Switch to ubuntu

Support/Multitenancy/Multiple-Ironic-conductors/.gitignore

@@ -12,4 +12,13 @@ bmc-*.yaml
 ironic.env
 ironic_logs/*
 track.csv
-opt/*
+Metal3/*
+*/ironic-username
+*/ironic-password
+*/ironic-inspector-username
+*/ironic-inspector-password
+*-tpl
+ironic/ironic-auth-config
+ironic/ironic-htpasswd
+ironic/ironic-inspector-auth-config
+ironic/ironic-inspector-htpasswd

Support/Multitenancy/Multiple-Ironic-conductors/Init-environment-v2.sh

@@ -4,15 +4,19 @@ trap 'trap - SIGTERM && kill -- -'$$'' SIGINT SIGTERM EXIT
 __dir__=$(realpath "$(dirname "$0")")
 # shellcheck disable=SC1091
 . ./config.sh
-./vm-setup.sh
-./install-tools.sh
+# ./vm-setup.sh
+# ./install-tools.sh
 # This is temporarily required since https://review.opendev.org/c/openstack/sushy-tools/+/875366 has not been merged.
-./build-sushy-tools-image.sh
+# ./build-sushy-tools-image.sh
+
+./dev-setup.sh
+
 ./generate_unique_nodes.sh
 ./start_containers.sh
-./configure-minikube.sh
-./handle-images.sh
+# ./configure-minikube.sh
+# ./handle-images.sh
 ./install-ironic.sh
 ./install-bmo.sh
 
 python create_nodes.py
+./watch_bmh.sh

Support/Multitenancy/Multiple-Ironic-conductors/build-api-server-container-image.sh

@@ -4,17 +4,18 @@ __dir__=$(realpath $(dirname $0))
 IMAGE_NAME="172.22.0.1:5000/localimages/capim:latest"
 
 if [[ ${1:-""} == "-f" ]]; then
-    podman rmi "${IMAGE_NAME}"
+    docker rmi "${IMAGE_NAME}"
     kubectl delete -f capim-modified.yaml
 fi
 
-if [[ $(podman images | grep ${IMAGE_NAME}) != "" ]]; then
-    podman push --tls-verify=false "${IMAGE_NAME}"
+if [[ $(docker images | grep ${IMAGE_NAME}) != "" ]]; then
+    docker push "${IMAGE_NAME}"
     exit 0
 fi
 CAPI_DIR="/tmp/cluster-api"
 if [[ ! -d "${CAPI_DIR}" ]]; then
     git clone https://github.com/kubernetes-sigs/cluster-api.git "${CAPI_DIR}"
+    git checkout 17a5a7466dbd87db086
 fi
 
 cd "${CAPI_DIR}"
@@ -25,7 +26,7 @@ cp "${__dir__}/main.go" "${INMEMORY_DIR}/main.go"
 
 cd "${INMEMORY_DIR}" || exit
 
-podman build --build-arg=builder_image=docker.io/library/golang:1.20.8 --build-arg=goproxy=https://proxy.golang.org,direct --build-arg=ARCH=amd64 --build-arg=ldflags="-X 'sigs.k8s.io/cluster-api/version.buildDate=2023-10-10T11:47:30Z'  -X 'sigs.k8s.io/cluster-api/version.gitCommit=8ba3f47b053da8bbf63cf407c930a2ee10bfd754' -X 'sigs.k8s.io/cluster-api/version.gitTreeState=dirty' -X 'sigs.k8s.io/cluster-api/version.gitMajor=1' -X 'sigs.k8s.io/cluster-api/version.gitMinor=0' -X 'sigs.k8s.io/cluster-api/version.gitVersion=v1.0.0-4041-8ba3f47b053da8-dirty' -X 'sigs.k8s.io/cluster-api/version.gitReleaseCommit=e09ed61cc9ba8bd37b0760291c833b4da744a985'" ../../.. -t "${IMAGE_NAME}" --file Dockerfile
+docker build --build-arg=builder_image=docker.io/library/golang:1.20.8 --build-arg=goproxy=https://proxy.golang.org,direct --build-arg=ARCH=amd64 --build-arg=ldflags="-X 'sigs.k8s.io/cluster-api/version.buildDate=2023-10-10T11:47:30Z'  -X 'sigs.k8s.io/cluster-api/version.gitCommit=8ba3f47b053da8bbf63cf407c930a2ee10bfd754' -X 'sigs.k8s.io/cluster-api/version.gitTreeState=dirty' -X 'sigs.k8s.io/cluster-api/version.gitMajor=1' -X 'sigs.k8s.io/cluster-api/version.gitMinor=0' -X 'sigs.k8s.io/cluster-api/version.gitVersion=v1.0.0-4041-8ba3f47b053da8-dirty' -X 'sigs.k8s.io/cluster-api/version.gitReleaseCommit=e09ed61cc9ba8bd37b0760291c833b4da744a985'" ../../.. -t "${IMAGE_NAME}" --file Dockerfile
 
