567 lines
13 KiB
YAML
567 lines
13 KiB
YAML
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
metadata:
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
name: kubernetes-apply
|
|
config:
|
|
waitOptions:
|
|
timeout: 2600
|
|
pruneOptions:
|
|
prune: false
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
metadata:
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
name: kubernetes-apply-controlplane
|
|
config:
|
|
waitOptions:
|
|
timeout: 5000
|
|
pollInterval: 30
|
|
pruneOptions:
|
|
prune: false
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
metadata:
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
name: kubernetes-apply-networking
|
|
config:
|
|
waitOptions:
|
|
timeout: 1000
|
|
pruneOptions:
|
|
prune: false
|
|
---
|
|
# This is added to support phase with no-wait
|
|
# When there is a wait, then it does status-check and fails
|
|
# if the resource status(condition) is not met.
|
|
# There are cases where the resource do not have status
|
|
# field implemented. So a wait will fail with status check
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: KubernetesApply
|
|
metadata:
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
name: kubernetes-apply-nowait
|
|
config:
|
|
waitOptions:
|
|
timeout: 0
|
|
pruneOptions:
|
|
prune: false
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: Clusterctl
|
|
metadata:
|
|
name: clusterctl_move
|
|
move-options:
|
|
namespace: target-infra
|
|
action: move
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: encrypter
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
sinkOutputDir: "target/encrypted/results"
|
|
image: gcr.io/kpt-fn-contrib/sops:v0.1.0
|
|
envVars:
|
|
- SOPS_IMPORT_PGP
|
|
- SOPS_PGP_FP
|
|
config: |
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
data:
|
|
cmd: encrypt
|
|
unencrypted-regex: '^(kind|apiVersion|group|metadata)$'
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: decrypter
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
image: gcr.io/kpt-fn-contrib/sops:v0.1.0
|
|
envVars:
|
|
- SOPS_IMPORT_PGP
|
|
- SOPS_PGP_FP
|
|
config: |
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
data:
|
|
cmd: decrypt
|
|
---
|
|
# This executor launchs a bootstrap container, which creates
|
|
# an Azure Kubernetes Service (AKS) cluster
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
metadata:
|
|
name: ephemeral-az-genesis
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
ephemeralCluster:
|
|
bootstrapCommand: create
|
|
configFilename: azure-config.yaml
|
|
bootstrapContainer:
|
|
containerRuntime: docker
|
|
image: quay.io/airshipit/capz-bootstrap:latest
|
|
volume: /tmp:/kube
|
|
saveKubeconfigFileName: capz.kubeconfig
|
|
---
|
|
# This executor launchs a bootstrap container, which deletes
|
|
# an Azure Kubernetes Service (AKS) cluster
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
metadata:
|
|
name: ephemeral-az-cleanup
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
ephemeralCluster:
|
|
bootstrapCommand: delete
|
|
configFilename: azure-config.yaml
|
|
bootstrapContainer:
|
|
containerRuntime: docker
|
|
image: quay.io/airshipit/capz-bootstrap:latest
|
|
volume: /tmp:/kube
|
|
saveKubeconfigFileName: capz.kubeconfig
|
|
---
|
|
# This executor launchs a bootstrap container, which creates
|
|
# a Google Kubernetes Engine (GKE) cluster
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
metadata:
|
|
name: ephemeral-gcp-genesis
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
ephemeralCluster:
|
|
bootstrapCommand: create
|
|
configFilename: gcp-config.yaml
|
|
bootstrapContainer:
|
|
containerRuntime: docker
|
|
image: quay.io/airshipit/capg-bootstrap:latest
|
|
volume: /tmp:/kube
|
|
saveKubeconfigFileName: capg.kubeconfig
|
|
---
|
|
# This executor launchs a bootstrap container, which deletes
|
|
# a Google Kubernetes Engine (GKE) cluster
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
metadata:
|
|
name: ephemeral-gcp-cleanup
