diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/drydock.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/drydock/drydock.yaml index a531f433..091a2ca3 100644 --- a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/drydock.yaml +++ b/deployment_files/global/v1.0demo/software/charts/ucp/drydock/drydock.yaml @@ -47,37 +47,12 @@ metadata: path: .ucp.physicalprovisioner dest: path: .values.endpoints.physicalprovisioner - - # Drydock IPs - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.drydock_api + schema: pegleg/EndpointCatalogue/v1 + name: ucp_endpoints + path: .ucp.maas_region dest: - path: .values.network.drydock.node_port.port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.drydock_api - dest: - path: .values.endpoints.physicalprovisioner.port.api.nodeport - - # MaaS IPs - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - # TODO(mb874d): Can change once we have an accessible VIP from fresh nodes. - path: .genesis.ip - dest: - path: .values.conf.drydock.maasdriver.maas_api_url - pattern: 'MAAS_IP' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.maas_api - dest: - path: .values.conf.drydock.maasdriver.maas_api_url - pattern: 'MAAS_PORT' + path: .values.endpoints.maas_region # Credentials @@ -172,8 +147,6 @@ data: enabled: true conf: drydock: - maasdriver: - maas_api_url: http://MAAS_IP:MAAS_PORT/MAAS/api/2.0/ plugins: ingester: drydock_provisioner.ingester.plugins.deckhand.DeckhandIngester oob_driver: diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/maas.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/drydock/maas.yaml index f25798a7..c39b1e06 100644 --- a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/maas.yaml +++ b/deployment_files/global/v1.0demo/software/charts/ucp/drydock/maas.yaml @@ -43,34 +43,6 @@ metadata: path: .values.conf.drydock.bootaction_url pattern: '(DRYDOCK_PORT)' - # MaaS IPs - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - # TODO(mb874d): Can change once we have an accessible VIP from fresh nodes. - path: .bootstrap.ip - dest: - path: .values.conf.maas.url.maas_url - pattern: '(MAAS_IP)' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.maas_api - dest: - path: .values.conf.maas.url.maas_url - pattern: '(MAAS_PORT)' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.maas_api - dest: - path: .values.network.gui.node_port.port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.maas_proxy - dest: - path: .values.network.proxy.node_port.port # MaaS Config - src: @@ -111,6 +83,12 @@ metadata: path: .ucp.physicalprovisioner dest: path: .values.endpoints.physicalprovisioner + - src: + schema: pegleg/EndpointCatalogue/v1 + name: ucp_endpoints + path: .ucp.maas_ingress + dest: + path: .values.endpoints.maas_ingress # Account and credential substitutions - src: @@ -180,6 +158,10 @@ data: labels: release_group: airship-maas values: + pod: + replicas: + rack: 1 + region: 1 labels: rack: node_selector_key: ucp-control-plane diff --git a/deployment_files/global/v1.0demo/software/config/endpoints.yaml b/deployment_files/global/v1.0demo/software/config/endpoints.yaml index be02e2dd..8ad6c035 100644 --- a/deployment_files/global/v1.0demo/software/config/endpoints.yaml +++ b/deployment_files/global/v1.0demo/software/config/endpoints.yaml @@ -128,12 +128,10 @@ data: default: http host_fqdn_override: default: null - public: drydock.gate.local maas_region: name: maas-region hosts: default: maas-region - public: maas scheme: default: "http" port: @@ -142,6 +140,24 @@ data: public: 80 host_fqdn_override: default: null + maas_ingress: + hosts: + default: maas-ingress + error_pages: maas-ingress-error + host_fqdn_override: + public: null + port: + http: + default: 80 + https: + default: 443 + error_pages: + default: 8080 + podport: 8080 + healthz: + podport: 10259 + status: + podport: 18089 kubernetesprovisioner: name: promenade hosts: diff --git a/deployment_files/global/v1.0demo/software/config/versions.yaml b/deployment_files/global/v1.0demo/software/config/versions.yaml index ff108dc4..82a413c9 100644 --- a/deployment_files/global/v1.0demo/software/config/versions.yaml +++ b/deployment_files/global/v1.0demo/software/config/versions.yaml @@ -177,12 +177,12 @@ data: type: git drydock: location: https://git.openstack.org/openstack/airship-drydock - reference: 3470f89519d018c572905566891bafc8a3c51c3b + reference: 485f919822c7e425741a19ab507f83ea075529c5 subpath: charts/drydock type: git drydock-htk: location: https://git.openstack.org/openstack/openstack-helm-infra - reference: 5d356f9265b337b75f605dee839faa8cd0ed3ab2 + reference: 4ad893eb1a5ebd7c7660c70d44d1316862268cf1 subpath: helm-toolkit type: git ingress: @@ -207,12 +207,12 @@ data: type: git maas: location: https://git.openstack.org/openstack/airship-maas - reference: 2e003450cceb16b9bda71aa69a939a8466516582 + reference: refs/changes/83/619283/11 subpath: charts/maas type: git maas-htk: location: https://git.openstack.org/openstack/openstack-helm-infra - reference: 5d356f9265b337b75f605dee839faa8cd0ed3ab2 + reference: 4ad893eb1a5ebd7c7660c70d44d1316862268cf1 subpath: helm-toolkit type: git mariadb: @@ -461,9 +461,9 @@ data: divingbell: docker.io/ubuntu:16.04 drydock: dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - drydock: quay.io/airshipit/drydock:3470f89519d018c572905566891bafc8a3c51c3b + drydock: quay.io/airshipit/drydock:485f919822c7e425741a19ab507f83ea075529c5 drydock_db_init: docker.io/postgres:9.5 - drydock_db_sync: quay.io/airshipit/drydock:3470f89519d018c572905566891bafc8a3c51c3b + drydock_db_sync: quay.io/airshipit/drydock:485f919822c7e425741a19ab507f83ea075529c5 ks_endpoints: docker.io/openstackhelm/heat:ocata ks_service: docker.io/openstackhelm/heat:ocata ks_user: docker.io/openstackhelm/heat:ocata @@ -474,7 +474,7 @@ data: dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 export_api_key: quay.io/airshipit/maas-region-controller:2e003450cceb16b9bda71aa69a939a8466516582 maas_cache: quay.io/airshipit/sstream-cache:2e003450cceb16b9bda71aa69a939a8466516582 - maas_rack: quay.io/airshipit/maas-rack-controller:2e003450cceb16b9bda71aa69a939a8466516582 + maas_rack: docker.io/sthussey/maas-rack-controller:dev maas_region: quay.io/airshipit/maas-region-controller:2e003450cceb16b9bda71aa69a939a8466516582 promenade: dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 diff --git a/deployment_files/site/gate-multinode/software/charts/ucp/drydock/drydock.yaml b/deployment_files/site/gate-multinode/software/charts/ucp/drydock/drydock.yaml index eb245121..2c2a1cea 100644 --- a/deployment_files/site/gate-multinode/software/charts/ucp/drydock/drydock.yaml +++ b/deployment_files/site/gate-multinode/software/charts/ucp/drydock/drydock.yaml @@ -26,8 +26,6 @@ data: secret_ssh_key: true conf: drydock: - maasdriver: - maas_api_url: 'http://maas.gate.local:9085/MAAS/api/2.0/' plugins: oob_driver: - 'drydock_provisioner.drivers.oob.pyghmi_driver.driver.PyghmiDriver' diff --git a/deployment_files/site/gate-multinode/software/charts/ucp/drydock/maas.yaml