Update to maintained dependencies (#145)

* Replace unmaintained `docker-compose` with `docker compose`

* Set selinux labels for docker.sock

* Migrate to Compose specification

To override `compose.yaml` use `compose.override.yaml`

* Upgrade to kind 0.20.0

* Remove restriction to outdated containerlab

Issue with ignite was fixed in srl-labs/containerlab#1667

Author: robertvolkmann

Makefile

@@ -8,8 +8,6 @@ KINDCONFIG := $(or $(KINDCONFIG),control-plane/kind.yaml)
 KUBECONFIG := $(shell pwd)/.kubeconfig
 
 # Default values
-DOCKER_COMPOSE_OVERRIDE=
-DOCKER_COMPOSE=$(shell if which docker-compose > /dev/null; then echo 'docker-compose'; else echo 'docker compose'; fi)
 CONTAINERLAB=$(shell which containerlab)
 
 # extra vars can be used by projects that built on the mini-lab, which want to override default configuration
@@ -45,7 +43,7 @@ endif
 .PHONY: up
 up: env control-plane-bake partition-bake
 	@chmod 600 files/ssh/id_rsa
-	$(DOCKER_COMPOSE) up --remove-orphans --force-recreate control-plane partition
+	docker compose up --remove-orphans --force-recreate control-plane partition
 	@$(MAKE)	--no-print-directory	start-machines
 # for some reason an allocated machine will not be able to phone home
 # without restarting the metal-core
@@ -62,7 +60,7 @@ down: cleanup
 
 .PHONY: control-plane
 control-plane: control-plane-bake env
-	$(DOCKER_COMPOSE) up --remove-orphans --force-recreate control-plane
+	docker compose up --remove-orphans --force-recreate control-plane
 
 .PHONY: control-plane-bake
 control-plane-bake:
@@ -75,7 +73,7 @@ control-plane-bake:
 
 .PHONY: partition
 partition: partition-bake
-	$(DOCKER_COMPOSE) -f docker-compose.yml $(DOCKER_COMPOSE_OVERRIDE) up --remove-orphans --force-recreate partition
+	docker compose up --remove-orphans --force-recreate partition
 
 .PHONY: partition-bake
 partition-bake:
@@ -115,7 +113,7 @@ cleanup: cleanup-control-plane cleanup-partition
 .PHONY: cleanup-control-plane
 cleanup-control-plane:
 	kind delete cluster --name metal-control-plane
-	$(DOCKER_COMPOSE) down
+	docker compose down
 	rm -f $(KUBECONFIG)
 
 .PHONY: cleanup-partition
@@ -124,19 +122,19 @@ cleanup-partition:
 
 .PHONY: _privatenet
 _privatenet: env
-	$(DOCKER_COMPOSE) run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network | grep user-private-network || $(DOCKER_COMPOSE) run $(DOCKER_COMPOSE_TTY_ARG) metalctl network allocate --partition mini-lab --project 00000000-0000-0000-0000-000000000000 --name user-private-network
+	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network | grep user-private-network || docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network allocate --partition mini-lab --project 00000000-0000-0000-0000-000000000000 --name user-private-network
 
 .PHONY: machine
 machine: _privatenet
-	$(DOCKER_COMPOSE) run $(DOCKER_COMPOSE_TTY_ARG) metalctl machine create --description test --name test --hostname test --project 00000000-0000-0000-0000-000000000000 --partition mini-lab --image $(MACHINE_OS) --size v1-small-x86 --networks $(shell $(DOCKER_COMPOSE) run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network -o template --template '{{ .id }}')
+	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl machine create --description test --name test --hostname test --project 00000000-0000-0000-0000-000000000000 --partition mini-lab --image $(MACHINE_OS) --size v1-small-x86 --networks $(shell docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network -o template --template '{{ .id }}')
 
 .PHONY: firewall
 firewall: _ips _privatenet
-	$(DOCKER_COMPOSE) run $(DOCKER_COMPOSE_TTY_ARG) metalctl firewall create --description fw --name fw --hostname fw --project 00000000-0000-0000-0000-000000000000 --partition mini-lab --image firewall-ubuntu-3.0 --size v1-small-x86 --networks internet-mini-lab,$(shell $(DOCKER_COMPOSE) run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network -o template --template '{{ .id }}')
+	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl firewall create --description fw --name fw --hostname fw --project 00000000-0000-0000-0000-000000000000 --partition mini-lab --image firewall-ubuntu-3.0 --size v1-small-x86 --networks internet-mini-lab,$(shell docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network -o template --template '{{ .id }}')
 
 .PHONY: ls
 ls: env
-	$(DOCKER_COMPOSE) run $(DOCKER_COMPOSE_TTY_ARG) metalctl machine ls
+	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl machine ls
 
 ## SWITCH MANAGEMENT ##
 
@@ -156,7 +154,7 @@ start-machines:
 
 .PHONY: _password
 _password: env
-	$(DOCKER_COMPOSE) run $(DOCKER_COMPOSE_TTY_ARG) metalctl machine consolepassword $(MACHINE_UUID)
+	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl machine consolepassword $(MACHINE_UUID)
 
