airship/airshipctl
Code Issues Proposed changes
0254fa6a03
airshipctl/manifests/phases/executors.yaml
James Gu 2119c3c2f3 Added phase helper to power off ephemeral baremetal node 
Ephemeral node needs to be powered off to avoid dhcp conflict
after cluster move. Also is used to replace the ephemeral vm destroy
phase in the gate type plan.

Tested in stl2.

Change-Id: I099b226da384011954f81b574e89b742806eac95
2021-08-24 15:42:24 +00:00

566 lines
13 KiB
YAML
Raw Blame History

---
apiVersion: airshipit.org/v1alpha1
kind: KubernetesApply
metadata:
labels:
airshipit.org/deploy-k8s: "false"
name: kubernetes-apply
config:
waitOptions:
timeout: 2600
pruneOptions:
prune: false
---
apiVersion: airshipit.org/v1alpha1
kind: KubernetesApply
metadata:
labels:
airshipit.org/deploy-k8s: "false"
name: kubernetes-apply-controlplane
config:
waitOptions:
timeout: 5000
pruneOptions:
prune: false
---
apiVersion: airshipit.org/v1alpha1
kind: KubernetesApply
metadata:
labels:
airshipit.org/deploy-k8s: "false"
name: kubernetes-apply-networking
config:
waitOptions:
timeout: 1000
pruneOptions:
prune: false
---
# This is added to support phase with no-wait
# When there is a wait, then it does status-check and fails
# if the resource status(condition) is not met.
# There are cases where the resource do not have status
# field implemented. So a wait will fail with status check
apiVersion: airshipit.org/v1alpha1
kind: KubernetesApply
metadata:
labels:
airshipit.org/deploy-k8s: "false"
name: kubernetes-apply-nowait
config:
waitOptions:
timeout: 0
pruneOptions:
prune: false
---
apiVersion: airshipit.org/v1alpha1
kind: Clusterctl
metadata:
name: clusterctl_move
move-options:
namespace: target-infra
action: move
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: encrypter
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
sinkOutputDir: "target/encrypted/results"
image: gcr.io/kpt-fn-contrib/sops:v0.1.0
envVars:
- SOPS_IMPORT_PGP
- SOPS_PGP_FP
config: |
apiVersion: v1
kind: ConfigMap
data:
cmd: encrypt
unencrypted-regex: '^(kind|apiVersion|group|metadata)$'
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: decrypter
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: gcr.io/kpt-fn-contrib/sops:v0.1.0
envVars:
- SOPS_IMPORT_PGP
- SOPS_PGP_FP
config: |
apiVersion: v1
kind: ConfigMap
data:
cmd: decrypt
---
# This executor launchs a bootstrap container, which creates
# an Azure Kubernetes Service (AKS) cluster
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-az-genesis
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: create
configFilename: azure-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capz-bootstrap:latest
volume: /tmp:/kube
saveKubeconfigFileName: capz.kubeconfig
---
# This executor launchs a bootstrap container, which deletes
# an Azure Kubernetes Service (AKS) cluster
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-az-cleanup
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: delete
configFilename: azure-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capz-bootstrap:latest
volume: /tmp:/kube
saveKubeconfigFileName: capz.kubeconfig
---
# This executor launchs a bootstrap container, which creates
# a Google Kubernetes Engine (GKE) cluster
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-gcp-genesis
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: create
configFilename: gcp-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capg-bootstrap:latest
volume: /tmp:/kube
saveKubeconfigFileName: capg.kubeconfig
---
# This executor launchs a bootstrap container, which deletes
# a Google Kubernetes Engine (GKE) cluster
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-gcp-cleanup
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: delete
configFilename: gcp-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capg-bootstrap:latest
volume: /tmp:/kube
saveKubeconfigFileName: capg.kubeconfig
---
# This executor launchs a bootstrap container, which creates
# an ephemeral K8S cluster in Openstack
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-os-genesis
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: create
configFilename: openstack-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capo-ephemeral:latest
volume: /tmp:/kube
saveKubeconfigFileName: capo.kubeconfig
---
# This executor launchs a bootstrap container, which deletes
# ephemeral K8S cluster in Openstack
apiVersion: airshipit.org/v1alpha1
kind: BootConfiguration
metadata:
name: ephemeral-os-cleanup
labels:
airshipit.org/deploy-k8s: "false"
ephemeralCluster:
bootstrapCommand: delete
configFilename: openstack-config.yaml
bootstrapContainer:
containerRuntime: docker
image: quay.io/airshipit/capo-ephemeral:latest
volume: /tmp:/kube
saveKubeconfigFileName: capo.kubeconfig
---
apiVersion: airshipit.org/v1alpha1
kind: BaremetalManager
metadata:
name: RemoteDirectEphemeral
labels:
airshipit.org/deploy-k8s: "false"
spec:
operation: remote-direct
hostSelector:
name: EPHEMERAL_NODE
operationOptions:
remoteDirect:
isoURL: ISO_URL
---
apiVersion: airshipit.org/v1alpha1
kind: BaremetalManager
metadata:
name: PowerOffEphemeral
labels:
airshipit.org/deploy-k8s: "false"
spec:
operation: power-off
hostSelector:
name: EPHEMERAL_NODE
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: iso-cloud-init-data
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/cloud-init
mounts:
- type: bind
src: /srv/images
dst: /config
rw: true
config: |
apiVersion: airshipit.org/v1alpha1
kind: IsoConfiguration
metadata:
name: isogen
builder:
userDataSelector:
kind: Secret
namespace: target-infra
labelSelector: airshipit.org/ephemeral-user-data
userDataKey: userData
networkConfigSelector:
kind: BareMetalHost
labelSelector: airshipit.org/ephemeral-node
networkConfigKey: networkData
outputFileName: ephemeral.iso
container:
volume: /srv/images:/config # for compatibility with image-builder
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: iso-build-image
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: airship
airship:
privileged: true
containerRuntime: docker
cmd:
- /bin/bash
- -c
- /usr/bin/local/entrypoint.sh 1>&2
image: quay.io/airshipit/image-builder:latest-ubuntu_focal
mounts:
- type: bind
src: /srv/images
dst: /config
rw: true
envVars:
- IMAGE_TYPE=iso
- BUILDER_CONFIG=/config/builder-conf.yaml
- USER_DATA_FILE=user-data
- NET_CONFIG_FILE=network-data
- OUTPUT_FILE_NAME=ephemerial.iso
- OUTPUT_METADATA_FILE_NAME=output-metadata.yaml
- http_proxy
- https_proxy
- HTTP_PROXY
- HTTPS_PROXY
- no_proxy
- NO_PROXY
config: |
apiVersion: airshipit.org/v1alpha1
kind: DoesNotMatter
metadata:
name: isogen
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-node
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-wait-node
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-get-node
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-get-node
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-get-pods
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-get-pods
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-tigera
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-wait-tigera
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-deploy
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-wait-deploy
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-pods-ready
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-wait-pods-ready
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-pods-any
labels:
airshipit.org/deploy-k8s: "false"
spec:
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-wait-pods-any
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: document-validation
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/kubeval-validator
envVars:
- VALIDATOR_PREVENT_CLEANUP # Validator won't cleanup its working directory after finish
- VALIDATOR_REWRITE_SCHEMAS # Validator will rewrite schemas for kubeval if they already exist
mounts:
- type: bind
src: ~/.airship
dst: /workdir
rw: true
hostNetwork: true
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-pause-bmh
spec:
image: localhost/toolbox
hostNetwork: true
envVars:
- RESOURCE_GROUP_FILTER=metal3.io
- RESOURCE_VERSION_FILTER=v1alpha1
- RESOURCE_KIND_FILTER=BareMetalHost
configRef:
kind: ConfigMap
name: kubectl-pause-bmh
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-cluster
spec:
image: localhost/toolbox
hostNetwork: true
envVars:
- RESOURCE_GROUP_FILTER=cluster.x-k8s.io
- RESOURCE_VERSION_FILTER=v1alpha3
- RESOURCE_KIND_FILTER=Cluster
configRef:
kind: ConfigMap
name: kubectl-wait-cluster
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-cluster-init
spec:
image: localhost/toolbox
hostNetwork: true
envVars:
- RESOURCE_GROUP_FILTER=cluster.x-k8s.io
- RESOURCE_VERSION_FILTER=v1alpha3
- RESOURCE_KIND_FILTER=Cluster
- CONDITION=controlPlaneInitialized
configRef:
kind: ConfigMap
name: kubectl-wait-cluster
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: virsh-eject-cdrom-images
labels:
airshipit.org/deploy-k8s: "false"
spec:
image: quay.io/airshipit/toolbox-virsh:latest
hostNetwork: true
mounts:
- type: bind
src: /var/run/libvirt/libvirt-sock
dst: /var/run/libvirt/libvirt-sock
configRef:
kind: ConfigMap
name: virsh-eject-cdrom-images
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: virsh-destroy-vms
labels:
airshipit.org/deploy-k8s: "false"
spec:
image: quay.io/airshipit/toolbox-virsh:latest
hostNetwork: true
mounts:
- type: bind
src: /var/run/libvirt/libvirt-sock
dst: /var/run/libvirt/libvirt-sock
configRef:
kind: ConfigMap
name: virsh-destroy-vms
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-bmh
spec:
image: localhost/toolbox
hostNetwork: true
envVars:
- RESOURCE_GROUP_FILTER=metal3.io
- RESOURCE_VERSION_FILTER=v1alpha1
- RESOURCE_KIND_FILTER=BareMetalHost
- RESOURCE_LABEL_FILTER=airshipit.org/k8s-role=worker
configRef:
kind: ConfigMap
name: kubectl-wait-bmh
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-wait-label-node
spec:
image: localhost/toolbox
hostNetwork: true
envVars:
- RESOURCE_GROUP_FILTER=metal3.io
- RESOURCE_VERSION_FILTER=v1alpha1
- RESOURCE_KIND_FILTER=BareMetalHost
- RESOURCE_LABEL_FILTER=airshipit.org/k8s-role=worker
configRef:
kind: ConfigMap
name: kubectl-wait-label-node
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: kubectl-check-ingress-ctrl
spec:
image: localhost/toolbox
hostNetwork: true
configRef:
kind: ConfigMap
name: kubectl-check-ingress-ctrl
apiVersion: v1
---
apiVersion: airshipit.org/v1alpha1
kind: GenericContainer
metadata:
name: clusterctl
labels:
airshipit.org/deploy-k8s: "false"
spec:
type: krm
image: localhost/clusterctl:latest
hostNetwork: true
View Git Blame Copy Permalink