def main():
utils.set_profile(deploy_options.target, deploy_options.profile)
## Main OLM Manifest for K8s
if deploy_options.target != "oc-ingress":
# K8s
deployed = utils.check_if_exists('namespace', 'olm', namespace='olm')
if not deployed:
olm_manifests = [
"https://github.com/operator-framework/operator-lifecycle-manager/releases/download/0.15.1/crds.yaml",
"https://github.com/operator-framework/operator-lifecycle-manager/releases/download/0.15.1/olm.yaml"
]
for manifest_url in olm_manifests:
file_name = "build/{}".format(
os.path.basename(urlparse(manifest_url).path))
dst_file = os.path.join(os.getcwd(), file_name)
print("Deploying {}".format(dst_file))
urlretrieve(manifest_url, dst_file)
utils.apply(dst_file)
check_deployment()
else:
# OCP
print("OLM Deployment not necessary")
def main():
deploy_options = handle_arguments()
utils.set_profile(deploy_options.target, deploy_options.profile)
with open(SRC_FILE, "r") as src:
with open(DST_FILE, "w+") as dst:
data = src.read()
data = data.replace("REPLACE_DOMAINS", '"{}"'.format(deploy_options.base_dns_domains))
data = data.replace("REPLACE_BASE_URL", utils.get_service_url(service=SERVICE,
target=deploy_options.target,
domain=deploy_options.domain,
namespace=deploy_options.namespace,
profile=deploy_options.profile,
disable_tls=deploy_options.disable_tls))
data = data.replace('REPLACE_NAMESPACE', deploy_options.namespace)
data = data.replace('REPLACE_AUTH_ENABLED_FLAG', '"{}"'.format(deploy_options.enable_auth))
data = data.replace('REPLACE_JWKS_URL', '"{}"'.format(deploy_options.jwks_url))
data = data.replace('REPLACE_OCM_BASE_URL', '"{}"'.format(deploy_options.ocm_url))
print("Deploying {}".format(DST_FILE))
subsystem_versions = {"IMAGE_BUILDER": "ISO_CREATION",
"IGNITION_GENERATE_IMAGE": "DUMMY_IGNITION"}
versions = {"IMAGE_BUILDER": "assisted-iso-create",
"IGNITION_GENERATE_IMAGE": "assisted-ignition-generator",
"INSTALLER_IMAGE": "assisted-installer",
"CONTROLLER_IMAGE": "assisted-installer-controller",
"AGENT_DOCKER_IMAGE": "assisted-installer-agent",
"CONNECTIVITY_CHECK_IMAGE": "assisted-installer-agent",
"INVENTORY_IMAGE": "assisted-installer-agent"}
for env_var_name, image_short_name in versions.items():
if deploy_options.subsystem_test and env_var_name in subsystem_versions.keys():
image_fqdn = deployment_options.get_image_override(deploy_options, image_short_name, subsystem_versions[env_var_name])
else:
image_fqdn = deployment_options.get_image_override(deploy_options, image_short_name, env_var_name)
versions[env_var_name] = image_fqdn
# Edge case for controller image override
if os.environ.get("INSTALLER_IMAGE") and not os.environ.get("CONTROLLER_IMAGE"):
versions["CONTROLLER_IMAGE"] = deployment_options.IMAGE_FQDN_TEMPLATE.format("assisted-installer-controller",
deployment_options.get_tag(versions["INSTALLER_IMAGE"]))
versions["SELF_VERSION"] = deployment_options.get_image_override(deploy_options, "assisted-service", "SERVICE")
deploy_tag = get_deployment_tag(deploy_options)
if deploy_tag:
versions["RELEASE_TAG"] = deploy_tag
y = yaml.load(data)
y['data'].update(versions)
data = yaml.dump(y)
dst.write(data)
utils.apply(DST_FILE)
def main():
deploy_options = deployment_options.load_deployment_options()
log.info('Starting scality deployment')
utils.set_profile(deploy_options.target, deploy_options.profile)
deploy_scality(deploy_options)
deploy_scality_storage(deploy_options)
log.info('Completed to scality deployment')
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--service")
parser.add_argument("--tls-san")
parser.add_argument("--tls-expiration", help="Server certificate expiration (days)", type=int, default=120)
deploy_options = deployment_options.load_deployment_options(parser)
utils.set_profile(deploy_options.target, deploy_options.profile)
output_dir = os.path.join(os.getcwd(), "build")
