Prepare gate to remove airshipctl import
* Inject target-cluster-ca as sceret * Create kubeconfig using gate scripts with both ephemeral and target clusters. * With both contexts predefined in kubeconfig, just switch/use context in gate scripts as required. * Removed the use of airshipctl import from gate script Change-Id: I5a9a56db71f0a80d9b35144eacbdd980c13c9ffb Relates-To: #329 Closes: #329
This commit is contained in:
Sirajudeen
Ruslan Aliev
parent
21e6bf7985
commit
196150649a
@ -1,4 +1,13 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: target-cluster-ca
|
||||
type: kubernetes.io/tls
|
||||
data:
|
||||
tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURWRENDQWp5Z0F3SUJBZ0lVTUNwc09vRXhyRzdnRTVMOVJSamdnT01UOG53d0RRWUpLb1pJaHZjTkFRRUwKQlFBd0dURVhNQlVHQTFVRUF3d09TM1ZpWlhKdVpYUmxjeUJCVUVrd0hoY05NakF3T1RFMU1ERXdORE0zV2hjTgpNekF3T1RFek1ERXdORE0zV2pBWk1SY3dGUVlEVlFRRERBNUxkV0psY201bGRHVnpJRUZRU1RDQ0FTSXdEUVlKCktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUtBZFo0UWJHZmlLTExpTXNHcFJKS3d5ZkRGWVI5U0MKbGtVb3hlTU1BZVBkeVNNU0paTTlFMFBOaDM5TUtTVjNSZDRIZWt1eGdHK3J4em83WmcrZU1aY1hyNFk3ektQMwo1SW0vaERkMm1TYThsMEkxZTRwV3B0Z25vZjdvRWJpSXVIU2YxQmRhMU4wWm1EUUdtckxyQnFOZFE3c1BVenNWCllPejZVUFZlamNIeEFjMXBvMWZsQXYrWVNZejVXa28wRVRnTXZYRGtxT0hrWFc1WnhPcHBVbiszOVpvWTZMK3gKVmUwUHFQdHlmSVZ1M3dtcnZFNGd4SmxtWEk3dUxmdzZONHpwS2RuK0k0K1RJRWF5aE1EMWRRenNwQzRMM0IrcApYcHFPMWNWM2ZKMlBycS9mNU14SnIxWTVHUTZlQlZyTGVod1ZWTEhEMzF3ZWFpZ3UzeStyM3RVQ0F3RUFBYU9CCmt6Q0JrREFkQmdOVkhRNEVGZ1FVT1d5YTNFd2J5c25UUy9ZajFWTEtjMGh4aDRvd1ZBWURWUjBqQkUwd1M0QVUKT1d5YTNFd2J5c25UUy9ZajFWTEtjMGh4aDRxaEhhUWJNQmt4RnpBVkJnTlZCQU1NRGt0MVltVnlibVYwWlhNZwpRVkJKZ2hRd0ttdzZnVEdzYnVBVGt2MUZHT0NBNHhQeWZEQU1CZ05WSFJNRUJUQURBUUgvTUFzR0ExVWREd1FFCkF3SUJCakFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBTVp1U2tJbTdQdlA4MW5HSjlYOVZFOFVZTVdDSU5GMEEKYit1UURFaHRGc0dxdnZFZHhQcURUWUpwdlF1SUJlOVd0cmlWRzh0MENIL1NnZ0g2TlJod0wyYkJwMm5WaEFVVwphK3hZL1RpTmMzUEl5RHNFeEY3VHVENGJzaW1BQUJTZ2ZtbXRxV1dqajRyOStodS9vZ09jLzQyYk9JT0JWbHNkCi9VNzBiR3dZQjU5QXgvL2dIWVJmVDl3L3p0VHBvY2tzdEhhSjZsVDd5SFlqYUkzaU5EWnZNSnFRSWNxME4vTEMKcVBjWjBWQXBMUTZRUHRpMWpVSzBGM1VlZEF6TVc3ZFF4NkV3Qjd5UHo4NWdZS3ZJdWdyaStrc2YwbGMyeHVDRwpXTGg2YjFNWk9Cc1NZNkppVHpSUUpYdXNCRUdaTGN5VkRJSEU3Y0Q4NWhOQmZpdDAvejFmZlE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
|
||||
tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2QUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktZd2dnU2lBZ0VBQW9JQkFRQ2dIV2VFR3huNGlpeTQKakxCcVVTU3NNbnd4V0VmVWdwWkZLTVhqREFIajNja2pFaVdUUFJORHpZZC9UQ2tsZDBYZUIzcExzWUJ2cThjNgpPMllQbmpHWEY2K0dPOHlqOStTSnY0UTNkcGttdkpkQ05YdUtWcWJZSjZIKzZCRzRpTGgwbjlRWFd0VGRHWmcwCkJwcXk2d2FqWFVPN0QxTTdGV0RzK2xEMVhvM0I4UUhOYWFOWDVRTC9tRW1NK1ZwS05CRTRETDF3NUtqaDVGMXUKV2NUcWFWSi90L1dhR09pL3NWWHRENmo3Y255RmJ0OEpxN3hPSU1TWlpseU83aTM4T2plTTZTblovaU9Qa3lCRwpzb1RBOVhVTTdLUXVDOXdmcVY2YWp0WEZkM3lkajY2djMrVE1TYTlXT1JrT25nVmF5M29jRlZTeHc5OWNIbW9vCkx0OHZxOTdWQWdNQkFBRUNnZ0VBWjNRNFUySlRlSVNHK3NOa3BYMUNiY1M4L0FFbmdFYlVJMkdCNHY3NkphcEMKOE5jajBpdnZTNnI3OXFOV0hyQWZRNk9mUUZNelFuUkNhUHpDS0NzMXJZT1BWUE5FZVZtTm4vZFB6YXBpc0dYQQpjZll1bWFiOWJNTEc1L1k0cFB3cCtxamVtQ3lIUjBqblVBNUlYSHlCTUlMdFpXczBnd09BT2Y1TzJ3dTZHbW5CCnlDbk5FaFFjbmZUdnN0MVBINUlTeEZ0TjFtODlnQ2orNEhsdHkybUdOdUNEczZ2QnZyWmEyeEJRZUtTcTl1eXEKY1dsdDkrRzI2ZmZFRmw0UEwwWit2Y0wrVDZLd0I4NFl2ampUd25pNEMzb1BmV3lZeEpkSjF0U3NFK1lSM