OSASINFRA-3492: openstack: leverage ORC to handle RHCOS image #5139
Conversation
openshift-ci-robot
added
the
jira/valid-reference
|
@EmilienM: This pull request references OSASINFRA-3492 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.18.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci
bot
added
area/cli
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: EmilienM The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
area/hypershift-operator
✅ Deploy Preview for hypershift-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
support/releaseinfo/releaseinfo.go
Outdated
| type CoreOpenStackDisk struct { | ||
| Release string `json:"release"` | ||
| URL string `json:"url"` | ||
| } |
There was a problem hiding this comment.
I want to add the Hash as well.
|
/cc bryan-cox |
There was a problem hiding this comment.
Either needs wiring up to nodepool to use imageRef (preferrable), or we need to add a wait loop somewhere in here to ensure that the image is Available before creating any machines referencing it.
We don't want to do that second one, so... we should add an imageRef to Nodepool.
| func reconcileOpenStackImageCR(ctx context.Context, client client.Client, createOrUpdate upsert.CreateOrUpdateFN, hcluster *hyperv1.HostedCluster, controlPlaneNamespace string) error { | ||
| openStackImage := orc.Image{ | ||
| ObjectMeta: metav1.ObjectMeta{ | ||
| Name: "rhcos" + hcluster.Name, |
There was a problem hiding this comment.
| Name: "rhcos" + hcluster.Name, | |
| Name: "rhcos-" + hcluster.Name, |
There was a problem hiding this comment.
We may also want to name it by the release image version so it can be shared between clusters 🤔
There was a problem hiding this comment.
I don't know if the resource could be shared across multiple clusters, that's an interesting idea. I'll investigate for sure.
| Spec: orc.ImageSpec{}, | ||
| } | ||
|
|
||
| if _, err := createOrUpdate(ctx, client, &openStackImage, func() error { |
There was a problem hiding this comment.
TODO: check what createOrUpdate() does. Given that we have applyconfigs it's trivial for us to SSA these, so there's really no need for a function that actually does create or update.
There was a problem hiding this comment.
From the doc:
// CreateOrUpdate is a copy of controllerutil.CreateOrUpdate with
// an important difference: It copies a number of fields from the object
// on the server to the mutated object if unset in the latter. This
// avoids unnecessary updates when our code sets a whole struct that
// has fields that get defaulted by the server.
| return rhcosImageURL, rhcosImageRelease, fmt.Errorf("arch does not exist in release image, arch: %s", supportedArch) | ||
| } | ||
|
|
||
| rhcosImageURL = releaseImage.StreamMetadata.Architectures[hyperv1.ArchAliases[supportedArch]].RHCOS.OpenStackDisk.URL |
There was a problem hiding this comment.
I'm 99% sure we can grab the SHA256s from here, too. It's probably in OpenStackDisk.
| // we plan to deliver the OpenStack provider as a dev preview. | ||
| return nil, fmt.Errorf("image name is required") | ||
| openStackMachineTemplate.Template.Spec.Image.ImageRef = &capiopenstackv1beta1.ResourceReference{ | ||
| Name: "rhcos" + hcluster.Name, |
There was a problem hiding this comment.
| Name: "rhcos" + hcluster.Name, | |
| Name: "rhcos-" + hcluster.Name, |
(Or version number)
support/releaseinfo/releaseinfo.go
Outdated
| @@ -69,14 +69,20 @@ type CoreOSImages struct { | |||
| } | |||
|
|
|||
| type CoreRHCOSImage struct { | |||
| AzureDisk CoreAzureDisk `json:"azure-disk"` | |||
| AzureDisk CoreAzureDisk `json:"azure-disk"` | |||
| OpenStackDisk CoreOpenStackDisk `json:"openstack-disk"` | |||
There was a problem hiding this comment.
Are you sure this is required? Doesn't seem to be used. What do you expect to go here?
| @@ -498,3 +505,39 @@ func defaultWorkerSecurityGroupRules(machineCIDRs []string) []capo.SecurityGroup | |||
|
|
|||
| return ingressRules | |||
| } | |||
|
|
|||
| // lookupRHCOSImage looks up a release image and extracts the RHCOS image URL and release version | |||
| func lookupRHCOSImage(ctx context.Context, client client.Client, hcluster *hyperv1.HostedCluster) (string, string, error) { | |||
There was a problem hiding this comment.
We should just leverage the existing lookupRHCOSImage and make it an exported function. We could pass in a platform field to differentiate between OSP and Azure.
Instead of forcing the users to provide an existing OpenStack Glance image, we now let our CAPI provider to upload the image used in the release payload and handle its lifecycle with ORC.
| @@ -67,6 +67,13 @@ func (c *CAPI) Reconcile(ctx context.Context) error { | |||
| return err | |||
| } | |||
|
|
|||
| // Reconcile ORC resources | |||
| if nodePool.Spec.Platform.Type == hyperv1.OpenStackPlatform { | |||
There was a problem hiding this comment.
I don't know if this pattern will be accepted. Suggestions are welcome!
There was a problem hiding this comment.
@bryan-cox I realized that we probably need to handle the OpenStack RHCOS image by Nodepool, since the release image can be overridden per Nodepool?
| func ReconcileOpenStackImageCR(ctx context.Context, client client.Client, createOrUpdate upsert.CreateOrUpdateFN, hcluster *hyperv1.HostedCluster, controlPlaneNamespace string, release *releaseinfo.ReleaseImage) error { | ||
| openStackImage := orc.Image{ | ||
| ObjectMeta: metav1.ObjectMeta{ | ||
| Name: "rhcos-" + hcluster.Name, |
|
|
||
| openStackImageSpec.Resource = &orc.ImageResourceSpec{ | ||
| // THIS IS NOT GOOD, NEEDS TO BE FIXED (something related to the image itself should be used, like version) | ||
| Name: "rhcos-" + hcluster.Name, |
|
/test e2e-openstack |
| @@ -54,7 +54,7 @@ func defaultImage(releaseImage *releaseinfo.ReleaseImage) (string, string, error | |||
| return containerImage, split[1], nil | |||
| } | |||
|
|
|||
| func unsupportedOpenstackDefaultImage(releaseImage *releaseinfo.ReleaseImage) (string, string, error) { | |||
| func UnsupportedOpenstackDefaultImage(releaseImage *releaseinfo.ReleaseImage) (string, string, error) { | |||
There was a problem hiding this comment.
We probably want to move that function to utils or something
|
@EmilienM: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
For myself: we need to update RBAC: |
What this PR does / why we need it:
Instead of forcing the users to provide an existing OpenStack Glance
image, we now let our CAPI provider to upload the image used in the
release payload and handle its lifecycle with ORC.