Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WIP Add option to run Dev-env with FakeIPA #1450

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
+212 −1
Open

WIP Add option to run Dev-env with FakeIPA #1450

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6d6b7ed
Enable option to run FakeIPA
mboukhalfa Aug 29, 2024
4c12642
Add FKAS
mboukhalfa Sep 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions 02_configure_host.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,7 @@ ANSIBLE_FORCE_COLOR=true "${ANSIBLE}-playbook" \
-e "extradisks=${VM_EXTRADISKS}" \
-e "virthost=${HOSTNAME}" \
-e "platform=${NODES_PLATFORM}" \
-e "vm_platform=${VM_PLATFORM:-libvirt}" \
-e "libvirt_firmware=${LIBVIRT_FIRMWARE}" \
-e "libvirt_secure_boot=${LIBVIRT_SECURE_BOOT}" \
-e "libvirt_domain_type=${LIBVIRT_DOMAIN_TYPE}" \
Expand Down Expand Up @@ -407,6 +408,7 @@ if [[ "${BUILD_IRONIC_IMAGE_LOCALLY:-}" == "true" ]] || [[ -n "${IRONIC_LOCAL_IM
fi
VBMC_IMAGE=${VBMC_LOCAL_IMAGE:-${VBMC_IMAGE}}
SUSHY_TOOLS_IMAGE=${SUSHY_TOOLS_LOCAL_IMAGE:-${SUSHY_TOOLS_IMAGE}}
FAKE_IPA_IMAGE=${FAKE_IPA_LOCAL_IMAGE:-${FAKE_IPA_IMAGE}}

# Pushing images to local registry
for IMAGE_VAR in $(env | grep -v "_LOCAL_IMAGE=" | grep "_IMAGE=" | grep -o "^[^=]*") ; do
Expand Down
65 changes: 65 additions & 0 deletions 03_launch_mgmt_cluster.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -181,6 +181,9 @@ EOF
echo "DHCP_HOSTS=${DHCP_HOSTS}" | sudo tee -a "${IRONIC_DATA_DIR}/ironic_bmo_configmap.env"
fi

if [ "${VM_PLATFORM}" == "fake" ]; then
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if [ "${VM_PLATFORM}" == "fake" ]; then
if [[ "${VM_PLATFORM}" == "fake" ]]; then

echo "OS_AGENT__REQUIRE_TLS=false" | sudo tee -a "${IRONIC_DATA_DIR}/ironic_bmo_configmap.env"
fi
# Copy the generated configmap for ironic deployment
cp "${IRONIC_DATA_DIR}/ironic_bmo_configmap.env" "${BMOPATH}/ironic-deployment/components/keepalived/ironic_bmo_configmap.env"

Expand Down Expand Up @@ -538,7 +541,69 @@ if [ "${EPHEMERAL_CLUSTER}" != "tilt" ]; then
# Thus we are deleting validatingwebhookconfiguration resource if exists to let BMO is working properly on local runs.
kubectl delete validatingwebhookconfiguration/"${BMO_NAME_PREFIX}"-validating-webhook-configuration --ignore-not-found=true
fi
# if fake platform (no VMs) run FakeIPA
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# if fake platform (no VMs) run FakeIPA
# if fake platform (no VMs) run FakeIPA

if [[ "${VM_PLATFORM}" == "fake" ]]; then
# wait for ironic to be running
kubectl -n baremetal-operator-system wait --for=condition=available deployment/baremetal-operator-ironic --timeout=300s
mkdir -p /opt/metal3-dev-env/fake-ipa
kubectl -n legacy get secret -n baremetal-operator-system ironic-cert -o json -o=jsonpath="{.data.ca\.crt}" | base64 -d > /opt/metal3-dev-env/fake-ipa/ironic-ca.crt
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
kubectl -n legacy get secret -n baremetal-operator-system ironic-cert -o json -o=jsonpath="{.data.ca\.crt}" | base64 -d > /opt/metal3-dev-env/fake-ipa/ironic-ca.crt
kubectl -n legacy get secret -n baremetal-operator-system ironic-cert -o json -o=jsonpath="{.data.ca\.crt}" | base64 -d > /opt/metal3-dev-env/fake-ipa/ironic-ca.crt

# shellcheck disable=SC2086
sudo "${CONTAINER_RUNTIME}" run -d --net host --name fake-ipa ${POD_NAME_INFRA} \
-v "/opt/metal3-dev-env/fake-ipa":/root/cert -v "/root/.ssh":/root/ssh \
"${FAKE_IPA_IMAGE}"

cat << EOF >> "${WORKING_DIR}/bmhosts_crs.yaml"
---
apiVersion: v1
kind: Secret
metadata:
name: default-node-1-bmc-secret
labels:
environment.metal3.io: baremetal
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
environment.metal3.io: baremetal
environment.metal3.io: baremetal

type: Opaque
data:
username: YWRtaW4=
password: cGFzc3dvcmQ=
---
apiVersion: metal3.io/v1alpha1
kind: BareMetalHost
metadata:
name: default-node-1
spec:
online: true
bmc:
address: redfish+http://192.168.111.1:8000/redfish/v1/Systems/27946b59-9e44-4fa7-8e91-f3527a1ef094
credentialsName: default-node-1-bmc-secret
bootMACAddress: 00:5c:52:31:3a:9c
bootMode: legacy
---
apiVersion: v1
kind: Secret
metadata:
name: default-node-2-bmc-secret
labels:
environment.metal3.io: baremetal
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
environment.metal3.io: baremetal
environment.metal3.io: baremetal

