTE_53_DOMAIN` could be a new or existing domain but it is required to be managed by `ROUTE_53_ZONE_ID` (above)
 
-IMPORTANT: If you want to run any command outside provided scripts, run first `source /root/demo-scm/demo.profile.sh` to load the environments. Note that `getLocals` load parametres required by the demo scripts.
+IMPORTANT: If you want to run any command outside provided scripts, run first `source /root/demo-scm/demo.profile.sh` to load the environments. Note that `getLocals` load parameters are required by the demo scripts.
 
 === Demo State 
 
 The execution commands (mainly `setup.sh` and `teardown.sh`) depends on the `demo.state.yaml` to make the scripts idempotent.
 
 === Assume Role Token Expiration (optional)
 
-For those organization which uses link:https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html[assume roles] credentials for AWS, like CloudBees, the function `setAWSRoleSession` refresh the token when sourcing  `demo.profile.sh`. This fuction is also called during the most time-consuming processes to avoid the AWS rol token expiration.
+For those organization that uses link:https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html[assume roles] credentials for AWS, like CloudBees, the function `setAWSRoleSession` refresh the token when sourcing  `demo.profile.sh`. This fuction is also called during the most time-consuming processes to avoid the AWS rol token expiration.
 
 It is managed by the variable `AWS_ASSUME_ROLE`. Set it to null in case you work with user credentials instead of rol crendentials.
 
@@ -264,7 +264,7 @@ All the demo commands are orchestrated by the parent script `run.sh` to centrali
 [source,bash]
 ----
 $> bash run.sh
-Select one of the folloing option and press [ENTER]:
+Select one of the following option and press [ENTER]:
 
 build [B]
 reload-cbci [L]
@@ -275,7 +275,7 @@ destroy [D]
 
 === Building [B]
 
-The option **B** will build up the Demo Environment. 
+Option **B** will build up the Demo Environment. 
 
 A random environment identifier is generated and saved in `demo.state.yaml`, to ensure all resource names are unique. The name is also composed by `MY_DEMO_ID` just to help us to quickly identify who was running the demo without using tags ;)
 
@@ -294,12 +294,12 @@ The values for authentication are saved in `demo.state.yaml` too.
 
 === Scale [B] (Optional)
 
-The nodegroup `ng-linux` will be scaled in both clusters (East and West) according to the value of the variable `SCALE` in `demo.profile.sh`.
+The nodegroup `ng-linux` will be scaled in both clusters (East and West) according to the value of the variable `SCALE` in `demo.env`.
 
 [source,bash]
 ----
 $> bash run.sh
-Select one of the folloing option and press [ENTER]:
+Select one of the following option and press [ENTER]:
 ...
 scale [S]
 ...
@@ -308,18 +308,16 @@ s
 
 === Load [L]
 
-In case the number of nodes were scaled up/down, the number of Managed Master can be adjusted accordingly by the variable `MC_COUNT` in `demo.profile.sh`.
+In case the number of nodes was scaled up/down, the number of Managed Master can be adjusted accordingly by the variable `MC_COUNT` in `demo.env`.
 
 Once the building/scaling of the demo finishes `OK`, move the context to the Main Region (`east`) and hit `run` with option **L** to ensure all configured managed controllers are awake and trigger builds for each of their jobs. 
 
 [source,bash]
 ----
-$> source demo.profile.sh
-...
 $> in-east
 ...
 $> bash run.sh
-Select one of the folloing option and press [ENTER]:
+Select one of the following option and press [ENTER]:
 ...
 reload-cbci [L]
 ...
@@ -328,28 +326,26 @@ l
 
 === Check backup status
 
-The following command is issued to verify if the status of the velero backups:
+The following command is issued to verify the status of the velero backups:
 
 ----
 $> velero get backups
 ----
 
-NOTE: Backups must be present on both regions.
+NOTE: Backups must be present in both regions.
 
 The backups are setup to TTL of 1 hour, then they link:https://velero.io/docs/v1.8/how-velero-works/#set-a-backup-to-expire[expire].
 
 === Restore [R]
 
-Once some of the backups have been completed after fininshing with the Load of the Main Region, move the context to the Main Region (`west`) and issue command `run` with the option **R**.
+Once some of the backups have been completed after finishing with the Load of the Main Region, move the context to the Main Region (`west`) and issue command `run` with the option **R**.
 
