This repository has been archived by the owner on Jul 23, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This adds ironic to the bootstrap VM. We'll need to make this conditional on the platform, but for now this gets added unconditionally like mdns/keepalived. Also this doesn't yet support CACHEURL so the image downloads can take a while, we'll need some way to ensure the master deployment waits until the images are ready and that's still TODO.
- Loading branch information
Steven Hardy
committed
Jun 14, 2019
1 parent
27dc191
commit e0a6a42
Showing
5 changed files
with
102 additions
and
2 deletions.
There are no files selected for viewing
73 changes: 73 additions & 0 deletions
73
data/data/bootstrap/baremetal/files/usr/local/bin/startironic.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
#!/bin/bash | ||
|
||
set -ex | ||
|
||
IRONIC_IMAGE=${IRONIC_IMAGE:-"quay.io/metal3-io/ironic:master"} | ||
IRONIC_INSPECTOR_IMAGE=${IRONIC_INSPECTOR_IMAGE:-"quay.io/metal3-io/ironic-inspector:master"} | ||
IPA_DOWNLOADER_IMAGE=${IPA_DOWNLOADER_IMAGE:-"quay.io/metal3-io/ironic-ipa-downloader:master"} | ||
COREOS_DOWNLOADER_IMAGE=${COREOS_DOWNLOADER_IMAGE:-"quay.io/openshift-metal3/rhcos-downloader:master"} | ||
|
||
# FIXME this should be provided by the installer | ||
RHCOS_IMAGE_URL="https://releases-art-rhcos.svc.ci.openshift.org/art/storage/releases/ootpa/410.8.20190508.1/" | ||
|
||
# Start the provisioning nic if not already started | ||
# FIXME we should detect the nic in the ironic container (currently relies on the ifname, and won't pick | ||
# up the description added here) | ||
# FIXME The IP/subnet and gateway should be provided via survey input? | ||
# FIXME: the ironic containers currently bind to all interfaces, which is not secure in the | ||
# case of the cluster, but we'll need the installer to access the public nic on the boostrap node | ||
# so probably we'll need a forwarding rule after https://github.com/metal3-io/ironic-image/pull/56 | ||
PROVISIONING_NIC=ens4 | ||
if ! nmcli -t device | grep "$PROVISIONING_NIC:ethernet:connected:provisioning"; then | ||
nmcli c add type ethernet ifname $PROVISIONING_NIC con-name provisioning ip4 172.22.0.2/24 gw4 172.22.0.1 | ||
fi | ||
|
||
# set password for mariadb | ||
mariadb_password=$(echo $(date;hostname)|sha256sum |cut -c-20) | ||
|
||
IRONIC_SHARED_VOLUME="ironic" | ||
podman volume create $IRONIC_SHARED_VOLUME || true | ||
|
||
# Add firewall rules to ensure the IPA ramdisk can reach httpd, Ironic and the Inspector API on the host | ||
for port in 80 5050 6385 ; do | ||
if ! sudo iptables -C INPUT -i $PROVISIONING_NIC -p tcp -m tcp --dport $port -j ACCEPT > /dev/null 2>&1; then | ||
sudo iptables -I INPUT -i $PROVISIONING_NIC -p tcp -m tcp --dport $port -j ACCEPT | ||
fi | ||
done | ||
|
||
# Start dnsmasq, http, mariadb, and ironic containers using same image | ||
# FIXME with the current version of podman/libpod on the bootstrap VM this | ||
# breaks when trying to use a pod to encapsulate the containers | ||
podman run -d --net host --privileged --name dnsmasq \ | ||
--env PROVISIONING_INTERFACE=$PROVISIONING_NIC \ | ||
-v $IRONIC_SHARED_VOLUME:/shared:z --entrypoint /bin/rundnsmasq ${IRONIC_IMAGE} | ||
|
||
podman run -d --net host --privileged --name httpd \ | ||
--env PROVISIONING_INTERFACE=$PROVISIONING_NIC \ | ||
-v $IRONIC_SHARED_VOLUME:/shared:z --entrypoint /bin/runhttpd ${IRONIC_IMAGE} | ||
|
||
podman run -d --net host --privileged --name mariadb \ | ||
-v $IRONIC_SHARED_VOLUME:/shared:z --entrypoint /bin/runmariadb \ | ||
--env MARIADB_PASSWORD=$mariadb_password ${IRONIC_IMAGE} | ||
|
||
podman run -d --net host --name ipa-downloader \ | ||
-v $IRONIC_SHARED_VOLUME:/shared:z ${IPA_DOWNLOADER_IMAGE} /usr/local/bin/get-resource.sh | ||
|
||
podman run -d --net host --name coreos-downloader \ | ||
-v $IRONIC_SHARED_VOLUME:/shared:z ${COREOS_DOWNLOADER_IMAGE} /usr/local/bin/get-resource.sh $RHCOS_IMAGE_URL | ||
|
||
podman run -d --net host --privileged --name ironic-inspector \ | ||
--env PROVISIONING_INTERFACE=$PROVISIONING_NIC \ | ||
-v $IRONIC_SHARED_VOLUME:/shared:z "${IRONIC_INSPECTOR_IMAGE}" | ||
|
||
podman run -d --net host --privileged --name ironic \ | ||
--env MARIADB_PASSWORD=$mariadb_password \ | ||
--env PROVISIONING_INTERFACE=$PROVISIONING_NIC \ | ||
-v $IRONIC_SHARED_VOLUME:/shared:z ${IRONIC_IMAGE} | ||
|
||
while true; do | ||
for name in ironic ironic-inspector dnsmasq httpd mariadb ipa-downloader coreos-downloader; do | ||
podman ps | grep -w "$name$" || exit 1 | ||
done | ||
sleep 10 | ||
done |
8 changes: 8 additions & 0 deletions
8
data/data/bootstrap/baremetal/files/usr/local/bin/stopironic.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
#!/bin/bash | ||
|
||
set -x | ||
|
||
for name in ironic ironic-inspector dnsmasq httpd mariadb ipa-downloader coreos-downloader; do | ||
podman ps | grep -w "$name$" && podman kill $name | ||
podman ps --all | grep -w "$name$" && podman rm $name -f | ||
done |
16 changes: 16 additions & 0 deletions
16
data/data/bootstrap/baremetal/systemd/units/ironic.service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
[Unit] | ||
Description=Baremetal Deployment with Ironic | ||
Wants=network-online.target | ||
After=network-online.target | ||
|
||
[Service] | ||
ExecStart=/usr/local/bin/startironic.sh | ||
ExecStop=/usr/local/bin/stopironic.sh | ||
ConditionPathExists=!/etc/pivot/image-pullspec | ||
|
||
Restart=on-failure | ||
RestartSec=5 | ||
TimeoutStartSec=600 | ||
|
||
[Install] | ||
WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters