vm_clean_all
vm_cluster:
- ./deploy/site/vm/vm.sh build
./deploy/site/vm/vm.sh deploy
./deploy/site/vm/vm.sh wait
./deploy/kata/kata.sh test
# -*- mode: ruby -*-
# vi: set ft=ruby :
+require 'ipaddr'
+require 'uri'
+require 'yaml'
# IMPORTANT To bring up the machines, use the "--no-parallel" option
# to vagrant up. This is to workaround dependencies between the jump
# machines will fail to come up until the baremetal network (created
# by vagrant from the jump machine definition) is up.
-vars = {
- :site => 'vm',
- :baremetal_cidr => '192.168.151.0/24',
- :num_machines => 2
-}
+site = ENV['ICN_SITE'] || 'vm'
+
+# Calculate the baremetal network address from the bmcAddress (aka
+# IPMI address) specified in the machine pool values. IPMI in the
+# virtual environment is emulated by virtualbmc listening on the host.
+baremetal_cidr = nil
+Dir.glob("deploy/site/#{site}/*.yaml") do |file|
+ YAML.load_stream(File.read(file)) do |document|
+ values = document.fetch('spec', {}).fetch('values', {})
+ next if values['machineName'].nil? || values['bootMACAddress'].nil?
+ bmc_host = URI.parse(values['bmcAddress']).host
+ baremetal_cidr = "#{IPAddr.new(bmc_host).mask(24)}/24"
+ end
+end
+if baremetal_cidr.nil?
+ puts "Missing bmcAddress value in site definition, can't determine baremetal network address"
+ exit 1
+end
$post_up_message = <<MSG
------------------------------------------------------
m.vm.synced_folder '.', '/icn'
m.vm.provider :libvirt do |libvirt|
libvirt.graphics_ip = '0.0.0.0'
- libvirt.default_prefix = "#{vars[:site]}-"
+ libvirt.default_prefix = "#{site}-"
libvirt.cpu_mode = 'host-passthrough'
libvirt.cpus = 8
libvirt.memory = 24576
# The ICN baremetal network is the vagrant management network,
# and is created by vagrant for us
- libvirt.management_network_name = "#{vars[:site]}-baremetal"
- libvirt.management_network_address = vars[:baremetal_cidr]
+ libvirt.management_network_name = "#{site}-baremetal"
+ libvirt.management_network_address = baremetal_cidr
libvirt.management_network_autostart = true
end
# created upon bringing up the jump machine
m.trigger.before [:up] do |trigger|
trigger.name = 'Creating provisioning network'
- trigger.run = {inline: "./tools/vagrant/create_provisioning_network.sh #{vars[:site]}"}
+ trigger.run = {inline: "./tools/vagrant/create_provisioning_network.sh #{site}"}
end
m.trigger.after [:destroy] do |trigger|
trigger.name = 'Destroying provisioning network'
- trigger.run = {inline: "./tools/vagrant/destroy_provisioning_network.sh #{vars[:site]}"}
+ trigger.run = {inline: "./tools/vagrant/destroy_provisioning_network.sh #{site}"}
end
m.vm.network :private_network,
- :libvirt__network_name => "#{vars[:site]}-provisioning",
+ :libvirt__network_name => "#{site}-provisioning",
:type => 'dhcp'
# IPMI control of machines is provided by vbmc on the host
m.vm.post_up_message = $post_up_message
end
- # The machine pool used by cluster creation
- (1..vars[:num_machines]).each do |i|
- config.vm.define "machine-#{i}" do |m|
- m.vm.hostname = "machine-#{i}"
- m.vm.provider :libvirt do |libvirt|
- libvirt.graphics_ip = '0.0.0.0'
- libvirt.default_prefix = "#{vars[:site]}-"
- libvirt.cpu_mode = 'host-passthrough'
- libvirt.cpus = 8
- libvirt.memory = 16384
- libvirt.nested = true
- # The image will be provisioned by ICN so just create an empty
- # disk for the machine
- libvirt.storage :file, :size => 50, :type => 'raw', :cache => 'none'
- # Management attach is false so that vagrant will not interfere
- # with these machines: the jump server will manage them
- # completely
- libvirt.mgmt_attach = false
- end
- # The provisioning network must be listed first for PXE boot to
- # the metal3/ironic provided image
- m.vm.network :private_network,
- :libvirt__network_name => "#{vars[:site]}-provisioning",
- :type => 'dhcp'
- m.vm.network :private_network,
- :libvirt__network_name => "#{vars[:site]}-baremetal",
- :type => 'dhcp'
-
- # IPMI control
- m.trigger.after [:up] do |trigger|
- trigger.name = 'Adding machine to IPMI network'
- trigger.run = {inline: "./tools/vagrant/add_machine_to_vbmc.sh #{i} #{vars[:site]} machine-#{i}"}
- end
- m.trigger.after [:destroy] do |trigger|
- trigger.name = 'Removing machine from IPMI network'
- trigger.run = {inline: "./tools/vagrant/remove_machine_from_vbmc.sh #{i} #{vars[:site]} machine-#{i}"}
- end
+ # Look for any HelmReleases in the site directory with machineName in
+ # the values dictionary. This will provide the values needed to
+ # create the machine pool.
+ legacy_machine_args = ""
+ Dir.glob("deploy/site/#{site}/*.yaml") do |file|
+ YAML.load_stream(File.read(file)) do |document|
+ values = document.fetch('spec', {}).fetch('values', {})
+ next if values['machineName'].nil? || values['bootMACAddress'].nil?
+ machine_name = values['machineName']
+ boot_mac_address = values['bootMACAddress']
+ bmc_port = URI.parse(values['bmcAddress']).port
+ config.vm.define machine_name do |m|
+ m.vm.hostname = machine_name
+ m.vm.provider :libvirt do |libvirt|
+ libvirt.graphics_ip = '0.0.0.0'
+ libvirt.default_prefix = "#{site}-"
+ libvirt.cpu_mode = 'host-passthrough'
+ libvirt.cpus = 8
+ libvirt.memory = 16384
+ libvirt.nested = true
+ # The image will be provisioned by ICN so just create an empty
+ # disk for the machine
+ libvirt.storage :file, :size => 50, :type => 'raw', :cache => 'none'
+ # Management attach is false so that vagrant will not interfere
+ # with these machines: the jump server will manage them
+ # completely
+ libvirt.mgmt_attach = false
+ end
+ # The provisioning network must be listed first for PXE boot to
+ # the metal3/ironic provided image
+ m.vm.network :private_network,
+ :libvirt__network_name => "#{site}-provisioning",
+ :mac => boot_mac_address,
+ :type => 'dhcp'
+ m.vm.network :private_network,
+ :libvirt__network_name => "#{site}-baremetal",
+ :type => 'dhcp'
+
+ # IPMI control
+ m.trigger.after [:up] do |trigger|
+ trigger.name = 'Adding machine to IPMI network'
+ trigger.run = {inline: "./tools/vagrant/add_machine_to_vbmc.sh #{site} #{machine_name} #{bmc_port}"}
+ end
+ m.trigger.after [:destroy] do |trigger|
+ trigger.name = 'Removing machine from IPMI network'
+ trigger.run = {inline: "./tools/vagrant/remove_machine_from_vbmc.sh #{site} #{machine_name} #{bmc_port}"}
+ end
- # Create configuration for ICN provisioning
- m.trigger.after [:up] do |trigger|
- if i == vars[:num_machines] then
+ # Create configuration for ICN provisioning
+ legacy_machine_args = "#{legacy_machine_args} #{machine_name} #{bmc_port}"
+ m.trigger.after [:up] do |trigger|
trigger.info = 'Creating nodes.json.sample describing the machines'
- trigger.run = {inline: "./tools/vagrant/create_nodes_json_sample.sh #{vars[:num_machines]} #{vars[:site]} machine-"}
+ trigger.run = {inline: "./tools/vagrant/create_nodes_json_sample.sh #{site} #{legacy_machine_args}"}
end
- end
- m.trigger.after [:up] do |trigger|
- if i == vars[:num_machines] then
+ m.trigger.after [:up] do |trigger|
trigger.info = 'Creating Provisioning resource describing the cluster'
- trigger.run = {inline: "./tools/vagrant/create_provisioning_cr.sh #{vars[:num_machines]} #{vars[:site]} machine-"}
+ trigger.run = {inline: "./tools/vagrant/create_provisioning_cr.sh #{site} #{legacy_machine_args}"}
end
end
- m.trigger.after [:up] do |trigger|
- trigger.name = 'Creating machine resource'
- trigger.run = {inline: "./tools/vagrant/create_machine_resource.sh #{i} #{vars[:site]} machine-#{i}"}
- end
end
end
end
--- /dev/null
+#!/usr/bin/env bash
+set -eu -o pipefail
+
+function _gpg_key_fp {
+ gpg --with-colons --list-secret-keys $1 | awk -F: '/fpr/ {print $10;exit}'
+}
+
+function create_gpg_key {
+ local -r key_name=$1
+
+ # Create an rsa4096 key that does not expire
+ gpg --batch --full-generate-key <<EOF
+%no-protection
+Key-Type: 1
+Key-Length: 4096
+Subkey-Type: 1
+Subkey-Length: 4096
+Expire-Date: 0
+Name-Real: ${key_name}
+EOF
+}
+
+function export_gpg_private_key {
+ gpg --export-secret-keys --armor "$(_gpg_key_fp $1)"
+}
+
+function sops_encrypt_site {
+ local -r site_yaml=$1
+ local -r key_name=$2
+
+ local -r site_dir=$(dirname ${site_yaml})
+ local -r key_fp=$(_gpg_key_fp ${key_name})
+
+ # Commit the public key to the repository so that team members who
+ # clone the repo can encrypt new files
+ echo "Creating ${site_dir}/sops.pub.asc with public key used to encrypt secrets"
+ gpg --export --armor "${key_fp}" >${site_dir}/sops.pub.asc
+
+ # Add .sops.yaml so users won't have to worry about specifying the
+ # proper key for the target cluster or namespace
+ echo "Creating ${site_dir}/.sops.yaml SOPS configuration file"
+ cat <<EOF > ${site_dir}/.sops.yaml
+creation_rules:
+ - path_regex: .*.yaml
+ encrypted_regex: ^(bmcPassword|hashedPassword)$
+ pgp: ${key_fp}
+EOF
+
+ sops --encrypt --in-place --config=${site_dir}/.sops.yaml ${site_yaml}
+}
+
+function sops_decrypt_site {
+ local -r site_yaml=$1
+
+ local -r site_dir=$(dirname ${site_yaml})
+ sops --decrypt --in-place --config=${site_dir}/.sops.yaml ${site_yaml}
+}
+
+function flux_create_site {
+ local -r url=$1
+ local -r branch=$2
+ local -r path=$3
+ local -r key_name=$4
+
+ local -r source_name="$(basename ${url})-${branch}"
+ local -r kustomization_name="${source_name}-site-$(basename ${path})"
+ local -r key_fp=$(gpg --with-colons --list-secret-keys ${key_name} | awk -F: '/fpr/ {print $10;exit}')
+ local -r secret_name="${key_name}-sops-gpg"
+
+ flux create source git ${source_name} --url=${url} --branch=${branch}
+ gpg --export-secret-keys --armor "$(_gpg_key_fp ${key_name})" |
+ kubectl -n flux-system create secret generic ${secret_name} --from-file=sops.asc=/dev/stdin --dry-run=client -o yaml |
+ kubectl apply -f -
+ flux create kustomization ${kustomization_name} --path=${path} --source=GitRepository/${source_name} --prune=true \
+ --decryption-provider=sops --decryption-secret=${secret_name}
+}
--- /dev/null
+#!/usr/bin/env bash
+set -eu -o pipefail
+
+SCRIPTDIR="$(readlink -f $(dirname ${BASH_SOURCE[0]}))"
+LIBDIR="$(dirname $(dirname ${SCRIPTDIR}))/env/lib"
+
+source $LIBDIR/common.sh
+source $SCRIPTDIR/common.sh
+
+case $1 in
+ "create-gpg-key") create_gpg_key $2 ;;
