-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Move to hypershift-mce-kubevirt-create-disconnected-commands.sh
Signed-off-by: Simone Tiraboschi <stirabos@redhat.com>
- Loading branch information
1 parent
cd482b5
commit a26e762
Showing
3 changed files
with
145 additions
and
144 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
143 changes: 143 additions & 0 deletions
143
.../mce/kubevirt/create/disconnected/hypershift-mce-kubevirt-create-disconnected-commands.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,143 @@ | ||
| #!/bin/bash | ||
|
|
||
| set -exuo pipefail | ||
|
|
||
| source "${SHARED_DIR}/packet-conf.sh" | ||
|
|
||
| CLUSTER_NAME="$(echo -n $PROW_JOB_ID|sha256sum|cut -c-20)" | ||
|
|
||
| echo "$CLUSTER_NAME" > /tmp/hostedcluster_name | ||
| scp "${SSHOPTS[@]}" "/tmp/hostedcluster_name" "root@${IP}:/home/hostedcluster_name" | ||
|
|
||
| echo "$HYPERSHIFT_NODE_COUNT" > /tmp/hypershift_node_count | ||
| scp "${SSHOPTS[@]}" "/tmp/hypershift_node_count" "root@${IP}:/home/hypershift_node_count" | ||
|
|
||
| # shellcheck disable=SC2087 | ||
| ssh "${SSHOPTS[@]}" "root@${IP}" bash - << EOF | ||
| set -xeo pipefail | ||
| if [ -f /root/config ] ; then | ||
| source /root/config | ||
| fi | ||
| export DISCONNECTED="${DISCONNECTED:-}" | ||
| export IP_STACK="${IP_STACK:-}" | ||
| # explicitly mirror the RHCOS image used by the MCE injected release | ||
| # TODO: can we avoid this? | ||
| mirror_registry=\$(oc get imagecontentsourcepolicy -o json | jq -r '.items[].spec.repositoryDigestMirrors[0].mirrors[0]') | ||
| mirror_registry=\${mirror_registry%%/*} | ||
| if [[ \$mirror_registry == "" ]] ; then | ||
| echo "Warning: Can not find the mirror registry, abort !!!" | ||
| exit 1 | ||
| fi | ||
| echo "mirror registry is \${mirror_registry}" | ||
| LOCALIMAGES=localimages | ||
| PAYLOADIMAGE=\$(oc get clusterversion version -ojsonpath='{.status.desired.image}') | ||
| mkdir -p /home/release-manifests/ | ||
| oc image extract \${PAYLOADIMAGE} --path /release-manifests/:/home/release-manifests/ --confirm | ||
| RHCOS_IMAGE=\$(cat /home/release-manifests/0000_50_installer_coreos-bootimages.yaml | yq -r .data.stream | jq -r '.architectures.x86_64.images.kubevirt."digest-ref"') | ||
| RHCOS_IMAGE_NO_DIGEST=\${RHCOS_IMAGE%@sha256*} | ||
| RHCOS_IMAGE_NAME=\${RHCOS_IMAGE_NO_DIGEST##*/} | ||
| RHCOS_IMAGE_REPO=\${RHCOS_IMAGE_NO_DIGEST%/*} | ||
| oc image mirror \${RHCOS_IMAGE} \${mirror_registry}/\${LOCALIMAGES}/\${RHCOS_IMAGE_NAME} | ||
| oc apply -f - <<EOF2 | ||
| apiVersion: operator.openshift.io/v1alpha1 | ||
| kind: ImageContentSourcePolicy | ||
| metadata: | ||
| name: openshift-release-dev | ||
| spec: | ||
| repositoryDigestMirrors: | ||
| - mirrors: | ||
| - \${mirror_registry}/\${LOCALIMAGES} | ||
| source: \${RHCOS_IMAGE_REPO} | ||
| EOF2 | ||
| #### | ||
| arch=\$(arch) | ||
| if [ "\$arch" == "x86_64" ]; then | ||
| downURL=\$(oc get ConsoleCLIDownload hcp-cli-download -o json | jq -r '.spec.links[] | select(.text | test("Linux for x86_64")).href') && curl -k --output /tmp/hcp.tar.gz \${downURL} | ||
| cd /tmp && tar -xvf /tmp/hcp.tar.gz | ||
| chmod +x /tmp/hcp | ||
| cd - | ||
| fi | ||
| if [ ! -f /tmp/yq-v4 ]; then | ||
| curl -L "https://github.com/mikefarah/yq/releases/download/v4.30.5/yq_linux_\$(uname -m | sed 's/aarch64/arm64/;s/x86_64/amd64/')" \ | ||
| -o /tmp/yq-v4 && chmod +x /tmp/yq-v4 | ||
| fi | ||
| oc get imagecontentsourcepolicy -oyaml | /tmp/yq-v4 '.items[] | .spec.repositoryDigestMirrors' > /home/mgmt_iscp.yaml | ||
| ICSP="--image-content-sources /home/mgmt_iscp.yaml " | ||
| HYPERSHIFT_NODE_COUNT=\$(cat /home/hypershift_node_count) | ||
| CLUSTER_NAME=\$(cat /home/hostedcluster_name) | ||
| CLUSTER_NAMESPACE=local-cluster-\${CLUSTER_NAME} | ||
| echo "\$(date) Creating HyperShift cluster \${CLUSTER_NAME}" | ||
| oc create ns "\${CLUSTER_NAMESPACE}" | ||
| echo "extract secret/pull-secret" | ||
| oc extract secret/pull-secret -n openshift-config --to=/tmp --confirm | ||
| PULL_SECRET_PATH="/tmp/.dockerconfigjson" | ||
| TRUST="--additional-trust-bundle /etc/pki/ca-trust/source/anchors/registry.2.crt " | ||
| # TODO: can we avoid this? | ||
| ROVERRIDES=\$(oc get imagecontentsourcepolicy image-policy -o=json | jq -r '.spec.repositoryDigestMirrors[] | select (.source | test("registry.ci.openshift.org/ocp/") ) | .source+"="+.mirrors[0]') | ||
| oc patch deploy -n hypershift operator --type=json -p="[{\"op\": \"add\", \"path\": \"/spec/template/spec/containers/0/args/-\", \"value\": \"--registry-overrides=\${ROVERRIDES}\"}]" | ||
| sleep 30 | ||
| ### | ||
| ETCD_STORAGE_CLASS="" | ||
| if [ "\$(oc get infrastructure cluster -o=jsonpath='{.status.platformStatus.type}')" == "AWS" ]; then | ||
| echo "AWS infra detected. Setting --etcd-storage-class" | ||
| ETCD_STORAGE_CLASS="--etcd-storage-class gp3-csi" | ||
| fi | ||
| echo "\$(date) Creating HyperShift cluster \${CLUSTER_NAME}" | ||
| /tmp/hcp create cluster kubevirt \${ETCD_STORAGE_CLASS} \${ICSP} \${TRUST} \ | ||
| --name \${CLUSTER_NAME} \ | ||
| --node-pool-replicas \${HYPERSHIFT_NODE_COUNT} \ | ||
| --memory 16Gi \ | ||
| --cores 4 \ | ||
| --root-volume-size 64 \ | ||
| --namespace local-cluster \ | ||
| --release-image \${PAYLOADIMAGE} \ | ||
| --pull-secret \${PULL_SECRET_PATH} \ | ||
| --generate-ssh | ||
| # TODO: why do we need this? can we skip this? | ||
| oc annotate hostedclusters -n local-cluster \${CLUSTER_NAME} "cluster.open-cluster-management.io/managedcluster-name=\${CLUSTER_NAME}" --overwrite | ||
| oc apply -f - <<EOF2 | ||
| apiVersion: cluster.open-cluster-management.io/v1 | ||
| kind: ManagedCluster | ||
| metadata: | ||
| annotations: | ||
| import.open-cluster-management.io/hosting-cluster-name: local-cluster | ||
| import.open-cluster-management.io/klusterlet-deploy-mode: Hosted | ||
| open-cluster-management/created-via: other | ||
| labels: | ||
| cloud: auto-detect | ||
| cluster.open-cluster-management.io/clusterset: default | ||
| name: \${CLUSTER_NAME} | ||
| vendor: OpenShift | ||
| name: \${CLUSTER_NAME} | ||
| spec: | ||
| hubAcceptsClient: true | ||
| leaseDurationSeconds: 60 | ||
| EOF2 | ||
| #### | ||
| echo "Waiting for cluster to become available" | ||
| oc wait --timeout=30m --for=condition=Available --namespace=local-cluster hostedcluster/\${CLUSTER_NAME} | ||
| echo "Cluster became available, creating kubeconfig" | ||
| /tmp/hcp create kubeconfig --namespace=local-cluster --name=\${CLUSTER_NAME} > /home/nested_kubeconfig | ||
| EOF | ||
|
|
||
| scp "${SSHOPTS[@]}" "root@${IP}:/home/nested_kubeconfig" "${SHARED_DIR}/nested_kubeconfig" |