Skip to content

Commit

Permalink
Add ISO mounting capabilities:
Browse files Browse the repository at this point in the history 
In config.yaml `bootMode` can be set to
either `iso` or `netboot`. This allows for
testing the all layer 3 provisioning with `iso`.

Signed-off-by: Jacob Weinstock <[email protected]>
  • Loading branch information
@jacobweinstock
jacobweinstock committed Nov 27, 2024
1 parent 20d030d commit 275fe31
Show file tree
Hide file tree
Showing 6 changed files with 318 additions and 3 deletions.
1 change: 1 addition & 0 deletions capt/config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,4 @@ virtualBMC:
image: ghcr.io/jacobweinstock/virtualbmc:latest
user: "root"
pass: "calvin"
bootMode: netboot
1 change: 1 addition & 0 deletions capt/scripts/generate_state.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@ cluster:
controlPlane:
vip: 172.18.10.75
podCIDR: 172.100.0.0/16
bootMode: netboot
EOF

set -euo pipefail
Expand Down
8 changes: 6 additions & 2 deletions capt/tasks/Taskfile-capi.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ tasks:
- grep -q "{{.KUBE_VERSION}}" {{.OUTPUT_DIR}}/prekustomization.yaml

create-kustomize-file:
run: once
#run: once
summary: |
Kustomize file for the CAPI generated config file (prekustomization.yaml).
env:
Expand Down Expand Up @@ -128,12 +128,16 @@ tasks:
sh: yq eval '.versions.kube' {{.STATE_FILE_FQ_PATH}}
OUTPUT_DIR:
sh: yq eval '.outputDir' config.yaml
BOOTMODE:
sh: yq eval '.bootMode' {{.STATE_FILE_FQ_PATH}}
KUSTOMIZE_FILE:
sh: "[[ {{.BOOTMODE}} == 'iso' ]] && echo kustomization-iso.tmpl || echo kustomization-netboot.tmpl"
sources:
- config.yaml
generates:
- "{{.OUTPUT_DIR}}/kustomization.yaml"
cmds:
- envsubst "$(printf '${%s} ' $(env | cut -d'=' -f1))" < templates/kustomization.tmpl > {{.OUTPUT_DIR}}/kustomization.yaml
- envsubst "$(printf '${%s} ' $(env | cut -d'=' -f1))" < templates/{{.KUSTOMIZE_FILE}} > {{.OUTPUT_DIR}}/kustomization.yaml

apply-kustomization:
run: once
Expand Down
11 changes: 10 additions & 1 deletion capt/tasks/Taskfile-create.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,8 +113,17 @@ tasks:
LOCATION:
sh: yq eval '.chart.location' {{.STATE_FILE_FQ_PATH}}
CHART_NAME: tink-stack
BOOTMODE:
sh: yq eval '.bootMode' {{.STATE_FILE_FQ_PATH}}
SET_VARS:
- global.trustedProxies={"{{.TRUSTED_PROXIES}}"}
- global.publicIP={{.LB_IP}}
- stack.hook.extension=both
- smee.iso.enabled=true
- smee.iso.url=http://{{.LB_IP}}:8080/hook-latest-lts-x86_64-efi-initrd.iso
- smee.iso.staticIPAMEnabled=true
cmds:
- KUBECONFIG="{{.KUBECONFIG}}" helm install {{.CHART_NAME}} {{.LOCATION}} --version "{{.STACK_CHART_VERSION}}" --create-namespace --namespace {{.NAMESPACE}} --wait --set "global.trustedProxies={"{{.TRUSTED_PROXIES}}"}" --set "global.publicIP={{.LB_IP}}" --set "stack.hook.extensio=both" --set "smee.iso.enabled=true" --set "smee.iso.url=http://{{.LB_IP}}:8080/hook-latest-lts-x86_64-efi-initrd.iso" --set "smee.iso.staticIPAMEnabled=true"
- KUBECONFIG="{{.KUBECONFIG}}" helm install {{.CHART_NAME}} {{.LOCATION}} --version "{{.STACK_CHART_VERSION}}" --create-namespace --namespace {{.NAMESPACE}} --wait {{range .SET_VARS}}--set "{{.}}" {{end}} {{- if eq .BOOTMODE "iso" }} --set "smee.dhcp.enabled=false" --set "stack.relay.enabled=false" {{end}}
status:
- KUBECONFIG="{{.KUBECONFIG}}" helm list -n {{.NAMESPACE}} | grep -q {{.CHART_NAME}}