+ "sops-encrypt-site") sops_encrypt_site $2 $3 ;;
+ "sops-decrypt-site") sops_decrypt_site $2 ;;
+ "flux-create-site") flux_create_site $2 $3 $4 $5;;
+ *) cat <<EOF
+Usage: $(basename $0) COMMAND
+
+Commands:
+ create-gpg-key KEY_NAME - Create GPG keypair in local keyring
+ sops-encrypt-site SITE_YAML KEY_NAME - Encrypt SITE_YAML secrets with KEY_NAME
+ sops-decrypt-site SITE_YAML - Decrypt SITE_YAML secrets
+ flux-create-site URL BRANCH PATH KEY_NAME - Create Flux resources to deploy site
+EOF
+ ;;
+esac
--- /dev/null
+creation_rules:
+ - path_regex: .*.yaml
+ encrypted_regex: ^(bmcPassword|hashedPassword)$
+ pgp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+++ /dev/null
-clusterName: e2etest
-clusterLabels:
- site: vm
-keepalived:
- interface: ens6
- routerId: 3
-networks:
- baremetal:
- interface: ens6
- provisioning:
- interface: ens5
-userData:
- sshAuthorizedKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrxu+fSrU51vgAO5zP5xWcTU8uLv4MkUZptE2m1BJE88JdQ80kz9DmUmq2AniMkVTy4pNeUW5PsmGJa+anN3MPM99CR9I37zRqy5i6rUDQgKjz8W12RauyeRMIBrbdy7AX1xasoTRnd6Ta47bP0egiFb+vUGnlTFhgfrbYfjbkJhVfVLCTgRw8Yj0NSK16YEyhYLbLXpix5udRpXSiFYIyAEWRCCsWJWljACr99P7EF82vCGI0UDGCCd/1upbUwZeTouD/FJBw9qppe6/1eaqRp7D36UYe3KzLpfHQNgm9AzwgYYZrD4tNN6QBMq/VUIuam0G1aLgG8IYRLs41HYkJ root@jump
-flux:
- path: ./deploy/site/cluster-e2etest
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAz/UPm/uLY2bknS+pA6GtoeIpA9wBunYcUkEI6VIq/FLtsher
+tVgB6vHAQOCrjpy9Xi0Kmg0TTXiuNhGoux4uUJYWzWtzA+IRIfCzNZFA7LZZek1l
+JNS1QF/L3B0T7oRwvd8nhls1y3cUpdo4gdLJz8kbjWlvTR8/LjWxbGVLSdyfKUKL
+/OXYAho3R8IcXQ44qaxEkC7Hg+YoCs+8oZT3QB6x/tWZs7J4NTlAWLFLetjiZ1SN
+JJL09B/7pxZeq6pJmVPENeDTahJMDBRo3DnBPeWT8+WXPRHYz3HtJgy6LJ/ceYLC
+ntjGoq2yS2EafakH+yYMzrh9rPYJyeLJJZAfNwIDAQABAoIBABKcQsZZz5KYvbLX
+dg+uI2TOYY9H3Bu8wDIYQdznjpNANKdweNxkwN8uvV7Q/Glp24SXEVDSBL01JJoQ
+IIKGY+ywUeAWUpexXokkClWr5xyIAR/x1zBhnMrjB9JuA7+fuJs1Yksi1ICd6ooh
+Kldr7sWaoM2Z9uz28+eFxJgHxKIaY+aoP+S/UFv+2fX1uGHcADpGf16Z92TaWo4h
+pa296owO+kHWb6lbFPmslJpVqb+jrIky1a6KXCZAHxxQqQ042IHt8GnIZm9dFneq
+gHwjtMlZAyowwjPf/SRzZGVh285O9Zr3Y30PMPqfmMD2x11KVB2vJkHgzXA64GFe
+/6TpgWkCgYEA/RFrmL2FIdAbWqO3jL356FmfmSaFhk+le2w+qWLR/ypGvdtw2+c+
+V9jpsfoWQp3Cs0ryqu2K764YCf4EwxQVmPLYA0DD3gqSxD57TRlm+JiYZHD/8f8c
+P59EnYkLOd8RuonpzTXEu+EhrBztRRRulBFhsqGaeSh0v+OP+nOyn4UCgYEA0l3Y
+f1w4dn+M2mxFpYH+F7tZo0os/KPJRvC0cF/ooBcsfM+DlEw5iQp9HQR1lJHy3VGS
+8zi7V9/ACej7Bn45sbUsbdGXVxG8pWhgwFUgLR9whMrKN4ZocAIarf3lHwvUld7L
+AQBg/jynrlXubb4B9BvoaJ9uRh7KJ8yZCZ/gGosCgYBP8ZPa4WvQHay2emd+d3kd
+1EodmFSv9DMjhTNaURRjlhhY25yQa0F/gM96YLVtf+bEutVj97xfMND5PxyD/7E+
+6uAgTvJRD2gDxHUxCuhDefkSKbxA10U2N/r2BRfdxUEVe4G3SNgIPftkIpM1slmo
+PsFtK63fvk77W0jdZnUz/QKBgHI4glSkvgOZPeFa6HX1HwHDt+fxXnvOcnsSNubN
+LIHAE2exRMBAovzFtSkMQstoc3W31RI6u336/0piNepQnwLeXEFEi+e6ubMV+XJ0
+xgO6Dl4LvcBoOkyW1+Wg9cblpYe6cH8atY9VX7ZI8iyj/muMu6QS7M0l6p2xeWbA
+Z+4BAoGALegvmJQsNKTRXEyCjSOTq5FrOB9vSPDyLJ30HIN0sFHU0hycehPEzGcS
+VWLTct6IAy+Hs4md8YJHv0izN3WNvKdU0jMOkOirWC5XexWnnP9W8T7jZnnORjd2
+FkudWZC2d6el+JA3b021kjDMpBw4lMmr4vvwWbgDZpKaqx23HmU=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDP9Q+b+4tjZuSdL6kDoa2h4ikD3AG6dhxSQQjpUir8Uu2yF6u1WAHq8cBA4KuOnL1eLQqaDRNNeK42Eai7Hi5QlhbNa3MD4hEh8LM1kUDstll6TWUk1LVAX8vcHRPuhHC93yeGWzXLdxSl2jiB0snPyRuNaW9NHz8uNbFsZUtJ3J8pQov85dgCGjdHwhxdDjiprESQLseD5igKz7yhlPdAHrH+1Zmzsng1OUBYsUt62OJnVI0kkvT0H/unFl6rqkmZU8Q14NNqEkwMFGjcOcE95ZPz5Zc9EdjPce0mDLosn9x5gsKe2MairbJLYRp9qQf7JgzOuH2s9gnJ4sklkB83 root@jump
--- /dev/null
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: metal3
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age: []
+ lastmodified: "2021-12-10T17:33:39Z"
+ mac: ENC[AES256_GCM,data:7aiq2A575kdNRs72319eOMh7ZMRKJVyU62NjIMXsHjhZE6Pk3lhulFuA/X4EcifNOMlHOuLR9Ovdv0iK3yVRSMf4oUKVWSDfY6zC+u5tr6fDx1jzF5etlPcEDcwwJnkj2ln4IjjR+B3ffRXTGG9mB9IXXIoq6ygeh3qkOfMydYg=,iv:+IPqs5qt8wFbFPWk584bk4+mvcTJfgQRTKT9E9BfnPQ=,tag:tcanGxTBztf0HIobK3+gEQ==,type:str]
+ pgp:
+ - created_at: "2021-12-10T17:33:38Z"
+ enc: |
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4SX7nk+q+zPAQ//fduMfeRxBfxXOBZ9Ho35MyLfVEU/BH99Rs7RA0b2Fzrc
+ dL9Qre7qJ6EPZt7LFduINUP7wKO8m1ReMrfWK4J4t07LgU9x1aoSDe8wRD4h4lvA
+ AX1SikXa2CA1BlcRu/tjQvCMze+USMMIPBZ3t/uW4AT7JET+vhERXNwTzvt5lV/R
+ l1XfCQeHRvbD8YnrREvZJ+oAHv3DiGBaSdiWPdvfQBgRrCu99I9+wlZAOOkAhqBq
+ R5DWWlXfh9/eh5211g8uKXo5vwSbmUgQGG2O+8twMS32AoCRE2jcmSWRE667r5c+
+ 7ICcaYhtA/hjMbaKSgTKi8cm/UhPxUXlWbq8zSV5tV8L3oeFHrFJZPv27M610TdS
+ 8JNVj08iIcEr7Po3OZ8+wT7cX+LxcrK+JeWzH8X2xLH5wkTJlChPajOYssMl8kJC
+ RT1KlYMu7clg4CT8Ouad7dsINjlObebo1VOuTmYdNQN2jxkCophcBL8LKxfky186
+ GI2HRHAvhsnWiqhlgGIYdLm78kG3WyLVag82j2ppE1eswFQPS4Z1T5wZWf240QG1
+ WI1REmjhEgOKMkvfWKbz/vdcOsI34ACknMd7ByRyI0T/m17PzcBphCP40rbF+W0O
+ GmY29spGTnppK4HYd7Ym59sLX0z/GS0bkttP9ZBZMtVWXl/Z7Am4x1hUhiLn/tfS
+ XAGt2OxeAI8MXJrRti85PR8OKasgMzWN4rvCvnPi56uvLDVezMu0AICuKTIAJb/g
+ pu3XtrPudeMAeVjlNzwfdmYzkSyg85rZDvbx5+ObjB7+ajEvUGbd6ZI8TnP8
+ =l0ei
+ -----END PGP MESSAGE-----
+ fp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+ encrypted_regex: ^(bmcPassword|hashedPassword)$
+ version: 3.7.1
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+ name: icn
+ namespace: metal3
+spec:
+ gitImplementation: go-git
+ interval: 1m0s
+ ref:
+ branch: master
+ timeout: 20s
+ url: https://gerrit.akraino.org/r/icn
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age: []
+ lastmodified: "2021-12-10T17:33:39Z"
+ mac: ENC[AES256_GCM,data:7aiq2A575kdNRs72319eOMh7ZMRKJVyU62NjIMXsHjhZE6Pk3lhulFuA/X4EcifNOMlHOuLR9Ovdv0iK3yVRSMf4oUKVWSDfY6zC+u5tr6fDx1jzF5etlPcEDcwwJnkj2ln4IjjR+B3ffRXTGG9mB9IXXIoq6ygeh3qkOfMydYg=,iv:+IPqs5qt8wFbFPWk584bk4+mvcTJfgQRTKT9E9BfnPQ=,tag:tcanGxTBztf0HIobK3+gEQ==,type:str]
+ pgp:
+ - created_at: "2021-12-10T17:33:38Z"
+ enc: |
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4SX7nk+q+zPAQ//fduMfeRxBfxXOBZ9Ho35MyLfVEU/BH99Rs7RA0b2Fzrc
+ dL9Qre7qJ6EPZt7LFduINUP7wKO8m1ReMrfWK4J4t07LgU9x1aoSDe8wRD4h4lvA
+ AX1SikXa2CA1BlcRu/tjQvCMze+USMMIPBZ3t/uW4AT7JET+vhERXNwTzvt5lV/R
+ l1XfCQeHRvbD8YnrREvZJ+oAHv3DiGBaSdiWPdvfQBgRrCu99I9+wlZAOOkAhqBq
+ R5DWWlXfh9/eh5211g8uKXo5vwSbmUgQGG2O+8twMS32AoCRE2jcmSWRE667r5c+
+ 7ICcaYhtA/hjMbaKSgTKi8cm/UhPxUXlWbq8zSV5tV8L3oeFHrFJZPv27M610TdS
+ 8JNVj08iIcEr7Po3OZ8+wT7cX+LxcrK+JeWzH8X2xLH5wkTJlChPajOYssMl8kJC
+ RT1KlYMu7clg4CT8Ouad7dsINjlObebo1VOuTmYdNQN2jxkCophcBL8LKxfky186
+ GI2HRHAvhsnWiqhlgGIYdLm78kG3WyLVag82j2ppE1eswFQPS4Z1T5wZWf240QG1
+ WI1REmjhEgOKMkvfWKbz/vdcOsI34ACknMd7ByRyI0T/m17PzcBphCP40rbF+W0O
+ GmY29spGTnppK4HYd7Ym59sLX0z/GS0bkttP9ZBZMtVWXl/Z7Am4x1hUhiLn/tfS
+ XAGt2OxeAI8MXJrRti85PR8OKasgMzWN4rvCvnPi56uvLDVezMu0AICuKTIAJb/g
+ pu3XtrPudeMAeVjlNzwfdmYzkSyg85rZDvbx5+ObjB7+ajEvUGbd6ZI8TnP8
+ =l0ei
+ -----END PGP MESSAGE-----
+ fp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+ encrypted_regex: ^(bmcPassword|hashedPassword)$
+ version: 3.7.1
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: machine-1
+ namespace: metal3
+spec:
+ interval: 5m
+ chart:
+ spec:
+ chart: deploy/machine
+ sourceRef:
+ kind: GitRepository
+ name: icn
+ interval: 1m
+ values:
+ machineName: machine-1
+ bootMACAddress: 52:54:00:c6:75:40
+ bmcAddress: ipmi://192.168.151.1:6230
+ bmcUsername: admin
+ bmcPassword: ENC[AES256_GCM,data:NirGLqlAT7A=,iv:W25j39CMEmJUXDl2o2UvXbdumqnpBY2K4/7gp6DZttQ=,tag:4h1pzHcnVnS0FMX0F9ugCg==,type:str]
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age: []
+ lastmodified: "2021-12-10T17:33:39Z"
+ mac: ENC[AES256_GCM,data:7aiq2A575kdNRs72319eOMh7ZMRKJVyU62NjIMXsHjhZE6Pk3lhulFuA/X4EcifNOMlHOuLR9Ovdv0iK3yVRSMf4oUKVWSDfY6zC+u5tr6fDx1jzF5etlPcEDcwwJnkj2ln4IjjR+B3ffRXTGG9mB9IXXIoq6ygeh3qkOfMydYg=,iv:+IPqs5qt8wFbFPWk584bk4+mvcTJfgQRTKT9E9BfnPQ=,tag:tcanGxTBztf0HIobK3+gEQ==,type:str]
+ pgp:
+ - created_at: "2021-12-10T17:33:38Z"
+ enc: |
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4SX7nk+q+zPAQ//fduMfeRxBfxXOBZ9Ho35MyLfVEU/BH99Rs7RA0b2Fzrc
+ dL9Qre7qJ6EPZt7LFduINUP7wKO8m1ReMrfWK4J4t07LgU9x1aoSDe8wRD4h4lvA
+ AX1SikXa2CA1BlcRu/tjQvCMze+USMMIPBZ3t/uW4AT7JET+vhERXNwTzvt5lV/R
+ l1XfCQeHRvbD8YnrREvZJ+oAHv3DiGBaSdiWPdvfQBgRrCu99I9+wlZAOOkAhqBq
+ R5DWWlXfh9/eh5211g8uKXo5vwSbmUgQGG2O+8twMS32AoCRE2jcmSWRE667r5c+
+ 7ICcaYhtA/hjMbaKSgTKi8cm/UhPxUXlWbq8zSV5tV8L3oeFHrFJZPv27M610TdS
+ 8JNVj08iIcEr7Po3OZ8+wT7cX+LxcrK+JeWzH8X2xLH5wkTJlChPajOYssMl8kJC
+ RT1KlYMu7clg4CT8Ouad7dsINjlObebo1VOuTmYdNQN2jxkCophcBL8LKxfky186
+ GI2HRHAvhsnWiqhlgGIYdLm78kG3WyLVag82j2ppE1eswFQPS4Z1T5wZWf240QG1
+ WI1REmjhEgOKMkvfWKbz/vdcOsI34ACknMd7ByRyI0T/m17PzcBphCP40rbF+W0O
+ GmY29spGTnppK4HYd7Ym59sLX0z/GS0bkttP9ZBZMtVWXl/Z7Am4x1hUhiLn/tfS
+ XAGt2OxeAI8MXJrRti85PR8OKasgMzWN4rvCvnPi56uvLDVezMu0AICuKTIAJb/g
+ pu3XtrPudeMAeVjlNzwfdmYzkSyg85rZDvbx5+ObjB7+ajEvUGbd6ZI8TnP8
+ =l0ei
+ -----END PGP MESSAGE-----
+ fp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+ encrypted_regex: ^(bmcPassword|hashedPassword)$
+ version: 3.7.1
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: machine-2
+ namespace: metal3
+spec:
+ interval: 5m
+ chart:
+ spec:
+ chart: deploy/machine
+ sourceRef:
+ kind: GitRepository
+ name: icn
+ interval: 1m
+ values:
+ machineName: machine-2
+ bootMACAddress: 52:54:00:6f:d6:97
+ bmcAddress: ipmi://192.168.151.1:6231
+ bmcUsername: admin
+ bmcPassword: ENC[AES256_GCM,data:yXyJBi5nEgI=,iv:m6YOy0WkKbAmEJ2zAgpzeGjlU625fCwZ+bh0lFaNxmM=,tag:BARypQBJZXxRv5nbi5pcog==,type:str]
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age: []
+ lastmodified: "2021-12-10T17:33:39Z"
+ mac: ENC[AES256_GCM,data:7aiq2A575kdNRs72319eOMh7ZMRKJVyU62NjIMXsHjhZE6Pk3lhulFuA/X4EcifNOMlHOuLR9Ovdv0iK3yVRSMf4oUKVWSDfY6zC+u5tr6fDx1jzF5etlPcEDcwwJnkj2ln4IjjR+B3ffRXTGG9mB9IXXIoq6ygeh3qkOfMydYg=,iv:+IPqs5qt8wFbFPWk584bk4+mvcTJfgQRTKT9E9BfnPQ=,tag:tcanGxTBztf0HIobK3+gEQ==,type:str]
+ pgp:
+ - created_at: "2021-12-10T17:33:38Z"
+ enc: |
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4SX7nk+q+zPAQ//fduMfeRxBfxXOBZ9Ho35MyLfVEU/BH99Rs7RA0b2Fzrc
+ dL9Qre7qJ6EPZt7LFduINUP7wKO8m1ReMrfWK4J4t07LgU9x1aoSDe8wRD4h4lvA
+ AX1SikXa2CA1BlcRu/tjQvCMze+USMMIPBZ3t/uW4AT7JET+vhERXNwTzvt5lV/R
+ l1XfCQeHRvbD8YnrREvZJ+oAHv3DiGBaSdiWPdvfQBgRrCu99I9+wlZAOOkAhqBq
+ R5DWWlXfh9/eh5211g8uKXo5vwSbmUgQGG2O+8twMS32AoCRE2jcmSWRE667r5c+
+ 7ICcaYhtA/hjMbaKSgTKi8cm/UhPxUXlWbq8zSV5tV8L3oeFHrFJZPv27M610TdS
+ 8JNVj08iIcEr7Po3OZ8+wT7cX+LxcrK+JeWzH8X2xLH5wkTJlChPajOYssMl8kJC
