From 31fddc7bdfe76397b377bc6b15b896c6bd7df754 Mon Sep 17 00:00:00 2001 From: Carlos Camacho Date: Wed, 10 Mar 2021 08:58:33 +0100 Subject: [PATCH 1/2] feat: render detach script in the external interface host This commit renders the detach script in the host that needs to have external access to the service guest. --- .../tasks/00_ovn_post_setup.yml | 15 ---- .../kubeinit_libvirt/tasks/00_prepare.yml | 88 +++++++++++++++---- .../roles/kubeinit_libvirt/tasks/main.yml | 14 --- .../templates/{enslaver.sh => detach.sh.j2} | 8 +- 4 files changed, 77 insertions(+), 48 deletions(-) rename kubeinit/roles/kubeinit_libvirt/templates/{enslaver.sh => detach.sh.j2} (94%) diff --git a/kubeinit/roles/kubeinit_libvirt/tasks/00_ovn_post_setup.yml b/kubeinit/roles/kubeinit_libvirt/tasks/00_ovn_post_setup.yml index 53246cf9a..6c1e32d1e 100644 --- a/kubeinit/roles/kubeinit_libvirt/tasks/00_ovn_post_setup.yml +++ b/kubeinit/roles/kubeinit_libvirt/tasks/00_ovn_post_setup.yml @@ -214,21 +214,6 @@ when: > groups['hypervisor_nodes'][0] in kubeinit_deployment_node_name - # - name: Create the detach interface script - # ansible.builtin.template: - # src: "../../roles/kubeinit_libvirt/templates/detach.sh" - # dest: "~/detach.sh" - # mode: "0755" - # when: > - # groups['hypervisor_nodes'][0] in kubeinit_deployment_node_name - # - # - name: Detach the phisical network interface and attach it to the OVN external bridge - # ansible.builtin.command: ~/detach.sh - # async: 45 - # poll: 0 - # when: > - # groups['hypervisor_nodes'][0] in kubeinit_deployment_node_name - delegate_to: "{{ kubeinit_deployment_node_name }}" tags: - provision_libvirt diff --git a/kubeinit/roles/kubeinit_libvirt/tasks/00_prepare.yml b/kubeinit/roles/kubeinit_libvirt/tasks/00_prepare.yml index 6ed06080d..e9a960ad3 100644 --- a/kubeinit/roles/kubeinit_libvirt/tasks/00_prepare.yml +++ b/kubeinit/roles/kubeinit_libvirt/tasks/00_prepare.yml @@ -17,8 +17,21 @@ ## ## Hypervisor installing dependencies and rebooting. ## -- name: Set up an Hypervisors +- name: Prepare the environment block: + - name: Set fact for enabling OVN + ansible.builtin.set_fact: + kubeinit_libvirt_ovn_enabled: "{{ True if (groups['hypervisor_nodes'] | length > 1) else False }}" + + - name: Experimental warning + ansible.builtin.debug: + msg: + - '|-------------------------------------------------------|' + - '| Deploying in multiple hosts is experimental, parts of |' + - '| the deployment might be broken or some distributions |' + - '| might not work as expected. |' + - '|-------------------------------------------------------|' + when: kubeinit_libvirt_ovn_enabled - name: "check if the external bridge is created when using the external interface" ansible.builtin.shell: | @@ -30,23 +43,65 @@ (hostvars[ groups['all'] | map('regex_search','^.*service.*$') | select('string') | list | first ].target in kubeinit_deployment_node_name) and kubeinit_libvirt_external_service_interface_enabled + - name: Create the detach interface script + ansible.builtin.template: + src: "../../roles/kubeinit_libvirt/templates/detach.sh.j2" + dest: "~/detach.sh" + mode: "0755" + when: > + (hostvars[ groups['all'] | map('regex_search','^.*service.*$') | select('string') | list | first ].target in kubeinit_deployment_node_name) and + kubeinit_libvirt_external_service_interface_enabled and + bridge_status.rc != 0 + + # + # The next two tasks are dangerous so for now we leave them commented for now + # + + # - name: Detach the physical network interface and attach it to the external bridge (OVN) + # ansible.builtin.command: ~/detach.sh YesImReallySure OVN + # async: 45 + # poll: 0 + # when: > + # (hostvars[ groups['all'] | map('regex_search','^.*service.