Set up dnsmasq on seed node
MOSSUST-121
Change-Id: I1718c01aa1f60a20359357a352ce9ea950391114
diff --git a/bm_mcc_mosk/child/kaas_workloads/coredns.yaml b/bm_mcc_mosk/child/kaas_workloads/coredns.yaml
index 5587647..5dfb062 100644
--- a/bm_mcc_mosk/child/kaas_workloads/coredns.yaml
+++ b/bm_mcc_mosk/child/kaas_workloads/coredns.yaml
@@ -42,14 +42,14 @@
- name: forward
parameters: . /etc/resolv.conf
- name: file
- parameters: /etc/coredns/subdomain.team.sustaining.db subdomain.team.sustaining
+ parameters: /etc/coredns/mnt-bm.mirantis.net.db mnt-bm.mirantis.net
serviceType: LoadBalancer
zoneFiles:
- - filename: subdomain.team.sustaining.db
- domain: subdomain.team.sustaining
+ - filename: mnt-bm.mirantis.net.db
+ domain: mnt-bm.mirantis.net
contents: |
- subdomain.team.sustaining. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600
- subdomain.team.sustaining. IN NS b.iana-servers.net.
- subdomain.team.sustaining. IN NS a.iana-servers.net.
- subdomain.team.sustaining. IN A !!!EXT_DNS_IP
- *.subdomain.team.sustaining. IN A !!!EXT_DNS_IP
\ No newline at end of file
+ mnt-bm.mirantis.net. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600
+ mnt-bm.mirantis.net. IN NS b.iana-servers.net.
+ mnt-bm.mirantis.net. IN NS a.iana-servers.net.
+ mnt-bm.mirantis.net. IN A !!!EXT_DNS_IP
+ *.mnt-bm.mirantis.net. IN A !!!EXT_DNS_IP
\ No newline at end of file
diff --git a/bm_mcc_mosk/child/kaas_workloads/osdpl.yaml b/bm_mcc_mosk/child/kaas_workloads/osdpl.yaml
index 168f14e..8f0c149 100644
--- a/bm_mcc_mosk/child/kaas_workloads/osdpl.yaml
+++ b/bm_mcc_mosk/child/kaas_workloads/osdpl.yaml
@@ -8,7 +8,7 @@
preset: compute
local_volume_storage_class: openstack-operator-bind-mounts
persistent_volume_storage_class: kubernetes-ssd
- public_domain_name: subdomain.team.sustaining
+ public_domain_name: mnt-bm.mirantis.net
internal_domain_name: cluster.local
size: tiny
features:
diff --git a/bm_mcc_mosk/kaas-mgmt/cluster.yaml b/bm_mcc_mosk/kaas-mgmt/cluster.yaml
index 1c8f0f0..435f5f2 100644
--- a/bm_mcc_mosk/kaas-mgmt/cluster.yaml
+++ b/bm_mcc_mosk/kaas-mgmt/cluster.yaml
@@ -18,7 +18,7 @@
value:
apiVersion: baremetal.k8s.io/v1alpha1
kind: BaremetalClusterProviderSpec
- release: mke-16-3-0-3-7-12
+ release: mke-16-3-1-3-7-15
dnsNameservers:
- 172.18.176.6
dedicatedControlPlane: false
@@ -36,7 +36,7 @@
prometheusServer:
persistentVolumeClaimSize: 16Gi
kaas:
- release: kaas-2-28-0
+ release: kaas-2-28-1
regional:
- provider: baremetal
helmReleases:
diff --git a/bm_mcc_mosk/seed/do_deploy_child.sh b/bm_mcc_mosk/seed/do_deploy_child.sh
old mode 100644
new mode 100755
index 6229555..b446f8c
--- a/bm_mcc_mosk/seed/do_deploy_child.sh
+++ b/bm_mcc_mosk/seed/do_deploy_child.sh
@@ -1,4 +1,5 @@
-set -e
+#!/bin/bash
+set -ex
while [ ! -d /root/bm_mcc_mosk/child/cluster ] ; do echo 'no child templates!' ; sleep 4 ; done
export KUBECONFIG=/root/kubeconfig
/root/kaas-bootstrap/bin/kubectl apply -f /root/bm_mcc_mosk/child/cluster/project.yaml
diff --git a/bm_mcc_mosk/seed/do_deploy_mcc_mgmt.sh b/bm_mcc_mosk/seed/do_deploy_mcc_mgmt.sh