-podman push --tls-verify=false "${IMAGE_NAME}"
+# docker push "${IMAGE_NAME}"
 minikube image load "${IMAGE_NAME}"

Support/Multitenancy/Multiple-Ironic-conductors/build-sushy-tools-image.sh

@@ -1,19 +1,26 @@
 #!/bin/bash
 #
+REGISTRY_NAME="registry"
+REGISTRY_PORT="5000"
+# Start docker registry if it's not already running
+if ! docker ps | grep -q "$REGISTRY_NAME"; then
+    docker run -d -p "$REGISTRY_PORT":"$REGISTRY_PORT" --name "$REGISTRY_NAME" docker.io/library/registry:2.7.1
+fi
+#
 IMAGE_NAME="127.0.0.1:5000/localimages/sushy-tools"
 if [[ ${1:-""} == "-f" ]]; then
-    podman rmi "${IMAGE_NAME}"
+    docker rmi "${IMAGE_NAME}"
 fi
 
-if [[ $(podman images | grep ${IMAGE_NAME}) != "" ]]; then
-    podman push --tls-verify=false "${IMAGE_NAME}"
+if [[ $(docker images | grep ${IMAGE_NAME}) != "" ]]; then
+    docker push "${IMAGE_NAME}"
     exit 0
 fi
 SUSHYTOOLS_DIR="/tmp/sushy-tools"
-rm -rf "$SUSHYTOOLS_DIR"
-git clone https://opendev.org/openstack/sushy-tools.git "$SUSHYTOOLS_DIR"
+# rm -rf "$SUSHYTOOLS_DIR"
+# git clone https://opendev.org/openstack/sushy-tools.git "$SUSHYTOOLS_DIR"
 cd "$SUSHYTOOLS_DIR" || exit
-git fetch https://review.opendev.org/openstack/sushy-tools refs/changes/66/875366/39 && git cherry-pick FETCH_HEAD
+# git fetch https://review.opendev.org/openstack/sushy-tools refs/changes/66/875366/39 && git cherry-pick FETCH_HEAD
 
 pip3 install build
 python3 -m build
@@ -49,7 +56,6 @@ RUN mkdir -p /root/sushy
 # Set the default command to run when starting the container
 CMD ["sushy-emulator", "-i", "::", "--config", "/root/sushy/conf.py"]
 EOF
-podman push --tls-verify=false
 
-podman build -t "${IMAGE_NAME}" .
-podman push --tls-verify=false "${IMAGE_NAME}"
+docker build -t "${IMAGE_NAME}" .
+# docker push "${IMAGE_NAME}"

Support/Multitenancy/Multiple-Ironic-conductors/clean.sh

@@ -3,8 +3,8 @@
 # shellcheck disable=SC1091
 . ./config.sh
 # Delete network connections
-sudo systemctl enable --now libvirtd
-sudo nmcli con delete baremetal provisioning
+# sudo systemctl enable --now libvirtd
+# sudo nmcli con delete baremetal provisioning
 
 # Disable and delete bridge interfaces
 for iface in baremetal provisioning; do
@@ -31,21 +31,17 @@ minikube stop
 minikube delete --all --purge
 