3NIOApEdmlobmMwak00c0Fxb3hrMk5UV2kvNHpUUkppdytRcGhyRnNJWFNvUVFLQmdRRFNRaU44djFEUFk4VzdJUkFXClp6MTN5SWdrRTJHZXUzc2tFMkhweDN6ZFdMZWdmazF6SW42eUtpN0RzVTZhV2xjQURpMm5mU3BVSCtZQ2M0dVkKcmlnZ0xFMG9iZHJLVEFGdm1YYjA1WFRhR3FtcFE4TGxiWmxMTXVycXp0aG5BWmN3M2NySmxMb25kNkZISW9icAp3QU50K2p5a3pTaGs1T3MwSi9XajZiL3prUUtCZ1FEQzhxTkdndWVIbGw5QVNKeHJmM2hTeGJXWFhhTnJqMTJGCkEwNHlnNTFkbHg1QksweUVsZ3VZQ3RtZW5mZWgySWw5U1E3Yng4Z0Z5OWdWeDI5d1Z4eFp2b0xMaU16WU16RGMKWU5UTW9ETEtITjA3dHZ6ZDVza3piWFA3cFUwc25SMDV2RkJ2SHZtTHhWVlkvVHd6ZTdpZDVlNGtISTRWRmUxWQpnUDBYV0ZITkJRS0JnQTRXWGxoU1hUQzRCNXlGRjVYWXJ2YWltZlNJMCthVnV5ZHNvUWZQMU43anZkSGtCSDV0ClZqM0xzN3hxMmRCZnN5cU95S0pMTVpYWFdVcmF3UVNtem90eFRHNGtCaCs5dmU3alFtUWdKNWNoYURLdUZwWFcKcFFtenpLZVUya3owZjFQSDJIbHZISlhlWHhEc0VFd0RFSGZDNTJOSFY2aUM2ZnRobmdTd2VhcnhBb0dBRVd0Ywo2NUFHNERhdmpDN3d5eW80dGl5MGJUSVF5Q3VuVDV0Y0FXZUJTRHVZbUhvbC9ETHNGa25oNkNwMVZpRGpLQzYvCkJTUjAydys3M3paUzN0YnAwWnNVVk51RWNrMGdzSkIyYzFKZE4zSWMwcGtuUHl6QURiaGFCTUpnZ3Z3SEFJR3oKTGpxMlVhYndXV05IWGRKUVRNdWUyOXN4VnZEK3BFbmlVNU93dTRFQ2dZQmptRkRMZEZuT0VtOGlOZEFNVFM0SQpXM0VnckgvQVhsZ0dIOTVJVElKZCtuTmM3QUJQcktYUGEzTTlPRytCTUlpVlJZZ2JMVitXWU1hbHUvZWFJeWFXClR3TGpxaW5nak8rQXhKWFJkT1M3NGpOamFSWGtmM0RWQ1F3WUd0T0xqdE1qRVhmTWdORnViQXZ4TFVOUmZFblIKa09nR0pWQkgwSyttcVVaNVFiVWUwZz09Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
|
||||
---
|
||||
apiVersion: cluster.x-k8s.io/v1alpha3
|
||||
kind: Cluster
|
||||
metadata:
|
||||
|
||||
@ -37,10 +37,14 @@ export AIRSHIP_CONFIG_PRIMARY_REPO_BRANCH=${BRANCH:-"master"}
|
||||
export AIRSHIP_CONFIG_PRIMARY_REPO_URL=${REPO:-"https://review.opendev.org/airship/airshipctl"}
|
||||
export AIRSHIP_SITE_NAME=${AIRSHIP_SITE_NAME:-"manifests/site/test-site"}
|
||||
export AIRSHIP_CONFIG_MANIFEST_DIRECTORY=${AIRSHIP_CONFIG_MANIFEST_DIRECTORY:-"/tmp/airship"}
|
||||
export AIRSHIP_CONFIG_CA_DATA=$(cat tools/deployment/certificates/airship_config_ca_data| base64 -w0)
|
||||
export AIRSHIP_CONFIG_EPHEMERAL_IP=${IP_Ephemeral:-"10.23.25.101"}
|
||||
export AIRSHIP_CONFIG_CLIENT_CERT_DATA=$(cat tools/deployment/certificates/airship_config_client_cert_data| base64 -w0)
|
||||
export AIRSHIP_CONFIG_CLIENT_KEY_DATA=$(cat tools/deployment/certificates/airship_config_client_key_data| base64 -w0)
|
||||
export EPHEMERAL_CONFIG_CA_DATA=$(cat tools/deployment/certificates/ephemeral_config_ca_data| base64 -w0)
|
||||
export EPHEMERAL_IP=${EPHEMERAL_IP:-"10.23.25.101"}
|
||||
export EPHEMERAL_CONFIG_CLIENT_CERT_DATA=$(cat tools/deployment/certificates/ephemeral_config_client_cert_data| base64 -w0)
|
||||
export EPHEMERAL_CONFIG_CLIENT_KEY_DATA=$(cat tools/deployment/certificates/ephemeral_config_client_key_data| base64 -w0)
|
||||
export TARGET_IP=${TARGET_IP:-"10.23.25.102"}
|
||||
export TARGET_CONFIG_CA_DATA=$(cat tools/deployment/certificates/target_config_ca_data| base64 -w0)
|
||||
export TARGET_CONFIG_CLIENT_CERT_DATA=$(cat tools/deployment/certificates/target_config_client_cert_data| base64 -w0)
|
||||
export TARGET_CONFIG_CLIENT_KEY_DATA=$(cat tools/deployment/certificates/target_config_client_key_data| base64 -w0)
|
||||
|
||||
# Remove the contents of the .airship folder, preserving the kustomize plugin directory
|
||||
rm -rf $HOME/.airship/*config*
|
||||
|
||||
@ -17,6 +17,7 @@ set -xe
|
||||
#Default wait timeout is 3600 seconds
|
||||
export TIMEOUT=${TIMEOUT:-3600}
|
||||
export KUBECONFIG=${KUBECONFIG:-"$HOME/.airship/kubeconfig"}
|
||||
export KUBECONFIG_EPHEMERAL_CONTEXT=${KUBECONFIG_EPHEMERAL_CONTEXT:-"ephemeral-context"}
|
||||
|
||||
echo "Deploy ephemeral node using redfish with iso"
|
||||
airshipctl baremetal remotedirect --debug
|
||||
@ -27,7 +28,7 @@ MAX_RETRY=30
|
||||
DELAY=60
|
||||
until [ "$N" -ge ${MAX_RETRY} ]
|
||||
do
|
||||
if timeout 20 kubectl --kubeconfig $KUBECONFIG get node; then
|
||||
if timeout 20 kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_EPHEMERAL_CONTEXT get node; then
|
||||
break
|
||||
fi
|
||||
|
||||
@ -42,4 +43,4 @@ if [ "$N" -ge ${MAX_RETRY} ]; then
|
||||
fi
|
||||
|
||||
echo "List all pods"
|
||||
kubectl --kubeconfig $KUBECONFIG get pods --all-namespaces
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_EPHEMERAL_CONTEXT get pods --all-namespaces
|
||||
|
||||
@ -16,16 +16,17 @@ set -xe
|
||||
|
||||
export KUBECONFIG=${KUBECONFIG:-"$HOME/.airship/kubeconfig"}
|
||||
export WAIT_TIMEOUT=${WAIT_TIMEOUT:-"2000s"}
|
||||
export KUBECONFIG_EPHEMERAL_CONTEXT=${KUBECONFIG_EPHEMERAL_CONTEXT:-"ephemeral-context"}
|
||||
|
||||
echo "Deploy metal3.io components to ephemeral node"
|
||||
airshipctl phase apply initinfra --wait-timeout $WAIT_TIMEOUT --debug
|
||||
|
||||
echo "Getting metal3 pods as debug information"
|
||||
kubectl --kubeconfig $KUBECONFIG --namespace metal3 get pods
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_EPHEMERAL_CONTEXT --namespace metal3 get pods
|
||||
|
||||
echo "Deploy cluster components to ephemeral node"
|
||||
airshipctl cluster init --debug
|
||||
|
||||
echo "Waiting for clusterapi pods to come up"
|
||||
kubectl --kubeconfig $KUBECONFIG wait --for=condition=available deploy --all --timeout=1000s -A
|
||||
kubectl --kubeconfig $KUBECONFIG get pods --all-namespaces
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_EPHEMERAL_CONTEXT wait --for=condition=available deploy --all --timeout=1000s -A
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_EPHEMERAL_CONTEXT get pods --all-namespaces
|
||||
|
||||
@ -18,6 +18,8 @@ TARGET_IMAGE_DIR="/srv/iso"
|
||||
EPHEMERAL_DOMAIN_NAME="air-ephemeral"
|
||||
TARGET_IMAGE_URL="https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img"
|
||||
export WAIT_TIMEOUT=${WAIT_TIMEOUT:-"2000s"}
|
||||
export KUBECONFIG=${KUBECONFIG:-"$HOME/.airship/kubeconfig"}
|
||||
export KUBECONFIG_TARGET_CONTEXT=${KUBECONFIG_TARGET_CONTEXT:-"target-context"}
|
||||
|
||||
# TODO (dukov) this is needed due to sushy tools inserts cdrom image to
|
||||
# all vms. This can be removed once sushy tool is fixed
|
||||
@ -49,35 +51,9 @@ md5sum /srv/iso/target-image.qcow2 | cut -d ' ' -f 1 > ${TARGET_IMAGE_DIR}/targe
|
||||
echo "Create target k8s cluster resources"
|
||||
airshipctl phase apply controlplane --wait-timeout $WAIT_TIMEOUT --debug
|
||||
|
||||
echo "Get kubeconfig from secret"
|
||||
KUBECONFIG=""
|
||||
N=0
|
||||
MAX_RETRY=6
|
||||
DELAY=10
|
||||
until [ "$N" -ge ${MAX_RETRY} ]
|
||||
do
|
||||
KUBECONFIG=$(kubectl --request-timeout 10s --kubeconfig ${HOME}/.airship/kubeconfig \
|
||||
get secret target-cluster-kubeconfig -o jsonpath='{.data.value}' || true)
|
||||
|
||||
if [[ ! -z "$KUBECONFIG" ]]; then
|
||||
break
|
||||
fi
|
||||
|
||||
N=$((N+1))
|
||||
echo "$N: Retry to get kubeconfig from secret."
|
||||
sleep ${DELAY}
|
||||
done
|
||||
|
||||
if [[ -z "$KUBECONFIG" ]]; then
|
||||
echo "Could not get kubeconfig from sceret."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Create kubeconfig"
|
||||
echo ${KUBECONFIG} | base64 -d > /tmp/targetkubeconfig
|
||||
|
||||
echo "Import target kubeconfig"
|
||||
airshipctl config import /tmp/targetkubeconfig
|
||||
echo "Switch context to target cluster and set manifest"
|
||||
airshipctl config use-context target-context
|
||||
airshipctl config set-context target-context --manifest dummy_manifest
|
||||
|
||||
echo "Wait for apiserver to become available"
|
||||
N=0
|
||||
@ -85,7 +61,7 @@ MAX_RETRY=30
|
||||
DELAY=60
|
||||
until [ "$N" -ge ${MAX_RETRY} ]
|
||||
do
|
||||
if timeout 20 kubectl --kubeconfig /tmp/targetkubeconfig get node; then
|
||||
if timeout 20 kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get node; then
|
||||
break
|
||||
fi
|
||||
|
||||
@ -100,7 +76,4 @@ if [ "$N" -ge ${MAX_RETRY} ]; then
|
||||
fi
|
||||
|
||||
echo "List all pods"
|
||||
kubectl --kubeconfig /tmp/targetkubeconfig get pods --all-namespaces
|
||||
|
||||
echo "Get cluster state"
|
||||
kubectl --kubeconfig ${HOME}/.airship/kubeconfig get cluster
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get pods --all-namespaces
|
||||
|
||||
@ -18,16 +18,17 @@ export KUBECONFIG=${KUBECONFIG:-"$HOME/.airship/kubeconfig"}
|
||||
export TIMEOUT=${TIMEOUT:-60}
|
||||
NODENAME="node01"
|
||||
export WAIT_TIMEOUT=${WAIT_TIMEOUT:-"2000s"}
|
||||
export KUBECONFIG_TARGET_CONTEXT=${KUBECONFIG_TARGET_CONTEXT:-"target-context"}
|
||||
|
||||
# TODO need to run another config command after use-context to update kubeconfig
|
||||
echo "Switch context to target cluster and set manifest"
|
||||
airshipctl config use-context target-cluster-admin@target-cluster
|
||||
airshipctl config set-context target-cluster-admin@target-cluster --manifest dummy_manifest
|
||||
airshipctl config use-context target-context
|
||||
airshipctl config set-context target-context --manifest dummy_manifest
|
||||
|
||||
end=$(($(date +%s) + $TIMEOUT))
|
||||
echo "Waiting $TIMEOUT seconds for $NODENAME to be created."
