Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update to Tink chart 0.5.0: #197

Merged
merged 3 commits into from
Nov 6, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,7 @@ error.log
.task
.state
capt/output/
.vscode/
.vscode/
sushy.cert
sushy.key
htpasswd
12 changes: 9 additions & 3 deletions capt/config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,17 @@ counts:
workers: 1
spares: 1
versions:
capt: 0.5.3
chart: 0.4.5
capt: v0.5.3
chart: 0.5.0
kube: v1.29.4
os: 20.04
kubevip: 0.8.2
capt:
providerRepository: "https://github.com/tinkerbell/cluster-api-provider-tinkerbell/releases"
#providerRepository: "/home/tink/repos/tinkerbell/cluster-api-provider-tinkerbell/out/release/infrastructure-tinkerbell"
chart:
location: "oci://ghcr.io/tinkerbell/charts/stack"
#location: "/home/tink/repos/tinkerbell/charts/tinkerbell/stack"
os:
registry: ghcr.io/tinkerbell/cluster-api-provider-tinkerbell
distro: ubuntu
Expand All @@ -24,6 +30,6 @@ vm:
diskPath: "/tmp"
virtualBMC:
containerName: "virtualbmc"
image: ghcr.io/jacobweinstock/virtualbmc
image: ghcr.io/jacobweinstock/virtualbmc:latest
user: "root"
pass: "calvin"
2 changes: 1 addition & 1 deletion capt/scripts/generate_state.sh
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ counts:
spares: 1
versions:
capt: 0.5.3
chart: 0.4.4
chart: 0.5.0
kube: v1.28.8
os: 22.04
os:
Expand Down
26 changes: 26 additions & 0 deletions capt/scripts/sushy-tools.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
SUSHY_EMULATOR_LISTEN_IP = u'0.0.0.0'
SUSHY_EMULATOR_LISTEN_PORT = 443
SUSHY_EMULATOR_OS_CLOUD = None
SUSHY_EMULATOR_LIBVIRT_URI = u'qemu:///system'
SUSHY_EMULATOR_IGNORE_BOOT_DEVICE = False
SUSHY_EMULATOR_FEATURE_SET = u'full'
SUSHY_EMULATOR_AUTH_FILE = u'/etc/sushy/htpasswd'
SUSHY_EMULATOR_SSL_CERT = u'/etc/sushy/sushy.cert'
SUSHY_EMULATOR_SSL_KEY = u'/etc/sushy/sushy.key'
SUSHY_EMULATOR_BOOT_LOADER_MAP = {
u'UEFI': {
u'x86_64': u'/usr/share/OVMF/OVMF_CODE.fd'
},
u'Legacy': {
u'x86_64': None
}
}
SUSHY_EMULATOR_VMEDIA_DEVICES = {
u'Cd': {
u'Name': 'Virtual CD',
u'MediaTypes': [
u'CD',
u'DVD'
]
}
}
1 change: 0 additions & 1 deletion capt/scripts/virtualbmc.sh
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@ function main() {
docker exec "$container_name" vbmc add --username "$username" --password "$password" --port "$port" "$name"
docker exec "$container_name" vbmc start "$name"
done < <(yq e '.vm.details.[] | [key, .bmc.port] | @csv' "$STATE_FILE")

}

main "$@"
4 changes: 3 additions & 1 deletion capt/tasks/Taskfile-capi.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,13 @@ tasks:
env:
CAPT_VERSION:
sh: yq eval '.versions.capt' {{.STATE_FILE_FQ_PATH}}
LOCATION:
sh: yq eval '.capt.providerRepository' {{.STATE_FILE_FQ_PATH}}
vars:
OUTPUT_DIR:
sh: echo $(yq eval '.outputDir' config.yaml)
cmds:
- envsubst '$CAPT_VERSION' < templates/clusterctl.tmpl > {{.OUTPUT_DIR}}/clusterctl.yaml
- envsubst '$CAPT_VERSION,$LOCATION' < templates/clusterctl.tmpl > {{.OUTPUT_DIR}}/clusterctl.yaml
status:
- grep -q "$CAPT_VERSION" {{.OUTPUT_DIR}}/clusterctl.yaml

