From eedeef4958a7b8564a69ab9c88cbe560def8674d Mon Sep 17 00:00:00 2001 From: Kostiantyn Kalynovskyi Date: Wed, 5 Feb 2020 00:16:17 +0000 Subject: [PATCH] Add role to build ephemeral iso image This role uses config files from default directories to generate iso for ephemeral node. Unfortunately docker image to build iso is not yet available in upstream, hence we are currently using private repository of the developer Change-Id: I475fefe38a89466f782ece0a7ceb9952980f98c4 --- .../function/ephemeral/kustomization.yaml | 2 + manifests/function/ephemeral/secret.yaml | 130 ++++++++++++++++++ .../site/test-bootstrap/kustomization.yaml | 2 + .../type/test-bootstrap/kustomization.yaml | 2 + playbooks/airship-airshipctl-test-runner.yaml | 2 + playbooks/vars/test-config.yaml | 1 + .../tasks/main.yml | 28 ++++ zuul.d/jobs.yaml | 1 + 8 files changed, 168 insertions(+) create mode 100644 manifests/function/ephemeral/kustomization.yaml create mode 100644 manifests/function/ephemeral/secret.yaml create mode 100644 manifests/site/test-bootstrap/kustomization.yaml create mode 100644 manifests/type/test-bootstrap/kustomization.yaml create mode 100644 roles/airshipctl-build-ephemeral-iso/tasks/main.yml diff --git a/manifests/function/ephemeral/kustomization.yaml b/manifests/function/ephemeral/kustomization.yaml new file mode 100644 index 000000000..97a9721bd --- /dev/null +++ b/manifests/function/ephemeral/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - secret.yaml diff --git a/manifests/function/ephemeral/secret.yaml b/manifests/function/ephemeral/secret.yaml new file mode 100644 index 000000000..77933923e --- /dev/null +++ b/manifests/function/ephemeral/secret.yaml @@ -0,0 +1,130 @@ +apiVersion: v1 +kind: Secret +metadata: + labels: + airshipit.org/ephemeral: "true" + name: node1-bmc-secret +type: Opaque +stringData: + userdata: | + ssh_pwauth: True + ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4tV63Q3HSSM4V9EInw/pq7dawz8dnAn93Ki8UMLkXIEv+Vby2d+24IddHZig3Tshyn8of5TSLOL0ysOA2Hphh26khBOzG/SGv4cyShj5QU0/Y1ONepyRmkjmi/UmYKBq1xnUSVzqwzz+GUqyMuTAO1hV5xaD80JhKH0YyOghh/N+eYE2m14D5oNDV0l2Hhxix90Lcl7GUQybV3VMsXFJ19KAJYUCQolGn9kWOV3l35FI3vBD4g11OP+1/XHS/4+qBEdK9PNr6kxd0HsYjbqi6JGh9+SB3PvCtzDlIhz9SfmjI7hjOrdJ1vuPcG1gvJSA1x5bcsLJvy91kQx7z6adH root@ubuntu-1 + chpasswd: + list: | + root:deploY!K8s + deployer:deploY!K8s + users: + - default + - name: deployer + gecos: deployer + ssh_pwauth: True + ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4tV63Q3HSSM4V9EInw/pq7dawz8dnAn93Ki8UMLkXIEv+Vby2d+24IddHZig3Tshyn8of5TSLOL0ysOA2Hphh26khBOzG/SGv4cyShj5QU0/Y1ONepyRmkjmi/UmYKBq1xnUSVzqwzz+GUqyMuTAO1hV5xaD80JhKH0YyOghh/N+eYE2m14D5oNDV0l2Hhxix90Lcl7GUQybV3VMsXFJ19KAJYUCQolGn9kWOV3l35FI3vBD4g11OP+1/XHS/4+qBEdK9PNr6kxd0HsYjbqi6JGh9+SB3PvCtzDlIhz9SfmjI7hjOrdJ1vuPcG1gvJSA1x5bcsLJvy91kQx7z6adH root@ubuntu-1 + runcmd: + - curl -L https://github.com/flanksource/konfigadm/releases/download/v0.4.14/konfigadm + -o /usr/local/bin/konfigadm && chmod +x /usr/local/bin/konfigadm + - konfigadm apply --config=/tmp/konfigadm.yml + - kubeadm init --config /tmp/kubeadm.yaml + - kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f https://docs.projectcalico.org/v3.8/manifests/calico.yaml + - mkdir -p /opt/metal3-dev-env/ironic/html/images + write_files: + - content: | + apiVersion: v1 + clusters: + - cluster: + certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNU1USXlOakE0TWpneU5Gb1hEVEk1TVRJeU16QTRNamd5TkZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTFSClM0d3lnajNpU0JBZjlCR0JUS1p5VTFwYmdDaGQ2WTdJektaZWRoakM2K3k1ZEJpWm81ZUx6Z2tEc2gzOC9YQ1MKenFPS2V5cE5RcDN5QVlLdmJKSHg3ODZxSFZZNjg1ZDVYVDNaOHNyVVRzVDR5WmNzZHAzV3lHdDM0eXYzNi9BSQoxK1NlUFErdU5JemN6bzNEdWhXR0ZoQjk3VjZwRitFUTBlVWN5bk05c2hkL3AwWVFzWDR1ZlhxaENENVpzZnZUCnBka3UvTWkyWnVGUldUUUtNeGpqczV3Z2RBWnBsNnN0L2ZkbmZwd1Q5cC9WTjRuaXJnMEsxOURTSFFJTHVrU2MKb013bXNBeDJrZmxITWhPazg5S3FpMEloL2cyczRFYTRvWURZemt0Y2JRZ24wd0lqZ2dmdnVzM3pRbEczN2lwYQo4cVRzS2VmVGdkUjhnZkJDNUZNQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJek9BL00xWmRGUElzd2VoWjFuemJ0VFNURG4KRHMyVnhSV0VnclFFYzNSYmV3a1NkbTlBS3MwVGR0ZHdEbnBEL2tRYkNyS2xEeFF3RWg3NFZNSFZYYkFadDdsVwpCSm90T21xdXgxYThKYklDRTljR0FHRzFvS0g5R29jWERZY0JzOTA3ckxIdStpVzFnL0xVdG5hN1dSampqZnBLCnFGelFmOGdJUHZIM09BZ3B1RVVncUx5QU8ya0VnelZwTjZwQVJxSnZVRks2TUQ0YzFmMnlxWGxwNXhrN2dFSnIKUzQ4WmF6d0RmWUVmV3Jrdld1YWdvZ1M2SktvbjVEZ0Z1ZHhINXM2Snl6R3lPVnZ0eG1TY2FvOHNxaCs3UXkybgoyLzFVcU5ZK0hlN0x4d04rYkhwYkIxNUtIMTU5ZHNuS3BRbjRORG1jSTZrVnJ3MDVJMUg5ZGRBbGF0bz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + server: https://10.23.25.101:6443 + name: kubernetes + contexts: + - context: + cluster: kubernetes + user: kubernetes-admin + name: kubernetes-admin@kubernetes + current-context: kubernetes-admin@kubernetes + kind: Config + preferences: {} + users: + - name: kubernetes-admin + user: + client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRxZ0F3SUJBZ0lJUFRieDJxT3R4MVl3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB4T1RFeU1qWXdPREk0TWpSYUZ3MHlNREV5TWpVd09ESTRNalZhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXZGaGU5Z0JKMzBtaWpiRGoKWnU0SXlCTmd6TUFpQ0Q1RWl2bFkyUTEzVzZsa25qcmYvaXFtR0Z1c0pCUTYwSG1vcnVsMFRNTFByUXNWenU4aApxcndKVWs2OXJKUy9iQjVzbzF1WW5NamRub1F0UnVtajFHU3JPTDNNaUIrN2xkdFZwVVFQQ1hsOENlZXJ3Y2I3Ci82RTh0Y2h4VDFLeGY2c3FCUzZwK1VYSlNEYU5RdkxhY1lPam90anBmQjEzcDZKNzFJWFpTWTF3d0t2Q3VkRWMKQWJHWEpDcTI3ajBncmlRNXl3Y1RJL054NHJ2K3d1QVlzckU2bUlsZUY4OCtUazdRS2lNRlg0UnQxZHQyUFQ0TQpiKzJKR3hnMmdzcGsyN05CQTVJcWE0ZU41M2wxdjVYS2YzZTcxQzhRVWZmclBDSGRxWnRWejRiM1VkN2hDelZiClFCY2Fhd0lEQVFBQm95Y3dKVEFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFGTitFYWxMNlRqWkRpVHBQTm16VnNNem00aU16U2FPOHdkMQpWdWpKYVBFK25wVmR4d1U3WEJrNjArR2N1a1dJSnlmblMrVHc4RXNkbFBGVmEwSVNlSHBsQmxnelVjVlRIMmlwCkZzWVFaN25Iak5FMm5TeWZGVUhvUFhiTmpqUFNUb0g0Zm5NZ0dpWWxGT0N3VTdQM1ZIbWEzMGE1WVZVY3lwOFcKVHJ4emUrZGRGeWxDbUwyQUFCbVU4N3oyR3hkMVFlQ1VYNlAyYjUwMEMrYlJaL0FMdG5Cd3ZrNGdPS1BwM0FGYwpWTkJtTlp1U2lkOXVPcWladUhsSWcrQm1BS1JnaU1uWThDTmVENUxQTU0rditUQjRoSVE4NVpGUmQwZUVFYTJZCit0SkN5a0lDdGxBWWUvaFBwQnZnSWtHNnZnb0Vxb1AvQitDNHg3VnhsVWxCR250eXNBYz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBdkZoZTlnQkozMG1pamJEalp1NEl5Qk5nek1BaUNENUVpdmxZMlExM1c2bGtuanJmCi9pcW1HRnVzSkJRNjBIbW9ydWwwVE1MUHJRc1Z6dThocXJ3SlVrNjlySlMvYkI1c28xdVluTWpkbm9RdFJ1bWoKMUdTck9MM01pQis3bGR0VnBVUVBDWGw4Q2VlcndjYjcvNkU4dGNoeFQxS3hmNnNxQlM2cCtVWEpTRGFOUXZMYQpjWU9qb3RqcGZCMTNwNko3MUlYWlNZMXd3S3ZDdWRFY0FiR1hKQ3EyN2owZ3JpUTV5d2NUSS9OeDRydit3dUFZCnNyRTZtSWxlRjg4K1RrN1FLaU1GWDRSdDFkdDJQVDRNYisySkd4ZzJnc3BrMjdOQkE1SXFhNGVONTNsMXY1WEsKZjNlNzFDOFFVZmZyUENIZHFadFZ6NGIzVWQ3aEN6VmJRQmNhYXdJREFRQUJBb0lCQUZLRENIOFBHMDNWN1gvVAplWnd6TmVlcERhUkZtK011bkVxaCtEbUd1NzZOVkVZNWxyMjdvMjVTWXZTZlpEREd5NDV0T2dVUzUzWnd2OG9iCld3MTRPVUUwdThXcW1MM2VDa3Y2cWI0dUJXRVhtTnBUS3ZHMmRJaDBKZkdRclZaMmMydm1pQXZuaTk2dS9zRHkKMHAxbjNyZm9xek5NRC9UVllLQktsQzVmVTFIdHluL0p3VHZDeGF4RDNMT3ZkUzRaSVJUdEJyakdvWFR6QWZTQQo0ZnpvNGdnMDhhVitqWENsM0VibHBsd3pkSk1rUTlJYkJiWFFKdVZid2p0ZEpEQ1VLVEM5RnYvSWtkYmNITnRECndrb3c2L2J0dkExZ2diNjl0UTlMZ0NBS0dYM1NFTnF1WXZsYk1pZnI0WlFNQXlqQ2x5aXdoZ2JaRUhLTW1iU1kKd2pYc2gxa0NnWUVBOW9LaVMxY3ZpNVlFS3FaaWhPME1DZ3FCVnYzNlhLbStNZitwQmk5Q0sxRUMrNjVDUEo3MQphTzZnTlVDWCtHRDRJM2huUm1jbW00STRsY2Rkam5yK1dHMm45azd4NkRlK2FNNjJadEtabHJTYU9xMEVpeFo1Cjd2VS94dDZ5T1BBWnZPNm1zazFYZjRsUlBWMXJKYlVrZ3RuQ2U5emtpOHBVYkE2K3crR0VTMzBDZ1lFQXc1aUUKc1hpY1pMMTRUTkRBNDBEOXl4ckthK1ljZGdFNG9qd0k4ZFFEdk9JbklxWm14WUE1RFhmYURBekVWWUdDQnQ4RgpkQWdyaWdFUDFIQ0RZWXFrWm5kTHB3ZGYybWkvdnBKRk9URHBOelc3RkZHUVV2eTcwSUFBWVc2ZlZvM2NWUWFMCjRCclJHejgvZjgwWktMNGF2REhlVFVVT3AzT1BCUm5VY281blVnY0NnWUVBNnRQUkJSSmVBWXY4RmlFQVV2NTUKN0lyTFlYSjZjSkZtMUx4bWFMVFdST3RjZXlNcWlCTXBWemVTdUlmNi9TcHExMmRZZ25HN0RvTURvbk1VQmFuVwo1NmcyUytZeWZmTzBXS1VxajFMcDZ1M0t5a0NOeG0yMzVGSU8ya1RFNUlhZERpVU4rV2JDQm9WcU5abnJlelZQClBiTnhtSXI1ME0wQ2xSbUswcERmZFFVQ2dZQWJqQWwwTFRacGdiM0ZvOGptdUtxRnhsb241QnF5QyszNysxU1AKS25yMFNTMlYxYlczcngxWjVqMVJZU0x0bi9XK0hmN1lucVh6STc4ay9rdWlteklZTkVqMVZ6YUt2aUh6SndxVQp5V3l2RitRbk1tMlBJb1VaRWszN2F1Y0orNlRDWE0rcVdseUU1OTE3bEZrc3djbG1JK2ZaSGhhNFFyQXIyYjF2Ci9OcFVWUUtCZ0JNcWgwVTVpWXlGbDBvcHlnc1JGNVhhRUszT2UxeW5vc2p3OU5VZ3NQNWhraVpucWZTamhybUsKMGZjQkxJQTZnQ1VNZXovd2lkM2hCTitENUZVOFgzNzJrS2RwOUdJUHJkZ2xqR1E3WUFHMGNzOEJtWnVQZXpLZQo5cGZLK3YzZHpLM2ZnL0YyVjR3S2lzaU9EVmsvWFNhWVBETHNJZkVPeFc3WHI3R0g4eTM4Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== + owner: root:root + path: /etc/kubernetes/admin.conf + permissions: "0640" + - content: | + LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNU1USXlOakE0TWpneU5Gb1hEVEk1TVRJeU16QTRNamd5TkZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTFSClM0d3lnajNpU0JBZjlCR0JUS1p5VTFwYmdDaGQ2WTdJektaZWRoakM2K3k1ZEJpWm81ZUx6Z2tEc2gzOC9YQ1MKenFPS2V5cE5RcDN5QVlLdmJKSHg3ODZxSFZZNjg1ZDVYVDNaOHNyVVRzVDR5WmNzZHAzV3lHdDM0eXYzNi9BSQoxK1NlUFErdU5JemN6bzNEdWhXR0ZoQjk3VjZwRitFUTBlVWN5bk05c2hkL3AwWVFzWDR1ZlhxaENENVpzZnZUCnBka3UvTWkyWnVGUldUUUtNeGpqczV3Z2RBWnBsNnN0L2ZkbmZwd1Q5cC9WTjRuaXJnMEsxOURTSFFJTHVrU2MKb013bXNBeDJrZmxITWhPazg5S3FpMEloL2cyczRFYTRvWURZemt0Y2JRZ24wd0lqZ2dmdnVzM3pRbEczN2lwYQo4cVRzS2VmVGdkUjhnZkJDNUZNQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJek9BL00xWmRGUElzd2VoWjFuemJ0VFNURG4KRHMyVnhSV0VnclFFYzNSYmV3a1NkbTlBS3MwVGR0ZHdEbnBEL2tRYkNyS2xEeFF3RWg3NFZNSFZYYkFadDdsVwpCSm90T21xdXgxYThKYklDRTljR0FHRzFvS0g5R29jWERZY0JzOTA3ckxIdStpVzFnL0xVdG5hN1dSampqZnBLCnFGelFmOGdJUHZIM09BZ3B1RVVncUx5QU8ya0VnelZwTjZwQVJxSnZVRks2TUQ0YzFmMnlxWGxwNXhrN2dFSnIKUzQ4WmF6d0RmWUVmV3Jrdld1YWdvZ1M2SktvbjVEZ0Z1ZHhINXM2Snl6R3lPVnZ0eG1TY2FvOHNxaCs3UXkybgoyLzFVcU5ZK0hlN0x4d04rYkhwYkIxNUtIMTU5ZHNuS3BRbjRORG1jSTZrVnJ3MDVJMUg5ZGRBbGF0bz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + encoding: base64 + owner: root:root + path: /etc/kubernetes/pki/ca.crt + permissions: "0640" + - content: | + LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBelZGTGpES0NQZUpJRUIvMEVZRk1wbkpUV2x1QUtGM3Bqc2pNcGw1MkdNTHI3TGwwCkdKbWpsNHZPQ1FPeUhmejljSkxPbzRwN0trMUNuZklCZ3E5c2tmSHZ6cW9kVmpyemwzbGRQZG55eXRST3hQakoKbHl4Mm5kYklhM2ZqSy9mcjhBalg1SjQ5RDY0MGpOek9qY082RllZV0VIM3RYcWtYNFJEUjVSektjejJ5RjMrbgpSaEN4Zmk1OWVxRUlQbG14KzlPbDJTNzh5TFptNFZGWk5Bb3pHT096bkNCMEJtbVhxeTM5OTJkK25CUDJuOVUzCmllS3VEUXJYME5JZEFndTZSSnlnekNhd0RIYVIrVWN5RTZUejBxcUxRaUgrRGF6Z1JyaWhnTmpPUzF4dENDZlQKQWlPQ0IrKzZ6Zk5DVWJmdUtscnlwT3dwNTlPQjFIeUI4RUxrVXdJREFRQUJBb0lCQVFDU0lPNFlGa3JFS0swSgpiUFNWRU9XeEFXVjV4ZTNzelFwUjZYQmVhSlM5QXQ1UFdaN2JjMTRQbWgxR0pTODhVTGRBeS92dVFiMXZXaFd6CnZHNSt5TVFKQzV5V0JsVmk3Z281SU5QUUZiTEwwVmRPc1pNbzJTaURKajcyM2hqOVRqTEtZRURvSWdkcmhaMDUKTkY1K1gzT3RwZ1ZHTDVvbDZVdHBrRU1UUWU2RkhYampxU0d2VkRhRnFWS25yemtVZitHcks5dXVYckxqWXpMWgo4bHpEbWd0YXhyN1pobnp4eEZMVUwzMXg0MFkwbGdzSkdTNHAwMncxTFdzL2I2bjBQKzk4TkxvUW5nS2lZdmVUCkM5dlVHT0dWWkJqNnBPTEdocWEzeWZ0Q25hbm1IRkFWTWN2WTllWW9ockFFWXlQenJPRURVR2pHUWJOUldwb24KL093RFI2T0JBb0dCQVBYUVlPM0Nhdm9Tckw5UTNZRmcrblRRWjFEYnpGYmZ4WjhYYVhWNUpDWEkyOG9ObG8wVwo0bCtMSnFHOTcxR2YwVElKeEpUcXRNU3NxSHNpdFZPOEthVHIyQ29XZWoybHZWWGhId3FSd3lhSkM1UllPR2VPCmxHY1MvM0xPejZyeE03bnJpakxUdHFKRDNjMUl1RTNwOERwNjFoTUlBYVI4WFlPNDVUNXMvWGd4QW9HQkFOWFQKVTNpNkZPYWh0ZjJQTTJBMHc0Sysyc2xVeW93VXhUQytBQmJrbUV4aGJiT3ViZ2VPbys1aFpNTjIzcGFnWWt1VgpSZ0lnQkE2Yk81RmRKMkhVRm5HcEdCMjVnOXZpd0k1ejhwZ0tsU3pGM21BT1dGWHBsWlJwT0dMbHpBbmpLS1RLCk1TQXRYS2UveU5IUjltUmFWd2hiK21QajVuTjlLcmQ0Rmd1WWx3ZkRBb0dBS1FwM2hIclhYWlZNbmt5a0R2dmcKRlN6T2N5T2ZoRW1zTnhtems5ZDcvNHIvbDBhWmdrajExcm5tNDA1UTdMSGdQWmgvNTlVZ0JVNUdldmlhaWJaNgp4WHhUQlFQbnVPODVJMk9JeVR6NDlqQWZiTThsNjdSVWRya25TVVhhU2xJbkxyMXl2M1cxb25YdVRGMzkxNVJkCmRZWVl3K2lzVFlndUhOWDhBR1kyRTZFQ2dZRUFveDdRTXUxaVBIOXBJc0kzNDFEZFJjVHJpMlBRRVFWWFdWUFoKSlozR1FaNmgzYzFYeXhRYUl5VFJoZndNMnNRSHVMbHI2dnNablRyM09uSGlOVk5pdTlyUHR2MXJoamQ1eGpMVwpBdjh2eGpRODdQS0VtU1hWSXA4U2tQL1ZwRVZUSUVQUExranN3bHdnaTFDdHN1am9ORXhXdkJXRUhONkQwK3NjCmhrUW1FNWtDZ1lFQWx6QzB5clVOSTBQMHdKQUw0S0JoM21oNDZST2V3TzIyb1FhZ0c4c1N5SjVpT0NIT1VaZDcKVnhPbmRZMVdKM2M5ZktXWmVQVXkvZEhCTUtjY2wvZXJmbkk0aHZ2bnhvejNob0Z2SDdnMHJGVU5vYVZzdlhpaQpPY2NCUURVMzNDdW5WVjRmeGNyNS8xV1NwUzZoT2ZIZDJ1NFZjNnpwQ2dTOXQ3VmFzZ1JweGJjPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo= + encoding: base64 + owner: root:root + path: /etc/kubernetes/pki/ca.key + permissions: "0600" + - content: | + kubernetes: + version: 1.15.4 + container_runtime: + type: docker + owner: root:root + path: /tmp/konfigadm.yml + permissions: "0640" + - content: | + --- + apiServer: + certSANs: + - 10.23.25.101 + - 10.23.24.101 + apiVersion: kubeadm.k8s.io/v1beta2 + controllerManager: {} + dns: + type: "" + etcd: {} + kind: ClusterConfiguration + networking: + podSubnet: 192.168.0.0/24 + scheduler: {} + --- + apiVersion: kubeadm.k8s.io/v1beta2 + kind: InitConfiguration + localAPIEndpoint: {} + nodeRegistration: + ignorePreflightErrors: + - NumCPU + - SystemVerification + taints: [] + owner: root:root + path: /tmp/kubeadm.yaml + permissions: "0640" + bootcmd: + - /usr/sbin/mkfs.ext4 /dev/vda + - mkdir /mnt/vda + - mount /dev/vda /mnt/vda + - mkdir -p /opt/metal3-dev-env/ironic/html/images + - mkdir -p /mnt/vda/opt/metal3-dev-env/ironic/html/images + - mount --bind /mnt/vda/opt/metal3-dev-env/ironic/html/images /opt/metal3-dev-env/ironic/html/images + - mkdir -p /var/lib/docker /mnt/vda/var/lib/docker + - mount --bind /mnt/vda/var/lib/docker /var/lib/docker + - mkdir -p /var/lib/docker-engine /mnt/vda/var/lib/docker-engine + - mount --bind /mnt/vda/var/lib/docker-engine /var/lib/docker-engine + netconfig: | + network: + version: 1 + config: + - type: physical + name: ens3 + subnets: + - type: static + address: 10.23.25.101/24 + gateway: 10.23.25.1 + dns_nameservers: + - 8.8.8.8 + - 8.8.4.4 + - type: physical + name: ens4 + subnets: + - type: static + address: 10.23.24.101/24 diff --git a/manifests/site/test-bootstrap/kustomization.yaml b/manifests/site/test-bootstrap/kustomization.yaml new file mode 100644 index 000000000..c4acabaf5 --- /dev/null +++ b/manifests/site/test-bootstrap/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - ../../type/test-bootstrap diff --git a/manifests/type/test-bootstrap/kustomization.yaml b/manifests/type/test-bootstrap/kustomization.yaml new file mode 100644 index 000000000..508581e48 --- /dev/null +++ b/manifests/type/test-bootstrap/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - ../../function/ephemeral diff --git a/playbooks/airship-airshipctl-test-runner.yaml b/playbooks/airship-airshipctl-test-runner.yaml index a0ee9d847..b8dd0ae99 100644 --- a/playbooks/airship-airshipctl-test-runner.yaml +++ b/playbooks/airship-airshipctl-test-runner.yaml @@ -16,8 +16,10 @@ - name: set default roles set_fact: test_roles_default: + - sync-manifests - airshipctl-systemwide-executable - airshipctl-test-configs + - airshipctl-build-ephemeral-iso var_files_default: - local-dev.yaml - airship-ipam.yaml diff --git a/playbooks/vars/test-config.yaml b/playbooks/vars/test-config.yaml index f0378dbe3..da694f7fa 100644 --- a/playbooks/vars/test-config.yaml +++ b/playbooks/vars/test-config.yaml @@ -3,6 +3,7 @@ airship_config_site_name: "test-bootstrap" airship_config_iso_gen_target_path: "{{ serve_dir }}" airship_config_manifest_directory: "{{ remote_work_dir | default(zuul.project.src_dir) }}/manifests/site/{{ airship_config_site_name }}" airship_config_ephemeral_ip: "{{ airship_gate_ipam.nat_network.ephemeral_ip }}" +airship_config_iso_builder_docker_image: "kkalynovskyi/image-builder:latest" airship_config_ca_data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNU1USXlOakE0TWpneU5Gb1hEVEk1TVRJeU16QTRNamd5TkZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTFSClM0d3lnajNpU0JBZjlCR0JUS1p5VTFwYmdDaGQ2WTdJektaZWRoakM2K3k1ZEJpWm81ZUx6Z2tEc2gzOC9YQ1MKenFPS2V5cE5RcDN5QVlLdmJKSHg3ODZxSFZZNjg1ZDVYVDNaOHNyVVRzVDR5WmNzZHAzV3lHdDM0eXYzNi9BSQoxK1NlUFErdU5JemN6bzNEdWhXR0ZoQjk3VjZwRitFUTBlVWN5bk05c2hkL3AwWVFzWDR1ZlhxaENENVpzZnZUCnBka3UvTWkyWnVGUldUUUtNeGpqczV3Z2RBWnBsNnN0L2ZkbmZwd1Q5cC9WTjRuaXJnMEsxOURTSFFJTHVrU2MKb013bXNBeDJrZmxITWhPazg5S3FpMEloL2cyczRFYTRvWURZemt0Y2JRZ24wd0lqZ2dmdnVzM3pRbEczN2lwYQo4cVRzS2VmVGdkUjhnZkJDNUZNQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJek9BL00xWmRGUElzd2VoWjFuemJ0VFNURG4KRHMyVnhSV0VnclFFYzNSYmV3a1NkbTlBS3MwVGR0ZHdEbnBEL2tRYkNyS2xEeFF3RWg3NFZNSFZYYkFadDdsVwpCSm90T21xdXgxYThKYklDRTljR0FHRzFvS0g5R29jWERZY0JzOTA3ckxIdStpVzFnL0xVdG5hN1dSampqZnBLCnFGelFmOGdJUHZIM09BZ3B1RVVncUx5QU8ya0VnelZwTjZwQVJxSnZVRks2TUQ0YzFmMnlxWGxwNXhrN2dFSnIKUzQ4WmF6d0RmWUVmV3Jrdld1YWdvZ1M2SktvbjVEZ0Z1ZHhINXM2Snl6R3lPVnZ0eG1TY2FvOHNxaCs3UXkybgoyLzFVcU5ZK0hlN0x4d04rYkhwYkIxNUtIMTU5ZHNuS3BRbjRORG1jSTZrVnJ3MDVJMUg5ZGRBbGF0bz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= airship_config_client_cert_data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQwRENDQXJnQ0ZFdFBveEZYSjVrVFNWTXQ0OVlqcHBQL3hCYnlNQTBHQ1NxR1NJYjNEUUVCQ3dVQU1CVXgKRXpBUkJnTlZCQU1UQ210MVltVnlibVYwWlhNd0hoY05NakF3TVRJME1Ua3hOVEV3V2hjTk1qa3hNakF5TVRreApOVEV3V2pBME1Sa3dGd1lEVlFRRERCQnJkV0psY201bGRHVnpMV0ZrYldsdU1SY3dGUVlEVlFRS0RBNXplWE4wClpXMDZiV0Z6ZEdWeWN6Q0NBaUl3RFFZSktvWklodmNOQVFFQkJRQURnZ0lQQURDQ0Fnb0NnZ0lCQU1iaFhUUmsKVjZiZXdsUjBhZlpBdTBGYWVsOXRtRThaSFEvaGtaSHhuTjc2bDZUUFltcGJvaDRvRjNGMFFqbzROS1o5NVRuWgo0OWNoV240eFJiZVlPU25EcDBpV0Qzd0pXUlZ5aVFvVUFyYTlNcHVPNkVFU1FpbFVGNXNxc0VXUVdVMjBETStBCkdxK1k0Z2c3eDJ1Q0hTdk1GUmkrNEw5RWlXR2xnRDIvb1hXUm5NWEswNExQajZPb3Vkb2Zid2RmT3J6dTBPVkUKUzR0eGtuS1BCY1BUU3YxMWVaWVhja0JEVjNPbExENEZ3dTB3NTcwcnczNzAraEpYdlZxd3Zjb2RjZjZEL1BXWQowamlnd2ppeUJuZ2dXYW04UVFjd1Nud3o0d05sV3hKOVMyWUJFb1ptdWxVUlFaWVk5ZXRBcEpBdFMzTjlUNlQ2ClovSlJRdEdhZDJmTldTYkxEck5qdU1OTGhBYWRMQnhJUHpBNXZWWk5aalJkdEMwU25pMlFUMTVpSFp4d1RxcjQKakRQQ0pYRXU3KytxcWpQVldUaUZLK3JqcVNhS1pqVWZVaUpHQkJWcm5RZkJENHNtRnNkTjB5cm9tYTZOYzRMNQpKS21RV1NHdmd1aG0zbW5sYjFRaVRZanVyZFJQRFNmdmwrQ0NHbnA1QkkvZ1pwMkF1SHMvNUpKVTJlc1ZvL0xsCkVPdHdSOXdXd3dXcTAvZjhXS3R4bVRrMTUyOUp2dFBGQXQweW1CVjhQbHZlYnVwYmJqeW5pL2xWbTJOYmV6dWUKeCtlMEpNbGtWWnFmYkRSS243SjZZSnJHWW1CUFV0QldoSVkzb1pJVTFEUXI4SUlIbkdmYlZoWlR5ME1IMkFCQQp1dlVQcUtSVk80UGkxRTF4OEE2eWVPeVRDcnB4L0pBazVyR2RBZ01CQUFFd0RRWUpLb1pJaHZjTkFRRUxCUUFECmdnRUJBSWNFM1BxZHZDTVBIMnJzMXJESk9ESHY3QWk4S01PVXZPRi90RjlqR2EvSFBJbkh3RlVFNEltbldQeDYKVUdBMlE1bjFsRDFGQlU0T0M4eElZc3VvS1VQVHk1T0t6SVNMNEZnL0lEcG54STlrTXlmNStMR043aG8rblJmawpCZkpJblVYb0tERW1neHZzSWFGd1h6bGtSTDJzL1lKYUZRRzE1Uis1YzFyckJmd2dJOFA5Tkd6aEM1cXhnSmovCm04K3hPMGhXUmJIYklrQ21NekRib2pCSWhaL00rb3VYR1doei9TakpodXhZTVBnek5MZkFGcy9PMTVaSjd3YXcKZ3ZoSGc3L2E5UzRvUCtEYytPa3VrMkV1MUZjL0E5WHpWMzc5aWhNWW5ub3RQMldWeFZ3b0ZZQUg0NUdQcDZsUApCQmwyNnkxc2JMbjl6aGZYUUJIMVpFN0EwZVE9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K airship_config_client_key_data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS1FJQkFBS0NBZ0VBeHVGZE5HUlhwdDdDVkhScDlrQzdRVnA2WDIyWVR4a2REK0dSa2ZHYzN2cVhwTTlpCmFsdWlIaWdYY1hSQ09qZzBwbjNsT2RuajF5RmFmakZGdDVnNUtjT25TSllQZkFsWkZYS0pDaFFDdHIweW00N28KUVJKQ0tWUVhteXF3UlpCWlRiUU16NEFhcjVqaUNEdkhhNElkSzh3VkdMN2d2MFNKWWFXQVBiK2hkWkdjeGNyVApncytQbzZpNTJoOXZCMTg2dk83UTVVUkxpM0dTY284Rnc5TksvWFY1bGhkeVFFTlhjNlVzUGdYQzdURG52U3ZECmZ2VDZFbGU5V3JDOXloMXgvb1A4OVpqU09LRENPTElHZUNCWnFieEJCekJLZkRQakEyVmJFbjFMWmdFU2htYTYKVlJGQmxoajE2MENra0MxTGMzMVBwUHBuOGxGQzBacDNaODFaSnNzT3MyTzR3MHVFQnAwc0hFZy9NRG05VmsxbQpORjIwTFJLZUxaQlBYbUlkbkhCT3F2aU1NOElsY1M3djc2cXFNOVZaT0lVcjZ1T3BKb3BtTlI5U0lrWUVGV3VkCkI4RVBpeVlXeDAzVEt1aVpybzF6Z3Zra3FaQlpJYStDNkdiZWFlVnZWQ0pOaU82dDFFOE5KKytYNElJYWVua0UKaitCbW5ZQzRlei9ra2xUWjZ4V2o4dVVRNjNCSDNCYkRCYXJUOS94WXEzR1pPVFhuYjBtKzA4VUMzVEtZRlh3KwpXOTV1Nmx0dVBLZUwrVldiWTF0N081N0g1N1FreVdSVm1wOXNORXFmc25wZ21zWmlZRTlTMEZhRWhqZWhraFRVCk5DdndnZ2VjWjl0V0ZsUExRd2ZZQUVDNjlRK29wRlU3ZytMVVRYSHdEcko0N0pNS3VuSDhrQ1Rtc1owQ0F3RUEKQVFLQ0FnQUJ2U1N3ZVpRZW5HSDhsUXY4SURMQzdvU1ZZd0xxNWlCUDdEdjJsN00wYStKNWlXcWwzV2s4ZEVOSQpOYWtDazAwNmkyMCtwVDROdW5mdEZJYzBoTHN6TjBlMkpjRzY1dVlGZnZ2ZHY3RUtZZnNZU3hhU3d4TWJBMlkxCmNCa2NjcGVsUzBhMVpieFYvck16T1RxVUlRNGFQTzJPU3RUeU55b3dWVjhhcXh0QlNPV2pBUlA2VjlBOHNSUDIKNlVGeVFnM2thdjRla3d0S0M5TW85MEVvcGlkSXNnYy9IYk5kQm5tMFJDUnY0bU1DNmVPTXp0NGx0UVNldG0rcwpaRkUwZkM5cjkwRjE4RUVlUjZHTEYxdGhIMzlKTWFFcjYrc3F6TlZXU1VPVGxNN2M5SE55QTJIcnJudnhVUVNOCmF3SkZWSEFOY1hJSjBqcW9icmR6MTdMbGtIRVFGczNLdjRlcDR3REJKMlF0eisxdUFvY1JoV3ZSaWJxWEQ3THgKVmpPdGRyT1h3ZFQxY2ZrKzZRc1RMWUFKR3ptdDdsY1M2QjNnYzJHWmNJWGwyNVlqTUQ1ZVhpa1dEc3hYWmt1UAorb3MzVGhxeGZIS25ITmxtYk9SSVpDMW92Q1NkSTRWZVpzalk0MUs5K0dNaXdXSk1kektpRkp3NlR2blRSUldTCkxod2EzUTlBVmMvTEg0SC9PbU9qWDc0QTNZSWwrRDFVUHd3VzAvMmw4S3BNM0VWZ21XalJMV1ZIRnBNTGJNSlcKZVZKd3dKUmF3bWZLdHZ6bU9KRHlhTXJJblhqTDMvSE1EaWtwU3JhRzFyTnc1SUozOXJZdEFIUUQ1L1VuZlRkSApLNXVjakVucTdPdDMyR1ozcHJvRTU1ZGFBY0hQbktuOGpYZ1ZKTUQyOWh5cEZvL2ZRUUtDQVFFQStBbjRoSDFFCm9GK3FlcWlvYXR3N2cwaVdQUDNCeklxOEZWbWtsRlZBYVF5U28wU2QxWFBybmErR0RFQVd0cHlsVjF5ZkZkR2oKSHc4YXU5NnpUZnRuNWZCRkQxWG1NTkNZeTcrM293V3ArK1NwYUMvMTYzN1dvb3lLRjBjVFNvcWEzZEVuRUtSSwp4TGF2a0lFUTI3OXRBNFVUK0dVK3pTb0NPUFBNNE1JS3poR0FDczZ1anRySzFNcXpwK0JhYldzRlBuN2J1bStVCkRHSFIrNCtab2tBL1Q2N2luYlRxZUwwVzJCNjRMckFURHpZL3Y4NlRGbW1aallEaHRKR1JIWVZUOU9XSXR0RVkKNnZtUDN0a1dOTWt0R2w4bTFiQ0FHQ1JlcGtycUhxWXNMWG5GQ2ZZSFFtOXNpaGgvM3JFVjZ1MUYxZCt0U3JFMgprU1ZVOHhVWDUwbHFNUUtDQVFFQXpVTjZaS0lRNldkT09FR3ZyMExRL1hVczI0bUczN3lGMjhJUDJEcWFBWWVzCnJza2xTdjdlSU9TZWV3MW1CRHVCRkl2bkZvcTVsRlA3cXhWcEIyWjNNSGlDMVNaclZSZjlQTjdCNGFzcmNyMCsKdDB2S0NXWFFIaTVQQXhucXdYb2E2N0Q1bnkwdnlvV0lVUXAyZEZMdkIwQmp0b3MvajJFaHpJZk5WMm1UOW15bgpWQXZOWEdtZnc4SVJCL1diMGkzQ3c0Wityb1l1dTJkRHo2UUwzUFVvN1hLS3ljZzR1UzU1eksvcWZPc09lYm5mCnpsd3ZqbGxNSitmVFFHNzMrQnpINE5IWGs2akZZQzU4eXBrdXd0cmJmYk1pSkZOWThyV1ptL01Nd1VDWlZDQ3kKeUlxQ3FHQVB6b2kyU05zSEtaTlJqN3ZZQ3dQQVd6TzFidjFGcC9hM0xRS0NBUUVBeG0zTGw4cFROVzF6QjgrWApkRzJkV3FpZU1FcmRXRklBcDUvZ1R4NW9lZUdxQ2QxaDJ4cHlldUtwZlhGaitsRVU0Ty9qQU9TRjk5bndqQzFjCkNsMit2Ni9ZdjZ6N2l6L0ZqUEpoNlpRbGFiT0RaeXMvTkZkelEvVGtvRHluRFRJWE5LOFc3blJRc0ZCcDRWT3YKZGUwTlBBeWhiazBvMFo3eXlqY1lSeEpVN0lnSmhCdldmOGcvRGI3ZnZNUjU4eUR6d0F4aW9pS1RNTmlzMFBBUAplMEtrbzQySUU1eGhHNWhDQjBHRUhTMlZBYzFuY0gzRkk5LzFETVAzVEtwTGltOVlQQW5JdG1CTzYrUWNtYTNYCjJ3QzZDV2ZudkhvSDc4aGd3KzRZbjg1V2QwYjhQN3pJRC9qdHZ3aGNlMzMxeDh4cjJ1Nm5ScUxBd1pzNCs0SjcKYmZkSWNRS0NBUUFDL2JlNzNheTNhZnoyenVZN2ZKTEZEcjhQbCtweU9qSU5LTC9JVzlwQXFYUjN1NUNpamlJNApnbnhZdUxKQzM0Y2JBSXJtaGpEOEcxa3dmZ2hneGpwNFoxa290LzJhYU5ZVTIvNGhScmhFWE1PY01pdUloWVpKCjJrem1jNnM3RklkdDVjOU5aWUFyeUZSYk1mYlY3UnQwbEppZllWb1V3Y3FYUzJkUG5jYzlNUW9qTEdUYXN1TlUKRy9EWmw5ZWtjV3hFSXlLWGNuY2QzZnhiK3p6OUJFbUxaRDduZjlacnhHU2IrZmhGeDdzWFJRRWc1YkQvdHdkbwpFWFcvbTU1YmJEZnhhNzFqZG5NaDJxdVEzRGlWT0ZFNGZMTERxcjlDRWlsaDMySFJNeHJJNGcwWTVRUFFaazMwCnFZTldmbktWUllOTHYrWC9DeGZ6ZkVacGpxRkVPRkVsQW9JQkFRQ0t6R2JGdmx6d1BaUmh4czd2VXYxOXlIUXAKQzFmR3gwb0tpRDFSNWZwWVBrT0VRQWVudEFKRHNyYVRsNy9rSDY5V09VbUQ1T3gxbWpyRFB0a1M4WnhXYlJXeApGYjJLK3JxYzRtcGFacGROV09OTkszK3RNZmsrb0FRcWUySU1JV253NUhmbVpjNE1QY0t0bkZQYlJTTkF0aktwCkQ2aG9oL3BXMmdjRFA0cVpNWVZvRW04MVZYZEZDUGhOYitNYnUvU3gyaFB4U0dXYTVGaTczeEtwWWp5M3BISlQKWFoyY2lHN0VNQ3NKZW9HS2FRdmNCY1kvNGlSRGFoV0hWcmlsSVhJQXJQdXdmVUIybzZCZFR0allHeU5sZ2NmeApxWEt4aXBTaEE2VlNienVnR3pkdEdNeEUyekRHVEkxOXFSQy96OUNEREM1ZTJTQUZqbEJUV0QyUHJjcU4KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K \ No newline at end of file diff --git a/roles/airshipctl-build-ephemeral-iso/tasks/main.yml b/roles/airshipctl-build-ephemeral-iso/tasks/main.yml new file mode 100644 index 000000000..005e5b7cf --- /dev/null +++ b/roles/airshipctl-build-ephemeral-iso/tasks/main.yml @@ -0,0 +1,28 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: make sure serve directory exists + file: + dest: "{{ serve_dir }}" + state: directory + mode: "0755" + owner: "{{ ansible_user }}" + become: true + +- name: build ephemeral node iso + command: airshipctl bootstrap isogen + +- name: cleanup temp dir + file: + path: "{{ serve_dir }}" + state: absent + when: airship_cleanup_serve_dir | default(false) diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml index ce515b1c2..ffa59b85f 100644 --- a/zuul.d/jobs.yaml +++ b/zuul.d/jobs.yaml @@ -72,6 +72,7 @@ test_roles: - airshipctl-systemwide-executable - airshipctl-test-configs + - airshipctl-build-ephemeral-iso serve_dir: /srv/iso serve_port: 8099