Skip to content

Commit

Permalink
onprem: patch deployment from ocp_release_image
Browse files Browse the repository at this point in the history
  • Loading branch information
@karmab
karmab committed Jan 5, 2024
1 parent 848b0b0 commit 5036700
Show file tree
Hide file tree
Showing 3 changed files with 80 additions and 20 deletions.
44 changes: 31 additions & 13 deletions ailib/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,14 @@ def boot_hosts(overrides, hostnames=[], debug=False):
return 0


def icsps_from_url(url):
registries = [{'mirrors': [f"{url}/openshift/release", f"{url}/openshift/release-images"],
"source": "quay.io/openshift-release-dev/ocp-release"},
{'mirrors': [f"{url}/openshift/release", f"{url}/openshift/release-images"],
"source": "quay.io/openshift-release-dev/ocp-v4.0-art-dev"}]
return registries


class AssistedClient(object):
def __init__(self, url='https://api.openshift.com', token=None, offlinetoken=None, debug=False,
ca=None, cert=None, key=None, quiet=False):
Expand Down Expand Up @@ -287,6 +295,22 @@ def set_default_values(self, overrides, existing=False, quiet=False):
sys.exit(1)
platform = {"type": platform}
overrides['platform'] = platform
if 'ocp_release_image' in overrides and not overrides['ocp_release_image'].startswith('quay.io'):
overrides['registry_url'] = overrides['ocp_release_image'].split('/')[0]
url = overrides.get('disconnected_url') or overrides.get('registry_url')
if url is not None:
disconnected_registries = [{'mirrors': [f"{url}/edge-infrastructure"],
"source": "quay.io/edge-infrastructure"},
{'mirrors': [f"{url}/openshift/release", f"{url}/openshift/release-images"],
"source": "quay.io/openshift-release-dev/ocp-release"},
{'mirrors': [f"{url}/openshift/release", f"{url}/openshift/release-images"],
"source": "quay.io/openshift-release-dev/ocp-v4.0-art-dev"}]
installconfig = {'imageContentSources': disconnected_registries}
info(f"Trying to gather registry ca cert from {url}")
cacmd = f"openssl s_client -showcerts -connect {url} </dev/null 2>/dev/null|"
cacmd += "openssl x509 -outform PEM"
installconfig['additionalTrustBundle'] = os.popen(cacmd).read()
overrides['installconfig'] = installconfig

def set_default_infraenv_values(self, overrides):
if 'cluster' in overrides:
Expand Down Expand Up @@ -391,7 +415,7 @@ def set_disconnected_ignition_config_override(self, infra_env_id=None, overrides
if ca is None:
if 'installconfig' in overrides and isinstance(overrides['installconfig'], dict)\
and 'additionalTrustBundle' in overrides['installconfig']:
info("using cert from installconfig/additionalTrustBundle")
info("Using cert from installconfig/additionalTrustBundle")
ca = overrides['installconfig']['additionalTrustBundle']
elif disconnected_url is not None and 'quay.io' not in disconnected_url:
info(f"Trying to gather registry ca cert from {disconnected_url}")
Expand All @@ -406,19 +430,19 @@ def set_disconnected_ignition_config_override(self, infra_env_id=None, overrides
ignition_version = json.loads(ori.read().decode("utf-8"))['ignition']['version']
if 'installconfig' in overrides and isinstance(overrides['installconfig'], dict)\
and 'imageContentSources' in overrides['installconfig']:
info("using imageContentSources from installconfig")
info("Using imageContentSources from installconfig")
registries = 'unqualified-search-registries = ["registry.access.redhat.com", "docker.io"]\n'
for registry in overrides['installconfig']['imageContentSources']:
source = registry.get('source')
target = registry.get('mirrors')[0]
new_registry = """[[registry]]
for target in registry.get('mirrors', []):
new_registry = """[[registry]]
prefix = ""
location = "{source}"
mirror-by-digest-only = false
[[registry.mirror]]
location = "{target}"\n""".format(source=source, target=target)
registries += new_registry
registries += new_registry
else:
ailibdir = os.path.dirname(warning.__code__.co_filename)
with open(f"{ailibdir}/registries.conf.templ") as f:
Expand Down Expand Up @@ -570,11 +594,6 @@ def create_cluster(self, name, overrides={}, force=False):
new_cluster_params[parameter] = overrides[parameter]
else:
extra_overrides[parameter] = overrides[parameter]
network_override = 'installconfig' in extra_overrides and 'networking' in extra_overrides['installconfig']\
and 'networkType' in extra_overrides['installconfig']['networking']
if 'network_type' not in overrides and not network_override:
warning("Forcing network_type to OVNKubernetes")
new_cluster_params['network_type'] = 'OVNKubernetes'
if self.debug:
print(new_cluster_params)
cluster_params = models.ClusterCreateParams(**new_cluster_params)
Expand Down Expand Up @@ -1078,8 +1097,6 @@ def update_cluster(self, name, overrides):
pull_secret = os.path.expanduser(overrides['pull_secret'])
if os.path.exists(pull_secret):
overrides['pull_secret'] = re.sub(r"\s", "", open(pull_secret).read())
else:
warning("Using pull_secret as string")
if 'role' in overrides:
role = overrides['role']
hosts_roles = [{"id": host['id'], "role": role} for host in self.client.list_hosts(cluster_id=cluster_id)]
Expand Down Expand Up @@ -1135,7 +1152,8 @@ def update_cluster(self, name, overrides):
if 'installconfig' in overrides and isinstance(overrides['installconfig'], dict):
installconfig.update(overrides['installconfig'])
del overrides['installconfig']
if installconfig:
install_config_overrides = json.loads(info_cluster.install_config_overrides or '{}')
if installconfig and install_config_overrides != installconfig:
self.client.v2_update_cluster_install_config(cluster_id, json.dumps(installconfig))
if 'olm_operators' in overrides:
overrides['olm_operators'] = self.set_olm_operators(overrides['olm_operators'])
Expand Down
2 changes: 1 addition & 1 deletion ailib/cli.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -787,7 +787,7 @@ def list_extra_keywords(args):