Expand Down
5 changes: 4 additions & 1 deletion capt/tasks/Taskfile-create.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ tasks:
- task: kind-cluster
- task: update-state
- task: deploy-tinkerbell-helm-chart
- task: vbmc:prepare
- task: vbmc:start-server
- task: vbmc:update-state
- task: hardware-cr
Expand Down Expand Up @@ -109,9 +110,11 @@ tasks:
sh: yq eval '.versions.chart' {{.STATE_FILE_FQ_PATH}}
NAMESPACE:
sh: yq eval '.namespace' {{.STATE_FILE_FQ_PATH}}
LOCATION:
sh: yq eval '.chart.location' {{.STATE_FILE_FQ_PATH}}
CHART_NAME: tink-stack
cmds:
- KUBECONFIG="{{.KUBECONFIG}}" helm install {{.CHART_NAME}} oci://ghcr.io/tinkerbell/charts/stack --version "{{.STACK_CHART_VERSION}}" --create-namespace --namespace {{.NAMESPACE}} --wait --set "smee.trustedProxies={{.TRUSTED_PROXIES}}" --set "hegel.trustedProxies={{.TRUSTED_PROXIES}}" --set "stack.loadBalancerIP={{.LB_IP}}" --set "smee.publicIP={{.LB_IP}}"
- KUBECONFIG="{{.KUBECONFIG}}" helm install {{.CHART_NAME}} {{.LOCATION}} --version "{{.STACK_CHART_VERSION}}" --create-namespace --namespace {{.NAMESPACE}} --wait --set "global.trustedProxies={"{{.TRUSTED_PROXIES}}"}" --set "global.publicIP={{.LB_IP}}" --set "rufio.image=quay.io/tinkerbell/rufio:latest"
status:
- KUBECONFIG="{{.KUBECONFIG}}" helm list -n {{.NAMESPACE}} | grep -q {{.CHART_NAME}}

Expand Down
11 changes: 11 additions & 0 deletions capt/tasks/Taskfile-delete.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ tasks:
cmds:
- task: kind-cluster
- task: vbmc-container
- task: vbmc-generated-files
- task: vms
- task: output-dir

Expand Down Expand Up @@ -48,6 +49,16 @@ tasks:
status:
- got=$(docker ps -a | grep -c {{.VBMC_CONTAINER_NAME}} || :); [[ "$got" == "0" ]]

vbmc-generated-files:
summary: |
Delete the Virtual BMC generated files.
cmds:
- rm -f {{.CURR_DIR}}/scripts/htpasswd {{.CURR_DIR}}/scripts/sushy.key {{.CURR_DIR}}/scripts/sushy.cert
status:
- test ! -f {{.CURR_DIR}}/scripts/htpasswd
- test ! -f {{.CURR_DIR}}/scripts/sushy.key
- test ! -f {{.CURR_DIR}}/scripts/sushy.cert

output-dir:
summary: |
Delete the output directory.
Expand Down
22 changes: 21 additions & 1 deletion capt/tasks/Taskfile-vbmc.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,28 @@
version: "3"

tasks:
prepare:
run: once
summary: |
Prepare the virtualbmc server.
vars:
VBMC_CONTAINER_IMAGE:
sh: yq eval '.virtualBMC.image' {{.STATE_FILE_FQ_PATH}}
USERNAME:
sh: yq eval '.virtualBMC.user' {{.STATE_FILE_FQ_PATH}}
PASSWORD:
sh: yq eval '.virtualBMC.pass' {{.STATE_FILE_FQ_PATH}}
cmds:
- docker run -it --rm --entrypoint htpasswd {{.VBMC_CONTAINER_IMAGE}} -nbB "{{.USERNAME}}" "{{.PASSWORD}}" > {{.CURR_DIR}}/scripts/htpasswd
- docker run -it --rm --entrypoint openssl -v {{.CURR_DIR}}/scripts:/scripts {{.VBMC_CONTAINER_IMAGE}} req -x509 -newkey rsa:2048 -keyout /scripts/sushy.key -out /scripts/sushy.cert -days 365 -nodes -subj "/C=US/ST=CA/L=Los Angeles/O=Engineering/OU=Engineering/CN=tinkerbell.org"
status:
- test -f {{.CURR_DIR}}/scripts/htpasswd
- test -f {{.CURR_DIR}}/scripts/sushy.key
- test -f {{.CURR_DIR}}/scripts/sushy.cert

start-server:
run: once
deps: [prepare]
summary: |
Start the virtualbmc server. Requires the "kind" docker network to exist.
vars:
Expand All @@ -11,7 +31,7 @@ tasks:
VBMC_CONTAINER_IMAGE:
sh: yq eval '.virtualBMC.image' {{.STATE_FILE_FQ_PATH}}
cmds:
- docker run -d --privileged --rm --network kind -v /var/run/libvirt/libvirt-sock-ro:/var/run/libvirt/libvirt-sock-ro -v /var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock --name {{.VBMC_CONTAINER_NAME}} {{.VBMC_CONTAINER_IMAGE}}
- docker run -d --privileged --rm --network kind -e SUSHY_EMULATOR_CONFIG=/etc/sushy/sushy-emulator.conf -v /var/run/libvirt:/var/run/libvirt -v "${PWD}/scripts/sushy.key:/etc/sushy/sushy.key" -v "${PWD}/scripts/sushy.cert:/etc/sushy/sushy.cert" -v "${PWD}/scripts/sushy-tools.conf:/etc/sushy/sushy-emulator.conf" -v "${PWD}/scripts/htpasswd:/etc/sushy/htpasswd" --name {{.VBMC_CONTAINER_NAME}} {{.VBMC_CONTAINER_IMAGE}}
status:
- docker ps | grep -q {{.VBMC_CONTAINER_NAME}}