 [source,bash]
 ----
-$> source demo.profile.sh
-...
 $> in-west
 ...
 $> bash run.sh
-Select one of the folloing option and press [ENTER]:
+Select one of the following option and press [ENTER]:
 ...
 restore [R]
 ...
@@ -378,7 +374,8 @@ d
 
 Script to configure the shell (`source xxx.sh`):
 
-* `demo.profile.sh`: Load basic environment variables and functions.
+* `demo.profile.sh`: Load basic environment functions.
+* `demo.env`: Load basic environment variables (it is load by `demo.profile.sh`)
 
 State file
 
@@ -424,4 +421,4 @@ helm.go:81: [debug] the server has asked for the client to provide credentials
 Kubernetes cluster unreachable
 ----
 
-Please run `source demo demo.profile.sh` the token as expired or is not available for that session.
+Please run `source demo.profile.sh` the token has expired or is not available for that session.

agent/Dockerfile

@@ -2,7 +2,7 @@ FROM ubuntu:20.04
 SHELL ["/bin/bash", "-c"]
 
 LABEL   maintainer="Carlos Rodriguez Lopez <[email protected]>" \
-        updated_at=2022-04-25
+    updated_at=2022-09-28
 
 # Tooling
 WORKDIR /root
@@ -22,17 +22,18 @@ ENV PATH="${PATH}:/asdf/.asdf/shims:/asdf/.asdf/bin" \
 
 RUN apt-get update -y && \
     apt-get install -y --no-install-recommends git \ 
-        unzip \ 
-        gpg \
-        gpg-agent \
-        parallel \ 
-        vim \
-        wget \
-        less \ 
-        ca-certificates \
-        openssh-client \
-        wget \
-        curl && \
+    unzip \
+    # No gpg, https://stackoverflow.com/a/61692849 
+    gnupg \
+    gpg-agent \
+    parallel \ 
+    vim \
+    wget \
+    less \
+    ca-certificates \
+    openssh-client \
+    wget \
+    curl && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/*
 

agent/run.sh

@@ -1,5 +1,4 @@
 #!/usr/bin/env bash
-set -euxo pipefail
 
 cd "$(cd "$(dirname "${BASH_SOURCE[0]}")" > /dev/null && pwd)" || return
 
@@ -22,4 +21,4 @@ docker-agent-buildAndRun(){
             "$AGENT" bash
 }
 #docker-clean
-docker-agent-buildAndRun
+docker-agent-buildAndRun

bin/setup.sh

@@ -109,7 +109,7 @@ do
 done
 INFO "Preparing Jenkins Token for Remote authentication"
 #https://github.com/jenkinsci/configuration-as-code-plugin/issues/1830 hard to make a crumb
-crumb=$(curl -s -u admin:$pass -c /tmp/cookies http://$ROUTE_53_DOMAIN/cjoc/crumbIssuer/api/xml'?xpath=concat(//crumbRequestField,":",//crumb)')
-token=$(curl -s -u admin:$pass -H $crumb -d newTokenName=general -b /tmp/cookies http://$ROUTE_53_DOMAIN/cjoc/user/admin/descriptorByName/jenkins.security.ApiTokenProperty/generateNewToken | jq -r .data.tokenValue)
+crumb=$(curl -s -u admin:"$pass" -c /tmp/cookies "http://$ROUTE_53_DOMAIN/cjoc/crumbIssuer/api/xml'?xpath=concat(//crumbRequestField,":",//crumb)'")
+token=$(curl -s -u admin:"$pass" -H "$crumb" -d newTokenName=general -b /tmp/cookies "http://$ROUTE_53_DOMAIN/cjoc/user/admin/descriptorByName/jenkins.security.ApiTokenProperty/generateNewToken" | jq -r .data.tokenValue)
 kubectl delete secret api-token --namespace cbci || INFO "No api-token secret"
 kubectl create secret generic api-token --from-literal=token="$token" --namespace cbci

bin/teardown.sh

@@ -30,13 +30,13 @@ destroy_apps_region(){
     INFO "Apps destroyed for ${AWS_DEFAULT_REGION}"
 }
 destroy_apps(){
-    in-east && destroy_apps_region || INFO "Could not use the east kubernetes context"
-    in-west && destroy_apps_region || INFO "Could not use the east kubernetes context"
+    (in-east && destroy_apps_region) || INFO "Could not use the east kubernetes context"
+    (in-west && destroy_apps_region) || INFO "Could not use the west kubernetes context"
 }
 destroy_infra(){
     for region in $EAST_REGION $WEST_REGION
     do
-        setAWSRoleSession
+        #setAWSRoleSession
         if eksctl get cluster --region "$region" --name "$CLUSTER_NAME" 2> /dev/null; then
             eksctl delete cluster --region "$region" --name "$CLUSTER_NAME"
         else
@@ -77,7 +77,7 @@ destroy_infra(){
 destroy_tmp_artifact(){
     cd "$ROOT"
     rm -rf /tmp/*.*
-    rm -f demo.state.yaml
+    ##rm -f demo.state.yaml
     INFO "Demo project artifacts and state deleted"
 }
 