+ RT1KlYMu7clg4CT8Ouad7dsINjlObebo1VOuTmYdNQN2jxkCophcBL8LKxfky186
+ GI2HRHAvhsnWiqhlgGIYdLm78kG3WyLVag82j2ppE1eswFQPS4Z1T5wZWf240QG1
+ WI1REmjhEgOKMkvfWKbz/vdcOsI34ACknMd7ByRyI0T/m17PzcBphCP40rbF+W0O
+ GmY29spGTnppK4HYd7Ym59sLX0z/GS0bkttP9ZBZMtVWXl/Z7Am4x1hUhiLn/tfS
+ XAGt2OxeAI8MXJrRti85PR8OKasgMzWN4rvCvnPi56uvLDVezMu0AICuKTIAJb/g
+ pu3XtrPudeMAeVjlNzwfdmYzkSyg85rZDvbx5+ObjB7+ajEvUGbd6ZI8TnP8
+ =l0ei
+ -----END PGP MESSAGE-----
+ fp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+ encrypted_regex: ^(bmcPassword|hashedPassword)$
+ version: 3.7.1
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: cluster-e2etest
+ namespace: metal3
+spec:
+ interval: 5m
+ chart:
+ spec:
+ chart: deploy/cluster
+ sourceRef:
+ kind: GitRepository
+ name: icn
+ interval: 1m
+ values:
+ clusterName: e2etest
+ clusterLabels:
+ site: vm
+ keepalived:
+ interface: ens6
+ routerId: 3
+ networks:
+ baremetal:
+ interface: ens6
+ provisioning:
+ interface: ens5
+ userData:
+ hashedPassword: ENC[AES256_GCM,data:N60s4MON2Xmkq1MqQtnp865IqHjeISQv17LJsuRLbrE4K2AvBDmgbZjt00xLiiBbcSuLJYLcTquC+Z4DhFEaq3mkumsOqZ8Q66sy0GR+Kja8PUsDXL8Bqlmusw1O6EzwAl0eK26VFW4PeC/Q7VVKyrH4osI=,iv:jTNY88lxKW6IHTH041ibR8+ZKGm4D7OC8hH5TGglR1Q=,tag:mDe/T+edPuyqkX/tbG4h1w==,type:str]
+ sshAuthorizedKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDP9Q+b+4tjZuSdL6kDoa2h4ikD3AG6dhxSQQjpUir8Uu2yF6u1WAHq8cBA4KuOnL1eLQqaDRNNeK42Eai7Hi5QlhbNa3MD4hEh8LM1kUDstll6TWUk1LVAX8vcHRPuhHC93yeGWzXLdxSl2jiB0snPyRuNaW9NHz8uNbFsZUtJ3J8pQov85dgCGjdHwhxdDjiprESQLseD5igKz7yhlPdAHrH+1Zmzsng1OUBYsUt62OJnVI0kkvT0H/unFl6rqkmZU8Q14NNqEkwMFGjcOcE95ZPz5Zc9EdjPce0mDLosn9x5gsKe2MairbJLYRp9qQf7JgzOuH2s9gnJ4sklkB83 root@jump
+ flux:
+ url: https://gerrit.akraino.org/r/icn
+ branch: master
+ path: ./deploy/site/cluster-e2etest
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age: []
+ lastmodified: "2021-12-10T17:33:39Z"
+ mac: ENC[AES256_GCM,data:7aiq2A575kdNRs72319eOMh7ZMRKJVyU62NjIMXsHjhZE6Pk3lhulFuA/X4EcifNOMlHOuLR9Ovdv0iK3yVRSMf4oUKVWSDfY6zC+u5tr6fDx1jzF5etlPcEDcwwJnkj2ln4IjjR+B3ffRXTGG9mB9IXXIoq6ygeh3qkOfMydYg=,iv:+IPqs5qt8wFbFPWk584bk4+mvcTJfgQRTKT9E9BfnPQ=,tag:tcanGxTBztf0HIobK3+gEQ==,type:str]
+ pgp:
+ - created_at: "2021-12-10T17:33:38Z"
+ enc: |
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4SX7nk+q+zPAQ//fduMfeRxBfxXOBZ9Ho35MyLfVEU/BH99Rs7RA0b2Fzrc
+ dL9Qre7qJ6EPZt7LFduINUP7wKO8m1ReMrfWK4J4t07LgU9x1aoSDe8wRD4h4lvA
+ AX1SikXa2CA1BlcRu/tjQvCMze+USMMIPBZ3t/uW4AT7JET+vhERXNwTzvt5lV/R
+ l1XfCQeHRvbD8YnrREvZJ+oAHv3DiGBaSdiWPdvfQBgRrCu99I9+wlZAOOkAhqBq
+ R5DWWlXfh9/eh5211g8uKXo5vwSbmUgQGG2O+8twMS32AoCRE2jcmSWRE667r5c+
+ 7ICcaYhtA/hjMbaKSgTKi8cm/UhPxUXlWbq8zSV5tV8L3oeFHrFJZPv27M610TdS
+ 8JNVj08iIcEr7Po3OZ8+wT7cX+LxcrK+JeWzH8X2xLH5wkTJlChPajOYssMl8kJC
+ RT1KlYMu7clg4CT8Ouad7dsINjlObebo1VOuTmYdNQN2jxkCophcBL8LKxfky186
+ GI2HRHAvhsnWiqhlgGIYdLm78kG3WyLVag82j2ppE1eswFQPS4Z1T5wZWf240QG1
+ WI1REmjhEgOKMkvfWKbz/vdcOsI34ACknMd7ByRyI0T/m17PzcBphCP40rbF+W0O
+ GmY29spGTnppK4HYd7Ym59sLX0z/GS0bkttP9ZBZMtVWXl/Z7Am4x1hUhiLn/tfS
+ XAGt2OxeAI8MXJrRti85PR8OKasgMzWN4rvCvnPi56uvLDVezMu0AICuKTIAJb/g
+ pu3XtrPudeMAeVjlNzwfdmYzkSyg85rZDvbx5+ObjB7+ajEvUGbd6ZI8TnP8
+ =l0ei
+ -----END PGP MESSAGE-----
+ fp: A4B4A47A1DB07DE00E8158BE411E23534CA8FAE0
+ encrypted_regex: ^(bmcPassword|hashedPassword)$
+ version: 3.7.1
--- /dev/null
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+
+lQcYBGGuW6EBEADPL46O8WFQzLgKGpRE14fqxpUChIiTtTBI9RnTQ4RdYKdZEJGE
+AfWkx3mmp0ih9BUHNBzf9knPgq+KUiyaLBt9HB2PVgXxkVspsovHVTCS4Sp4iBRf
+CHPhAFAoeZSLo3I/k7W0tTxDKhRWL9qI2APU/2PDFrNX1BqwhKhIPjIX8ipx32iV
+QMBAYhhtF7xHsDttX/KGiU7U3klLasnFUfYSbmrHybl7VLTbivAdHe5ejkfMx4BI
+IjSloD6HLrdovWaYoaADtK2pIzx0W4EtE76doIGpcl6XEqk2VEsXFwjlvmk/FZT8
+HsTnba5Q+VaiDdt8nWkmA5kkz2bp/uklndN3BQkyWhdU8orSXsRibP2uBXr3p8yw
+LfarjBMcqiUPRS8GBW4VR2eYse9qBJAJ/CKUK3LhA1wONmpWE1iYH4KFsIYdUlcf
+tQ0J0ojUWyaCxMlkQ2aSDCt/x46gQ8BPn4OwAEQlRhn9R0bK6ZgYQ+AGdzAdlFbZ
+5qJO5/v6/rad+ZWoMKcRS1eJECsn1l6EwuDSZEjSnXULTMiXLAVW7btFtRrogHRJ
+jcxD3sIyAhh7ITyLfsf9LJHWB9QP18a8PoVfwtARTZ5jnjmPuxtLS262t/TgCmWa
+W54h8dr2jyhOzSE2YSGH4wp83Cl8IwStXQ02S/NNsi470h32ehZO7ksY1wARAQAB
+AA/5AdnHZqHeLLE54zHpzYjtVbA3mNad7k/Xvfyo7+WAIUCe1mnazP4491sVwSsE
+dVDZNqEbebSWWNpKUk3KhdAIqNOXDdUt0T0i1L7Y9g4QCXiJ0rD6lApOOUqg1mn6
+6pm1fVrlcefmtjACGopgldxja4FJeAqh2QF+9mgKsIUfRbwNPQ2j8HOg8etT97Pv
+5pge/rtb6rKQHsWS2aSW+FXXuLcULLZNm3AYl6hSIHWsncqGIwOEEaOqqwd4vRSy
+bD0+yixJVt5wc/yyAL7zBplLW1xcT5/kXl7LwnUyQhU3nTHB0agG+rBB2O4SYpI3
+9MhR5/cf6OmmZw34Lr2mo0j4K5B0pD4Hn6ccC+RrTSUd5W6YOkZ0+GGULbCuMfvH
+PX7FCLR3/FLevr4h8rN5jTlVNQW/N8AosIZmzCLLRR8NSH5+bw0YZ2Y9eWpOAlRG
+f0mfnBwT/7AoX3RYSdgQhMTgtZaIibicuKGwh2ggh+JtR9xsjY8X4n4n8ATnzdFc
+pxvXBPR8NRvw+fxpyLPyRfGByp6be6Yer83iZP04bVz1JlXksCqSLNJCNho4Qwjd
+haffUB2DI5L2k0jZ5WCcSM2eh/WLzw/XtlCleputCia7PPFjUKzIXh1WiJOuaTrL
+OjHXqPtTzKi4f7pfWoP+d2VLbxAQyW6k45TWtP4UAkJjEzkIANIkxO4xdwyg+nsu
+Sq59icu5IJOR5CAPDnTpip7CccP5qSqiBBWg9gZhIRKHU/X8ruWsxpp3EZ2SvvuJ
++Z9ggQ5dTmD+s5Ipo9PCp2FKdAuapIKxPJeROJA8cmjUkFox2quSz4GPrTIADyvm
+zDcPWyXQLwvF612Kf3BUBZnR7tYt8bAx50LCGOb+s9Xqgc58bmauGZVlytJ8Bm/7
+XtkSacVtxBWgCohej0tZuhTPx1Bfc8cD3rPTD62dRtocHh+G9sksaf5m7ytAsE/w
+iqhqiPOt5aAoOz/YPJn2ORbeW77suhavB83zSTTWBL1QyEVea+GmXDZCioY7tp41
+qgy6jzkIAPxljY3zo02BBimfFhtXgiwymxuEtGjFJitH2lzCBrpFyDDwBDIUHIe3
+8GNnASM/vY445R0AfAxxSymsQwCivoaLzHVVgZiRNDiKQTvHAtqiHN9DI76EcyU4
+EVo8FUh+qW2ontD//dMUOxj92QL6zyJiP9EC2SqIswaur8M9LHwEG61he4i43z6n
+gHMXvgiiIJr8oczZWtO+hJBCmcUOZKsJ6LBX4cg4lj4DgMKEnz4UCTiIxTVr6Z2V
+YRUMWA/6vomoyY/E9NkzK1OhgcaGHPh/YZMW59rWBw3wOZA8SLxEADybQEQd3Bav
+8mRof+yqGYwkkfvQQNlp6giE9WYl2I8H/jgKpCSBzRPRiwhlnQwhX11Lyw860VvV
+h4BE4PHUCL/5oQt8KLCbMOA6hbC/6t6fvGyuGpItFTANGMUnclZfUXuuGUcm+Hjx
+y3p3gGiB4ZievE+UBSi09AHMQjLc7dmPKSeh8AbOFg3PiHG1uNwGgvCTPl8i5GQP
+edxTqybb10KrVQXocUxnZQwBZsEj9fGbhQx7SJnmCKFsCHmP6rrxM/YaVk9ydk7D
+K/BRqNiRkIn91oWmCBYTmn5Q7IA5pgYkf1NZIEHUhYpzJSSpIS4Xg/g84/a7hnk0
+K3voiLoEsaQaw87NGff2tLQgkN6gcfsV1wSqGYz/0Y1w5RZd8njQZE5/47QLaWNu
+LXNpdGUtdm2JAk4EEwEKADgWIQSktKR6HbB94A6BWL5BHiNTTKj64AUCYa5boQIb
+LwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRBBHiNTTKj64HyMD/9+qnEVFQG/
+pGTySmJ3Bt0itXGKexKwU3BhYuVSJQFswRPNZoV3nyT5YJvteQ83cW+OqcUxO4Ot
+c17AVcQtpp+tF5gH/8JKzyvrJyXq/PQfRy4cxzyDSR6uqh34qXzYJjqmeohqP1zh
+QgjQV2dpWkT8w453PbXgU5Dko33R7gqIfUJPYIT9sBfLdJMdGvrFK2WFfQRk4vKQ
+XVBikN5MlEDmUYj3QgdjYnoPN5Y4lB4zN0IodwccahGI0knZXAj8lhXPyUyq8lfy
+F9KfMYOl3kHncqI5uBQ2VE6ca/MqLTVX8frNl2dIkHfJtlgmXBqwsHmDUFKkxAJJ
+r16xJlhlSzGgSa7c7ikKOkAtoMBMNDwqb/pGSWirpFH9IKMGG8BJCglqVx7pwKC2
+NSX4uoWtKrzrXXWal2WkVlPgg3zJ0dt3ZqaSV0p3j6wkxkIYSOoB//1Suf7iN5Qg
+OInzlgtuZUswnX3Ujm70fPceW0z95Fb8dZE28/xbLquaG9Se/Lr91TayjNDE8dI4
+4JAinOZlaKsAFv5+W97gmcOiUwUkb0d20VPYNC7MNUf8SsCQXPE3+givGYM88YRX
+frSoC9hPTmFhTIHYP7PJNq+NsaUoTsCR59tHSV1Bo2BEYKi2D+Jkis8D9uaqLt3W
+eUYDCjCX1olYR3C7xzmUHLX6Ss1HRiP7kp0HGARhrluhARAArLYGKiV+UsUGQjze
+A8IQaKksX/geMV4dICu9+26XkGjPmwI0gnRd2EFWOr15+iyofne/Gdjw3ytV7JLK
+Wou3dIeMPS3+ZJnNb7/MlT4QZ8+8d9rgR/y4RwqdUid+Hf9PnY1+uSSIe8rQ8Zs3
+BOvXECnardnI+g87Iz6zTPtHuaKppntJVItEIM8IalLcktFT/QTs4g/56qHc5jja
+syE6C34+/duRWcJ9l8HGp+2WM8UNrimb3NcOo2omj5AaBMwzsoEFYcqY9BphsjuH
+RfenPsv/vup68tJ2bmc34gVaPivu/OrkxEwGESegRHrP0JV8UxoEKRNlRu6eWf7Q
+0DvwN2hW/PIYFpUODrdS25+wZVL5QNRC18JaFeZ04qpk6TcEogLgEQqrLVjN8db7
+oGVDRGRmZEQBLY2oQI8qQb5bOGuYiJVm6lZnXAAp7b2WSheSsAchsDqa6I810Q86
+ElVMsRtMzCGQFh4qRheCKRYwGMdzjxpWn2A6t4H6HuDMaA//cDsA7zaHIzAx1swT
+iLLTjJShtd87Ah+CXX7UEdcbKbFntIANY6NfN66wkIjZPGy7K/lADchQGo8tvzxg
+Tsm2qj3vNIe2GpMH2QEUJS0UDQ2aSaRldi//ZtvqmK24v2avIeOi5L5s+LRjXRn6
+jbo7vA4icTaL7R/P3JXhYxBgpRsAEQEAAQAP/RXFjmpitpVtg9f2v0/+9z2SUec5
+KmkzwX0sNnNLIi0QoVcbhI4LaEcaGWonN4ird4QVyU/TUq33UwoTCRI3+aTlb27I
+7QA2iTi0l3Aa1kuX2tzLCSnZ+ErwUhuoodPbOuiUDSz+p3vfec5zMBDdQAuoEwqG
+YTjwkZZkUYr7RDPpBvTXJsvTEIAISTnJ/0c8vxcut0PaGrmStPuKoDsjjaMkQ4GR
+27VSeK2YPlgt8ZjOFublFOJWc+BywbCoTDddnIi8jfahaP2gk785lNhjm0AlzDP/
+cAdLM6XAOkGyRgl/VU2puLPsF3mzIpdvWeIj7fu11F9vM/2ol+qlXiJZ4/KLGxMm
+0Ub6TVrYubEWIwMgCnu7XIO8nCaKDaEBmyZ7yBqTaBJMK+lSKhjs/i6CjVKbXUkl
+5mxudZ3tNVvFJZywJyRSXBuK5dw2CjJOSsIfemkI4t1y53cB5IehkWhEa3saRKmI
+ewoKUmLECk3szlFo2XvdwVNoGWbYTX3fcPrjyjf/bMGxJ07GWEvMn2ogcEpKVUjt
+M2uVo0G8m/9ptZZRXLD1nOLxfhDx5WzFcqgLqZEFfiV5lpAPZdjmN9xOFiPbiQ49
+t9vkHTJzgXwTQCkEWsJnJixHWZWy855bit0vH7tJKtuMrpArbjBUMnthFwfybMvs
+i/2/gdODhYJk0/jdCADM5eeeVlXV9TG1qayBT/UPSKJfDSQh3mzi9SanBbiJIR/+
+Zucx886TYhuvgJon3RKc1DdFp/HfXO+8+R+T33+LBvkl1d2/77HO3AxK784v5brU
+K9HOxAeF9WH9SnRPLLSNcvqjDn65xOu+Rdj6qVCrRB9DZt0pFvo4TJxj/sfthHlA
++edLJN+NrAybpKZekakT+/36RRSO3t/J3kHPqlo2nzGN6BvTwZw7KIpZtrQAEinR
+AJpFW7WqH8BIdYTQL8d4+JosbWYsCzrsDvOkM73I8+hQfttuRByx0dAb05seurtV
+KQnAcq9ai37815d7pCkh+14YqvnnGICYvHbZtHT3CADXyRQnKylzD1h81Vyszk+K
+VlBn+HvMvHMa83Q1cTDeBkOrzJMORWJk8gX+2mcRO3VTX2cqhLqPqXVEbryLJrbS
+6Jaf8I3xesaQe+a7REHrt+lOawlEoLtYQI6cpgsiiE3PYWCqaac3JDsVul6bJ6UD
+EtQ+9E8J440km1SREsdLRYDJkjylldwmD4ncytSjKysEVxiTGPM35X9adICyFjAV
+YK3idJccWtzpqIJKm3HfF5SJ2h/WzfsjEBAWLkstVsupvmotuteirkO7n9z2q/bQ
+pCAqKKfhDF2vaLSEKTKo0rB+svk0C/Qq5vNIEzfTlLTazswNeUIRe/jNx5uPJRv9
+CADHmNg1Xf8e3PIiM5IuZhHaKGKq9vu18JGZY0GXRh15H6ym1uw0PlXuwaEa75KW
+VR6rP6I2HAdu5rk51idnB0ab9sWHyqiZN1JPqbAuFfuGyLnkzNPmFzMSXm2r0JFU
+3NZuYSwYEZo89VZFIUEzCqwoT4FzYyN/fC5G3NyAHNN8+aAtWezdf9ENW1IfUM32
+SQza1+lwKlvYWFOCgfO8zAWoWn3w+89EF7VKrEInARBTyoOJwkhlxjjQw1Oo/90a
+6V2YNISGA8/LANh6VYNyHXjWYCAp8rcCEn/KoBoghvu2Pg++M3tvEcjv3KsIOOSp
++F9UjrpoLSZi98xzzUxXeqyTgUOJBGwEGAEKACAWIQSktKR6HbB94A6BWL5BHiNT
+TKj64AUCYa5boQIbLgJACRBBHiNTTKj64MF0IAQZAQoAHRYhBOAs3fvlchO65fXQ
+YYSX7nk+q+zPBQJhrluhAAoJEISX7nk+q+zPXmQP/2/M2GgoC10lx2R4W/fCbvmR
+qmAQwwyK0V4M7Vza4iD5udMIgGhlEc7ZE0dRL53sAMKJPJZjckkEGvgsse6uDUDJ
+AZcnhN/1b+S7e996+i5vMG1ofpjNlNx9aBrfkE3wqIg3dkCIKHKY2XG+vZjForSJ
+fp5NcNZ3eS9ia9WpAk7SEjkQ7BdRaBjlU0EpXCOti/fiGpgTj4lDUix1xW82MORQ
+Ak7bLq8iIPtSI3Qkq0rUlELDU37A6u42K6iTLRRYKYx1QZKaeQ/JftwqlENcdN5T
+nrQbV8QY+vmNz3c93ou3IL/x4AlsLvD58ufr7iE3OFEDEH9nQfmbMFL4K69RpfjK
+HeqBBOPbTN5cpVFveFHJBOagSa1vtR2v/kL8a0Nkn3snCIAiJLt54Dz1zyD94BVf
+E3yEUCVOXytMoRWc4gCII9KjVBYd2aFiVoG63IBOQ6jP1oZ4DlzT8tZckKwNKTO9
+40CfHocZobStS2x34R71AkICHKFGwuKxukiO6HCQk6cImHzM3vNd+I1RuvhJHiiQ
+Fmx/CzaD3JNNgj+LoiJkysD7RQoW5gFx5d4qBe0jzHL0ipW+cJ8ePSAjY8dIOdZV
+BZ6aoW31M8RsFkE7OXOZX2mV2GYObybXUaRkUOmelErtme4nLcyMacgz3jw4FePG
+F4Fuvws9fZUJTy/Ow/JAeAcQAL8pFPH4ZSDnq/Nb/VzNjmLkelKjCXjzS4UBlieZ
+U4GSTZbO1iLMFHm9EYtpgUPljISdMwvcRFPHkf6xtv/Wkq1YPqxFUpH4tW2VCQGU
+BTbrd7R8rGzqobbRnnubyY4mo8KfP0PQN6rgEGZBjqwClgI9rrFDM8+/jQw6p5G/
+fOVJAgGGEXrfshp3auM7CCrp157Mca6qZKYKPZujb2hSL3MGEt/2lJ89h6Es/oRc
+4+3S2t1Ivce9XmJwYzBGII7H0vCYDj2nt/SMNSzQmjc6jBL/honyuXBsUyZ6sJUh
+aiQYEvvuPpZzm5wDKP5nMTvF95t6strawvVbUIMSz0g8uBeH6QgXkkCe1U3IHmV/
+E+019X9e4LMKMkmALBk4sLPBCDlzFEAeZFWitar/luZ5YgoFfyomp28FI9bUhdUH
+P/qCkjd1TZkXrfkX2qLMlX+PLNXreVhGdN99Evgv8HxBHmI2VUjL/tSurHYyAyzG
+ZgkHfyw6vSg7Z2WNQl1qvdlYJMgb/2hODyq5a3iUNw98KxmnYGRiGJlsTen2JJJ+
+Z872AuAjwPLhm9kRq8FTbQHupuIVgIAv6r5lRRABtg5PJnR9kjqUom4c3TVHaW0O
+LeZ3nmWxMvxsEYfb9spHphiRg9fNz9+owaAexonQh11FMpQtzFZKqY0MJgIKfYQl
+vCsd
+=kqWR
+-----END PGP PRIVATE KEY BLOCK-----
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBGGuW6EBEADPL46O8WFQzLgKGpRE14fqxpUChIiTtTBI9RnTQ4RdYKdZEJGE
+AfWkx3mmp0ih9BUHNBzf9knPgq+KUiyaLBt9HB2PVgXxkVspsovHVTCS4Sp4iBRf
+CHPhAFAoeZSLo3I/k7W0tTxDKhRWL9qI2APU/2PDFrNX1BqwhKhIPjIX8ipx32iV
+QMBAYhhtF7xHsDttX/KGiU7U3klLasnFUfYSbmrHybl7VLTbivAdHe5ejkfMx4BI
+IjSloD6HLrdovWaYoaADtK2pIzx0W4EtE76doIGpcl6XEqk2VEsXFwjlvmk/FZT8
+HsTnba5Q+VaiDdt8nWkmA5kkz2bp/uklndN3BQkyWhdU8orSXsRibP2uBXr3p8yw
+LfarjBMcqiUPRS8GBW4VR2eYse9qBJAJ/CKUK3LhA1wONmpWE1iYH4KFsIYdUlcf
+tQ0J0ojUWyaCxMlkQ2aSDCt/x46gQ8BPn4OwAEQlRhn9R0bK6ZgYQ+AGdzAdlFbZ
+5qJO5/v6/rad+ZWoMKcRS1eJECsn1l6EwuDSZEjSnXULTMiXLAVW7btFtRrogHRJ
+jcxD3sIyAhh7ITyLfsf9LJHWB9QP18a8PoVfwtARTZ5jnjmPuxtLS262t/TgCmWa
+W54h8dr2jyhOzSE2YSGH4wp83Cl8IwStXQ02S/NNsi470h32ehZO7ksY1wARAQAB
+tAtpY24tc2l0ZS12bYkCTgQTAQoAOBYhBKS0pHodsH3gDoFYvkEeI1NMqPrgBQJh
+rluhAhsvBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEEEeI1NMqPrgfIwP/36q
+cRUVAb+kZPJKYncG3SK1cYp7ErBTcGFi5VIlAWzBE81mhXefJPlgm+15Dzdxb46p
+xTE7g61zXsBVxC2mn60XmAf/wkrPK+snJer89B9HLhzHPINJHq6qHfipfNgmOqZ6
+iGo/XOFCCNBXZ2laRPzDjnc9teBTkOSjfdHuCoh9Qk9ghP2wF8t0kx0a+sUrZYV9
+BGTi8pBdUGKQ3kyUQOZRiPdCB2Nieg83ljiUHjM3Qih3BxxqEYjSSdlcCPyWFc/J
+TKryV/IX0p8xg6XeQedyojm4FDZUTpxr8yotNVfx+s2XZ0iQd8m2WCZcGrCweYNQ
+UqTEAkmvXrEmWGVLMaBJrtzuKQo6QC2gwEw0PCpv+kZJaKukUf0gowYbwEkKCWpX
+HunAoLY1Jfi6ha0qvOtddZqXZaRWU+CDfMnR23dmppJXSnePrCTGQhhI6gH//VK5
+/uI3lCA4ifOWC25lSzCdfdSObvR89x5bTP3kVvx1kTbz/Fsuq5ob1J78uv3VNrKM
+0MTx0jjgkCKc5mVoqwAW/n5b3uCZw6JTBSRvR3bRU9g0Lsw1R/xKwJBc8Tf6CK8Z
+gzzxhFd+tKgL2E9OYWFMgdg/s8k2r42xpShOwJHn20dJXUGjYERgqLYP4mSKzwP2
+5qou3dZ5RgMKMJfWiVhHcLvHOZQctfpKzUdGI/uSuQINBGGuW6EBEACstgYqJX5S
+xQZCPN4DwhBoqSxf+B4xXh0gK737bpeQaM+bAjSCdF3YQVY6vXn6LKh+d78Z2PDf
+K1Xskspai7d0h4w9Lf5kmc1vv8yVPhBnz7x32uBH/LhHCp1SJ34d/0+djX65JIh7
+ytDxmzcE69cQKdqt2cj6DzsjPrNM+0e5oqmme0lUi0QgzwhqUtyS0VP9BOziD/nq
+odzmONqzIToLfj7925FZwn2Xwcan7ZYzxQ2uKZvc1w6jaiaPkBoEzDOygQVhypj0
+GmGyO4dF96c+y/++6nry0nZuZzfiBVo+K+786uTETAYRJ6BEes/QlXxTGgQpE2VG
+7p5Z/tDQO/A3aFb88hgWlQ4Ot1Lbn7BlUvlA1ELXwloV5nTiqmTpNwSiAuARCqst
+WM3x1vugZUNEZGZkRAEtjahAjypBvls4a5iIlWbqVmdcACntvZZKF5KwByGwOpro
+jzXRDzoSVUyxG0zMIZAWHipGF4IpFjAYx3OPGlafYDq3gfoe4MxoD/9wOwDvNocj
+MDHWzBOIstOMlKG13zsCH4JdftQR1xspsWe0gA1jo183rrCQiNk8bLsr+UANyFAa
+jy2/PGBOybaqPe80h7YakwfZARQlLRQNDZpJpGV2L/9m2+qYrbi/Zq8h46Lkvmz4
+tGNdGfqNuju8DiJxNovtH8/cleFjEGClGwARAQABiQRsBBgBCgAgFiEEpLSkeh2w
+feAOgVi+QR4jU0yo+uAFAmGuW6ECGy4CQAkQQR4jU0yo+uDBdCAEGQEKAB0WIQTg
+LN375XITuuX10GGEl+55PqvszwUCYa5boQAKCRCEl+55Pqvsz15kD/9vzNhoKAtd
+JcdkeFv3wm75kapgEMMMitFeDO1c2uIg+bnTCIBoZRHO2RNHUS+d7ADCiTyWY3JJ
+BBr4LLHurg1AyQGXJ4Tf9W/ku3vfevoubzBtaH6YzZTcfWga35BN8KiIN3ZAiChy
+mNlxvr2YxaK0iX6eTXDWd3kvYmvVqQJO0hI5EOwXUWgY5VNBKVwjrYv34hqYE4+J
+Q1IsdcVvNjDkUAJO2y6vIiD7UiN0JKtK1JRCw1N+wOruNiuoky0UWCmMdUGSmnkP
+yX7cKpRDXHTeU560G1fEGPr5jc93Pd6LtyC/8eAJbC7w+fLn6+4hNzhRAxB/Z0H5
+mzBS+CuvUaX4yh3qgQTj20zeXKVRb3hRyQTmoEmtb7Udr/5C/GtDZJ97JwiAIiS7
+eeA89c8g/eAVXxN8hFAlTl8rTKEVnOIAiCPSo1QWHdmhYlaButyATkOoz9aGeA5c
+0/LWXJCsDSkzveNAnx6HGaG0rUtsd+Ee9QJCAhyhRsLisbpIjuhwkJOnCJh8zN7z
+XfiNUbr4SR4okBZsfws2g9yTTYI/i6IiZMrA+0UKFuYBceXeKgXtI8xy9IqVvnCf
+Hj0gI2PHSDnWVQWemqFt9TPEbBZBOzlzmV9pldhmDm8m11GkZFDpnpRK7ZnuJy3M
+jGnIM948OBXjxheBbr8LPX2VCU8vzsPyQHgHEAC/KRTx+GUg56vzW/1czY5i5HpS
+owl480uFAZYnmVOBkk2WztYizBR5vRGLaYFD5YyEnTML3ERTx5H+sbb/1pKtWD6s
+RVKR+LVtlQkBlAU263e0fKxs6qG20Z57m8mOJqPCnz9D0Deq4BBmQY6sApYCPa6x
+QzPPv40MOqeRv3zlSQIBhhF637Iad2rjOwgq6deezHGuqmSmCj2bo29oUi9zBhLf
+9pSfPYehLP6EXOPt0trdSL3HvV5icGMwRiCOx9LwmA49p7f0jDUs0Jo3OowS/4aJ
+8rlwbFMmerCVIWokGBL77j6Wc5ucAyj+ZzE7xfeberLa2sL1W1CDEs9IPLgXh+kI
+F5JAntVNyB5lfxPtNfV/XuCzCjJJgCwZOLCzwQg5cxRAHmRVorWq/5bmeWIKBX8q
+JqdvBSPW1IXVBz/6gpI3dU2ZF635F9qizJV/jyzV63lYRnTffRL4L/B8QR5iNlVI
+y/7Urqx2MgMsxmYJB38sOr0oO2dljUJdar3ZWCTIG/9oTg8quWt4lDcPfCsZp2Bk
+YhiZbE3p9iSSfmfO9gLgI8Dy4ZvZEavBU20B7qbiFYCAL+q+ZUUQAbYOTyZ0fZI6
+lKJuHN01R2ltDi3md55lsTL8bBGH2/bKR6YYkYPXzc/fqMGgHsaJ0IddRTKULcxW
+SqmNDCYCCn2EJbwrHQ==
+=8GKa
+-----END PGP PUBLIC KEY BLOCK-----
LIBDIR="$(dirname $(dirname $(dirname ${SCRIPTDIR})))/env/lib"
source $LIBDIR/common.sh
+source $SCRIPTDIR/../common.sh
BUILDDIR=${SCRIPTDIR/deploy/build}
mkdir -p ${BUILDDIR}
-function build {
- SSH_AUTHORIZED_KEY=$(cat ${HOME}/.ssh/id_rsa.pub)
+FLUX_SOPS_KEY_NAME=${FLUX_SOPS_KEY_NAME:-"icn-site-vm"}
+
+# !!!NOTE!!! THE KEYS USED BELOW ARE FOR TEST PURPOSES ONLY. DO NOT
+# USE THESE OUTSIDE OF THIS ICN VIRTUAL TEST ENVIRONMENT.