 # Stop and delete containers
-declare -a running_containers=($(podman ps --all --format json | jq -r '.[].Names[0]'))
-echo ${running_containers[0]}
-declare -a containers=("ipa-downloader" "ironic" "keepalived" "registry" "ironic-client" "openstack-client" "httpd-infra")
+declare -a running_containers=($(docker ps --all --format json | jq -r '.Names'))
+declare -a containers=("ipa-downloader" "ironic" "keepalived" "registry" "ironic-client" "openstack-client" "httpd-infra" "image-server")
 
 for container in "${running_containers[@]}"; do
     if [[ "${containers[@]}" =~  "${container}" || "${container}" =~ "sushy-tools-"* || "${container}" =~ "fake-ipa-"* ]]; then
         echo "Deleting the container: ${container}"
-        podman stop "$container" &>/dev/null
-        podman rm "$container" &>/dev/null
+        docker stop "$container" &>/dev/null
+        docker rm "$container" &>/dev/null
     fi
 done
 
 rm -rf bmc-*.yaml
 
-rm -rf macaddrs uuids node.json nodes.json batch.json in-memory-development.yaml sushy-tools-conf ironic.env
-
-podman pod rm infra-pod ironic-pod
-sudo rm -rf opt/metal3-dev-env/ironic/html
+rm -rf macaddrs uuids node.json nodes.json batch.json in-memory-development.yaml sushy-tools-conf

Support/Multitenancy/Multiple-Ironic-conductors/config.sh

@@ -1,18 +1,18 @@
 #!/bin/bash
 #
-export N_NODES=10
-export N_SUSHY=2
-export N_FAKE_IPA=2
-export N_IRONICS=4
+export N_NODES=1000
+export N_SUSHY=60
+export N_FAKE_IPA=40
+export N_IRONICS=50
 export N_APISERVER_PODS=5
 # export N_NODES=50
 # export N_SUSHY=2
 # export N_FAKE_IPA=2
 # export N_IRONICS=3
 
 # Translating N_IRONICS to IRONIC_ENDPOINTS. Don't change this part
-IRONIC_ENDPOINTS="172.22.0.2"
+IRONIC_ENDPOINTS="192.168.222.100"
 for i in $(seq 2 $N_IRONICS); do
-    IRONIC_ENDPOINTS="${IRONIC_ENDPOINTS} 172.22.0.$(( i + 1 ))"
+    IRONIC_ENDPOINTS="${IRONIC_ENDPOINTS} 192.168.222.$(( 100+i ))"
 done
 export IRONIC_ENDPOINTS

Support/Multitenancy/Multiple-Ironic-conductors/configure-minikube.sh

@@ -18,7 +18,7 @@ __dir__=$(realpath "$(dirname "$0")")
 IRONIC_DATA_DIR="${__dir__}/opt/metal3-dev-env/ironic"
 mkdir -p "${IRONIC_DATA_DIR}"
 IPA_DOWNLOADER_IMAGE="quay.io/metal3-io/ironic-ipa-downloader"
-podman run -d --net host --privileged --name ipa-downloader \
+docker run -d --net host --privileged --name ipa-downloader \
   --env-file ironic.env \
   -v "${IRONIC_DATA_DIR}:/shared" "${IPA_DOWNLOADER_IMAGE}" /usr/local/bin/get-resource.sh
 
@@ -46,7 +46,7 @@ minikube stop
 # minikube start --insecure-registry 127.0.0.1:5000
 minikube start --driver=kvm2
 
