-#!/bin/bash
-
-#supported OS version
-UBUNTU_BIONIC=${UBUNTU_BIONIC:-Ubuntu 18.04.2 LTS}
-
-#offline mode variable
-DOWNLOAD_PATH=${DOWNLOAD_PATH:-/opt/icn}
-LOCAL_APT_REPO=${LOCAL_APT_REPO:-$DOWNLOAD_PATH/apt}
-PIP_CACHE_DIR=${PIP_CACHE_DIR:-$DOWNLOAD_PATH/pip-cache-dir}
-BUILD_DIR=${BUILD_DIR:-$DOWNLOAD_PATH/build-dir}
-CONTAINER_IMAGES_DIR=${CONTAINER_IMAGES_DIR:-$OFFLINE_DOWNLOAD_PATH/docker-dir}
-
-#set variables
-#Todo include over all variables here
-KUBE_VERSION=${KUBE_VERSION:-"v1.15.0"}
-POD_NETWORK_CIDR=${POD_NETWORK_CIDR:-"10.244.0.0/16"}
-PODMAN_CNI_CONFLIST=${PODMAN_CNI_CONFLIST:-"https://raw.githubusercontent.com/containers/libpod/v1.4.4/cni/87-podman-bridge.conflist"}
-
-#Bootstrap K8s cluster
-BS_DHCP_INTERFACE=${BS_DHCP_INTERFACE:-}
-BS_DHCP_INTERFACE_IP=${BS_DHCP_INTERFACE_IP:-}
-BS_DHCP_DIR=${BS_DHCP_DIR:-$DOWNLOAD_PATH/dhcp}
-
-#User Provider Network configuration
-PROVIDER_NETWORK_GATEWAY=${PROVIDER_NETWORK_GATEWAY:-}
-PROVIDER_NETWORK_DNS=${PROVIDER_NETWORK_DNS:-}
-
-#Ironic variables
-IRONIC_IMAGE=${IRONIC_IMAGE:-"quay.io/metal3-io/ironic:master"}
-IRONIC_INSPECTOR_IMAGE=${IRONIC_INSPECTOR_IMAGE:-"quay.io/metal3-io/ironic-inspector"}
-IRONIC_BAREMETAL_IMAGE=${IRONIC_BAREMETAL_IMAGE:-"quay.io/metal3-io/baremetal-operator:master"}
-IRONIC_BAREMETAL_SOCAT_IMAGE=${IRONIC_BAREMETAL_SOCAT_IMAGE:-"alpine/socat:latest"}
+#!/usr/bin/env bash
+set -eu -o pipefail
IRONIC_DATA_DIR=${IRONIC_DATA_DIR:-"/opt/ironic"}
+NODES_FILE=${NODES_FILE:-"${IRONIC_DATA_DIR}/nodes.json"}
#IRONIC_PROVISIONING_INTERFACE is required to be provisioning, don't change it
IRONIC_INTERFACE=${IRONIC_INTERFACE:-}
IRONIC_PROVISIONING_INTERFACE=${IRONIC_PROVISIONING_INTERFACE:-"provisioning"}
-IRONIC_IPMI_INTERFACE=${IRONIC_IPMI_INTERFACE:-}
IRONIC_PROVISIONING_INTERFACE_IP=${IRONIC_PROVISIONING_INTERFACE_IP:-"172.22.0.1"}
-IRONIC_IPMI_INTERFACE_IP=${IRONIC_IPMI_INTERFACE_IP:-}
-BM_IMAGE_URL=${BM_IMAGE_URL:-"https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img"}
-BM_IMAGE=${BM_IMAGE:-"bionic-server-cloudimg-amd64.img"}
+BM_IMAGE_URL=${BM_IMAGE_URL:-"https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img"}
+BM_IMAGE=${BM_IMAGE:-"focal-server-cloudimg-amd64.img"}
-#Todo change into nodes list in json pattern
-COMPUTE_NODE_FQDN=${COMPUTE_NODE_FQDN:-".akraino.org"}
-COMPUTE_NODE_PASSWORD=${COMPUTE_NODE_PASSWORD:-"mypasswd"}
+#Baremetal operator repository URL
+BMOREPO="${BMOREPO:-https://github.com/metal3-io/baremetal-operator.git}"
+#Path to clone the baremetal operator repo
+BMOPATH="/opt/src/github.com/metal3-io/baremetal-operator"
+#Bare Metal Operator version to use
+# If changing this, the value in deploy/ironic/icn/kustomization.yaml
+# must also be changed
+BMO_VERSION="capm3-v0.5.1"
+
+#KuD repository URL
+KUDREPO="${KUDREPO:-https://github.com/onap/multicloud-k8s.git}"
+#Path to clone the KuD repo
+KUDPATH="/opt/src/github.com/onap/multicloud-k8s"
+#KuD version to use
+KUD_VERSION="8157bf63753839ce4e9006978816fad3f63ca2de"
+
+#EMCO repository URL
+EMCOREPO="${EMCOREPO:-https://gitlab.com/project-emco/core/emco-base.git}"
+#Path to clone the EMCO repo
+EMCOPATH="/opt/src/emco-base"
+#EMCO version to use
+EMCO_VERSION="v21.12"
+
+#Discard existing repo directory
+FORCE_REPO_UPDATE="${FORCE_REPO_UPDATE:-false}"
+
+# The kustomize version to use
+KUSTOMIZE_VERSION="v4.3.0"
+
+#Cluster API version to use
+CAPI_VERSION="v0.4.3"
+
+#Cluster API version to use
+CAPM3_VERSION="v0.5.1"
+
+#The flux version to use
+FLUX_VERSION="0.25.3"
+
+#The sops version to use
+SOPS_VERSION="v3.7.1"
#refered from onap
function call_api {
}
function list_nodes {
- NODES_FILE="${IRONIC_DATA_DIR}/nodes.json"
+ if [ ! -f "$NODES_FILE" ]; then
+ exit 1
+ fi
+
+ # The boot MAC address must be specified when a port is included
+ # in the IPMI driver address (i.e when using the VirtualBMC
+ # controller). Note that the below is a bit of a hack as it only
+ # checks the first entry in NODES_FILE for the port.
+ if cat "$NODES_FILE" |
+ jq -r '.nodes[0].ipmi_driver_info.address' | grep -c ':[0-9]\+$' >/dev/null; then
+ BOOT_LINK=$(cat "$NODES_FILE" |
+ jq -r '.nodes[0].net.links | map(.id=="provisioning_nic") | index(true)')
+ cat "$NODES_FILE" |
+ jq -r --argjson BOOT_LINK $BOOT_LINK '.nodes[] | [
+ .name,
+ .ipmi_driver_info.username,
+ .ipmi_driver_info.password,
+ .ipmi_driver_info.address,
+ .net.links[$BOOT_LINK].ethernet_mac_address,
+ .os.username,
+ .os.password,
+ .os.image_name
+ ] | @csv' |
+ sed 's/"//g'
+ else
+ cat "$NODES_FILE" |
+ jq -r '.nodes[] | [
+ .name,
+ .ipmi_driver_info.username,
+ .ipmi_driver_info.password,
+ .ipmi_driver_info.address,
+ "",
+ .os.username,
+ .os.password,
+ .os.image_name
+ ] | @csv' |
+ sed 's/"//g'
+ fi
+}
+
+function node_userdata {
+ name="$1"
+ username="$2"
+ password="$3"
+ COMPUTE_NODE_FQDN="$name.akraino.icn.org"
+
+ # validate that the user isn't expecting the deprecated
+ # COMPUTE_NODE_PASSWORD to be used
+ if [ "$password" != "${COMPUTE_NODE_PASSWORD:-$password}" ]; then
+ cat <<EOF
+COMPUTE_NODE_PASSWORD "$COMPUTE_NODE_PASSWORD" not equal to nodes.json $name password "$password".
+Unset COMPUTE_NODE_PASSWORD and retry.
+EOF
+ exit 1
+ fi
+
+ printf "userData:\n"
+ if [ -n "$username" ]; then
+ printf " name: ${username}\n"
+ fi
+ if [ -n "$password" ]; then
+ passwd=$(mkpasswd --method=SHA-512 --rounds 4096 "$password")
+ printf " hashedPassword: ${passwd}\n"
+ fi
+
+ if [ -n "$COMPUTE_NODE_FQDN" ]; then
+ printf " fqdn: ${COMPUTE_NODE_FQDN}\n"
+ fi
+
+ if [ ! -f $HOME/.ssh/id_rsa.pub ]; then
+ yes y | ssh-keygen -t rsa -N "" -f $HOME/.ssh/id_rsa
+ fi
+
+ printf " sshAuthorizedKey: $(cat $HOME/.ssh/id_rsa.pub)\n"
+}
- if [ ! -f $IRONIC_DATA_DIR/nodes.json ]; then
+# Returns "null" when the field is not present
+function networkdata_networks_field {
+ name=$1
+ network=$2
+ field=$3
+ cat $NODES_FILE | jq -c -r --arg name "$name" --arg network "$network" --arg field "$field" '.nodes[] | select(.name==$name) | .net.networks[] | select(.id==$network).'${field}
+}
+
+# Returns "null" when the field is not present
+function networkdata_links_field {
+ name=$1
+ link=$2
+ field=$3
+ cat $NODES_FILE | jq -c -r --arg name "$name" --arg link "$link" --arg field "$field" '.nodes[] | select(.name==$name) | .net.links[] | select(.id==$link).'${field}
+}
+
+function node_networkdata {
+ name=$1
+
+ if [ ! -f "$NODES_FILE" ]; then
exit 1
fi
- cat "$NODES_FILE" | \
- jq '.nodes[] | {
- name,
- username:.ipmi_driver_info.username,
- password:.ipmi_driver_info.password,
- address:.ipmi_driver_info.address
- } |
- .name + " " +
- .username + " " +
- .password + " " +
- .address' \
- | sed 's/"//g'
+ printf "networks:\n"
+ for network in $(cat $NODES_FILE | jq -r --arg name "$name" '.nodes[] | select(.name==$name) | .net.networks[].id'); do
+ link=$(networkdata_networks_field $name $network "link")
+ type=$(networkdata_networks_field $name $network "type")
