constellation/cli/internal/cmd/create.go

239 lines
8.8 KiB
Go
Raw Normal View History

/*
Copyright (c) Edgeless Systems GmbH
SPDX-License-Identifier: AGPL-3.0-only
*/
package cmd
import (
"errors"
"fmt"
"io/fs"
2022-09-21 07:47:57 -04:00
"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
2022-11-16 10:33:51 -05:00
"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
2022-09-21 07:47:57 -04:00
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/config"
2022-09-21 07:47:57 -04:00
"github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/file"
2022-04-13 07:01:38 -04:00
"github.com/spf13/afero"
"github.com/spf13/cobra"
)
2022-06-08 02:14:28 -04:00
// NewCreateCmd returns a new cobra.Command for the create command.
func NewCreateCmd() *cobra.Command {
cmd := &cobra.Command{
Use: "create",
Short: "Create instances on a cloud platform for your Constellation cluster",
2022-05-04 03:13:46 -04:00
Long: "Create instances on a cloud platform for your Constellation cluster.",
2022-04-13 07:01:38 -04:00
Args: cobra.MatchAll(
cobra.ExactArgs(0),
2022-04-13 07:01:38 -04:00
),
RunE: runCreate,
}
2022-05-09 11:02:47 -04:00
cmd.Flags().String("name", "constell", "create the cluster with the specified name")
cmd.Flags().BoolP("yes", "y", false, "create the cluster without further confirmation")
2022-05-04 12:41:24 -04:00
cmd.Flags().IntP("control-plane-nodes", "c", 0, "number of control-plane nodes (required)")
must(cobra.MarkFlagRequired(cmd.Flags(), "control-plane-nodes"))
2022-05-04 12:41:24 -04:00
cmd.Flags().IntP("worker-nodes", "w", 0, "number of worker nodes (required)")
must(cobra.MarkFlagRequired(cmd.Flags(), "worker-nodes"))
return cmd
}
2022-04-13 07:01:38 -04:00
func runCreate(cmd *cobra.Command, args []string) error {
fileHandler := file.NewHandler(afero.NewOsFs())
spinner := newSpinner(cmd.ErrOrStderr())
2022-10-07 13:35:07 -04:00
defer spinner.Stop()
creator := cloudcmd.NewCreator(spinner)
2022-04-13 07:01:38 -04:00
2022-10-07 13:35:07 -04:00
return create(cmd, creator, fileHandler, spinner)
2022-04-13 07:01:38 -04:00
}
2022-10-07 13:35:07 -04:00
func create(cmd *cobra.Command, creator cloudCreator, fileHandler file.Handler, spinner spinnerInterf,
) (retErr error) {
2022-08-31 11:35:33 -04:00
flags, err := parseCreateFlags(cmd)
2022-04-13 07:01:38 -04:00
if err != nil {
return err
}
if err := checkDirClean(fileHandler); err != nil {
return err
}
conf, err := config.New(fileHandler, flags.configPath)
2022-04-13 07:01:38 -04:00
if err != nil {
return displayConfigValidationErrors(cmd.ErrOrStderr(), err)
2022-04-13 07:01:38 -04:00
}
2022-09-06 07:05:49 -04:00
var printedAWarning bool
if !conf.IsReleaseImage() {
cmd.PrintErrln("Configured image doesn't look like a released production image. Double check image before deploying to production.")
2022-09-06 07:05:49 -04:00
printedAWarning = true
}
if conf.IsDebugCluster() {
cmd.PrintErrln("WARNING: Creating a debug cluster. This cluster is not secure and should only be used for debugging purposes.")
cmd.PrintErrln("DO NOT USE THIS CLUSTER IN PRODUCTION.")
2022-09-06 07:05:49 -04:00
printedAWarning = true
}
if conf.IsAzureNonCVM() {
cmd.PrintErrln("Disabling Confidential VMs is insecure. Use only for evaluation purposes.")