Expand Down
300 changes: 300 additions & 0 deletions capt/templates/kustomization-iso.tmpl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,300 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: $NAMESPACE
resources:
- prekustomization.yaml
patches:
- target:
group: infrastructure.cluster.x-k8s.io
kind: TinkerbellMachineTemplate
name: ".*control-plane.*"
version: v1beta1
patch: |-
- op: add
path: /spec/template/spec
value:
bootOptions:
bootMode: iso
isoURL: "http://$TINKERBELL_VIP:7171/iso/:macAddress/hook.iso"
hardwareAffinity:
required:
- labelSelector:
matchLabels:
tinkerbell.org/role: control-plane
templateOverride: |
version: "0.1"
name: playground-template
global_timeout: 6000
tasks:
- name: "playground-template"
worker: "{{.device_1}}"
volumes:
- /dev:/dev
- /dev/console:/dev/console
- /lib/firmware:/lib/firmware:ro
actions:
- name: "stream image"
image: quay.io/tinkerbell/actions/oci2disk
timeout: 1200
environment:
IMG_URL: $OS_REGISTRY/$OS_DISTRO-$OS_VERSION:$KUBE_VERSION.gz
DEST_DISK: {{ index .Hardware.Disks 0 }}
COMPRESSED: true
- name: "add tink cloud-init config"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
DEST_DISK: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
FS_TYPE: ext4
DEST_PATH: /etc/cloud/cloud.cfg.d/10_tinkerbell.cfg
UID: 0
GID: 0
MODE: 0600
DIRMODE: 0700
CONTENTS: |
datasource:
Ec2:
metadata_urls: ["http://$TINKERBELL_VIP:50061"]
strict_id: false
system_info:
default_user:
name: tink
groups: [wheel, adm]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/bash
manage_etc_hosts: localhost
warnings:
dsid_missing_source: off
- name: "disable cloud-init networking"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
CONTENTS: 'network: {config: disabled}'
DEST_DISK: '{{ formatPartition ( index .Hardware.Disks 0 ) 1 }}'
DEST_PATH: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
DIRMODE: "0700"
FS_TYPE: ext4
GID: "0"
MODE: "0600"
UID: "0"
- name: "create static netplan"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
CONTENTS: |
network:
version: 2
renderer: networkd
ethernets:
id0:
match:
macaddress: {{ (index .Hardware.Interfaces 0).DHCP.MAC }}
addresses:
- {{ (index .Hardware.Interfaces 0).DHCP.IP.Address }}/16
nameservers:
addresses: [{{ (index .Hardware.Interfaces 0).DHCP.NameServers | join ","}}]
routes:
- to: default
via: {{ (index .Hardware.Interfaces 0).DHCP.IP.Gateway }}
DEST_DISK: '{{ formatPartition ( index .Hardware.Disks 0 ) 1 }}'
DEST_PATH: /etc/netplan/config.yaml
DIRMODE: "0755"
FS_TYPE: ext4
GID: "0"
MODE: "0600"
UID: "0"
- name: "add tink cloud-init ds-config"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
DEST_DISK: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
FS_TYPE: ext4
DEST_PATH: /etc/cloud/ds-identify.cfg
UID: 0
GID: 0
MODE: 0600
DIRMODE: 0700
CONTENTS: |
datasource: Ec2
- name: "kexec image"
image: ghcr.io/jacobweinstock/waitdaemon:0.2.1
timeout: 90
pid: host
environment:
BLOCK_DEVICE: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
FS_TYPE: ext4
IMAGE: quay.io/tinkerbell/actions/kexec
WAIT_SECONDS: 5
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- target:
group: infrastructure.cluster.x-k8s.io
kind: TinkerbellMachineTemplate
name: ".*worker.*"
version: v1beta1
patch: |-
- op: add
path: /spec/template/spec
value:
bootOptions:
bootMode: iso
isoURL: "http://$TINKERBELL_VIP:7171/iso/:macAddress/hook.iso"
hardwareAffinity:
required:
- labelSelector:
matchLabels:
tinkerbell.org/role: worker
templateOverride: |
version: "0.1"
name: playground-template
global_timeout: 6000
tasks:
- name: "playground-template"
worker: "{{.device_1}}"
volumes:
- /dev:/dev
- /dev/console:/dev/console
- /lib/firmware:/lib/firmware:ro
actions:
- name: "stream image"
image: quay.io/tinkerbell/actions/oci2disk
