rebase/merge

README.md

@@ -22,7 +22,7 @@ For general PowerVS usage instructions please refer to the following links:
 - https://www.youtube.com/playlist?list=PLVrJaTKVPbKM_9HU8fm4QsklgzLGUwFpv
 
 
-:heavy_exclamation_mark: **Ensure that you're working from the desired release-specific version of this `README` as you deploy by first selecting the appropriate branch from the drop-down above. At the time of this writing, the latest release is 4.5: [README](https://github.com/ocp-power-automation/ocp4-upi-powervs/tree/release-4.5). The `README` document located in the `master` branch changes frequently and should not be considered final.**
+:information_source: **This branch must be used with latest OCP pre-release versions only. For stable releases please checkout specific release branches - {release-4.5, release-4.6 ...} and follow the docs.**
 
 
 ## Automation Host Prerequisites

docs/automation_host_prereqs.md

@@ -2,10 +2,18 @@
 # Automation Host Prerequisites
 
 - [Automation Host Prerequisites](#automation-host-prerequisites)
+  - [Configure Your Firewall](#configure-your-firewall)
   - [Automation Host Setup](#automation-host-setup)
     - [Terraform](#terraform)
     - [PowerVS CLI](#powervs-cli)
-    - [Git [*OPTIONAL*]](#git-optional)
+    - [Git](#git)
+
+## Configure Your Firewall
+If your automation host is behind a firewall, you will need to ensure the following ports are open in order to use ssh, http, and https:
+- 22, 443, 80
+
+These additional ports are required for the ocp cli (`oc`) post-install:
+- 6443
 
 ## Automation Host Setup
 
@@ -19,6 +27,6 @@ Install the following packages on the automation host. Select the appropriate in
 
 **PowerVS CLI**: Please download and install the CLI by referring to the following [instructions](https://cloud.ibm.com/docs/power-iaas-cli-plugin?topic=power-iaas-cli-plugin-power-iaas-cli-reference). Alternatively, you can use IBM Cloud [shell](https://cloud.ibm.com/shell) directly from the browser itself.
 
-### Git [*OPTIONAL*]
+### Git
 
 **Git**:  Please refer to the [link](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) for instructions on installing Git.

docs/quickstart.md

@@ -15,24 +15,14 @@
 
 ## Download the Automation Code
 
-Head to the [release](https://github.com/ocp-power-automation/ocp4-upi-powervs/releases) page and download the latest stable release.
-Extract the release bundle on your system.
+You'll need to use git to clone the deployment code when working off the master branch
 
-You can also use `curl` or `wget` to download the stable release code as shown below.
 ```
-$ curl -L https://github.com/ocp-power-automation/ocp4-upi-powervs/archive/v4.5.zip -o v4.5.zip
-$ unzip v4.5.zip
-$ cd ocp4-upi-powervs-4.5
+$ git clone https://github.com/ocp-power-automation/ocp4-upi-powervs.git
+$ cd ocp4-upi-powervs
 ```
 
-You can also clone git repository on your system.
-Ensure you checkout the release branch when using git.
-```
-$ git clone https://github.com/ocp-power-automation/ocp4-upi-powervs.git -b release-4.5 ocp4-upi-powervs-4.5
-$ cd ocp4-upi-powervs-4.5
-```
-
-All further instructions assumes you are in the code directory eg. `ocp4-upi-powervs-4.5`
+All further instructions assumes you are in the code directory eg. `ocp4-upi-powervs`
 
 ## Setup Terraform Variables
 

docs/var.tfvars-doc.md

@@ -68,9 +68,11 @@ worker      = {memory      = "32",   processors  = "0.5",  "count"   = 2}
 
 `memory` is in `GBs` and `count` specifies the number of VMs that should be created for each type.
 
-To enable high availability (HA) for cluster services running on the bastion set the `bastion.count` value to 2. Note that in case of HA, the automation will not setup additional storage (eg: NFS). Value 1 for `bastion.count` implies the default non-HA bastion setup.
+To enable high availability (HA) for cluster services running on the bastion set the bastion `count` value to 2. 
+Note that in case of HA, the automation will not setup NFS storage. `count` of 1 for bastion implies the default non-HA bastion setup.
 
