1. VIM Basic Services¶
These are the initial deployment services residing in the VIM server.
Note
If the VIM server is not direct attached on the management L2 domain, an DHCP relay service is needed to be configured in the management infrastructure switching.
1.1. Meadow¶
It is an https basic service to provide VIM resources.
Get the code
git clone https://gitlab.stroila.ca/slg/ocp/meadow.git
cd meadow && make clean && make build && make run
The service is listening on port 3443 by default and can be chnged in:
vi root/usr/share/container-scripts/httpd/common.sh
The default document path is /var/www/http
To test
curl -k https://registry.ocp.labs.stroila.ca:3443/ok
1.2. Coredns¶
1.2.1. Configuration¶
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | @ IN SOA ns1.slabs.stroila.ca. root (
2021112001 ; serial
7200 ; refresh (2 hours)
3600 ; retry (1 hour)
1209600 ; expire (2 weeks)
3600 ; minimum (1 hour)
)
IN NS ns1.slabs.stroila.ca.
IN MX 10 smtp.slabs.stroila.ca.
;
;
ns1.slabs.stroila.ca. IN AAAA fd53:f:a:b::7486:7ad3:623
IN A 172.20.20.1
smtp.slabs.stroila.ca. IN AAAA fd53:f:a:b::7486:7ad3:623
IN A 172.20.20.1
;
api.montreal-317.slabs.stroila.ca. IN AAAA fd53:f:a:b::10
IN AAAA fd53:f:a:b::20
IN AAAA fd53:f:a:b::30
IN AAAA fd53:f:a:b::90b1:1c49:e803
;
api-int.montreal-317.slabs.stroila.ca. IN AAAA fd53:f:a:b::10
IN AAAA fd53:f:a:b::20
IN AAAA fd53:f:a:b::30
IN AAAA fd53:f:a:b::90b1:1c49:e803
;
*.apps.montreal-317.slabs.stroila.ca. 5 IN AAAA fd53:f:a:b::10
*.apps.montreal-317.slabs.stroila.ca. 5 IN AAAA fd53:f:a:b::20
*.apps.montreal-317.slabs.stroila.ca. 5 IN AAAA fd53:f:a:b::30
;
bootstrap.montreal-317.slabs.stroila.ca. IN AAAA fd53:f:a:b::90b1:1c49:e803
;
registry.montreal-317.slabs.stroila.ca. IN AAAA fd53:f:a:b::7486:7ad3:623
;
node-b8ca3a6f7ebb.montreal-317.slabs.stroila.ca. IN AAAA fd53:f:a:b::b8ca:3a6f:7ebb
node-b8ca3a6f3d4b.montreal-317.slabs.stroila.ca. IN AAAA fd53:f:a:b::b8ca:3a6f:3d4b
node-90b11c4c8bf9.montreal-317.slabs.stroila.ca. IN AAAA fd53:f:a:b::90b1:1c4c:8bf9
;
;EOF
|
1.3. Registry¶
Tip
If you receive “docker.io/library/registry: toomanyrequests: You have reached your pull rate limit” you can pull the registry from somwhere else and transfer the image:
podman pull docker.io/library/registry
podman save -o registry.tar docker.io/library/registry:latest
...
podman load < /root/registry.tar
Verify registry content
# curl -u user:password -ks https://registry.ocp.labs.stroila.ca:5000/v2/_catalog|jq -r . { "repositories": [ "ocp/cni-plugins", "ocp/network-operator", "ocp/keepalived", "olm/redhat-operators", "openshift" ] }
1.4. Dnsmasq¶
The images directory is extracted from generated iso image created with assisted-installer
/opt/ocp/dnsmasq/ ├── etc │ ├── dhcpd.hosts │ ├── dhcp-options │ └── dnsmasq.conf └── tftpboot ├── boot.ipxe ├── EFI │ └── redhat │ ├── grub.cfg-01-08-ca-3a-67-6d-01 │ ├── grub.cfg-01-90-b1-1c-49-e8-03 │ ├── grub.cfg-01-90-b1-1c-4c-8b-f9 │ ├── grub.cfg-01-b8-ca-3a-6f-3d-4b │ └── grub.cfg-01-b8-ca-3a-6f-7e-bb ├── grubx64.efi ├── images │ ├── efiboot.img │ ├── ignition.img │ └── pxeboot │ ├── initrd.img │ ├── rootfs.img │ └── vmlinuz ├── pxelinux.cfg │ ├── additional_menu_entries │ ├── base-default │ ├── default │ ├── rhcos │ ├── rhcos.efi │ ├── rhcos.http │ ├── rhcos.ipxe │ └── rhcos.pxe ├── rhcos-installer-initramfs.x86_64.img ├── rhcos-installer-kernel-x86_64 └── uefi ├── grubx64.efi ├── mmx64.efi ├── shimx64.efi └── shimx64-redhat.efi
Automated install nested ignition contains the introspection and disk ignitions
1.4.1. GRUB UEFI example for Accton Switch¶
set default="1" function load_video { insmod efi_gop insmod efi_uga insmod video_bochs insmod video_cirrus insmod all_video } load_video set gfxpayload=keep insmod gzio insmod part_gpt insmod ext2 set timeout=5 menuentry 'Install RHCOS L2' --class fedora --class gnu-linux --class gnu --class os { linuxefi /images/pxeboot/vmlinuz random.trust_cpu=on rd.luks.options=discard ip=[2602:807:900e:141::0090:fb6a:c9fa]::[2602:807:900e:141::f01f:afce:5ded]:64:AJ08025940-l2:enp2s0:none nameserver=2602:807:900e:141::f01f:afce:5ded rd.neednet=1 vga=791 console=ttyS0,57600n8 console=tty0 ignition.firstboot ignition.platform.id=metal coreos.live.rootfs_url=https://[2602:807:900e:141::f01f:afce:5ded]:3443/rootfs.img ignition.config.url=https://[2602:807:900e:141::f01f:afce:5ded]:3443/cfg/automated_install.ign initrdefi /images/pxeboot/initrd.img /images/ignition.img }
1.4.2. GRUB UEFI example for Dell Server¶
set default="1" function load_video { insmod efi_gop insmod efi_uga insmod video_bochs insmod video_cirrus insmod all_video } load_video set gfxpayload=keep insmod gzio insmod part_gpt insmod ext2 set timeout=5 menuentry 'Install RHCOS C3' --class fedora --class gnu-linux --class gnu --class os { linuxefi /images/pxeboot/vmlinuz random.trust_cpu=on rd.luks.options=discard ip=[2602:807:900e:141::90b1:1c26:6aa2]::[2602:807:900e:141::f01f:afce:5ded]:64:r620-3MNXK02-c3:eno1:none nameserver=2602:807:900e:141::f01f:afce:5ded rd.neednet=1 vga=791 console=ttyS0 console=tty0 ignition.firstboot ignition.platform.id=metal coreos.live.rootfs_url=https://[2602:807:900e:141::f01f:afce:5ded]:3443/rootfs.img ignition.config.url=https://[2602:807:900e:141::f01f:afce:5ded]:3443/cfg/automated_install.ign initrdefi /images/pxeboot/initrd.img /images/ignition.img }
1.5. Monitor¶
This is an API server that receives deployment status information
A mocap example is available Very simple HTTP server in python for logging requests
The implementation must be able to receive and provide feedback to the deployment components.