Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for uploading OVAs to VMware #1622

Merged
merged 4 commits into from
Jul 8, 2021

Conversation

zmrow
Copy link
Contributor

@zmrow zmrow commented Jun 17, 2021

Issue number:
Implements #1605

Description of changes:

It's probably easiest to read through the PR by commit.

pubsys-config: Add VMware support
     
    This adds everything needed to support VMware specific configuration,
    including credentials.
pubsys: Add VMware 'upload-ova' subcommand
    
    This adds the subcommand `upload-ova` to `pubsys`.  This subcommand is
    meant to be used via `cargo make` and allow a user to upload an OVA to
    one or more VMware datacenters, optionally marking the VM as a template.
    Under the hood, it accomplishes this by running `govc` in the SDK
    container via Docker invocation, similar to how `buildsys` accomplishes
    its task.
    
    Like the rest of `pubsys`, it gets much of its configuration from
    `Infra.toml`.  The configuration details all of the values needed to
    communicate with a vSphere instance, and allows for users to specify
    "common" configuration that multiple datacenters share.  Credentials for
    different datacenters can be specified in a file located at
    `~/.config/pubsys/vsphere-credentials.toml`.  Because we use `govc`
    under the hood, at runtime we check for GOVC_* environment variables and
    allow them to override VMware datacenter config in `Infra.toml` or
    `vsphere-credentials.toml`
    
    The subcommand allows a user to override the name of the resulting VM,
    import spec, and specify a subset of datacenters than what's specified
    in config.
Makefile: Add `upload-ova` and `vmware-template` targets
    
    This change adds the ability to upload a built OVA to one or more VMware
    software defined datacenters.  The `vmware-template` target uploads the
    OVA and marks it as a VM template using the import spec.  Multiple
    environment variables allow a user to override the VM name, list of
    datacenters to upload to, and the import spec used to upload.
PUBLISHING: Split relevent AWS/VMware details into their own guides.
    
    This change splits `PUBLISHING.md` into multiple files to account for
    the differences in publishing Bottlerocket on AWS and VMware.  The
    `PUBLISHING-AWS.md` guide covers publishing and granting access to AMIs,
    and details around SSM parameters.  The `PUBLISHING-VMWARE.md` guide
    covers the configuration details and process for uploading an OVA to one
    or more VMware SDDC's.  The main `PUBLISHING.md` still covers all
    general information around configuration, repos, etc.

Testing done:

I performed the test steps with varying configuration setups:

  • only environment variables (no datacenter-specific details in Infra.toml or creds file)
  • only datacenter config/credentials file (no environment variables)
  • datacenter config/creds file with values missing but populated in the environment
  • environment variables with values missing but populated in the files
  • all config populated in the [vmware.common] section
  • various values populated in common, Infra.toml and environment to ensure the values cascade as expected

Testing steps:

  • Upload an OVA
  • Upload an OVA as template
  • Override VM name, import_spec, and datacenters. (I don't have multiple datacenters to push to so I populated the same details for multiple datacenters and ensured that pubsys attempts to upload to them both, failing the second time because a VM already exists)
  • Attempt to re-upload the same OVA, fails as expected with a nice message:
[INFO] Uploading OVA to datacenter 'main' with name 'bottlerocket-vmware-k8s-1.20-x86_64-v1.1.1-5bf37a18-dirty'                                                                      
Failed to upload OVA: Docker invocation failed: /usr/bin/govc: The name 'bottlerocket-vmware-k8s-1.20-x86_64-v1.1.1-5bf37a18-dirty' already exists

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

@zmrow zmrow requested review from tjkirch, bcressey and etungsten June 17, 2021 21:51
Copy link
Contributor

@webern webern left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

saving partial review

Makefile.toml Outdated Show resolved Hide resolved
Makefile.toml Show resolved Hide resolved
Makefile.toml Show resolved Hide resolved
tools/pubsys/src/vmware/govc.rs Show resolved Hide resolved
tools/pubsys/src/vmware/govc.rs Outdated Show resolved Hide resolved
tools/pubsys/src/vmware/upload_ova/mod.rs Outdated Show resolved Hide resolved
PUBLISHING-VMWARE.md Show resolved Hide resolved
tools/pubsys-config/src/vmware.rs Outdated Show resolved Hide resolved
@zmrow
Copy link
Contributor Author

zmrow commented Jun 22, 2021

^ addresses @webern 's comments!

@zmrow
Copy link
Contributor Author

zmrow commented Jul 2, 2021

^ Removes the TryFrom implementation in favor of a build() method on the *Builder structs.

This adds everything needed to support VMware specific configuration,
including credentials.
@zmrow
Copy link
Contributor Author

zmrow commented Jul 6, 2021

^ Above push is a rebase on develop.

Now the the SDK changes are shipped, I executed all of the testing again and everything looks good. (Fighting through the intermittent VMC issues today)

Pulling out of draft...

@zmrow zmrow marked this pull request as ready for review July 6, 2021 17:00
@zmrow zmrow requested review from webern and etungsten July 6, 2021 17:00
PUBLISHING-VMWARE.md Show resolved Hide resolved
let stdout = String::from_utf8_lossy(&output.stdout);
trace!("{}", stdout);
if output.status.success() {
return Ok(output);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit:

Suggested change
return Ok(output);
Ok(output)

zmrow added 3 commits July 7, 2021 16:59
This adds the subcommand `upload-ova` to `pubsys`.  This subcommand is
meant to be used via `cargo make` and allow a user to upload an OVA to
one or more VMware datacenters, optionally marking the VM as a template.
Under the hood, it accomplishes this by running `govc` in the SDK
container via Docker invocation, similar to how `buildsys` accomplishes
its task.

Like the rest of `pubsys`, it gets much of its configuration from
`Infra.toml`.  The configuration details all of the values needed to
communicate with a vSphere instance, and allows for users to specify
"common" configuration that multiple datacenters share.  Credentials for
different datacenters can be specified in a file located at
`~/.config/pubsys/vsphere-credentials.toml`.  Because we use `govc`
under the hood, at runtime we check for GOVC_* environment variables and
allow them to override VMware datacenter config in `Infra.toml` or
`vsphere-credentials.toml`

The subcommand allows a user to override the name of the resulting VM,
import spec, and specify a subset of datacenters than what's specified
in config.
This change adds the ability to upload a built OVA to one or more VMware
software defined datacenters.  The `vmware-template` target uploads the
OVA and marks it as a VM template using the import spec.  Multiple
environment variables allow a user to override the VM name, list of
datacenters to upload to, and the import spec used to upload.
This change splits `PUBLISHING.md` into multiple files to account for
the differences in publishing Bottlerocket on AWS and VMware.  The
`PUBLISHING-AWS.md` guide covers publishing and granting access to AMIs,
and details around SSM parameters.  The `PUBLISHING-VMWARE.md` guide
covers the configuration details and process for uploading an OVA to one
or more VMware SDDC's.  The main `PUBLISHING.md` still covers all
general information around configuration, repos, etc.
@zmrow
Copy link
Contributor Author

zmrow commented Jul 7, 2021

^ Addresses @arnaldo2792 's comments :)

@zmrow zmrow requested a review from arnaldo2792 July 8, 2021 19:56
Copy link
Contributor

@arnaldo2792 arnaldo2792 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zmrow zmrow merged commit 56210f2 into bottlerocket-os:develop Jul 8, 2021
@zmrow zmrow deleted the pubsys_vmware branch July 8, 2021 21:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants