Skip to content

Commit

Permalink
Remove ironic-inspector
Browse files Browse the repository at this point in the history
  • Loading branch information
@mquhuy
mquhuy committed May 14, 2024
1 parent a7b4da2 commit fbc705f
Show file tree
Hide file tree
Showing 24 changed files with 144 additions and 290 deletions.
6 changes: 4 additions & 2 deletions Support/Multitenancy/Multiple-Ironic-conductors/Init-environment-v3.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@ __dir__=$(realpath "$(dirname "$0")")
# This is temporarily required since https://review.opendev.org/c/openstack/sushy-tools/+/875366 has not been merged.
# ./vm-setup.sh
# ./install-tools.sh
./build-sushy-tools-image.sh
./build-sushy-tools-image.sh -f
./dev-setup.sh
./build-api-server-container-image.sh
./build-api-server-container-image.sh -f
./generate_unique_nodes.sh
./start_containers.sh
# ./handle-images.sh
Expand All @@ -29,5 +29,7 @@ yq ".spec.replicas = ${N_APISERVER_PODS}" apiserver-deployments.yaml | kubectl a
# ./start_image_server.sh
# Wait for apiserver pod to exists
sleep 120
kubectl -n capm3-system wait deploy capm3-controller-manager --for=condition=available
kubectl -n capm3-system wait deploy ipam-controller-manager --for=condition=available

./create-clusters.sh
4 changes: 2 additions & 2 deletions Support/Multitenancy/Multiple-Ironic-conductors/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,10 +80,10 @@ Notice that to install `ironic`, we use the `helm` tool that we mentioned earlie
- The `ironic` pod used in `metal3-dev-env`, which consists of several containers, was splited into smaller pods that run separatedly as followed:

- `ironic` pod: consists of `ironic` and `ironic-httpd` containers.
- `ironic-inspector` pod: consists of `dnsmasq` and `ironic-inspector` containers.
- `ironic-common` pod: consists of `dnsmasq` container.
- `mariadb` pod: consists of `mariadb` container.

Each of the pods is deployed as a helm's `deployment`, which means we can scale them as we wish. However, `ironic` only supports scaling of the `ironic` component, while the `ironic-inspector` and db will have to be unique.
Each of the pods is deployed as a helm's `deployment`, which means we can scale them as we wish. However, `ironic` only supports scaling of the `ironic` component, while the `ironic-common` and db will have to be unique.

This chart takes in the `sshKey` value to authenticate the `baremetal` client to connect to ironic, while the `ironicReplicas` value, which is a list of endpoints separated by spaces, determines how many `ironic` pods this deployment will have, and to what endpoints should we contact them. One nice feature from ironic is that we don't need to contact all of these `ironic` instances: since they share the same database, accessing any of them will be enough to query and control all the nodes.

Expand Down
2 changes: 1 addition & 1 deletion Support/Multitenancy/Multiple-Ironic-conductors/SUMMARY.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,5 +40,5 @@ This config means that there will be, in total, 1000 (fake) nodes created, of wh
- The `ironic` pod used in `metal3-dev-env`, which consists of several containers, was splited into smaller pods that run separatedly as followed:

- First pod: consists of `ironic` and `ironic-httpd` containers.
- Second pod: consists of `dnsmasq` and `ironic-inspector` containers.
- Second pod: consists of `dnsmasq` container.
- Third pod: consists of `mariadb` container.
2 changes: 1 addition & 1 deletion Support/Multitenancy/Multiple-Ironic-conductors/apiserver-deployments.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ spec:
app: capim
spec:
containers:
- image: quay.io/metal3-io/api-server
- image: quay.io/metal3-io/api-server:latest
imagePullPolicy: IfNotPresent
name: capim
env:
Expand Down
6 changes: 1 addition & 5 deletions Support/Multitenancy/Multiple-Ironic-conductors/bmo-config/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: baremetal-operator-system
resources:
- https://github.com/metal3-io/baremetal-operator/config/overlays/basic-auth_tls?ref=release-0.5
- https://github.com/metal3-io/baremetal-operator/config/overlays/basic-auth_tls?ref=release-0.6

