WIP rebase on latest metal3-io PRs #32
Conversation
This commit adds support for IPv6. When $PROVISIONING_IP is specified, which may be an IPv6 address, the various containers will wait for that IP to become available on an interface. If the IP is IPv6, then we use an IPv6-specific configurations. Note, IPv6 hosts are expected to be using UEFI boot, as we use snponly.efi. snponly.efi uses the UEFI network stack instead of the iPXE drivers. When using EDK2 OVMF + iPXE + ipxe.efi, we have seen lock-ups in initialization of the hardware devices. As neither CentOS nor RHEL distribute iPXE builds with IPv6 support, we build them from source as part of the container build. Conflicts: Dockerfile configure-ironic.sh Related metal3-io change metal3-io#107 (cherry picked from commit 2ad2b0d)
We don't appear to need these, infact they output errors on container startup... Related metal3-io change metal3-io#104 (cherry picked from commit f380833)
Rely instead on the logs to std out/err for each container Related metal3-io change metal3-io#97 (cherry picked from commit 8b4ceb6)
openshift-ci-robot
added
do-not-merge/work-in-progress
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hardys The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
|
@hardys: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
| cd src && \ | ||
| sed -i -e "s/#undef.*NET_PROTO_IPV6/#define NET_PROTO_IPV6/g" config/general.h && \ | ||
| make bin/undionly.kpxe bin-x86_64-efi/ipxe.efi bin-x86_64-efi/snponly.efi | ||
|
|
There was a problem hiding this comment.
These changes need to go into Dockerfile.ocp, unless we can get this into the downstream ipxe-bootimgs?
There was a problem hiding this comment.
yup, this may cause a problem, last time I tried to build a image in this build system with two "FROM " statements in the DockerFile the build system changed one of them but not the other (this may be what you need or it might get in the way....), as far as I could see it happens here
https://github.com/openshift/builder/blob/master/pkg/build/builder/docker.go#L374
There was a problem hiding this comment.
I've asked:
Requesting IPv6 support: https://bugzilla.redhat.com/show_bug.cgi?id=1776926
Requesting snponly.efi: https://bugzilla.redhat.com/show_bug.cgi?id=1776929
There was a problem hiding this comment.
If it does the last FROM, it may not be a big issue as long as where it's built can hit docker.io to get the centos images, we only use the builder to make the ipxe images.
There was a problem hiding this comment.
1776926 has been marked as a dupe of https://bugzilla.redhat.com/show_bug.cgi?id=1637650 so perhaps we can use the non-qemu ipxe-roms package from the RHEL8 appstream repo?
There was a problem hiding this comment.
snpnoly.efi is still missing, which we need to make things work correctly.
There was a problem hiding this comment.
Ok I'll copy the current build-from-source for now and we can follow-up with a change that makes this work with the packaged ipxe-roms
There was a problem hiding this comment.
- the FROM that changes is just the last one (example for kuryr https://github.com/openshift/kuryr-kubernetes/blob/master/openshift-kuryr-cni-ci-rhel8.Dockerfile)
- the internal build infra can't hit docker.io or any other external site that is not explicitly allowed (we have the same issue for packages and source repos, which is managed directly in the openshift config)
as a workaround, we can have the source that we want to compile in the image repo itself or in a downstream repo
or, well, wait for the bugzilla to be resolved
| cp /tftpboot/undionly.kpxe /tftpboot/ipxe.efi /tftpboot/snponly.efi /shared/tftpboot | ||
|
|
||
| # Copy IPv4 or IPv6 config | ||
| cp /etc/dnsmasq.conf.ipv$IPV /etc/dnsmasq.conf |
| cd src && \ | ||
| sed -i -e "s/#undef.*NET_PROTO_IPV6/#define NET_PROTO_IPV6/g" config/general.h && \ | ||
| make bin/undionly.kpxe bin-x86_64-efi/ipxe.efi bin-x86_64-efi/snponly.efi | ||
|
|
There was a problem hiding this comment.
- the FROM that changes is just the last one (example for kuryr https://github.com/openshift/kuryr-kubernetes/blob/master/openshift-kuryr-cni-ci-rhel8.Dockerfile)
- the internal build infra can't hit docker.io or any other external site that is not explicitly allowed (we have the same issue for packages and source repos, which is managed directly in the openshift config)
as a workaround, we can have the source that we want to compile in the image repo itself or in a downstream repo
or, well, wait for the bugzilla to be resolved
|
Thanks for the feedback @elfosardo holding on bz1776929 for this so we can remove the need to build the ipxe roms from source. |
Updated to bring in the following commits
metal3-io#97
metal3-io#104
metal3-io#107