|
||||
while true; do
|
||||
if (kubectl --request-timeout 10s --kubeconfig $KUBECONFIG get nodes | grep -q $NODENAME) ; then
|
||||
if (kubectl --request-timeout 10s --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get nodes | grep -q $NODENAME) ; then
|
||||
echo -e "\n$NODENAME found"
|
||||
break
|
||||
else
|
||||
@ -42,10 +43,10 @@ while true; do
|
||||
done
|
||||
|
||||
# TODO remove taint
|
||||
kubectl --kubeconfig $KUBECONFIG taint node $NODENAME node-role.kubernetes.io/master-
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT taint node $NODENAME node-role.kubernetes.io/master-
|
||||
|
||||
echo "Deploy infra to cluster"
|
||||
airshipctl phase apply initinfra --debug --wait-timeout $WAIT_TIMEOUT
|
||||
|
||||
echo "List all pods"
|
||||
kubectl --kubeconfig $KUBECONFIG get pods --all-namespaces
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get pods --all-namespaces
|
||||
|
||||
@ -15,15 +15,16 @@
|
||||
set -xe
|
||||
|
||||
export KUBECONFIG=${KUBECONFIG:-"$HOME/.airship/kubeconfig"}
|
||||
export KUBECONFIG_TARGET_CONTEXT=${KUBECONFIG_TARGET_CONTEXT:-"target-context"}
|
||||
|
||||
# TODO need to run another config command after use-context to update kubeconfig
|
||||
echo "Switch context to target cluster and set manifest"
|
||||
airshipctl config use-context target-cluster-admin@target-cluster
|
||||
airshipctl config set-context target-cluster-admin@target-cluster --manifest dummy_manifest
|
||||
airshipctl config use-context target-context
|
||||
airshipctl config set-context target-context --manifest dummy_manifest
|
||||
|
||||
echo "Deploy CAPI components"
|
||||
airshipctl cluster init --debug
|
||||
|
||||
echo "Waiting for pods to be ready"
|
||||
kubectl --kubeconfig $KUBECONFIG wait --all-namespaces --for=condition=Ready pods --all --timeout=600s
|
||||
kubectl --kubeconfig $KUBECONFIG get pods --all-namespaces
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT wait --all-namespaces --for=condition=Ready pods --all --timeout=600s
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get pods --all-namespaces
|
||||
|
||||
@ -17,37 +17,39 @@ set -xe
|
||||
#Default wait timeout is 3600 seconds
|
||||
export TIMEOUT=${TIMEOUT:-3600}
|
||||
export KUBECONFIG=${KUBECONFIG:-"$HOME/.airship/kubeconfig"}
|
||||
export KUBECONFIG_EPHEMERAL_CONTEXT=${KUBECONFIG_EPHEMERAL_CONTEXT:-"ephemeral-context"}
|
||||
export KUBECONFIG_TARGET_CONTEXT=${KUBECONFIG_TARGET_CONTEXT:-"target-context"}
|
||||
|
||||
echo "Switch context to ephemeral cluster and set manifest"
|
||||
airshipctl config use-context dummy_cluster
|
||||
airshipctl config set-context dummy_cluster --manifest dummy_manifest
|
||||
airshipctl config use-context ephemeral-context
|
||||
airshipctl config set-context ephemeral-context --manifest dummy_manifest
|
||||
|
||||
echo "Check Cluster Status"
|
||||
kubectl --kubeconfig $KUBECONFIG get cluster target-cluster -o json | jq '.status.controlPlaneReady'
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_EPHEMERAL_CONTEXT get cluster target-cluster -o json | jq '.status.controlPlaneReady'
|
||||
|
||||
echo "Annotate BMH for target node"
|
||||
kubectl --kubeconfig $KUBECONFIG annotate bmh node01 baremetalhost.metal3.io/paused=true
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_EPHEMERAL_CONTEXT annotate bmh node01 baremetalhost.metal3.io/paused=true
|
||||
|
||||
echo "Move Cluster Object to Target Cluster"
|
||||
clusterctl --v 20 move --kubeconfig $KUBECONFIG --kubeconfig-context dummy_cluster --to-kubeconfig $KUBECONFIG --to-kubeconfig-context target-cluster-admin@target-cluster
|
||||
clusterctl --v 20 move --kubeconfig $KUBECONFIG --kubeconfig-context $KUBECONFIG_EPHEMERAL_CONTEXT --to-kubeconfig $KUBECONFIG --to-kubeconfig-context $KUBECONFIG_TARGET_CONTEXT
|
||||
|
||||
echo "Switch context to target cluster and set manifest"
|
||||
airshipctl config use-context target-cluster-admin@target-cluster
|
||||
airshipctl config set-context target-cluster-admin@target-cluster --manifest dummy_manifest
|
||||
airshipctl config use-context target-context
|
||||
airshipctl config set-context target-context --manifest dummy_manifest
|
||||
|
||||
echo "Waiting for pods to be ready"
|
||||
kubectl --kubeconfig $KUBECONFIG wait --all-namespaces --for=condition=Ready pods --all --timeout=3000s
|
||||
kubectl --kubeconfig $KUBECONFIG get pods --all-namespaces
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT wait --all-namespaces --for=condition=Ready pods --all --timeout=3000s
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get pods --all-namespaces
|
||||
|
||||
#Wait till crds are created
|
||||
end=$(($(date +%s) + $TIMEOUT))
|
||||
echo "Waiting $TIMEOUT seconds for crds to be created."