generate_secret(output_dir=output_dir, service=deploy_options.service, san=deploy_options.tls_san,
namespace=deploy_options.namespace, expiration=deploy_options.tls_expiration, keep_files=False)
def main():
deploy_options = deployment_options.load_deployment_options()
log.info('Starting postgres deployment')
utils.set_profile(deploy_options.target, deploy_options.profile)
deploy_postgres_secret(deploy_options)
deploy_postgres(deploy_options)
deploy_postgres_storage(deploy_options)
log.info('Completed postgres deployment')
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--subsystem-test", help="deploy in subsystem mode", action="store_true")
deploy_options = deployment_options.load_deployment_options(parser)
utils.set_profile(deploy_options.target, deploy_options.profile)
dst_file = os.path.join(os.getcwd(), "build/deploy_ui.yaml")
image_fqdn = deployment_options.get_image_override(deploy_options, "ocp-metal-ui", "UI_IMAGE")
tag = deployment_options.get_tag(image_fqdn)
clone_directory = os.path.join(os.getcwd(), "build/assisted-installer-ui")
if not os.path.exists(clone_directory):
utils.check_output(f"git clone --branch master {UI_REPOSITORY} {clone_directory}")
cmd = f"cd {clone_directory} && git pull"
if tag == "latest":
log.warning("No hash specified. Will run the deployment generation script from the top of master branch")
else:
cmd += f" && git reset --hard {tag}"
cmd += f" && deploy/deploy_config.sh -t {clone_directory}/deploy/ocp-metal-ui-template.yaml " \
f"-i {image_fqdn} -n {deploy_options.namespace} > {dst_file}"
utils.check_output(cmd)
log.info("Deploying %s", dst_file)
utils.apply(dst_file)
# in case of openshift deploy ingress as well
if deploy_options.target == "oc-ingress":
src_file = os.path.join(os.getcwd(), "deploy/ui/ui_ingress.yaml")
dst_file = os.path.join(os.getcwd(), "build/ui_ingress.yaml")
with open(src_file, "r") as src:
with open(dst_file, "w+") as dst:
data = src.read()
data = data.replace('REPLACE_NAMESPACE', deploy_options.namespace)
data = data.replace('REPLACE_HOSTNAME', utils.get_service_host(
'assisted-installer-ui',
deploy_options.target,
deploy_options.domain,
deploy_options.namespace,
deploy_options.profile
))
log.info("Deploying ingress from %s", dst_file)
dst.write(data)
utils.apply(dst_file)
def main():
deploy_options = deployment_options.load_deployment_options()
utils.set_profile(deploy_options.target, deploy_options.profile)
src_file = os.path.join(os.getcwd(), "deploy/s3/scality-secret.yaml")
dst_file = os.path.join(os.getcwd(), "build/scality-secret.yaml")
scality_url = "http://cloudserver-front:8000"
with open(src_file, "r") as src:
with open(dst_file, "w+") as dst:
data = src.read()
data = data.replace('REPLACE_NAMESPACE', deploy_options.namespace)
print("Deploying {}".format(dst_file))
dst.write(data)
utils.apply(dst_file)
def main():
deploy_options = deployment_options.load_deployment_options()
utils.set_profile(deploy_options.target, deploy_options.profile)
src_file = os.path.join(os.getcwd(), "deploy/roles/default_role.yaml")
dst_file = os.path.join(os.getcwd(), "build/default_role.yaml")
with open(src_file, "r") as src:
with open(dst_file, "w+") as dst:
data = src.read()
data = data.replace('REPLACE_NAMESPACE', deploy_options.namespace)
print("Deploying {}".format(dst_file))
dst.write(data)
utils.apply(dst_file)
def main():
deploy_options = deployment_options.load_deployment_options()
utils.set_profile(deploy_options.target, deploy_options.profile)
src_file = os.path.join(os.getcwd(),
"deploy/mariadb/mariadb-configmap.yaml")
dst_file = os.path.join(os.getcwd(), "build/mariadb-configmap.yaml")
with open(src_file, "r") as src:
with open(dst_file, "w+") as dst:
data = src.read()
data = data.replace('REPLACE_NAMESPACE', deploy_options.namespace)
print("Deploying {}".format(dst_file))
dst.write(data)
utils.apply(dst_file)
