Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 07a39e2b168871f7cc4d50e26a3a474c1fcd99b6 / . / metropolis / handbook / src / ch02-00-local-demo-cluster.md
blob: d200bd5ca663ab7dc426baaa2d5ff0441a456fe5 [file] [log] [blame] [view]
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]1# The demo cluster
2
3This chapter demonstrates the installation process and operation of a Metropolis cluster.
4
5## Prerequisites
6
7### Hardware
8An x86_64/amd64 Linux host machine with glibc on which you can run `metroctl`. This will later be expanded to cover many more platforms, but for our first release this is the only supported platform.
9
10And either:
11* KVM support on your host machine and a hypervisor capable of running OVMF with TPM2 (like libvirt/virt-manager)
12* A physical x86_68/amd64 machine (ideally at least 3 for reboot persistence) with UEFI boot and a TPM2 and a USB thumb drive (>=1G).
13
14### Software
15
16#### metroctl
17First, you'll need *metroctl*, the command line utility for working with Metropolis clusters.
Jan Schärdc979122025-04-16 16:27:43 +0000[diff] [blame]18There are currently no release builds available, so you'll need to build it yourself:
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]19```shell
Jan Schärdc979122025-04-16 16:27:43 +0000[diff] [blame]20bazel build //metropolis:metroctl
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]21```
22Optionally you can move the file to a location in PATH, like /usr/local/bin or ~/bin/.
23
Jan Schärdc979122025-04-16 16:27:43 +0000[diff] [blame]24#### The installation image
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]25
Jan Schärdc979122025-04-16 16:27:43 +0000[diff] [blame]26To install Metropolis, you'll need an *OS image*.
27Metropolis OS images are represented as OCI artifacts and contain all resources to install or update a Metropolis node.
28OS images can be stored in an OCI registry, or on local disk as an OCI layout directory.
29
30When building metroctl, an OS image is also built.
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]31
32## Installation
33
34### The bootstrap node
35
36Let's generate the installer image that we'll use to install the first node of the upcoming cluster. To do that, use the *metroctl* tool in the following way:
37```shell
Jan Schärdc979122025-04-16 16:27:43 +0000[diff] [blame]38bazel run //metropolis:metroctl -- install genusb /path/to/bootstrap-node-installer.img --bootstrap --cluster=cluster.internal
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]39```
40If you're going to install from a USB stick or other types of removable storage, supply metroctl with a device path:
41```shell
Jan Schärdc979122025-04-16 16:27:43 +0000[diff] [blame]42bazel run //metropolis:metroctl -- install genusb /dev/sdx --bootstrap --cluster=cluster.internal
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]43```
44Since a new GPT will need to be generated for the target device, the image file cannot simply be copied into it.
45**Caution:** make sure you'll be using the correct path. *metroctl* will overwrite data on the target device.
46
47Metropolis does not support installation from optical media.
48
49The installer will be paired with your *cluster owner's credentials*, that *metroctl* will save to your XDG config directory. Please note that the resulting installer can be used only to set up the initial node.
50
51If all goes well, this will leave you with the following output.
52```
532022/07/07 10:29:44 Generating installer image (this can take a while, see issues/92).
54```
55
56Use the installer image to provision the first node. The image will contain an EFI-bootable payload.
57
58**Caution:** the installer will install Metropolis onto the first suitable persistent storage it finds as soon as it boots. The installation process is non-interactive in this version of the OS. If you're going to install on physical hardware, make sure you have backed up all your data from the machine you'll be running it on.
59
60If you'll be using a virtual machine, it is advised to pick smaller storage sizes, eg. 4G. Upon first boot, Metropolis will need to zero its data partition, which can take a long time.
61
62The installer will produce the following output, that will be both sent over the serial interface, and displayed on your screen, if available:
63```
64Installing to /dev/vdx...
65```
66
67Afterwards, it will restart, and the installation media will need to be removed. At this point you should be left with a working bootstrap node.
68
69### Taking ownership of the new cluster
70
71After the first node is set up and running, you can take ownership of the upcoming cluster:
72```shell
Serge Bazanskibeec27c2024-10-31 12:27:08 +0000[diff] [blame]73metroctl cluster takeownership <bootstrap-node-address>
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]74```
75This should result in the following output being displayed:
76```
772022/07/07 10:42:07 Successfully retrieved owner credentials! You now own this cluster. Setting up kubeconfig now...
782022/07/07 10:42:07 Success! kubeconfig is set up. You can now run kubectl --context=metropolis ... to access the Kubernetes cluster.
79```
80
81If this didn't work out the first time you tried, try giving the bootstrap node more time. Depending on available storage size, setting up its data partition might take longer, in which case your connection attempts will be refused.
82
83### Additional nodes
84
85Additional nodes can be provided with the non-bootstrap installer image. It can be generated with *metroctl*. This time, note the lack of the *--bootstrap* flag.
86```shell
Jan Schärdc979122025-04-16 16:27:43 +0000[diff] [blame]87bazel run //metropolis:metroctl -- --endpoints <bootstrap-node-address> install genusb /path/to/second-node-installer.img
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]88```
89
90Complete the installation process with one or more nodes.
91
92For the new nodes to join the cluster, you'll need to approve them first. Calling `metroctl approve` with no parameters will list nodes pending approval.
93```shell
94metroctl --endpoints <bootstrap-node-address> approve
95```
96
97You should get a list of node IDs which would look similar to:
98```
99metropolis-7eec2053798faab726bb9fd9e9444ec9
100```
101
102If there are no nodes that have already registered with the cluster, *metroctl* will produce the following output:
103```
104There are no nodes pending approval at this time.
105```
106
107To approve a node, use its node ID as a parameter.
108```shell
109metroctl --endpoints 192.168.122.238 approve <above-node-id-goes-here>
110```
111
112If the node was approved as a result, metroctl will say:
113```
114Approved node <node-id>
115```
116
117## Using the cluster
118
Leopold Schabel77bf7542025-06-23 11:26:31 +0200[diff] [blame]119At this point you can start exploring Metropolis. Try playing with *kubectl*, or take a look at the [Cluster API](ch03-05-cluster-api.md) chapter of this handbook.
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]120
121The cluster state should be reflected by *kubectl* output:
122```shell
Tim Windelschmidtb37d7d82023-06-14 19:06:44 +0200[diff] [blame]123kubectl --context=metroctl get nodes
Mateusz Zalega6e7c2ac2022-07-07 16:02:03 +0200[diff] [blame]124
125NAME STATUS ROLES AGE VERSION
126metropolis-4fb5a2aa4eec34080bea02ac8020028d Ready <none> 98m v1.24.0+mngn
127metropolis-7eec2053798faab726bb9fd9e9444ec9 Ready <none> 86m v1.24.0+mngn
128```
129
130If you need to install kubectl, try [this chapter](https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/) of the official Kubernetes Documentation.
131
132## Caveats
133
134This is a preview version of Metropolis, and there's a couple of things to be aware of.
135
136### Cold start
137
138The cluster recovery flow is still unimplemented. This means that a *cold* cluster, in which all member nodes have been shut down, **will not** start up again. This will be solved in an upcoming release.