Step: workers-rhel-repos

The post-installation repos step configures repos and host settings for new RHEL instances.

Container image used for this step: ansible

ansible resolves to an image built or imported by the ci-operator configuration (documentation).

Environment

In addition to the default environment, the step exposes the following:

Variable Name Type Variable Content
PLATFORM_VERSION Parameter[?]

Source Code

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
#!/bin/bash

set -o nounset
set -o errexit
set -o pipefail
set -x

export KUBECONFIG=${SHARED_DIR}/kubeconfig
export OPS_MIRROR_KEY=${CLUSTER_PROFILE_DIR}/ops-mirror.pem

echo "PLATFORM_VERSION: '${PLATFORM_VERSION}'"

# Ensure our UID, which is randomly generated, is in /etc/passwd. This is required
# to be able to SSH.
if ! whoami &> /dev/null; then
    if [[ -w /etc/passwd ]]; then
        echo "${USER_NAME:-default}:x:$(id -u):0:${USER_NAME:-default} user:${HOME}:/sbin/nologin" >> /etc/passwd
    else
        echo "/etc/passwd is not writeable, and user matching this uid is not found."
        exit 1
    fi
fi

# Install an updated version of the client
mkdir -p /tmp/client
curl https://mirror.openshift.com/pub/openshift-v4/clients/oc/latest/linux/oc.tar.gz | tar --directory=/tmp/client -xzf -
PATH=/tmp/client:$PATH
oc version --client

cat > prep.yaml <<-'EOF'
---
- name: Prep Playbook
  hosts: new_workers
  any_errors_fatal: true
  gather_facts: false

  vars:
    kubeconfig_path: "{{ lookup('env', 'KUBECONFIG') }}"
    ops_mirror_path: "{{ lookup('env', 'OPS_MIRROR_KEY') }}"
    platform_version: "{{ lookup('env', 'PLATFORM_VERSION') }}"
    major_platform_version: "{{ platform_version[:1] }}"

  tasks:
  - name: Get cluster version
    command: >
      oc get clusterversion
      --kubeconfig={{ kubeconfig_path }}
      --output=jsonpath='{.items[0].status.desired.version}'
    delegate_to: localhost
    register: oc_get
    until:
    - oc_get.stdout != ''

  - name: Set release_version to cluster version
    set_fact:
      release_version: "{{ oc_get.stdout | regex_search('^\\d+\\.\\d+') }}"

  - name: Wait for host connection to ensure SSH has started
    wait_for_connection:
      timeout: 600

  - name: Copy Atomic OpenShift yum repository certificate and key
    copy:
      src: "{{ ops_mirror_path }}"
      dest: /var/lib/yum/

  - name: Create rhel-X-server-ose-rpms repo file
    template:
      src: "rhel-{{ major_platform_version }}-server-ose-devel-rpms.repo.j2"
      dest: "/etc/yum.repos.d/rhel-{{ major_platform_version }}-server-ose-rpms.repo"

  - name: Create rhel-X-server-rpms repo file
    copy:
      src: "rhel-{{ major_platform_version }}-server-rpms.repo"
      dest: /etc/yum.repos.d/
EOF

cat > rhel-7-server-ose-devel-rpms.repo.j2 <<-'EOF'
[rhel-7-server-ose-{{ release_version }}-devel-rpms]
name = A repository of dependencies for Atomic OpenShift {{ release_version }}
baseurl = https://mirror.openshift.com/enterprise/reposync/{{ release_version }}/rhel-server-ose-rpms/
failovermethod = priority
gpgcheck = 0
sslclientcert = /var/lib/yum/ops-mirror.pem
sslclientkey = /var/lib/yum/ops-mirror.pem
sslverify = 0
enabled = 1
EOF

cat > rhel-7-server-rpms.repo <<-'EOF'
[rhel-7-server-rpms]
name = Red Hat Enterprise Linux 7 Server (RPMs)
baseurl = https://mirror.openshift.com/enterprise/reposync/ci-deps/rhel-server-rpms/
failovermethod = priority
gpgcheck = 0
sslclientcert = /var/lib/yum/ops-mirror.pem
sslclientkey = /var/lib/yum/ops-mirror.pem
sslverify = 0
enabled = 1

