From 84ebe6943319003c81c4aa22cd856a13cf57d833 Mon Sep 17 00:00:00 2001
From: "KHIYANI, RAHUL (rk0850)" <rk0850@att.com>
Date: Mon, 9 Sep 2019 11:00:14 -0500
Subject: [PATCH] Integrate calicoctl utility container in airship/treasuremap

Calicoctl utility container will be used to perform
operations team to perform operation on the calicoctl
cluster

Change-Id: I2230c07b17d9605d49cd39042eb4e7288960fb79
---
 doc/source/README.md                          |  45 ++++++++
 global/profiles/genesis.yaml                  |   1 +
 global/profiles/host/cp.yaml                  |   1 +
 .../schemas/pegleg/SoftwareVersions/v1.yaml   |  24 ++++
 .../charts/utilities/calicoctl-utility.yaml   | 107 ++++++++++++++++++
 .../charts/utilities/chart-group.yaml         |  14 +++
 global/software/config/versions.yaml          |  15 +++
 site/aiab/profiles/genesis.yaml               |   1 +
 site/aiab/software/full-site-utilities.yaml   |  45 ++++++++
 9 files changed, 253 insertions(+)
 create mode 100644 doc/source/README.md
 create mode 100644 global/software/charts/utilities/calicoctl-utility.yaml
 create mode 100644 global/software/charts/utilities/chart-group.yaml
 create mode 100644 site/aiab/software/full-site-utilities.yaml

diff --git a/doc/source/README.md b/doc/source/README.md
new file mode 100644
index 000000000..58a5599db
--- /dev/null
+++ b/doc/source/README.md
@@ -0,0 +1,45 @@
+## Prerequisites: Deploy Airship in a Bottle(AIAB)
+
+To get started, run the following in a fresh Ubuntu 16.04 VM (minimum 4vCPU/20GB RAM/32GB disk).
+This will deploy Airship and Openstack Helm (OSH).
+
+1. Add the below to /etc/sudoers
+
+```
+root    ALL=(ALL) NOPASSWD: ALL
+ubuntu  ALL=(ALL) NOPASSWD: ALL
+```
+
+2. Install the latest versions of Git, CA Certs & bundle & Make if necessary
+
+```
+set -xe \
+sudo apt-get update \
+sudo apt-get install --no-install-recommends -y \
+ca-certificates \
+git \
+make \
+jq \
+nmap \
+curl \
+uuid-runtime
+```
+
+## Deploy Airship in a Bottle(AIAB)
+
+3. Deploy airShip in a Bottle(AIAB) for all utility containers
+
+```
+sudo -i \
+mkdir -p root/deploy && cd "$_" \
+git clone https://opendev.org/airship/treasuremap
+
+If this ps is not merged please checkout this ps https://review.opendev.org/#/c/680482
+
+To deploy airship-in-a-bottle with porthole utility containers included, please change the value of `data.armada.manifests` from `full-site-aiab` to `full-site-utilities` in the deployment-configuration.yaml file.
+
+https://opendev.org/airship/treasuremap/src/branch/master/site/aiab/deployment/deployment-configuration.yaml#L38
+
+cd /root/deploy/treasuremap/tools/deployment/aiab
+./airship-in-a-bottle.sh
+```
diff --git a/global/profiles/genesis.yaml b/global/profiles/genesis.yaml
index 9fa2075cf..712bb3820 100644
--- a/global/profiles/genesis.yaml
+++ b/global/profiles/genesis.yaml
@@ -127,6 +127,7 @@ data:
       - maas-rack=enabled
       - maas-region=enabled
       - node-exporter=enabled
+      - utility=enabled
   files:
     - path: /var/lib/anchor/calico-etcd-bootstrap
       content: "# placeholder for triggering calico etcd bootstrapping\n# this file will be deleted"
diff --git a/global/profiles/host/cp.yaml b/global/profiles/host/cp.yaml
index 82f1b9713..544200547 100644
--- a/global/profiles/host/cp.yaml
+++ b/global/profiles/host/cp.yaml
@@ -113,4 +113,5 @@ data:
       kube-ingress: enabled
       beta.kubernetes.io/fluentd-ds-ready: 'true'
       node-exporter: enabled
+      utility: enabled
 ...
