2022-09-05 09:06:08 +02:00
/ *
Copyright ( c ) Edgeless Systems GmbH
SPDX - License - Identifier : AGPL - 3.0 - only
* /
2022-03-22 16:03:15 +01:00
package cmd
import (
"errors"
"fmt"
"io/fs"
2022-09-21 13:47:57 +02:00
"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
2022-11-16 16:33:51 +01:00
"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
2022-09-21 13:47:57 +02:00
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
2022-11-15 15:40:49 +01:00
"github.com/edgelesssys/constellation/v2/internal/config"
2022-09-21 13:47:57 +02:00
"github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/file"
2023-03-29 14:04:37 +02:00
"github.com/edgelesssys/constellation/v2/internal/variant"
2022-04-13 13:01:38 +02:00
"github.com/spf13/afero"
2022-03-22 16:03:15 +01:00
"github.com/spf13/cobra"
)
2022-06-08 08:14:28 +02:00
// NewCreateCmd returns a new cobra.Command for the create command.
func NewCreateCmd ( ) * cobra . Command {
2022-03-22 16:03:15 +01:00
cmd := & cobra . Command {
2022-09-07 15:38:29 +02:00
Use : "create" ,
2022-05-06 17:51:41 +02:00
Short : "Create instances on a cloud platform for your Constellation cluster" ,
2022-05-04 09:13:46 +02:00
Long : "Create instances on a cloud platform for your Constellation cluster." ,
2022-12-07 11:48:54 +01:00
Args : cobra . ExactArgs ( 0 ) ,
RunE : runCreate ,
2022-03-22 16:03:15 +01:00
}
2022-05-09 17:02:47 +02:00
cmd . Flags ( ) . BoolP ( "yes" , "y" , false , "create the cluster without further confirmation" )
2022-05-04 18:41:24 +02:00
cmd . Flags ( ) . IntP ( "control-plane-nodes" , "c" , 0 , "number of control-plane nodes (required)" )
2022-05-04 08:50:50 +02:00
must ( cobra . MarkFlagRequired ( cmd . Flags ( ) , "control-plane-nodes" ) )
2022-05-04 18:41:24 +02:00
cmd . Flags ( ) . IntP ( "worker-nodes" , "w" , 0 , "number of worker nodes (required)" )
2022-05-04 08:50:50 +02:00
must ( cobra . MarkFlagRequired ( cmd . Flags ( ) , "worker-nodes" ) )
2022-03-22 16:03:15 +01:00
return cmd
}
2023-01-04 09:46:29 +00:00
type createCmd struct {
log debugLog
}
2023-03-20 11:03:36 +01:00
func runCreate ( cmd * cobra . Command , _ [ ] string ) error {
2023-01-04 09:46:29 +00:00
log , err := newCLILogger ( cmd )
if err != nil {
return fmt . Errorf ( "creating logger: %w" , err )
}
defer log . Sync ( )
2023-01-18 13:10:24 +01:00
spinner , err := newSpinnerOrStderr ( cmd )
2023-01-04 11:00:07 +01:00
if err != nil {
return fmt . Errorf ( "creating spinner: %w" , err )
}
2022-10-07 19:35:07 +02:00
defer spinner . Stop ( )
2023-01-04 11:00:07 +01:00
fileHandler := file . NewHandler ( afero . NewOsFs ( ) )
2022-10-21 14:26:42 +02:00
creator := cloudcmd . NewCreator ( spinner )
2023-01-04 09:46:29 +00:00
c := & createCmd { log : log }
return c . create ( cmd , creator , fileHandler , spinner )
2022-04-13 13:01:38 +02:00
}
2023-01-04 09:46:29 +00:00
func ( c * createCmd ) create ( cmd * cobra . Command , creator cloudCreator , fileHandler file . Handler , spinner spinnerInterf ,
2022-10-07 19:35:07 +02:00
) ( retErr error ) {
2023-01-04 09:46:29 +00:00
flags , err := c . parseCreateFlags ( cmd )
2022-04-13 13:01:38 +02:00
if err != nil {
return err
}
2023-01-04 09:46:29 +00:00
c . log . Debugf ( "Using flags: %+v" , flags )
if err := c . checkDirClean ( fileHandler ) ; err != nil {
2022-04-13 13:01:38 +02:00
return err
}
2023-01-18 13:10:24 +01:00