2022-09-06 07:05:49 -04:00
printedAWarning = true
if conf.EnforcesIDKeyDigest() {
cmd.PrintErrln("Your config asks for enforcing the idkeydigest. This is only available on Confidential VMs. It will not be enforced.")
}
}
2022-09-06 07:05:49 -04:00
// Print an extra new line later to separate warnings from the prompt message of the create command
if printedAWarning {
cmd.PrintErrln("")
2022-09-06 07:05:49 -04:00
}
provider := conf.GetProvider()
2022-08-31 11:35:33 -04:00
var instanceType string
switch provider {
case cloudprovider.AWS:
instanceType = conf.Provider.AWS.InstanceType
if len(flags.name) > 10 {
return fmt.Errorf("cluster name on AWS must not be longer than 10 characters")
}
2022-08-31 11:35:33 -04:00
case cloudprovider.Azure:
instanceType = conf.Provider.Azure.InstanceType
2022-08-31 11:35:33 -04:00
case cloudprovider.GCP:
instanceType = conf.Provider.GCP.InstanceType
case cloudprovider.QEMU:
cpus := conf.Provider.QEMU.VCPUs
instanceType = fmt.Sprintf("%d-vCPU", cpus)
2022-08-31 11:35:33 -04:00
}
2022-04-13 07:01:38 -04:00
if !flags.yes {
// Ask user to confirm action.
2022-05-04 03:13:46 -04:00
cmd.Printf("The following Constellation cluster will be created:\n")
2022-08-31 11:35:33 -04:00
cmd.Printf("%d control-planes nodes of type %s will be created.\n", flags.controllerCount, instanceType)
cmd.Printf("%d worker nodes of type %s will be created.\n", flags.workerCount, instanceType)
2022-05-04 03:13:46 -04:00
ok, err := askToConfirm(cmd, "Do you want to create this cluster?")
2022-04-13 07:01:38 -04:00
if err != nil {
return err
}
if !ok {
2022-05-04 03:13:46 -04:00
cmd.Println("The creation of the cluster was aborted.")
2022-04-13 07:01:38 -04:00
return nil
}
}
2022-10-07 13:35:07 -04:00
spinner.Start("Creating", false)
idFile, err := creator.Create(cmd.Context(), provider, conf, flags.name, instanceType, flags.controllerCount, flags.workerCount)
spinner.Stop()
2022-04-13 07:01:38 -04:00
if err != nil {
2022-11-16 10:33:51 -05:00
return translateCreateErrors(cmd, err)
2022-04-13 07:01:38 -04:00
}
2022-10-11 06:24:33 -04:00
if err := fileHandler.WriteJSON(constants.ClusterIDsFileName, idFile, file.OptNone); err != nil {
2022-07-29 04:01:10 -04:00
return err
}
2022-05-04 03:13:46 -04:00
cmd.Println("Your Constellation cluster was created successfully.")
2022-04-13 07:01:38 -04:00
return nil
}
// parseCreateFlags parses the flags of the create command.
2022-08-31 11:35:33 -04:00
func parseCreateFlags(cmd *cobra.Command) (createFlags, error) {
controllerCount, err := cmd.Flags().GetInt("control-plane-nodes")
if err != nil {
return createFlags{}, fmt.Errorf("parsing number of control-plane nodes: %w", err)
}
if controllerCount < constants.MinControllerCount {
return createFlags{}, fmt.Errorf("number of control-plane nodes must be at least %d", constants.MinControllerCount)
}
workerCount, err := cmd.Flags().GetInt("worker-nodes")
if err != nil {
return createFlags{}, fmt.Errorf("parsing number of worker nodes: %w", err)
}
if workerCount < constants.MinWorkerCount {
return createFlags{}, fmt.Errorf("number of worker nodes must be at least %d", constants.MinWorkerCount)
}
2022-04-13 07:01:38 -04:00
name, err := cmd.Flags().GetString("name")
if err != nil {
return createFlags{}, fmt.Errorf("parsing name argument: %w", err)
2022-04-13 07:01:38 -04:00
}
if len(name) > constants.ConstellationNameLength {
2022-04-13 07:01:38 -04:00
return createFlags{}, fmt.Errorf(
2022-05-04 03:13:46 -04:00
"name for Constellation cluster too long, maximum length is %d, got %d: %s",
constants.ConstellationNameLength, len(name), name,
2022-04-13 07:01:38 -04:00
)
}
2022-04-13 07:01:38 -04:00
yes, err := cmd.Flags().GetBool("yes")
if err != nil {
return createFlags{}, fmt.Errorf("%w; Set '-yes' without a value to automatically confirm", err)
2022-04-13 07:01:38 -04:00
}
configPath, err := cmd.Flags().GetString("config")
2022-04-13 07:01:38 -04:00
if err != nil {
return createFlags{}, fmt.Errorf("parsing config path argument: %w", err)
2022-04-13 07:01:38 -04:00
}
return createFlags{
controllerCount: controllerCount,
workerCount: workerCount,
name: name,
configPath: configPath,
yes: yes,
2022-04-13 07:01:38 -04:00
}, nil
}
// createFlags contains the parsed flags of the create command.
type createFlags struct {
controllerCount int
workerCount int
name string
configPath string
yes bool
}
// checkDirClean checks if files of a previous Constellation are left in the current working dir.
2022-04-06 04:36:58 -04:00
func checkDirClean(fileHandler file.Handler) error {
if _, err := fileHandler.Stat(constants.AdminConfFilename); !errors.Is(err, fs.ErrNotExist) {
return fmt.Errorf("file '%s' already exists in working directory, run 'constellation terminate' before creating a new one", constants.AdminConfFilename)
}
2022-04-06 04:36:58 -04:00
if _, err := fileHandler.Stat(constants.MasterSecretFilename); !errors.Is(err, fs.ErrNotExist) {
return fmt.Errorf("file '%s' already exists in working directory. Constellation won't overwrite previous master secrets. Move it somewhere or delete it before creating a new cluster", constants.MasterSecretFilename)
}
2022-07-29 04:01:10 -04:00
if _, err := fileHandler.Stat(constants.ClusterIDsFileName); !errors.Is(err, fs.ErrNotExist) {
return fmt.Errorf("file '%s' already exists in working directory. Constellation won't overwrite previous cluster IDs. Move it somewhere or delete it before creating a new cluster", constants.ClusterIDsFileName)
}
return nil
}
2022-04-13 07:01:38 -04:00
2022-11-16 10:33:51 -05:00
func translateCreateErrors(cmd *cobra.Command, err error) error {
switch {
case errors.Is(err, terraform.ErrTerraformWorkspaceDifferentFiles):
cmd.PrintErrln("\nYour current working directory contains an existing Terraform workspace which does not match the expected state.")
cmd.PrintErrln("This can be due to a mix up between providers, versions or an otherwise corrupted workspace.")
cmd.PrintErrln("Before creating a new cluster, try \"constellation terminate\".")
cmd.PrintErrf("If this does not work, either move or delete the directory %q.\n", constants.TerraformWorkingDir)
cmd.PrintErrln("Please only delete the directory if you made sure that all created cloud resources have been terminated.")
return err
case errors.Is(err, terraform.ErrTerraformWorkspaceExistsWithDifferentVariables):
cmd.PrintErrln("\nYour current working directory contains an existing Terraform workspace which was initiated with different input variables.")
cmd.PrintErrln("This can be the case if you have tried to create a cluster before with different options which did not complete, or the workspace is corrupted.")
cmd.PrintErrln("Before creating a new cluster, try \"constellation terminate\".")
cmd.PrintErrf("If this does not work, either move or delete the directory %q.\n", constants.TerraformWorkingDir)
cmd.PrintErrln("Please only delete the directory if you made sure that all created cloud resources have been terminated.")
return err
default:
return err
}
}
2022-06-08 02:14:28 -04:00
func must(err error) {
if err != nil {
panic(err)
}
}