Skip to content

Commit

Permalink
Determine whether initcontainer is needed through IPAConfig options
Browse files Browse the repository at this point in the history 
Signed-off-by: shenwei <shenwei@cmss.chinamobile.com>
  • Loading branch information
shenwei committed Jun 12, 2024
1 parent f56c7cc commit f06187d
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 28 deletions.
17 changes: 13 additions & 4 deletions api/v1alpha1/ironic_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,8 @@ type Networking struct {
MACAddresses []string `json:"macAddresses,omitempty"`
}

type Images struct {
type IPAConfig struct {
IPAEnabled bool `json:"ipaEnabled"`
// AgentBranch is the branch of IPA to download. The main branch is used by default.
// +optional
AgentBranch string `json:"agentBranch,omitempty"`
Expand All @@ -133,17 +134,25 @@ type Images struct {
// The default value should be good for most users.
// +optional
AgentDownloadURL string `json:"agentDownloadURL,omitempty"`
// RamdiskDownloader is the image to be used at pod initialization to download the IPA ramdisk.
// +kubebuilder:default=quay.io/metal3-io/ironic-ipa-downloader
// +optional
RamdiskDownloader string `json:"ramdiskDownloader,omitempty"`
}

type Images struct {

// Ironic is the Ironic image (including httpd).
// +kubebuilder:default=quay.io/metal3-io/ironic
// +kubebuilder:validation:MinLength=1
// +optional
Ironic string `json:"ironic,omitempty"`

// RamdiskDownloader is the image to be used at pod initialization to download the IPA ramdisk.
// +kubebuilder:default=quay.io/metal3-io/ironic-ipa-downloader
// IPA is a service written in python that runs within a ramdisk.
// It provides remote access for Ironic to perform various operations on the managed server.
// It also sends information about the server to Ironic.
// +optional
RamdiskDownloader string `json:"ramdiskDownloader,omitempty"`
IPAConfig IPAConfig `json:"ipaConfig,omitempty"`
}

// IronicSpec defines the desired state of Ironic
Expand Down
4 changes: 2 additions & 2 deletions api/v1alpha1/ironic_webhook.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,8 +203,8 @@ func validateIronic(ironic *IronicSpec, old *IronicSpec) error {
}
}

if ironic.Images.AgentDownloadURL != "" {
if _, err := url.Parse(ironic.Images.AgentDownloadURL); err != nil {
if ironic.Images.IPAConfig.IPAEnabled && ironic.Images.IPAConfig.AgentDownloadURL != "" {
if _, err := url.Parse(ironic.Images.IPAConfig.AgentDownloadURL); err != nil {
return fmt.Errorf("images.agentDownloadURL is not a valid URL: %w", err)
}
}
Expand Down
48 changes: 26 additions & 22 deletions pkg/ironic/containers.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -417,32 +417,12 @@ func newIronicPodTemplate(ironic *metal3api.Ironic, db *metal3api.IronicDatabase
htpasswd = apiSecret.Name
}

var ipaDownloaderVars []corev1.EnvVar
ipaDownloaderVars = appendStringEnv(ipaDownloaderVars,
"IPA_BASEURI", ironic.Spec.Images.AgentDownloadURL)
ipaDownloaderVars = appendStringEnv(ipaDownloaderVars,
"IPA_BRANCH", ironic.Spec.Images.AgentBranch)

volumes, mounts := buildIronicVolumesAndMounts(ironic, db)
sharedVolumeMount := mounts[0]
initContainers := []corev1.Container{
{
Name: "ipa-downloader",
Image: ironic.Spec.Images.RamdiskDownloader,
Env: ipaDownloaderVars,
VolumeMounts: []corev1.VolumeMount{sharedVolumeMount},
SecurityContext: &corev1.SecurityContext{
RunAsUser: ptr.To(ironicUser),
RunAsGroup: ptr.To(ironicGroup),
Capabilities: &corev1.Capabilities{
Drop: []corev1.Capability{"ALL"},
},
},
},
}

ironicPorts, httpdPorts := buildIronicHttpdPorts(ironic)
initContainers := newInitContainers(ironic, sharedVolumeMount)

ironicPorts, httpdPorts := buildIronicHttpdPorts(ironic)
ironicHandler := newURLProbeHandler(ironic, ironic.Spec.TLSRef.Name != "", int(ironic.Spec.Networking.APIPort), "/v1")
httpdHandler := newURLProbeHandler(ironic, false, int(ironic.Spec.Networking.ImageServerPort), "/images")

Expand Down Expand Up @@ -519,3 +499,27 @@ func newIronicPodTemplate(ironic *metal3api.Ironic, db *metal3api.IronicDatabase
},
}, nil
}

func newInitContainers(ironic *metal3api.Ironic, sharedVolumeMount corev1.VolumeMount) []corev1.Container {
var ipaDownloaderVars []corev1.EnvVar
ipaDownloaderVars = appendStringEnv(ipaDownloaderVars, "IPA_BASEURI", ironic.Spec.Images.IPAConfig.AgentDownloadURL)
ipaDownloaderVars = appendStringEnv(ipaDownloaderVars, "IPA_BRANCH", ironic.Spec.Images.IPAConfig.AgentBranch)
if ironic.Spec.Images.IPAConfig.IPAEnabled {
return []corev1.Container{
{
Name: "ipa-downloader",
Image: ironic.Spec.Images.IPAConfig.RamdiskDownloader,
Env: ipaDownloaderVars,
VolumeMounts: []corev1.VolumeMount{sharedVolumeMount},
SecurityContext: &corev1.SecurityContext{
RunAsUser: ptr.To(ironicUser),
RunAsGroup: ptr.To(ironicGroup),
Capabilities: &corev1.Capabilities{
Drop: []corev1.Capability{"ALL"},
},
},
},
}
}
return nil
}

0 comments on commit f06187d

Please sign in to comment.