Creating squid AMI in VPC for CI aws proxy testing #4719
Conversation
openshift-ci-robot
added
do-not-merge/work-in-progress
ewolinetz
force-pushed
the
proxy_phase2_ci
branch
2 times, most recently
from
2e05907
to
6fe8fae
Compare
|
/test pj-rehearse |
2 similar comments
|
/test pj-rehearse |
|
/test pj-rehearse |
ewolinetz
force-pushed
the
proxy_phase2_ci
branch
2 times, most recently
from
2e10b6b
to
c42d04a
Compare
openshift-ci-robot
added
the
needs-rebase
ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml
Outdated
Show resolved
Hide resolved
openshift-ci-robot
added
size/L
ewolinetz
force-pushed
the
proxy_phase2_ci
branch
from
f90a5c9
to
6229f9f
Compare
openshift-ci-robot
removed
the
needs-rebase
ewolinetz
force-pushed
the
proxy_phase2_ci
branch
3 times, most recently
from
c831b68
to
8bbd55f
Compare
|
/test pj-rehearse |
1 similar comment
|
/test pj-rehearse |
|
/refresh |
|
/test pj-rehearse |
1 similar comment
|
/test pj-rehearse |
ewolinetz
force-pushed
the
proxy_phase2_ci
branch
3 times, most recently
from
d41b377
to
e2d7ac9
Compare
|
/test pj-rehearse |
1 similar comment
|
/test pj-rehearse |
|
We seem to be out of the registry-CI breakage now. /test pj-rehearse |
|
/test pj-rehearse |
3 similar comments
|
/test pj-rehearse |
|
/test pj-rehearse |
|
/test pj-rehearse |
|
@abhinavdahiya can someone from the installer team please review this? |
|
Not sure why this isn't being aggregated in the job details but the following tests failed and seem to just be flakes: |
|
The proxy job is failing currently? Is that a flake? |
| @@ -550,7 +1236,8 @@ objects: | |||
|
|
|||
| # begin bootstrapping | |||
| if [[ "${CLUSTER_TYPE}" == "aws" ]]; then | |||
| RHCOS_AMI=ami-0df3f99538fbef10f # FIXME: assumes AWS_REGION is us-east-1 | |||
| # RHCOS_AMI=ami-0df3f99538fbef10f # 4.1 ami FIXME: assumes AWS_REGION is us-east-1 | |||
| RHCOS_AMI=ami-0ae2df22579e00be5 # 4.2 ami FIXME: assumes AWS_REGION is us-east-1 | |||
There was a problem hiding this comment.
Is it normal for AWS UPI jobs to require this? Seems like this will require maintenance that we should avoid.
There was a problem hiding this comment.
Yes, I'm not sure if this value could be provided via a parameter but that would be more ideal.
It was required to bump it from the 4.1 AMI because it didn't have the logic to update the machine's trusted cert.
There was a problem hiding this comment.
Yes, I'm not sure if this value could be provided via a parameter but that would be more ideal.
Other platforms use rhcos.json (e.g. here). But I dislike using an installer-internal file for our CI, and would rather stay closer to our official docs to ensure we bump AMIs in the docs when we make some change that breaks vs. the currently-documented AMIs. But this is complicated by us documenting different AMIs for different 4.y, and I don't have an easy way around that yet. I'd really like openshift/installer#2092 or one of those family to give users the same access to the RHCOS JSON that we enjoy in CI.
There was a problem hiding this comment.
I'm not sure if this value could be provided via a parameter but that would be more ideal.
I guess providing via a job-specific parameter would be the way to get per-4.y AMIs in in the absence of something like openshift/installer#2092.
Yes, it seems to be a flake [1]. I've seen it pass two times, though in those instances it with a [1] #4719 (comment) |
ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml
Outdated
Show resolved
Hide resolved
ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml
Show resolved
Hide resolved
ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml
Outdated
Show resolved
Hide resolved
ewolinetz
force-pushed
the
proxy_phase2_ci
branch
from
bd2fd1c
to
2e751cb
Compare
ewolinetz
force-pushed
the
proxy_phase2_ci
branch
from
2e751cb
to
27c9755
Compare
|
/test pj-rehearse |
|
/lgtm |
|
/test pj-rehearse |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abhinavdahiya, danehans, ewolinetz The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
|
@ewolinetz: Updated the following 3 configmaps:
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@ewolinetz: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
This implements phase 2 of https://jira.coreos.com/browse/DPTP-475 where we move to using a UPI install and blackhole the private subnet so it does not have external internet access directly.
This PR also collects the proxy access logs and stores them in
proxy/squid.serviceduring teardown.