timeout: 1200
environment:
IMG_URL: $OS_REGISTRY/$OS_DISTRO-$OS_VERSION:$KUBE_VERSION.gz
DEST_DISK: {{ index .Hardware.Disks 0 }}
COMPRESSED: true
- name: "add tink cloud-init config"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
DEST_DISK: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
FS_TYPE: ext4
DEST_PATH: /etc/cloud/cloud.cfg.d/10_tinkerbell.cfg
UID: 0
GID: 0
MODE: 0600
DIRMODE: 0700
CONTENTS: |
datasource:
Ec2:
metadata_urls: ["http://$TINKERBELL_VIP:50061"]
strict_id: false
system_info:
default_user:
name: tink
groups: [wheel, adm]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/bash
manage_etc_hosts: localhost
warnings:
dsid_missing_source: off
- name: "disable cloud-init networking"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
CONTENTS: 'network: {config: disabled}'
DEST_DISK: '{{ formatPartition ( index .Hardware.Disks 0 ) 1 }}'
DEST_PATH: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
DIRMODE: "0700"
FS_TYPE: ext4
GID: "0"
MODE: "0600"
UID: "0"
- name: "create static netplan"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
CONTENTS: |
network:
version: 2
renderer: networkd
ethernets:
id0:
match:
macaddress: {{ (index .Hardware.Interfaces 0).DHCP.MAC }}
addresses:
- {{ (index .Hardware.Interfaces 0).DHCP.IP.Address }}/16
nameservers:
addresses: [{{ (index .Hardware.Interfaces 0).DHCP.NameServers | join ","}}]
routes:
- to: default
via: {{ (index .Hardware.Interfaces 0).DHCP.IP.Gateway }}
DEST_DISK: '{{ formatPartition ( index .Hardware.Disks 0 ) 1 }}'
DEST_PATH: /etc/netplan/config.yaml
DIRMODE: "0755"
FS_TYPE: ext4
GID: "0"
MODE: "0600"
UID: "0"
- name: "add tink cloud-init ds-config"
image: quay.io/tinkerbell/actions/writefile
timeout: 90
environment:
DEST_DISK: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
FS_TYPE: ext4
DEST_PATH: /etc/cloud/ds-identify.cfg
UID: 0
GID: 0
MODE: 0600
DIRMODE: 0700
CONTENTS: |
datasource: Ec2
- name: "kexec image"
image: ghcr.io/jacobweinstock/waitdaemon:0.2.1
timeout: 90
pid: host
environment:
BLOCK_DEVICE: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }}
FS_TYPE: ext4
IMAGE: quay.io/tinkerbell/actions/kexec
WAIT_SECONDS: 5
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- target:
group: infrastructure.cluster.x-k8s.io
kind: TinkerbellCluster
name: ".*"
version: v1beta1
patch: |-
- op: add
path: /spec
value:
imageLookupBaseRegistry: "$OS_REGISTRY"
imageLookupOSDistro: "$OS_DISTRO"
imageLookupOSVersion: "$VERSIONS_OS"
- target:
group: bootstrap.cluster.x-k8s.io
kind: KubeadmConfigTemplate
name: "$CLUSTER_NAME-.*"
version: v1beta1
patch: |-
- op: add
path: /spec/template/spec/users
value:
- name: tink
sudo: ALL=(ALL) NOPASSWD:ALL
sshAuthorizedKeys:
- $SSH_AUTH_KEY
- target:
group: controlplane.cluster.x-k8s.io
kind: KubeadmControlPlane
name: "$CLUSTER_NAME-.*"
version: v1beta1
patch: |-
- op: add
path: /spec/kubeadmConfigSpec/users
value:
- name: tink
sudo: ALL=(ALL) NOPASSWD:ALL
sshAuthorizedKeys:
- $SSH_AUTH_KEY
- target:
group: controlplane.cluster.x-k8s.io
kind: KubeadmControlPlane
name: "$CLUSTER_NAME-.*"
version: v1beta1
patch: |-
- op: add
path: /spec/kubeadmConfigSpec/preKubeadmCommands
value:
- mkdir -p /etc/kubernetes/manifests && ctr images pull ghcr.io/kube-vip/kube-vip:v$KUBEVIP_VERSION && ctr run --rm --net-host ghcr.io/kube-vip/kube-vip:v$KUBEVIP_VERSION vip /kube-vip manifest pod --arp --interface $(ip -4 -j route list default | jq -r .[0].dev) --address $CONTROL_PLANE_VIP --controlplane --leaderElection --k8sConfigPath $CONF_PATH > /etc/kubernetes/manifests/kube-vip.yaml
0 capt/templates/kustomization.tmpl → capt/templates/kustomization-netboot.tmpl
View file
File renamed without changes.

0 comments on commit 275fe31

Please sign in to comment.