configMapGenerator:
- name: ironic
Expand Down Expand Up @@ -34,7 +34,3 @@ secretGenerator:
files:
- username=ironic-username
- password=ironic-password
- name: ironic-inspector-credentials
files:
- username=ironic-username
- password=ironic-password
31 changes: 19 additions & 12 deletions Support/Multitenancy/Multiple-Ironic-conductors/build-api-server-container-image.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,30 +5,37 @@ IMAGE_NAME="quay.io/metal3-io/api-server:latest"

if [[ ${1:-""} == "-f" ]]; then
docker rmi "${IMAGE_NAME}"
kubectl delete -f capim-modified.yaml
# kubectl delete -f capim-modified.yaml || true
fi

if [[ $(docker images | grep ${IMAGE_NAME}) != "" ]]; then
# docker push "${IMAGE_NAME}"
minikube image load "${IMAGE_NAME}"
exit 0
fi
CAPI_DIR="/tmp/cluster-api"
if [[ ! -d "${CAPI_DIR}" ]]; then
git clone https://github.com/kubernetes-sigs/cluster-api.git "${CAPI_DIR}"
cd "${CAPI_DIR}" || exit
git checkout 17a5a7466dbd87db086
CAPM3_DIR="/tmp/cluster-api-provider-metal3"
if [[ ! -d "${CAPM3_DIR}" ]]; then
git clone https://github.com/metal3-io/cluster-api-provider-metal3.git "${CAPM3_DIR}"
cd "${CAPM3_DIR}" || exit
gh pr checkout 1610
fi

cd "${CAPI_DIR}" || exit
cd "${CAPM3_DIR}" || exit

INMEMORY_DIR="${CAPI_DIR}/test/infrastructure/inmemory"
FAKEAPI_DIR="${CAPM3_DIR}/hack/fake-apiserver"

cp "${__dir__}/main.go" "${INMEMORY_DIR}/main.go"
# cp "${__dir__}/main.go" "${INMEMORY_DIR}/main.go"

cd "${INMEMORY_DIR}" || exit
cd "${FAKEAPI_DIR}" || exit

docker build --build-arg=builder_image=docker.io/library/golang:1.20.8 --build-arg=goproxy=https://proxy.golang.org,direct --build-arg=ARCH=amd64 --build-arg=ldflags="-X 'sigs.k8s.io/cluster-api/version.buildDate=2023-10-10T11:47:30Z' -X 'sigs.k8s.io/cluster-api/version.gitCommit=8ba3f47b053da8bbf63cf407c930a2ee10bfd754' -X 'sigs.k8s.io/cluster-api/version.gitTreeState=dirty' -X 'sigs.k8s.io/cluster-api/version.gitMajor=1' -X 'sigs.k8s.io/cluster-api/version.gitMinor=0' -X 'sigs.k8s.io/cluster-api/version.gitVersion=v1.0.0-4041-8ba3f47b053da8-dirty' -X 'sigs.k8s.io/cluster-api/version.gitReleaseCommit=e09ed61cc9ba8bd37b0760291c833b4da744a985'" ../../.. -t "${IMAGE_NAME}" --file Dockerfile
# docker build --build-arg=builder_image=docker.io/library/golang:1.20.8 --build-arg=goproxy=https://proxy.golang.org,direct --build-arg=ARCH=amd64 --build-arg=ldflags="-X 'sigs.k8s.io/cluster-api/version.buildDate=2023-10-10T11:47:30Z' -X 'sigs.k8s.io/cluster-api/version.gitCommit=8ba3f47b053da8bbf63cf407c930a2ee10bfd754' -X 'sigs.k8s.io/cluster-api/version.gitTreeState=dirty' -X 'sigs.k8s.io/cluster-api/version.gitMajor=1' -X 'sigs.k8s.io/cluster-api/version.gitMinor=0' -X 'sigs.k8s.io/cluster-api/version.gitVersion=v1.0.0-4041-8ba3f47b053da8-dirty' -X 'sigs.k8s.io/cluster-api/version.gitReleaseCommit=e09ed61cc9ba8bd37b0760291c833b4da744a985'" ../../.. -t "${IMAGE_NAME}" --file Dockerfile