Expand Down
7 changes: 6 additions & 1 deletion capt/templates/bmc-machine.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,10 @@ spec:
insecureTLS: true
port: $BMC_PORT
providerOptions:
preferredOrder:
- ipmitool
ipmitool:
port: $BMC_PORT
port: $BMC_PORT
redfish:
useBasicAuth: true
systemName: $NODE_NAME
4 changes: 2 additions & 2 deletions capt/templates/clusterctl.tmpl
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
providers:
- name: "tinkerbell"
url: "https://github.com/tinkerbell/cluster-api-provider-tinkerbell/releases/v$CAPT_VERSION/infrastructure-components.yaml"
url: "$LOCATION/$CAPT_VERSION/infrastructure-components.yaml"
type: "InfrastructureProvider"
images:
infrastructure-tinkerbell:
tag: v$CAPT_VERSION
tag: $CAPT_VERSION
1 change: 1 addition & 0 deletions capt/templates/hardware.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ spec:
netmask: 255.255.0.0
lease_time: 4294967294
mac: $NODE_MAC
uefi: true
name_servers:
- 8.8.8.8
- 1.1.1.1
Expand Down
48 changes: 26 additions & 22 deletions capt/templates/kustomization.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ patches:
- op: add
path: /spec/template/spec
value:
bootOptions:
bootMode: netboot
hardwareAffinity:
required:
- labelSelector:
Expand All @@ -30,15 +32,15 @@ patches:
- /dev/console:/dev/console
- /lib/firmware:/lib/firmware:ro
actions:
- name: "stream-image"
image: quay.io/tinkerbell-actions/oci2disk:v1.0.0
timeout: 600
- name: "stream image"
image: quay.io/tinkerbell/actions/oci2disk
timeout: 1200
environment:
IMG_URL: $OS_REGISTRY/$OS_DISTRO-$OS_VERSION:$KUBE_VERSION.gz
DEST_DISK: {{ index .Hardware.Disks 0 }}
COMPRESSED: true
- name: "add-tink-cloud-init-config"
image: quay.io/tinkerbell-actions/writefile:v1.0.0
- name: "add tink cloud-init config"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
DEST_DISK: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
Expand All @@ -62,8 +64,8 @@ patches:
manage_etc_hosts: localhost
warnings:
dsid_missing_source: off
- name: "add-tink-cloud-init-ds-config"
image: quay.io/tinkerbell-actions/writefile:v1.0.0
- name: "add tink cloud-init ds-config"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
DEST_DISK: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
Expand All @@ -75,15 +77,15 @@ patches:
DIRMODE: 0700
CONTENTS: |
datasource: Ec2
- name: "kexec-image"
image: ghcr.io/jacobweinstock/waitdaemon:0.2.0
- name: "kexec image"
image: ghcr.io/jacobweinstock/waitdaemon:0.2.1
timeout: 90
pid: host
environment:
BLOCK_DEVICE: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
FS_TYPE: ext4
IMAGE: quay.io/tinkerbell-actions/kexec:v1.0.0
WAIT_SECONDS: 10
IMAGE: quay.io/tinkerbell/actions/kexec
WAIT_SECONDS: 5
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- target:
Expand All @@ -95,6 +97,8 @@ patches:
- op: add
path: /spec/template/spec
value:
bootOptions:
bootMode: netboot
hardwareAffinity:
required:
- labelSelector:
Expand All @@ -112,15 +116,15 @@ patches:
- /dev/console:/dev/console
- /lib/firmware:/lib/firmware:ro
actions:
- name: "stream-image"
image: quay.io/tinkerbell-actions/oci2disk:v1.0.0
timeout: 600
- name: "stream image"
image: quay.io/tinkerbell/actions/oci2disk
timeout: 1200
environment:
IMG_URL: $OS_REGISTRY/$OS_DISTRO-$OS_VERSION:$KUBE_VERSION.gz
DEST_DISK: {{ index .Hardware.Disks 0 }}
COMPRESSED: true
- name: "add-tink-cloud-init-config"
image: quay.io/tinkerbell-actions/writefile:v1.0.0
- name: "add tink cloud-init config"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
DEST_DISK: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
Expand All @@ -144,8 +148,8 @@ patches:
manage_etc_hosts: localhost
warnings:
dsid_missing_source: off
- name: "add-tink-cloud-init-ds-config"
image: quay.io/tinkerbell-actions/writefile:v1.0.0
- name: "add tink cloud-init ds-config"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
DEST_DISK: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
Expand All @@ -157,15 +161,15 @@ patches:
DIRMODE: 0700
CONTENTS: |
datasource: Ec2
- name: "kexec-image"
image: ghcr.io/jacobweinstock/waitdaemon:0.2.0
- name: "kexec image"
image: ghcr.io/jacobweinstock/waitdaemon:0.2.1
timeout: 90
pid: host
environment:
BLOCK_DEVICE: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
FS_TYPE: ext4
IMAGE: quay.io/tinkerbell-actions/kexec:v1.0.0
WAIT_SECONDS: 10
IMAGE: quay.io/tinkerbell/actions/kexec
WAIT_SECONDS: 5
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- target:
Expand Down
Loading