b/deployment_files/site/gate-multinode/software/charts/ucp/drydock/maas.yaml index 64fe75ba..2023a1b6 100644 --- a/deployment_files/site/gate-multinode/software/charts/ucp/drydock/maas.yaml +++ b/deployment_files/site/gate-multinode/software/charts/ucp/drydock/maas.yaml @@ -32,29 +32,4 @@ data: network: maas_ingress: addr: '172.24.1.5/32' - endpoints: - maas_region: - host_fqdn_override: - public: maas.gate.local - port: - region_api: - public: 9085 - maas_ingress: - hosts: - default: maas-ingress - error_pages: maas-ingress-error - host_fqdn_override: - public: null - port: - http: - default: 9080 - https: - default: 9443 - error_pages: - default: 8080 - podport: 8080 - healthz: - podport: 10259 - status: - podport: 18089 ... diff --git a/deployment_files/site/gate-multinode/software/configs/endpoints.yaml b/deployment_files/site/gate-multinode/software/configs/endpoints.yaml index 7af1c288..f1657d66 100644 --- a/deployment_files/site/gate-multinode/software/configs/endpoints.yaml +++ b/deployment_files/site/gate-multinode/software/configs/endpoints.yaml @@ -17,6 +17,12 @@ metadata: # dns server data: ucp: + physicalprovisioner: + host_fqdn_override: + public: drydock.gate.local + maas_region: + host_fqdn_override: + public: maas.gate.local identity: host_fqdn_override: public: keystone.gate.local diff --git a/tools/multi_nodes_gate/airship_gate/bin/shipyard.sh b/tools/multi_nodes_gate/airship_gate/bin/shipyard.sh index 63e89174..5a0e263c 100755 --- a/tools/multi_nodes_gate/airship_gate/bin/shipyard.sh +++ b/tools/multi_nodes_gate/airship_gate/bin/shipyard.sh @@ -1,4 +1,3 @@ - #!/usr/bin/env bash # Copyright 2018 AT&T Intellectual Property. All other rights reserved. # @@ -14,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -e +set -x SCRIPT_DIR=$(realpath $(dirname $0)) WORKSPACE=$(realpath ${SCRIPT_DIR}/../../..) diff --git a/tools/multi_nodes_gate/airship_gate/lib/airship.sh b/tools/multi_nodes_gate/airship_gate/lib/airship.sh index 9ed44ced..edb1f4bc 100644 --- a/tools/multi_nodes_gate/airship_gate/lib/airship.sh +++ b/tools/multi_nodes_gate/airship_gate/lib/airship.sh @@ -1,7 +1,31 @@ #!/bin/bash +install_ingress_ca() { + ingress_ca=$(config_ingress_ca) + if [[ -z "$ingress_ca" ]] + then + echo "Not installing ingress root CA." + return + fi + local_file="${TEMP_DIR}/ingress_ca.pem" + remote_file="${GENESIS_WORK_DIR}/ingress_ca.pem" + cat <<< "$ingress_ca" > "$local_file" + rsync_cmd "$local_file" "${GENESIS_NAME}":"$remote_file" +} + shipard_cmd_stdout() { - ssh_cmd "${GENESIS_NAME}" docker run -t --network host -v "${GENESIS_WORK_DIR}:/work" -e OS_AUTH_URL=http://keystone.ucp.svc.cluster.local:80/v3 -e OS_USERNAME=shipyard -e OS_USER_DOMAIN_NAME=default -e OS_PASSWORD="${SHIPYARD_PASSWORD}" -e OS_PROJECT_DOMAIN_NAME=default -e OS_PROJECT_NAME=service --entrypoint /usr/local/bin/shipyard "${IMAGE_SHIPYARD_CLI}" $* 2>&1 + install_ingress_ca + ssh_cmd "${GENESIS_NAME}" \ + docker run -t --network=host \ + -v "${GENESIS_WORK_DIR}:/work" \ + -e OS_AUTH_URL=http://keystone.ucp.svc.cluster.local:80/v3 \ + -e OS_USERNAME=shipyard \ + -e OS_USER_DOMAIN_NAME=default \ + -e OS_PASSWORD="${SHIPYARD_PASSWORD}" \ + -e OS_PROJECT_DOMAIN_NAME=default \ + -e OS_PROJECT_NAME=service \ + -e REQUESTS_CA_BUNDLE=/work/ingress_ca.pem \ + --entrypoint /usr/local/bin/shipyard "${IMAGE_SHIPYARD_CLI}" $* 2>&1 } shipyard_cmd() { @@ -16,7 +40,19 @@ shipyard_cmd() { } drydock_cmd_stdout() { - ssh_cmd "${GENESIS_NAME}" docker run -t --network host -v "${GENESIS_WORK_DIR}:/work" -e DD_URL=http://drydock-api.ucp.svc.cluster.local:9000 -e OS_AUTH_URL=http://keystone.ucp.svc.cluster.local:80/v3 -e OS_USERNAME=shipyard -e OS_USER_DOMAIN_NAME=default -e OS_PASSWORD="${SHIPYARD_PASSWORD}" -e OS_PROJECT_DOMAIN_NAME=default -e OS_PROJECT_NAME=service --entrypoint /usr/local/bin/drydock "${IMAGE_DRYDOCK_CLI}" $* 2>&1 + install_ingress_ca + ssh_cmd "${GENESIS_NAME}" \ + docker run -t --network=host \ + -v "${GENESIS_WORK_DIR}:/work" \ + -e DD_URL=http://drydock-api.ucp.svc.cluster.local:9000 \ + -e OS_AUTH_URL=http://keystone.ucp.svc.cluster.local:80/v3 \ + -e OS_USERNAME=shipyard \ + -e OS_USER_DOMAIN_NAME=default \ + -e OS_PASSWORD="${SHIPYARD_PASSWORD}" \ + -e OS_PROJECT_DOMAIN_NAME=default \ + -e OS_PROJECT_NAME=service \ + -e REQUESTS_CA_BUNDLE=/work/ingress_ca.pem \ + --entrypoint /usr/local/bin/drydock "${IMAGE_DRYDOCK_CLI}" $* 2>&1 } drydock_cmd() { if [[ ! -z "${LOG_FILE}" ]] diff --git a/tools/multi_nodes_gate/airship_gate/lib/config.sh b/tools/multi_nodes_gate/airship_gate/lib/config.sh index 25f917af..ff22d6ec 100644 --- a/tools/multi_nodes_gate/airship_gate/lib/config.sh +++ b/tools/multi_nodes_gate/airship_gate/lib/config.sh @@ -16,6 +16,7 @@ export SHIPYARD_PASSWORD=${SHIPYARD_OS_PASSWORD:-password18} export REGISTRY_DATA_DIR=${REGISTRY_DATA_DIR:-/mnt/registry} export VIRSH_POOL=${VIRSH_POOL:-airship} export VIRSH_POOL_PATH=${VIRSH_POOL_PATH:-/var/lib/libvirt/airship} +export VIRSH_CPU_OPTS=${VIRSH_CPU_OPTS:-host} export UPSTREAM_DNS=${UPSTREAM_DNS:-"8.8.8.8 208.67.220.220"} config_vm_memory() { @@ -37,6 +38,16 @@ config_vm_mac() { jq -cr ".vm.${nodename}.mac" < "${GATE_MANIFEST}" } +config_vm_io() { + nodename=${1} + io_profile=$(jq -cr ".vm.${nodename}.io_profile" < "${GATE_MANIFEST}") + if [[ -z "$io_profile" ]] + then + io_profile="fast" + fi + echo -n "$io_profile" +} + config_vm_vcpus() { nodename=${1} jq -cr ".vm.${nodename}.vcpus" < "${GATE_MANIFEST}" @@ -62,12 +73,20 @@ config_vm_userdata() { echo "${val}" fi } + config_ingress_domain() { jq -cr '.ingress.domain' < "${GATE_MANIFEST}" } +config_ingress_ca() { + if [[ ! -z "$GATE_MANIFEST" ]] + then + jq -cr '.ingress.ca' < "${GATE_MANIFEST}" + fi +} + config_ingress_ips() { - jq -cr '.ingress | keys | map(select(. != "domain")) | join(" ")' < "${GATE_MANIFEST}" + jq -cr '.ingress | keys | map(select(test("([0-9]{1,3}.?){4}"))) | join(" ")' < "${GATE_MANIFEST}" } config_ingress_entries() { @@ -86,3 +105,9 @@ config_pegleg_sitename() { config_pegleg_aux_repos() { jq -cr '.configuration.aux_repos | join(" ")' < "${GATE_MANIFEST}" } + +join_array() { + local IFS=$1 + shift + echo "$*" +} diff --git a/tools/multi_nodes_gate/airship_gate/lib/ingress.sh b/tools/multi_nodes_gate/airship_gate/lib/ingress.sh index dd5dc9c5..2cbc9c4c 100644 --- a/tools/multi_nodes_gate/airship_gate/lib/ingress.sh +++ b/tools/multi_nodes_gate/airship_gate/lib/ingress.sh @@ -17,7 +17,7 @@ ingress_dns_config() { done done - DNS_DOMAIN=${ingress_domain} ZONE_FILE=$(basename $DNS_ZONE_FILE) envsubst < "${TEMPLATE_DIR}/ingress_corefile.sub" > "${COREFILE}" + DNS_DOMAIN=${ingress_domain} ZONE_FILE=$(basename $DNS_ZONE_FILE) DNS_SERVERS="$UPSTREAM_DNS" envsubst < "${TEMPLATE_DIR}/ingress_corefile.sub" > "${COREFILE}" } ingress_dns_start() { diff --git a/tools/multi_nodes_gate/airship_gate/lib/virsh.sh b/tools/multi_nodes_gate/airship_gate/lib/virsh.sh index 8b89b73f..eec96b89 100644 --- a/tools/multi_nodes_gate/airship_gate/lib/virsh.sh +++ b/tools/multi_nodes_gate/airship_gate/lib/virsh.sh @@ -51,6 +51,8 @@ iso_gen() { fi envsubst < "${TEMPLATE_DIR}/meta-data.sub" > meta-data + + export DNS_SERVERS=$(join_array ',' $UPSTREAM_DNS) envsubst < "${TEMPLATE_DIR}/network-config.sub" > network-config { @@ -129,7 +131,16 @@ vm_clean_all() { vm_create() { NAME=${1} MAC_ADDRESS=$(config_vm_mac "${NAME}") - DISK_OPTS="bus=virtio,cache=directsync,discard=unmap,format=qcow2" + IO_PROF=$(config_vm_io "${NAME}") + if [[ "$IO_PROF" == "fast" ]] + then + DISK_OPTS="bus=virtio,cache=none,format=qcow2,io=native" + elif [[ "$IO_PROF" == "safe" ]] + then + DISK_OPTS="bus=virtio,cache=directsync,discard=unmap,format=qcow2,io=native" + else + DISK_OPTS="bus=virtio,format=qcow2" + fi vol_create_root "${NAME}" wait @@ -141,7 +152,7 @@ vm_create() { virt-install \ --name "${NAME}" \ --virt-type kvm \ - --cpu host \ + --cpu ${VIRSH_CPU_OPTS} \ --graphics vnc,listen=0.0.0.0 \ --noautoconsole \ --network "network=airship_gate,model=virtio" \ @@ -161,7 +172,7 @@ vm_create() { virt-install \ --name "${NAME}" \ --virt-type kvm \ - --cpu host \ + --cpu ${VIRSH_CPU_OPTS} \ --graphics vnc,listen=0.0.0.0 \ --noautoconsole \ --network "network=airship_gate,model=virtio" \ diff --git a/tools/multi_nodes_gate/airship_gate/manifests/deploy_site.json b/tools/multi_nodes_gate/airship_gate/manifests/deploy_site.json new file mode 100644 index 00000000..3e665893 --- /dev/null +++ b/tools/multi_nodes_gate/airship_gate/manifests/deploy_site.json @@ -0,0 +1,61 @@ +{ + "configuration": { + "site": "gate-multinode", + "primary_repo": "deployment_files", + "aux_repos": [] + }, + "ingress": { + "domain": "gate.local", + "ca": "-----BEGIN CERTIFICATE-----\nMIIFJzCCAw+gAwIBAgIJAJrXqOA54qn/MA0GCSqGSIb3DQEBCwUAMB8xCzAJBgNV\nBAYTAlVTMRAwDgYDVQQDDAdyb290LWNhMB4XDTE4MTEwMjE1MTgyNVoXDTM4MTAy\nODE1MTgyNVowHzELMAkGA1UEBhMCVVMxEDAOBgNVBAMMB3Jvb3QtY2EwggIiMA0G\nCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDVJt2qJILBhd5i0NOCfENWD07r3wlb\nI1MSy2pgt2qNzSpn3+gLfnQSMEDtdPFzNcU9FceE8It/W9QYeOx1V2bRX9Jjld2R\n8MFkoHlO+WHd55tblz2Jel5QYlFbjRUscfH7OG65cxa2vao26vyskYLmeNrdY0bi\n03w480ph/152qoFGlKVL3Ozlm6pcrKEwfCzZx/wO1hqAqOxd3fTRbgo3MKKzP1Ov\nsurgxwdSTzO5xL7JPfK3h94G9BeIdfcjIqosg393jTDhFwJ6TxuJUG3jg08mscHb\n/89ZPg5PLF8mLlCKc7WZDbxuo/8Oy7Krlv48LV6hWDelAynMH3X1m7QP2l7gMK+u\nxWFIWcHZ+fncdH9aicszS99e8jiIuCVpnKE/1qoo/Jhi4uR7l5uedxnXM2EqTSA/\nd9b849oTwm22Ykzu1EFCdkYtAU326yAoNEsgaBm8SHVGQ6O1W3iVFYpsTIZ65toB\n6uRv7YK7gIkeJFUCxn1aYXjuXF4hNQrQ4o76iMBOS00WG6qRIoesdj5lD0gGuDmv\nEvEjzkwRTMoUaWMS3BpVg9SRzGRNaWkErP0vbiZcp24ij+JvbPPogxve0MXU6YGt\n/xpYb8XmyR87G1D5tC1GoU5A0iS3Vbwu6r6jBp0+f50HtFlXuU0801ivjK7+LqXi\nKUK6ltnbVXp+iQIDAQABo2YwZDAdBgNVHQ4EFgQU0k/clYYxjK2RjVzNCAvY9FMz\nHv8wHwYDVR0jBBgwFoAU0k/clYYxjK2RjVzNCAvY9FMzHv8wEgYDVR0TAQH/BAgw\nBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBACw8btBg\nyJkQnU1fLrKIFQkxRra5LRtEgnZbqpDt+G9G/c4aauJmLV1txcJFa6qiyWFeaDem\nNnNY9Ft+LL5fZ2SwRI+KA4DvRiFMMbZoJDu5q/LlxCJi32qDlSRpmZfaXymadO/T\nIokryRzBscPFznXTqia/cv6JeSapg3zzRA9r7hB3osJLVQQ5S6HzcYxAmyi7OFYv\n0ZBaEem9KYo5MtKNfF21XpoK0T6/z1Jryjz5uNfvLXGHrMW0/rfrRiTa60JiH5r9\nIwyboh/CVrPnU7jC4GtkkE9pCMvaJhrlquf3pCkPIwkIHI0rK2cr1VYi2EFcEGsm\niwqZcA+PX7NWVhJAcUiBRUYqXPltC2EKogX6GMnos7Gczr4f0AqXap3VG9oMRZu8\nDWBxwnfRQrnyAx1G+ZgpOVpbjbb/kpxKCurPEb7xyew9NAOipaKrXWioUiTu54Gn\nTeZXU3tW6nSgq/OV3xWN1hzFQJ0JG45APEjv1UCphvU1DVHOvpiFZXZGUAObDIvv\nZUO/ngtoFv5RRyHJ5EkSIO0jDKRU5dQ+J7LEXsH1aK/ErPX4n52oyD/xX9h6MF0m\nzaItjJ6r6d8+c4xCgsIjDbylU71IvmzUYneGN5cVsavEI93KDJLz0brouK12+UB2\nz4S968kA+qCbBOYTkiGJWyjuJq3o/QJjQivF\n-----END CERTIFICATE-----", + "172.24.1.5": ["maas-nc"], + "172.24.1.6": ["drydock-nc","shipyard-nc","keystone-nc"] + }, + "stages": [ + { + "name": "Load Site Design", + "script": "shipyard-load-design.sh" + }, + { + "name": "Deploy Site", + "script": "shipyard-deploy-site.sh" + } + ], + "vm": { + "build": { + "memory": 3072, + "vcpus": 2, + "mac": "52:54:00:00:be:31", + "ip": "172.24.1.9", + "bootstrap": true, + "userdata": "packages: [docker.io]" + }, + "n0" : { + "memory": 32768, + "vcpus": 8, + "mac": "52:54:00:00:a4:31", + "ip": "172.24.1.10", + "bootstrap": true + }, + "n1" : { + "memory": 3072, + "vcpus": 2, + "mac": "52:54:00:00:a3:31", + "ip": "172.24.1.11", + "bootstrap": false + }, + "n2" : { + "memory": 3072, + "vcpus": 2, + "mac": "52:54:00:1a:95:0d", + "ip": "172.24.1.12", + "bootstrap": false + }, + "n3" : { + "memory": 3072, + "vcpus": 2, + "mac": "52:54:00:31:c2:36", + "ip": "172.24.1.13", + "bootstrap": false + } + } +} diff --git a/tools/multi_nodes_gate/airship_gate/manifests/multinode_deploy.json b/tools/multi_nodes_gate/airship_gate/manifests/multinode_deploy.json index f44dcf47..9f0ae842 100644 --- a/tools/multi_nodes_gate/airship_gate/manifests/multinode_deploy.json +++ b/tools/multi_nodes_gate/airship_gate/manifests/multinode_deploy.json @@ -6,6 +6,7 @@ }, "ingress": { "domain": "gate.local", + "ca": "-----BEGIN CERTIFICATE-----\nMIIFJzCCAw+gAwIBAgIJAJrXqOA54qn/MA0GCSqGSIb3DQEBCwUAMB8xCzAJBgNV\nBAYTAlVTMRAwDgYDVQQDDAdyb290LWNhMB4XDTE4MTEwMjE1MTgyNVoXDTM4MTAy\nODE1MTgyNVowHzELMAkGA1UEBhMCVVMxEDAOBgNVBAMMB3Jvb3QtY2EwggIiMA0G\nCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDVJt2qJILBhd5i0NOCfENWD07r3wlb\nI1MSy2pgt2qNzSpn3+gLfnQSMEDtdPFzNcU9FceE8It/W9QYeOx1V2bRX9Jjld2R\n8MFkoHlO+WHd55tblz2Jel5QYlFbjRUscfH7OG65cxa2vao26vyskYLmeNrdY0bi\n03w480ph/152qoFGlKVL3Ozlm6pcrKEwfCzZx/wO1hqAqOxd3fTRbgo3MKKzP1Ov\nsurgxwdSTzO5xL7JPfK3h94G9BeIdfcjIqosg393jTDhFwJ6TxuJUG3jg08mscHb\n/89ZPg5PLF8mLlCKc7WZDbxuo/8Oy7Krlv48LV6hWDelAynMH3X1m7QP2l7gMK+u\nxWFIWcHZ+fncdH9aicszS99e8jiIuCVpnKE/1qoo/Jhi4uR7l5uedxnXM2EqTSA/\nd9b849oTwm22Ykzu1EFCdkYtAU326yAoNEsgaBm8SHVGQ6O1W3iVFYpsTIZ65toB\n6uRv7YK7gIkeJFUCxn1aYXjuXF4hNQrQ4o76iMBOS00WG6qRIoesdj5lD0gGuDmv\nEvEjzkwRTMoUaWMS3BpVg9SRzGRNaWkErP0vbiZcp24ij+JvbPPogxve0MXU6YGt\n/xpYb8XmyR87G1D5tC1GoU5A0iS3Vbwu6r6jBp0+f50HtFlXuU0801ivjK7+LqXi\nKUK6ltnbVXp+iQIDAQABo2YwZDAdBgNVHQ4EFgQU0k/clYYxjK2RjVzNCAvY9FMz\nHv8wHwYDVR0jBBgwFoAU0k/clYYxjK2RjVzNCAvY9FMzHv8wEgYDVR0TAQH/BAgw\nBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBACw8btBg\nyJkQnU1fLrKIFQkxRra5LRtEgnZbqpDt+G9G/c4aauJmLV1txcJFa6qiyWFeaDem\nNnNY9Ft+LL5fZ2SwRI+KA4DvRiFMMbZoJDu5q/LlxCJi32qDlSRpmZfaXymadO/T\nIokryRzBscPFznXTqia/cv6JeSapg3zzRA9r7hB3osJLVQQ5S6HzcYxAmyi7OFYv\n0ZBaEem9KYo5MtKNfF21XpoK0T6/z1Jryjz5uNfvLXGHrMW0/rfrRiTa60JiH5r9\nIwyboh/CVrPnU7jC4GtkkE9pCMvaJhrlquf3pCkPIwkIHI0rK2cr1VYi2EFcEGsm\niwqZcA+PX7NWVhJAcUiBRUYqXPltC2EKogX6GMnos7Gczr4f0AqXap3VG9oMRZu8\nDWBxwnfRQrnyAx1G+ZgpOVpbjbb/kpxKCurPEb7xyew9NAOipaKrXWioUiTu54Gn\nTeZXU3tW6nSgq/OV3xWN1hzFQJ0JG45APEjv1UCphvU1DVHOvpiFZXZGUAObDIvv\nZUO/ngtoFv5RRyHJ5EkSIO0jDKRU5dQ+J7LEXsH1aK/ErPX4n52oyD/xX9h6MF0m\nzaItjJ6r6d8+c4xCgsIjDbylU71IvmzUYneGN5cVsavEI93KDJLz0brouK12+UB2\nz4S968kA+qCbBOYTkiGJWyjuJq3o/QJjQivF\n-----END CERTIFICATE-----", "172.24.1.5": ["maas"], "172.24.1.6": ["drydock","shipyard","keystone"] }, @@ -18,10 +19,6 @@ "name": "Pegleg