docker build . -t "${IMAGE_NAME}"

docker image save -o /tmp/api-server.tar "${IMAGE_NAME}"
minikube image load /tmp/api-server.tar

rm -f /tmp/api-server.tar

# docker push "${IMAGE_NAME}"
minikube image load "${IMAGE_NAME}"
# minikube image load "${IMAGE_NAME}"
13 changes: 7 additions & 6 deletions Support/Multitenancy/Multiple-Ironic-conductors/build-sushy-tools-image.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ fi
#
IMAGE_NAME="127.0.0.1:5000/localimages/sushy-tools"
if [[ ${1:-""} == "-f" ]]; then
rm -rf "${SUSHYTOOLS_DIR}"
docker rmi "${IMAGE_NAME}"
fi

Expand All @@ -21,15 +22,15 @@ SUSHYTOOLS_DIR="/tmp/sushy-tools"
if [[ ! -d "${SUSHYTOOLS_DIR}" ]]; then
git clone https://opendev.org/openstack/sushy-tools.git "$SUSHYTOOLS_DIR"
cd "$SUSHYTOOLS_DIR" || exit
git fetch https://review.opendev.org/openstack/sushy-tools refs/changes/66/875366/39 && git cherry-pick FETCH_HEAD
git fetch https://review.opendev.org/openstack/sushy-tools refs/changes/66/875366/54 && git cherry-pick FETCH_HEAD
fi
cd "$SUSHYTOOLS_DIR" || exit

pip3 install build
python3 -m build

cd dist || exit
WHEEL_FILENAME=$(ls ./*.whl)
WHEEL_FILENAME=$(ls *.whl)
echo "$WHEEL_FILENAME"

cd ..
Expand All @@ -39,16 +40,16 @@ cat <<EOF > "${SUSHYTOOLS_DIR}/Dockerfile"
FROM ubuntu:22.04
# Install necessary packages
RUN apt update -y && \
apt install -y python3 python3-pip python3-venv && \
apt clean all
RUN apt-get update -y && \
apt-get install -y python3 python3-pip python3-venv && \
apt-get clean all
WORKDIR /opt
# RUN python3 setup.py install
# Copy the application code to the container
COPY dist/${WHEEL_FILENAME} .
COPY "dist/${WHEEL_FILENAME}" .
RUN pip3 install ${WHEEL_FILENAME}
Expand Down
17 changes: 0 additions & 17 deletions Support/Multitenancy/Multiple-Ironic-conductors/capim-modified.yaml
View file

This file was deleted.

