Add skeleton of airship-core type

This adds a basic airship-core type and test-site definition, which initially
will point back to airshipctl for everything but site-specific configuration.

Gating is added under a dependent changeset:
https://review.opendev.org/#/c/741648

This removes the yaml-lint job / make target, since that chokes on CRs whose
definitions are not present.  YAML validation will be re-enabled by borrowing
the YAML validation from the airshipctl project, which leverages kustomize
and a live kubernetes API server.

Change-Id: I51c469f74be1270325f523343c02d36c2512e739
This commit is contained in:
Matt McEuen 2020-07-10 16:27:02 -05:00
parent 7f8bf5f411
commit e1cd035938
27 changed files with 365 additions and 126 deletions

View File

@ -13,10 +13,10 @@
- project:
check:
jobs:
- treasuremap-lint
- noop
gate:
jobs:
- treasuremap-lint
- noop
post:
jobs:
- treasuremap-upload-git-mirror
@ -27,14 +27,6 @@
nodes:
- name: ubuntu-bionic
label: ubuntu-bionic
- job:
name: treasuremap-lint
description: Lint treasuremap using kubeval
nodeset: treasuremap-single-node
timeout: 900
pre-run:
- tools/gate/playbooks/deploy-kubeval.yaml
run: tools/gate/playbooks/yaml-lint.yaml
- secret:
name: airshipit-github-secret

View File

@ -35,7 +35,3 @@ build_docs:
format:
tox -e fmt
lint:
mkdir -p build
./tools/gate/install-kubeval.sh $(BUILD_DIR)
./tools/gate/run-lint.sh

View File

@ -0,0 +1,20 @@
# This patches the node02 BMH to be suitable for ephemeral purposes
apiVersion: metal3.io/v1alpha1
kind: BareMetalHost
metadata:
annotations:
labels:
airshipit.org/ephemeral-node: "true"
airshipit.org/deploy-k8s: "false"
name: node02
spec:
online: true
bmc:
address: redfish+https://localhost:8443/redfish/v1/Systems/air-ephemeral
status:
provisioning:
# we need this status to make sure, that the host is not going to be
# reprovisioned by the ephemeral baremetal operator.
# when we have more flexible labeling system in place, we will not
# deliver this document to ephemeral cluster
state: externally provisioned

View File

@ -0,0 +1,10 @@
# Site-level, phase-specific lists of hosts to generate
# This is used by the hostgenerator-m3 function to narrow down the site-level
# host-catalogue to just the hosts needed for a particular phase.
apiVersion: airshipit.org/v1alpha1
kind: VariableCatalogue
metadata:
name: host-generation-catalogue
hosts:
m3:
- node02

View File

@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../../../../../../airshipctl/manifests/function/hostgenerator-m3
- ../../../shared/catalogues/
- host-generation.yaml
transformers:
- ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/replacements

View File

@ -0,0 +1,10 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../../../type/airship-core/ephemeral/bootstrap
generators:
- hostgenerator
patchesStrategicMerge:
- baremetalhost.yaml

View File

@ -0,0 +1,128 @@
apiVersion: v1
data:
password: cjAwdG1l
username: cm9vdA==
kind: Secret
metadata:
labels:
airshipit.org/k8s-role: controlplane-host
name: node01-bmc-secret
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
labels:
airshipit.org/k8s-role: controlplane-host
name: node01-network-data
stringData:
networkData: "links:\n-\n id: oam\n mtu: \"1500\"\n name: enp0s3\n type: phy\n
\ \n ethernet_mac_address: 52:54:00:9b:27:4c\n-\n id: pxe\n mtu: \"1500\"\n
\ name: enp0s4\n type: phy\n \n ethernet_mac_address: 52:54:00:b6:ed:31\nnetworks:\n-\n
\ id: oam-ipv4\n link: oam\n netmask: 255.255.255.0\n routes:\n - gateway:
10.23.25.1\n netmask: 0.0.0.0\n network: 0.0.0.0\n type: ipv4\n \n ip_address:
10.23.25.102\n-\n id: pxe-ipv4\n link: pxe\n netmask: 255.255.255.0\n type:
ipv4\n \n ip_address: 10.23.24.102\nservices:\n - address: 8.8.8.8\n type:
dns\n - address: 8.8.4.4\n type: dns\n \n"
type: Opaque
---
apiVersion: cluster.x-k8s.io/v1alpha3
kind: Cluster
metadata:
name: target-cluster
spec:
clusterNetwork:
pods:
cidrBlocks:
- 192.168.0.0/18
serviceDomain: cluster.local
services:
cidrBlocks:
- 10.96.0.0/12
controlPlaneRef:
apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
kind: KubeadmControlPlane
name: cluster-controlplane
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
kind: Metal3Cluster
name: target-cluster
---
apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
kind: KubeadmControlPlane
metadata:
name: cluster-controlplane
spec:
infrastructureTemplate:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
kind: Metal3MachineTemplate
name: cluster-controlplane
kubeadmConfigSpec:
files:
- content: |
kubernetes:
version: 1.17.3
container_runtime:
type: docker
owner: root:root
path: /konfigadm.yml
permissions: "0640"
initConfiguration:
nodeRegistration:
kubeletExtraArgs:
node-labels: metal3.io/uuid={{ ds.meta_data.uuid }}
name: '{{ ds.meta_data.local_hostname }}'
joinConfiguration:
controlPlane: {}
nodeRegistration:
kubeletExtraArgs:
node-labels: metal3.io/uuid={{ ds.meta_data.uuid }}
name: '{{ ds.meta_data.local_hostname }}'
postKubeadmCommands:
- kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f https://docs.projectcalico.org/v3.9/manifests/calico.yaml
preKubeadmCommands:
- wget -O "/usr/bin/konfigadm" https://github.com/flanksource/konfigadm/releases/download/v0.5.3/konfigadm
&& chmod +x "/usr/bin/konfigadm"
- konfigadm apply --config=/konfigadm.yml
replicas: 1
version: v1.17.0
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
kind: Metal3Cluster
metadata:
name: target-cluster
spec:
controlPlaneEndpoint:
host: 10.23.25.102
port: 6443
noCloudProvider: true
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
kind: Metal3MachineTemplate
metadata:
name: cluster-controlplane
spec:
template:
spec:
hostSelector:
matchLabels:
airshipit.org/k8s-role: controlplane-host
image:
checksum: http://10.23.24.1:8099/target-image.qcow2.md5sum
url: http://10.23.24.1:8099/target-image.qcow2
---
apiVersion: metal3.io/v1alpha1
kind: BareMetalHost
metadata:
labels:
airshipit.org/k8s-role: controlplane-host
name: node01
spec:
bmc:
address: redfish+http://10.23.25.1:8000/redfish/v1/Systems/air-target-1
credentialsName: node01-bmc-secret
bootMACAddress: 52:54:00:b6:ed:31
networkData:
name: node01-network-data
namespace: default
online: false

