Update BM MOSK pipeline and templates
MOSSUST-114
Change-Id: Iff949ee6ee52448f8ac2bd729ee90baaec7da410
diff --git a/bm_mcc_mosk/child/cluster/cluster.yaml b/bm_mcc_mosk/child/cluster/cluster.yaml
index 3b13a8f..c4d0949 100644
--- a/bm_mcc_mosk/child/cluster/cluster.yaml
+++ b/bm_mcc_mosk/child/cluster/cluster.yaml
@@ -26,6 +26,7 @@
publicKeys:
- name: vkhlyunev
- name: maintenance-ci-robot
+ - name: maintenance-ci-robot-v2
- name: pglazov
- name: dmeltsaykin
- name: rlubianyi
diff --git a/bm_mcc_mosk/child/cluster/ssh_pubkeys.yaml b/bm_mcc_mosk/child/cluster/ssh_pubkeys.yaml
index 781cf11..b8feb57 100644
--- a/bm_mcc_mosk/child/cluster/ssh_pubkeys.yaml
+++ b/bm_mcc_mosk/child/cluster/ssh_pubkeys.yaml
@@ -44,3 +44,12 @@
publicKey: |
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqfNIy3WuxzRzOY/GBNGOnP5UrCFWZ8uMzW6hEl4wgIEYYIcv8o+C1/hvrfHimG/I/rAwYRS6Dx0bZ7m49zATNxe+EVer3BV63ru34Hzel/XxxyD34ULmrDgvP3olaAKFI17gVOFQ7hCBzDRp3s4YN3ojQspPyeiO+Jt8OwVomxJWgLauAHhl7Z/XPVHpT/fssJGG/eC4oOz4RZ4jAk0BH3Yl8s63grfwrgB79H/+nr0UvBdTkBn3T5WiC4gxnm+jQQwci7/BLQsg1Z3OykfTuyftIexNyVVy/SmdsGi37RJGFKRMMovoZx+261JgaHWBoHqBJa5UpV2usi9z3Py2z avgoor@MacBook-Pro-Denis.local
---
+apiVersion: kaas.mirantis.com/v1alpha1
+kind: PublicKey
+metadata:
+ name: maintenance-ci-robot-v2 #???
+ namespace: mosk
+spec:
+ publicKey: |
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjL5X8RdcYhxsd6j43p5Clk8hzq/IjfRvekD+xPy6DhD2kyKTnAR1FjtTeFtH1mC+lD+nUnswR1A5dR+5eHemKxz0IkWuDeL8+YdMpOy+bbQyA+tlTukGriPcIUCHOxn7u2u4zV4a+AcZha5obR1zv91nkGaWAfbjDHTl2f4IB3Rx3rJwd/3r7ge1MA0qIRqr1k+FY99477zd+nbYVP8n84+uY7DoaFHtzEWTXqc2CwdEO+5uzMzdWWRUwU1vwe4Ac9i1NtsA33pa1VVMKny2S2k2JcvNpkKDo7x4ezH2fOuHiDTOk4CqUjg7TlpsdMbT8ugj5YE8H/O3Kh25t3Fkn maintenance-ci-robot
+---
diff --git a/bm_mcc_mosk/child/cluster/subnets.yaml b/bm_mcc_mosk/child/cluster/subnets.yaml
index 15e3905..cd8bb1e 100644
--- a/bm_mcc_mosk/child/cluster/subnets.yaml
+++ b/bm_mcc_mosk/child/cluster/subnets.yaml
@@ -65,4 +65,4 @@
spec:
cidr: 10.12.1.0/24
includeRanges:
- - 10.12.1.5-10.12.1.250
\ No newline at end of file
+ - 10.12.1.5-10.12.1.250
diff --git a/bm_mcc_mosk/child/kaas_workloads/os-dpl.yaml b/bm_mcc_mosk/child/kaas_workloads/osdpl.yaml
similarity index 100%
rename from bm_mcc_mosk/child/kaas_workloads/os-dpl.yaml
rename to bm_mcc_mosk/child/kaas_workloads/osdpl.yaml
diff --git a/bm_mcc_mosk/kaas-mgmt/cluster.yaml b/bm_mcc_mosk/kaas-mgmt/cluster.yaml
index 1005e29..05e45a0 100644
--- a/bm_mcc_mosk/kaas-mgmt/cluster.yaml
+++ b/bm_mcc_mosk/kaas-mgmt/cluster.yaml