+ mac=$(networkdata_links_field $name $link "ethernet_mac_address")
+
+ # Optional values
+ ip_address=$(networkdata_networks_field $name $network "ip_address")
+ gateway=$(networkdata_networks_field $name $network "gateway")
+ dns_nameservers=$(networkdata_networks_field $name $network "dns_nameservers")
+
+ printf " ${network}:\n"
+ printf " macAddress: ${mac}\n"
+ printf " type: ${type}\n"
+ if [[ $ip_address != "null" ]]; then
+ printf " ipAddress: ${ip_address}\n"
+ fi
+ if [[ $gateway != "null" ]]; then
+ printf " gateway: ${gateway}\n"
+ fi
+ if [[ $dns_nameservers != "null" ]]; then
+ printf " nameservers: ${dns_nameservers}\n"
+ fi
+ done
+}
+
+function wait_for {
+ local -r interval=${WAIT_FOR_INTERVAL:-30s}
+ local -r max_tries=${WAIT_FOR_TRIES:-20}
+ local try=0
+ until "$@"; do
+ echo "[${try}/${max_tries}] - Waiting ${interval} for $*"
+ sleep ${interval}
+ try=$((try+1))
+ if [[ ${try} -ge ${max_tries} ]]; then
+ return 1
+ fi
+ done
+}
+
+# This is intended to be used together with list_nodes in the
+# following way:
+# list_nodes | while IFS=',' read -r name ipmi_username ipmi_password ipmi_address boot_mac os_username os_password os_image_name; do ...
+function node_machine_values {
+ printf "machineName: ${name}\n"
+ printf "machineLabels:\n"
+ printf " machine: ${name}\n"
+ printf "bmcUsername: ${ipmi_username}\n"
+ printf "bmcPassword: ${ipmi_password}\n"
+ printf "bmcAddress: ipmi://${ipmi_address}\n"
+ if [[ ! -z ${boot_mac} ]]; then
+ printf "bootMACAddress: ${boot_mac}\n"
+ fi
+ printf "imageName: ${BM_IMAGE}\n"
+ node_userdata ${name} ${os_username} ${os_password}
+ node_networkdata ${name}
}
+function clone_repository {
+ local -r path=$1
+ local -r repo=$2
+ local -r version=$3
+ mkdir -p $(dirname ${path})
+ if [[ -d ${path} && "${FORCE_REPO_UPDATE}" == "true" ]]; then
+ rm -rf "${path}"
+ fi
+ if [ ! -d "${path}" ] ; then
+ pushd $(dirname ${path})
+ git clone "${repo}"
+ popd
+ else
+ pushd "${path}"
+ git fetch
+ popd
+ fi
+ pushd "${path}"
+ git reset --hard "${version}"
+ popd
+}
+
+function clone_baremetal_operator_repository {
+ clone_repository ${BMOPATH} ${BMOREPO} ${BMO_VERSION}
+}
+
+function clone_kud_repository {
+ clone_repository ${KUDPATH} ${KUDREPO} ${KUD_VERSION}
+}
+
+function clone_emco_repository {
+ clone_repository ${EMCOPATH} ${EMCOREPO} ${EMCO_VERSION}
+}
+
+function fetch_image {
+ if [[ "${BM_IMAGE_URL}" && "${BM_IMAGE}" ]]; then
+ mkdir -p "${IRONIC_DATA_DIR}/html/images"
+ pushd ${IRONIC_DATA_DIR}/html/images
+ local_checksum="0"
+ if [[ -f "${BM_IMAGE}" ]]; then
+ local_checksum=$(md5sum ${BM_IMAGE} | awk '{print $1}')
+ fi
+ remote_checksum=$(curl -sL "$(dirname ${BM_IMAGE_URL})/MD5SUMS" | grep ${BM_IMAGE} | awk '{print $1}')
+ if [[ ${local_checksum} != ${remote_checksum} ]]; then
+ curl -o ${BM_IMAGE} --insecure --compressed -O -L ${BM_IMAGE_URL}
+ md5sum ${BM_IMAGE} | awk '{print $1}' > ${BM_IMAGE}.md5sum
+ fi
+ popd
+ fi
+}
Code Review / icn.git / blobdiff