-podman wait ipa-downloader
+docker wait ipa-downloader
 
 IMAGE_NAMES=(
   quay.io/jetstack/cert-manager-controller:v1.13.0

Support/Multitenancy/Multiple-Ironic-conductors/create-ironic-client.sh

@@ -0,0 +1,47 @@
+ironic_client="ironicclient.sh"
+openstack_dir="${PWD}/_clouds_yaml"
+rm -rf "${openstack_dir}"
+mkdir -p "${openstack_dir}"
+__dir__=$(realpath "$(dirname "$0")")
+cp ${__dir__}/opt/metal3-dev-env/ironic/certs/ironic-ca.pem "${openstack_dir}/ironic-ca.crt"
+cat << EOT >"${openstack_dir}/clouds.yaml"
+clouds:
+  metal3:
+    auth_type: none
+    baremetal_endpoint_override: https://172.22.0.2:6385
+    baremetal_introspection_endpoint_override: https://172.22.0.2:5050
+    verify: false
+EOT
+
+docker run --net=host \
+  --name openstack-client \
+  --detach \
+  --entrypoint=/bin/sleep \
+  -v "${openstack_dir}:/etc/openstack" \
+  -e OS_CLOUD="${OS_CLOUD:-metal3}" \
+  "172.22.0.1:5000/localimages/ironic-client" \
+  "inf"
+
+
+cat << EOT >"${ironic_client}"
+#!/bin/bash
+
+DIR="$(dirname "$(readlink -f "$0")")"
+
+if [ -d $openstack_dir ]; then
+  MOUNTDIR=$openstack_dir
+else
+  echo 'cannot find $openstack_dir'
+  exit 1
+fi
+
+if [ \$1 == "baremetal" ] ; then
+  shift 1
+fi
+
+# shellcheck disable=SC2086
+docker exec openstack-client /usr/bin/baremetal "\$@"
+EOT
+
+sudo chmod a+x "${ironic_client}"
+sudo ln -sf "$PWD/${ironic_client}" "/usr/local/bin/baremetal"

Support/Multitenancy/Multiple-Ironic-conductors/create_nodes.py

@@ -20,7 +20,7 @@ def query_k8s_obj(namespace, obj_type, obj_name):
 def create_node(node):
     uuid = node["uuid"]
     name = node["name"]
-    namespace = "metal3"
+    namespace = "default"
     port = 8001 + ((int(name.strip("test")) - 1) % N_SUSHY_CONTAINERS)
     random_mac = node["nics"][0]["mac"]
     manifest = f"""---
@@ -45,7 +45,7 @@ def create_node(node):
 spec:
   online: true
   bmc:
-    address: redfish+http://host.minikube.internal:{port}/redfish/v1/Systems/{uuid}
+    address: redfish+http://192.168.222.1:{port}/redfish/v1/Systems/{uuid}
     credentialsName: {name}-bmc-secret
   bootMACAddress: {random_mac}
   bootMode: legacy
@@ -58,7 +58,10 @@ def create_node(node):
             ["kubectl", "apply", "-f", manifest_file],
             stdout=subprocess.DEVNULL,
             stderr=subprocess.DEVNULL)
-    time.sleep(5)
+
+def wait_node(node):
+    name = node["name"]
+    namespace = "default"
     while True:
         status = query_k8s_obj(namespace, "bmh", name)
         if status == {}:

Support/Multitenancy/Multiple-Ironic-conductors/dev-clean.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+
+REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/..
+cd "${REPO_ROOT}" || exit 1
+
+NUM_BMH=${NUM_BMH:-"5"}
+
+minikube delete
+docker rm -f vbmc
+docker rm -f image-server-e2e
+docker rm -f sushy-tools
+
+for ((i=0; i<NUM_BMH; i++))
+do
+  virsh -c qemu:///system destroy --domain "bmo-e2e-${i}"
+  virsh -c qemu:///system undefine --domain "bmo-e2e-${i}" --remove-all-storage
+done
+
+virsh -c qemu:///system net-destroy baremetal-e2e
+virsh -c qemu:///system net-undefine baremetal-e2e
+
+# rm -rfv "${REPO_ROOT}/Metal3/images"

