TNC bootstrapping

config.tf

@@ -71,6 +71,7 @@ variable "tectonic_container_images" {
     awscli                               = "quay.io/coreos/awscli:025a357f05242fdad6a81e8a6b520098aa65a600"
     gcloudsdk                            = "google/cloud-sdk:178.0.0-alpine"
     bootkube                             = "quay.io/coreos/bootkube:v0.10.0"
+    tnc_bootstrap                        = "quay.io/coreos/tectonic-node-controller-dev:76a584680b7f39aa7b3c40cd742c736b30b5a89a"
     etcd                                 = "quay.io/coreos/etcd:v3.2.14"
     hyperkube                            = "quay.io/coreos/hyperkube:v1.9.1_coreos.0"
     kube_core_renderer                   = "quay.io/coreos/kube-core-renderer-dev:6c49ce4da9fc36966812381891b4f558aa53097b"

installer/pkg/workflow/install.go

@@ -61,7 +61,7 @@ func installBootstrapStep(m *metadata) error {
 		return err
 	}
 
-	if err := waitForNCG(m); err != nil {
+	if err := waitForTNC(m); err != nil {
 		return err
 	}
 

installer/pkg/workflow/utils.go

@@ -26,6 +26,7 @@ const (
 	configFileName = "config.yaml"
 	kubeConfigPath = "generated/auth/kubeconfig"
 	binaryPrefix   = "tectonic-installer"
+	tncDaemonSet   = "tectonic-node-controller"
 )
 
 func copyFile(fromFilePath, toFilePath string) error {
@@ -50,7 +51,7 @@ func destroyCNAME(clusterDir string) error {
 	if err != nil {
 		return err
 	}
-	return terraformExec(clusterDir, "destroy", "-force", fmt.Sprintf("-state=%s.tfstate", bootstrapStep), "-target=aws_route53_record.tectonic_ncg", templatesPath)
+	return terraformExec(clusterDir, "destroy", "-force", fmt.Sprintf("-state=%s.tfstate", bootstrapStep), "-target=aws_route53_record.tectonic_tnc", templatesPath)
 }
 
 func findTemplates(relativePath string) (string, error) {
@@ -154,7 +155,7 @@ func readClusterConfigStep(m *metadata) error {
 	return nil
 }
 
-func waitForNCG(m *metadata) error {
+func waitForTNC(m *metadata) error {
 	config, err := clientcmd.BuildConfigFromFlags("", filepath.Join(m.clusterDir, kubeConfigPath))
 	if err != nil {
 		return err
@@ -169,16 +170,16 @@ func waitForNCG(m *metadata) error {
 	wait := 10
 	for retries > 0 {
 		// client will error until api sever is up
-		ds, _ := client.DaemonSets("kube-system").Get("ncg")
-		log.Printf("Waiting for NCG to be running, this might take a while...")
+		ds, _ := client.DaemonSets("kube-system").Get(tncDaemonSet)
+		log.Printf("Waiting for TNC to be running, this might take a while...")
 		if ds.Status.NumberReady >= 1 {
 			return nil
 		}
 		time.Sleep(time.Second * time.Duration(wait))
 		retries--
 	}
 
-	return errors.New("NCG is not running")
+	return errors.New("TNC is not running")
 }
 
 func writeFile(path, content string) error {

modules/aws/master-asg/master.tf

@@ -59,9 +59,9 @@ resource "aws_autoscaling_group" "masters" {
   }
 }
 
-data "ignition_config" "ncg_master" {
+data "ignition_config" "tnc_master" {
   append {
-    source = "http://${var.cluster_name}-ncg.${var.base_domain}/ignition?profile=master"
+    source = "http://${var.cluster_name}-tnc.${var.base_domain}/ign/v1/role/master"
   }
 
   files = ["${data.ignition_file.kubelet_master_kubeconfig.id}"]
@@ -85,7 +85,7 @@ resource "aws_launch_configuration" "master_conf" {
   security_groups             = ["${var.master_sg_ids}"]
   iam_instance_profile        = "${aws_iam_instance_profile.master_profile.arn}"
   associate_public_ip_address = "${var.public_endpoints}"
-  user_data                   = "${data.ignition_config.ncg_master.rendered}"
+  user_data                   = "${data.ignition_config.tnc_master.rendered}"
 