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
ephemeralCluster:
|
|
bootstrapCommand: delete
|
|
configFilename: gcp-config.yaml
|
|
bootstrapContainer:
|
|
containerRuntime: docker
|
|
image: quay.io/airshipit/capg-bootstrap:latest
|
|
volume: /tmp:/kube
|
|
saveKubeconfigFileName: capg.kubeconfig
|
|
---
|
|
# This executor launchs a bootstrap container, which creates
|
|
# an ephemeral K8S cluster in Openstack
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
metadata:
|
|
name: ephemeral-os-genesis
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
ephemeralCluster:
|
|
bootstrapCommand: create
|
|
configFilename: openstack-config.yaml
|
|
bootstrapContainer:
|
|
containerRuntime: docker
|
|
image: quay.io/airshipit/capo-ephemeral:latest
|
|
volume: /tmp:/kube
|
|
saveKubeconfigFileName: capo.kubeconfig
|
|
---
|
|
# This executor launchs a bootstrap container, which deletes
|
|
# ephemeral K8S cluster in Openstack
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BootConfiguration
|
|
metadata:
|
|
name: ephemeral-os-cleanup
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
ephemeralCluster:
|
|
bootstrapCommand: delete
|
|
configFilename: openstack-config.yaml
|
|
bootstrapContainer:
|
|
containerRuntime: docker
|
|
image: quay.io/airshipit/capo-ephemeral:latest
|
|
volume: /tmp:/kube
|
|
saveKubeconfigFileName: capo.kubeconfig
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BaremetalManager
|
|
metadata:
|
|
name: RemoteDirectEphemeral
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
operation: remote-direct
|
|
hostSelector:
|
|
name: EPHEMERAL_NODE
|
|
operationOptions:
|
|
remoteDirect:
|
|
isoURL: ISO_URL
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: BaremetalManager
|
|
metadata:
|
|
name: PowerOffEphemeral
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
operation: power-off
|
|
hostSelector:
|
|
name: EPHEMERAL_NODE
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: iso-cloud-init-data
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
image: localhost/cloud-init
|
|
mounts:
|
|
- type: bind
|
|
src: /srv/images
|
|
dst: /config
|
|
rw: true
|
|
config: |
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: IsoConfiguration
|
|
metadata:
|
|
name: isogen
|
|
builder:
|
|
userDataSelector:
|
|
kind: Secret
|
|
namespace: target-infra
|
|
labelSelector: airshipit.org/ephemeral-user-data
|
|
userDataKey: userData
|
|
networkConfigSelector:
|
|
kind: BareMetalHost
|
|
labelSelector: airshipit.org/ephemeral-node
|
|
networkConfigKey: networkData
|
|
outputFileName: ephemeral.iso
|
|
container:
|
|
volume: /srv/images:/config # for compatibility with image-builder
|
|
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: iso-build-image
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: airship
|
|
airship:
|
|
privileged: true
|
|
containerRuntime: docker
|
|
cmd:
|
|
- /bin/bash
|
|
- -c
|
|
- /usr/bin/local/entrypoint.sh 1>&2
|
|
image: quay.io/airshipit/image-builder:latest-ubuntu_focal
|
|
mounts:
|
|
- type: bind
|
|
src: /srv/images
|
|
dst: /config
|
|
rw: true
|
|
envVars:
|
|
- IMAGE_TYPE=iso
|
|
- BUILDER_CONFIG=/config/builder-conf.yaml
|
|
- USER_DATA_FILE=user-data
|
|
- NET_CONFIG_FILE=network-data
|
|
- OUTPUT_FILE_NAME=ephemerial.iso
|
|
- OUTPUT_METADATA_FILE_NAME=output-metadata.yaml
|
|
- http_proxy
|
|
- https_proxy
|
|
- HTTP_PROXY
|
|
- HTTPS_PROXY
|
|
- no_proxy
|
|
- NO_PROXY
|
|
config: |
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: DoesNotMatter
|
|
metadata:
|
|
name: isogen
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-wait-node
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-wait-node
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-get-node
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-get-node
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-get-pods
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-get-pods
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-wait-tigera