-You can optionally set worker.count value to 0 in which case all the clusters pods will be running on the master/supervisor nodes. Ensure you use proper sizing for master/supervisor nodes to avoid resource starvation for containers.
+You can optionally set the worker `count` value to 0 in which case all the cluster pods will be running on the master/supervisor nodes. 
+Ensure you use proper sizing for master/supervisor nodes to avoid resource starvation for containers.
 
 For PowerVS processors are equal to entitled physical count. So **N** processors == **N** physical core entitlements == **ceil[N]** vCPUs.
 Here are some examples to help you understand the relationship.
@@ -89,10 +91,10 @@ Here are some examples to help you understand the relationship.
   ```
 
 These set of variables specify the RHEL and RHCOS boot image names. These images should have been already imported in your PowerVS service instance.
-Change the image names according to your environment.
+Change the image names according to your environment. Ensure that you use the correct RHCOS image specific to the pre-release version
 ```
-rhel_image_name     = "rhel-8.2"
-rhcos_image_name    = "rhcos-4.5.4"
+rhel_image_name     = "<rhel_or_centos_image-name>"
+rhcos_image_name    = "<rhcos-image-name>"
 ```
 Note that the boot images should have a minimum disk size of 120GB
 
@@ -123,6 +125,7 @@ Create the SSH key-pair and keep it under the `data` directory
 
 These set of variables specify the RHEL subscription details.
 This is sensitive data, and if you don't want to save it on disk, use environment variables `RHEL_SUBS_USERNAME` and `RHEL_SUBS_PASSWORD` and pass them to `terraform apply` command as shown in the [Quickstart guide](./quickstart.md#setup-terraform-variables).
+If you are using CentOS as the bastion image, then leave these variables as-is.
 
 ```
 rhel_subscription_username  = "user@test.com"
@@ -139,10 +142,11 @@ rhel_smt                    = 4
 ### OpenShift Installation Details
 
 These variables specify the URL for the OpenShift installer and client binaries.
-Change the URL to the specific version that you want to install on PowerVS.
+Change the URL to the specific pre-release version that you want to install on PowerVS.
+Reference link - `https://mirror.openshift.com/pub/openshift-v4/ppc64le/clients/ocp-dev-preview`
 ```
-openshift_install_tarball   = "https://mirror.openshift.com/pub/openshift-v4/ppc64le/clients/ocp/4.5.4/openshift-install-linux.tar.gz"
-openshift_client_tarball    = "https://mirror.openshift.com/pub/openshift-v4/ppc64le/clients/ocp/4.5.4/openshift-client-linux.tar.gz"
+openshift_install_tarball   = "https://mirror.openshift.com/pub/openshift-v4/ppc64le/clients/ocp-dev-preview/latest/openshift-install-linux.tar.gz"
+openshift_client_tarball    = "https://mirror.openshift.com/pub/openshift-v4/ppc64le/clients/ocp-dev-preview/latest/openshift-client-linux.tar.gz"
 ```
 
 This variable specifies the OpenShift pull secret. This is available from the following link -  https://cloud.redhat.com/openshift/install/power/user-provisioned

modules/1_prepare/prepare.tf

@@ -184,7 +184,7 @@ EOF
 }
 
 resource "null_resource" "bastion_register" {
-    count       = var.rhel_subscription_username != "" ? local.bastion_count : 0
+    count       = var.rhel_subscription_username == "" || var.rhel_subscription_username  == "<subscription-id>" ? 0 : local.bastion_count
     depends_on  = [null_resource.bastion_init, null_resource.setup_proxy_info]
     triggers = {
         external_ip     = data.ibm_pi_instance_ip.bastion_public_ip[count.index].external_ip
@@ -204,10 +204,6 @@ resource "null_resource" "bastion_register" {
 
     provisioner "remote-exec" {
         inline = [<<EOF
-# FIX for existing stale repos
-echo "Moving all file from /etc/yum.repos.d/ to /etc/yum.repos.d.bak/"
-mkdir /etc/yum.repos.d.bak/
-mv /etc/yum.repos.d/* /etc/yum.repos.d.bak/
 
