feat: stop rook

.taskfiles/Rook/Taskfile.yaml

@@ -0,0 +1,75 @@
+---
+# yaml-language-server: $schema=https://taskfile.dev/schema.json
+version: "3"
+
+x-env: &env
+  disk: "{{.disk}}"
+  job: "{{.job}}"
+  node: "{{.node}}"
+
+vars:
+  ROOK_SCRIPTS_DIR: "{{.ROOT_DIR}}/.taskfiles/Rook/scripts"
+  ROOK_TEMPLATES_DIR: "{{.ROOT_DIR}}/.taskfiles/Rook/templates"
+
+tasks:
+
+  reset:
+    desc: Reset Rook
+    vars: &vars
+      cluster: "{{.cluster}}"
+      disk: "{{.cephdisk}}"
+      node: "{{.ITEM}}"
+    cmds:
+      - for: { var: cephnodes }
+        task: reset-data
+        vars: *vars
+      - for: { var: cephnodes }
+        task: reset-disk
+        vars: *vars
+    requires:
+      vars: ["cluster", "cephnodes", "cephdisk"]
+
+  reset-disk:
+    desc: Reset a rook disk on a node
+    prompt: Reset rook disk with '{{.node}}/{{.disk}}' in the '{{.cluster}}' cluster ... continue?
+    summary: |
+      Args:
+        cluster: Cluster to run command against (required)
+        disk: Disk to wipe (required)
+        node: Node the disk is on (required)
+    cmds:
+      - envsubst < <(cat {{.ROOK_TEMPLATES_DIR}}/WipeDiskJob.tmpl.yaml) | kubectl --context {{.cluster}} apply -f -
+      - bash {{.ROOK_SCRIPTS_DIR}}/wait-for-job.sh {{.job}} default {{.cluster}}
+      - kubectl --context {{.cluster}} -n default wait job/{{.job}} --for condition=complete --timeout=1m
+      - kubectl --context {{.cluster}} -n default logs job/{{.job}}
+      - kubectl --context {{.cluster}} -n default delete job {{.job}}
+    env: *env
+    requires:
+      vars: ["cluster", "disk", "node"]
+    vars:
+      job: wipe-disk-{{.node}}-{{.disk | replace "/" "-"}}
+    preconditions:
+      - test -f {{.ROOK_SCRIPTS_DIR}}/wait-for-job.sh
+      - test -f {{.ROOK_TEMPLATES_DIR}}/WipeDiskJob.tmpl.yaml
+
+  reset-data:
+    desc: Reset rook data on a node
+    prompt: Reset rook data on node '{{.node}}' in the '{{.cluster}}' cluster ... continue?
+    summary: |
+      Args:
+        cluster: Cluster to run command against (required)
+        node: Node the data is on (required)
+    cmds:
+      - envsubst < <(cat {{.ROOK_TEMPLATES_DIR}}/WipeDataJob.tmpl.yaml) | kubectl --context {{.cluster}} apply -f -
+      - bash {{.ROOK_SCRIPTS_DIR}}/wait-for-job.sh {{.job}} default {{.cluster}}
+      - kubectl --context {{.cluster}} -n default wait job/{{.job}} --for condition=complete --timeout=1m
+      - kubectl --context {{.cluster}} -n default logs job/{{.job}}
+      - kubectl --context {{.cluster}} -n default delete job {{.job}}
+    env: *env
+    requires:
+      vars: ["cluster", "node"]
+    vars:
+      job: wipe-data-{{.node}}
+    preconditions:
+      - test -f {{.ROOK_SCRIPTS_DIR}}/wait-for-job.sh
+      - test -f {{.ROOK_TEMPLATES_DIR}}/WipeDataJob.tmpl.yaml

.taskfiles/Rook/scripts/wait-for-job.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+JOB=$1
+NAMESPACE="${2:-default}"
+CLUSTER="${3:-main}"
+
+[[ -z "${JOB}" ]] && echo "Job name not specified" && exit 1
+while true; do
+    STATUS="$(kubectl --context "${CLUSTER}" -n "${NAMESPACE}" get pod -l job-name="${JOB}" -o jsonpath='{.items[*].status.phase}')"
+    if [ "${STATUS}" == "Pending" ]; then
+        break
+    fi
+    sleep 1
+done

.taskfiles/Rook/templates/WipeDataJob.tmpl.yaml

@@ -0,0 +1,28 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: ${job}
+  namespace: default
+spec:
+  ttlSecondsAfterFinished: 3600
+  template:
+    spec:
+      automountServiceAccountToken: false
+      restartPolicy: Never
+      nodeName: ${node}
+      containers:
+        - name: main
+          image: docker.io/library/alpine:latest
+          command: ["/bin/sh", "-c"]
+          args: ["rm -rf /mnt/host_var/lib/rook"]
+          volumeMounts:
+            - mountPath: /mnt/host_var
+              name: host-var
+          securityContext:
+            privileged: true
+          resources: {}
+      volumes:
+        - name: host-var
+          hostPath:
+            path: /var

.taskfiles/Rook/templates/WipeDiskJob.tmpl.yaml

@@ -0,0 +1,26 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: ${job}
+  namespace: default
+spec:
+  ttlSecondsAfterFinished: 3600
+  template:
+    spec:
+      automountServiceAccountToken: false
+      restartPolicy: Never
+      nodeName: ${node}
+      containers:
+        - name: main
+          image: docker.io/library/alpine:latest
+          command: ["/bin/sh", "-c"]
+          args:
+            - apk add --no-cache sgdisk util-linux util-linux-misc parted device-mapper;
+              sgdisk --zap-all ${disk};
+              dd if=/dev/zero of=${disk} bs=1M count=100 oflag=direct,dsync;
+              blkdiscard ${disk};
+              partprobe ${disk};
+          securityContext:
+            privileged: true
+          resources: {}

Taskfile.yaml

@@ -33,6 +33,7 @@ includes:
   repository:
     aliases: ["repo"]
     taskfile: .taskfiles/Repository/Taskfile.yaml
+  rook: .taskfiles/Rook/Taskfile.yaml
   talos: .taskfiles/Talos/Taskfile.yaml
   sops: .taskfiles/Sops/Taskfile.yaml
   workstation: .taskfiles/Workstation/Taskfile.yaml

kubernetes/apps/rook-ceph/kustomization.yaml

@@ -5,4 +5,4 @@ resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
   # Flux-Kustomizations
-  - ./rook-ceph/ks.yaml
+  #- ./rook-ceph/ks.yaml