Update vino
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com> Change-Id: I907c2b86fea75446e3e4cb7af45404a7ce2d4881
This commit is contained in:
parent
c9847c4aaa
commit
68e0c7d8fc
|
@ -110,9 +110,9 @@ spec:
|
||||||
sushy-tools:
|
sushy-tools:
|
||||||
image: quay.io/metal3-io/sushy-tools:latest
|
image: quay.io/metal3-io/sushy-tools:latest
|
||||||
manager:
|
manager:
|
||||||
image: quay.io/airshipit/vino:6480ddc3ba98fba21fd692b8489adb0177abb8b5
|
image: quay.io/airshipit/vino:0e709c0d27b2052a5198f8d27d39bd25ed122dae
|
||||||
vino-builder:
|
vino-builder:
|
||||||
image: quay.io/airshipit/vino-builder:6480ddc3ba98fba21fd692b8489adb0177abb8b5
|
image: quay.io/airshipit/vino-builder:0e709c0d27b2052a5198f8d27d39bd25ed122dae
|
||||||
nodelabeler:
|
nodelabeler:
|
||||||
image: quay.io/airshipit/nodelabeler:latest
|
image: quay.io/airshipit/nodelabeler:latest
|
||||||
synclabeller:
|
synclabeller:
|
||||||
|
|
|
@ -5,19 +5,19 @@ dependencies:
|
||||||
git:
|
git:
|
||||||
repo: "https://opendev.org/airship/vino"
|
repo: "https://opendev.org/airship/vino"
|
||||||
directory: "config/crd"
|
directory: "config/crd"
|
||||||
ref: "6ad6bb6d8c9b162540b689c9e8b9385e847c922a"
|
ref: "0e709c0d27b2052a5198f8d27d39bd25ed122dae"
|
||||||
- name: upstream/default
|
- name: upstream/default
|
||||||
git:
|
git:
|
||||||
repo: "https://opendev.org/airship/vino"
|
repo: "https://opendev.org/airship/vino"
|
||||||
directory: "config/default"
|
directory: "config/default"
|
||||||
ref: "6ad6bb6d8c9b162540b689c9e8b9385e847c922a"
|
ref: "0e709c0d27b2052a5198f8d27d39bd25ed122dae"
|
||||||
- name: upstream/manager
|
- name: upstream/manager
|
||||||
git:
|
git:
|
||||||
repo: "https://opendev.org/airship/vino"
|
repo: "https://opendev.org/airship/vino"
|
||||||
directory: "config/manager"
|
directory: "config/manager"
|
||||||
ref: "6ad6bb6d8c9b162540b689c9e8b9385e847c922a"
|
ref: "0e709c0d27b2052a5198f8d27d39bd25ed122dae"
|
||||||
- name: upstream/rbac
|
- name: upstream/rbac
|
||||||
git:
|
git:
|
||||||
repo: "https://opendev.org/airship/vino"
|
repo: "https://opendev.org/airship/vino"
|
||||||
directory: "config/rbac"
|
directory: "config/rbac"
|
||||||
ref: "6ad6bb6d8c9b162540b689c9e8b9385e847c922a"
|
ref: "0e709c0d27b2052a5198f8d27d39bd25ed122dae"
|
||||||
|
|
|
@ -5,14 +5,7 @@ metadata:
|
||||||
upstream:
|
upstream:
|
||||||
type: git
|
type: git
|
||||||
git:
|
git:
|
||||||
commit: 6ad6bb6d8c9b162540b689c9e8b9385e847c922a
|
commit: 0e709c0d27b2052a5198f8d27d39bd25ed122dae
|
||||||
repo: https://opendev.org/airship/vino
|
repo: https://opendev.org/airship/vino
|
||||||
directory: config/crd
|
directory: config/crd
|
||||||
ref: 6ad6bb6d8c9b162540b689c9e8b9385e847c922a
|
ref: 0e709c0d27b2052a5198f8d27d39bd25ed122dae
|
||||||
openAPI:
|
|
||||||
definitions:
|
|
||||||
io.k8s.cli.setters.replicas:
|
|
||||||
x-k8s-cli:
|
|
||||||
setter:
|
|
||||||
name: replicas
|
|
||||||
value: "3"
|
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
|
||||||
|
---
|
||||||
apiVersion: apiextensions.k8s.io/v1
|
apiVersion: apiextensions.k8s.io/v1
|
||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
|
||||||
|
---
|
||||||
apiVersion: apiextensions.k8s.io/v1
|
apiVersion: apiextensions.k8s.io/v1
|
||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
|
@ -88,6 +90,12 @@ spec:
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
instanceSubnet:
|
||||||
|
type: string
|
||||||
|
libvirtTemplate:
|
||||||
|
description: LibvirtTemplate identifies which libvirt template
|
||||||
|
to be used to create a network
|
||||||
|
type: string
|
||||||
macPrefix:
|
macPrefix:
|
||||||
description: MACPrefix defines the zero-padded MAC prefix to
|
description: MACPrefix defines the zero-padded MAC prefix to
|
||||||
use for VM mac addresses, and is the first address that will
|
use for VM mac addresses, and is the first address that will
|
||||||
|
@ -98,6 +106,10 @@ spec:
|
||||||
name:
|
name:
|
||||||
description: Network Parameter defined
|
description: Network Parameter defined
|
||||||
type: string
|
type: string
|
||||||
|
physicalInterface:
|
||||||
|
description: PhysicalInterface identifies interface into which
|
||||||
|
to plug in libvirt network
|
||||||
|
type: string
|
||||||
routes:
|
routes:
|
||||||
items:
|
items:
|
||||||
description: VMRoutes defined
|
description: VMRoutes defined
|
||||||
|
@ -146,9 +158,8 @@ spec:
|
||||||
k8s node, that are specified in vino.NodeLabelKeysToCopy
|
k8s node, that are specified in vino.NodeLabelKeysToCopy
|
||||||
type: object
|
type: object
|
||||||
bootInterfaceName:
|
bootInterfaceName:
|
||||||
description: BootInterfaceName references the interface name
|
description: BootInterfaceName interface name to use to boot
|
||||||
in the list of NetworkInterfaces Vino will take this interface
|
virtual machines
|
||||||
find its mac address and use it as bootMACAddress for BMH
|
|
||||||
type: string
|
type: string
|
||||||
count:
|
count:
|
||||||
type: integer
|
type: integer
|
||||||
|
@ -172,6 +183,10 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
|
enableVNC:
|
||||||
|
description: EnableVNC create VNC for graphical interaction
|
||||||
|
with the VM that will be created.
