Step: openstack-provision-machinesubnet

This step creates the necessary resources for user-provided custom subnet when $CONFIG_TYPE is byon. It creates a network named "${CLUSTER_NAME}-network". Then it adds to it a subnet named "${CLUSTER_NAME}-subnet" and creates a router named "${CLUSTER_NAME}-router". It attaches the router to the subnet of the $OPENSTACK_EXTERNAL_NETWORK. Finally, it writes their UIDS to ${SHARED_DIR}.

Container image used for this step: openstack-installer

openstack-installer resolves to an image built or imported by the ci-operator configuration (documentation).

Environment

In addition to the default environment, the step exposes the following:

Variable Name Type Variable Content
OS_CLOUD Parameter[?] Name of cloud to use from ${SHARED_DIR}/clouds.yaml file (default: openstack)
SUBNET_RANGE Parameter[?] (default: 172.16.0.0/24)
DNS_IP Parameter[?] (default: 1.1.1.1)
API_VIP Parameter[?] (default: 172.16.0.5)
INGRESS_VIP Parameter[?] (default: 172.16.0.7)
ALLOCATION_POOL_START Parameter[?] (default: 172.16.0.10)
ALLOCATION_POOL_END Parameter[?] (default: 172.16.0.254)
BASTION_SUBNET_RANGE Parameter[?] (default: 10.0.0.0/16)
OPENSTACK_EXTERNAL_NETWORK Parameter[?] Name of the OpenStack public-facing network. Defaults to the value in "${SHARED_DIR}/OPENSTACK_EXTERNAL_NETWORK"
OPENSTACK_PROVIDER_NETWORK Parameter[?] Name of the OpenStack provider network if any.
CONFIG_TYPE Parameter[?] The type of config for the environment to deploy. * 'minimal' - Configure the install-config with the minimal options to make it work on our tests, which requires the usage of floating IPs. This config type doesn't require a proxy server to be deployed. * 'byon' - Configure the install-config to use a pre-created network (BYON) so it wouln't require the usage of floating IPs. This config type will require a proxy server to be deployed. * 'proxy' - Configure the install-config to use a pre-created restricted network (BYON) and a Cluster Proxy.
ZONES_COUNT Parameter[?] The number of AZs to present in the cluster. Accepted values are 0 and 1. (default: 0)

Source Code

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
#!/usr/bin/env bash

# This script will create a network, subnet, router, then plug the subnet into that network
# and connect the router to the external networ.
# The resources UUIDs are written in SHARED_DIR.

set -o nounset
set -o errexit
set -o pipefail

case "$CONFIG_TYPE" in
  byon|proxy)
    ;;
  *)
    echo "Skipping step due to CONFIG_TYPE not being byon or proxy."
    exit 0
    ;;
esac

export OS_CLIENT_CONFIG_FILE="${SHARED_DIR}/clouds.yaml"
CLUSTER_NAME=$(<"${SHARED_DIR}"/CLUSTER_NAME)
OPENSTACK_EXTERNAL_NETWORK="${OPENSTACK_EXTERNAL_NETWORK:-$(<"${SHARED_DIR}/OPENSTACK_EXTERNAL_NETWORK")}"
ZONES=$(<"${SHARED_DIR}"/ZONES)

mapfile -t ZONES < <(printf ${ZONES}) >/dev/null
MAX_ZONES_COUNT=${#ZONES[@]}

# For now, we only support the deployment of OCP into specific availability zones when pre-configuring
# the network (BYON), for known limitations that will be addressed in the future.
case "$CONFIG_TYPE" in
  byon|proxy)
    ;;
  *)
    if [[ "$ZONES_COUNT" != "0" ]]; then
      echo "ZONES_COUNT was set to '${ZONES_COUNT}', although CONFIG_TYPE was not set to 'byon' or 'proxy'."
      exit 1
    fi
    echo "Skipping step due to CONFIG_TYPE not being byon or proxy."
    exit 0
    ;;
esac

if [[ ${ZONES_COUNT} -gt ${MAX_ZONES_COUNT} ]]; then
  echo "Too many zones were requested: ${ZONES_COUNT}; only ${MAX_ZONES_COUNT} are available: ${ZONES[*]}"
  exit 1
fi

if [[ "${ZONES_COUNT}" == "0" ]]; then
  ZONES_ARGS=""
elif [[ "${ZONES_COUNT}" == "1" ]]; then
  for ((i=0; i<${MAX_ZONES_COUNT}; ++i )) ; do
    ZONES_ARGS+="--availability-zone-hint ${ZONES[$i]} "
  done
else
  # For now, we only support a cluster within a single AZ.
  # This will change in the future.
  echo "Wrong ZONE_COUNT, can only be 0 or 1, got ${ZONES_COUNT}"
  exit 1
fi

BASTION_ROUTER_ID="$(openstack router create --format value --column id ${ZONES_ARGS} "${CLUSTER_NAME}-${CONFIG_TYPE}-router")"
echo "Created bastion router: ${BASTION_ROUTER_ID}"
echo ${BASTION_ROUTER_ID}>${SHARED_DIR}/BASTION_ROUTER_ID
openstack router set ${BASTION_ROUTER_ID} --external-gateway ${OPENSTACK_EXTERNAL_NETWORK} >/dev/null
echo "Connected bastion router ${BASTION_ROUTER_ID} to external network: ${OPENSTACK_EXTERNAL_NETWORK}"