 .PHONY: password-machine01
 password-machine01:
@@ -172,7 +170,7 @@ password-machine03:
 
 .PHONY: _free-machine
 _free-machine: env
-	$(DOCKER_COMPOSE) run $(DOCKER_COMPOSE_TTY_ARG) metalctl machine rm $(MACHINE_UUID)
+	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl machine rm $(MACHINE_UUID)
 	docker exec vms /mini-lab/manage_vms.py --names $(MACHINE_NAME) kill --with-disks
 	docker exec vms /mini-lab/manage_vms.py --names $(MACHINE_NAME) create
 

README.md

@@ -21,10 +21,9 @@ The mini-lab is a small, virtual setup to locally run the metal-stack. It deploy
 
 - Linux machine with hardware virtualization support
 - kvm as hypervisor for the VMs (you can check through the `kvm-ok` command)
-- [docker](https://www.docker.com/) >= 18.09 (for using kind and our deployment base image)
-- [docker-compose](https://docs.docker.com/compose/) >= 2.0 (for ease of use and for parallelizing control plane and partition deployment)
-- [kind](https://github.com/kubernetes-sigs/kind/releases) == v0.15.0 (for hosting the metal control plane on a kubernetes cluster v1.25)
-- [containerlab](https://containerlab.srlinux.dev/install/) == v0.25.1
+- [docker](https://www.docker.com/) >= 20.10.13 (for using kind and our deployment base image)
+- [kind](https://github.com/kubernetes-sigs/kind/releases) == v0.20.0 (for hosting the metal control plane)
+- [containerlab](https://containerlab.srlinux.dev/install/) >= v0.47.1
 - the lab creates a docker network on your host machine (`172.17.0.1`), this hopefully does not overlap with other networks you have
 - (recommended) haveged to have enough random entropy (only needed if the PXE process does not work)
 
@@ -49,17 +48,12 @@ curl -fsSL https://get.docker.com | sh
 sudo usermod -G docker -a ${USER}
 
 # Install containerlab
-bash -c "$(curl -sL https://get.containerlab.dev)" -- -v 0.25.1
+bash -c "$(curl -sL https://get.containerlab.dev)"
 
 # Install kind (kubernetes in docker), for more details see https://kind.sigs.k8s.io/docs/user/quick-start/#installation
-sudo curl -Lo /usr/local/bin/kind "https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64"
+sudo curl -Lo /usr/local/bin/kind "https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-amd64"
 sudo chmod +x /usr/local/bin/kind
 
-# Install docker-compose, for more details see https://docs.docker.com/compose/install/
-sudo curl -Lo /usr/local/bin/docker-compose "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)"
-sudo chmod +x /usr/local/bin/docker-compose
-```
-
 The following ports are used statically on your host machine:
 
 | Port | Bind Address | Description                        |
@@ -92,7 +86,7 @@ make
 After the deployment and waiting for a short amount of time, two machines in status `PXE booting` become visible through `metalctl machine ls`:
 
 ```bash
-docker-compose run --rm metalctl machine ls
+docker compose run --rm metalctl machine ls
 
 ID                                          LAST EVENT   WHEN     AGE  HOSTNAME  PROJECT  SIZE          IMAGE  PARTITION
 e0ab02d2-27cd-5a5e-8efc-080ba80cf258        PXE Booting  3s
@@ -102,7 +96,7 @@ e0ab02d2-27cd-5a5e-8efc-080ba80cf258        PXE Booting  3s
 Wait until the machines reach the waiting state:
 
 ```bash
-docker-compose run --rm metalctl machine ls
+docker compose run --rm metalctl machine ls
 
 ID                                          LAST EVENT   WHEN     AGE  HOSTNAME  PROJECT  SIZE          IMAGE  PARTITION
 e0ab02d2-27cd-5a5e-8efc-080ba80cf258        Waiting      8s                               v1-small-x86         mini-lab
@@ -119,13 +113,13 @@ make machine
 __Alternatively__, you may want to issue the `metalctl` commands on your own:
 
 ```bash
-docker-compose run --rm metalctl network allocate \
+docker compose run --rm metalctl network allocate \
         --partition mini-lab \
         --project 00000000-0000-0000-0000-000000000000 \
         --name user-private-network
 
 # lookup the network ID and create a machine
-docker-compose run --rm metalctl machine create \
+docker compose run --rm metalctl machine create \
         --description test \
         --name machine \
         --hostname machine \
@@ -136,7 +130,7 @@ docker-compose run --rm metalctl machine create \
         --networks <network-ID>
 
 # create a firewall that is also connected to the virtual internet-mini-lab network
-docker-compose run --rm metalctl machine create \
+docker compose run --rm metalctl machine create \
         --description fw \
         --name fw \
         --hostname fw \
@@ -160,7 +154,7 @@ machine login:
 Two machines are now installed and have status "Phoned Home"
 
