-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use MachineConfigOperator instead of TNCO #232
Use MachineConfigOperator instead of TNCO #232
Conversation
163ebc4
to
9518ab5
Compare
/lgtm |
// TNC certs | ||
tncDomain := fmt.Sprintf("%s-tnc.%s", c.Name, c.BaseDomain) | ||
// MachineConfigServer certs | ||
mcsDomain := fmt.Sprintf("%s-tnc.%s", c.Name, c.BaseDomain) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we want to update the template to %s-mcs.%s
or similar? And you probably want to make similar changes to pkg/asset/tls
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://jira.coreos.com/browse/CORS-833 is going to consolidate the api endpoints. So left it for now.
lgtm to me, same question as @wking pointed out. |
/hold |
# /etc/ssl/mcs/tls.{crt, key} are locations for MachineConfigServer's tls assets. | ||
cp "$PWD/tls/machine-config-server.crt" /etc/ssl/mcs/tls.crt | ||
cp "$PWD/tls/machine-config-server.key" /etc/ssl/mcs/tls.key | ||
cp "$PWD/mco-bootstrap/machineconfigoperator-bootstrap-pod.yaml" /etc/kubernetes/manifests/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This doesn't appear to be a local file. Is it created by the bootstrap
rendering call above? I think this would be less brittle if we were able to volume-mount a handful of target directories, and then the installer could put its generated assets in the right places on its own. But if this is the only such file, than handling it explicitly here is probably an acceptable short-term solution.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need special logic for some operators that we need for bootstrapping the cluster:
installer/modules/bootkube/resources/bootkube.sh
Lines 16 to 27 in 77cc46f
# shellcheck disable=SC2154 | |
/usr/bin/docker run \ | |
--user 0 \ | |
--volume "$PWD:/assets:z" \ | |
"${tnc_operator_image}" \ | |
--config=/assets/tnco-config.yaml \ | |
--render-bootstrap=true \ | |
--render-output=/assets/tnc-bootstrap | |
mkdir -p /etc/kubernetes/manifests/ | |
cp "$PWD/tnc-bootstrap/tectonic-node-controller-pod.yaml" /etc/kubernetes/manifests/ | |
cp "$PWD/tnc-bootstrap/tectonic-node-controller-config.yaml" /etc/kubernetes/tnc-config |
cp -r "$PWD/bootstrap-configs" /etc/kubernetes/bootstrap-configs |
Everything else is already present in the correct directory <something>/manifests
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it created by the bootstrap rendering call above?
yes
9518ab5
to
4fc3971
Compare
Are we bringing over the checkpointer in this PR as well? |
@rphillips |
looks like it is in kube-core-operator. thanks! |
4fc3971
to
96d2e00
Compare
@@ -13,7 +13,6 @@ import ( | |||
"github.com/coreos/tectonic-config/config/kube-addon" | |||
"github.com/coreos/tectonic-config/config/kube-core" | |||
"github.com/coreos/tectonic-config/config/tectonic-network" | |||
tnco "github.com/coreos/tectonic-config/config/tectonic-node-controller" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You probably want a separate commit rebuilding BUILD.bazel
and cleaning this our of vendor/
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I used https://github.com/openshift/installer#go to create df62984. I didn't remove glide.lock, as i didn't want to update the whole world :/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't remove glide.lock, as i didn't want to update the whole world :/
Removing glide.lock
wasn't too bad when I did it in 2018-08-30 in 2e835b0. But I'm fine punting the vendor/
cleanup down the road if you want.
96d2e00
to
df62984
Compare
requires openshift/machine-config-operator#54 |
I landed openshift/machine-config-operator#54. I expect that will have bumped the /retest |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abhinavdahiya, crawford The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/hold cancel |
@abhinavdahiya: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
… cluster-api Generated with: $ glide update --strip-vendor $ glide-vc --use-lock-file --no-tests --only-code $ bazel run //:gazelle using: $ glide --version (cd $GOPATH/src/github.com/Masterminds/glide && git describe) v0.13.1-7-g3e13fd1 $ (cd $GOPATH/src/github.com/sgotti/glide-vc && git describe) v0.1.0-2-g6ddf6ee $ bazel version Build label: 0.16.1- (@non-git) Build target: bazel-out/k8-opt/bin/src/main/java/com/google/devtools/build/lib/bazel/BazelServer_deploy.jar Build time: Mon Aug 13 16:42:29 2018 (1534178549) Build timestamp: 1534178549 Build timestamp as int: 1534178549 The tectonic-node-controller removal catches us up with 596591b (.*: replace tectonic node controller with machine config operator, 2018-09-10, openshift#232). The cluster-api trim adjusts the content from b00e40e (vendor: Add client from sigs.k8s.io/cluster-api, 2018-09-04, openshift#119). Because cluster-api wasn't in glide.lock, I suspect neither glide nor glide-vc were run before that commit.
… cluster-api Generated with: $ glide update --strip-vendor $ glide-vc --use-lock-file --no-tests --only-code $ bazel run //:gazelle using: $ glide --version (cd $GOPATH/src/github.com/Masterminds/glide && git describe) v0.13.1-7-g3e13fd1 $ (cd $GOPATH/src/github.com/sgotti/glide-vc && git describe) v0.1.0-2-g6ddf6ee $ bazel version Build label: 0.16.1- (@non-git) Build target: bazel-out/k8-opt/bin/src/main/java/com/google/devtools/build/lib/bazel/BazelServer_deploy.jar Build time: Mon Aug 13 16:42:29 2018 (1534178549) Build timestamp: 1534178549 Build timestamp as int: 1534178549 The tectonic-node-controller removal catches us up with 596591b (.*: replace tectonic node controller with machine config operator, 2018-09-10, openshift#232). The cluster-api trim adjusts the content from b00e40e (vendor: Add client from sigs.k8s.io/cluster-api, 2018-09-04, openshift#119). Because cluster-api wasn't in glide.lock, I suspect neither glide nor glide-vc were run before that commit.
… cluster-api Generated with: $ glide update --strip-vendor $ glide-vc --use-lock-file --no-tests --only-code $ bazel run //:gazelle using: $ glide --version (cd $GOPATH/src/github.com/Masterminds/glide && git describe) v0.13.1-7-g3e13fd1 $ (cd $GOPATH/src/github.com/sgotti/glide-vc && git describe) v0.1.0-2-g6ddf6ee $ bazel version Build label: 0.16.1- (@non-git) Build target: bazel-out/k8-opt/bin/src/main/java/com/google/devtools/build/lib/bazel/BazelServer_deploy.jar Build time: Mon Aug 13 16:42:29 2018 (1534178549) Build timestamp: 1534178549 Build timestamp as int: 1534178549 The tectonic-node-controller removal catches us up with 596591b (.*: replace tectonic node controller with machine config operator, 2018-09-10, openshift#232). The cluster-api trim adjusts the content from b00e40e (vendor: Add client from sigs.k8s.io/cluster-api, 2018-09-04, openshift#119). Because cluster-api wasn't in glide.lock, I suspect neither glide nor glide-vc were run before that commit.
Requires https://github.com/coreos-inc/tectonic-operators/pull/456 and openshift/machine-config-operator#50
/hold