c . log . Debugf ( "Loading configuration file from %q" , flags . configPath )
2023-01-31 11:45:31 +01:00
conf , err := config . New ( fileHandler , flags . configPath , flags . force )
2023-03-31 19:19:10 +02:00
c . log . Debugf ( "Configuration file loaded: %+v" , conf )
2023-02-07 12:56:25 +01:00
var configValidationErr * config . ValidationError
if errors . As ( err , & configValidationErr ) {
cmd . PrintErrln ( configValidationErr . LongMessage ( ) )
}
2022-04-13 13:01:38 +02:00
if err != nil {
2023-02-07 12:56:25 +01:00
return err
2022-04-13 13:01:38 +02:00
}
2023-01-04 09:46:29 +00:00
c . log . Debugf ( "Checking configuration for warnings" )
2022-09-06 13:05:49 +02:00
var printedAWarning bool
2022-11-22 18:47:08 +01:00
if ! conf . IsReleaseImage ( ) {
2022-11-10 10:27:24 +01:00
cmd . PrintErrln ( "Configured image doesn't look like a released production image. Double check image before deploying to production." )
2022-09-06 13:05:49 +02:00
printedAWarning = true
}
2022-11-15 15:40:49 +01:00
if conf . IsDebugCluster ( ) {
2022-11-10 10:27:24 +01:00
cmd . PrintErrln ( "WARNING: Creating a debug cluster. This cluster is not secure and should only be used for debugging purposes." )
cmd . PrintErrln ( "DO NOT USE THIS CLUSTER IN PRODUCTION." )
2022-09-06 13:05:49 +02:00
printedAWarning = true
2022-08-16 15:53:54 +02:00
}
2023-05-03 11:11:53 +02:00
if conf . GetAttestationConfig ( ) . GetVariant ( ) . Equal ( variant . AzureTrustedLaunch { } ) {
2022-11-10 10:27:24 +01:00
cmd . PrintErrln ( "Disabling Confidential VMs is insecure. Use only for evaluation purposes." )
2022-09-06 13:05:49 +02:00
printedAWarning = true
2022-08-25 15:24:31 +02:00
}
2022-09-06 13:05:49 +02:00
// Print an extra new line later to separate warnings from the prompt message of the create command
if printedAWarning {
2022-11-10 10:27:24 +01:00
cmd . PrintErrln ( "" )
2022-09-06 13:05:49 +02:00
}
2022-11-15 15:40:49 +01:00
provider := conf . GetProvider ( )
2022-08-31 17:35:33 +02:00
var instanceType string
switch provider {
2022-10-21 12:24:18 +02:00
case cloudprovider . AWS :
2023-01-04 09:46:29 +00:00
c . log . Debugf ( "Configuring instance type for AWS" )
2022-11-15 15:40:49 +01:00
instanceType = conf . Provider . AWS . InstanceType
2022-08-31 17:35:33 +02:00
case cloudprovider . Azure :
2023-01-04 09:46:29 +00:00
c . log . Debugf ( "Configuring instance type for Azure" )
2022-11-15 15:40:49 +01:00
instanceType = conf . Provider . Azure . InstanceType
2022-08-31 17:35:33 +02:00
case cloudprovider . GCP :
2023-01-04 09:46:29 +00:00
c . log . Debugf ( "Configuring instance type for GCP" )
2022-11-15 15:40:49 +01:00
instanceType = conf . Provider . GCP . InstanceType
2023-02-27 18:19:52 +01:00
case cloudprovider . OpenStack :
c . log . Debugf ( "Configuring instance type for OpenStack" )
instanceType = conf . Provider . OpenStack . FlavorID
2022-09-26 15:52:31 +02:00
case cloudprovider . QEMU :
2023-01-04 09:46:29 +00:00
c . log . Debugf ( "Configuring instance type for QEMU" )
2022-11-15 15:40:49 +01:00
cpus := conf . Provider . QEMU . VCPUs
2022-09-26 15:52:31 +02:00
instanceType = fmt . Sprintf ( "%d-vCPU" , cpus )
2022-08-31 17:35:33 +02:00
}
2023-01-18 13:10:24 +01:00
c . log . Debugf ( "Configured with instance type %q" , instanceType )
2022-08-31 17:35:33 +02:00
2022-04-13 13:01:38 +02:00
if ! flags . yes {
// Ask user to confirm action.