diff --git a/global/schemas/pegleg/SoftwareVersions/v1.yaml b/global/schemas/pegleg/SoftwareVersions/v1.yaml
index 11f3ae07b..7be65ba06 100644
--- a/global/schemas/pegleg/SoftwareVersions/v1.yaml
+++ b/global/schemas/pegleg/SoftwareVersions/v1.yaml
@@ -807,6 +807,20 @@ data:
                   type: string
                 reference:
                   type: string
+        utility:
+          type: object
+          properties:
+            calicoctl-utility:
+              type: object
+              properties:
+                type:
+                  type: string
+                  location:
+                    type: string
+                  subpath:
+                    type: string
+                  reference:
+                    type: string
     files:
       type: object
       properties:
@@ -1005,6 +1019,16 @@ data:
                   type: string
                 dep_check:
                   type: string
+        utility:
+          type: object
+          properties:
+            calicoctl-utility:
+              type: object
+              properties:
+                calicoctl_utility:
+                  type: string
+                image_repo_sync:
+                  type: string
         ceph:
           type: object
           properties:
diff --git a/global/software/charts/utilities/calicoctl-utility.yaml b/global/software/charts/utilities/calicoctl-utility.yaml
new file mode 100644
index 000000000..89163618d
--- /dev/null
+++ b/global/software/charts/utilities/calicoctl-utility.yaml
@@ -0,0 +1,107 @@
+---
+schema: armada/Chart/v1
+metadata:
+  schema: metadata/Document/v1
+  name: calicoctl-utility
+  layeringDefinition:
+    abstract: false
+    layer: global
+  storagePolicy: cleartext
+  substitutions:
+    # Chart source
+    - src:
+        schema: pegleg/SoftwareVersions/v1
+        name: software-versions
+        path: .charts.utility.calicoctl-utility
+      dest:
+        path: .source
+    # Images
+    - src:
+        schema: pegleg/SoftwareVersions/v1
+        name: software-versions
+        path: .images.utility.calicoctl-utility
+      dest:
+        path: .values.images.tags
+    # Certificates
+    - src:
+        schema: deckhand/CertificateAuthority/v1
+        name: calico-etcd
+        path: .
+      dest:
+        path: .values.endpoints.etcd.auth.client.tls.ca
+    - src:
+        schema: deckhand/Certificate/v1
+        name: calico-node
+        path: .
+      dest:
+        path: .values.endpoints.etcd.auth.client.tls.crt
+    - src:
+        schema: deckhand/CertificateKey/v1
+        name: calico-node
+        path: .
+      dest:
+        path: .values.endpoints.etcd.auth.client.tls.key
+    # IP addresses
+    - src:
+        schema: pegleg/CommonAddresses/v1
+        name: common-addresses
+        path: .calico.etcd.service_ip
+      dest:
+        path: .values.endpoints.etcd.host_fqdn_override.default
+data:
+  chart_name: calicoctl-utility
+  release: calicoctl-utility
+  namespace: utility
+  protected:
+    continue_processing: true
+  wait:
+    timeout: 600
+    labels:
+      release_group: airship-calicoctl-utility
+  install:
+   no_hooks: false
+  upgrade:
+   no_hooks: false
+  values:
+    labels:
+      utility:
+        node_selector_key: utility
+        node_selector_value: enabled
+    endpoints:
+      etcd:
+        hosts:
+          default: calico-etcd
+        scheme:
+          default: https
+    manifests:
+      configmap_bin: true
+      configmap_etc_client: true
+      deployment_calicoctl_utility: true
+      job_image_repo_sync: false
+      secret_certificates: true
+  dependencies:
+    - calicoctl-utility-htk
+...
+---
+schema: armada/Chart/v1
+metadata:
+  schema: metadata/Document/v1
+  name: calicoctl-utility-htk
+  layeringDefinition:
+    abstract: false
+    layer: global
+  storagePolicy: cleartext
+  substitutions:
+    - src:
+        schema: pegleg/SoftwareVersions/v1
+        name: software-versions
+        path: .charts.utility.calicoctl-utility-htk
+      dest:
+        path: .source
+data:
+  chart_name: calicoctl-utility-htk
+  release: calicoctl-utility-htk
+  namespace: calicoctl-utility-htk
+  values: {}
+  dependencies: []
+...
