pia-1.7.0

Tags:

  5 minute read  

KOSI Plugin PIA Version 1.7.0

Summary

The PIA plugin (Plugin-based Infrastructure Administrator) is designed to automate administrative tasks in Kubernetes clusters by enabling remote command execution and file transfers. It operates in two modes:

  • SSH Mode: Executes commands and transfers files via SSH, requiring a specified user with appropriate permissions.
  • K8s Mode: Uses the Kubernetes Mode (kubectl) to create and deploy custom resources for execution by the PIA operator.

This plugin simplifies managing multiple nodes, making it useful for executing system configurations, software deployments, and maintenance tasks across a cluster.

Keys

Key Required Description
mode Yes Defines how PIA operates. Possible values: ssh or k8s.
nodes Yes (or only labels) Specifies target nodes where commands should be executed. Either nodes or labels must be set.
labels Yes (or only nodes) Defines node selection via labels instead of explicit node names. Either nodes or labels must be set.
files Optional Lists files to be uploaded before executing the command. Files in ssh mode are uploaded to PIAROOT, located at KUBEOPSROOT/pia.
command Yes Specifies the command to be executed on the target nodes.
user Yes in ssh mode Defines the user for SSH connections. Typically requires root privileges.

Notes:

  • The user key is only applicable in SSH mode.
  • The default path for KUBEOPSROOT is /var/kubeops - in this case the PIAROOT is in /var/kubeops/pia.

Examples

Example 1 - SSH Mode

In this example, the PIA plugin transfers template.yaml to specified nodes and executes a command under the root user.

languageversion = "1.0.0";
apiversion = "kubernative/kubeops/sina/user/v4";
name = "kosi-example-package";
description = "kosi-example-package";
version = "0.1.0";
docs = "docs.tgz";
logo = "logo.png";

files =
{
    input = "template.yaml";
}

containers =
{
    example = ["docker.io", "nginx", "latest"];
}

install
{
    pia
    (
        mode = "ssh";
        nodes = "['cluster2master1', 'cluster2master2']";
        files = "['template.yaml']";
        command = "echo Hello World";
        user = "root";
    );
}

Expected Behavior

  • The template.yaml file is uploaded to PIAROOT, located at KUBEOPSROOT/pia on cluster2master1 and cluster2master2.
  • The command echo Hello World is executed on each node using SSH.
  • The connection is established under the root user.

Recommendation: The specified user should have root privileges to execute administrative commands effectively.

Example 2 - K8s Mode

In Kubernetes mode, the PIA plugin deploys a custom resource that gets processed by the PIA operator.

languageversion = "1.0.0";
apiversion = "kubernative/kubeops/sina/user/v4";
name = "kosi-example-package";
description = "kosi-example-package";
version = "0.1.0";
docs = "docs.tgz";
logo = "logo.png";

files =
{
    input = "template.yaml";
}

containers =
{
    example = ["docker.io", "nginx", "latest"];
}

install
{
    pia
    (
        mode = "k8s";
        nodes = "['cluster2master1','cluster2master2']";
        files = "['template.yaml']";
        command = "echo Hello World";
    );
}

Expected Behavior

  • The plugin generates a customresource.yaml in the KUBEOPSROOT/pia directory.
  • The template.yaml file is uploaded.
  • A Kubernetes Custom Resource is deployed, which the PIA operator processes.

Sample installation log:

[root@cluster2admin1 Test_Pia-Plugin]# kosi install -p package.tgz
2024-01-24 12:12:03 Info:      KOSI version: 2.14.0.0_XXXXXXXXXX
2024-01-24 12:12:05 Info:      template.yaml start uploading to webserver.
2024-01-24 12:12:05 Info:      template.yaml successfully uploaded to webserver.
pia.kubeops.net/example-pia created
2024-01-24 12:12:08 Info:      Installation successful

Example 3 - Using PIA Plugin with other plugins

Using pia with the osCheck, if and print plugins

This example shows the interaction of several plugins. In this example, we use the pia plugin together with the osCheck, if and print plugins to check whether it is the correct operating system and to output a specific message and execute a corresponding PIA operation with the pia plugin:

languageversion = "1.0.0";
apiversion = "kubernative/kubeops/sina/user/v4";
name = "kosi-example-pia-oscheck-if-print";
description = "Example using pia with oscheck and if and print";
version = "0.1.0";
docs = "docs.tgz";
logo = "logo.png";

files = 
{
    inputRhel = "rhel8.yaml";
    inputOtherOS = "otherOs.yaml";
}

install
{
    osCheck(getOSVar = "os"; getOSVersionVar = "version");

    if (condition = "$os$ = 'Red Hat Enterprise Linux'") then
    {
        print(message = "Performing PIA operation for RHEL 8..");
        pia
        (
            mode = "ssh";
            nodes = "['cluster2master1']";
            files = "['rhel8.yaml']";
            command = "echo Hello RHEL 8";
            user = "rhel8User";
        );
    }
    else
    {
        print(message = "Other OS recognized instead of RHEL 8, performing alternative PIA operation..");
        pia
        (
            mode = "ssh";
            nodes = "['cluster2master1']";
            files = "['otherOs.yaml']";
            command = "echo Hello other OS";
            user = "otherUser";
        );
    }
}

Expected Behavior

If os is Red Hat Enterprise Linux:

2025-02-26 15:18:28 Info:      Performing PIA operation for RHEL 8..
  • The rhel8.yaml file is uploaded to cluster2master1.
  • The command echo Hello RHEL 8 is executed on each node using SSH.
  • The connection is established under the rhel8User user.

Otherwise:

2025-02-26 15:18:28 Info:      Other OS recognized instead of RHEL 8, performing alternative PIA operation..
  • The otherOs.yaml file is uploaded to cluster2master1.
  • The command echo Hello other OS is executed on each node using SSH.
  • The connection is established under the otherUser user.

PIA Operator (Plugin-based Infrastructure Administrator)

Additional Information

The PIA operator processes Kubernetes-based PIA tasks by handling deployed Custom Resources.

Note: The following information does not refer directly to the PIA plug-in, but to the CRD via PIA operator and serves as additional information on the functionality of PIA and as a possible alternative use.

Installation

  1. Create values.yaml with registry credentials:
pullsecretRegistry: "https://registry.preprod.kubernative.net"
pullsecretUser: "<username>"
pullsecretPassword: "<userpassword>"
piaWebserverNodePort: 31213

Explanation:

  • pullsecretUser and pullsecretPassword are authentication credentials for the image registry.
  • piaWebserverNodePort defines the NodePort service for the PIA web server, which is used to manage uploaded files.
  1. Install the PIA operator:
kosi install --hub public kubeops/piaoperator:0.1.0 -f values.yaml

Verifying Deployment

After installation, check if the operator is running:

kubectl get pods -n pia-test

Using the PIA Operator

There are two ways to use the operator:

  1. Via the PIA plugin (as shown in the examples above).
  2. By manually deploying a Custom Resource Definition (CRD).

Example: Pia Custom Resource

apiVersion: kubeops.net/v1alpha1
kind: Pia
metadata:
  name: hello-world
  namespace: pia-test
spec:
  command: "echo Hello world; sleep 60;"
  jobId: abcdef
  nodes:
  - cluster2worker1
  - cluster2worker3
  labels:
  #- kubeops-zone=zone2
  files:
  #- file1