diff --git a/CHANGELOG.md b/CHANGELOG.md index c9dc21403..2d24b0a13 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,10 @@ Please avoid adding duplicate information across this changelog and JIRA/doc inp ## [NEXT RELEASE] +## [0.8.12] + +- Add IBM ROKS flavor. Note that there are two known issues (ROX-22142, ROX-22143). + ## [0.8.11] - Bump default demo versions to 4.3.4. diff --git a/chart/infra-server/static/flavors.yaml b/chart/infra-server/static/flavors.yaml index 60a563023..5b4c865f2 100644 --- a/chart/infra-server/static/flavors.yaml +++ b/chart/infra-server/static/flavors.yaml @@ -1024,6 +1024,107 @@ - name: cluster-console-password description: The password to login at the openshift console +######################### +# Openshift IBM ROKS # +######################### +- id: ibmroks + name: IBM ROKS + description: IBM ROKS cluster on VPC infrastructure. + availability: stable + workflow: configuration/workflow-openshift-ibmroks.yaml + parameters: + - name: name + description: cluster name + value: example1 + help: | + The name must start with a letter, can contain letters, + numbers, periods (.), and hyphen (-), and must be 35 + characters or fewer. Use a name that is unique across + regions. The cluster name and the region in which the + cluster is deployed form the fully qualified domain name + for the Ingress subdomain. To ensure that the Ingress + subdomain is unique within a region, the cluster name + might be truncated and appended with a random value within + the Ingress domain name. + + + - name: nodes + description: number of nodes + help: ACS may not start if memory < 48gb total + value: "3" + kind: optional + + - name: instance-type + description: node machine type + value: cx2.8x16 + kind: optional + help: | + + ACS fails to start on ROKS instances with fewer + than 8 cores individually or memory less than 48GB combined. + ACS 4.2.2 successfully started on instance types below (minimum node count) + + cx2.8x16 (3) + + bx2.8x32 (2) + + mx2.8x64 (2) + + cx2.16x32 (2) + + bx2.16x64 (2) + + - name: zone + description: IBM Cloud zone to deploy into + value: us-south-1 + kind: optional + help: | + + Example VPC-gen2 regions + + Berlin eu-de-1 + + Dallas us-south-1 + + Tokyo jp-tok-1 + + - name: vpc + description: VPC to deploy into. + value: infra + kind: optional + help: Empty for a new temporary vpc to be created. + + - name: public-gateway + description: Public gateway for vpc external access. + value: infra-gateway + kind: optional + help: Empty for a new temporary gateway to be created. + + - name: subnet + description: Subnet within the vpc. + value: "" + kind: optional + help: Empty for a new temporary subnet to be created. + + - name: openshift-version + description: ROKS Openshift major.minor version + value: "" + kind: optional + help: Keep empty for default stable version. + + artifacts: + - name: kubeconfig + description: Kube config for connecting to this cluster + + - name: admin-key + description: client key for kubeconfig connections + + - name: admin + description: client certificate for kubeconfig connections + + - name: dotenv + description: Environment variables used to access the cluster and consoles + + - name: data + description: An archive that includes kubeconfig and keys to connect to the cluster + + - name: cluster-console-url + description: The URL for the openshift console + tags: [url] + + {{ if ne .Values.environment "production" -}} ################# # URL artifact # diff --git a/chart/infra-server/static/workflow-openshift-ibmroks.yaml b/chart/infra-server/static/workflow-openshift-ibmroks.yaml new file mode 100644 index 000000000..94f058abc --- /dev/null +++ b/chart/infra-server/static/workflow-openshift-ibmroks.yaml @@ -0,0 +1,140 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: roks- +spec: + entrypoint: start + arguments: + parameters: + - name: name + - name: nodes + value: "" + - name: instance-type + value: "" + - name: zone + value: "" + - name: vpc + value: "" + - name: public-gateway + value: "" + - name: subnet + value: "" + - name: openshift-version + value: "" + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 10Mi + + templates: + - name: start + steps: + - - name: create + template: create + + - - name: wait + template: wait + + - - name: destroy + template: destroy + + - name: create + activeDeadlineSeconds: 7200 + container: + image: quay.io/stackrox-io/ci:automation-flavors-ibmroks-0.9.14 + imagePullPolicy: Always + command: + - ./entrypoint.sh + args: + - create + - "{{workflow.parameters.name}}" + env: + - name: IBM_ROKS_API_KEY + valueFrom: + secretKeyRef: + name: ibm-cloud-secrets + key: IBM_ROKS_API_KEY + - name: NODE_COUNT + value: "{{workflow.parameters.nodes}}" + - name: INSTANCE_TYPE + value: "{{workflow.parameters.instance-type}}" + - name: IBM_ZONE + value: "{{workflow.parameters.zone}}" + - name: OPENSHIFT_VERSION + value: "{{workflow.parameters.openshift-version}}" + - name: VPC_ID + value: "{{workflow.parameters.vpc}}" + - name: GATEWAY_ID + value: "{{workflow.parameters.public-gateway}}" + - name: SUBNET_ID + value: "{{workflow.parameters.subnet}}" + - name: CREATION_SOURCE + value: "infra" + - name: SCRATCH + value: "/data" + volumeMounts: + - name: data + mountPath: /data + outputs: + artifacts: + - name: kubeconfig + path: /data/kubeconfig + archive: + none: {} + - name: dotenv + path: /data/dotenv + archive: + none: {} + - name: admin-key + path: /data/admin-key.pem + archive: + none: {} + - name: admin + path: /data/admin.pem + archive: + none: {} + - name: data + path: /data/data.zip + archive: + none: {} + - name: cluster-console-url + path: /data/url + archive: + none: {} + + - name: wait + suspend: {} + + - name: destroy + activeDeadlineSeconds: 3600 + container: + image: quay.io/stackrox-io/ci:automation-flavors-ibmroks-0.9.14 + imagePullPolicy: Always + command: + - ./entrypoint.sh + args: + - destroy + - "{{workflow.parameters.name}}" + env: + - name: IBM_ROKS_API_KEY + valueFrom: + secretKeyRef: + name: ibm-cloud-secrets + key: IBM_ROKS_API_KEY + - name: IBM_ZONE + value: "{{workflow.parameters.zone}}" + - name: VPC_ID + value: "{{workflow.parameters.vpc}}" + - name: GATEWAY_ID + value: "{{workflow.parameters.public-gateway}}" + - name: SUBNET_ID + value: "{{workflow.parameters.subnet}}" + - name: SCRATCH + value: "/data" + volumeMounts: + - name: data + mountPath: /data diff --git a/chart/infra-server/templates/ibm/secrets.yaml b/chart/infra-server/templates/ibm/secrets.yaml new file mode 100644 index 000000000..8c757cc37 --- /dev/null +++ b/chart/infra-server/templates/ibm/secrets.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: ibm-cloud-secrets + namespace: default +data: + IBM_ROKS_API_KEY: |- + {{ .Values.ibmCloudSecrets.ibmRoksApiKey | b64enc }} diff --git a/chart/infra-server/templates/secrets.yaml b/chart/infra-server/templates/secrets.yaml index 79993b62b..9f7538e42 100644 --- a/chart/infra-server/templates/secrets.yaml +++ b/chart/infra-server/templates/secrets.yaml @@ -67,6 +67,9 @@ data: workflow-openshift-rosa-hcp.yaml: |- {{- .Files.Get "static/workflow-openshift-rosa-hcp.yaml" | b64enc | nindent 4 }} + workflow-openshift-ibmroks.yaml: |- + {{- .Files.Get "static/workflow-openshift-ibmroks.yaml" | b64enc | nindent 4 }} + workflow-osd-aws.yaml: |- {{- .Files.Get "static/workflow-osd-aws.yaml" | b64enc | nindent 4 }}