|
||||
while true; do
|
||||
if (kubectl --request-timeout 20s --kubeconfig $KUBECONFIG get cluster target-cluster -o json | jq '.status.controlPlaneReady' | grep -q true) ; then
|
||||
if (kubectl --request-timeout 20s --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get cluster target-cluster -o json | jq '.status.controlPlaneReady' | grep -q true) ; then
|
||||
echo -e "\nGet CRD status"
|
||||
kubectl --kubeconfig $KUBECONFIG get bmh
|
||||
kubectl --kubeconfig $KUBECONFIG get machines
|
||||
kubectl --kubeconfig $KUBECONFIG get clusters
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get bmh
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get machines
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get clusters
|
||||
break
|
||||
else
|
||||
now=$(date +%s)
|
||||
|
||||
@ -17,10 +17,11 @@ set -xe
|
||||
#Default wait timeout is 3600 seconds
|
||||
export TIMEOUT=${TIMEOUT:-3600}
|
||||
export KUBECONFIG=${KUBECONFIG:-"$HOME/.airship/kubeconfig"}
|
||||
export KUBECONFIG_TARGET_CONTEXT=${KUBECONFIG_TARGET_CONTEXT:-"target-context"}
|
||||
|
||||
echo "Switch context to target cluster and set manifest"
|
||||
airshipctl config use-context target-cluster-admin@target-cluster
|
||||
airshipctl config set-context target-cluster-admin@target-cluster --manifest dummy_manifest
|
||||
airshipctl config use-context target-context
|
||||
airshipctl config set-context target-context --manifest dummy_manifest
|
||||
|
||||
echo "Stop ephemeral node"
|
||||
sudo virsh destroy air-ephemeral
|
||||
@ -32,9 +33,9 @@ airshipctl phase apply workers --debug
|
||||
end=$(($(date +%s) + $TIMEOUT))
|
||||
echo "Waiting $TIMEOUT seconds for node to be provisioned."
|
||||
while true; do
|
||||
if (kubectl --request-timeout 20s --kubeconfig $KUBECONFIG get node node03 | grep -qw Ready) ; then
|
||||
if (kubectl --request-timeout 20s --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get node node03 | grep -qw Ready) ; then
|
||||
echo -e "\nGet node status"
|
||||
kubectl --kubeconfig $KUBECONFIG get node
|
||||
kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get node
|
||||
break
|
||||
else
|
||||
now=$(date +%s)
|
||||
|
||||
20
tools/deployment/certificates/target_config_ca_data
Normal file
20
tools/deployment/certificates/target_config_ca_data
Normal file
@ -0,0 +1,20 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDVDCCAjygAwIBAgIUMCpsOoExrG7gE5L9RRjggOMT8nwwDQYJKoZIhvcNAQEL
|
||||
BQAwGTEXMBUGA1UEAwwOS3ViZXJuZXRlcyBBUEkwHhcNMjAwOTE1MDEwNDM3WhcN
|
||||
MzAwOTEzMDEwNDM3WjAZMRcwFQYDVQQDDA5LdWJlcm5ldGVzIEFQSTCCASIwDQYJ
|
||||
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKAdZ4QbGfiKLLiMsGpRJKwyfDFYR9SC
|
||||
lkUoxeMMAePdySMSJZM9E0PNh39MKSV3Rd4HekuxgG+rxzo7Zg+eMZcXr4Y7zKP3
|
||||
5Im/hDd2mSa8l0I1e4pWptgnof7oEbiIuHSf1Bda1N0ZmDQGmrLrBqNdQ7sPUzsV
|
||||
YOz6UPVejcHxAc1po1flAv+YSYz5Wko0ETgMvXDkqOHkXW5ZxOppUn+39ZoY6L+x
|
||||
Ve0PqPtyfIVu3wmrvE4gxJlmXI7uLfw6N4zpKdn+I4+TIEayhMD1dQzspC4L3B+p
|
||||
XpqO1cV3fJ2Prq/f5MxJr1Y5GQ6eBVrLehwVVLHD31weaigu3y+r3tUCAwEAAaOB
|
||||
kzCBkDAdBgNVHQ4EFgQUOWya3EwbysnTS/Yj1VLKc0hxh4owVAYDVR0jBE0wS4AU
|
||||
OWya3EwbysnTS/Yj1VLKc0hxh4qhHaQbMBkxFzAVBgNVBAMMDkt1YmVybmV0ZXMg
|
||||
QVBJghQwKmw6gTGsbuATkv1FGOCA4xPyfDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE
|
||||
AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAMZuSkIm7PvP81nGJ9X9VE8UYMWCINF0A