if [[ ${OPENSTACK_PROVIDER_NETWORK} != "" ]]; then
  if ! openstack network show ${OPENSTACK_PROVIDER_NETWORK} >/dev/null; then
      echo "ERROR: Provider network not found: ${OPENSTACK_PROVIDER_NETWORK}"
      exit 1
  fi
  echo "Provider network detected: ${OPENSTACK_PROVIDER_NETWORK}"
  MACHINES_NET_ID=$(openstack network show -c id -f value "${OPENSTACK_PROVIDER_NETWORK}")
  echo "Provider network ID: ${MACHINES_NET_ID}"
  echo ${MACHINES_NET_ID}>${SHARED_DIR}/MACHINES_NET_ID
  # We assume that a provider network has one subnet attached
  MACHINES_SUBNET_ID=$(openstack network show -c subnets -f value ${OPENSTACK_PROVIDER_NETWORK} | grep -P -o '[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89aAbB][a-f0-9]{3}-[a-f0-9]{12}')
  echo "Provider subnet ID: ${MACHINES_SUBNET_ID}"
  echo ${MACHINES_SUBNET_ID}>${SHARED_DIR}/MACHINES_SUBNET_ID
  SUBNET_RANGE=$(openstack subnet show -c cidr -f value ${MACHINES_SUBNET_ID})
  echo "Provider subnet range: ${SUBNET_RANGE}"
  echo ${SUBNET_RANGE}>${SHARED_DIR}/MACHINES_SUBNET_RANGE

  API_VIP=$(openstack port create --network ${OPENSTACK_PROVIDER_NETWORK} ${CLUSTER_NAME}-${CONFIG_TYPE}-api -c fixed_ips -f value | grep -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)")
  INGRESS_VIP=$(openstack port create --network ${OPENSTACK_PROVIDER_NETWORK} ${CLUSTER_NAME}-${CONFIG_TYPE}-ingress -c fixed_ips -f value | grep -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)")
  echo "API VIP will be ${API_VIP} and Ingress VIP will be ${INGRESS_VIP}"
  echo "These ports should be deleted by openstack-conf-generateconfig-commands.sh"
else
  MACHINES_NET_ID="$(openstack network create --format value --column id \
    "${CLUSTER_NAME}-${CONFIG_TYPE}-machines-network" --description "Machines network for ${CLUSTER_NAME}-${CONFIG_TYPE}")"
  echo "Created network for OpenShift machines: ${MACHINES_NET_ID}"
  echo ${MACHINES_NET_ID}>${SHARED_DIR}/MACHINES_NET_ID

  subnet_params=" --network ${MACHINES_NET_ID} --subnet-range ${SUBNET_RANGE} \
    --allocation-pool start=${ALLOCATION_POOL_START},end=${ALLOCATION_POOL_END}"
  if [[ "${CONFIG_TYPE}" == "byon" ]]; then
    subnet_params+=" --dns-nameserver ${DNS_IP}"
  fi

  MACHINES_SUBNET_ID="$(openstack subnet create "${CLUSTER_NAME}-${CONFIG_TYPE}-machines-subnet" $subnet_params \
    --description "Machines subnet for ${CLUSTER_NAME}-${CONFIG_TYPE}" \
    --format value --column id)"
  echo "Created subnet for OpenShift machines: ${MACHINES_SUBNET_ID}"
  echo ${MACHINES_SUBNET_ID}>${SHARED_DIR}/MACHINES_SUBNET_ID
  echo ${SUBNET_RANGE}>${SHARED_DIR}/MACHINES_SUBNET_RANGE

  if [[ "${CONFIG_TYPE}" == "byon" ]]; then
    openstack router add subnet ${BASTION_ROUTER_ID} ${MACHINES_SUBNET_ID} >/dev/null
    echo "Added machines subnet ${MACHINES_SUBNET_ID} to router: ${BASTION_ROUTER_ID}"
  fi

fi

if [[ "${CONFIG_TYPE}" == "proxy" || ${OPENSTACK_PROVIDER_NETWORK} != "" ]]; then
  BASTION_NET_ID="$(openstack network create --format value --column id \
    --description "Bastion network for ${CLUSTER_NAME}-${CONFIG_TYPE}" \
    "${CLUSTER_NAME}-${CONFIG_TYPE}-bastion-network")"
  echo "Created bastion network: ${BASTION_NET_ID}"
  echo $BASTION_NET_ID>${SHARED_DIR}/BASTION_NET_ID

  BASTION_SUBNET_ID="$(openstack subnet create "${CLUSTER_NAME}-${CONFIG_TYPE}-bastion-subnet" \
      --description "Bastion subnet for ${CLUSTER_NAME}-${CONFIG_TYPE}" \
      --network ${BASTION_NET_ID} \
      --subnet-range ${BASTION_SUBNET_RANGE} \
      --dns-nameserver ${DNS_IP} \
      --format value --column id)"
  echo "Created bastion subnet: ${BASTION_SUBNET_ID}"
  echo ${BASTION_SUBNET_ID}>${SHARED_DIR}/BASTION_SUBNET_ID

  openstack router add subnet ${BASTION_ROUTER_ID} ${BASTION_SUBNET_ID} >/dev/null
  echo "Added bastion subnet ${BASTION_SUBNET_ID} to router: ${BASTION_ROUTER_ID}"
fi

echo ${API_VIP}>${SHARED_DIR}/API_IP
echo ${INGRESS_VIP}>${SHARED_DIR}/INGRESS_IP

Properties

Property Value Description
Resource requests (cpu) 10m Used in .resources.requests of the pod running this step.
Resource requests (memory) 100Mi Used in .resources.requests of the pod running this step.

GitHub Link:

https://github.com/openshift/release/blob/master/ci-operator/step-registry/openstack/provision/machinesubnet/openstack-provision-machinesubnet-ref.yaml

Owners:

Approvers:

Reviewers:

Source code for this page located on GitHub