diff --git a/api/v1alpha1/ironic_types.go b/api/v1alpha1/ironic_types.go index 9447140..0183970 100644 --- a/api/v1alpha1/ironic_types.go +++ b/api/v1alpha1/ironic_types.go @@ -144,6 +144,11 @@ type Images struct { // +kubebuilder:default=quay.io/metal3-io/ironic-ipa-downloader // +optional RamdiskDownloader string `json:"ramdiskDownloader,omitempty"` + + // DisableRamdiskDownloader turns off the ramdisk downloader. + // +kubebuilder:default=false + // +optional + DisableRamdiskDownloader bool `json:"disableRamdiskDownloader,omitempty"` } // IronicSpec defines the desired state of Ironic diff --git a/api/v1alpha1/ironic_webhook.go b/api/v1alpha1/ironic_webhook.go index 1142eef..76898a7 100644 --- a/api/v1alpha1/ironic_webhook.go +++ b/api/v1alpha1/ironic_webhook.go @@ -203,7 +203,7 @@ func validateIronic(ironic *IronicSpec, old *IronicSpec) error { } } - if ironic.Images.AgentDownloadURL != "" { + if !ironic.Images.DisableRamdiskDownloader && ironic.Images.AgentDownloadURL != "" { if _, err := url.Parse(ironic.Images.AgentDownloadURL); err != nil { return fmt.Errorf("images.agentDownloadURL is not a valid URL: %w", err) } diff --git a/config/crd/bases/metal3.io_ironics.yaml b/config/crd/bases/metal3.io_ironics.yaml index 57d1357..3ca14d6 100644 --- a/config/crd/bases/metal3.io_ironics.yaml +++ b/config/crd/bases/metal3.io_ironics.yaml @@ -105,6 +105,10 @@ spec: AgentDownloadURL is the base URL from which IPA should be downloaded. The default value should be good for most users. type: string + disableRamdiskDownloader: + default: false + description: DisableRamdiskDownloader turns off the ramdisk downloader. + type: boolean ironic: default: quay.io/metal3-io/ironic description: Ironic is the Ironic image (including httpd). diff --git a/pkg/ironic/containers.go b/pkg/ironic/containers.go index 0ff51e6..f555611 100644 --- a/pkg/ironic/containers.go +++ b/pkg/ironic/containers.go @@ -417,32 +417,15 @@ func newIronicPodTemplate(ironic *metal3api.Ironic, db *metal3api.IronicDatabase htpasswd = apiSecret.Name } - var ipaDownloaderVars []corev1.EnvVar - ipaDownloaderVars = appendStringEnv(ipaDownloaderVars, - "IPA_BASEURI", ironic.Spec.Images.AgentDownloadURL) - ipaDownloaderVars = appendStringEnv(ipaDownloaderVars, - "IPA_BRANCH", ironic.Spec.Images.AgentBranch) - volumes, mounts := buildIronicVolumesAndMounts(ironic, db) sharedVolumeMount := mounts[0] - initContainers := []corev1.Container{ - { - Name: "ipa-downloader", - Image: ironic.Spec.Images.RamdiskDownloader, - Env: ipaDownloaderVars, - VolumeMounts: []corev1.VolumeMount{sharedVolumeMount}, - SecurityContext: &corev1.SecurityContext{ - RunAsUser: ptr.To(ironicUser), - RunAsGroup: ptr.To(ironicGroup), - Capabilities: &corev1.Capabilities{ - Drop: []corev1.Capability{"ALL"}, - }, - }, - }, + + var initContainers []corev1.Container + if !ironic.Spec.Images.DisableRamdiskDownloader { + initContainers = newInitContainers(ironic, sharedVolumeMount) } ironicPorts, httpdPorts := buildIronicHttpdPorts(ironic) - ironicHandler := newURLProbeHandler(ironic, ironic.Spec.TLSRef.Name != "", int(ironic.Spec.Networking.APIPort), "/v1") httpdHandler := newURLProbeHandler(ironic, false, int(ironic.Spec.Networking.ImageServerPort), "/images") @@ -519,3 +502,25 @@ func newIronicPodTemplate(ironic *metal3api.Ironic, db *metal3api.IronicDatabase }, }, nil } + +func newInitContainers(ironic *metal3api.Ironic, sharedVolumeMount corev1.VolumeMount) []corev1.Container { + var ipaDownloaderVars []corev1.EnvVar + ipaDownloaderVars = appendStringEnv(ipaDownloaderVars, "IPA_BASEURI", ironic.Spec.Images.AgentDownloadURL) + ipaDownloaderVars = appendStringEnv(ipaDownloaderVars, "IPA_BRANCH", ironic.Spec.Images.AgentBranch) + + return []corev1.Container{ + { + Name: "ipa-downloader", + Image: ironic.Spec.Images.RamdiskDownloader, + Env: ipaDownloaderVars, + VolumeMounts: []corev1.VolumeMount{sharedVolumeMount}, + SecurityContext: &corev1.SecurityContext{ + RunAsUser: ptr.To(ironicUser), + RunAsGroup: ptr.To(ironicGroup), + Capabilities: &corev1.Capabilities{ + Drop: []corev1.Capability{"ALL"}, + }, + }, + }, + } +}