airship/airshipctl
Code Issues Proposed changes
151eccbfba
airshipctl/manifests/phases/executors.yaml
Matt McEuen 2b429eb810 Add kubectl-wait-cluster-ephemeral phase 
This adds a phase to wait for the target cluster to become initialized,
directed at the ephemeral management cluster.  It re-uses the helper script
already used by the `kubectl-wait-cluster-target` phase, adds parameterization
so that it can watch for both controlPlaneInitialized and controlPlaneReady
conditions, and adds the new phase to the phase plan.

Lack of this waiting was causing errors in some environments.

This also adds a kubectl-wait-node-target phase definition,
in case we ever want to make use of it.

Change-Id: Ic18742dd59a7901b0d985b8c11260bc1b3527a30
2021-07-19 19:41:07 -05:00

532 lines
12 KiB
YAML
Raw Blame History

---
apiVersion: airshipit.org/v1alpha1
kind: KubernetesApply
metadata:
labels:
airshipit.org/deploy-k8s: "false"
name: kubernetes-apply
config:
waitOptions:
timeout: 2600
pruneOptions:
prune: false
---
apiVersion: airshipit.org/v1alpha1
kind: KubernetesApply
metadata:
labels:
airshipit.org/deploy-k8s: "false"
name: kubernetes-apply-controlplane
config:
waitOptions:
timeout: 5000
pruneOptions:
prune: false
---
# This is added to support phase with no-wait
# When there is a wait, then it does status-check and fails
# if the resource status(condition) is not met.
# There are cases where the resource do not have status
# field implemeneted. So a wait will fail with status check
apiVersion: airshipit.org/v1alpha1
kind: KubernetesApply
metadata:
labels:
airshipit.org/deploy-k8s: "false"
name: kubernetes-apply-nowait
config:
waitOptions:
timeout: 0
pruneOptions:
prune: false
---
apiVersion: airshipit.org/v1alpha1
kind: Clusterctl
metadata:
name: clusterctl_move
move-options:
namespace: target-infra
action: move
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: encrypter
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
sinkOutputDir: "target/encrypted/results"
image: gcr.io/kpt-fn-contrib/sops:v0.1.0
envVars:
- SOPS_IMPORT_PGP
- SOPS_PGP_FP
config: |
apiVersion: v1
kind: ConfigMap
data:
cmd: encrypt
unencrypted-regex: '^(kind|apiVersion|group|metadata)$'
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: decrypter
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: gcr.io/kpt-fn-contrib/sops:v0.1.0
envVars:
- SOPS_IMPORT_PGP
- SOPS_PGP_FP
config: |
apiVersion: v1
kind: ConfigMap
data:
cmd: decrypt
---
# This executor launchs a bootstrap container, which creates
# an Azure Kubernetes Service (AKS) cluster
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-az-genesis
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: create
configFilename: azure-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capz-bootstrap:latest
volume: /tmp:/kube
saveKubeconfigFileName: capz.kubeconfig
---
# This executor launchs a bootstrap container, which deletes
# an Azure Kubernetes Service (AKS) cluster
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-az-cleanup
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: delete
configFilename: azure-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capz-bootstrap:latest
volume: /tmp:/kube
saveKubeconfigFileName: capz.kubeconfig
---
# This executor launchs a bootstrap container, which creates
# a Google Kubernetes Engine (GKE) cluster
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-gcp-genesis
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: create
configFilename: gcp-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capg-bootstrap:latest
volume: /tmp:/kube
saveKubeconfigFileName: capg.kubeconfig
---
# This executor launchs a bootstrap container, which deletes
# a Google Kubernetes Engine (GKE) cluster
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-gcp-cleanup
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: delete
configFilename: gcp-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capg-bootstrap:latest
volume: /tmp:/kube
saveKubeconfigFileName: capg.kubeconfig
---
# This executor launchs a bootstrap container, which creates
# an ephemeral K8S cluster in Openstack
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-os-genesis
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: create
configFilename: openstack-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capo-ephemeral:latest
volume: /tmp:/kube
saveKubeconfigFileName: capo.kubeconfig
---
# This executor launchs a bootstrap container, which deletes
# ephemeral K8S cluster in Openstack
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-os-cleanup
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: delete
configFilename: openstack-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capo-ephemeral:latest
volume: /tmp:/kube
saveKubeconfigFileName: capo.kubeconfig
---
apiVersion: airshipit.org/v1alpha1
kind: BaremetalManager
metadata:
name: RemoteDirectEphemeral
labels:
airshipit.org/deploy-k8s: "false"
spec:
operation: remote-direct
hostSelector:
name: EPHEMERAL_NODE
operationOptions:
remoteDirect:
isoURL: ISO_URL
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: iso-cloud-init-data