 ```bash
-docker-compose run --rm metalctl machine ls
+docker compose run --rm metalctl machine ls
 ID                                          LAST EVENT   WHEN   AGE     HOSTNAME  PROJECT                               SIZE          IMAGE                             PARTITION
 e0ab02d2-27cd-5a5e-8efc-080ba80cf258        Phoned Home  2s     21s     machine   00000000-0000-0000-0000-000000000000  v1-small-x86  Ubuntu 20.04 20200331             mini-lab
 2294c949-88f6-5390-8154-fa53d93a3313        Phoned Home  8s     18s     fw        00000000-0000-0000-0000-000000000000  v1-small-x86  Firewall 2 Ubuntu 20200730        mini-lab
@@ -169,7 +163,7 @@ e0ab02d2-27cd-5a5e-8efc-080ba80cf258        Phoned Home  2s     21s     machin
 Login with user name metal and the console password from
 
 ```bash
-docker-compose run --rm metalctl machine consolepassword e0ab02d2-27cd-5a5e-8efc-080ba80cf258
+docker compose run --rm metalctl machine consolepassword e0ab02d2-27cd-5a5e-8efc-080ba80cf258
 ```
 
 If you want to access the firewall with SSH or have internet connectivity from the firewall and machine, you'll need to have a static route configured that points to the leaf switches:
@@ -193,7 +187,7 @@ make cleanup
 Reinstall a machine with
 
 ```bash
-docker-compose run --rm metalctl machine reinstall \
+docker compose run --rm metalctl machine reinstall \
         --image ubuntu-20.04 \
         e0ab02d2-27cd-5a5e-8efc-080ba80cf258
 ```
@@ -203,7 +197,7 @@ docker-compose run --rm metalctl machine reinstall \
 Free a machine with `make free-machine01` or
 
 ```bash
-docker-compose run --rm metalctl machine rm e0ab02d2-27cd-5a5e-8efc-080ba80cf258
+docker compose run --rm metalctl machine rm e0ab02d2-27cd-5a5e-8efc-080ba80cf258
 ```
 
 ## Flavors

docker-compose.yml renamed to compose.yaml

@@ -1,12 +1,10 @@
 ---
-version: '3.7'
-
 services:
   control-plane:
     image: ghcr.io/metal-stack/metal-deployment-base:${DEPLOYMENT_BASE_IMAGE_TAG}
     container_name: deploy-control-plane
     volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
+      - /var/run/docker.sock:/var/run/docker.sock:z
       - .:/mini-lab
       # for developing role dependencies
       # TODO: make this a switch
@@ -43,7 +41,7 @@ services:
     image: ghcr.io/metal-stack/metal-deployment-base:${DEPLOYMENT_BASE_IMAGE_TAG}
     container_name: deploy-partition
     volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
+      - /var/run/docker.sock:/var/run/docker.sock:z
       - .:/mini-lab
       # for developing role dependencies
       # TODO: make this a switch

control-plane/kind.yaml

@@ -5,6 +5,7 @@ networking:
   apiServerAddress: 0.0.0.0
 nodes:
 - role: control-plane
+  image: kindest/node:v1.25.11@sha256:227fa11ce74ea76a0474eeefb84cb75d8dad1b08638371ecf0e86259b35be0c8
   extraPortMappings:
   - containerPort: 4443
     hostPort: 4443

test/integration.sh

@@ -5,7 +5,7 @@ echo "Starting mini-lab"
 make up
 
 echo "Waiting for machines to get to waiting state"
-waiting=$(docker-compose run -T metalctl machine ls | grep Waiting | wc -l)
+waiting=$(docker compose run -T metalctl machine ls | grep Waiting | wc -l)
 minWaiting=2
 declare -i attempts=0
 until [ "$waiting" -ge $minWaiting ]
@@ -16,7 +16,7 @@ do
     fi
     echo "$waiting/$minWaiting machines are waiting"
     sleep 5
-    waiting=$(docker-compose run -T metalctl machine ls | grep Waiting | wc -l)
+    waiting=$(docker compose run -T metalctl machine ls | grep Waiting | wc -l)
     attempts=$attempts+1
 done
 echo "$waiting/$minWaiting machines are waiting"
@@ -26,7 +26,7 @@ make firewall
 make machine
 
 echo "Waiting for machines to get to Phoned Home state"
-phoned=$(docker-compose run -T metalctl machine ls | grep Phoned | wc -l)
+phoned=$(docker compose run -T metalctl machine ls | grep Phoned | wc -l)
 minPhoned=2
 declare -i attempts=0
 until [ "$phoned" -ge $minPhoned ]
@@ -37,7 +37,7 @@ do
     fi
     echo "$phoned/$minPhoned machines have phoned home"
     sleep 5
-    phoned=$(docker-compose run -T metalctl machine ls | grep Phoned | wc -l)
+    phoned=$(docker compose run -T metalctl machine ls | grep Phoned | wc -l)
     attempts+=1
 done
 echo "$phoned/$minPhoned machines have phoned home"