Collection", "script": "pegleg-collect.sh" }, - { - "name": "Populate Image Cache", - "script": "registry-load.sh" - }, { "name": "Generate Certificates", "script": "generate-certificates.sh" @@ -44,6 +41,11 @@ "script": "genesis.sh", "on_error": "collect_genesis_info.sh" }, + { + "name": "Validate Genesis", + "script": "validate-genesis.sh", + "on_error": "collect_genesis_info.sh" + }, { "name": "Load Site Design", "script": "shipyard-load-design.sh" @@ -59,14 +61,16 @@ "vcpus": 2, "mac": "52:54:00:00:be:31", "ip": "172.24.1.9", + "io_profile": "fast", "bootstrap": true, "userdata": "packages: [docker.io]" }, "n0" : { "memory": 32768, - "vcpus": 8, + "vcpus": 12, "mac": "52:54:00:00:a4:31", "ip": "172.24.1.10", + "io_profile": "fast", "bootstrap": true }, "n1" : { @@ -74,6 +78,7 @@ "vcpus": 2, "mac": "52:54:00:00:a3:31", "ip": "172.24.1.11", + "io_profile": "fast", "bootstrap": false }, "n2" : { @@ -81,6 +86,7 @@ "vcpus": 2, "mac": "52:54:00:1a:95:0d", "ip": "172.24.1.12", + "io_profile": "fast", "bootstrap": false }, "n3" : { @@ -88,6 +94,7 @@ "vcpus": 2, "mac": "52:54:00:31:c2:36", "ip": "172.24.1.13", + "io_profile": "fast", "bootstrap": false } } diff --git a/tools/multi_nodes_gate/airship_gate/manifests/multinode_genesis.json b/tools/multi_nodes_gate/airship_gate/manifests/multinode_genesis.json index dd422f0c..c135ba4f 100644 --- a/tools/multi_nodes_gate/airship_gate/manifests/multinode_genesis.json +++ b/tools/multi_nodes_gate/airship_gate/manifests/multinode_genesis.json @@ -6,8 +6,9 @@ }, "ingress": { "domain": "gate.local", - "172.24.1.5": ["maas"], - "172.24.1.6": ["drydock","shipyard","keystone"] + "ca": "-----BEGIN CERTIFICATE-----\nMIIFJzCCAw+gAwIBAgIJAJrXqOA54qn/MA0GCSqGSIb3DQEBCwUAMB8xCzAJBgNV\nBAYTAlVTMRAwDgYDVQQDDAdyb290LWNhMB4XDTE4MTEwMjE1MTgyNVoXDTM4MTAy\nODE1MTgyNVowHzELMAkGA1UEBhMCVVMxEDAOBgNVBAMMB3Jvb3QtY2EwggIiMA0G\nCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDVJt2qJILBhd5i0NOCfENWD07r3wlb\nI1MSy2pgt2qNzSpn3+gLfnQSMEDtdPFzNcU9FceE8It/W9QYeOx1V2bRX9Jjld2R\n8MFkoHlO+WHd55tblz2Jel5QYlFbjRUscfH7OG65cxa2vao26vyskYLmeNrdY0bi\n03w480ph/152qoFGlKVL3Ozlm6pcrKEwfCzZx/wO1hqAqOxd3fTRbgo3MKKzP1Ov\nsurgxwdSTzO5xL7JPfK3h94G9BeIdfcjIqosg393jTDhFwJ6TxuJUG3jg08mscHb\n/89ZPg5PLF8mLlCKc7WZDbxuo/8Oy7Krlv48LV6hWDelAynMH3X1m7QP2l7gMK+u\nxWFIWcHZ+fncdH9aicszS99e8jiIuCVpnKE/1qoo/Jhi4uR7l5uedxnXM2EqTSA/\nd9b849oTwm22Ykzu1EFCdkYtAU326yAoNEsgaBm8SHVGQ6O1W3iVFYpsTIZ65toB\n6uRv7YK7gIkeJFUCxn1aYXjuXF4hNQrQ4o76iMBOS00WG6qRIoesdj5lD0gGuDmv\nEvEjzkwRTMoUaWMS3BpVg9SRzGRNaWkErP0vbiZcp24ij+JvbPPogxve0MXU6YGt\n/xpYb8XmyR87G1D5tC1GoU5A0iS3Vbwu6r6jBp0+f50HtFlXuU0801ivjK7+LqXi\nKUK6ltnbVXp+iQIDAQABo2YwZDAdBgNVHQ4EFgQU0k/clYYxjK2RjVzNCAvY9FMz\nHv8wHwYDVR0jBBgwFoAU0k/clYYxjK2RjVzNCAvY9FMzHv8wEgYDVR0TAQH/BAgw\nBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBACw8btBg\nyJkQnU1fLrKIFQkxRra5LRtEgnZbqpDt+G9G/c4aauJmLV1txcJFa6qiyWFeaDem\nNnNY9Ft+LL5fZ2SwRI+KA4DvRiFMMbZoJDu5q/LlxCJi32qDlSRpmZfaXymadO/T\nIokryRzBscPFznXTqia/cv6JeSapg3zzRA9r7hB3osJLVQQ5S6HzcYxAmyi7OFYv\n0ZBaEem9KYo5MtKNfF21XpoK0T6/z1Jryjz5uNfvLXGHrMW0/rfrRiTa60JiH5r9\nIwyboh/CVrPnU7jC4GtkkE9pCMvaJhrlquf3pCkPIwkIHI0rK2cr1VYi2EFcEGsm\niwqZcA+PX7NWVhJAcUiBRUYqXPltC2EKogX6GMnos7Gczr4f0AqXap3VG9oMRZu8\nDWBxwnfRQrnyAx1G+ZgpOVpbjbb/kpxKCurPEb7xyew9NAOipaKrXWioUiTu54Gn\nTeZXU3tW6nSgq/OV3xWN1hzFQJ0JG45APEjv1UCphvU1DVHOvpiFZXZGUAObDIvv\nZUO/ngtoFv5RRyHJ5EkSIO0jDKRU5dQ+J7LEXsH1aK/ErPX4n52oyD/xX9h6MF0m\nzaItjJ6r6d8+c4xCgsIjDbylU71IvmzUYneGN5cVsavEI93KDJLz0brouK12+UB2\nz4S968kA+qCbBOYTkiGJWyjuJq3o/QJjQivF\n-----END