src_file = os.path.join(os.getcwd(),
"deploy/mariadb/mariadb-deployment.yaml")
dst_file = os.path.join(os.getcwd(), "build/mariadb-deployment.yaml")
with open(src_file, "r") as src:
with open(dst_file, "w+") as dst:
data = src.read()
data = data.replace('REPLACE_NAMESPACE', deploy_options.namespace)
print("Deploying {}".format(dst_file))
dst.write(data)
utils.apply(dst_file)
src_file = os.path.join(os.getcwd(), "deploy/mariadb/mariadb-storage.yaml")
dst_file = os.path.join(os.getcwd(), "build/mariadb-storage.yaml")
with open(src_file, "r") as src:
with open(dst_file, "w+") as dst:
data = src.read()
data = data.replace('REPLACE_NAMESPACE', deploy_options.namespace)
try:
size = utils.check_output(
f"kubectl -n {deploy_options.namespace} get persistentvolumeclaims mariadb-pv-claim "
+ "-o=jsonpath='{.status.capacity.storage}'")
print("Using existing disk size", size)
except:
size = "10Gi"
print("Using default size", size)
data = data.replace("REPLACE_STORAGE", size)
print("Deploying {}".format(dst_file))
dst.write(data)
utils.apply(dst_file)
def main():
parser = argparse.ArgumentParser()
deploy_options = deployment_options.load_deployment_options(parser)
utils.set_profile(deploy_options.target, deploy_options.profile)
src_file = os.path.join(os.getcwd(),
"deploy/assisted-service-service.yaml")
dst_file = os.path.join(os.getcwd(), "build/assisted-service-service.yaml")
with open(src_file, "r") as src:
with open(dst_file, "w+") as dst:
data = src.read()
data = data.replace('REPLACE_NAMESPACE', deploy_options.namespace)
print("Deploying {}".format(dst_file))
dst.write(data)
utils.apply(dst_file)
# in case of OpenShift deploy ingress as well
if deploy_options.target == "oc-ingress":
hostname = utils.get_service_host('assisted-installer',
deploy_options.target,
deploy_options.domain,
deploy_options.namespace,
deploy_options.profile)
if deploy_options.disable_tls:
template = "assisted-installer-ingress.yaml"
else:
print(
"WARNING: On OpenShift, in order to change TLS redirection behavior update "
"spec/tls/insecureEdgeTerminationPolicy (None|Allow|Redirect) "
"in the corresponding OpenShift route")
deploy_tls_secret.generate_secret(
output_dir=os.path.join(os.getcwd(), "build"),
service="assisted-service",
san=hostname,
namespace=deploy_options.namespace)
template = "assisted-installer-ingress-tls.yaml"
deploy_ingress(hostname=hostname,
namespace=deploy_options.namespace,
template_file=template)
def main():
deploy_options = handle_arguments()
utils.set_profile(deploy_options.target, deploy_options.profile)
service_url = utils.get_service_url(service=SERVICE,
target=deploy_options.target,
domain=deploy_options.domain,
namespace=deploy_options.namespace,
profile=deploy_options.profile,
disable_tls=deploy_options.disable_tls)
health_url = f'{service_url}/ready'
print(f'Wait for {health_url}')
waiting.wait(lambda: wait_for_request(health_url),
timeout_seconds=TIMEOUT,
expected_exceptions=(requests.exceptions.ConnectionError,
requests.exceptions.ReadTimeout),
sleep_seconds=SLEEP,
waiting_for="assisted-service to be healthy")
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--delete-namespace",
type=lambda x: (str(x).lower() == 'true'),
default=True)
parser.add_argument("--delete-pvc",
type=lambda x: (str(x).lower() == 'true'),
default=False)
deploy_options = deployment_options.load_deployment_options(parser)
utils.set_profile(deploy_options.target, deploy_options.profile)
print(
utils.check_output(
f"kubectl delete all --all -n {deploy_options.namespace} 1> /dev/null ; true"
))
# configmaps are not deleted with `delete all`
print(
utils.check_output(
f"kubectl get configmap -o name -n {deploy_options.namespace} | " +
f"xargs -r kubectl delete -n {deploy_options.namespace} 1> /dev/null ; true"
))
# ingress is not deleted with `delete all`
print(
utils.check_output(