View File

@ -0,0 +1,11 @@
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
kind: Metal3MachineTemplate
metadata:
name: cluster-controlplane
spec:
template:
spec:
image:
url: http://10.23.24.1:8099/target-image.qcow2
checksum: http://10.23.24.1:8099/target-image.qcow2.md5sum

View File

@ -0,0 +1,10 @@
# Site-level, phase-specific lists of hosts to generate
# This is used by the hostgenerator-m3 function to narrow down the site-level
# host-catalogue to just the hosts needed for a particular phase.
apiVersion: airshipit.org/v1alpha1
kind: VariableCatalogue
metadata:
name: host-generation-catalogue
hosts:
m3:
- node01

View File

@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../../../../../../airshipctl/manifests/function/hostgenerator-m3
- ../../../shared/catalogues/
- host-generation.yaml
transformers:
- ../../../../../../../airshipctl/manifests/function/hostgenerator-m3/replacements

View File

@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../../../type/airship-core/ephemeral/controlplane
# TODO (dukov) It's recocommended to upload BareMetalHost objects separately
# otherwise nodes will hang in 'registering' state for quite a long time
- nodes
patchesStrategicMerge:
- control-machine-template-patch.yaml

View File

@ -0,0 +1,12 @@
# Note: this weird extra layer between the .. and ../hostgenerator
# is purely to apply the label below to the generated hosts.
# When can come up with a better way to declare (e.g. via catalogue)
# that the host is a controlplane host, we should get rid of this.
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
generators:
- ../hostgenerator
commonLabels:
airshipit.org/k8s-role: controlplane-host

View File

@ -0,0 +1,4 @@
resources:
- ../../../../type/airship-core/ephemeral/initinfra
patchesStrategicMerge:
- patch_bmo_config.yaml

View File

@ -0,0 +1,10 @@
---
kind: ConfigMap
apiVersion: v1
metadata:
labels:
name: ironic-vars
data:
PROVISIONING_IP: "10.23.24.101"
DHCP_RANGE: "10.23.24.200,10.23.24.250"
PROVISIONING_INTERFACE: "enp0s4"

View File

@ -0,0 +1,27 @@
# Site-level host catalogue. This info feeds the Templater
# kustomize plugin config in the hostgenerator-m3 function.
apiVersion: airshipit.org/v1alpha1
kind: VariableCatalogue
metadata:
name: host-catalogue
hosts:
m3:
node01:
macAddress: 52:54:00:b6:ed:31
bmcAddress: redfish+http://10.23.25.1:8000/redfish/v1/Systems/air-target-1
bmcUsername: root
bmcPassword: r00tme
ipAddresses:
oam-ipv4: 10.23.25.102
pxe-ipv4: 10.23.24.102
macAddresses:
oam: 52:54:00:9b:27:4c
pxe: 52:54:00:b6:ed:31
node02:
macAddress: 00:3b:8b:0c:ec:8b
bmcAddress: redfish+http://10.23.25.2:8000/redfish/v1/Systems/air-target-2
bmcUsername: username
bmcPassword: password
ipAddresses:
oam-ipv4: 10.23.25.101
pxe-ipv4: 10.23.24.101