*$') | select('string') | list | first ].target in kubeinit_deployment_node_name) and + # kubeinit_libvirt_external_service_interface_enabled and + # kubeinit_libvirt_ovn_enabled and + # bridge_status.rc != 0 + + # - name: Detach the physical network interface and attach it to the external bridge (Linux bridge) + # ansible.builtin.command: ~/detach.sh YesImReallySure + # async: 45 + # poll: 0 + # when: > + # (hostvars[ groups['all'] | map('regex_search','^.*service.*$') | select('string') | list | first ].target in kubeinit_deployment_node_name) and + # kubeinit_libvirt_external_service_interface_enabled and + # not kubeinit_libvirt_ovn_enabled and + # bridge_status.rc != 0 + + - name: Message before fail (external bridge not found) + ansible.builtin.debug: + msg: + - "The bridge {{ kubeinit_libvirt_external_service_interface.attached }} to provide external connectivity is not created." + - "This is a requirement that needs to be addressed before running the playbook." + - "You must create {{ kubeinit_libvirt_external_service_interface.attached }} in {{ hostvars[ groups['all'] | map('regex_search','^.*service.*$') | select('string') | list | first ].target }} before continue." + - "It is created a script called ~/detach.sh in the hypervisor where the" + - "service node will be deployed. This script will help to detach the physical" + - "interface without breaking the network connectivity of the host." + - "" + - "**********************************************************************" + - "* WARNING: Make sure that if you use OVN (multiple hypervisors), you *" + - "* create an OVS bridge, and if you use libvirt (single hypervisor) *" + - "* then use a Linux bridge. *" + - "* Refer to: http://docs.kubeinit.com/usage.html#external-interface *" + - "* for further details. *" + - "**********************************************************************" + when: | + (hostvars[ groups['all'] | map('regex_search','^.*service.*$') | select('string') | list | first ].target in kubeinit_deployment_node_name) and + kubeinit_libvirt_external_service_interface_enabled and + bridge_status.rc != 0 + - name: Fail if the external bridge is not created when using the external interface ansible.builtin.fail: - msg: - - "The bridge {{ kubeinit_libvirt_external_service_interface.attached }} to provide external" - - "connectivity is not created. This is a requirement that needs to be" - - "created before running the playbook." - - "You must create {{ kubeinit_libvirt_external_service_interface.attached }} in" - - "{{ hostvars[ groups['all'] | map('regex_search','^.*service.*$') | select('string') | list | first ].target }}" - - "before continue." - - "Run `nmcli con show` and check it is created correctly." - - "********************************************************************" - - "* WARNING: Make sure that if you use OVN, you *" - - "* create an OVS bridge, and if you use libvirt then, *" - - "* a Linux bridge. *" - - "* Refer to: http://docs.kubeinit.com/usage.html#external-interface *" - - "* for further details. *" - - "********************************************************************" + msg: "Bridge {{ kubeinit_libvirt_external_service_interface.attached }} required in {{ hostvars[ groups['all'] | map('regex_search','^.*service.*$') | select('string') | list | first ].target }} but not found" when: | (hostvars[ groups['all'] | map('regex_search','^.*service.*$') | select('string') | list | first ].target in kubeinit_deployment_node_name) and kubeinit_libvirt_external_service_interface_enabled and @@ -66,6 +121,7 @@ - "file system between CentOS 7 and CentOS 8." - "Xfs file system in CentOS 8 uses reflink and sparse files," - "but CentOS 7 kernel does not understand them and refuses to mount it." + - "This means that CentOS 8 guests won't work with CentOS 8 hosts." when: (ansible_distribution == 'CentOS' and ansible_distribution_major_version == "7") # In this case the node will be an hypervisor diff --git a/kubeinit/roles/kubeinit_libvirt/tasks/main.yml b/kubeinit/roles/kubeinit_libvirt/tasks/main.yml index 4be8b6a56..d26943511 100644 --- a/kubeinit/roles/kubeinit_libvirt/tasks/main.yml +++ b/kubeinit/roles/kubeinit_libvirt/tasks/main.yml @@ -19,20 +19,6 @@ ## - name: Set up an Hypervisors block: - - name: Set fact for enabling OVN - ansible.builtin.set_fact: - kubeinit_libvirt_ovn_enabled: "{{ True if (groups['hypervisor_nodes'] | length > 1) else False }}" - - - name: Experimental warning - ansible.builtin.debug: - msg: - - '|-------------------------------------------------------|' - - '| Deploying in multiple hosts is experimental, parts of |' - - '| the deployment might be broken or some distributions |' - - '| might not work as expected. |' - - '|-------------------------------------------------------|' - when: kubeinit_libvirt_ovn_enabled - - name: Check if Intel virtualization is supported ansible.builtin.shell: | set -e diff --git a/kubeinit/roles/kubeinit_libvirt/templates/enslaver.sh b/kubeinit/roles/kubeinit_libvirt/templates/detach.sh.j2 similarity index 94% rename from kubeinit/roles/kubeinit_libvirt/templates/enslaver.sh rename to kubeinit/roles/kubeinit_libvirt/templates/detach.sh.j2 index c7a2d4b83..de4eb8392 100755 --- a/kubeinit/roles/kubeinit_libvirt/templates/enslaver.sh +++ b/kubeinit/roles/kubeinit_libvirt/templates/detach.sh.j2 @@ -6,7 +6,7 @@ # # The name of the bridge that will enslave the external access interface. -brname="kiextbr0" +brname="{{ kubeinit_libvirt_external_service_interface.attached }}" # To choose if we configure the bridge # with DHCP or static IP even if the interface # was using DHCP @@ -22,9 +22,11 @@ method=$(nmcli -g IPV4.METHOD con show "$conn") echo "This script will enslave the external interface ${iface} to ${brname}" echo "MAKE SURE YOU EXECUTE THIS LIKE" echo "######" -echo "nohup ./enslaver.sh YesImReallySure &" +echo "Single node deployment with Linux bridge:" +echo "nohup ./detach.sh YesImReallySure &" echo "or" -echo "nohup ./enslaver.sh YesImReallySure OVN &" +echo "Multi node deployment with OVN:" +echo "nohup ./detach.sh YesImReallySure OVN &" echo "######" echo "Otherwise you might end up by dropping the interface IP" echo "and blocking the access to this node" From e67976f6d3be903703a54a296db3f7de25e04eff Mon Sep 17 00:00:00 2001 From: Carlos Camacho Date: Wed, 10 Mar 2021 09:03:09 +0100 Subject: [PATCH 2/2] chore: release 1.0.1 This commit releases Kubeinit 1.0.1 with full OVN support for multinode cluster deployments. --- agent/setup.py | 2 +- kubeinit/galaxy.yml | 2 +- ui/app/version.py | 2 +- ui/package.json | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/agent/setup.py b/agent/setup.py index 625cc6f06..c02212e3e 100644 --- a/agent/setup.py +++ b/agent/setup.py @@ -28,7 +28,7 @@ _NAME = 'kubeinit' _DESCRIPTION = 'The Kubeinit CLI' -_REVISION = '1.0.0' +_REVISION = '1.0.1' kubeinit_revision = os.environ.get('KUBEINIT_REVISION', "") if (kubeinit_revision != ""): diff --git a/kubeinit/galaxy.yml b/kubeinit/galaxy.yml index 0e569f6b6..74c3dc29d 100644 --- a/kubeinit/galaxy.yml +++ b/kubeinit/galaxy.yml @@ -1,7 +1,7 @@ --- namespace: kubeinit name: kubeinit -version: 1.0.0 +version: 1.0.1 readme: README.md authors: - Carlos Camacho diff --git a/ui/app/version.py b/ui/app/version.py index fd7a3cb3f..74df8f0bf 100644 --- a/ui/app/version.py +++ b/ui/app/version.py @@ -16,4 +16,4 @@ under the License. """ -__version__ = "1.0.0" +__version__ = "1.0.1" diff --git a/ui/package.json b/ui/package.json index e5ba77617..15ba99207 100755 --- a/ui/package.json +++ b/ui/package.json @@ -1,6 +1,6 @@ { "name": "kubeinit-ui", - "version": "1.0.0", + "version": "1.0.1", "description": "Kubeinit UI", "repository": { "type": "git",