old mode 100644
new mode 100755
index b14994c..022632b
--- a/bm_mcc_mosk/seed/do_deploy_mcc_mgmt.sh
+++ b/bm_mcc_mosk/seed/do_deploy_mcc_mgmt.sh
@@ -1,4 +1,5 @@
-set -e
+#!/bin/bash
+set -ex
source /root/bm_mcc_mosk/seed/env_vars.sh
pushd /root/
@@ -23,6 +24,8 @@
/root/kaas-bootstrap/bin/kubectl apply -f machines.yaml && sleep 2
popd
+set +x
+
retry=60
interval=60
@@ -71,6 +74,7 @@
exit 1
fi
cd
+set -x
/root/kaas-bootstrap/container-cloud get cluster-kubeconfig --cluster-name kaas-mgmt --kubeconfig-output /root/kubeconfig
echo r00tme | /root/kaas-bootstrap/container-cloud bootstrap user add --username root --roles global-admin,management-admin,reader,writer,operator --kubeconfig kubeconfig --password-stdin
/root/kaas-bootstrap/bin/kind delete cluster -n clusterapi
diff --git a/bm_mcc_mosk/seed/env_vars.sh b/bm_mcc_mosk/seed/env_vars.sh
old mode 100644
new mode 100755
diff --git a/bm_mcc_mosk/seed/get_child_kubeconfig.sh b/bm_mcc_mosk/seed/get_child_kubeconfig.sh
old mode 100644
new mode 100755
index 23565e7..e1c39c1
--- a/bm_mcc_mosk/seed/get_child_kubeconfig.sh
+++ b/bm_mcc_mosk/seed/get_child_kubeconfig.sh
@@ -1,2 +1,3 @@
+#!/bin/bash
/root/kaas-bootstrap/bin/kubectl --kubeconfig /root/kubeconfig -n mosk get secrets mosk-kubeconfig -o jsonpath='{.data.admin\.conf}' | base64 -d | sed 's/:5443/:443/g' > /root/child.kubeconfig
export KUBECONFIG=/root/child.kubeconfig
\ No newline at end of file
diff --git a/bm_mcc_mosk/seed/get_openstack_credentials.sh b/bm_mcc_mosk/seed/get_openstack_credentials.sh
new file mode 100755
index 0000000..8371ff3
--- /dev/null
+++ b/bm_mcc_mosk/seed/get_openstack_credentials.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+export KUBECONFIG=/root/child.kubeconfig
+mkdir -p /root/.config/openstack
+kubectl -n openstack-external get secrets openstack-identity-credentials -o jsonpath='{.data.clouds\.yaml}' | base64 -d > /root/clouds.yaml
+ln -s /root/clouds.yaml /root/.config/openstack/clouds.yaml
diff --git a/bm_mcc_mosk/seed/setup_dnsmasq.sh b/bm_mcc_mosk/seed/setup_dnsmasq.sh
new file mode 100755
index 0000000..d9f110f
--- /dev/null
+++ b/bm_mcc_mosk/seed/setup_dnsmasq.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+set -ex
+
+if [ "$#" -ne 1 ]; then
+ echo "Usage: $0 COREDNS_IP"
+ exit 1
+fi
+
+export DEBIAN_FRONTEND=noninteractive
+export DEBCONF_NONINTERACTIVE_SEEN=true
+APT_OPTS="-y -o APT::Install-Suggests=0 -o APT::Install-Recommends=0 -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef"
+
+apt ${APT_OPTS} install dnsmasq
+service systemd-resolved stop
+systemctl disable systemd-resolved
+rm /etc/resolv.conf
+cat > /etc/resolv.conf <<EOF
+nameserver 127.0.0.1
+EOF
+LISTEN_ADDR=$(ip a | grep 172 | awk '{print $2}' | awk -F/ '{print $1}' | head -n1)
+grep "${LISTEN_ADDR}" /etc/dnsmasq.conf || echo "listen-address=::1,127.0.0.1,${LISTEN_ADDR}" >> /etc/dnsmasq.conf
+grep "subdomain.team.sustaining" /etc/dnsmasq.conf || echo "server=/*.subdomain.team.sustaining/${1}" >> /etc/dnsmasq.conf
+grep "mnt-bm.mirantis.net" /etc/dnsmasq.conf || echo "server=/*.mnt-bm.mirantis.net/${1}" >> /etc/dnsmasq.conf
+grep "server=172.18.176.6" /etc/dnsmasq.conf || echo "server=172.18.176.6" >> /etc/dnsmasq.conf
+service dnsmasq restart
diff --git a/bm_mcc_mosk/utils/tsl_gen.sh b/bm_mcc_mosk/utils/tsl_gen.sh
index 41af942..acda777 100644
--- a/bm_mcc_mosk/utils/tsl_gen.sh
+++ b/bm_mcc_mosk/utils/tsl_gen.sh
@@ -41,9 +41,9 @@
tee server-csr.json << EOF
{
- "CN": "*.subdomain.team.sustaining",
+ "CN": "*.mnt-bm.mirantis.net",
"hosts": [
- "*.subdomain.team.sustaining"
+ "*.mnt-bm.mirantis.net"
],
"key": {
"algo": "rsa",
diff --git a/bm_mcc_mosk/utils/update_kube_dns_conf.py b/bm_mcc_mosk/utils/update_kube_dns_conf.py
index 3658a21..ec79649 100644
--- a/bm_mcc_mosk/utils/update_kube_dns_conf.py
+++ b/bm_mcc_mosk/utils/update_kube_dns_conf.py
@@ -3,7 +3,7 @@
assert len(sys.argv) > 1
internal_ip = sys.argv[1]
-domain = "subdomain.team.sustaining"
+domain = "mnt-bm.mirantis.net"
template = """
{domain}:53 {{
errors
diff --git a/jobs/pipelines/mosk/deploy-bm.groovy b/jobs/pipelines/mosk/deploy-bm.groovy
index ed4f920..4b3c23f 100644
--- a/jobs/pipelines/mosk/deploy-bm.groovy
+++ b/jobs/pipelines/mosk/deploy-bm.groovy
@@ -102,6 +102,7 @@
stage("Configure DNS server") {
get_ingress_ip_cmd = "${kubectl_openstack_cmd} get service ingress -o jsonpath='{.status.loadBalancer.ingress[0].ip}'"
get_dns_internal_ip_cmd = "ssh ${ssh_params} root@${seed_ext_ip} /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/child.kubeconfig -n coredns get service coredns-coredns -o jsonpath='{.spec.clusterIP}'"
+ get_dns_external_ip_cmd = "ssh ${ssh_params} root@${seed_ext_ip} /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/child.kubeconfig -n coredns get service coredns-coredns -o jsonpath='{.status.loadBalancer.ingress[0].ip}'"
ingress_ip = sh(returnStdout: true, script: get_ingress_ip_cmd).trim()
sh "ssh ${ssh_params} root@${seed_ext_ip} sed -i 's/!!!EXT_DNS_IP/${ingress_ip}/g' /root/bm_mcc_mosk/child/kaas_workloads/coredns.yaml"
sh "ssh ${ssh_params} root@${seed_ext_ip} /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/child.kubeconfig apply -f /root/bm_mcc_mosk/child/kaas_workloads/coredns.yaml"
@@ -110,7 +111,9 @@
sh "ssh ${ssh_params} root@${seed_ext_ip} \"/root/kaas-bootstrap/bin/kubectl --kubeconfig /root/child.kubeconfig -n kube-system get configmap coredns -oyaml > coredns.conf\""
sh "ssh ${ssh_params} root@${seed_ext_ip} /usr/bin/python3 /root/bm_mcc_mosk/utils/update_kube_dns_conf.py ${dns_internal_ip}"
sh "ssh ${ssh_params} root@${seed_ext_ip} /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/child.kubeconfig apply -f coredns.patched.conf"
-
+ dns_external_ip = sh(returnStdout: true, script: get_dns_external_ip_cmd).trim()
+ sh "ssh ${ssh_params} root@${seed_ext_ip} bash /root/bm_mcc_mosk/seed/setup_dnsmasq.sh ${dns_external_ip}"
+ sh "ssh ${ssh_params} root@${seed_ext_ip} bash /root/bm_mcc_mosk/seed/get_openstack_credentials.sh"
} // stage DNS
stage("Get openstack credentials") {