10 changes: 5 additions & 5 deletions Support/Multitenancy/Multiple-Ironic-conductors/config.sh
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
#!/bin/bash
#
export N_NODES=1000
export N_SUSHY=60
export N_FAKE_IPA=40
export N_IRONICS=50
export N_APISERVER_PODS=5
export N_NODES=10
export N_SUSHY=5
export N_FAKE_IPA=5
export N_IRONICS=3
export N_APISERVER_PODS=2
# export N_NODES=50
# export N_SUSHY=2
# export N_FAKE_IPA=2
Expand Down
31 changes: 17 additions & 14 deletions Support/Multitenancy/Multiple-Ironic-conductors/configure-minikube.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,11 @@ set -eux
# Download ipa image
cat << EOF >"ironic.env"
HTTP_PORT=6180
PROVISIONING_INTERFACE=ironicendpoint
DHCP_RANGE=172.22.0.10,172.22.0.100
DEPLOY_KERNEL_URL=http://172.22.0.2:6180/images/ironic-python-agent.kernel
DEPLOY_RAMDISK_URL=http://172.22.0.2:6180/images/ironic-python-agent.initramfs
IRONIC_ENDPOINT=https://172.22.0.2:6385/v1/
IRONIC_INSPECTOR_ENDPOINT=https://172.22.0.2:5050/v1/
CACHEURL=http://172.22.0.1/images
DHCP_RANGE=192.168.222.100,192.168.222.200
DEPLOY_KERNEL_URL=http://192.168.222.100:6180/images/ironic-python-agent.kernel
DEPLOY_RAMDISK_URL=http://192.168.222.100:6180/images/ironic-python-agent.initramfs
IRONIC_ENDPOINT=https://192.168.222.100:6385/v1/
CACHEURL=http://192.168.222.100/images
IRONIC_FAST_TRACK=true
EOF

Expand Down Expand Up @@ -60,15 +58,20 @@ for NAME in "${IMAGE_NAMES[@]}"; do
minikube image load ${NAME}
done

IMAGE_NAME="quay.io/metal3-io/api-server:latest"
if [[ $(docker images | grep ${IMAGE_NAME}) != "" ]]; then
minikube image load "${IMAGE_NAME}"
fi

# SSH into the Minikube VM and execute the following commands
minikube ssh "sudo brctl addbr ironicendpoint"
minikube ssh "sudo ip link set ironicendpoint up"
minikube ssh "sudo brctl addif ironicendpoint eth1"
# minikube ssh "sudo brctl addbr ironicendpoint"
# minikube ssh "sudo ip link set ironicendpoint up"
# minikube ssh "sudo brctl addif ironicendpoint eth1"

minikube ssh "sudo mkdir -p /shared/html/images"
minikube cp ${IRONIC_DATA_DIR}/html/images/ironic-python-agent.kernel /shared/html/images/
minikube cp ${IRONIC_DATA_DIR}/html/images/ironic-python-agent.initramfs /shared/html/images/
minikube cp ${IRONIC_DATA_DIR}/html/images/ironic-python-agent.headers /shared/html/images/
# minikube ssh "sudo mkdir -p /shared/html/images"
# minikube cp ${IRONIC_DATA_DIR}/html/images/ironic-python-agent.kernel /shared/html/images/
# minikube cp ${IRONIC_DATA_DIR}/html/images/ironic-python-agent.initramfs /shared/html/images/
# minikube cp ${IRONIC_DATA_DIR}/html/images/ironic-python-agent.headers /shared/html/images/

read -ra PROVISIONING_IPS <<< "${IRONIC_ENDPOINTS}"
for PROVISIONING_IP in "${PROVISIONING_IPS[@]}"; do
Expand Down
2 changes: 1 addition & 1 deletion Support/Multitenancy/Multiple-Ironic-conductors/create-clusters.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ create_cluster() {
api_server_idx=$(( $bmh_index % ${N_APISERVER_PODS} ))
api_server_port=$(( 3333 + ${api_server_idx} ))

export IMAGE_URL="http://192.168.222.1:${fake_ipa_port}/images/rhcos-ootpa-latest.qcow2"
export IMAGE_URL="http://192.168.222.200:${fake_ipa_port}/images/rhcos-ootpa-latest.qcow2"
# export IMAGE_URL="http://192.168.111.1:8080/rhcos-ootpa-latest.qcow2"

api_server_name=$(kubectl get pods -l app=capim -o jsonpath="{.items[${api_server_idx}].metadata.name}")
Expand Down
2 changes: 1 addition & 1 deletion Support/Multitenancy/Multiple-Ironic-conductors/create_nodes.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ def create_node(node):
spec:
online: true
bmc:
address: redfish+http://192.168.222.1:{port}/redfish/v1/Systems/{uuid}
address: redfish+http://192.168.222.200:{port}/redfish/v1/Systems/{uuid}
credentialsName: {name}-bmc-secret
bootMACAddress: {random_mac}
bootMode: legacy
Expand Down
30 changes: 21 additions & 9 deletions Support/Multitenancy/Multiple-Ironic-conductors/dev-setup.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ REPO_ROOT=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
cd "${REPO_ROOT}" || exit 1

