Integrate calicoctl utility container in airship/treasuremap

Calicoctl utility container will be used to perform
operations team to perform operation on the calicoctl
cluster

Change-Id: I2230c07b17d9605d49cd39042eb4e7288960fb79
This commit is contained in:
KHIYANI, RAHUL (rk0850) 2019-09-09 11:00:14 -05:00 committed by Rahul Khiyani
parent 4f8b9788ce
commit 84ebe69433
9 changed files with 253 additions and 0 deletions

45
doc/source/README.md Normal file
View File

@ -0,0 +1,45 @@
## Prerequisites: Deploy Airship in a Bottle(AIAB)
To get started, run the following in a fresh Ubuntu 16.04 VM (minimum 4vCPU/20GB RAM/32GB disk).
This will deploy Airship and Openstack Helm (OSH).
1. Add the below to /etc/sudoers
```
root ALL=(ALL) NOPASSWD: ALL
ubuntu ALL=(ALL) NOPASSWD: ALL
```
2. Install the latest versions of Git, CA Certs & bundle & Make if necessary
```
set -xe \
sudo apt-get update \
sudo apt-get install --no-install-recommends -y \
ca-certificates \
git \
make \
jq \
nmap \
curl \
uuid-runtime
```
## Deploy Airship in a Bottle(AIAB)
3. Deploy airShip in a Bottle(AIAB) for all utility containers
```
sudo -i \
mkdir -p root/deploy && cd "$_" \
git clone https://opendev.org/airship/treasuremap
If this ps is not merged please checkout this ps https://review.opendev.org/#/c/680482
To deploy airship-in-a-bottle with porthole utility containers included, please change the value of `data.armada.manifests` from `full-site-aiab` to `full-site-utilities` in the deployment-configuration.yaml file.
https://opendev.org/airship/treasuremap/src/branch/master/site/aiab/deployment/deployment-configuration.yaml#L38
cd /root/deploy/treasuremap/tools/deployment/aiab
./airship-in-a-bottle.sh
```

View File

@ -127,6 +127,7 @@ data:
- maas-rack=enabled
- maas-region=enabled
- node-exporter=enabled
- utility=enabled
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping\n# this file will be deleted"

View File

@ -113,4 +113,5 @@ data:
kube-ingress: enabled
beta.kubernetes.io/fluentd-ds-ready: 'true'
node-exporter: enabled
utility: enabled
...

View File

@ -807,6 +807,20 @@ data:
type: string
reference:
type: string
utility:
type: object
properties:
calicoctl-utility:
type: object
properties:
type:
type: string
location:
type: string
subpath:
type: string
reference:
type: string
files:
type: object
properties:
@ -1005,6 +1019,16 @@ data:
type: string
dep_check:
type: string
utility:
type: object
properties:
calicoctl-utility:
type: object
properties:
calicoctl_utility:
type: string
image_repo_sync:
type: string
ceph:
type: object
properties:

View File

@ -0,0 +1,107 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: calicoctl-utility
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.utility.calicoctl-utility
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.utility.calicoctl-utility
dest:
path: .values.images.tags
# Certificates
- src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd
path: .
dest:
path: .values.endpoints.etcd.auth.client.tls.ca
- src:
schema: deckhand/Certificate/v1
name: calico-node
path: .
dest:
path: .values.endpoints.etcd.auth.client.tls.crt
- src:
schema: deckhand/CertificateKey/v1
name: calico-node
path: .
dest:
path: .values.endpoints.etcd.auth.client.tls.key
# IP addresses
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .calico.etcd.service_ip
dest:
path: .values.endpoints.etcd.host_fqdn_override.default
data:
chart_name: calicoctl-utility
release: calicoctl-utility
namespace: utility
protected:
continue_processing: true
wait:
timeout: 600
labels:
release_group: airship-calicoctl-utility
install:
no_hooks: false
upgrade:
no_hooks: false
values:
labels:
utility:
node_selector_key: utility
node_selector_value: enabled
endpoints:
etcd:
hosts:
default: calico-etcd
scheme:
default: https
manifests:
configmap_bin: true
configmap_etc_client: true
deployment_calicoctl_utility: true
job_image_repo_sync: false
secret_certificates: true
dependencies:
- calicoctl-utility-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: calicoctl-utility-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.utility.calicoctl-utility-htk
dest:
path: .source
data:
chart_name: calicoctl-utility-htk
release: calicoctl-utility-htk
namespace: calicoctl-utility-htk
values: {}
dependencies: []
...

View File

@ -0,0 +1,14 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: utilities
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: deploy utility containers
sequenced: false
chart_group:
- calicoctl-utility

View File

@ -541,6 +541,17 @@ data:
reference: ef58054dff356334cdbfd96f04dc7c149768c76d
subpath: helm-toolkit
type: git
utility:
calicoctl-utility:
location: https://opendev.org/airship/porthole
reference: cb5d6cfba3541b48cdc1a494cd04cc8ac3fd86c8
subpath: calicoctl-utility
type: git
calicoctl-utility-htk:
location: https://opendev.org/openstack/openstack-helm-infra
reference: ef58054dff356334cdbfd96f04dc7c149768c76d
subpath: helm-toolkit
type: git
images:
calico:
calico: {}
@ -648,6 +659,10 @@ data:
airflow_db_sync: quay.io/airshipit/airflow:0cbb5cf9b7ea7e517e034e3ccb105b183ada08d9-ubuntu_xenial
shipyard: quay.io/airshipit/shipyard:0cbb5cf9b7ea7e517e034e3ccb105b183ada08d9-ubuntu_xenial
shipyard_db_sync: quay.io/airshipit/shipyard:0cbb5cf9b7ea7e517e034e3ccb105b183ada08d9-ubuntu_xenial
utility:
calicoctl-utility:
calicoctl_utility: quay.io/airshipit/porthole-calicoctl-utility:8a08f26f4ae409d985c0c123e293a1ac7ccd3a8b-alpine
image_repo_sync: docker.io/docker:18.09.02
packages:
gpgkey: |-
-----BEGIN PGP PUBLIC KEY BLOCK-----

View File

@ -40,4 +40,5 @@ data:
- openstack-control-plane=enabled
- openstack-nova-compute=enabled
- openstack-libvirt=kernel
- utility=enabled
...

View File

@ -0,0 +1,45 @@
---
schema: armada/Manifest/v1
metadata:
schema: metadata/Document/v1
name: full-site-utilities
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: full-site-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
release_prefix: airship
chart_groups:
- podsecuritypolicy
- kubernetes-proxy
- kubernetes-container-networking
- kubernetes-dns
- kubernetes-etcd
- kubernetes-haproxy
- kubernetes-core
- ingress-kube-system
- osh-infra-nfs-provisioner
- ucp-core
- ucp-keystone
- ucp-divingbell
- ucp-armada
- ucp-deckhand
- ucp-drydock
- ucp-promenade
- ucp-shipyard
- openstack-ingress-controller
- openstack-mariadb
- openstack-rabbitmq
- openstack-memcached
- openstack-keystone
- openstack-glance-aiab
- openstack-compute-kit
- openstack-heat-aiab
- openstack-horizon
- utilities
...