@@ -86,6 +86,6 @@ destroy_tmp_artifact(){
 #######################
 
 destroy_snaphots
-#destroy_apps
+destroy_apps
 destroy_infra
 destroy_tmp_artifact

demo.env.example

@@ -0,0 +1,14 @@
+export AWS_PROFILE="example-profile"     # https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
+export AWS_ASSUME_ROLE="example-rol-arn" # Optional (Set it to null in case you work with user credentials)
+export ROUTE_53_DOMAIN="dr.example.com"
+export ROUTE_53_ZONE_ID="Z041787_EXAMPLE"
+export MY_DEMO_ID="ex"
+## For concreteness, will refer to these as east and west, though in principle could be any two regions:
+export EAST_REGION="us-east-1"
+export WEST_REGION="us-west-1"
+## Number of ManagedMaster. Start with a small number. Optionally, you can increase it
+export MC_COUNT=5
+## Number of Nodes to Scale | Check max and min from infra/cluster.yaml
+export SCALE=15
+## Debugging
+export DEBUG=${DEBUG:-false}

demo.profile.sh

@@ -1,28 +1,5 @@
 #!/usr/bin/bash
 
-#######################
-## Variables
-#######################
-
-export AWS_PROFILE="example-profile" # https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
-export AWS_ASSUME_ROLE="example-rol-arn" # Optional (Set it to null in case you work with user credentials)
-export ROUTE_53_DOMAIN="dr.example.com"
-export ROUTE_53_ZONE_ID="Z041787_EXAMPLE"
-export MY_DEMO_ID="ex"
-## For concreteness, will refer to these as east and west, though in principle could be any two regions:
-export EAST_REGION=us-east-1
-export WEST_REGION=us-west-1
-## Number of ManagedMaster. Start with a small number. Optionally, you can increase it
-export MC_COUNT=5
-## Number of Nodes to Scale | Check max and min from infra/cluster.yaml
-export SCALE=15
-## Debugging
-export DEBUG=${DEBUG:-false}
-
-#######################
-## Functions
-#######################
-
 setState(){
     yq w -i "$ROOT/demo.state.yaml" "$1" "$2"
 }
@@ -57,7 +34,9 @@ getLocals(){
     export INFRA_DIR="$ROOT/infra"
     export HELM_DIR="$ROOT/helm"
     export BIN="$ROOT/bin"
-    ## CloudBees CI version: 2.332.2.6
+    # shellcheck source=/dev/null
+    source "$ROOT/demo.env"
+    ## CloudBees CI version: 2.332.2.6. It is the version the patched was tested against
     export CBCI_VERSION=3.42.6+c9672cd0453e
     if [ ! -f "$ROOT/demo.state.yaml" ]; then
         cat <<EOF > "$ROOT/demo.state.yaml"
@@ -89,8 +68,8 @@ cjoc:
 EOF
         demo="cbci-dr-$MY_DEMO_ID-$RANDOM"
         suffix="$RANDOM"
-        setState demo.name $demo
-        setState demo.suffix $suffix
+        setState demo.name "$demo"
+        setState demo.suffix "$suffix"
         setState cjoc.url "http://$ROUTE_53_DOMAIN/cjoc"
     else
         demo="$(getState demo.name)"
@@ -176,3 +155,57 @@ WARN(){
 #######################
 
 getLocals
+
+#######################
+# Demo DevOps World
+#######################
+
+printTitle(){
+    echo "=========================================="
+    echo "$1"
+    echo "=========================================="
+}
+
+printSubtitle(){
+    echo "$1"
+    echo "------------------------------------------"
+}
+
+demo-watch-east(){
+    _demo-watch "east"
+}
+
+demo-watch-west(){
+    _demo-watch "west"
+}
+
+demo-trigger-backup-east(){
+    in-east
+    bash bin/back-up.sh
+}
+
+demo-failover-to-west(){
+    in-east
+    bash run.sh failover-to-west
+}
+
+_demo-watch(){
+    printTitle "$1"
+    eval "in-$1"
+    printSubtitle "K8s Pods"
+    kubectl get pods -A  
+    printSubtitle "K8s Ingress cbci"
+    kubectl get ing -n cbci || echo "There is not Ingress"
+    printSubtitle "K8s PVCs cbci"
+    kubectl get pvc -n cbci || echo "There is not PVC"
+    printSubtitle "Velero Backups"
+    kubectl get backups
+}
+
+_demo-clean-up(){
+    bash run.sh "d"
+    in-east
+    kubectl delete --all pods --grace-period=0 --force --namespace cbci; kubectl delete pvc --all; kubectl delete ns cbci
+    in-west
+    kubectl delete --all pods --grace-period=0 --force --namespace cbci; kubectl delete pvc --all; kubectl delete ns cbci
+}