CSS-4745 Improve local dev env with cloud-init commands (#1013)

* Add `cloudinit.temp.yaml` Signed-off-by: Babak K. Shandiz <[email protected]> * Add username:password to local dev guide Signed-off-by: Babak K. Shandiz <[email protected]> * Use cloud-init to setup controller at bootstrap step Signed-off-by: Babak K. Shandiz <[email protected]> * Remove lxc proxy setup Signed-off-by: Babak K. Shandiz <[email protected]> * Add `--local` when calling `controller-info` command Signed-off-by: Babak K. Shandiz <[email protected]> --------- Signed-off-by: Babak K. Shandiz <[email protected]> Co-authored-by: Kian Parvin <[email protected]>
canonical · Jul 28, 2023 · a01ba7e · a01ba7e
1 parent 14c6956
commit a01ba7e
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 15 deletions.
diff --git a/.gitignore b/.gitignore
@@ -20,3 +20,5 @@ local/vault/roleid.txt
 *.csr
 /jimmctl
 qa-controller
+
+/cloudinit.temp.yaml
diff --git a/local/README.md b/local/README.md
@@ -52,11 +52,11 @@ The `request name` represents the literal WS endpoint, i.e., `API = /api`.
 Note that you can export an environment variable `CONTROLLER_NAME` and re-run steps 3. and 4. below to create multiple Juju
 controllers that will be controlled by JIMM.
 
-1. `juju unregister jimm-dev`                                       - Unregister any other local JIMM you have.
-2. `juju login jimm.localhost -c jimm-dev`                          - Login to local JIMM. (If you name the controller jimm-dev, the script will pick it up!)
-3. `./local/jimm/setup-controller.sh`                               - Performs controller setup.
-4. `./local/jimm/add-controller.sh`                                 - A local script to do many of the manual steps for us. See script for more details.
-5. `juju add-model test`                                            - Adds a model to qa-controller via JIMM.
+1. `juju unregister jimm-dev`                     - Unregister any other local JIMM you have.
+2. `juju login jimm.localhost -c jimm-dev`        - Login to local JIMM with `jimm:jimm`. (If you name the controller jimm-dev, the script will pick it up!)
+3. `./local/jimm/setup-controller.sh`             - Performs controller setup.
+4. `./local/jimm/add-controller.sh`               - A local script to do many of the manual steps for us. See script for more details.
+5. `juju add-model test`                          - Adds a model to qa-controller via JIMM.
 
 # Helpful tidbits!
 > Note: For any secure step to work, ensure you've run the local traefik certs script!

diff --git a/local/jimm/add-controller.sh b/local/jimm/add-controller.sh
@@ -31,7 +31,7 @@ echo "Switching juju controller to $JIMM_CONTROLLER_NAME"
 juju switch "$JIMM_CONTROLLER_NAME"
 echo
 echo "Retrieving controller info for $CONTROLLER_NAME"
-./jimmctl controller-info "$CONTROLLER_NAME" "$CONTROLLER_YAML_PATH"
+./jimmctl controller-info --local "$CONTROLLER_NAME" "$CONTROLLER_YAML_PATH"
 if [[ -f "$CONTROLLER_YAML_PATH" ]]; then
     echo "Controller info retrieved."
 else

diff --git a/local/jimm/setup-controller.sh b/local/jimm/setup-controller.sh
@@ -6,16 +6,22 @@
 
 set -ux
 
+CLOUDINIT_FILE="cloudinit.temp.yaml"
+function finish {
+    rm "$CLOUDINIT_FILE"
+}
+trap finish EXIT
+
 CONTROLLER_NAME="${CONTROLLER_NAME:-qa-controller}"
+CLOUDINIT_TEMPLATE=$'cloudinit-userdata: |
+  preruncmd:
+    - echo "%s    jimm.localhost" >> /etc/hosts
+  ca-certs:
+    trusted:
+      - |\n%s'
+
+printf "$CLOUDINIT_TEMPLATE" "$(lxc network get lxdbr0 ipv4.address | cut -f1 -d/)" "$(cat local/traefik/certs/ca.crt | sed -e 's/^/        /')" > "${CLOUDINIT_FILE}"
 
 echo "Bootstrapping controller"
-juju bootstrap localhost "${CONTROLLER_NAME}" --config allow-model-access=true --config login-token-refresh-url=https://jimm.localhost
+juju bootstrap localhost "${CONTROLLER_NAME}" --config allow-model-access=true --config "${CLOUDINIT_FILE}" --config login-token-refresh-url=https://jimm.localhost/.well-known/jwks.json
 CONTROLLER_ID=$(juju show-controller --format json | jq --arg name "${CONTROLLER_NAME}" '.[$name]."controller-machines"."0"."instance-id"' | tr -d '"')
-echo "Adding proxy to LXC instance ${CONTROLLER_ID}"
-lxc config device add "${CONTROLLER_ID}" myproxy proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443 bind=instance
-echo "Pushing local CA"
-lxc file push local/traefik/certs/ca.crt "${CONTROLLER_ID}"/usr/local/share/ca-certificates/
-lxc exec "${CONTROLLER_ID}" -- update-ca-certificates
-echo "Restarting controller"
-lxc stop "${CONTROLLER_ID}"
-lxc start "${CONTROLLER_ID}"