   lifecycle {
     create_before_destroy = true

modules/aws/vpc/master-elb.tf

@@ -1,16 +1,16 @@
-resource "aws_elb" "ncg" {
+resource "aws_elb" "tnc" {
   count           = "${var.private_master_endpoints}"
-  name            = "${var.cluster_name}-ncg"
+  name            = "${var.cluster_name}-tnc"
   subnets         = ["${local.master_subnet_ids}"]
   internal        = true
-  security_groups = ["${aws_security_group.ncg.id}"]
+  security_groups = ["${aws_security_group.tnc.id}"]
 
   idle_timeout                = 3600
   connection_draining         = true
   connection_draining_timeout = 300
 
   listener {
-    instance_port     = 8080
+    instance_port     = 49500
     instance_protocol = "tcp"
     lb_port           = 80
     lb_protocol       = "tcp"
@@ -20,7 +20,7 @@ resource "aws_elb" "ncg" {
     healthy_threshold   = 2
     unhealthy_threshold = 2
     timeout             = 3
-    target              = "TCP:8080"
+    target              = "TCP:49500"
     interval            = 5
   }
 

modules/aws/vpc/outputs.tf

@@ -45,7 +45,7 @@ output "aws_elb_console_id" {
 }
 
 output "aws_lbs" {
-  value = ["${compact(concat(aws_elb.api_internal.*.id, list(aws_elb.console.id), aws_elb.api_external.*.id, aws_elb.ncg.*.id))}"]
+  value = ["${compact(concat(aws_elb.api_internal.*.id, list(aws_elb.console.id), aws_elb.api_external.*.id, aws_elb.tnc.*.id))}"]
 }
 
 output "aws_api_external_dns_name" {
@@ -72,10 +72,10 @@ output "aws_elb_console_zone_id" {
   value = "${aws_elb.console.zone_id}"
 }
 
-output "aws_elb_ncg_dns_name" {
-  value = "${element(concat(aws_elb.ncg.*.dns_name, list("")), 0)}"
+output "aws_elb_tnc_dns_name" {
+  value = "${element(concat(aws_elb.tnc.*.dns_name, list("")), 0)}"
 }
 
-output "aws_elb_ncg_zone_id" {
-  value = "${element(concat(aws_elb.ncg.*.zone_id, list("")), 0)}"
+output "aws_elb_tnc_zone_id" {
+  value = "${element(concat(aws_elb.tnc.*.zone_id, list("")), 0)}"
 }

modules/aws/vpc/sg-elb.tf

@@ -1,4 +1,4 @@
-resource "aws_security_group" "ncg" {
+resource "aws_security_group" "tnc" {
   vpc_id = "${data.aws_vpc.cluster_vpc.id}"
 
   tags = "${merge(map(

modules/aws/vpc/sg-master.tf

@@ -8,14 +8,14 @@ resource "aws_security_group" "master" {
     ), var.extra_tags)}"
 }
 
-resource "aws_security_group_rule" "master_ncg" {
+resource "aws_security_group_rule" "master_tnc" {
   type              = "ingress"
   security_group_id = "${aws_security_group.master.id}"
 
   protocol    = "tcp"
   cidr_blocks = ["0.0.0.0/0"]
-  from_port   = 8080
-  to_port     = 8080
+  from_port   = 49500
+  to_port     = 49500
 }
 
 resource "aws_security_group_rule" "master_egress" {

modules/aws/worker-asg/worker.tf

@@ -25,9 +25,9 @@ data "aws_ami" "coreos_ami" {
   }
 }
 
-data "ignition_config" "ncg_worker" {
+data "ignition_config" "tnc_worker" {
   append {
-    source = "http://${var.cluster_name}-ncg.${var.base_domain}/ignition?profile=worker"
+    source = "http://${var.cluster_name}-tnc.${var.base_domain}/ign/v1/role/worker"
   }
 
   files = ["${data.ignition_file.kubelet_worker_kubeconfig.id}"]
@@ -50,7 +50,7 @@ resource "aws_launch_configuration" "worker_conf" {
   key_name             = "${var.ssh_key}"
   security_groups      = ["${var.sg_ids}"]
   iam_instance_profile = "${aws_iam_instance_profile.worker_profile.arn}"
-  user_data            = "${data.ignition_config.ncg_worker.rendered}"
+  user_data            = "${data.ignition_config.tnc_worker.rendered}"
 
   lifecycle {
     create_before_destroy = true

modules/bootkube-ut2/assets.tf

@@ -18,6 +18,7 @@ resource "template_dir" "bootkube" {
 
   vars {
     tectonic_network_operator_image = "${var.container_images["tectonic_network_operator"]}"
+    tnc_bootstrap_image             = "${var.container_images["tnc_bootstrap"]}"
 
     kco_config = "${indent(4, chomp(data.template_file.kco-config_yaml.rendered))}"
 