2022-05-04 09:13:46 +02:00
cmd . Printf ( "The following Constellation cluster will be created:\n" )
2023-02-17 08:15:17 +01:00
cmd . Printf ( "%d control-plane node%s of type %s will be created.\n" , flags . controllerCount , isPlural ( flags . controllerCount ) , instanceType )
cmd . Printf ( "%d worker node%s of type %s will be created.\n" , flags . workerCount , isPlural ( flags . workerCount ) , instanceType )
2022-05-04 09:13:46 +02:00
ok , err := askToConfirm ( cmd , "Do you want to create this cluster?" )
2022-04-13 13:01:38 +02:00
if err != nil {
return err
}
if ! ok {
2022-05-04 09:13:46 +02:00
cmd . Println ( "The creation of the cluster was aborted." )
2022-04-13 13:01:38 +02:00
return nil
}
}
2022-10-07 19:35:07 +02:00
spinner . Start ( "Creating" , false )
2023-04-14 14:15:07 +02:00
opts := cloudcmd . CreateOptions {
Provider : provider ,
Config : conf ,
InsType : instanceType ,
ControlPlaneCount : flags . controllerCount ,
WorkerCount : flags . workerCount ,
TFLogLevel : flags . tfLogLevel ,
}
idFile , err := creator . Create ( cmd . Context ( ) , opts )
2022-10-04 19:17:05 +03:00
spinner . Stop ( )
2022-04-13 13:01:38 +02:00
if err != nil {
2022-11-16 16:33:51 +01:00
return translateCreateErrors ( cmd , err )
2022-04-13 13:01:38 +02:00
}
2023-02-03 10:05:42 +00:00
c . log . Debugf ( "Successfully created the cloud resources for the cluster" )
2022-04-13 13:01:38 +02:00
2022-10-11 12:24:33 +02:00
if err := fileHandler . WriteJSON ( constants . ClusterIDsFileName , idFile , file . OptNone ) ; err != nil {
2022-07-29 10:01:10 +02:00
return err
}
2022-05-04 09:13:46 +02:00
cmd . Println ( "Your Constellation cluster was created successfully." )
2022-04-13 13:01:38 +02:00
return nil
}
// parseCreateFlags parses the flags of the create command.
2023-01-04 09:46:29 +00:00
func ( c * createCmd ) parseCreateFlags ( cmd * cobra . Command ) ( createFlags , error ) {
2022-05-04 08:50:50 +02:00
controllerCount , err := cmd . Flags ( ) . GetInt ( "control-plane-nodes" )
if err != nil {
2022-06-09 14:10:42 +00:00
return createFlags { } , fmt . Errorf ( "parsing number of control-plane nodes: %w" , err )
2022-05-04 08:50:50 +02:00
}
2023-01-18 13:10:24 +01:00
c . log . Debugf ( "Control-plane nodes flag is %d" , controllerCount )
2022-05-04 08:50:50 +02:00
if controllerCount < constants . MinControllerCount {
return createFlags { } , fmt . Errorf ( "number of control-plane nodes must be at least %d" , constants . MinControllerCount )
}
workerCount , err := cmd . Flags ( ) . GetInt ( "worker-nodes" )
if err != nil {
2022-06-09 14:10:42 +00:00
return createFlags { } , fmt . Errorf ( "parsing number of worker nodes: %w" , err )
2022-05-04 08:50:50 +02:00
}
2023-01-18 13:10:24 +01:00
c . log . Debugf ( "Worker nodes flag is %d" , workerCount )
2022-05-04 08:50:50 +02:00
if workerCount < constants . MinWorkerCount {
return createFlags { } , fmt . Errorf ( "number of worker nodes must be at least %d" , constants . MinWorkerCount )
}
2022-04-13 13:01:38 +02:00
yes , err := cmd . Flags ( ) . GetBool ( "yes" )
if err != nil {
2023-04-14 14:15:07 +02:00
return createFlags { } , fmt . Errorf ( "parsing yes bool: %w" , err )
2022-04-13 13:01:38 +02:00
}
2023-01-18 13:10:24 +01:00
c . log . Debugf ( "Yes flag is %t" , yes )
2022-05-04 08:50:50 +02:00
2022-05-13 11:56:43 +02:00
configPath , err := cmd . Flags ( ) . GetString ( "config" )
2022-04-13 13:01:38 +02:00
if err != nil {
2022-06-09 14:10:42 +00:00
return createFlags { } , fmt . Errorf ( "parsing config path argument: %w" , err )
2022-04-13 13:01:38 +02:00
}
2023-01-18 13:10:24 +01:00
c . log . Debugf ( "Configuration path flag is %q" , configPath )
2022-04-13 13:01:38 +02:00
2023-01-31 11:45:31 +01:00
force , err := cmd . Flags ( ) . GetBool ( "force" )
if err != nil {
return createFlags { } , fmt . Errorf ( "parsing force argument: %w" , err )
}
c . log . Debugf ( "force flag is %t" , force )
2023-04-14 14:15:07 +02:00
logLevelString , err := cmd . Flags ( ) . GetString ( "tf-log" )
if err != nil {
return createFlags { } , fmt . Errorf ( "parsing tf-log string: %w" , err )
}
logLevel , err := terraform . ParseLogLevel ( logLevelString )
if err != nil {
return createFlags { } , fmt . Errorf ( "parsing Terraform log level %s: %w" , logLevelString , err )
}
c . log . Debugf ( "Terraform logs will be written into %s at level %s" , constants . TerraformLogFile , logLevel . String ( ) )
2022-04-13 13:01:38 +02:00
return createFlags {
2022-05-04 08:50:50 +02:00
controllerCount : controllerCount ,
workerCount : workerCount ,
2022-05-13 11:56:43 +02:00
configPath : configPath ,
2023-04-14 14:15:07 +02:00
tfLogLevel : logLevel ,
2023-01-31 11:45:31 +01:00
force : force ,
2022-05-04 08:50:50 +02:00
yes : yes ,
2022-04-13 13:01:38 +02:00
} , nil
}
// createFlags contains the parsed flags of the create command.