@@ -1,49 +1,4 @@
---
-apiVersion: kaas.mirantis.com/v1alpha1
-kind: PublicKey
-metadata:
- name: vkhlyunev
- namespace: default
-spec:
- publicKey: |
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDeGiSOs0zAwcxuc9y6BzidYFXQXLOLcBKSoW1tPYJ+bVGRwNRVh63/+/X+eOPbBp6xTNNHVyOpYHt1WUbIHsAqAx/XbzBp+j3/4+8+ucvWR3X9TTxK7Q+oB3SSy2iEeimiJmxfjiHu1hfcgN8L9YvXVquGC/EZbk/r27j7Gcxli7zesr9/kBBhigDSQeehJBJZ0ux3luVkjWSDYTeKqZhNNPFoD6eWmOfsAKNMhe/8IRD9e0zY4MsELi1tZl2zoQ69249e4M1aCuGxm+t+tHLzywX0tVZmM1yX7TDuszHbiii8HrjNwB1/K80HRwRrwVIne9P7wFSlC2exLkdfWd2D
----
-apiVersion: kaas.mirantis.com/v1alpha1
-kind: PublicKey
-metadata:
- name: maintenance-ci-robot
- namespace: default
-spec:
- publicKey: |
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDci6MBY68s3FJ9V1OP5vdtVo/daJnkNXCPSPYbCX8/d0E3UJKgE81YvsxfuKp3r1rUNwTuGnkq+VUWcbIgpQNy69OuKxQkoGsRgYTA8n4ZZcuWz+dVenP90xLYHcnyACg63HUVEp5foLvu1WzOdH2A4bHmsl0ePM5IdnFyToHj+Nhwz1NSvbK1OkQHoEcIbkbIkIa/kWY2mgEIIUgb9YmaCI96eiVtQpFPQ4k7hpdrUAkG4e0jT8JA3zQoB++S12p0d0K3SQtJ3+YATUm+rKnHchHZ/uEAgBgoOLiu99p7Aiie76jlGxZp8A/hPqU/zS61z7ER4lJeyR/pXh53Ja+1 maintenance-ci
----
-apiVersion: kaas.mirantis.com/v1alpha1
-kind: PublicKey
-metadata:
- name: rlubianyi
- namespace: default
-spec:
- publicKey: |
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXWwy6p3t4AGvaCtFDJxqKZiPDotJnbu2IKg2p7sl7YXQw+APLKk9maHyUehQQuGzidgBZpmBOMAXENcO1FGFj56cnp4W9tldTiRq1bWcUMq42wfNwIToP6dAXj5ZyhL+UZj1GsCThSasDhFe4Xife0cn69KHJqtmahApQK6D7tpZr2UNDYNWh/2JIrUOcJXZU+BqNg7zm1KNb6e9lKXL6KLDeaCiQ0bj+L/unqepLdg26eO7AQSZ/rt2qAnbfcquozECtDhT4cbK8q9xJODlJQ3eQGOgTH3m8jGijL+3UdPFUzbo4KwSK4V9FmB711HVBCQM4nlH9zumIUSxutnkd rlubianyi@rlubianyi-pc
----
-apiVersion: kaas.mirantis.com/v1alpha1
-kind: PublicKey
-metadata:
- name: pglazov
- namespace: default
-spec:
- publicKey: |
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhZxqF+NSuP+Dr2nmGHf4NIpH2xWSmq+UE/HGP6j81rKSBZeRb2SuRXLtLVh3NZ+3GLa4UQGvedcnsqzgvSt05LYujloHnLxIsrsOWbLxOcdUYkorhXenGKBxKopwViRNV2PovMAnwyZ27GkXH8RQ52XISOdTIIV7r8M3kLpxCor2jHnOzJOcr7rhLeSFTK5zw6//T3S+IOQ5/HEs+8NK1sNw2lxBTuk+dAydiaCsQqm4GMl5vZSy0j7cnsy+lq69zN2/Bi4JzKLDKF2ap4zDh/ELhUBoQhh12T0djFV9Qv9fTWI4LUW8cVyqxbfreJrZqSAyMgSRrGSUBclFTmn5Z pavel@pavel-All-Series
----
-apiVersion: kaas.mirantis.com/v1alpha1
-kind: PublicKey
-metadata:
- name: dmeltsaykin
- namespace: default
-spec:
- publicKey: |
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqfNIy3WuxzRzOY/GBNGOnP5UrCFWZ8uMzW6hEl4wgIEYYIcv8o+C1/hvrfHimG/I/rAwYRS6Dx0bZ7m49zATNxe+EVer3BV63ru34Hzel/XxxyD34ULmrDgvP3olaAKFI17gVOFQ7hCBzDRp3s4YN3ojQspPyeiO+Jt8OwVomxJWgLauAHhl7Z/XPVHpT/fssJGG/eC4oOz4RZ4jAk0BH3Yl8s63grfwrgB79H/+nr0UvBdTkBn3T5WiC4gxnm+jQQwci7/BLQsg1Z3OykfTuyftIexNyVVy/SmdsGi37RJGFKRMMovoZx+261JgaHWBoHqBJa5UpV2usi9z3Py2z avgoor@MacBook-Pro-Denis.local
----
apiVersion: cluster.k8s.io/v1alpha1
kind: Cluster
metadata:
@@ -66,12 +21,6 @@
apiVersion: baremetal.k8s.io/v1alpha1
dedicatedControlPlane: false
dedicatedMetallbPools: true
- publicKeys:
- - name: vkhlyunev
- - name: maintenance-ci-robot
- - name: pglazov
- - name: dmeltsaykin
- - name: rlubianyi
loadBalancerHost: ""
dnsNameservers:
- 172.18.176.6
diff --git a/bm_mcc_mosk/mcc_seed_2401.yaml b/bm_mcc_mosk/mcc_seed_2401.yaml
index 68f8d54..fa01aaa 100644
--- a/bm_mcc_mosk/mcc_seed_2401.yaml
+++ b/bm_mcc_mosk/mcc_seed_2401.yaml
@@ -15,7 +15,7 @@
seed_subnet_cidr:
type: string
default: 172.16.180.0/23
- seed_net_dhcp:
+ seed_subnet_dhcp:
type: boolean
default: false
seed_subnet_pool_start:
@@ -30,11 +30,12 @@
flavor:
type: string
default: kaas.medium
- seed_seed_instance_name:
+ seed_instance_name:
type: string
- default: kaas_test
+ default: mcc-mosk
key_pair:
type: string
+# default: vkhlyunev
default: system-key-8133
seed_instance_domain:
type: string
@@ -48,6 +49,8 @@
instance_boot_timeout:
type: number
default: 600
+ env_name:
+ type: string
resources:
instance_wait_handle:
@@ -55,7 +58,7 @@
instance_wait_condition:
type: OS::Heat::WaitCondition
- depends_on: kaas_instance
+ depends_on: seed_instance
properties:
handle: { get_resource: instance_wait_handle }
timeout: { get_param: instance_boot_timeout }
@@ -101,3 +104,8 @@
$wait_condition_notify: { get_attr: [ instance_wait_handle, curl_cli ] }
$os_az: { get_param: availability_zone }
$nameservers: { get_param: nameservers }
+
+outputs:
+ seed_ext_ip:
+ description: IP for ssh access
+ value: { get_param: seed_subnet_cfg01_ip }
diff --git a/bm_mcc_mosk/mcc_seed_2401_userdata.yaml b/bm_mcc_mosk/mcc_seed_2401_userdata.yaml
index 06eb55f..22b3fc3 100644
--- a/bm_mcc_mosk/mcc_seed_2401_userdata.yaml
+++ b/bm_mcc_mosk/mcc_seed_2401_userdata.yaml
@@ -128,6 +128,7 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXWwy6p3t4AGvaCtFDJxqKZiPDotJnbu2IKg2p7sl7YXQw+APLKk9maHyUehQQuGzidgBZpmBOMAXENcO1FGFj56cnp4W9tldTiRq1bWcUMq42wfNwIToP6dAXj5ZyhL+UZj1GsCThSasDhFe4Xife0cn69KHJqtmahApQK6D7tpZr2UNDYNWh/2JIrUOcJXZU+BqNg7zm1KNb6e9lKXL6KLDeaCiQ0bj+L/unqepLdg26eO7AQSZ/rt2qAnbfcquozECtDhT4cbK8q9xJODlJQ3eQGOgTH3m8jGijL+3UdPFUzbo4KwSK4V9FmB711HVBCQM4nlH9zumIUSxutnkd rlubianyi@rlubianyi-pc
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhZxqF+NSuP+Dr2nmGHf4NIpH2xWSmq+UE/HGP6j81rKSBZeRb2SuRXLtLVh3NZ+3GLa4UQGvedcnsqzgvSt05LYujloHnLxIsrsOWbLxOcdUYkorhXenGKBxKopwViRNV2PovMAnwyZ27GkXH8RQ52XISOdTIIV7r8M3kLpxCor2jHnOzJOcr7rhLeSFTK5zw6//T3S+IOQ5/HEs+8NK1sNw2lxBTuk+dAydiaCsQqm4GMl5vZSy0j7cnsy+lq69zN2/Bi4JzKLDKF2ap4zDh/ELhUBoQhh12T0djFV9Qv9fTWI4LUW8cVyqxbfreJrZqSAyMgSRrGSUBclFTmn5Z pavel@pavel-All-Series
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqfNIy3WuxzRzOY/GBNGOnP5UrCFWZ8uMzW6hEl4wgIEYYIcv8o+C1/hvrfHimG/I/rAwYRS6Dx0bZ7m49zATNxe+EVer3BV63ru34Hzel/XxxyD34ULmrDgvP3olaAKFI17gVOFQ7hCBzDRp3s4YN3ojQspPyeiO+Jt8OwVomxJWgLauAHhl7Z/XPVHpT/fssJGG/eC4oOz4RZ4jAk0BH3Yl8s63grfwrgB79H/+nr0UvBdTkBn3T5WiC4gxnm+jQQwci7/BLQsg1Z3OykfTuyftIexNyVVy/SmdsGi37RJGFKRMMovoZx+261JgaHWBoHqBJa5UpV2usi9z3Py2z avgoor@MacBook-Pro-Denis.local
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjL5X8RdcYhxsd6j43p5Clk8hzq/IjfRvekD+xPy6DhD2kyKTnAR1FjtTeFtH1mC+lD+nUnswR1A5dR+5eHemKxz0IkWuDeL8+YdMpOy+bbQyA+tlTukGriPcIUCHOxn7u2u4zV4a+AcZha5obR1zv91nkGaWAfbjDHTl2f4IB3Rx3rJwd/3r7ge1MA0qIRqr1k+FY99477zd+nbYVP8n84+uY7DoaFHtzEWTXqc2CwdEO+5uzMzdWWRUwU1vwe4Ac9i1NtsA33pa1VVMKny2S2k2JcvNpkKDo7x4ezH2fOuHiDTOk4CqUjg7TlpsdMbT8ugj5YE8H/O3Kh25t3Fkn maintenance-ci-robot
- path: /etc/bash_completion.d/kaas
content: |
@@ -169,30 +170,30 @@
parameters:
forward-delay: 4
stp: false
- - path: /root/do_deploy.sh
+ - path: /root/do_deploy_mcc_mgmt.sh
content: |
set -e
source /root/env_vars.sh
- while [ ! -d /root/templates ] ; do sleep 4 ; done
+ while [ ! -d "${OUT_DIR}" ] ; do sleep 4 ; done
[[ "$(sed -n 693p /root/kaas-bootstrap/bootstrap.sh)" -eq "configure" ]] && sed -i "693d" /root/kaas-bootstrap/bootstrap.sh
/root/kaas-bootstrap/bootstrap.sh all
export KUBECONFIG=/root/kubeconfig
echo r00tme | /root/kaas-bootstrap/container-cloud bootstrap user add --username root --roles global-admin,management-admin,reader,writer,operator --kubeconfig kubeconfig --password-stdin
- - path: /root/do_child.sh
+ - path: /root/do_deploy_child.sh
content: |
set -e
- while [ ! -d /root/child/templates ] ; do echo 'no child templates!' ; sleep 4 ; done
+ while [ ! -d /root/bm_mcc_mosk/child/cluster ] ; do echo 'no child templates!' ; sleep 4 ; done
export KUBECONFIG=/root/kubeconfig
- kubectl apply -f /root/child/templates/project.yaml
- sleep 2 && kubectl -n mosk apply -f /root/child/templates/ssh_pubkeys.yaml
- sleep 2 && kubectl -n mosk apply -f /root/child/templates/cluster.yaml
- sleep 2 && kubectl -n mosk apply -f /root/child/templates/baremetalhosts.yaml
- sleep 2 && kubectl -n mosk apply -f /root/child/templates/baremetalhostprofiles.yaml
- sleep 2 && kubectl -n mosk apply -f /root/child/templates/subnets.yaml
- sleep 2 && kubectl -n mosk apply -f /root/child/templates/l2_templates.yaml
- sleep 2 && kubectl -n mosk apply -f /root/child/templates/metallbconfig.yaml
- sleep 2 && kubectl -n mosk apply -f /root/child/templates/machines.yaml
- sleep 2 && kubectl -n mosk apply -f /root/child/templates/kaascephcluster.yaml
+ /root/kaas-bootstrap/bin/kubectl apply -f /root/bm_mcc_mosk/child/cluster/project.yaml
+ sleep 2 && /root/kaas-bootstrap/bin/kubectl -n mosk apply -f /root/bm_mcc_mosk/child/cluster/ssh_pubkeys.yaml
+ sleep 2 && /root/kaas-bootstrap/bin/kubectl -n mosk apply -f /root/bm_mcc_mosk/child/cluster/cluster.yaml
+ sleep 2 && /root/kaas-bootstrap/bin/kubectl -n mosk apply -f /root/bm_mcc_mosk/child/cluster/baremetalhosts.yaml
+ sleep 2 && /root/kaas-bootstrap/bin/kubectl -n mosk apply -f /root/bm_mcc_mosk/child/cluster/baremetalhostprofiles.yaml
+ sleep 2 && /root/kaas-bootstrap/bin/kubectl -n mosk apply -f /root/bm_mcc_mosk/child/cluster/subnets.yaml
+ sleep 2 && /root/kaas-bootstrap/bin/kubectl -n mosk apply -f /root/bm_mcc_mosk/child/cluster/l2_templates.yaml
+ sleep 2 && /root/kaas-bootstrap/bin/kubectl -n mosk apply -f /root/bm_mcc_mosk/child/cluster/metallbconfig.yaml
+ sleep 2 && /root/kaas-bootstrap/bin/kubectl -n mosk apply -f /root/bm_mcc_mosk/child/cluster/machines.yaml
+ sleep 2 && /root/kaas-bootstrap/bin/kubectl -n mosk apply -f /root/bm_mcc_mosk/child/cluster/kaascephcluster.yaml
- path: /etc/udev/rules.d/60-ssd-scheduler.rules
content: |
@@ -205,10 +206,11 @@
export KAAS_BM_PXE_MASK="23"
export KAAS_BM_PXE_BRIDGE="br0"
export CLUSTER_NAME=kaas-mgmt
- export OUT_DIR=/root/templates
+ export OUT_DIR=/root/bm_mcc_mosk/kaas-mgmt/
+ export KAAS_BOOTSTRAP_INFINITE_TIMEOUT=true
- path: /root/get_child_kubeconfig.sh
content: |
- /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/kubeconfig -n mosk get secrets mosk-kubeconfig -o jsonpath='{.data.admin\.conf}' | base64 -d | sed 's/:5443/:443/g' | tee /root/child.kubeconfig
+ /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/kubeconfig -n mosk get secrets mosk-kubeconfig -o jsonpath='{.data.admin\.conf}' | base64 -d | sed 's/:5443/:443/g' > /root/child.kubeconfig
export KUBECONFIG=/root/child.kubeconfig
- path: /root/mirantis.lic
content: |
diff --git a/bm_mcc_mosk/utils/tsl_gen.sh b/bm_mcc_mosk/utils/tsl_gen.sh
index 736c4de..41af942 100644
--- a/bm_mcc_mosk/utils/tsl_gen.sh
+++ b/bm_mcc_mosk/utils/tsl_gen.sh
@@ -59,4 +59,4 @@
cfssl gencert -initca ca-csr.json | cfssljson -bare ca
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem --config=ca-config.json -profile=kubernetes server-csr.json | cfssljson -bare server
popd
-python3 tsl_to_yaml.py
\ No newline at end of file
+python3 /root/bm_mcc_mosk/utils/tsl_to_yaml.py
\ No newline at end of file
diff --git a/bm_mcc_mosk/utils/tsl_to_yaml.py b/bm_mcc_mosk/utils/tsl_to_yaml.py
index d2c1292..8c3b416 100644
--- a/bm_mcc_mosk/utils/tsl_to_yaml.py
+++ b/bm_mcc_mosk/utils/tsl_to_yaml.py
@@ -61,7 +61,7 @@
with open(path, "r") as certfile:
secrets_template["stringData"][f] = certfile.read()
-out_file_path = "/root/child/osdpl-ssl-secrets.yaml"
+out_file_path = "/root/bm_mcc_mosk/child/kaas_workloads/osdpl-ssl-secrets.yaml"
with open(out_file_path, "w") as f:
yaml.dump(secrets_template, f)
diff --git a/bm_mcc_mosk/utils/update_kube_dns_conf.py b/bm_mcc_mosk/utils/update_kube_dns_conf.py
new file mode 100644
index 0000000..3658a21
--- /dev/null
+++ b/bm_mcc_mosk/utils/update_kube_dns_conf.py
@@ -0,0 +1,20 @@
+import sys
+import yaml
+
+assert len(sys.argv) > 1
+internal_ip = sys.argv[1]
+domain = "subdomain.team.sustaining"
+template = """
+{domain}:53 {{
+ errors
+ cache 30
+ forward . {internal_ip}
+}}"""
+with open("/root/coredns.conf", "r") as f:
+ content = yaml.safe_load(f)
+content['data']['Corefile'] += template.format(
+ domain=domain, internal_ip=internal_ip)
+
+out_file_path = "/root/coredns.patched.conf"
+with open(out_file_path, "w") as f:
+ yaml.safe_dump(content, f)
diff --git a/jobs/pipelines/mosk/deploy-bm.groovy b/jobs/pipelines/mosk/deploy-bm.groovy
index 9e2977e..a397a6d 100644
--- a/jobs/pipelines/mosk/deploy-bm.groovy
+++ b/jobs/pipelines/mosk/deploy-bm.groovy
@@ -1 +1,120 @@
-// STUB FOR REPLAY TESTING
\ No newline at end of file
+@Library('tcp-qa')_
+
+import groovy.xml.XmlUtil
+
+common = new com.mirantis.mk.Common()
+shared = new com.mirantis.system_qa.SharedPipeline()
+
+NODE_LABEL = "sre-team-infra"
+ENV_NAME = "bm-mcc-mosk"
+ENV_NAME = "vkhlyunev-bm-mosk"
+MAINTENANCE_TEAM_SSH_ID = 'maintenance-team-ssh'
+IPMI_CREDS = 'lab_engineer' // base bm lab
+def seed_ext_ip = '172.16.180.2'
+def kubectl_openstack_cmd = ''
+ssh_params = "-o ConnectTimeout=20 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
+
+timeout(time: 3, unit: 'HOURS') {
+ timestamps {
+ node ("${NODE_LABEL}") {
+ checkout scm
+ shared.update_working_dir()
+ withCredentials(
+ [[$class : 'UsernamePasswordMultiBinding',
+ credentialsId : env.OS_CREDENTIALS,
+ passwordVariable: 'OS_PASSWORD',
+ usernameVariable: 'OS_USERNAME'
+ ]]) {
+ env.OS_IDENTITY_API_VERSION = 3
+ stage("Pre-cleanup: erase BM labs") {
+ // TODO: wipe all bm labs, including MCP1
+ println "Remove heat stack '${ENV_NAME}'"
+ shared.run_cmd("""\
+ openstack stack delete -y ${ENV_NAME} || true
+ timeout 20m /bin/bash -c "while openstack stack show ${ENV_NAME} -f value -c stack_status; do sleep 10; done"
+ """)
+ withCredentials([
+ [$class : 'UsernamePasswordMultiBinding',
+ credentialsId : "${IPMI_CREDS}",
+ passwordVariable: 'IPMI_PASS',
+ usernameVariable: 'IPMI_USER']
+ ]) {
+ env.IPMI_PASS = IPMI_PASS
+ env.IPMI_USER = IPMI_USER
+ shared.reboot_hardware_nodes("${IPMI_CREDS}")
+ } //withCredentials IPMI
+ } //stage
+ stage("Boot seed node's heat stack"){
+ println "Create stack '${ENV_NAME}'"
+ shared.run_cmd("pushd bm_mcc_mosk && openstack stack create --wait -t mcc_seed_2401.yaml --parameter env_name=${ENV_NAME} ${ENV_NAME}")
+ seed_ext_ip = shared.run_cmd_stdout("openstack stack output show ${ENV_NAME} seed_ext_ip -f value -c output_value").trim().split().last()
+ println "SEED IP: '${seed_ext_ip}'"
+ } //stage
+ } //withCredentials OS cloud
+ sshagent(credentials: ['maintenance-team-ssh']) {
+ withCredentials(
+ [[$class: 'SSHUserPrivateKeyBinding',
+ keyFileVariable: "MAINTENANCE_TEAM_SSH_KEY",
+ credentialsId: MAINTENANCE_TEAM_SSH_ID,
+ usernameVariable: "MAINTENANCE_TEAM_SSH_USERNAME"]]) {
+ stage("Bootstrap MCC+child"){
+ sh "scp ${ssh_params} ${MAINTENANCE_TEAM_SSH_KEY} root@${seed_ext_ip}:/root/.ssh/id_rsa "
+ sh "scp -r ${ssh_params} bm_mcc_mosk root@${seed_ext_ip}: "
+ sh "ssh ${ssh_params} root@${seed_ext_ip} bash do_deploy_mcc_mgmt.sh"
+ sh "ssh ${ssh_params} root@${seed_ext_ip} bash do_deploy_child.sh"
+ // TODO: unhardcode cluster names
+ check_child_cmd = "ssh ${ssh_params} root@${seed_ext_ip} /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/kubeconfig -n mosk get cluster mosk -o jsonpath='{.status.providerStatus.ready}' 2>/dev/null || echo 'ssh error, ignoring'"
+ check_kcc_cmd = "ssh ${ssh_params} root@${seed_ext_ip} /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/kubeconfig -n mosk get kcc mosk-ceph -o jsonpath='{.status.shortClusterInfo.state}' 2>/dev/null || echo 'ssh error, ignoring'"
+ child_ready = false
+ kcc_ready = false
+ println "Waiting child cluster to become ready..."
+ while(!child_ready){
+ sleep 60
+ status = sh(returnStdout: true, script: "${check_child_cmd}").trim()
+ if (status == "true"){
+ child_ready = true
+ } //if
+ } //while
+ println "Waiting child Ceph cluster to become ready..."
+ while(!kcc_ready){
+ sleep 60
+ status = sh(returnStdout: true, script: "${check_kcc_cmd}").trim()
+ if (status == "Ready"){
+ kcc_ready = true
+ } //if
+ } //while
+ } //stage MCC
+ stage("Prepare and deploy MOSK"){
+ sh "ssh ${ssh_params} root@${seed_ext_ip} '/bin/bash /root/get_child_kubeconfig.sh'"
+ sh "ssh ${ssh_params} root@${seed_ext_ip} '/bin/bash /root/bm_mcc_mosk/utils/tsl_gen.sh'"
+ kubectl_openstack_cmd = "ssh ${ssh_params} root@${seed_ext_ip} /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/child.kubeconfig -n openstack "
+ sh "${kubectl_openstack_cmd} apply -f /root/bm_mcc_mosk/child/kaas_workloads/osdpl-ssl-secrets.yaml"
+ sh "${kubectl_openstack_cmd} apply -f /root/bm_mcc_mosk/child/kaas_workloads/osdpl.yaml"
+ mosk_check_cmd = "${kubectl_openstack_cmd} get osdplst osh-dev -o jsonpath='{.status.osdpl.state}'"
+ mosk_ready = false
+ while(!mosk_ready){
+ sleep 60
+ status = sh(returnStdout: true, script: "${mosk_check_cmd}").trim()
+ if (status == "APPLIED"){
+ mosk_ready = true
+ } //if
+ } //while
+ } //stage MOSK
+ stage("Configure DNS server") {
+ get_ingress_ip_cmd = "${kubectl_openstack_cmd} get service ingress -o jsonpath='{.status.loadBalancer.ingress[0].ip}'"
+ get_dns_internal_ip_cmd = "ssh ${ssh_params} root@${seed_ext_ip} /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/child.kubeconfig -n coredns get service coredns-coredns -o jsonpath='{.spec.clusterIP}'"
+ ingress_ip = sh(returnStdout: true, script: get_ingress_ip_cmd).trim()
+ sh "ssh ${ssh_params} root@${seed_ext_ip} sed -i 's/!!!EXT_DNS_IP/${ingress_ip}/g' /root/bm_mcc_mosk/child/kaas_workloads/coredns.yaml"
+ sh "ssh ${ssh_params} root@${seed_ext_ip} /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/child.kubeconfig apply -f /root/bm_mcc_mosk/child/kaas_workloads/coredns.yaml"
+ sleep 120
+ dns_internal_ip = sh(returnStdout: true, script: get_dns_internal_ip_cmd).trim()
+ sh "ssh ${ssh_params} root@${seed_ext_ip} \"/root/kaas-bootstrap/bin/kubectl --kubeconfig /root/child.kubeconfig -n kube-system get configmap coredns -oyaml > coredns.conf\""
+ sh "ssh ${ssh_params} root@${seed_ext_ip} /usr/bin/python3 /root/bm_mcc_mosk/utils/update_kube_dns_conf.py ${dns_internal_ip}"
+ sh "ssh ${ssh_params} root@${seed_ext_ip} /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/child.kubeconfig apply -f coredns.patched.conf"
+
+ } // stage DNS
+ } //withCredentials
+ } //sshagent
+ } //node
+ } //timestamps
+} //timeout
\ No newline at end of file