[rhel-7-server-optional-rpms]
name = Red Hat Enterprise Linux 7 Server - Optional (RPMs)
baseurl = https://mirror.openshift.com/enterprise/reposync/ci-deps/rhel-server-optional-rpms/
failovermethod = priority
gpgcheck = 0
sslclientcert = /var/lib/yum/ops-mirror.pem
sslclientkey = /var/lib/yum/ops-mirror.pem
sslverify = 0
enabled = 1

[rhel-7-server-extras-rpms]
name = Red Hat Enterprise Linux 7 Server - Extras (RPMs)
baseurl = https://mirror.openshift.com/enterprise/reposync/ci-deps/rhel-server-extras-rpms/
failovermethod = priority
gpgcheck = 0
sslclientcert = /var/lib/yum/ops-mirror.pem
sslclientkey = /var/lib/yum/ops-mirror.pem
sslverify = 0
enabled = 1

[rhel-7-fast-datapath-rpms]
name = Red Hat Enterprise Linux 7 Server - Fast Datapath (RPMs)
baseurl = https://mirror.openshift.com/enterprise/reposync/ci-deps/rhel-fast-datapath-rpms/
failovermethod = priority
gpgcheck = 0
sslclientcert = /var/lib/yum/ops-mirror.pem
sslclientkey = /var/lib/yum/ops-mirror.pem
sslverify = 0
enabled = 1
EOF

cat > rhel-8-server-ose-devel-rpms.repo.j2 <<-'EOF'
[rhel-8-server-ose-{{ release_version }}-devel-rpms]
name = A repository of dependencies for OpenShift Container Platform {{ release_version }}
baseurl = https://mirror.openshift.com/enterprise/reposync/{{ release_version }}/rhel-8-server-ose-rpms/
failovermethod = priority
gpgcheck = 0
sslclientcert = /var/lib/yum/ops-mirror.pem
sslclientkey = /var/lib/yum/ops-mirror.pem
sslverify = 0
enabled = 1
module_hotfixes = 1

[rhel-8-fast-datapath-{{ release_version }}-devel-rpms]
name = A repository of dependencies for OpenShift Container Platform {{ release_version }}
baseurl = https://mirror.openshift.com/enterprise/reposync/{{ release_version }}/rhel-8-fast-datapath-rpms/
failovermethod = priority
gpgcheck = 0
sslclientcert = /var/lib/yum/ops-mirror.pem
sslclientkey = /var/lib/yum/ops-mirror.pem
sslverify = 0
enabled = 1
module_hotfixes = 1
EOF

cat > rhel-8-server-rpms.repo <<-'EOF'
[rhel-8-for-x86_64-baseos-rpms]
name = Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)
baseurl = https://mirror.openshift.com/enterprise/reposync/ci-deps/rhel-8-baseos-rpms/
gpgcheck = 0
sslclientcert = /var/lib/yum/ops-mirror.pem
sslclientkey = /var/lib/yum/ops-mirror.pem
sslverify = 0
enabled = 1
metadata_expire = 86400
enabled_metadata = 1
module_hotfixes = 1

[rhel-8-for-x86_64-appstream-rpms]
name = Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)
baseurl = https://mirror.openshift.com/enterprise/reposync/ci-deps/rhel-8-appstream-rpms/
gpgcheck = 0
sslclientcert = /var/lib/yum/ops-mirror.pem
sslclientkey = /var/lib/yum/ops-mirror.pem
sslverify = 0
enabled = 1
metadata_expire = 86400
enabled_metadata = 1
module_hotfixes = 1
EOF

ansible-inventory -i "${SHARED_DIR}/ansible-hosts" --list --yaml
ansible-playbook -i "${SHARED_DIR}/ansible-hosts" prep.yaml -vvv

Properties

Property Value Description
Resource requests (cpu) 100m Used in .resources.requests of the pod running this step.
Resource requests (memory) 200Mi Used in .resources.requests of the pod running this step.

GitHub Link:

https://github.com/openshift/release/blob/master/ci-operator/step-registry/workers-rhel/repos/workers-rhel-repos-ref.yaml

Owners:

Approvers:

Source code for this page located on GitHub