+function build_source {
+ # First decrypt the existing site YAML, otherwise we'll be
+ # attempting to encrypt it twice below
+ if [[ -f ${SCRIPTDIR}/sops.asc ]]; then
+ gpg --import ${SCRIPTDIR}/sops.asc
+ sops_decrypt_site ${SCRIPTDIR}/site.yaml
+ fi
+
+ # Generate user password and authorized key in site YAML
+ # To login to guest, ssh -i ${SCRIPTDIR}/id_rsa
+ HASHED_PASSWORD=$(mkpasswd --method=SHA-512 --rounds 10000 "mypasswd")
+ sed -i -e 's!hashedPassword: .*!hashedPassword: '"${HASHED_PASSWORD}"'!' ${SCRIPTDIR}/site.yaml
+ ssh-keygen -t rsa -N "" -f ${SCRIPTDIR}/id_rsa <<<y
+ SSH_AUTHORIZED_KEY=$(cat ${SCRIPTDIR}/id_rsa.pub)
# Use ! instead of usual / to avoid escaping / in
# SSH_AUTHORIZED_KEY
- sed -e 's!sshAuthorizedKey: .*!sshAuthorizedKey: '"${SSH_AUTHORIZED_KEY}"'!' ${SCRIPTDIR}/cluster-e2etest-values.yaml >${BUILDDIR}/cluster-e2etest-values.yaml
-}
+ sed -i -e 's!sshAuthorizedKey: .*!sshAuthorizedKey: '"${SSH_AUTHORIZED_KEY}"'!' ${SCRIPTDIR}/site.yaml
+
+ # Encrypt the site YAML
+ create_gpg_key ${FLUX_SOPS_KEY_NAME}
+ sops_encrypt_site ${SCRIPTDIR}/site.yaml ${FLUX_SOPS_KEY_NAME}
-function release_name {
- local -r values_path=$1
- name=$(basename ${values_path})
- echo ${name%-values.yaml}
+ # ONLY FOR TEST ENVIRONMENT: save the private key used
+ export_gpg_private_key ${FLUX_SOPS_KEY_NAME} >${SCRIPTDIR}/sops.asc
}
function deploy {
- for values in ${BUILDDIR}/machine-*-values.yaml; do
- helm -n metal3 install $(release_name ${values}) ${SCRIPTDIR}/../../machine --create-namespace -f ${values}
- done
- helm -n metal3 install cluster-e2etest ${SCRIPTDIR}/../../cluster --create-namespace -f ${BUILDDIR}/cluster-e2etest-values.yaml
+ gpg --import ${SCRIPTDIR}/sops.asc
+ flux_create_site https://gerrit.akraino.org/r/icn master deploy/site/vm ${FLUX_SOPS_KEY_NAME}
}
function clean {
- helm -n metal3 uninstall cluster-e2etest
- for values in ${BUILDDIR}/machine-*-values.yaml; do
- helm -n metal3 uninstall $(release_name ${values})
- done
+ kubectl -n flux-system delete kustomization icn-master-site-vm
}
function is_cluster_ready {
[[ $(kubectl --kubeconfig=${BUILDDIR}/e2etest-admin.conf get nodes -l node-role.kubernetes.io/control-plane -o jsonpath='{range .items[*]}{.status.conditions[?(@.type=="Ready")].status}{"\n"}{end}' | grep -c True) == ${replicas} ]]
}
+function insert_control_plane_network_identity_into_ssh_config {
+ # This enables logging into the control plane machines from this
+ # machine without specifying the identify file on the command line
+
+ # Create ssh config if it doesn't exist
+ mkdir -p ${HOME}/.ssh && chmod 700 ${HOME}/.ssh
+ touch ${HOME}/.ssh/config
+ chmod 600 ${HOME}/.ssh/config
+ # Add the entry for the control plane network, host value in ssh
+ # config is a wildcard
+ endpoint=$(helm -n metal3 get values -a cluster-e2etest | awk '/controlPlaneEndpoint:/ {print $2}')
+ prefix=$(helm -n metal3 get values -a cluster-e2etest | awk '/controlPlanePrefix:/ {print $2}')
+ host=$(ipcalc ${endpoint}/${prefix} | awk '/Network:/ {sub(/\.0.*/,".*"); print $2}')
+ if [[ $(grep -c "Host ${host}" ${HOME}/.ssh/config) != 0 ]]; then
+ sed -i -e '/Host '"${host}"'/,+1 d' ${HOME}/.ssh/config
+ fi
+ cat <<EOF >>${HOME}/.ssh/config
+Host ${host}
+ IdentityFile ${SCRIPTDIR}/id_rsa
+EOF
+}
+
function wait_for_all_ready {
WAIT_FOR_INTERVAL=60s
WAIT_FOR_TRIES=30
clusterctl -n metal3 get kubeconfig e2etest >${BUILDDIR}/e2etest-admin.conf
chmod 600 ${BUILDDIR}/e2etest-admin.conf
wait_for is_control_plane_ready
+ insert_control_plane_network_identity_into_ssh_config
}
case $1 in
- "build") build ;;
+ "build-source") build_source ;;
"clean") clean ;;
"deploy") deploy ;;
"wait") wait_for_all_ready ;;
Usage: $(basename $0) COMMAND
Commands:
- build - Build the site deployment values
+ build-source - Build the in-tree site values
clean - Remove the site
deploy - Deploy the site
wait - Wait for the site to be ready
#The flux version to use
FLUX_VERSION="0.20.0"
+#The sops version to use
+SOPS_VERSION="v3.7.1"
+
#refered from onap
function call_api {
#Runs curl with passed flags and provides
sudo install -o root -g root -m 0755 ${EMCOPATH}/bin/emcoctl/emcoctl /usr/local/bin/emcoctl
}
+function install_sops {
+ curl -L https://github.com/mozilla/sops/releases/download/${SOPS_VERSION}/sops-${SOPS_VERSION}.linux -o sops
+ sudo install -o root -g root -m 0755 sops /usr/local/bin/sops
+ rm sops
+ sops --version
+}
+
function fetch_image {
if [[ "${BM_IMAGE_URL}" && "${BM_IMAGE}" ]]; then
mkdir -p "${IRONIC_DATA_DIR}/html/images"
curl \
dnsmasq \
figlet \
+ ipcalc \
nmap \
patch \
psmisc \
install_kustomize
install_clusterctl
install_flux_cli
+ install_sops
install_emcoctl
}
#!/bin/bash
set -eu -o pipefail
-index=$1
-site=$2
-name=$3
+site=$1
+name=$2
+port=$3
-vbmc --no-daemon add ${site}-${name} --port $((6230+index-1)) --libvirt-uri "qemu:///system?&no_verify=1&no_tty=1"
+vbmc --no-daemon add ${site}-${name} --port ${port} --libvirt-uri "qemu:///system?&no_verify=1&no_tty=1"
vbmc --no-daemon start ${site}-${name}
+++ /dev/null
-#!/bin/bash
-set -eu -o pipefail
-
-index=$1
-site=$2
-name=$3
-
-ipmi_host=$(virsh -c qemu:///system net-dumpxml ${site}-baremetal | xmlstarlet sel -t -v "//network/ip/@address")
-ipmi_port=$((6230+index-1))
-boot_mac=$(virsh -c qemu:///system dumpxml "${site}-${name}" | xmlstarlet sel -t -v "//interface[source/@network='${site}-provisioning']/mac/@address")
-
-mkdir -p build/site/${site}
-cat <<EOF >build/site/${site}/machine-${index}-values.yaml
-machineName: machine-${index}
-bootMACAddress: ${boot_mac}
-bmcAddress: ipmi://${ipmi_host}:${ipmi_port}
-bmcUsername: admin
-bmcPassword: password
-EOF
#!/bin/bash
set -eu -o pipefail
-num_machines=$1
-site=$2
-name_prefix=$3
+site=$1; shift
nodes_json_path="deploy/metal3/scripts/nodes.json.sample"
ipmi_host=$(virsh -c qemu:///system net-dumpxml ${site}-baremetal | xmlstarlet sel -t -v "//network/ip/@address")
{
"nodes": [
EOF
-for ((i=1;i<=num_machines;++i)); do
- name="${name_prefix}${i}"
- ipmi_port=$((6230+i-1))
+
+while (("$#")); do
+ name=$1; shift
+ ipmi_port=$1; shift
baremetal_mac=$(virsh -c qemu:///system dumpxml "${site}-${name}" | xmlstarlet sel -t -v "//interface[source/@network='${site}-baremetal']/mac/@address")
provisioning_mac=$(virsh -c qemu:///system dumpxml "${site}-${name}" | xmlstarlet sel -t -v "//interface[source/@network='${site}-provisioning']/mac/@address")
- if ((i<num_machines)); then comma=","; else comma=""; fi
+ if (("$#")); then comma=","; else comma=""; fi
cat <<EOF >>${nodes_json_path}
{
"name": "${name}",
#!/bin/bash
set -eu -o pipefail
-num_machines=$1
-site=$2
-name_prefix=$3
+site=$1; shift
provisioning_cr_path="cmd/bpa-operator/e2etest/test_bmh_provisioning_cr.yaml"
-name="${name_prefix}1"
+name=$1; shift
+ipmi_port=$1; shift
provisioning_mac=$(virsh -c qemu:///system dumpxml "${site}-${name}" | xmlstarlet sel -t -v "//interface[source/@network='${site}-provisioning']/mac/@address")
cat <<EOF >${provisioning_cr_path}
apiVersion: bpa.akraino.org/v1alpha1
- ${name}:
mac-address: ${provisioning_mac}
EOF
-if ((num_machines>1)); then
+if (("$#")); then
cat <<EOF >>${provisioning_cr_path}
workers:
EOF
- for ((i=2;i<=num_machines;++i)); do
- name="${name_prefix}${i}"
+ while (("$#")); do
+ name=$1; shift
+ ipmi_port=$1; shift
provisioning_mac=$(virsh -c qemu:///system dumpxml "${site}-${name}" | xmlstarlet sel -t -v "//interface[source/@network='${site}-provisioning']/mac/@address")
cat <<EOF >>${provisioning_cr_path}
- ${name}:
#!/bin/bash
set -eu -o pipefail
-index=$1
-site=$2
-name=$3
+site=$1
+name=$2
+port=$3
vbmc --no-daemon delete ${site}-${name} || true
Code Review / icn.git / commitdiff