|
||||||
|
type: boolean
|
||||||
libvirtTemplate:
|
libvirtTemplate:
|
||||||
description: NamespacedName to be used to spawn VMs
|
description: NamespacedName to be used to spawn VMs
|
||||||
properties:
|
properties:
|
||||||
|
@ -210,8 +225,20 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
|
rootDeviceName:
|
||||||
|
description: RootDeviceName is the root device for underlying
|
||||||
|
VM, /dev/vda for example default is /dev/vda
|
||||||
|
type: string
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
|
pxeBootImageHost:
|
||||||
|
description: PXEBootImageHost will be used to download the PXE boot
|
||||||
|
image
|
||||||
|
type: string
|
||||||
|
pxeBootImageHostPort:
|
||||||
|
description: PXEBootImageHostPort will be used to download the PXE
|
||||||
|
boot image
|
||||||
|
type: integer
|
||||||
vmBridge:
|
vmBridge:
|
||||||
description: VMBridge defines the single interface name to be used
|
description: VMBridge defines the single interface name to be used
|
||||||
as a bridge for VMs
|
as a bridge for VMs
|
||||||
|
|
|
@ -6,42 +6,42 @@ metadata:
|
||||||
name: baremetalhosts.metal3.io
|
name: baremetalhosts.metal3.io
|
||||||
spec:
|
spec:
|
||||||
additionalPrinterColumns:
|
additionalPrinterColumns:
|
||||||
- JSONPath: .status.operationalStatus
|
- JSONPath: .status.operationalStatus
|
||||||
description: Operational status
|
description: Operational status
|
||||||
name: Status
|
name: Status
|
||||||
type: string
|
type: string
|
||||||
- JSONPath: .status.provisioning.state
|
- JSONPath: .status.provisioning.state
|
||||||
description: Provisioning status
|
description: Provisioning status
|
||||||
name: Provisioning Status
|
name: Provisioning Status
|
||||||
type: string
|
type: string
|
||||||
- JSONPath: .spec.consumerRef.name
|
- JSONPath: .spec.consumerRef.name
|
||||||
description: Consumer using this host
|
description: Consumer using this host
|
||||||
name: Consumer
|
name: Consumer
|
||||||
type: string
|
type: string
|
||||||
- JSONPath: .spec.bmc.address
|
- JSONPath: .spec.bmc.address
|
||||||
description: Address of management controller
|
description: Address of management controller
|
||||||
name: BMC
|
name: BMC
|
||||||
type: string
|
type: string
|
||||||
- JSONPath: .status.hardwareProfile
|
- JSONPath: .status.hardwareProfile
|
||||||
description: The type of hardware detected
|
description: The type of hardware detected
|
||||||
name: Hardware Profile
|
name: Hardware Profile
|
||||||
type: string
|
type: string
|
||||||
- JSONPath: .spec.online
|
- JSONPath: .spec.online
|
||||||
description: Whether the host is online or not
|
description: Whether the host is online or not
|
||||||
name: Online
|
name: Online
|
||||||
type: string
|
type: string
|
||||||
- JSONPath: .status.errorMessage
|
- JSONPath: .status.errorMessage
|
||||||
description: Most recent error
|
description: Most recent error
|
||||||
name: Error
|
name: Error
|
||||||
type: string
|
type: string
|
||||||
group: metal3.io
|
group: metal3.io
|
||||||
names:
|
names:
|
||||||
kind: BareMetalHost
|
kind: BareMetalHost
|
||||||
listKind: BareMetalHostList
|
listKind: BareMetalHostList
|
||||||
plural: baremetalhosts
|
plural: baremetalhosts
|
||||||
shortNames:
|
shortNames:
|
||||||
- bmh
|
- bmh
|
||||||
- bmhost
|
- bmhost
|
||||||
singular: baremetalhost
|
singular: baremetalhost
|
||||||
scope: Namespaced
|
scope: Namespaced
|
||||||
subresources:
|
subresources:
|
||||||
|
@ -84,8 +84,8 @@ spec:
|
||||||
the connection.
|
the connection.
|
||||||
type: boolean
|
type: boolean
|
||||||
required:
|
required:
|
||||||
- address
|
- address
|
||||||
- credentialsName
|
- credentialsName
|
||||||
type: object
|
type: object
|
||||||
bootMACAddress:
|
bootMACAddress:
|
||||||
description: Which MAC address will PXE boot? This is optional for some
|
description: Which MAC address will PXE boot? This is optional for some
|
||||||
|
@ -95,8 +95,8 @@ spec:
|
||||||
bootMode:
|
bootMode:
|
||||||
description: Select the method of initializing the hardware during boot.
|
description: Select the method of initializing the hardware during boot.
|
||||||
enum:
|
enum:
|
||||||
- UEFI
|
- UEFI
|
||||||
- legacy
|
- legacy
|
||||||
type: string
|
type: string
|
||||||
consumerRef:
|
consumerRef:
|
||||||
description: ConsumerRef can be used to store information about something
|
description: ConsumerRef can be used to store information about something
|
||||||
|
@ -161,8 +161,8 @@ spec:
|
||||||
description: URL is a location of an image to deploy.
|
description: URL is a location of an image to deploy.
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- checksum
|
- checksum
|
||||||
- url
|
- url
|
||||||
type: object
|
type: object
|
||||||
networkData:
|
networkData:
|
||||||
description: NetworkData holds the reference to the Secret containing
|
description: NetworkData holds the reference to the Secret containing
|
||||||
|
@ -206,8 +206,8 @@ spec:
|
||||||
key.
|
key.
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- effect
|
- effect
|
||||||
- key
|
- key
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
userData:
|
userData:
|
||||||
|
@ -224,7 +224,7 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
- online
|
- online
|
||||||
type: object
|
type: object
|
||||||
status:
|
status:
|
||||||
description: BareMetalHostStatus defines the observed state of BareMetalHost
|
description: BareMetalHostStatus defines the observed state of BareMetalHost
|
||||||
|
@ -236,10 +236,10 @@ spec:
|
||||||
description: ErrorType indicates the type of failure encountered when
|
description: ErrorType indicates the type of failure encountered when
|
||||||
the OperationalStatus is OperationalStatusError
|
the OperationalStatus is OperationalStatusError
|
||||||
enum:
|
enum:
|
||||||
- registration error
|
- registration error
|
||||||
- inspection error
|
- inspection error
|
||||||
- provisioning error
|
- provisioning error
|
||||||
- power management error
|
- power management error
|
||||||
type: string
|
type: string
|
||||||
goodCredentials:
|
goodCredentials:
|
||||||
description: the last credentials we were able to validate as working
|
description: the last credentials we were able to validate as working
|
||||||
|
@ -279,11 +279,11 @@ spec:
|
||||||
model:
|
model:
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- arch
|
- arch
|
||||||
- clockMegahertz
|
- clockMegahertz
|
||||||
- count
|
- count
|
||||||
- flags
|
- flags
|
||||||
- model
|
- model
|
||||||
type: object
|
type: object
|
||||||
firmware:
|
firmware:
|
||||||
description: Firmware describes the firmware on the host.
|
description: Firmware describes the firmware on the host.
|
||||||
|
@ -301,12 +301,12 @@ spec:
|
||||||
description: The version of the BIOS
|
description: The version of the BIOS
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- date
|
- date
|
||||||
- vendor
|
- vendor
|
||||||
- version
|
- version
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
- bios
|
- bios
|
||||||
type: object
|
type: object
|
||||||
hostname:
|
hostname:
|
||||||
type: string
|
type: string
|
||||||
|
@ -349,17 +349,17 @@ spec:
|
||||||
name:
|
name:
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- id
|
- id
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
required:
|
required:
|
||||||
- ip
|
- ip
|
||||||
- mac
|
- mac
|
||||||
- model
|
- model
|
||||||
- name
|
- name
|
||||||
- pxe
|
- pxe
|
||||||
- speedGbps
|
- speedGbps
|
||||||
- vlanId
|
- vlanId
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
ramMebibytes:
|
ramMebibytes:
|
||||||
|
@ -401,10 +401,10 @@ spec:
|
||||||
description: The WWN with the extension
|
description: The WWN with the extension
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
- rotational
|
- rotational
|
||||||
- serialNumber
|
- serialNumber
|
||||||
- sizeBytes
|
- sizeBytes
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
systemVendor:
|
systemVendor:
|
||||||
|
@ -418,18 +418,18 @@ spec:
|
||||||
serialNumber:
|
serialNumber:
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- manufacturer
|
- manufacturer
|
||||||
- productName
|
- productName
|
||||||
- serialNumber
|
- serialNumber
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
- cpu
|
- cpu
|
||||||
- firmware
|
- firmware
|
||||||
- hostname
|
- hostname
|
||||||
- nics
|
- nics
|
||||||
- ramMebibytes
|
- ramMebibytes
|
||||||
- storage
|
- storage
|
||||||
- systemVendor
|
- systemVendor
|
||||||
type: object
|
type: object
|
||||||
hardwareProfile:
|
hardwareProfile:
|
||||||
description: The name of the profile matching the hardware details.
|
description: The name of the profile matching the hardware details.
|
||||||
|
@ -498,10 +498,10 @@ spec:
|
||||||
operationalStatus:
|
operationalStatus:
|
||||||
description: OperationalStatus holds the status of the host
|
description: OperationalStatus holds the status of the host
|
||||||
enum:
|
enum:
|
||||||
- ""
|
- ""
|
||||||
- OK
|
- OK
|
||||||
- discovered
|
- discovered
|
||||||
- error
|
- error
|
||||||
type: string
|
type: string
|
||||||
poweredOn:
|
poweredOn:
|
||||||
description: indicator for whether or not the host is powered on
|
description: indicator for whether or not the host is powered on
|
||||||
|
@ -524,16 +524,16 @@ spec:
|
||||||
description: URL is a location of an image to deploy.
|
description: URL is a location of an image to deploy.
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- checksum
|
- checksum
|
||||||
- url
|
- url
|
||||||
type: object
|
type: object
|
||||||
state:
|
state:
|
||||||
description: An indiciator for what the provisioner is doing with
|
description: An indiciator for what the provisioner is doing with
|
||||||
the host.
|
the host.