View File

@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../../../type/airship-core/shared/catalogues
- hosts.yaml

View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../../../../../airshipctl/manifests/function/ephemeral

View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../../../../../airshipctl/manifests/function/k8scontrol

View File

@ -0,0 +1,5 @@
resources:
- ../../shared/clusterctl
- ../../../../../../airshipctl/manifests/function/baremetal-operator/
commonLabels:
airshipit.org/stage: initinfra

View File

@ -0,0 +1,39 @@
# Type-level networking catalogue. This info feeds the Templater
# kustomize plugin config in the hostgenerator-m3 function.
apiVersion: airshipit.org/v1alpha1
kind: VariableCatalogue
metadata:
name: common-networking-catalogue
commonNetworking:
links:
- id: oam
name: enp0s3
type: phy
mtu: "1500"
# ethernet_mac_address: <from host-catalogue> (optional)
- id: pxe
name: enp0s4
type: phy
mtu: "1500"
# ethernet_mac_address: <from host-catalogue> (optional)
networks:
- id: oam-ipv4
type: ipv4
link: oam
# ip_address: <from host-catalogue>
netmask: 255.255.255.0
routes:
- network: 0.0.0.0
netmask: 0.0.0.0
gateway: 10.23.25.1
- id: pxe-ipv4
type: ipv4
link: pxe
# ip_address: <from host-catalogue>
netmask: 255.255.255.0
services:
- address: 8.8.8.8
type: dns
- address: 8.8.4.4
type: dns

View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- common-networking.yaml

View File

@ -0,0 +1,31 @@
apiVersion: airshipit.org/v1alpha1
kind: Clusterctl
metadata:
labels:
airshipit.org/deploy-k8s: "false"
name: clusterctl-v1
init-options:
core-provider: "cluster-api:v0.3.3"
bootstrap-providers:
- "kubeadm:v0.3.3"
infrastructure-providers:
- "metal3:v0.3.1"
control-plane-providers:
- "kubeadm:v0.3.3"
providers:
- name: "metal3"
type: "InfrastructureProvider"
versions:
v0.3.1: ../airshipctl/manifests/function/capm3/v0.3.1
- name: "kubeadm"
type: "BootstrapProvider"
versions:
v0.3.3: ../airshipctl/manifests/function/cabpk/v0.3.3
- name: "cluster-api"
type: "CoreProvider"
versions:
v0.3.3: ../airshipctl/manifests/function/capi/v0.3.3
- name: "kubeadm"
type: "ControlPlaneProvider"
versions:
v0.3.3: ../airshipctl/manifests/function/cacpk/v0.3.3

View File

@ -0,0 +1,2 @@
resources:
- clusterctl.yaml

View File

@ -1,30 +0,0 @@
#!/bin/bash
# Copyright 2019 AT&T Intellectual Property. All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -xe
INSTALL_PREFIX=$1
INSTALL_PREFIX=${INSTALL_PREFIX:-'/tmp/kubeval'}
KUBEVAL_URL=https://github.com/instrumenta/kubeval/releases/download
KUBEVAL_VER=${KUBEVAL_VER:-'0.14.0'}
URL="${KUBEVAL_URL}/${KUBEVAL_VER}/kubeval-linux-amd64.tar.gz"
TMP=$(mktemp -d)
pushd $TMP
curl -fL $URL | tar -xz
install -D -t ${INSTALL_PREFIX}/bin kubeval
popd
rm -rf $TMP

View File

@ -1,21 +0,0 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- hosts: all
tasks:
- name: Install KubeVal
shell: |
set -xe
./tools/gate/install-kubeval.sh
args:
chdir: "{{ zuul.project.src_dir }}"
become: yes

View File

@ -1,23 +0,0 @@
# Copyright 2019 AT&T Intellectual Property. All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- hosts: ubuntu-bionic
tasks:
- name: Lint site
shell: |
set -xe
./tools/gate/run-lint.sh
args:
chdir: "{{ zuul.project.src_dir }}"
become: yes

View File

@ -1,38 +0,0 @@
#!/bin/bash
# Copyright 2019 AT&T Intellectual Property. All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -xe
ROOT=$1
KUBEVAL_BIN=${KUBEVAL_BIN:-/tmp/kubeval/bin}
PATH=${KUBEVAL_BIN}:$PATH
EXCLUDE_DIRS=(
'*/\.git/*'
'*/kustomizeconfig/*'
'*/tools/*'
)
EXCLUDE_FILES=(
'.zuul.yaml'
'kustomization.yaml'
)
function join { local d=$1; shift; printf '%s' "${@/#/$d}"; }
FILTER="$(join ' -not -path ' ${EXCLUDE_DIRS[*]})"
FILTER="$FILTER $(join ' -not -name ' ${EXCLUDE_FILES[*]})"
find $ROOT -type f \( -name "*\.yaml" $FILTER \) | xargs -r kubeval