type createFlags struct {
2022-05-04 08:50:50 +02:00
controllerCount int
workerCount int
2022-05-13 11:56:43 +02:00
configPath string
2023-04-14 14:15:07 +02:00
tfLogLevel terraform . LogLevel
2023-01-31 11:45:31 +01:00
force bool
2022-05-04 08:50:50 +02:00
yes bool
}
2022-03-22 16:03:15 +01:00
// checkDirClean checks if files of a previous Constellation are left in the current working dir.
2023-01-04 09:46:29 +00:00
func ( c * createCmd ) checkDirClean ( fileHandler file . Handler ) error {
c . log . Debugf ( "Checking admin configuration file" )
2022-04-06 10:36:58 +02:00
if _ , err := fileHandler . Stat ( constants . AdminConfFilename ) ; ! errors . Is ( err , fs . ErrNotExist ) {
return fmt . Errorf ( "file '%s' already exists in working directory, run 'constellation terminate' before creating a new one" , constants . AdminConfFilename )
2022-03-22 16:03:15 +01:00
}
2023-01-04 09:46:29 +00:00
c . log . Debugf ( "Checking master secrets file" )
2022-04-06 10:36:58 +02:00
if _ , err := fileHandler . Stat ( constants . MasterSecretFilename ) ; ! errors . Is ( err , fs . ErrNotExist ) {
2022-06-09 14:10:42 +00:00
return fmt . Errorf ( "file '%s' already exists in working directory. Constellation won't overwrite previous master secrets. Move it somewhere or delete it before creating a new cluster" , constants . MasterSecretFilename )
2022-03-22 16:03:15 +01:00
}
2023-01-04 09:46:29 +00:00
c . log . Debugf ( "Checking cluster IDs file" )
2022-07-29 10:01:10 +02:00
if _ , err := fileHandler . Stat ( constants . ClusterIDsFileName ) ; ! errors . Is ( err , fs . ErrNotExist ) {
return fmt . Errorf ( "file '%s' already exists in working directory. Constellation won't overwrite previous cluster IDs. Move it somewhere or delete it before creating a new cluster" , constants . ClusterIDsFileName )
}
2022-03-22 16:03:15 +01:00
return nil
}
2022-04-13 13:01:38 +02:00
2022-11-16 16:33:51 +01:00
func translateCreateErrors ( cmd * cobra . Command , err error ) error {
switch {
case errors . Is ( err , terraform . ErrTerraformWorkspaceDifferentFiles ) :
cmd . PrintErrln ( "\nYour current working directory contains an existing Terraform workspace which does not match the expected state." )
cmd . PrintErrln ( "This can be due to a mix up between providers, versions or an otherwise corrupted workspace." )
cmd . PrintErrln ( "Before creating a new cluster, try \"constellation terminate\"." )
cmd . PrintErrf ( "If this does not work, either move or delete the directory %q.\n" , constants . TerraformWorkingDir )
cmd . PrintErrln ( "Please only delete the directory if you made sure that all created cloud resources have been terminated." )
return err
case errors . Is ( err , terraform . ErrTerraformWorkspaceExistsWithDifferentVariables ) :
cmd . PrintErrln ( "\nYour current working directory contains an existing Terraform workspace which was initiated with different input variables." )
cmd . PrintErrln ( "This can be the case if you have tried to create a cluster before with different options which did not complete, or the workspace is corrupted." )
cmd . PrintErrln ( "Before creating a new cluster, try \"constellation terminate\"." )
cmd . PrintErrf ( "If this does not work, either move or delete the directory %q.\n" , constants . TerraformWorkingDir )
cmd . PrintErrln ( "Please only delete the directory if you made sure that all created cloud resources have been terminated." )
return err
default :
return err
}
}
2023-02-17 08:15:17 +01:00
func isPlural ( count int ) string {
if count == 1 {
return ""
}
return "s"
}
2022-06-08 08:14:28 +02:00
func must ( err error ) {
if err != nil {
panic ( err )
}
}