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- ID
|
- ID
|
||||||
- state
|
- state
|
||||||
type: object
|
type: object
|
||||||
triedCredentials:
|
triedCredentials:
|
||||||
description: the last credentials we sent to the provisioning backend
|
description: the last credentials we sent to the provisioning backend
|
||||||
|
@ -555,16 +555,16 @@ spec:
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
- errorMessage
|
- errorMessage
|
||||||
- hardwareProfile
|
- hardwareProfile
|
||||||
- operationHistory
|
- operationHistory
|
||||||
- operationalStatus
|
- operationalStatus
|
||||||
- poweredOn
|
- poweredOn
|
||||||
- provisioning
|
- provisioning
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
version: v1alpha1
|
version: v1alpha1
|
||||||
versions:
|
versions:
|
||||||
- name: v1alpha1
|
- name: v1alpha1
|
||||||
served: true
|
served: true
|
||||||
storage: true
|
storage: true
|
|
@ -7,6 +7,13 @@ resources:
|
||||||
- bases/bmh.yaml
|
- bases/bmh.yaml
|
||||||
# +kubebuilder:scaffold:crdkustomizeresource
|
# +kubebuilder:scaffold:crdkustomizeresource
|
||||||
|
|
||||||
|
patchesStrategicMerge:
|
||||||
|
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
|
||||||
|
# patches here are for enabling the conversion webhook for each CRD
|
||||||
|
#- patches/webhook_in_vinoes.yaml
|
||||||
|
#- patches/webhook_in_ippools.yaml
|
||||||
|
# +kubebuilder:scaffold:crdkustomizewebhookpatch
|
||||||
|
|
||||||
# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
|
# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
|
||||||
# patches here are for enabling the CA injection for each CRD
|
# patches here are for enabling the CA injection for each CRD
|
||||||
#- patches/cainjection_in_vinoes.yaml
|
#- patches/cainjection_in_vinoes.yaml
|
||||||
|
|
|
@ -6,10 +6,12 @@ nameReference:
|
||||||
- kind: CustomResourceDefinition
|
- kind: CustomResourceDefinition
|
||||||
group: apiextensions.k8s.io
|
group: apiextensions.k8s.io
|
||||||
path: spec/conversion/webhookClientConfig/service/name
|
path: spec/conversion/webhookClientConfig/service/name
|
||||||
|
|
||||||
namespace:
|
namespace:
|
||||||
- kind: CustomResourceDefinition
|
- kind: CustomResourceDefinition
|
||||||
group: apiextensions.k8s.io
|
group: apiextensions.k8s.io
|
||||||
path: spec/conversion/webhookClientConfig/service/namespace
|
path: spec/conversion/webhookClientConfig/service/namespace
|
||||||
create: false
|
create: false
|
||||||
|
|
||||||
varReference:
|
varReference:
|
||||||
- path: metadata/annotations
|
- path: metadata/annotations
|
||||||
|
|
|
@ -5,7 +5,7 @@ metadata:
|
||||||
upstream:
|
upstream:
|
||||||
type: git
|
type: git
|
||||||
git:
|
git:
|
||||||
commit: 6ad6bb6d8c9b162540b689c9e8b9385e847c922a
|
commit: 0e709c0d27b2052a5198f8d27d39bd25ed122dae
|
||||||
repo: https://opendev.org/airship/vino
|
repo: https://opendev.org/airship/vino
|
||||||
directory: config/default
|
directory: config/default
|
||||||
ref: 6ad6bb6d8c9b162540b689c9e8b9385e847c922a
|
ref: 0e709c0d27b2052a5198f8d27d39bd25ed122dae
|
||||||
|
|
|
@ -1,14 +1,17 @@
|
||||||
# Adds namespace to all resources.
|
# Adds namespace to all resources.
|
||||||
namespace: vino-system
|
namespace: vino-system
|
||||||
|
|
||||||
# Value of this field is prepended to the
|
# Value of this field is prepended to the
|
||||||
# names of all resources, e.g. a deployment named
|
# names of all resources, e.g. a deployment named
|
||||||
# "wordpress" becomes "alices-wordpress".
|
# "wordpress" becomes "alices-wordpress".
|
||||||
# Note that it should also match with the prefix (text before '-') of the namespace
|
# Note that it should also match with the prefix (text before '-') of the namespace
|
||||||
# field above.
|
# field above.
|
||||||
namePrefix: vino-
|
namePrefix: vino-
|
||||||
|
|
||||||
# Labels to add to all resources and selectors.
|
# Labels to add to all resources and selectors.
|
||||||
#commonLabels:
|
#commonLabels:
|
||||||
# someName: someValue
|
# someName: someValue
|
||||||
|
|
||||||
bases:
|
bases:
|
||||||
- ../crd
|
- ../crd
|
||||||
- ../rbac
|
- ../rbac
|
||||||
|
@ -22,7 +25,46 @@ bases:
|
||||||
#- ../prometheus
|
#- ../prometheus
|
||||||
|
|
||||||
patchesStrategicMerge:
|
patchesStrategicMerge:
|
||||||
# Protect the /metrics endpoint by putting it behind auth.
|
# Protect the /metrics endpoint by putting it behind auth.
|
||||||
# If you want your controller-manager to expose the /metrics
|
# If you want your controller-manager to expose the /metrics
|
||||||
# endpoint w/o any authn/z, please comment the following line.
|
# endpoint w/o any authn/z, please comment the following line.
|
||||||
- manager_auth_proxy_patch.yaml
|
- manager_auth_proxy_patch.yaml
|
||||||
|
|
||||||
|
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
|
||||||
|
# crd/kustomization.yaml
|
||||||
|
#- manager_webhook_patch.yaml
|
||||||
|
|
||||||
|
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
|
||||||
|
# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
|
||||||
|
# 'CERTMANAGER' needs to be enabled to use ca injection
|
||||||
|
#- webhookcainjection_patch.yaml
|
||||||
|
|
||||||
|
# the following config is for teaching kustomize how to do var substitution
|
||||||
|
vars:
|
||||||
|
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
|
||||||
|
#- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
|
||||||
|
# objref:
|
||||||
|
# kind: Certificate
|
||||||
|
# group: cert-manager.io
|
||||||
|
# version: v1alpha2
|
||||||
|
# name: serving-cert # this name should match the one in certificate.yaml
|
||||||
|
# fieldref:
|
||||||
|
# fieldpath: metadata.namespace
|
||||||
|
#- name: CERTIFICATE_NAME
|
||||||
|
# objref:
|
||||||
|
# kind: Certificate
|
||||||
|
# group: cert-manager.io
|
||||||
|
# version: v1alpha2
|
||||||
|
# name: serving-cert # this name should match the one in certificate.yaml
|
||||||
|
#- name: SERVICE_NAMESPACE # namespace of the service
|
||||||
|
# objref:
|
||||||
|
# kind: Service
|
||||||
|
# version: v1
|
||||||
|
# name: webhook-service
|
||||||
|
# fieldref:
|
||||||
|
# fieldpath: metadata.namespace
|
||||||
|
#- name: SERVICE_NAME
|
||||||
|
# objref:
|
||||||
|
# kind: Service
|
||||||
|
# version: v1
|
||||||
|
# name: webhook-service
|
||||||
|
|
|
@ -5,15 +5,7 @@ metadata:
|
||||||
upstream:
|
upstream:
|
||||||
type: git
|
type: git
|
||||||
git:
|
git:
|
||||||
commit: 6ad6bb6d8c9b162540b689c9e8b9385e847c922a
|
commit: 0e709c0d27b2052a5198f8d27d39bd25ed122dae
|
||||||
repo: https://opendev.org/airship/vino
|
repo: https://opendev.org/airship/vino
|
||||||
directory: config/manager
|
directory: config/manager
|
||||||
ref: 6ad6bb6d8c9b162540b689c9e8b9385e847c922a
|
ref: 0e709c0d27b2052a5198f8d27d39bd25ed122dae
|
||||||
openAPI:
|
|
||||||
definitions:
|
|
||||||
io.k8s.cli.setters.replicas:
|
|
||||||
x-k8s-cli:
|
|
||||||
setter:
|
|
||||||
isSet: true
|
|
||||||
name: replicas
|
|
||||||
value: "3"
|
|
||||||
|
|
|
@ -0,0 +1,70 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -xe
|
||||||
|
set -o pipefail
|
||||||
|
|
||||||
|
echo "Target directory location = $1"