# Set up minikube
minikube config set memory 10000
minikube config set cpus 20
minikube start --driver=kvm2

virsh -c qemu:///system net-define "${REPO_ROOT}/nets/baremetal.xml"
Expand All @@ -23,26 +25,36 @@ kubectl create namespace baremetal-operator-system

export IRONIC_USERNAME="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 12 | head -n 1)"
export IRONIC_PASSWORD="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 12 | head -n 1)"
export IRONIC_INSPECTOR_USERNAME="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 12 | head -n 1)"
export IRONIC_INSPECTOR_PASSWORD="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 12 | head -n 1)"

BMO_OVERLAY=${REPO_ROOT}/bmo-config
IRONIC_OVERLAY=${REPO_ROOT}/ironic

echo "${IRONIC_USERNAME}" > "${BMO_OVERLAY}/ironic-username"
echo "${IRONIC_PASSWORD}" > "${BMO_OVERLAY}/ironic-password"
echo "${IRONIC_INSPECTOR_USERNAME}" > "${BMO_OVERLAY}/ironic-inspector-username"
echo "${IRONIC_INSPECTOR_PASSWORD}" > "${BMO_OVERLAY}/ironic-inspector-password"

curl -O https://raw.githubusercontent.com/metal3-io/baremetal-operator/main/ironic-deployment/components/basic-auth/ironic-auth-config-tpl
curl -O https://raw.githubusercontent.com/metal3-io/baremetal-operator/main/ironic-deployment/components/basic-auth/ironic-inspector-auth-config-tpl

envsubst < "${REPO_ROOT}/ironic-auth-config-tpl" > \
"${IRONIC_OVERLAY}/ironic-auth-config"
envsubst < "${REPO_ROOT}/ironic-inspector-auth-config-tpl" > \
"${IRONIC_OVERLAY}/ironic-inspector-auth-config"

echo "IRONIC_HTPASSWD=$(htpasswd -n -b -B "${IRONIC_USERNAME}" "${IRONIC_PASSWORD}")" > \
"${IRONIC_OVERLAY}/ironic-htpasswd"
echo "INSPECTOR_HTPASSWD=$(htpasswd -n -b -B "${IRONIC_INSPECTOR_USERNAME}" \
"${IRONIC_INSPECTOR_PASSWORD}")" > "${IRONIC_OVERLAY}/ironic-inspector-htpasswd"

ports=(8000 80 6385 5050 6180 53 5000 69 547 546 68 67 5353 6230)
for i in $(seq 1 "${N_SUSHY:-1}"); do
port=$(( 8000 + i ))
ports+=(${port})
done

for i in $(seq 1 "${N_FAKE_IPA:-1}"); do
port=$(( 9900 + i ))
ports+=(${port})
done

# Firewall rules
for i in "${ports[@]}"; do
sudo firewall-cmd --zone=public --add-port=${i}/tcp
sudo firewall-cmd --zone=public --add-port=${i}/udp
sudo firewall-cmd --zone=libvirt --add-port=${i}/tcp
sudo firewall-cmd --zone=libvirt --add-port=${i}/udp
done
10 changes: 9 additions & 1 deletion Support/Multitenancy/Multiple-Ironic-conductors/handle-images.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,20 +9,28 @@ IMAGE_NAMES=(
"quay.io/metal3-io/ironic-client"
"quay.io/metal3-io/keepalived:v0.2.0"
"quay.io/metal3-io/mariadb:latest"
"quay.io/metal3-io/api-server:latest"
)

REGISTRY_PORT="5000"
# Pull images, tag to local registry, and push to registry
for NAME in "${IMAGE_NAMES[@]}"; do
# Pull and tag the image
docker pull "$NAME"
if [[ $(docker images | grep ${IMAGE_NAME}) == "" ]]; then
docker pull "$NAME"
fi
LOCAL_IMAGE_NAME="127.0.0.1:${REGISTRY_PORT}/localimages/${NAME##*/}"
docker tag "$NAME" "${LOCAL_IMAGE_NAME}"
# Push the image to the local registry
docker push "${LOCAL_IMAGE_NAME}"
minikube image load "${LOCAL_IMAGE_NAME}"
done

api_server_image="quay.io/metal3-io/api-server:latest"
if [[ $(docker images | grep ${IMAGE_NAME}) != "" ]]; then
minikube image load "${IMAGE_NAME}"
fi

__dir__=$(realpath "$(dirname "$0")")
sudo "$__dir__/ironic_tls_setup.sh"

Expand Down
13 changes: 11 additions & 2 deletions Support/Multitenancy/Multiple-Ironic-conductors/install-ironic.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,17 +33,26 @@ fi
namespace="baremetal-operator-system"

docker wait ipa-downloader
minikube ssh "sudo brctl addbr ironicendpoint"
minikube ssh "sudo ip link set ironicendpoint up"
minikube ssh "sudo brctl addif ironicendpoint eth1"
# virsh -c qemu:///system attach-interface --domain minikube --model virtio --source provisioning --type network --config
# virsh -c qemu:///system attach-interface --domain minikube --model virtio --source baremetal --type network --config

minikube ssh "sudo mkdir -p /shared/html/images"
minikube cp ${IRONIC_DATA_DIR}/html/images/ironic-python-agent.kernel /shared/html/images/
minikube cp ${IRONIC_DATA_DIR}/html/images/ironic-python-agent.initramfs /shared/html/images/
minikube cp ${IRONIC_DATA_DIR}/html/images/ironic-python-agent.headers /shared/html/images/

read -ra PROVISIONING_IPS <<< "${IRONIC_ENDPOINTS}"
for PROVISIONING_IP in "${PROVISIONING_IPS[@]}"; do
minikube ssh sudo ip addr add ${PROVISIONING_IP}/24 dev ironicendpoint
done

# Install ironic
helm install ironic ironic --set sshKey="$(cat ~/.ssh/id_rsa.pub)" \
--namespace "${namespace}" \
--set ironicReplicas="{${IRONIC_ENDPOINTS// /\,}}" \
--set secrets.ironicAuthConfig="$(cat ironic/ironic-auth-config)" \
--set secrets.ironicHtpasswd="$(cat ironic/ironic-htpasswd)" \
--set secrets.ironicInspectorAuthConfig="$(cat ironic/ironic-inspector-auth-config)" \
--set secrets.ironicInspectorHtpasswd="$(cat ironic/ironic-inspector-htpasswd)" \
--wait --timeout 20m --create-namespace
16 changes: 0 additions & 16 deletions Support/Multitenancy/Multiple-Ironic-conductors/ironic/templates/certificates.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,22 +34,6 @@ spec:
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: baremetal-operator-ironic-inspector-cert
namespace: {{ .Values.global.namespace }}
spec:
commonName: ironic-inspector-cert
ipAddresses:
{{- range $.Values.ironicReplicas }}
- {{ . }}
{{- end }}
issuerRef:
kind: Issuer
name: baremetal-operator-ca-issuer
secretName: ironic-inspector-cert
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: baremetal-operator-mariadb-cert
namespace: {{ .Values.global.namespace }}
Expand Down
Loading

0 comments on commit fbc705f

Please sign in to comment.