@@ -39,13 +40,31 @@ resource "template_dir" "bootkube" {
     pull_secret                    = "${base64encode(file(var.pull_secret_path))}"
     serviceaccount_pub             = "${base64encode(tls_private_key.service_account.public_key_pem)}"
     serviceaccount_key             = "${base64encode(tls_private_key.service_account.private_key_pem)}"
-    ncg_config_worker              = "${var.ncg_config_worker}"
-    ncg_config_master              = "${var.ncg_config_master}"
     kube_dns_service_ip            = "${cidrhost(var.service_cidr, 10)}"
 
     etcd_ca_cert     = "${base64encode(var.etcd_ca_cert_pem)}"
     etcd_client_cert = "${base64encode(var.etcd_client_cert_pem)}"
     etcd_client_key  = "${base64encode(var.etcd_client_key_pem)}"
+
+    http_proxy               = "${var.http_proxy}"
+    https_proxy              = "${var.https_proxy}"
+    no_proxy                 = "${join(",", var.no_proxy)}"
+    kubelet_image_url        = "${replace(var.container_images["hyperkube"],var.image_re,"$1")}"
+    kubelet_image_tag        = "${replace(var.container_images["hyperkube"],var.image_re,"$2")}"
+    iscsi_enabled            = "${var.iscsi_enabled}"
+    kubeconfig_fetch_cmd     = "${var.kubeconfig_fetch_cmd != "" ? "ExecStartPre=${var.kubeconfig_fetch_cmd}" : ""}"
+    tectonic_torcx_image_url = "${replace(var.container_images["tectonic_torcx"],var.image_re,"$1")}"
+    tectonic_torcx_image_tag = "${replace(var.container_images["tectonic_torcx"],var.image_re,"$2")}"
+    torcx_skip_setup         = "false"
+    torcx_store_url          = "${var.torcx_store_url}"
+    bootstrap_upgrade_cl     = "${var.bootstrap_upgrade_cl}"
+    master_node_label        = "${var.kubelet_master_node_label}"
+    worker_node_label        = "${var.kubelet_worker_node_label}"
+    node_taints_param        = "${var.kubelet_node_taints != "" ? "--register-with-taints=${var.kubelet_node_taints}" : ""}"
+    cluster_dns_ip           = "${var.kube_dns_service_ip}"
+    cloud_provider           = "${var.cloud_provider}"
+    debug_config             = "${var.kubelet_debug_config}"
+    cluster_name             = "${var.cluster_name}"
   }
 }
 

modules/bootkube-ut2/resources/manifests/tectonic-node-controller-config.yaml

@@ -0,0 +1,27 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: tectonic-node-controller-config-v1
+  namespace: kube-system
+data:
+  tnc-config: |
+    HTTPProxy: "${http_proxy}"
+    HTTPSProxy: "${https_proxy}"
+    NoProxy: "${no_proxy}"
+    KubeletImageUrl: "${kubelet_image_url}"
+    KubeletImageTag: "${kubelet_image_tag}"
+    IscsiEnabled: "${iscsi_enabled}"
+    KubeconfigFetchCmd: "${kubeconfig_fetch_cmd}"
+    TectonicTorcxImageURL: "${tectonic_torcx_image_url}"
+    TectonicTorcxImageTag: "${tectonic_torcx_image_tag}"
+    BootstrapUpgradeCl: "${bootstrap_upgrade_cl}"
+    TorcxStoreULL: "${torcx_store_url}"
+    TorcxSkipSetup: "${torcx_skip_setup}"
+    MasterNodeLabel: "${master_node_label}"
+    WorkerNodeLabel: "${worker_node_label}"
+    NodeTaintsParam: "${node_taints_param}"
+    ClusterDNSIP: "${cluster_dns_ip}"
+    CloudProvider: "${cloud_provider}"
+    CloudProviderConfig: "${cloud_provider_config}"
+    DebugConfig: "${debug_config}"
+    ClusterName: "${cluster_name}"