|
||||||
|
# check if certificates are already present
|
||||||
|
# TBD should validity of existing certs be checked.
|
||||||
|
if [ -f $1/ca-cert.pem ] && [ -f $1/server-cert.pem ] && [ -f $1/server-key.pem ]
|
||||||
|
then
|
||||||
|
echo "ca-cert.pem, server-cert.pem and server-key.pem already present"
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
# create a temp dir
|
||||||
|
TMP=$(mktemp -d)
|
||||||
|
cd ${TMP}
|
||||||
|
# create ca certificate
|
||||||
|
echo ' cn = airshipit.org
|
||||||
|
ca
|
||||||
|
cert_signing_key' > ca-template.info
|
||||||
|
|
||||||
|
(umask 277 && certtool --generate-privkey > ca-key.pem)
|
||||||
|
|
||||||
|
certtool --generate-self-signed \
|
||||||
|
--template ca-template.info \
|
||||||
|
--load-privkey ca-key.pem \
|
||||||
|
--outfile ca-cert.pem
|
||||||
|
|
||||||
|
rm ca-template.info
|
||||||
|
|
||||||
|
echo ' organization = airshipit.org
|
||||||
|
cn = server
|
||||||
|
tls_www_server
|
||||||
|
encryption_key
|
||||||
|
signing_key' > server-template.info
|
||||||
|
|
||||||
|
(umask 277 && certtool --generate-privkey > server-key.pem)
|
||||||
|
|
||||||
|
# create server certificate
|
||||||
|
certtool --generate-certificate \
|
||||||
|
--template server-template.info \
|
||||||
|
--load-privkey server-key.pem \
|
||||||
|
--load-ca-certificate ca-cert.pem \
|
||||||
|
--load-ca-privkey ca-key.pem \
|
||||||
|
--outfile server-cert.pem
|
||||||
|
|
||||||
|
rm server-template.info
|
||||||
|
|
||||||
|
# copy the required certs in the target location
|
||||||
|
echo "Copy the required certs to target location : $1"
|
||||||
|
cp *.pem $1
|
||||||
|
|
||||||
|
#echo ' country = Country
|
||||||
|
# state = State
|
||||||
|
# locality = City
|
||||||
|
# organization = Name of your organization
|
||||||
|
# cn = Client Host Name
|
||||||
|
# tls_www_client
|
||||||
|
# encryption_key
|
||||||
|
# signing_key' > client-template.info
|
||||||
|
|
||||||
|
#(umask 277 && certtool --generate-privkey > client-key.pem)
|
||||||
|
|
||||||
|
#certtool --generate-certificate
|
||||||
|
# --template client-template.info
|
||||||
|
# --load-privkey client-key.pem
|
||||||
|
# --load-ca-certificate ca-cert.pem
|
||||||
|
# --load-ca-privkey ca_key.pem
|
||||||
|
# --outfile client-cert.pem
|
||||||
|
fi
|
||||||
|
exit 0
|
|
@ -15,199 +15,224 @@ spec:
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
hostPID: true
|
hostPID: true
|
||||||
hostIPC: true
|
hostIPC: true
|
||||||
|
initContainers:
|
||||||
|
- name: create-libvirt-vnc-certs
|
||||||
|
image: quay.io/airshipit/gnu-tls:latest-minideb
|
||||||
|
imagePullPolicy: IfNotPresent
|
||||||
|
command: ["/usr/local/bin/create_tls_cert.sh"]
|
||||||
|
args: [ "/etc/pki/libvirt-vnc"]
|
||||||
|
volumeMounts:
|
||||||
|
- name: etc-pki-libvirt-vnc
|
||||||
|
mountPath: "/etc/pki/libvirt-vnc"
|
||||||
|
- name: usr-local-bin
|
||||||
|
mountPath: "/usr/local/bin"
|
||||||
|
|
||||||
containers:
|
containers:
|
||||||
- name: libvirt
|
- name: libvirt
|
||||||
command:
|
command:
|
||||||
- /tmp/libvirt.sh
|
- /tmp/libvirt.sh
|
||||||
image: quay.io/airshipit/libvirt:latest-ubuntu_bionic
|
image: quay.io/airshipit/libvirt:latest-ubuntu_bionic
|
||||||
securityContext:
|
securityContext:
|
||||||
privileged: true
|
privileged: true
|
||||||
runAsUser: 0
|
runAsUser: 0
|
||||||
readOnlyRootFilesystem: false
|
readOnlyRootFilesystem: false
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /lib/modules
|
- mountPath: /lib/modules
|
||||||
name: libmodules
|
name: libmodules
|
||||||
readOnly: true
|
readOnly: true
|
||||||
- name: var-lib-libvirt
|
- name: var-lib-libvirt
|
||||||
mountPath: /var/lib/libvirt
|
mountPath: /var/lib/libvirt
|
||||||
mountPropagation: Bidirectional
|
mountPropagation: Bidirectional
|
||||||
- name: run
|
- name: run
|
||||||
mountPath: /run
|
mountPath: /run
|
||||||
- name: dev
|
- name: dev
|
||||||
mountPath: /dev
|
mountPath: /dev
|
||||||
- name: cgroup
|
- name: cgroup
|
||||||
mountPath: /sys/fs/cgroup
|
mountPath: /sys/fs/cgroup
|
||||||
- name: logs
|
- name: logs
|
||||||
mountPath: /var/log/libvirt
|
mountPath: /var/log/libvirt
|
||||||
- mountPath: /var/lib/libvirt/vino-pool
|
- name: var-lib-vino-pool
|
||||||
name: var-lib-vino-pool
|
mountPath: /var/lib/libvirt/vino-pool
|
||||||
- mountPath: /etc/libvirt/qemu
|
- name: etc-qemu
|
||||||
name: etc-qemu
|
mountPath: /etc/libvirt/qemu
|
||||||
- mountPath: /etc/libvirt/nwfilter
|
- name: etc-nwfilter
|
||||||
name: etc-nwfilter
|
mountPath: /etc/libvirt/nwfilter
|
||||||
- mountPath: /etc/libvirt/hooks
|
- name: etc-hooks
|
||||||
name: etc-hooks
|
mountPath: /etc/libvirt/hooks
|
||||||
- mountPath: /etc/libvirt/storage
|
- name: etc-storage
|
||||||
name: etc-storage
|
mountPath: /etc/libvirt/storage
|
||||||
- mountPath: /var/lib/vino
|
- name: var-lib-vino
|
||||||
name: var-lib-vino
|
mountPath: /var/lib/vino
|
||||||
- name: sushy
|
- name: etc-libvirt
|
||||||
image: quay.io/metal3-io/sushy-tools
|
mountPath: /etc/libvirt
|
||||||
imagePullPolicy: IfNotPresent
|
- name: etc-pki-libvirt-vnc
|
||||||
command: ["/usr/local/bin/sushy-emulator", "-i", "::", "--debug", "--port",
|
mountPath: /etc/pki/libvirt-vnc
|
||||||
"8000"]
|
|
||||||
volumeMounts:
|
- name: sushy
|
||||||
- name: var-run-libvirt
|
image: quay.io/metal3-io/sushy-tools
|
||||||
mountPath: /var/run/libvirt
|
imagePullPolicy: IfNotPresent
|
||||||
- mountPath: /var/lib/libvirt
|
command: ["/usr/local/bin/sushy-emulator", "-i", "::", "--debug", "--port", "8000"]
|
||||||
