airship/airshipctl
Code Issues Proposed changes
airshipctl/manifests/function/hostgenerator-m3
History
Alexey Odinokov b51e7559b6 Adding encryption of k8s secrets and iso users passwords 
This patchset introduces a generated with template [1] and encrypted
VariableCatalogue generated-secrets that contains steps to
generate: ephemeral and target CA+admin key/cert and passwords for
users in ephemeral bootstrap iso.

It also introduces the way how these secrets are used in manifests:
They're decrypted by kustomize and incorporated into the folders
`catalogues` in the site, so they can be used by replacement plugin.

This patchset contains modifications in replacement plugin
configurations to put the decrypted values from VariableCatalogue
in place.

Since k8s secrets were substituted with generated values
this patchset removes pre-generated k8s secrets.

[1]
manifests/type/gating/target/generator/secret-template.yaml

Change-Id: I0898c74012833f0e171d36bb8145acf358510b69
2021-02-12 04:07:36 +00:00
..
cleanup
Adding encryption of k8s secrets and iso users passwords
2021-02-12 04:07:36 +00:00
replacements
Change image tags
2020-11-10 12:23:25 -06:00
hosttemplate.yaml
Update PROXY, TARGET_NODE parameters
2021-01-22 17:54:09 +00:00
kustomization.yaml
Add an m3 host generator function
2020-07-17 15:30:26 -05:00
README.md
Deduplicate airshipctl manifest networking
2020-10-21 16:26:10 -05:00

README.md

Function: hostgenerator-m3

This function constructs a collection of Metal3 BareMetalHost resources, along with associated configuration Secrets. It solves for a couple of things:

  1. pulling the nitty gritty details for generating BMH into one reusable place,
  2. allowing the site-specific details to be filled in via catalogues of values

This function leverages a couple of different plugins in sequence: The airshipctl Replacement plugin, which pulls the site-specific data from the catalogue documents into a Templater plugin configuration; and then the airshipctl Templater plugin, which generates a variable number of BMHs in a data-driven fashion.

To use this function, do the following:

  • Supply a networking catalogue, which outlines things that are typically common across hosts in a site, such as networking interfaces, DNS servers, and other networking info. Example: manifests/type/gating/shared/catalogues/common-networking.yaml

  • Supply a host-catalogue, which contains host-specific data, such as IP addresses and BMC information. Example: manifests/site/test-site/shared/catalogues/hosts.yaml

  • Supply a host-generation-catalogue for each phase that needs to deploy one or more BMHs. This catalogue simply lists the specific hosts that should be deployed during that phase. Example: manifests/site/test-site/ephemeral/bootstrap/hostgenerator/host-generation.yaml

  • If any per-host changes need to be made, they can be layered on top as site- or phase-specific Kustomize patches against the generated documents. E.g, if one host has a different network interface name, or if different details need to be used during ISO bootstrapping and normal deployment. Example: manifests/site/test-site/ephemeral/bootstrap/baremetalhost.yaml