Support/Multitenancy/Multiple-Ironic-conductors/dev-setup.sh

@@ -0,0 +1,57 @@
+#!/usr/bin/env bash
+
+set -eux
+
+REPO_ROOT=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
+cd "${REPO_ROOT}" || exit 1
+
+# Set up minikube
+minikube start --driver=kvm2
+
+virsh -c qemu:///system net-define "${REPO_ROOT}/nets/baremetal.xml"
+virsh -c qemu:///system net-start baremetal
+# Attach baremetal-e2e interface to minikube with specific mac.
+# This will give minikube a known reserved IP address that we can use for Ironic
+virsh -c qemu:///system attach-interface --domain minikube --mac="52:54:00:6c:3c:01" \
+  --model virtio --source baremetal --type network --config
+
+# Restart minikube to apply the changes
+minikube stop
+minikube start
+
+# Image server variables
+IMAGE_DIR="${REPO_ROOT}/Metal3/images"
+
+## Run the image server
+# mkdir -p "${IMAGE_DIR}"
+# docker run --name image-server -d \
+#   -p 80:8080 \
+#   -v "${IMAGE_DIR}:/usr/share/nginx/html" nginxinc/nginx-unprivileged
+
+kubectl create namespace baremetal-operator-system
+
+export IRONIC_USERNAME="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 12 | head -n 1)"
+export IRONIC_PASSWORD="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 12 | head -n 1)"
+export IRONIC_INSPECTOR_USERNAME="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 12 | head -n 1)"
+export IRONIC_INSPECTOR_PASSWORD="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 12 | head -n 1)"
+
+BMO_OVERLAY=${REPO_ROOT}/bmo-config
+IRONIC_OVERLAY=${REPO_ROOT}/ironic
+
+echo "${IRONIC_USERNAME}" > "${BMO_OVERLAY}/ironic-username"
+echo "${IRONIC_PASSWORD}" > "${BMO_OVERLAY}/ironic-password"
+echo "${IRONIC_INSPECTOR_USERNAME}" > "${BMO_OVERLAY}/ironic-inspector-username"
+echo "${IRONIC_INSPECTOR_PASSWORD}" > "${BMO_OVERLAY}/ironic-inspector-password"
+
+curl -O https://raw.githubusercontent.com/metal3-io/baremetal-operator/main/ironic-deployment/components/basic-auth/ironic-auth-config-tpl
+curl -O https://raw.githubusercontent.com/metal3-io/baremetal-operator/main/ironic-deployment/components/basic-auth/ironic-inspector-auth-config-tpl
+
+envsubst < "${REPO_ROOT}/ironic-auth-config-tpl" > \
+  "${IRONIC_OVERLAY}/ironic-auth-config"
+envsubst < "${REPO_ROOT}/ironic-inspector-auth-config-tpl" > \
+  "${IRONIC_OVERLAY}/ironic-inspector-auth-config"
+
+echo "IRONIC_HTPASSWD=$(htpasswd -n -b -B "${IRONIC_USERNAME}" "${IRONIC_PASSWORD}")" > \
+  "${IRONIC_OVERLAY}/ironic-htpasswd"
+echo "INSPECTOR_HTPASSWD=$(htpasswd -n -b -B "${IRONIC_INSPECTOR_USERNAME}" \
+  "${IRONIC_INSPECTOR_PASSWORD}")" > "${IRONIC_OVERLAY}/ironic-inspector-htpasswd"

Support/Multitenancy/Multiple-Ironic-conductors/generate_unique_nodes.sh

@@ -32,7 +32,7 @@ for i in $(seq 1 "${N_NODES:-100}"); do
       "name": $node_name,
       "power_state": "Off",
       "nics": [
-	{"mac": $macaddr, "ip": "172.0.0.100"}
+	{"mac": $macaddr, "ip": "192.168.0.100"}
       ]
     }' nodes_template.json > node.json
 

Support/Multitenancy/Multiple-Ironic-conductors/handle-images.sh

@@ -15,11 +15,11 @@ REGISTRY_PORT="5000"
 # Pull images, tag to local registry, and push to registry
 for NAME in "${IMAGE_NAMES[@]}"; do
     # Pull and tag the image
-    podman pull "$NAME"
+    docker pull "$NAME"
     LOCAL_IMAGE_NAME="127.0.0.1:${REGISTRY_PORT}/localimages/${NAME##*/}"
-    podman tag "$NAME" "${LOCAL_IMAGE_NAME}"
+    docker tag "$NAME" "${LOCAL_IMAGE_NAME}"
     # Push the image to the local registry
-    podman push --tls-verify=false "${LOCAL_IMAGE_NAME}"
+    docker push "${LOCAL_IMAGE_NAME}"
     minikube image load "${LOCAL_IMAGE_NAME}"
 done
 
@@ -28,7 +28,7 @@ sudo "$__dir__/ironic_tls_setup.sh"
 
 IRONIC_IMAGE="127.0.0.1:5000/localimages/ironic:latest"
 # Run httpd container
-podman run -d --net host --name httpd-infra \
+docker run -d --net host --name httpd-infra \
     --pod infra-pod \
     -v "${__dir__}/opt/metal3-dev-env/ironic":/shared \
     -e PROVISIONING_INTERFACE=provisioning \