name: var-lib-libvirt
|
volumeMounts:
|
||||||
livenessProbe:
|
- name: var-run-libvirt
|
||||||
httpGet:
|
mountPath: /var/run/libvirt
|
||||||
host: 127.0.0.1
|
- name: var-lib-libvirt
|
||||||
path: /redfish/v1/Systems
|
mountPath: /var/lib/libvirt
|
||||||
port: 8000
|
readinessProbe:
|
||||||
initialDelaySeconds: 10
|
httpGet:
|
||||||
periodSeconds: 20
|
path: /redfish/v1/Systems
|
||||||
readinessProbe:
|
host: 127.0.0.1
|
||||||
httpGet:
|
port: 8000
|
||||||
host: 127.0.0.1
|
initialDelaySeconds: 5
|
||||||
path: /redfish/v1/Systems
|
periodSeconds: 10
|
||||||
port: 8000
|
livenessProbe:
|
||||||
initialDelaySeconds: 5
|
httpGet:
|
||||||
periodSeconds: 10
|
path: /redfish/v1/Systems
|
||||||
# - name: vino-reverse-proxy
|
host: 127.0.0.1
|
||||||
# image: quay.io/airshipit/vino-reverse-proxy
|
port: 8000
|
||||||
# ports:
|
initialDelaySeconds: 10
|
||||||
# - containerPort: 8000
|
periodSeconds: 20
|
||||||
# hostPort: 8000
|
# - name: vino-reverse-proxy
|
||||||
# readinessProbe:
|
# image: quay.io/airshipit/vino-reverse-proxy
|
||||||
# tcpSocket:
|
# ports:
|
||||||
# port: 8000
|
# - containerPort: 8000
|
||||||
# host: 127.0.0.1
|
# hostPort: 8000
|
||||||
# initialDelaySeconds: 10
|
# readinessProbe:
|
||||||
# periodSeconds: 5
|
# tcpSocket:
|
||||||
# livenessProbe:
|
# port: 8000
|
||||||
# tcpSocket:
|
# host: 127.0.0.1
|
||||||
# port: 8000
|
# initialDelaySeconds: 10
|
||||||
# host: 127.0.0.1
|
# periodSeconds: 5
|
||||||
# initialDelaySeconds: 30
|
# livenessProbe:
|
||||||
# periodSeconds: 30
|
# tcpSocket:
|
||||||
- name: labeler
|
# port: 8000
|
||||||
image: quay.io/airshipit/nodelabeler
|
# host: 127.0.0.1
|
||||||
imagePullPolicy: IfNotPresent
|
# initialDelaySeconds: 30
|
||||||
env:
|
# periodSeconds: 30
|
||||||
- name: NODE
|
- name: labeler
|
||||||
valueFrom:
|
image: quay.io/airshipit/nodelabeler
|
||||||
fieldRef:
|
imagePullPolicy: IfNotPresent
|
||||||
fieldPath: spec.nodeName
|
env:
|
||||||
- image: quay.io/airshipit/vino-builder
|
- name: NODE
|
||||||
imagePullPolicy: IfNotPresent
|
valueFrom:
|
||||||
name: vino-builder
|
fieldRef:
|
||||||
ports:
|
fieldPath: spec.nodeName
|
||||||
- containerPort: 8001
|
- name: vino-builder
|
||||||
hostPort: 8001
|
readinessProbe:
|
||||||
readinessProbe:
|
initialDelaySeconds: 20
|
||||||
exec:
|
periodSeconds: 5
|
||||||
command:
|
exec:
|
||||||
- cat
|
command:
|
||||||
- /tmp/healthy
|
- cat
|
||||||
initialDelaySeconds: 20
|
- /tmp/healthy
|
||||||
periodSeconds: 5
|
securityContext:
|
||||||
securityContext:
|
privileged: true
|
||||||
privileged: true
|
runAsUser: 0
|
||||||
readOnlyRootFilesystem: false
|
readOnlyRootFilesystem: false
|
||||||
runAsUser: 0
|
ports:
|
||||||
volumeMounts:
|
- containerPort: 8001
|
||||||
- mountPath: /var/lib/vino-builder/flavors
|
hostPort: 8001
|
||||||
name: flavors
|
image: quay.io/airshipit/vino-builder
|
||||||
- mountPath: /var/lib/vino-builder/flavor-templates
|
imagePullPolicy: IfNotPresent
|
||||||
name: flavor-templates
|
volumeMounts:
|
||||||
- mountPath: /var/lib/vino-builder/network-templates
|
- name: flavors
|
||||||
name: network-templates
|
mountPath: /var/lib/vino-builder/flavors
|
||||||
- mountPath: /var/lib/vino-builder/storage-templates
|
- name: flavor-templates
|
||||||
name: storage-templates
|
mountPath: /var/lib/vino-builder/flavor-templates
|
||||||
- mountPath: /tmp
|
- name: network-templates
|
||||||
name: pod-tmp
|
mountPath: /var/lib/vino-builder/network-templates
|
||||||
- mountPath: /lib/modules
|
- name: storage-templates
|
||||||
name: libmodules
|
mountPath: /var/lib/vino-builder/storage-templates
|
||||||
readOnly: true
|
- name: pod-tmp
|
||||||
- mountPath: /var/lib/libvirt
|
mountPath: /tmp
|
||||||
name: var-lib-libvirt
|
- mountPath: /lib/modules
|
||||||
- mountPath: /var/run/libvirt
|
name: libmodules
|
||||||
name: var-run-libvirt
|
readOnly: true
|
||||||
- mountPath: /var/lib/libvirt/vino-pool
|
- name: var-lib-libvirt
|
||||||
name: var-lib-vino-pool
|
mountPath: /var/lib/libvirt
|
||||||
- mountPath: /run
|
- name: var-run-libvirt
|
||||||
name: run
|
mountPath: /var/run/libvirt
|
||||||
- mountPath: /dev
|
- name: var-lib-vino-pool
|
||||||
name: dev
|
mountPath: /var/lib/libvirt/vino-pool
|
||||||
- mountPath: /sys/fs/cgroup
|
- name: run
|
||||||
name: cgroup
|
mountPath: /run
|
||||||
- mountPath: /var/log/libvirt
|
- name: dev
|
||||||
name: logs
|
mountPath: /dev
|
||||||
|
- name: cgroup
|
||||||
|
mountPath: /sys/fs/cgroup
|
||||||
|
- name: logs
|
||||||
|
mountPath: /var/log/libvirt
|
||||||
volumes:
|
volumes:
|
||||||
- name: libmodules
|
- name: libmodules
|
||||||
hostPath:
|
hostPath:
|
||||||
path: /lib/modules
|
path: /lib/modules
|
||||||
- name: var-lib-libvirt
|
- name: var-lib-libvirt
|
||||||
hostPath:
|
hostPath:
|
||||||
path: /var/lib/libvirt
|
path: /var/lib/libvirt
|
||||||
- hostPath: {}
|
- name: run
|
||||||
name: var-lib-libvirt-images
|
hostPath:
|
||||||
- name: run
|
path: /run
|
||||||
hostPath:
|
- name: dev
|
||||||
path: /run
|
hostPath:
|
||||||
- name: dev
|
path: /dev
|
||||||
hostPath:
|
- name: logs
|
||||||
path: /dev
|
hostPath:
|
||||||
- name: logs
|
path: /var/log/libvirt
|
||||||
hostPath:
|
- name: cgroup
|
||||||
path: /var/log/libvirt
|
hostPath:
|
||||||
- name: cgroup
|
path: /sys/fs/cgroup
|
||||||
hostPath:
|
- name: var-run-libvirt
|
||||||
path: /sys/fs/cgroup
|
hostPath:
|
||||||
- name: var-run-libvirt
|
path: /var/run/libvirt
|
||||||
hostPath:
|
- name: flavors
|
||||||
path: /var/run/libvirt
|