 # Give some more time to subscription-manager
 sudo subscription-manager config --server.server_timeout=600

modules/5_install/install.tf

@@ -50,6 +50,7 @@ locals {
         cluster_domain  = local.cluster_domain
         cluster_id      = var.cluster_id
         bastion_ip      = var.bastion_vip != "" ? var.bastion_vip : var.bastion_ip[0]
+        bastion_name    = var.bastion_vip != "" ? "${var.cluster_id}-bastion" : "${var.cluster_id}-bastion-0"
         isHA            = var.bastion_vip != ""
         bastion_master_ip   = var.bastion_ip[0]
         bastion_backup_ip   = length(var.bastion_ip) > 1 ? slice(var.bastion_ip, 1, length(var.bastion_ip)) : []
@@ -93,10 +94,10 @@ locals {
     }
 
     install_inventory = {
-        bastion_ip      = var.bastion_ip
-        bootstrap_ip    = var.bootstrap_ip
-        master_ips      = var.master_ips
-        worker_ips      = var.worker_ips
+        bastion_hosts   = [for ix in range(length(var.bastion_ip)) : "${var.cluster_id}-bastion-${ix}"]
+        bootstrap_host  = "bootstrap"
+        master_hosts    = [for ix in range(length(var.master_ips)) : "master-${ix}"]
+        worker_hosts    = [for ix in range(length(var.worker_ips)) : "worker-${ix}"]
     }
 
     proxy = {

modules/5_install/templates/helpernode_vars.yaml

@@ -1,7 +1,7 @@
 ---
 disk: vda
 helper:
-  name: "${cluster_id}-bastion"
+  name: "${bastion_name}"
   ipaddr: "${bastion_ip}"
 %{ if isHA }
 high_availability:

modules/5_install/templates/install_inventory

@@ -1,17 +1,17 @@
 [bastion]
-%{ for ip in bastion_ip ~}
-${ip} ansible_connection=ssh ansible_user=root
+%{ for bastion in bastion_hosts ~}
+${bastion} ansible_connection=ssh ansible_user=root
 %{ endfor ~}
 
 [bootstrap]
-${bootstrap_ip} ansible_connection=ssh ansible_user=core
+${bootstrap_host} ansible_connection=ssh ansible_user=core
 
 [masters]
-%{ for master in master_ips ~}
+%{ for master in master_hosts ~}
 ${master} ansible_connection=ssh ansible_user=core
 %{ endfor ~}
 
 [workers]
-%{ for worker in worker_ips ~}
+%{ for worker in worker_hosts ~}
 ${worker} ansible_connection=ssh ansible_user=core
 %{ endfor ~}

var.tfvars

@@ -26,15 +26,15 @@ network_name                = "ocp-net"
 rhel_username               = "root"
 public_key_file             = "data/id_rsa.pub"
 private_key_file            = "data/id_rsa"
-rhel_subscription_username  = "<subscription-id>"
-rhel_subscription_password  = "<subscription-password>"
+rhel_subscription_username  = "<subscription-id>"          #Leave this as-is if using CentOS as bastion image
+rhel_subscription_password  = "<subscription-password>"    #Leave this as-is if using CentOS as bastion image
 rhel_smt                    = 4
 
 
 ### OpenShift Installation Details
 
-openshift_install_tarball   = "https://mirror.openshift.com/pub/openshift-v4/ppc64le/clients/ocp-dev-preview/latest-4.6/openshift-install-linux.tar.gz"
-openshift_client_tarball    = "https://mirror.openshift.com/pub/openshift-v4/ppc64le/clients/ocp-dev-preview/latest-4.6/openshift-client-linux.tar.gz"
+openshift_install_tarball   = "https://mirror.openshift.com/pub/openshift-v4/ppc64le/clients/ocp-dev-preview/latest/openshift-install-linux.tar.gz"
+openshift_client_tarball    = "https://mirror.openshift.com/pub/openshift-v4/ppc64le/clients/ocp-dev-preview/latest/openshift-client-linux.tar.gz"
 pull_secret_file            = "data/pull-secret.txt"
 
 cluster_domain              = "ibm.com"  #Set domain to nip.io or xip.io if you prefer using online wildcard domain and avoid modifying /etc/hosts