def create_onprem(args):
warning("This is not the supported path for interacting with AI")
warning("Note that this is not a supported path for interacting with AI")
info("Creating onprem deployment")
overrides = handle_parameters(args.param, args.paramfile)
ai_create_onprem(overrides, debug=args.debug)
Expand Down
54 changes: 48 additions & 6 deletions ailib/common/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@ def create_onprem(overrides={}, debug=False):
error("You need podman to run this")
sys.exit(1)
with TemporaryDirectory() as tmpdir:
ip = overrides.get('ip') or get_ip() or '192.168.122.1'
ip = overrides.get('onprem_ip') or get_ip() or '192.168.122.1'
ipv6 = ':' in ip
info(f"Using ip {ip}")
if os.path.exists('pod.yml'):
Expand Down Expand Up @@ -192,7 +192,46 @@ def create_onprem(overrides={}, debug=False):
dest.write(f" SERVICE_BASE_URL: {SERVICE_BASE_URL}\n")
else:
dest.write(line)
if overrides.get('keep', False):
if 'ocp_release_image' in overrides:
info("Patching deployment for disconnected")
try:
from yaml import safe_load, safe_dump
except:
error("PyYAML is required for patching deployment")
sys.exit(1)
arch = os.uname().machine
ocp_release_image = overrides['ocp_release_image']
version_long = ocp_release_image.split(':')[-1].split('-')[0]
openshift_version = f"4.{version_long.split('.')[1]}"
with open(f'{tmpdir}/configmap.yml', 'r') as f:
cm = safe_load(f)
data = cm['data']
release_images = [{'openshift_version': openshift_version, 'cpu_architecture': arch,
'cpu_architectures': [arch], 'url': ocp_release_image, 'version': version_long}]
data['RELEASE_IMAGES'] = json.dumps(release_images, indent=None, separators=(',', ':'))
os_images = safe_load(data['OS_IMAGES'])
os_images = [i for i in os_images if i['openshift_version'] == openshift_version and
i['cpu_architecture'] == arch]
data['OS_IMAGES'] = json.dumps(os_images, indent=None, separators=(',', ':'))
cm['data'] = data
with open(f'{tmpdir}/configmap.yml', 'w') as f:
safe_dump(cm, f, default_flow_style=False, encoding='utf-8', allow_unicode=True)
with open(f'{tmpdir}/pod.yml', 'r') as f:
pod = safe_load(f)
spec = pod['spec']
spec['containers'][-1]['volumeMounts'] = [{'mountPath': '/etc/pki/ca-trust/extracted/pem:Z',
'name': 'certs'}]
spec['volumes'] = [{'name': 'certs', 'hostPath': {'path': "/etc/pki/ca-trust/extracted/pem",
"type": "Directory"}}]
if os.path.exists('containers'):
cwd = os.getcwd()
spec['containers'][-1]['volumeMounts'].append({'mountPath': '/etc/containers:Z', 'name': 'containers'})
new_entry = {'name': 'containers', 'hostPath': {'path': f"{cwd}/containers", "type": "Directory"}}
spec['volumes'].append(new_entry)
pod['spec'] = spec
with open(f'{tmpdir}/pod.yml', 'w') as f:
safe_dump(pod, f, default_flow_style=False, encoding='utf-8', allow_unicode=True)
if overrides.get('keep', True):
copy2(f"{tmpdir}/configmap.yml", '.')
copy2(f"{tmpdir}/pod.yml", '.')
if debug:
Expand All @@ -201,10 +240,13 @@ def create_onprem(overrides={}, debug=False):
cmd = "podman network create --subnet fd00::1:8:0/112 --gateway 'fd00::1:8:1' --ipv6 assistedv6"
info(f"Running: {cmd}")
call(cmd, shell=True)
storage = '--storage-driver vfs' if 'KUBERNETES_SERVICE_PORT' in os.environ else ''
network = '--network assistedv6' if ipv6 else ''
cmd = "podman pod rm -f assisted-installer ; "
cmd += f"podman {storage} play kube {network} --configmap {tmpdir}/configmap.yml {tmpdir}/pod.yml"
podman = 'podman'
if 'KUBERNETES_SERVICE_PORT' in os.environ:
podman += ' --storage-driver vfs'
args = '--replace'
if ipv6:
args += ' --network assistedv6'
cmd = f"{podman} play kube {args} --configmap {tmpdir}/configmap.yml {tmpdir}/pod.yml"
info(f"Running: {cmd}")
call(cmd, shell=True)

Expand Down

0 comments on commit 5036700

Please sign in to comment.