configMap:
|
||||||
- configMap:
|
name: vino-flavors
|
||||||
defaultMode: 0555
|
defaultMode: 0555
|
||||||
name: vino-flavors
|
- name: flavor-templates
|
||||||
name: flavors
|
configMap:
|
||||||
- configMap:
|
name: vino-flavor-templates
|
||||||
defaultMode: 0555
|
defaultMode: 0555
|
||||||
name: vino-flavor-templates
|
- name: network-templates
|
||||||
name: flavor-templates
|
configMap:
|
||||||
- configMap:
|
name: vino-network-templates
|
||||||
defaultMode: 0555
|
defaultMode: 0555
|
||||||
name: vino-network-templates
|
- name: storage-templates
|
||||||
name: network-templates
|
configMap:
|
||||||
- configMap:
|
name: vino-storage-templates
|
||||||
defaultMode: 0555
|
defaultMode: 0555
|
||||||
name: vino-storage-templates
|
- name: pod-tmp
|
||||||
name: storage-templates
|
emptyDir: {}
|
||||||
- emptyDir: {}
|
- name: var-lib-vino-pool
|
||||||
name: pod-tmp
|
hostPath:
|
||||||
- hostPath:
|
path: /var/lib/vino-pool
|
||||||
path: /var/lib/vino-pool
|
type: DirectoryOrCreate
|
||||||
type: DirectoryOrCreate
|
- name: etc-qemu
|
||||||
name: var-lib-vino-pool
|
hostPath:
|
||||||
- hostPath:
|
path: /etc/vino-qemu
|
||||||
path: /etc/vino-qemu
|
type: DirectoryOrCreate
|
||||||
type: DirectoryOrCreate
|
- name: etc-storage
|
||||||
name: etc-qemu
|
hostPath:
|
||||||
- hostPath:
|
path: /etc/vino-storage
|
||||||
path: /etc/vino-storage
|
type: DirectoryOrCreate
|
||||||
type: DirectoryOrCreate
|
- name: etc-nwfilter
|
||||||
name: etc-storage
|
hostPath:
|
||||||
- hostPath:
|
path: /etc/vino-nwfilter
|
||||||
path: /etc/vino-nwfilter
|
type: DirectoryOrCreate
|
||||||
type: DirectoryOrCreate
|
- name: etc-hooks
|
||||||
name: etc-nwfilter
|
hostPath:
|
||||||
- hostPath:
|
path: /etc/vino-hooks
|
||||||
path: /etc/vino-hooks
|
type: DirectoryOrCreate
|
||||||
type: DirectoryOrCreate
|
- name: var-lib-vino
|
||||||
name: etc-hooks
|
hostPath:
|
||||||
- hostPath:
|
path: /var/lib/vino
|
||||||
path: /var/lib/vino
|
type: DirectoryOrCreate
|
||||||
type: DirectoryOrCreate
|
- name: etc-libvirt
|
||||||
name: var-lib-vino
|
configMap:
|
||||||
|
name: vino-libvirt-qemu-conf
|
||||||
|
defaultMode: 0555
|
||||||
|
- name: etc-pki-libvirt-vnc
|
||||||
|
hostPath:
|
||||||
|
path: /etc/pki/libvirt-vnc
|
||||||
|
- name: usr-local-bin
|
||||||
|
configMap:
|
||||||
|
name: vino-create-libvirt-vnc-cert
|
||||||
|
defaultMode: 0777
|
||||||
|
|
|
@ -1,18 +1,16 @@
|
||||||
flavorTemplates:
|
flavorTemplates:
|
||||||
master:
|
master:
|
||||||
domainTemplate: |
|
domainTemplate: |
|
||||||
{% set nodename = 'master-' + item|string %}
|
{% if domain is defined %}
|
||||||
{% if domains[nodename] is defined %}
|
|
||||||
{% set domain = domains[nodename] %}
|
|
||||||
<domain type="kvm">
|
<domain type="kvm">
|
||||||
<name>{{ nodename }}</name>
|
<name>{{ domain.name }}</name>
|
||||||
<uuid>{{ nodename | hash('md5') }}</uuid>
|
<uuid>{{ domain.name | hash('md5') }}</uuid>
|
||||||
<metadata>
|
<metadata>
|
||||||
<vino:flavor>master</vino:flavor>
|
<vino:flavor>master</vino:flavor>
|
||||||
<vino:creationTime>{{ ansible_date_time.date }}</vino:creationTime>
|
<vino:creationTime>{{ ansible_date_time.date }}</vino:creationTime>
|
||||||
</metadata>
|
</metadata>
|
||||||
<memory unit="GiB">{{ flavors.master.memory }}</memory>
|
<memory unit="GiB">{{ flavors.master.memory }}</memory>
|
||||||
{% if flavors.worker.hugepages is defined and flavors.worker.hugepages == true %}
|
{% if flavors.master.hugepages is defined and flavors.master.hugepages == true %}
|
||||||
<memoryBacking>
|
<memoryBacking>
|
||||||
<hugepages>
|
<hugepages>
|
||||||
<page size='1' unit='GiB' />
|
<page size='1' unit='GiB' />
|
||||||
|
@ -20,14 +18,14 @@ flavorTemplates:
|
||||||
</memoryBacking>
|
</memoryBacking>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
<vcpu placement="static">{{ flavors.master.vcpus }}</vcpu>
|
<vcpu placement="static">{{ flavors.master.vcpus }}</vcpu>
|
||||||
{% if node_core_map[nodename] is defined %}
|
{% if domain.name in node_core_map %}
|
||||||
# function to produce list of cpus, in same numa (controled by bool), state will need to be tracked via file on hypervisor host. gotpl psudo:
|
# function to produce list of cpus, in same numa (controled by bool), state will need to be tracked via file on hypervisor host. gotpl psudo:
|
||||||
<cputune>
|
<cputune>
|
||||||
<shares>8192</shares>
|
<shares>8192</shares>
|
||||||
{% for core in node_core_map[nodename] %}
|
{% for core in node_core_map[domain.name] %}
|
||||||
<vcpupin vcpu="{{ loop.index0 }}" cpuset="{{ core }}"/>
|
<vcpupin vcpu="{{ loop.index0 }}" cpuset="{{ core }}"/>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
<emulatorpin cpuset="{{ node_core_map[nodename]|join(',') }}"/>
|
<emulatorpin cpuset="{{ node_core_map[domain.name]|join(',') }}"/>
|
||||||
</cputune>
|
</cputune>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
<resource>
|
<resource>
|
||||||
|
@ -56,7 +54,7 @@ flavorTemplates:
|
||||||
# for each disk requested
|
# for each disk requested
|
||||||
<disk type='volume' device='disk'>
|
<disk type='volume' device='disk'>
|
||||||
<driver name="qemu" type="qcow2" cache="none" discard="unmap"/>
|
<driver name="qemu" type="qcow2" cache="none" discard="unmap"/>
|
||||||
<source pool='vino-default' volume='{{ nodename }}'/>
|
<source pool='vino-default' volume='{{ domain.name }}'/>
|
||||||
<target dev='vde' bus='virtio'/>
|
<target dev='vde' bus='virtio'/>
|
||||||
</disk>
|
</disk>
|
||||||
|
|
||||||
|
@ -71,26 +69,26 @@ flavorTemplates:
|
||||||
</controller>
|
</controller>
|
||||||
|
|
||||||
# for each interface defined in vino, e.g.
|
# for each interface defined in vino, e.g.
|
||||||
{% for if_name, if_values in domain.interfaces.items() %}
|
{% for interface in domain.interfaces %}
|
||||||
<interface type='bridge'>
|
<interface type='{{ interface.type }}'>
|
||||||
<mac address='{{ if_values.macAddress }}'/>
|
<mac address='{{ interface.macAddress }}'/>
|
||||||
<source bridge='{{ if_name }}'/>
|
<source {{ interface.type }}='{{ interface.network }}'/>
|
||||||
<model type='virtio'/>
|
<model type='virtio'/>
|
||||||
</interface>
|
</interface>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
<serial type='file'>
|
<serial type='file'>
|
||||||
<source path='/var/lib/libvirt/{{ nodename }}-console.log'/>
|
<source path='/var/lib/libvirt/{{ domain.name }}-console.log'/>
|
||||||
</serial>
|
</serial>
|
||||||
<serial type='pty'/>
|
<serial type='pty'/>
|
||||||
|
|
||||||
<console type='file'>
|
<console type='file'>
|
||||||
<source path='/var/lib/libvirt/{{ nodename }}-console.log'/>
|
<source path='/var/lib/libvirt/{{ domain.name }}-console.log'/>
|
||||||
<target type='serial'/>
|
<target type='serial'/>
|
||||||
</console>
|
</console>
|
||||||
|
|
||||||
{% if domain.enable_vnc | default(false) %}
|
{% if domain.enableVNC | default(false) %}
|
||||||
<graphics type='vnc' autoport='yes' listen='0.0.0.0'>
|
<graphics type='vnc' autoport='yes' passwd='{{ domain.vncPassword }}' listen='0.0.0.0'>
|
||||||
<listen type='address' address='0.0.0.0'/>
|
<listen type='address' address='0.0.0.0'/>
|
||||||
</graphics>
|
</graphics>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
@ -107,9 +105,8 @@ flavorTemplates:
|
||||||
</domain>
|
</domain>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
volumeTemplate: |
|
volumeTemplate: |
|
||||||
{% set nodename = 'master-' + item|string %}
|
|
||||||
<volume>
|
<volume>
|
||||||
<name>{{ nodename }}</name>
|
<name>{{ domain.name }}</name>
|
||||||
<allocation>0</allocation>
|
<allocation>0</allocation>
|
||||||
<capacity unit='G'>{{ flavors.master.rootSize }}</capacity>
|
<capacity unit='G'>{{ flavors.master.rootSize }}</capacity>
|
||||||
<target>
|
<target>
|
||||||
|
@ -118,12 +115,10 @@ flavorTemplates:
|
||||||
</volume>
|
</volume>
|
||||||
worker:
|
worker:
|
||||||
domainTemplate: |
|
domainTemplate: |
|
||||||
{% set nodename = 'worker-' + item|string %}
|
{% if domain is defined %}
|
||||||
{% if domains[nodename] is defined %}
|
|
||||||
{% set domain = domains[nodename] %}
|
|
||||||
<domain type="kvm">
|
<domain type="kvm">
|
||||||
<name>{{ nodename }}</name>
|
<name>{{ domain.name }}</name>
|
||||||
<uuid>{{ nodename | hash('md5') }}</uuid>
|
<uuid>{{ domain.name | hash('md5') }}</uuid>
|
||||||
<metadata>
|
<metadata>
|
||||||
<vino:flavor>worker</vino:flavor>
|
<vino:flavor>worker</vino:flavor>
|
||||||
<vino:creationTime>{{ ansible_date_time.date }}</vino:creationTime>
|
<vino:creationTime>{{ ansible_date_time.date }}</vino:creationTime>
|
||||||
|
@ -137,14 +132,14 @@ flavorTemplates:
|
||||||
</memoryBacking>
|
</memoryBacking>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
<vcpu placement="static">{{ flavors.worker.vcpus }}</vcpu>
|
<vcpu placement="static">{{ flavors.worker.vcpus }}</vcpu>
|
||||||
{% if node_core_map[nodename] is defined %}
|
{% if domain.name in node_core_map %}
|
||||||
# function to produce list of cpus, in same numa (controled by bool), state will need to be tracked via file on hypervisor host. gotpl psudo:
|
# function to produce list of cpus, in same numa (controled by bool), state will need to be tracked via file on hypervisor host. gotpl psudo:
|
||||||
<cputune>
|
<cputune>
|
||||||
<shares>8192</shares>
|
<shares>8192</shares>
|
||||||
{% for core in node_core_map[nodename] %}
|
{% for core in node_core_map[domain.name] %}
|
||||||
<vcpupin vcpu="{{ loop.index0 }}" cpuset="{{ core }}"/>
|
<vcpupin vcpu="{{ loop.index0 }}" cpuset="{{ core }}"/>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
<emulatorpin cpuset="{{ node_core_map[nodename]|join(',') }}"/>
|
<emulatorpin cpuset="{{ node_core_map[domain.name]|join(',') }}"/>
|
||||||
</cputune>
|
</cputune>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
<resource>
|
<resource>
|
||||||
|
@ -173,7 +168,7 @@ flavorTemplates:
|
||||||
# for each disk requested
|
# for each disk requested
|
||||||
<disk type='volume' device='disk'>
|
<disk type='volume' device='disk'>
|
||||||
<driver name="qemu" type="qcow2" cache="none" discard="unmap"/>
|
<driver name="qemu" type="qcow2" cache="none" discard="unmap"/>
|
||||||
<source pool='vino-default' volume='{{ nodename }}'/>
|
<source pool='vino-default' volume='{{ domain.name }}'/>
|
||||||
<target dev='vde' bus='virtio'/>
|
<target dev='vde' bus='virtio'/>
|
||||||
</disk>
|
</disk>
|
||||||
|
|
||||||
|
@ -187,25 +182,31 @@ flavorTemplates:
|
||||||
<alias name="ide"/>
|
<alias name="ide"/>
|
||||||
</controller>
|
</controller>
|
||||||
|
|
||||||
{% for if_name, if_values in domain.interfaces.items() %}
|
<interface type='network'>
|
||||||
|
<source network='pxe'/>
|
||||||
|
<model type='virtio'/>
|
||||||
|
</interface>
|
||||||
|
|
||||||
|
# for each interface defined in vino, e.g.
|
||||||
|
{% for interface in domain.interfaces %}
|
||||||
<interface type='bridge'>
|
<interface type='bridge'>
|
||||||
<mac address='{{ if_values.macAddress }}'/>
|
<mac address='{{ interface.macAddress }}'/>
|
||||||
<source bridge='{{ if_name }}'/>
|
<source bridge='{{ interface.network }}'/>
|
||||||
<model type='virtio'/>
|
<model type='virtio'/>
|
||||||
</interface>
|
</interface>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
<serial type='file'>
|
<serial type='file'>
|
||||||
<source path='/var/lib/libvirt/{{ nodename }}-console.log'/>
|
<source path='/var/lib/libvirt/{{ domain.name }}-console.log'/>
|
||||||
</serial>
|
</serial>
|
||||||
<serial type='pty'/>
|
<serial type='pty'/>
|
||||||
|
|
||||||
<console type='file'>
|
<console type='file'>
|
||||||
<source path='/var/lib/libvirt/{{ nodename }}-console.log'/>
|
<source path='/var/lib/libvirt/{{ domain.name }}-console.log'/>
|
||||||
<target type='serial'/>
|
<target type='serial'/>
|
||||||
</console>
|
</console>
|
||||||
|
|
||||||
{% if domain.enable_vnc | default(false) %}
|
{% if domain.enableVNC | default(false) %}
|
||||||
<graphics type='vnc' autoport='yes' listen='0.0.0.0'>
|
<graphics type='vnc' autoport='yes' listen='0.0.0.0'>
|
||||||
<listen type='address' address='0.0.0.0'/>
|
<listen type='address' address='0.0.0.0'/>
|
||||||
</graphics>
|
</graphics>
|
||||||
|
@ -223,9 +224,8 @@ flavorTemplates:
|
||||||
</domain>
|
</domain>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
volumeTemplate: |
|
volumeTemplate: |
|
||||||
{% set nodename = 'worker-' + item|string %}
|
|
||||||
<volume>
|
<volume>
|
||||||
<name>{{ nodename }}</name>
|
<name>{{ domain.name }}</name>
|
||||||
<allocation>0</allocation>
|
<allocation>0</allocation>
|
||||||
<capacity unit='G'>{{ flavors.worker.rootSize }}</capacity>
|
<capacity unit='G'>{{ flavors.worker.rootSize }}</capacity>
|
||||||
<target>
|
<target>
|
||||||
|
|
|
@ -1,34 +0,0 @@
|
||||||
# NOTE: auto-generated. Some fields should NOT be modified.
|
|
||||||
# Date: 2021-03-16 10:05:35 UTC
|
|
||||||
#
|
|
||||||
# Contains the "inventory object" template ConfigMap.
|
|
||||||
# When this object is applied, it is handled specially,
|
|
||||||
# storing the metadata of all the other objects applied.
|
|
||||||
# This object and its stored inventory is subsequently
|
|
||||||
# used to calculate the set of objects to automatically
|
|
||||||
# delete (prune), when an object is omitted from further
|
|
||||||
# applies. When applied, this "inventory object" is also
|
|
||||||
# used to identify the entire set of objects to delete.
|
|
||||||
#
|
|
||||||
# NOTE: The name of this inventory template file
|
|
||||||
# does NOT have any impact on group-related functionality
|
|
||||||
# such as deletion or pruning.
|
|
||||||
#
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
# DANGER: Do not change the inventory object namespace.
|
|
||||||
# Changing the namespace will cause a loss of continuity
|
|
||||||
# with previously applied grouped objects. Set deletion
|
|
||||||
# and pruning functionality will be impaired.
|
|
||||||
namespace: default
|
|
||||||
# NOTE: The name of the inventory object does NOT have
|
|
||||||
# any impact on group-related functionality such as
|
|
||||||
# deletion or pruning.
|
|
||||||
name: inventory-15862452
|
|
||||||
labels:
|
|
||||||
# DANGER: Do not change the value of this label.
|
|
||||||
# Changing this value will cause a loss of continuity
|
|
||||||
# with previously applied grouped objects. Set deletion
|
|
||||||
# and pruning functionality will be impaired.
|
|
||||||
cli-utils.sigs.k8s.io/inventory-id: 6e088520-63c2-4b5d-82ea-4f2cb089920f
|
|
|
@ -1,5 +1,6 @@
|
||||||
resources:
|
resources:
|
||||||
- manager.yaml
|
- manager.yaml
|
||||||
|
|
||||||
configMapGenerator:
|
configMapGenerator:
|
||||||
- name: daemonset-template
|
- name: daemonset-template
|
||||||
options:
|
options:
|
||||||
|
@ -10,19 +11,29 @@ configMapGenerator:
|
||||||
options:
|
options:
|
||||||
disableNameSuffixHash: true
|
disableNameSuffixHash: true
|
||||||
files:
|
files:
|
||||||
- flavors.yaml
|
- flavors.yaml
|
||||||
- name: flavor-templates
|
- name: flavor-templates
|
||||||
options:
|
options:
|
||||||
disableNameSuffixHash: true
|
disableNameSuffixHash: true
|
||||||
files:
|
files:
|
||||||
- flavor-templates.yaml
|
- flavor-templates.yaml
|
||||||
- name: network-templates
|
- name: network-templates
|
||||||
options:
|
options:
|
||||||
disableNameSuffixHash: true
|
disableNameSuffixHash: true
|
||||||
files:
|
files:
|
||||||
- network-templates.yaml
|
- network-templates.yaml
|
||||||
- name: storage-templates
|
- name: storage-templates
|
||||||
options:
|
options:
|
||||||
disableNameSuffixHash: true
|
disableNameSuffixHash: true
|
||||||
files:
|
files:
|
||||||
- storage-templates.yaml
|
- storage-templates.yaml
|
||||||
|
- name: libvirt-qemu-conf
|
||||||
|
options:
|
||||||
|
disableNameSuffixHash: true
|
||||||
|
files:
|
||||||
|
- qemu.conf
|
||||||
|
- name: create-libvirt-vnc-cert
|
||||||
|
options:
|
||||||
|
disableNameSuffixHash: true
|
||||||
|
files:
|
||||||
|
- create_tls_cert.sh
|
||||||
|
|
|
@ -38,8 +38,8 @@ spec:
|
||||||
cpu: 100m
|
cpu: 100m
|
||||||
memory: 20Mi
|
memory: 20Mi
|
||||||
env:
|
env:
|
||||||
- name: RUNTIME_NAMESPACE
|
- name: RUNTIME_NAMESPACE
|
||||||
valueFrom:
|
valueFrom:
|
||||||
fieldRef:
|
fieldRef:
|
||||||
fieldPath: metadata.namespace
|
fieldPath: metadata.namespace
|
||||||
terminationGracePeriodSeconds: 10
|
terminationGracePeriodSeconds: 10
|
||||||
|
|
|
@ -1,17 +1,15 @@
|
||||||
libvirtNetworks:
|
libvirtNetworks:
|
||||||
- name: management
|
management:
|
||||||
libvirtTemplate: |
|
libvirtTemplate: |
|
||||||
<network>
|
<network>
|
||||||
<name>management</name>
|
<name>{{ network.name }}</name>
|
||||||
<forward mode='route'/>
|
<forward mode='route'/>
|
||||||
<bridge name='management' stp='off' delay='0'/>
|
<bridge name='vm-infra-bridge' stp='off' delay='0' {% if network.physicalInterface is defined %} dev='{{ network.physicalInterface }}' {% endif %}/>
|
||||||
<ip address='{{ networks[0].routes[0].gateway }}' netmask='255.255.240.0'>
|
<ip address='{{ ipam.bridge_ip | default(omit) }}' netmask='{{ ipam.bridge_subnet_netmask }}'>
|
||||||
<!-- <tftp root='/srv/tftp'/> -->
|
<!-- <tftp root='/srv/tftp'/> -->
|
||||||
<dhcp>
|
<dhcp>
|
||||||
<range start='{{ networks[0].allocationStart }}' end='{{ networks[0].allocationStop }}'/>
|
<range start='{{ ipam.instance_ips[0] }}' end='{{ ipam.instance_ips[-1] }}'/>
|
||||||
<bootp file=''/>
|
<bootp file='http://{{ pxeBootImageHost | default(ansible_default_ipv4.address) }}:{{ pxeBootImageHostPort | default(80) }}/dualboot.ipxe'/>
|
||||||
</dhcp>
|
</dhcp>
|
||||||
</ip>
|
</ip>
|
||||||
</network>
|
</network>
|
||||||
# - name: mobility-gn
|
|
||||||
# libvirtTemplate:
|
|
||||||
|
|
|
@ -0,0 +1,6 @@
|
||||||
|
stdio_handler = "file"
|
||||||
|
user = "root"
|
||||||
|
group = "root"
|
||||||
|
security_driver = "none"
|
||||||
|
vnc_tls = 1
|
||||||
|
#vnc_tls_x509_verify = 1
|
|
@ -1,14 +1,14 @@
|
||||||
libvirtStorage:
|
libvirtStorage:
|
||||||
- name: vino-default
|
- name: vino-default
|
||||||
libvirtTemplate: |-
|
libvirtTemplate: |
|
||||||
<pool type='dir'>
|
<pool type='dir'>
|
||||||
<name>vino-default</name>
|
<name>vino-default</name>
|
||||||
<target>
|
<target>
|
||||||
<path>/var/lib/libvirt/vino-pool</path>
|
<path>/var/lib/libvirt/vino-pool</path>
|
||||||
<permissions>
|
<permissions>
|
||||||
<mode>0711</mode>
|
<mode>0711</mode>
|
||||||
<owner>0</owner>
|
<owner>0</owner>
|
||||||
<group>0</group>
|
<group>0</group>
|
||||||
</permissions>
|
</permissions>
|
||||||
</target>
|
</target>
|
||||||
</pool>
|
</pool>
|
|
@ -5,7 +5,7 @@ metadata:
|
||||||
upstream:
|
upstream:
|
||||||
type: git
|
type: git
|
||||||
git:
|
git:
|
||||||
commit: 6ad6bb6d8c9b162540b689c9e8b9385e847c922a
|
commit: 0e709c0d27b2052a5198f8d27d39bd25ed122dae
|
||||||
repo: https://opendev.org/airship/vino
|
repo: https://opendev.org/airship/vino
|
||||||
directory: config/rbac
|
directory: config/rbac
|
||||||
ref: 6ad6bb6d8c9b162540b689c9e8b9385e847c922a
|
ref: 0e709c0d27b2052a5198f8d27d39bd25ed122dae
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
|
|
||||||
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
metadata:
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
name: manager-role
|
name: manager-role
|
||||||
rules:
|
rules:
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
|
|
|
@ -1,46 +1,47 @@
|
||||||
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
metadata:
|
metadata:
|
||||||
name: cluster-manager-role
|
name: cluster-manager-role
|
||||||
rules:
|
rules:
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- ""
|
- ""
|
||||||
resources:
|
resources:
|
||||||
- secrets
|
- secrets
|
||||||
verbs:
|
verbs:
|
||||||
- create
|
- create
|
||||||
- get
|
- get
|
||||||
- watch
|
- watch
|
||||||
- list
|
- list
|
||||||
- delete
|
- delete
|
||||||
- update
|
- update
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- airship.airshipit.org
|
- airship.airshipit.org
|
||||||
resources:
|
resources:
|
||||||
- vinoes
|
- vinoes
|
||||||
verbs:
|
verbs:
|
||||||
- create
|
- create
|
||||||
- delete
|
- delete
|
||||||
- get
|
- get
|
||||||
- list
|
- list
|
||||||
- patch
|
- patch
|
||||||
- update
|
- update
|
||||||
- watch
|
- watch
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- airship.airshipit.org
|
- airship.airshipit.org
|
||||||
resources:
|
resources:
|
||||||
- vinoes/status
|
- vinoes/status
|
||||||
verbs:
|
verbs:
|
||||||
- get
|
- get
|
||||||
- patch
|
- patch
|
||||||
- update
|
- update
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- metal3.io
|
- metal3.io
|
||||||
resources:
|
resources:
|
||||||
- baremetalhosts
|
- baremetalhosts
|
||||||
verbs:
|
verbs:
|
||||||
- create
|
- create
|
||||||
- get
|
- get
|
||||||
- list
|
- list
|
||||||
- patch
|
- patch
|
||||||
- update
|
- update
|
Loading…
Reference in New Issue