- Adds PV for local caching. This allows us to also use PV
in other clusters like AKS.
- Moves artifacts and caching files into /opt/aiap-files/artifacts
and /opt/aiap-files/caching so we only have one PV
Relates-To: #645
Change-Id: I84172778df66bee8a833b13d5b740a6cf45220c2
This adds a new script to the runner container that is run in the
entrypoint which runs the log gathering ansible playbook from
inside the runner container. The gate then extracts these logs
with a new role.
This also updates the image_build script to fix how it changes
the container imagePullPolicy
Closes: #658
Relates-To: #659
Change-Id: I24d11c66e7b71852256e164343f7bb2f331d1fef
This change updates the 20_apply_aiap.sh script to utilize the
status-checker container to determine if airship-in-a-pod has
successfully completed. It also includes a check to fail when
the status-checker has detected a failure.
Relates-To: #659
Change-Id: I3673de7157f498778154c798878ab20245396c62
Even when specifying a manifest branch in the AIAP overrides, the
entrypoint script overrides/disables the checkout behavior of the
airshipctl document pull script if AIRSHIP_CONFIG_PHASE_REPO_REF is not
set. This change updates the entrypoint script to check if
AIRSHIP_CONFIG_PHASE_REPO_BRANCH is specified before overriding the
checkout behavior.
Signed-off-by: Drew Walters <drewwalters@microsoft.com>
Change-Id: Ibb2798201f8e02333289f193355f3aa2a6c627ad
The runner container uses a set of secrets to generate the airshipctl
config file, but the volume containing those secrets is never mounted.
This change adds the required mount.
Change-Id: I1d8f84d3870a98957784be4d3a5582b3cc011bf1
This prevents the runner container from using the cached manifests from
a prior execution of AIAP (as this should only happen when a developer
specifically tells AIAP to).
Change-Id: I79afefd859776654e455265cf69e201039e8ce9e
Current AIAP implementation has support for multiple VMs for
target/worker with an attribute "count".
But this is not supported for corresponding new MAC addresses.
The current implementation has mac address fixed for one
target node/one worker node.
This PS provide change in ansible playlist to handle
MAC addresses as list.
Closes: #640
Relates-To: #640
Change-Id: I14b6e2e4d9e81a4f1cf114c26f94328a1461134f
* Added the logic to support pulling airshipctl from a
private github repo with basic http authentication.
* Added Username, Password in secrets
Relates-To: #632
Relates-To: #636
Change-Id: If1a1bbfaf9ce543cf35377d367b70676f9e3e9ef
* docker version returns both client and server version
So even if server is not running, the client version will be returned
and docker build will fail.
* So checking for containerd in docker version output. This will be true
only if the server is also ready
Change-Id: Idd4355b4f8d3617a339df67ac9820e33311b7d79
This fixes the artifact-setup container to use the new `signal_status`
script created in b77f9e2910
Change-Id: Ia0958f9d1e7050d8d8f37b9d66f471fd35156e13
The location of the host config file was moved in
e2c56108ee, which resulted in breakages in
AIAP. This updates the file's location in the runner container to
circumvent the breakages.
Change-Id: I3c4b9c92cabcf7549e75da1c77b1775b4cdbc6bb
This adds the `status-checker` container, which aggregates the statuses
of the task containers. This is useful for quickly checking whether AIAP
is in a failed or successful state, allowing for early exit during
gating or testing. This also prevents the containers from stopping for
any reason, allowing for easy debugging.
Change-Id: I1571d006fb3c856e4d2bedee0befdccae6082a66
* Removed the hardcoded wait condition ( 30s delay )
for docker and libvirtd service
* Added logic to wait until docker is available for artifact-setup.
* Added logic to wait until libvritd is available for infra-builder.
* Added "imagePullPolicy: IfNotPresent" to make use of local changes.
Closes: #629
Change-Id: I8956cf5927be6142fcc0a3b1a112ea82511fd9bb
This change aims to clarify the differentiation between deploying AIAP
to Azure and deploying to a native Linux environment.
Change-Id: I3e014589dc02cce1bac5ff32a69c29ef6fc5b9f3
Currently the task containers will reach a conclusive state (success or
failure), and will promptly stop running. This creates the following
problems:
1. In the case of failure, a user doesn't have the ability to exec into
the container for debugging purposes.
2. In the case a success, the readiness probe for each task container
will begin to fail. This happens because readiness is defined by
the existence of a file; if the container stops running, the file
no longer exists.
This change provides a solution to the 2nd bullet, keeping the container
alive in case of success.
Change-Id: Iae432caada3d2a338493b1534da72957808185d2
This updates the documentation for working with AIAP. This includes
changes to the README as well as adding all configurable values to the
examples (having their default values).
Change-Id: I7c1b92d6a324b0fbd07f27ec0607fc62765c4fa2
AIAP was unable to modify certain manifest files when the manifest url
ended in `.git`. This fixes that by stripping off the file extension
from the target path directory.
Change-Id: I3915deeb109fb1df726b27e1dd1deb1c987e39c5
Currently, when a container in AIAP fails, the container continues to
run in the backgroud. This causes the container to be marked as failed
so that the deployment will fail faster.
Closes: #626
Change-Id: I34de366390b6ddc0ef434f7e642e73797a790edf
The `az aks get-credentials` command adds a context, user, and cluster
to the kubeconfig. This cleans that up when CLEANUP_GROUP is true.