CERTIFICATE-----", + "172.24.1.5": ["maas-nc"], + "172.24.1.6": ["drydock-nc","shipyard-nc","iam-nc"] }, "stages": [ { @@ -18,10 +19,6 @@ "name": "Pegleg Collection", "script": "pegleg-collect.sh" }, - { - "name": "Populate Image Cache", - "script": "registry-load.sh" - }, { "name": "Generate Certificates", "script": "generate-certificates.sh" @@ -43,6 +40,11 @@ "name": "Genesis", "script": "genesis.sh", "on_error": "collect_genesis_info.sh" + }, + { + "name": "Validate Genesis", + "script": "validate-genesis.sh", + "on_error": "collect_genesis_info.sh" } ], "vm": { @@ -56,7 +58,7 @@ }, "n0" : { "memory": 16384, - "vcpus": 8, + "vcpus": 12, "mac": "52:54:00:00:a4:31", "ip": "172.24.1.10", "bootstrap": true diff --git a/tools/multi_nodes_gate/airship_gate/stages/pegleg-collect.sh b/tools/multi_nodes_gate/airship_gate/stages/pegleg-collect.sh index 103278f2..38807929 100755 --- a/tools/multi_nodes_gate/airship_gate/stages/pegleg-collect.sh +++ b/tools/multi_nodes_gate/airship_gate/stages/pegleg-collect.sh @@ -39,7 +39,7 @@ render_pegleg_cli() { then for r in ${aux_repos[*]} do - cli_string="${cli_string} -a ${r}" + cli_string="${cli_string} -a /workspace/${r}" done fi diff --git a/tools/multi_nodes_gate/airship_gate/stages/validate-genesis.sh b/tools/multi_nodes_gate/airship_gate/stages/validate-genesis.sh new file mode 100755 index 00000000..16c1d81c --- /dev/null +++ b/tools/multi_nodes_gate/airship_gate/stages/validate-genesis.sh @@ -0,0 +1,30 @@ +#!/usr/bin/env bash +# Copyright 2018 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e + +source "${GATE_UTILS}" + +# Copies script and virtmgr private key to genesis VM +rsync_cmd "${SCRIPT_DEPOT}/validate-genesis.sh" "${GENESIS_NAME}:/root/airship/" + +set -o pipefail +ssh_cmd "${GENESIS_NAME}" /root/airship/validate-genesis.sh 2>&1 | tee -a "${LOG_FILE}" +set +o pipefail + +if ! ssh_cmd n0 docker images | tail -n +2 | grep -v registry:5000 ; then + log_warn "Using some non-cached docker images. This will slow testing." + ssh_cmd n0 docker images | tail -n +2 | grep -v registry:5000 | tee -a "${LOG_FILE}" +fi diff --git a/tools/multi_nodes_gate/airship_gate/templates/ingress_corefile.sub b/tools/multi_nodes_gate/airship_gate/templates/ingress_corefile.sub index 146e8a5f..4ac181c9 100644 --- a/tools/multi_nodes_gate/airship_gate/templates/ingress_corefile.sub +++ b/tools/multi_nodes_gate/airship_gate/templates/ingress_corefile.sub @@ -4,6 +4,6 @@ ${DNS_DOMAIN} { } . { - forward . ${UPSTREAM_DNS} + forward . ${DNS_SERVERS} log } diff --git a/tools/multi_nodes_gate/airship_gate/templates/network-config.sub b/tools/multi_nodes_gate/airship_gate/templates/network-config.sub index fe4472ff..b41b60de 100644 --- a/tools/multi_nodes_gate/airship_gate/templates/network-config.sub +++ b/tools/multi_nodes_gate/airship_gate/templates/network-config.sub @@ -8,6 +8,4 @@ config: address: ${BR_IP_NODE}/24 gateway: 172.24.1.1 - type: nameserver - address: - - 8.8.8.8 - - 8.8.4.4 + address: [${DNS_SERVERS}] diff --git a/tools/multi_nodes_gate/airship_gate/templates/user-data.sub b/tools/multi_nodes_gate/airship_gate/templates/user-data.sub index a1193c85..dd29de4e 100644 --- a/tools/multi_nodes_gate/airship_gate/templates/user-data.sub +++ b/tools/multi_nodes_gate/airship_gate/templates/user-data.sub @@ -4,6 +4,8 @@ disable_root: false hostname: ${NAME} manage_etc_hosts: false +package_update: true +apt_preserve_sources_list: true ssh_authorized_keys: - ${SSH_PUBLIC_KEY}