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/cloud-init
mounts:
- type: bind
src: /srv/images
dst: /config
rw: true
config: |
apiVersion: airshipit.org/v1alpha1
kind: IsoConfiguration
metadata:
name: isogen
builder:
userDataSelector:
kind: Secret
namespace: target-infra
labelSelector: airshipit.org/ephemeral-user-data
userDataKey: userData
networkConfigSelector:
kind: BareMetalHost
labelSelector: airshipit.org/ephemeral-node
networkConfigKey: networkData
outputFileName: ephemeral.iso
container:
volume: /srv/images:/config # for compatibility with image-builder
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: iso-build-image
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: airship
airship:
privileged: true
containerRuntime: docker
cmd:
- /bin/bash
- -c
- /usr/bin/local/entrypoint.sh 1>&2
image: quay.io/airshipit/image-builder:latest-ubuntu_focal
mounts:
- type: bind
src: /srv/images
dst: /config
rw: true
envVars:
- IMAGE_TYPE=iso
- BUILDER_CONFIG=/config/builder-conf.yaml
- USER_DATA_FILE=user-data
- NET_CONFIG_FILE=network-data
- OUTPUT_FILE_NAME=ephemerial.iso
- OUTPUT_METADATA_FILE_NAME=output-metadata.yaml
- http_proxy
- https_proxy
- HTTP_PROXY
- HTTPS_PROXY
- no_proxy
- NO_PROXY
config: |
apiVersion: airshipit.org/v1alpha1
kind: DoesNotMatter
metadata:
name: isogen
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-node
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-wait-node
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-get-node
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-get-node
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-get-pods
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-get-pods
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-tigera
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-wait-tigera
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-deploy
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-wait-deploy
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-pods-ready
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-wait-pods-ready
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-pods-any
labels:
airshipit.org/deploy-k8s: "false"
spec:
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-wait-pods-any
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: document-validation
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/kubeval-validator
envVars:
- VALIDATOR_PREVENT_CLEANUP # Validator won't cleanup its working directory after finish
- VALIDATOR_REWRITE_SCHEMAS # Validator will rewrite schemas for kubeval if they already exist
mounts:
- type: bind
src: ~/.airship
dst: /workdir
rw: true
hostNetwork: true
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-pause-bmh
spec:
image: localhost/toolbox
hostNetwork: true
envVars:
- RESOURCE_GROUP_FILTER=metal3.io
- RESOURCE_VERSION_FILTER=v1alpha1
- RESOURCE_KIND_FILTER=BareMetalHost
configRef:
kind: ConfigMap
name: kubectl-pause-bmh
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-cluster
spec:
image: localhost/toolbox
hostNetwork: true
envVars:
- RESOURCE_GROUP_FILTER=cluster.x-k8s.io
- RESOURCE_VERSION_FILTER=v1alpha3
- RESOURCE_KIND_FILTER=Cluster
configRef:
kind: ConfigMap
name: kubectl-wait-cluster
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-cluster-init
spec:
image: localhost/toolbox
hostNetwork: true
envVars:
- RESOURCE_GROUP_FILTER=cluster.x-k8s.io
- RESOURCE_VERSION_FILTER=v1alpha3
- RESOURCE_KIND_FILTER=Cluster
- CONDITION=controlPlaneInitialized
configRef:
kind: ConfigMap
name: kubectl-wait-cluster
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: virsh-eject-cdrom-images
labels:
airshipit.org/deploy-k8s: "false"
spec:
image: quay.io/airshipit/toolbox-virsh:latest
hostNetwork: true
mounts:
- type: bind
src: /var/run/libvirt/libvirt-sock
dst: /var/run/libvirt/libvirt-sock
configRef:
kind: ConfigMap
name: virsh-eject-cdrom-images
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: virsh-destroy-vms
labels:
airshipit.org/deploy-k8s: "false"
spec:
image: quay.io/airshipit/toolbox-virsh:latest
hostNetwork: true
mounts:
- type: bind
src: /var/run/libvirt/libvirt-sock
dst: /var/run/libvirt/libvirt-sock
configRef:
kind: ConfigMap
name: virsh-destroy-vms
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-bmh
spec:
image: quay.io/airshipit/toolbox:latest
hostNetwork: true
envVars:
- RESOURCE_GROUP_FILTER=metal3.io
- RESOURCE_VERSION_FILTER=v1alpha1
- RESOURCE_KIND_FILTER=BareMetalHost
- RESOURCE_LABEL_FILTER=airshipit.org/k8s-role=worker
configRef:
kind: ConfigMap
name: kubectl-wait-bmh
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-label-node
spec:
image: quay.io/airshipit/toolbox:latest
hostNetwork: true
envVars:
- RESOURCE_GROUP_FILTER=metal3.io
- RESOURCE_VERSION_FILTER=v1alpha1
- RESOURCE_KIND_FILTER=BareMetalHost
- RESOURCE_LABEL_FILTER=airshipit.org/k8s-role=worker
configRef:
kind: ConfigMap
name: kubectl-wait-label-node
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-check-ingress-ctrl
spec:
image: quay.io/airshipit/toolbox:latest
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-check-ingress-ctrl
apiVersion: v1
View Git Blame Copy Permalink