Change-Id: I6563d278e4700363d4d33c2ab746ac18dd0e51dc
This parameterizes the base image location used for the libvirt,
artifact-setup, infra-builder, and runner images.
Closes: #628
Change-Id: Idca33b5571017700fead0eb758af1900b4a4fcf4
This adds the required auth variables to the runner environment so that
a user can configure passwords/keys needed to pull manifests from a
private repository.
Closes: #627
Change-Id: I185a86c0c82be38a0d41bb69f425a8fac8b5b913
This adds an anti-affinity rule to airship-in-a-pod, so that only
a single AIAP can run on a given node at a time. This is currently
required because of the way AIAP configures host mounts; future work
will allow multiple AIAPs to co-exist on a node, at which point this
anti-affinity rule can be taken out.
Change-Id: Ib8f5062a3bd2b4ea6d0a95c42cce08ac9789c362
This adds a script that a developer can use to run airship in a pod
in a dynamically created AKS cluster. By default a resource group is
created and then cleaned up following the test.
Further work needs to be done to surface some indication of a failed
test out of the pod, and watch for that condition in this script.
Change-Id: I29f462b9becd6d1de0a9e0e1d7877c6019cbd6ee
The `tty` setting may be required in some instances dependent upon the
environment in which AIAP is deployed. However, these instances are much
less frequent than successful deployments when the setting is set to
false. Further investigation will be needed to determine when it is
appropriate to use this flag.
Change-Id: Ibbd44cbf0697a71f8081cd170dbdf5f7b4e4f106
This PS add's proxy env variables to artifact-setup
infra-builder, and runner containers in aiap pod to
allow users to pass proxy configuration id required.
Change-Id: I9747597c3534e70f4b69651c044a9cfe21ebc06d
This exports the KUBECONFIG variable in the .bashrc of the runner
container, which will improve AIAP's convenience for development and
testing.
Change-Id: Icba2558de8c743f6f1a5c8e5a98dcb1d98d95668
When `exec`ing into a container, bash is not invoked as a login shell,
so .profile is not executed. This moves the exporting of the SOPS
variables from .profile into the .bashrc file, which will be invoked in
this case.
This also moves the SOPS key from the /tmp directory into the root
directory. While the /tmp directory shouldn't ever be cleared during the
execution of a container, it doesn't make sense to store enduring
information there.
Change-Id: I2b5c4c12179fb624ae7c6e6ea7e22c517bec04fc
The metal3-io sushy-tools container no longer includes the ping utility,
which was being used to test that the VMs were available. This changes
the container to use the shared drive to perform this check instead,
relieving the need for ping.
Change-Id: I0f697d1a7afac84f04fd27dc9b808857c9f64a7c
This change aims to add the airship-in-a-pod test to the gates.
This is accomplished by creating new scripts to run which
install a minimal k8s environment, and then apply the
airship-in-a-pod.yaml.
Brief description of scripts
01_dns_settings: Running k8s pods in zuul has a lot of issues with
DNS resolution which this resolves.
10_install_minikube: grabs latest minikube and other dependencies.
11_build_images: builds the images under tools/airship-in-a-pod
and then adds patches to the kustomize configuration to use and
configure them.
12_start_minikube: starts minikube and makes sure kubectl will work
13_apply_dns.sh: This takes some of the effort from 01_dns_settings
and incorporates it into the minikube cluster by modifying coredns
20_apply_aiap: Applies the airship-in-a-pod.yaml to the cluster.
Has a few loops to check that the cluster is fully running
before applying, and to check on the pod to see if it is ready
before finishing.
Closes: #478
Change-Id: I4c02d04b0eda9395642032bf56b56a0f823c1969
`airshipctl document pull` does not yet support pull from git refs,
and so cannot pull airshipctl patchsets to test their manifests.
As a workaround, this change copies the airshipctl project directory
that is used to build the binary / run the scripts
(which can be set to a patchset via $MANIFEST_REPO_REF) to the
expected /tmp location for serving manifests from patchsets as well.
Support for testing treasuremap manifest patchsets is still unsupported.
Change-Id: Ia9ec248efa2a12728e9eb6d3753b35ec5bae0d47
This increases the size of the nodes used for AIAP so that they match
those in our gating process.
Closes: #581
Change-Id: I978db75e252335842dd4311db0416617071617a4
This sets the airship-in-a-pod libvirt container to have `tty: false`.
With `tty: true`, the libvirt container would fail with the following
error in some environments (mostly baremetal, but VMs as well):
Error: failed to create containerd task: failed to create shim:
OCI runtime create failed: container_linux.go:380: starting container
process caused: process_linux.go:545: container init caused:
setctty: operation not permitted: unknown
The RC for the error is unknown, but `tty: true` appears to be a leftover
debugging tool, so this change disables it by default.
Change-Id: I427bd1bdbe86c8a742b871c4f8fc18e4be58660b
Closes: #578
controlplane_target phase is needed for target cluster more than a
single node
Signed-off-by: James Gu <james.gu@att.com>
Change-Id: I6e77d4268cdee0ebcc65e1f9172ef645ced53337
Pallav Gupta
Steven Fitzpatrick
Walter Wahlstedt
Manoj Alva(ma257n)
Michael Beaver
Siraj Yasin
Drew Walters
Ian Howell
Matt McEuen
Battina, Sai (sb464f)
Michael Beaver
Vladislav Kuzmin
James Gu