Merge pull request #391 from dtantsur/metal-163-4.13-alt

OCPBUGS-23504: hack for deploying V6-only clusters from dualstack hubs
openshift · Nov 23, 2023 · b5eb7b6 · b5eb7b6
2 parents d3afe5b + 9693610
commit b5eb7b6
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 33 deletions.
diff --git a/provisioning/baremetal_pod.go b/provisioning/baremetal_pod.go
@@ -26,7 +26,6 @@ import (
 	"k8s.io/apimachinery/pkg/api/equality"
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/client-go/kubernetes"
 	appsclientv1 "k8s.io/client-go/kubernetes/typed/apps/v1"
 	"k8s.io/utils/pointer"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -57,7 +56,6 @@ const (
 	ironicCertEnvVar                 = "IRONIC_CACERT_FILE"
 	sshKeyEnvVar                     = "IRONIC_RAMDISK_SSH_KEY"
 	externalIpEnvVar                 = "IRONIC_EXTERNAL_IP"
-	externalUrlEnvVar                = "IRONIC_EXTERNAL_URL_V6"
 	ironicProxyEnvVar                = "IRONIC_REVERSE_PROXY_SETUP"
 	inspectorProxyEnvVar             = "INSPECTOR_REVERSE_PROXY_SETUP"
 	ironicPrivatePortEnvVar          = "IRONIC_PRIVATE_PORT"
@@ -279,34 +277,36 @@ func setIronicExternalIp(name string, config *metal3iov1alpha1.ProvisioningSpec)
 	}
 }
 
-func setIronicExternalUrl(client kubernetes.Interface, config *metal3iov1alpha1.ProvisioningSpec, namespace string) corev1.EnvVar {
-	if config.ProvisioningNetwork != metal3iov1alpha1.ProvisioningNetworkDisabled && config.VirtualMediaViaExternalNetwork {
-		ipv6PodIP, err := GetPodIP(client.CoreV1(), namespace, NetworkStackV6)
-
-		if err != nil {
-			return corev1.EnvVar{
-				Name: externalUrlEnvVar,
-			}
+func setIronicExternalUrl(config *metal3iov1alpha1.ProvisioningSpec) []corev1.EnvVar {
+	if config.ProvisioningNetwork != metal3iov1alpha1.ProvisioningNetworkDisabled && !config.VirtualMediaViaExternalNetwork {
+		return []corev1.EnvVar{
+			{
+				Name: "IRONIC_EXTERNAL_URL_V6_PROTO",
+			},
+			{
+				Name: "IRONIC_EXTERNAL_URL_V6_HOSTS",
+			},
 		}
+	}
 
-		// protocol, host, port
-		urlTemplate := "%s://[%s]:%s"
-
-		if config.DisableVirtualMediaTLS {
-			return corev1.EnvVar{
-				Name:  externalUrlEnvVar,
-				Value: fmt.Sprintf(urlTemplate, "http", ipv6PodIP, baremetalHttpPort),
-			}
-		} else {
-			return corev1.EnvVar{
-				Name:  externalUrlEnvVar,
-				Value: fmt.Sprintf(urlTemplate, "https", ipv6PodIP, baremetalVmediaHttpsPort),
-			}
-		}
+	proto := "https"
+	if config.DisableVirtualMediaTLS {
+		proto = "http"
 	}
 
-	return corev1.EnvVar{
-		Name: externalUrlEnvVar,
+	return []corev1.EnvVar{
+		{
+			Name:  "IRONIC_EXTERNAL_URL_V6_PROTO",
+			Value: proto,
+		},
+		{
+			Name: "IRONIC_EXTERNAL_URL_V6_HOSTS",
+			ValueFrom: &corev1.EnvVarSource{
+				FieldRef: &corev1.ObjectFieldSelector{
+					FieldPath: "status.podIPs",
+				},
+			},
+		},
 	}
 }
 
@@ -401,7 +401,7 @@ func createInitContainerStaticIpSet(images *Images, config *metal3iov1alpha1.Pro
 
 func newMetal3Containers(info *ProvisioningInfo) []corev1.Container {
 	containers := []corev1.Container{
-		createContainerMetal3BaremetalOperator(info.Client, info.Images, &info.ProvConfig.Spec, info.BaremetalWebhookEnabled, info.Namespace),
+		createContainerMetal3BaremetalOperator(info.Images, &info.ProvConfig.Spec, info.BaremetalWebhookEnabled),
 		createContainerMetal3Httpd(info.Images, &info.ProvConfig.Spec, info.SSHKey),
 		createContainerMetal3Ironic(info.Images, info, &info.ProvConfig.Spec, info.SSHKey),
 		createContainerMetal3RamdiskLogs(info.Images),
@@ -444,7 +444,7 @@ func buildSSHKeyEnvVar(sshKey string) corev1.EnvVar {
 	return corev1.EnvVar{Name: sshKeyEnvVar, Value: sshKey}
 }
 
-func createContainerMetal3BaremetalOperator(client kubernetes.Interface, images *Images, config *metal3iov1alpha1.ProvisioningSpec, enableWebhook bool, namespace string) corev1.Container {
+func createContainerMetal3BaremetalOperator(images *Images, config *metal3iov1alpha1.ProvisioningSpec, enableWebhook bool) corev1.Container {
 	webhookPort, _ := strconv.ParseInt(baremetalWebhookPort, 10, 32) // #nosec
 	container := corev1.Container{
 		Name:  "metal3-baremetal-operator",
@@ -512,7 +512,6 @@ func createContainerMetal3BaremetalOperator(client kubernetes.Interface, images
 				Value: metal3AuthRootDir,
 			},
 			setIronicExternalIp(externalIpEnvVar, config),
-			setIronicExternalUrl(client, config, namespace),
 		},
 		Resources: corev1.ResourceRequirements{
 			Requests: corev1.ResourceList{
@@ -522,6 +521,8 @@ func createContainerMetal3BaremetalOperator(client kubernetes.Interface, images
 		},
 	}
 
+	container.Env = append(container.Env, setIronicExternalUrl(config)...)
+
 	if !enableWebhook {
 		// Webhook dependencies are not ready, thus we disable webhook explicitly,
 		// since default is enabled.

diff --git a/provisioning/baremetal_pod_test.go b/provisioning/baremetal_pod_test.go
@@ -215,7 +215,8 @@ func TestNewMetal3Containers(t *testing.T) {
 				{Name: "LIVE_ISO_FORCE_PERSISTENT_BOOT_DEVICE", Value: "Never"},
 				{Name: "METAL3_AUTH_ROOT_DIR", Value: "/auth"},
 				{Name: "IRONIC_EXTERNAL_IP", Value: ""},
-				{Name: "IRONIC_EXTERNAL_URL_V6", Value: ""},
+				{Name: "IRONIC_EXTERNAL_URL_V6_PROTO", Value: ""},
+				{Name: "IRONIC_EXTERNAL_URL_V6_HOSTS", Value: ""},
 			},
 		},
 		"metal3-httpd": {
@@ -360,7 +361,8 @@ func TestNewMetal3Containers(t *testing.T) {
 				withEnv(
 					containers["metal3-baremetal-operator"],
 					envWithFieldValue("IRONIC_EXTERNAL_IP", "status.hostIP"),
-					envWithValue("IRONIC_EXTERNAL_URL_V6", "https://[fd2e:6f44:5dd8:c956::16]:6183"),
+					envWithValue("IRONIC_EXTERNAL_URL_V6_PROTO", "https"),
+					envWithFieldValue("IRONIC_EXTERNAL_URL_V6_HOSTS", "status.podIPs"),
 				),
 				withEnv(
 					containers["metal3-httpd"],
@@ -394,7 +396,11 @@ func TestNewMetal3Containers(t *testing.T) {
 			name:   "DisabledSpec",
 			config: disabledProvisioning().build(),
 			expectedContainers: []corev1.Container{
-				containers["metal3-baremetal-operator"],
+				withEnv(
+					containers["metal3-baremetal-operator"],
+					envWithValue("IRONIC_EXTERNAL_URL_V6_PROTO", "https"),
+					envWithFieldValue("IRONIC_EXTERNAL_URL_V6_HOSTS", "status.podIPs"),
+				),
 				withEnv(
 					containers["metal3-httpd"],
 					envWithValue("PROVISIONING_INTERFACE", ""),
@@ -419,7 +425,11 @@ func TestNewMetal3Containers(t *testing.T) {
 			name:   "DisabledSpecWithoutProvisioningIP",
 			config: disabledProvisioning().ProvisioningIP("").ProvisioningNetworkCIDR("").build(),
 			expectedContainers: []corev1.Container{
-				containers["metal3-baremetal-operator"],
+				withEnv(
+					containers["metal3-baremetal-operator"],
+					envWithValue("IRONIC_EXTERNAL_URL_V6_PROTO", "https"),
+					envWithFieldValue("IRONIC_EXTERNAL_URL_V6_HOSTS", "status.podIPs"),
+				),
 				withEnv(
 					containers["metal3-httpd"],
 					envWithValue("PROVISIONING_INTERFACE", ""),