Step: openstack-deprovision-bastionproxy

This step deletes the bastion proxy.

Container image used for this step: openstack-installer

openstack-installer resolves to an image built or imported by the ci-operator configuration (documentation).

Environment

In addition to the default environment, the step exposes the following:

Variable Name Type Variable Content
OS_CLOUD Parameter[?] Name of cloud to use from ${SHARED_DIR}/clouds.yaml file (default: openstack)
BASTION_USER Parameter[?] The user of the bastion machine (default: centos)
CONFIG_TYPE Parameter[?] The type of config for the environment to deploy. * 'minimal' - Configure the install-config with the minimal options to make it work on our tests, which requires the usage of floating IPs. This config type doesn't require a proxy server to be deployed. * 'byon' - Configure the install-config to use a pre-created network (BYON) so it wouln't require the usage of floating IPs. This config type will require a proxy server to be deployed. * 'proxy' - Configure the install-config to use a pre-created restricted network (BYON) and a Cluster Proxy.

Source Code

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#!/usr/bin/env bash

set -o nounset
set -o errexit
set -o pipefail

case "$CONFIG_TYPE" in
  byon|proxy)
    ;;
  *)
    echo "Skipping step due to CONFIG_TYPE not being byon or proxy."
    exit 0
    ;;
esac

export OS_CLIENT_CONFIG_FILE=${SHARED_DIR}/clouds.yaml
CLUSTER_NAME=$(<"${SHARED_DIR}"/CLUSTER_NAME)

if [[ -f "${SHARED_DIR}/squid-credentials.txt" ]]; then
    echo "Proxy is permanent, nothing to cleanup"
    exit 0
fi

>&2 echo "Starting the server cleanup for cluster '$CLUSTER_NAME'"

if [[ -f ${SHARED_DIR}"/BASTION_FIP" ]]; then 
  BASTION_FIP=$(<"${SHARED_DIR}"/BASTION_FIP)

  # configure the local container environment to have the correct SSH configuration
  if ! whoami &> /dev/null; then
      if [[ -w /etc/passwd ]]; then
          echo "${BASTION_USER}:x:$(id -u):0:${BASTION_USER:-centos} user:${HOME}:/sbin/nologin" >> /etc/passwd
      fi
  fi
  # shellcheck disable=SC2140
  SSH_ARGS="-o ConnectTimeout=10 -o "StrictHostKeyChecking=no" -i ${CLUSTER_PROFILE_DIR}/ssh-privatekey"
  SSH_CMD="ssh ${SSH_ARGS} ${BASTION_USER}@${BASTION_FIP}"
  SCP_CMD="scp ${SSH_ARGS}"
  
  >&2 echo "Collecting squid logs from 'bastionproxy-$CLUSTER_NAME'"
  $SSH_CMD bash - <<EOF
  mkdir -p /tmp/squid-logs
  sudo cp /var/log/squid/access.log /tmp/squid-logs || true
  sudo cp /var/log/squid/cache.log /tmp/squid-logs || true
  sudo chown -R ${BASTION_USER}: /tmp/squid-logs || true
  tar -czC "/tmp" -f "/tmp/squid-logs.tar.gz" squid-logs/
EOF
  $SCP_CMD ${BASTION_USER}@${BASTION_FIP}:/tmp/squid-logs.tar.gz ${ARTIFACT_DIR}

  openstack floating ip delete ${BASTION_FIP} || >&2 echo "Failed to delete floating IP ${BASTION_FIP}"
fi

openstack server delete --wait "bastionproxy-${CLUSTER_NAME}-${CONFIG_TYPE}" || >&2 echo "Failed to delete server bastionproxy-${CLUSTER_NAME}-${CONFIG_TYPE}"
openstack security group delete "bastionproxy-${CLUSTER_NAME}-${CONFIG_TYPE}" || >&2 echo "Failed to delete security group bastionproxy-${CLUSTER_NAME}-${CONFIG_TYPE}"
openstack keypair delete "bastionproxy-${CLUSTER_NAME}-${CONFIG_TYPE}" || >&2 echo "Failed to delete keypair bastionproxy-${CLUSTER_NAME}-${CONFIG_TYPE}"
>&2 echo 'Cleanup done.'

Properties

Property Value Description
Resource requests (cpu) 10m Used in .resources.requests of the pod running this step.
Resource requests (memory) 100Mi Used in .resources.requests of the pod running this step.

GitHub Link:

https://github.com/openshift/release/blob/master/ci-operator/step-registry/openstack/deprovision/bastionproxy/openstack-deprovision-bastionproxy-ref.yaml

Owners:

Approvers:

Reviewers:

Source code for this page located on GitHub