type: Opaque
data:
username: YWRtaW4=
password: cGFzc3dvcmQ=
---
apiVersion: metal3.io/v1alpha1
kind: BareMetalHost
metadata:
name: default-node-2
spec:
online: true
bmc:
address: redfish+http://192.168.111.1:8000/redfish/v1/Systems/27946b59-9e44-4fa7-8e91-f3527a1ef095
credentialsName: default-node-2-bmc-secret
bootMACAddress: 00:5c:52:31:3a:9d
bootMode: legacy
EOF
kubectl apply -f "${WORKING_DIR}/bmhosts_crs.yaml" -n "$NAMESPACE"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
kubectl apply -f "${WORKING_DIR}/bmhosts_crs.yaml" -n "$NAMESPACE"
kubectl apply -f "${WORKING_DIR}/bmhosts_crs.yaml" -n "$NAMESPACE"

else
apply_bm_hosts "$NAMESPACE"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
apply_bm_hosts "$NAMESPACE"
apply_bm_hosts "$NAMESPACE"

fi
elif [ "${EPHEMERAL_CLUSTER}" == "tilt" ]; then

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change

source tilt-setup/deploy_tilt_env.sh
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
source tilt-setup/deploy_tilt_env.sh
source tilt-setup/deploy_tilt_env.sh

Expand Down
4 changes: 4 additions & 0 deletions config_example.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -206,3 +206,7 @@

# Uncomment the line below to build ironic-image from source
# export IRONIC_FROM_SOURCE="true"

# To enable FakeIPA and run dev-env on a fake platform
# export VM_PLATFORM="fake"
# export FAKE_IPA_IMAGE=192.168.111.1:5000/localimages/fake-ipa
1 change: 1 addition & 0 deletions lib/common.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -263,6 +263,7 @@ export CONTAINER_REGISTRY="${CONTAINER_REGISTRY:-quay.io}"
# BMC emulator images
export VBMC_IMAGE="${VBMC_IMAGE:-${CONTAINER_REGISTRY}/metal3-io/vbmc}"
export SUSHY_TOOLS_IMAGE="${SUSHY_TOOLS_IMAGE:-${CONTAINER_REGISTRY}/metal3-io/sushy-tools}"
export FAKE_IPA_IMAGE="${FAKE_IPA_IMAGE:-${CONTAINER_REGISTRY}/metal3-io/fake-ipa}"

# CAPM3 and IPAM controller images
if [[ "${CAPM3RELEASEBRANCH}" = "release-1.6" ]]; then
Expand Down
49 changes: 49 additions & 0 deletions vm-setup/roles/virtbmc/tasks/setup_tasks.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,3 +107,52 @@
SUSHY_EMULATOR_VMEDIA_VERIFY_SSL = {{ sushy_vmedia_verify_ssl }}
SUSHY_EMULATOR_AUTH_FILE = "/root/sushy/htpasswd"
become: true
when: vm_platform|default("libvirt") != "fake"
# if FakeIPA enabled then set required sushy-tools config
- name: Create the Redfish Virtual BMCs for FakeIPA
copy:
mode: 0750
dest: "{{ working_dir }}/virtualbmc/sushy-tools/conf.py"
content: |
SUSHY_EMULATOR_LIBVIRT_URI = "{{ vbmc_libvirt_uri }}"
SUSHY_EMULATOR_IGNORE_BOOT_DEVICE = {{ sushy_ignore_boot_device }}
SUSHY_EMULATOR_VMEDIA_VERIFY_SSL = {{ sushy_vmedia_verify_ssl }}
SUSHY_EMULATOR_AUTH_FILE = "/root/sushy/htpasswd"
SUSHY_EMULATOR_FAKE_DRIVER = True
SUSHY_EMULATOR_FAKE_IPA = True
SUSHY_EMULATOR_FAKE_SYSTEMS = [
{
'uuid': '27946b59-9e44-4fa7-8e91-f3527a1ef094',
'name': 'fake1',
'power_state': 'Off',
'external_notifier': True,
'nics': [
{
'mac': '00:5c:52:31:3a:9c',
'ip': '172.22.0.100'
},
{
'mac': '00:5c:52:31:3b:9c',
'ip': '172.22.0.110'
}
]
},
{
'uuid': '27946b59-9e44-4fa7-8e91-f3527a1ef095',
'name': 'fake2',
'power_state': 'Off',
'external_notifier': True,
'nics': [
{
'mac': '00:5c:52:31:3a:9d',
'ip': '172.22.0.101'
},
{
'mac': '00:5c:52:31:3b:9d',
'ip': '172.22.0.111'
}
]
}
]
become: true
when: vm_platform|default("libvirt") == "fake"
2 changes: 1 addition & 1 deletion vm-setup/setup-playbook.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,4 @@
name: libvirt
- import_role:
name: virtbmc
when: vm_platform|default("libvirt") == "libvirt"
when: vm_platform|default("libvirt") in ["libvirt", "fake"]