diff --git a/global/software/charts/utilities/chart-group.yaml b/global/software/charts/utilities/chart-group.yaml
new file mode 100644
index 000000000..5a212c323
--- /dev/null
+++ b/global/software/charts/utilities/chart-group.yaml
@@ -0,0 +1,14 @@
+---
+schema: armada/ChartGroup/v1
+metadata:
+  schema: metadata/Document/v1
+  name: utilities
+  layeringDefinition:
+    abstract: false
+    layer: global
+  storagePolicy: cleartext
+data:
+  description: deploy utility containers
+  sequenced: false
+  chart_group:
+    - calicoctl-utility
diff --git a/global/software/config/versions.yaml b/global/software/config/versions.yaml
index c66cc5847..9778d9089 100644
--- a/global/software/config/versions.yaml
+++ b/global/software/config/versions.yaml
@@ -541,6 +541,17 @@ data:
         reference: ef58054dff356334cdbfd96f04dc7c149768c76d
         subpath: helm-toolkit
         type: git
+    utility:
+      calicoctl-utility:
+        location: https://opendev.org/airship/porthole
+        reference: cb5d6cfba3541b48cdc1a494cd04cc8ac3fd86c8
+        subpath: calicoctl-utility
+        type: git
+      calicoctl-utility-htk:
+        location: https://opendev.org/openstack/openstack-helm-infra
+        reference: ef58054dff356334cdbfd96f04dc7c149768c76d
+        subpath: helm-toolkit
+        type: git
   images:
     calico:
       calico: {}
@@ -648,6 +659,10 @@ data:
         airflow_db_sync: quay.io/airshipit/airflow:0cbb5cf9b7ea7e517e034e3ccb105b183ada08d9-ubuntu_xenial
         shipyard: quay.io/airshipit/shipyard:0cbb5cf9b7ea7e517e034e3ccb105b183ada08d9-ubuntu_xenial
         shipyard_db_sync: quay.io/airshipit/shipyard:0cbb5cf9b7ea7e517e034e3ccb105b183ada08d9-ubuntu_xenial
+    utility:
+      calicoctl-utility:
+        calicoctl_utility: quay.io/airshipit/porthole-calicoctl-utility:8a08f26f4ae409d985c0c123e293a1ac7ccd3a8b-alpine
+        image_repo_sync: docker.io/docker:18.09.02
   packages:
     gpgkey: |-
       -----BEGIN PGP PUBLIC KEY BLOCK-----
diff --git a/site/aiab/profiles/genesis.yaml b/site/aiab/profiles/genesis.yaml
index 253b48602..ace3cc96b 100644
--- a/site/aiab/profiles/genesis.yaml
+++ b/site/aiab/profiles/genesis.yaml
@@ -40,4 +40,5 @@ data:
       - openstack-control-plane=enabled
       - openstack-nova-compute=enabled
       - openstack-libvirt=kernel
+      - utility=enabled
 ...
diff --git a/site/aiab/software/full-site-utilities.yaml b/site/aiab/software/full-site-utilities.yaml
new file mode 100644
index 000000000..2d3afbce5
--- /dev/null
+++ b/site/aiab/software/full-site-utilities.yaml
@@ -0,0 +1,45 @@
+---
+schema: armada/Manifest/v1
+metadata:
+  schema: metadata/Document/v1
+  name: full-site-utilities
+  layeringDefinition:
+    abstract: false
+    layer: site
+    parentSelector:
+      name: full-site-global
+    actions:
+      - method: merge
+        path: .
+  storagePolicy: cleartext
+data:
+  release_prefix: airship
+  chart_groups:
+    - podsecuritypolicy
+    - kubernetes-proxy
+    - kubernetes-container-networking
+    - kubernetes-dns
+    - kubernetes-etcd
+    - kubernetes-haproxy
+    - kubernetes-core
+    - ingress-kube-system
+    - osh-infra-nfs-provisioner
+    - ucp-core
+    - ucp-keystone
+    - ucp-divingbell
+    - ucp-armada
+    - ucp-deckhand
+    - ucp-drydock
+    - ucp-promenade
+    - ucp-shipyard
+    - openstack-ingress-controller
+    - openstack-mariadb
+    - openstack-rabbitmq
+    - openstack-memcached
+    - openstack-keystone
+    - openstack-glance-aiab
+    - openstack-compute-kit
+    - openstack-heat-aiab
+    - openstack-horizon
+    - utilities
+...