f"kubectl get ingress -o name -n {deploy_options.namespace} | " +
f"xargs -r kubectl delete -n {deploy_options.namespace} 1> /dev/null ; true"
))
if deploy_options.delete_pvc:
print(
utils.check_output(
f"kubectl delete pvc --all -n {deploy_options.namespace} 1> /dev/null ; true"
))
if deploy_options.delete_namespace is True:
print(
utils.check_output(
f"kubectl delete namespace {deploy_options.namespace} 1> /dev/null ; true"
))
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--deploy-namespace",
type=lambda x: (str(x).lower() == 'true'),
default=True)
deploy_options = deployment_options.load_deployment_options(parser)
utils.set_profile(deploy_options.target, deploy_options.profile)
if deploy_options.deploy_namespace is False:
print("Not deploying namespace")
return
src_file = os.path.join(os.getcwd(), "deploy/namespace/namespace.yaml")
dst_file = os.path.join(os.getcwd(), "build/namespace.yaml")
with open(src_file, "r") as src:
with open(dst_file, "w+") as dst:
data = src.read()
data = data.replace('REPLACE_NAMESPACE', deploy_options.namespace)
print("Deploying {}".format(dst_file))
dst.write(data)
utils.apply(dst_file)
'''
This script deploy Grafana instance of it on K8s and OCP
n the OCP case, it will be integrated automatically with OCP oauth.
'''
import os
import sys
from time import sleep
import secrets
import utils
import deployment_options
deploy_options = deployment_options.load_deployment_options()
utils.set_profile(deploy_options.target, deploy_options.profile)
if deploy_options.target != "oc-ingress":
CMD_BIN = 'kubectl'
else:
CMD_BIN = 'oc'
def deploy_oauth_reqs():
'''oauth Integration in OCP'''
# Token generation for session_secret
session_secret = secrets.token_hex(43)
secret_name = 'grafana-proxy'
if not utils.check_if_exists('secret', secret_name, deploy_options.namespace):
cmd = "{} -n {} create secret generic {} --from-literal=session_secret={}"\
.format(CMD_BIN, deploy_options.namespace, secret_name, session_secret)
utils.check_output(cmd)
## Create and Annotate Serviceaccount
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--subsystem-test",
help='deploy in subsystem mode',
action='store_true')
deploy_options = deployment_options.load_deployment_options(parser)
utils.set_profile(deploy_options.target, deploy_options.profile)
with open(SRC_FILE, "r") as src:
raw_data = src.read()
raw_data = raw_data.replace('REPLACE_NAMESPACE',
deploy_options.namespace)
data = yaml.safe_load(raw_data)
image_fqdn = deployment_options.get_image_override(
deploy_options, "assisted-service", "SERVICE")
data["spec"]["template"]["spec"]["containers"][0]["image"] = image_fqdn
if deploy_options.subsystem_test:
if data["spec"]["template"]["spec"]["containers"][0].get(
"env", None) is None:
data["spec"]["template"]["spec"]["containers"][0]["env"] = []
data["spec"]["template"]["spec"]["containers"][0]["env"].append({
'name':
'CLUSTER_MONITOR_INTERVAL',
'value':
TEST_CLUSTER_MONITOR_INTERVAL
})
data["spec"]["template"]["spec"]["containers"][0]["env"].append({
'name':
'HOST_MONITOR_INTERVAL',
'value':
TEST_HOST_MONITOR_INTERVAL
})
data["spec"]["template"]["spec"]["containers"][0]["env"].append({
'name':
'JWKS_CERT',
'value':
load_key()
})
data["spec"]["template"]["spec"]["containers"][0]["env"].append({
'name':
'ENABLE_AUTH_AGENT',
'value':
"False"
})
data["spec"]["template"]["spec"]["containers"][0]["env"].append({
'name':
'ENABLE_AUTHZ',
'value':
"False"
})
data["spec"]["template"]["spec"]["containers"][0]["env"].append({
'name':
'SUBSYSTEM_RUN',
'value':
'True'
})
data["spec"]["template"]["spec"]["containers"][0][
"imagePullPolicy"] = "Never"
else:
data["spec"]["template"]["spec"]["containers"][0][
"imagePullPolicy"] = "Always"
with open(DST_FILE, "w+") as dst:
yaml.dump(data, dst, default_flow_style=False)
print("Deploying {}".format(DST_FILE))
utils.apply(DST_FILE)