|
||||
b+uQDEhtFsGqvvEdxPqDTYJpvQuIBe9WtriVG8t0CH/SggH6NRhwL2bBp2nVhAUW
|
||||
a+xY/TiNc3PIyDsExF7TuD4bsimAABSgfmmtqWWjj4r9+hu/ogOc/42bOIOBVlsd
|
||||
/U70bGwYB59Ax//gHYRfT9w/ztTpockstHaJ6lT7yHYjaI3iNDZvMJqQIcq0N/LC
|
||||
qPcZ0VApLQ6QPti1jUK0F3UedAzMW7dQx6EwB7yPz85gYKvIugri+ksf0lc2xuCG
|
||||
WLh6b1MZOBsSY6JiTzRQJXusBEGZLcyVDIHE7cD85hNBfit0/z1ffQ==
|
||||
-----END CERTIFICATE-----
|
||||
19
tools/deployment/certificates/target_config_client_cert_data
Normal file
19
tools/deployment/certificates/target_config_client_cert_data
Normal file
@ -0,0 +1,19 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDFzCCAf+gAwIBAgIIfgHwEugUbEcwDQYJKoZIhvcNAQELBQAwGTEXMBUGA1UE
|
||||
AwwOS3ViZXJuZXRlcyBBUEkwHhcNMjAwOTE1MDEwNDM3WhcNMjEwOTE1MDEyMjQ2
|
||||
WjA0MRcwFQYDVQQKEw5zeXN0ZW06bWFzdGVyczEZMBcGA1UEAxMQa3ViZXJuZXRl
|
||||
cy1hZG1pbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM8z7Ixk/2US
|
||||
BPQv3Riiin7ToYOA8PfYyy4WLHw10p1V0dl6tSezDygyerwGLyrOLwUEXCoh2Ugm
|
||||
/Kc4RL5eYeBD1lRdzlcYN+uUmVYIR0JyCBmB22qeC8cdHezq20m1C4Q2DlR6pPmY
|
||||
/ReHcUVZBuU6thfG4X/NJDDXR5+mO0qYdZGpbpGyMH9A19AuqLQ7EGUT0CSGL+w9
|
||||
cPOr98Yr4FEAWIdEdl21kzC91ofkyegunR7gHpmBCqkHT+9fzT2gjUvY/UoTy4gs
|
||||
Co0huZstlPouZHdCmiQgfW8C36saNrYoGz48dL83miVv/FTmcq1T1n95R9kH24WN
|
||||
tSEqCASWMUMCAwEAAaNIMEYwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsG
|
||||
AQUFBwMCMB8GA1UdIwQYMBaAFDlsmtxMG8rJ00v2I9VSynNIcYeKMA0GCSqGSIb3
|
||||
DQEBCwUAA4IBAQCYMR+q7PNS4jYra/uDyOBMUNcppi/s6OxZCTU3tWUkXUIu4Vf0
|
||||
UnIkokXtr7xxCaUR61vqgP8veCUfN1NLD/plQWcxH4YRhN4dbdCpGkypNCHESjNT
|
||||
ExVtLy2qFhGjzvcAVnM8JhEzHRlLBHYmUiOfT8KyGtv2OiiG5m4XNUFclaRXKlkv
|
||||
Sht4XagdtWIQOPaoBolcr0/IY8iWRBqJetNxl/g+0LjpBGVtBgDit9sOCEVXilHR
|
||||
9HlfMBWHZX8mFTY70kzTT5BNuiMtk8cJGWBO2m+vLoJAYoky6y/hGBgb6L3xLc2d
|
||||
p8vuH/HCzH0nMlnl1M89YjN/EQFNXCzcyNdp
|
||||
-----END CERTIFICATE-----
|
||||
27
tools/deployment/certificates/target_config_client_key_data
Normal file
27
tools/deployment/certificates/target_config_client_key_data
Normal file
@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEowIBAAKCAQEAzzPsjGT/ZRIE9C/dGKKKftOhg4Dw99jLLhYsfDXSnVXR2Xq1
|
||||
J7MPKDJ6vAYvKs4vBQRcKiHZSCb8pzhEvl5h4EPWVF3OVxg365SZVghHQnIIGYHb
|
||||
ap4Lxx0d7OrbSbULhDYOVHqk+Zj9F4dxRVkG5Tq2F8bhf80kMNdHn6Y7Sph1kalu
|
||||
kbIwf0DX0C6otDsQZRPQJIYv7D1w86v3xivgUQBYh0R2XbWTML3Wh+TJ6C6dHuAe
|
||||
mYEKqQdP71/NPaCNS9j9ShPLiCwKjSG5my2U+i5kd0KaJCB9bwLfqxo2tigbPjx0
|
||||
vzeaJW/8VOZyrVPWf3lH2QfbhY21ISoIBJYxQwIDAQABAoIBACXM3zatpjoWE3lI
|
||||
0hkQbhu9GBYZi9xrXIXH3c27M/UoFuSKEkpvzDAVJXbv2eMBQmqz5Ox6yFz1X9pR
|
||||
1Zi1Nz3mok853c7dyDXeIisjz3w7uWaN3i2RL6zfjvoNznuf37367ppS1Y4Dbwi/
|
||||
2NZB65QeJeIokjLyhcuzOonRlbeBzMeCDFgwyIA7hxIwig6VxnE8oll9Fh/l7HFt
|
||||
Sp+xvYpZjhBxFeRBLt6OBG3OgvGYdMhH6mqOG0s7B/ker97lUyD9eWqAlhcPF1vJ
|
||||
o43AVbo/IU147paoGbWQoukIlnfxc+DowWjGaTy5ScQjsfB5RGM3LM9C52qUOZPl
|
||||
T29ye4ECgYEA6Gp8ENlTVjainxQADZDzIxV34uxE3XT8fleHfZqNby3R0b59HcXT
|
||||
45RendM0xHd7RvzdeshBV110UihQgdHj86yiklITfa6KaiJRb0NGwhOAlw0VdM3h
|
||||
2JfGlUISXXn9/BhFO0WiA4fdtx3pe/JbuB1kuXgu0SJWDRdvRFXeYDMCgYEA5Dp5
|
||||
FN86850Q1S0S2dm2paUwymbGFXa9IQtyak30qZO95C7NjGGZ2Loog7yW/wOvLKnq
|
||||
8YhEHUxLlBXiTvvw+RG1z0MoHhEFGNyIMH2srjBROiyMTHyOoXcA11mf+A6EJBC2
|
||||
KyOZJHdRjaRUG7n1XAn1YUaPaYKScHNFWy0tmrECgYBpJSuFr9ws58DAeRrhCE+G
|
||||
8sJvDfbFvZQxUEYCw/Xyc2c2HZia7JHEpq37dr6rl2ZVIjbMwmYVMTlbpdNuN9eJ
|
||||
uPM/gRRCSsFh7K6syGHtkUcejxPC6RWgmGGFywNl+Le34f8IJqN6N3BN1KF5qpZm
|
||||
AB4+bim4AXGusIhtAO/+0wKBgGDX0wMhSiGPV1Itwx7/u/oD43UvMQRwkwZPlig3
|
||||
lgbS8zO9DGlyDNci/wgPYT8qsA1SuKfuu4B3HGbk9levnmwBsNUW2RIRBMms4nk5
|
||||
CqoLRJxbxNi7zcYD+i5nEHMwra+kC7i4bUZE/y0MOshdGxkH/MBfMYGC72KZ9yce
|
||||
P4ixAoGBANAvbb/xxT8o9maSAZWc/nSVtL9rAb0kGBPSKrtAmpbGq2+C69Ny5A1E
|
||||
uob7gsv2w42HPrg/0TLISIFaWi/R/WQddF1jrQj55z7EiXQUCR4sCqDdOSaYv01V
|
||||
u6ylCjfUIFeUPoxHC9bO7igMObBmpHGSDKg15qjxnUi8Zqj4Z+n2
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@ -23,17 +23,25 @@ managementConfiguration:
|
||||
systemRebootDelay: ${SYSTEM_REBOOT_DELAY}
|
||||
|
||||
clusters:
|
||||
dummycluster:
|
||||
ephemeral-cluster:
|
||||
clusterType:
|
||||
ephemeral:
|
||||
bootstrapInfo: dummy_bootstrap_config
|
||||
clusterKubeconf: dummycluster_ephemeral
|
||||
clusterKubeconf: ephemeral-cluster_ephemeral
|
||||
managementConfiguration: dummy_management_config
|
||||
target-cluster:
|
||||
clusterType:
|
||||
target:
|
||||
clusterKubeconf: target-cluster_target
|
||||
managementConfiguration: dummy_management_config
|
||||
contexts:
|
||||
dummy_cluster:
|
||||
contextKubeconf: dummy_cluster
|
||||
ephemeral-context:
|
||||
contextKubeconf: ephemeral-context
|
||||
manifest: dummy_manifest
|
||||
currentContext: dummy_cluster
|
||||
target-context:
|
||||
contextKubeconf: target-context
|
||||
manifest: dummy_manifest
|
||||
currentContext: ephemeral-context
|
||||
kind: Config
|
||||
manifests:
|
||||
dummy_manifest:
|
||||
@ -49,4 +57,5 @@ manifests:
|
||||
subPath: ${AIRSHIP_SITE_NAME}
|
||||
targetPath: ${AIRSHIP_CONFIG_MANIFEST_DIRECTORY}
|
||||
users:
|
||||
dummy_user: {}
|
||||
ephemeral-cluster-admin: {}
|
||||
target-cluster-admin: {}
|
||||
|
||||
@ -1,19 +1,31 @@
|
||||
apiVersion: v1
|
||||
clusters:
|
||||
- cluster:
|
||||
certificate-authority-data: ${AIRSHIP_CONFIG_CA_DATA}
|
||||
server: https://${AIRSHIP_CONFIG_EPHEMERAL_IP}:6443
|
||||
name: dummycluster_ephemeral
|
||||
certificate-authority-data: ${EPHEMERAL_CONFIG_CA_DATA}
|
||||
server: https://${EPHEMERAL_IP}:6443
|
||||
name: ephemeral-cluster_ephemeral
|
||||
- cluster:
|
||||
certificate-authority-data: ${TARGET_CONFIG_CA_DATA}
|
||||
server: https://${TARGET_IP}:6443
|
||||
name: target-cluster_target
|
||||
contexts:
|
||||
- context:
|
||||
cluster: dummycluster_ephemeral
|
||||
user: kubernetes-admin
|
||||
name: dummy_cluster
|
||||
current-context: dummy_cluster
|
||||
cluster: ephemeral-cluster_ephemeral
|
||||
user: ephemeral-cluster-admin
|
||||
name: ephemeral-context
|
||||
- context:
|
||||
cluster: target-cluster_target
|
||||
user: target-cluster-admin
|
||||
name: target-context
|
||||
current-context: ephemeral-context
|
||||
kind: Config
|
||||
preferences: {}
|
||||
users:
|
||||
- name: kubernetes-admin
|
||||
- name: ephemeral-cluster-admin
|
||||
user:
|
||||
client-certificate-data: ${AIRSHIP_CONFIG_CLIENT_CERT_DATA}
|
||||
client-key-data: ${AIRSHIP_CONFIG_CLIENT_KEY_DATA}
|
||||
client-certificate-data: ${EPHEMERAL_CONFIG_CLIENT_CERT_DATA}
|
||||
client-key-data: ${EPHEMERAL_CONFIG_CLIENT_KEY_DATA}
|
||||
- name: target-cluster-admin
|
||||
user:
|
||||
client-certificate-data: ${TARGET_CONFIG_CLIENT_CERT_DATA}
|
||||
client-key-data: ${TARGET_CONFIG_CLIENT_KEY_DATA}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user