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-wait-tigera
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-wait-deploy
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-wait-deploy
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-wait-pods-ready
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-wait-pods-ready
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-wait-pods-any
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-wait-pods-any
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: document-validation
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
image: localhost/kubeval-validator
|
|
envVars:
|
|
- VALIDATOR_PREVENT_CLEANUP # Validator won't cleanup its working directory after finish
|
|
- VALIDATOR_REWRITE_SCHEMAS # Validator will rewrite schemas for kubeval if they already exist
|
|
mounts:
|
|
- type: bind
|
|
src: ~/.airship
|
|
dst: /workdir
|
|
rw: true
|
|
hostNetwork: true
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-pause-bmh
|
|
spec:
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
envVars:
|
|
- RESOURCE_GROUP_FILTER=metal3.io
|
|
- RESOURCE_VERSION_FILTER=v1alpha1
|
|
- RESOURCE_KIND_FILTER=BareMetalHost
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-pause-bmh
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-wait-cluster
|
|
spec:
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
envVars:
|
|
- RESOURCE_GROUP_FILTER=cluster.x-k8s.io
|
|
- RESOURCE_VERSION_FILTER=v1alpha3
|
|
- RESOURCE_KIND_FILTER=Cluster
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-wait-cluster
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-wait-cluster-init
|
|
spec:
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
envVars:
|
|
- RESOURCE_GROUP_FILTER=cluster.x-k8s.io
|
|
- RESOURCE_VERSION_FILTER=v1alpha3
|
|
- RESOURCE_KIND_FILTER=Cluster
|
|
- CONDITION=controlPlaneInitialized
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-wait-cluster
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: virsh-eject-cdrom-images
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
image: quay.io/airshipit/toolbox-virsh:latest
|
|
hostNetwork: true
|
|
mounts:
|
|
- type: bind
|
|
src: /var/run/libvirt/libvirt-sock
|
|
dst: /var/run/libvirt/libvirt-sock
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: virsh-eject-cdrom-images
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: virsh-destroy-vms
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
image: quay.io/airshipit/toolbox-virsh:latest
|
|
hostNetwork: true
|
|
mounts:
|
|
- type: bind
|
|
src: /var/run/libvirt/libvirt-sock
|
|
dst: /var/run/libvirt/libvirt-sock
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: virsh-destroy-vms
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-wait-bmh
|
|
spec:
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
envVars:
|
|
- RESOURCE_GROUP_FILTER=metal3.io
|
|
- RESOURCE_VERSION_FILTER=v1alpha1
|
|
- RESOURCE_KIND_FILTER=BareMetalHost
|
|
- RESOURCE_LABEL_FILTER=airshipit.org/k8s-role=worker
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-wait-bmh
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-wait-label-node
|
|
spec:
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
envVars:
|
|
- RESOURCE_GROUP_FILTER=metal3.io
|
|
- RESOURCE_VERSION_FILTER=v1alpha1
|
|
- RESOURCE_KIND_FILTER=BareMetalHost
|
|
- RESOURCE_LABEL_FILTER=airshipit.org/k8s-role=worker
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-wait-label-node
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: kubectl-check-ingress-ctrl
|
|
spec:
|
|
image: localhost/toolbox
|
|
hostNetwork: true
|
|
configRef:
|
|
kind: ConfigMap
|
|
name: kubectl-check-ingress-ctrl
|
|
apiVersion: v1
|
|
---
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: GenericContainer
|
|
metadata:
|
|
name: clusterctl
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
spec:
|
|
type: krm
|
|
image: localhost/clusterctl:latest
|
|
hostNetwork: true
|