From a8c939a876dd4d4e2e485385c5ac04f2ec5c0d76 Mon Sep 17 00:00:00 2001 From: Manish Kumar <30774250+manish-jangra@users.noreply.github.com> Date: Fri, 20 Dec 2024 13:56:51 +0530 Subject: [PATCH] KFLUXINFRA-1163: Updating Host Config for MPC (#5187) With Addition of kflux-prd-rh02 in the list, this pull request will retructure the production overlay by further creating base, stone-prd-rh01 and kflux-prd-rh02 overlays Signed-off-by: Manish Kumar <30774250+manish-jangra@users.noreply.github.com> --- .../multi-platform-controller.yaml | 4 + .../kflux-prd-rh02/external-secrets.yaml | 91 ++++ .../kflux-prd-rh02/host-config.yaml | 489 ++++++++++++++++++ .../{ => kflux-prd-rh02}/kustomization.yaml | 4 +- .../external-secrets.yaml | 0 .../{ => stone-prd-rh01}/host-config.yaml | 0 .../stone-prd-rh01/kustomization.yaml | 22 + 7 files changed, 608 insertions(+), 2 deletions(-) create mode 100644 components/multi-platform-controller/production/kflux-prd-rh02/external-secrets.yaml create mode 100644 components/multi-platform-controller/production/kflux-prd-rh02/host-config.yaml rename components/multi-platform-controller/production/{ => kflux-prd-rh02}/kustomization.yaml (92%) rename components/multi-platform-controller/production/{ => stone-prd-rh01}/external-secrets.yaml (100%) rename components/multi-platform-controller/production/{ => stone-prd-rh01}/host-config.yaml (100%) create mode 100644 components/multi-platform-controller/production/stone-prd-rh01/kustomization.yaml diff --git a/argo-cd-apps/base/member/infra-deployments/multi-platform-controller/multi-platform-controller.yaml b/argo-cd-apps/base/member/infra-deployments/multi-platform-controller/multi-platform-controller.yaml index 7f1e8080b11..bfaf6ef16b1 100644 --- a/argo-cd-apps/base/member/infra-deployments/multi-platform-controller/multi-platform-controller.yaml +++ b/argo-cd-apps/base/member/infra-deployments/multi-platform-controller/multi-platform-controller.yaml @@ -21,6 +21,10 @@ spec: values.clusterDir: stone-prod-p01 - nameNormalized: stone-prod-p02 values.clusterDir: stone-prod-p02 + - nameNormalized: stone-prd-rh01 + values.clusterDir: stone-prd-rh01 + - nameNormalized: kflux-prd-rh02 + values.clusterDir: kflux-prd-rh02 template: metadata: name: multi-platform-controller-{{nameNormalized}} diff --git a/components/multi-platform-controller/production/kflux-prd-rh02/external-secrets.yaml b/components/multi-platform-controller/production/kflux-prd-rh02/external-secrets.yaml new file mode 100644 index 00000000000..97fea375474 --- /dev/null +++ b/components/multi-platform-controller/production/kflux-prd-rh02/external-secrets.yaml @@ -0,0 +1,91 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: aws-ssh-key + namespace: multi-platform-controller + labels: + build.appstudio.redhat.com/multi-platform-secret: "true" + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "-1" +spec: + dataFrom: + - extract: + key: production/build/multi-platform-controller/kflux-prd-rh02-ssh-key + refreshInterval: 1h + secretStoreRef: + kind: ClusterSecretStore + name: appsre-stonesoup-vault + target: + creationPolicy: Owner + deletionPolicy: Delete + name: aws-ssh-key +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: aws-account + namespace: multi-platform-controller + labels: + build.appstudio.redhat.com/multi-platform-secret: "true" + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "-1" +spec: + dataFrom: + - extract: + key: production/build/multi-platform-controller/kflux-prd-rh02-aws-account + refreshInterval: 1h + secretStoreRef: + kind: ClusterSecretStore + name: appsre-stonesoup-vault + target: + creationPolicy: Owner + deletionPolicy: Delete + name: aws-account +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: ibm-ssh-key + namespace: multi-platform-controller + labels: + build.appstudio.redhat.com/multi-platform-secret: "true" + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "-1" +spec: + dataFrom: + - extract: + key: production/build/multi-platform-controller/prod-rh02-ibm-ssh-key + refreshInterval: 1h + secretStoreRef: + kind: ClusterSecretStore + name: appsre-stonesoup-vault + target: + creationPolicy: Owner + deletionPolicy: Delete + name: ibm-ssh-key +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: ibm-api-key + namespace: multi-platform-controller + labels: + build.appstudio.redhat.com/multi-platform-secret: "true" + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "-1" +spec: + dataFrom: + - extract: + key: production/build/multi-platform-controller/prod-rh02-ibm-api-key + refreshInterval: 1h + secretStoreRef: + kind: ClusterSecretStore + name: appsre-stonesoup-vault + target: + creationPolicy: Owner + deletionPolicy: Delete + name: ibm-api-key diff --git a/components/multi-platform-controller/production/kflux-prd-rh02/host-config.yaml b/components/multi-platform-controller/production/kflux-prd-rh02/host-config.yaml new file mode 100644 index 00000000000..9556f856ca4 --- /dev/null +++ b/components/multi-platform-controller/production/kflux-prd-rh02/host-config.yaml @@ -0,0 +1,489 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + build.appstudio.redhat.com/multi-platform-config: hosts + name: host-config + namespace: multi-platform-controller +data: + local-platforms: "\ + linux/x86_64,\ + local,\ + localhost,\ + " + dynamic-platforms: "\ + linux/arm64,\ + linux/amd64,\ + linux-mlarge/arm64,\ + linux-mlarge/amd64,\ + linux-mxlarge/amd64,\ + linux-mxlarge/arm64,\ + linux-m2xlarge/amd64,\ + linux-m2xlarge/arm64,\ + linux-m4xlarge/amd64,\ + linux-m4xlarge/arm64,\ + linux-m8xlarge/amd64,\ + linux-m8xlarge/arm64,\ + linux-cxlarge/amd64,\ + linux-cxlarge/arm64,\ + linux-c2xlarge/amd64,\ + linux-c2xlarge/arm64,\ + linux-c4xlarge/amd64,\ + linux-c4xlarge/arm64,\ + linux-c8xlarge/amd64,\ + linux-c8xlarge/arm64,\ + linux-g6xlarge/amd64,\ + linux-root/arm64,\ + linux-root/amd64,\ + linux-fast/amd64,\ + linux-extra-fast/amd64,\ + linux/s390x\ + " + instance-tag: rhtap-prod + + additional-instance-tags: "\ + Project=Konflux,\ + Owner=konflux-infra@redhat.com,\ + ManagedBy=Konflux Infra Team,\ + app-code=ASSH-001,\ + service-phase=Production,\ + cost-center=670\ + " + + # cpu:memory (1:4) + dynamic.linux-arm64.type: aws + dynamic.linux-arm64.region: us-east-1 + dynamic.linux-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-arm64.instance-type: m6g.large + dynamic.linux-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-arm64.aws-secret: aws-account + dynamic.linux-arm64.ssh-secret: aws-ssh-key + dynamic.linux-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-arm64.max-instances: "50" + dynamic.linux-arm64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-mlarge-arm64.type: aws + dynamic.linux-mlarge-arm64.region: us-east-1 + dynamic.linux-mlarge-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-mlarge-arm64.instance-type: m6g.large + dynamic.linux-mlarge-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-mlarge-arm64.aws-secret: aws-account + dynamic.linux-mlarge-arm64.ssh-secret: aws-ssh-key + dynamic.linux-mlarge-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-mlarge-arm64.max-instances: "50" + dynamic.linux-mlarge-arm64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-mxlarge-arm64.type: aws + dynamic.linux-mxlarge-arm64.region: us-east-1 + dynamic.linux-mxlarge-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-mxlarge-arm64.instance-type: m6g.xlarge + dynamic.linux-mxlarge-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-mxlarge-arm64.aws-secret: aws-account + dynamic.linux-mxlarge-arm64.ssh-secret: aws-ssh-key + dynamic.linux-mxlarge-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-mxlarge-arm64.max-instances: "20" + dynamic.linux-mxlarge-arm64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-m2xlarge-arm64.type: aws + dynamic.linux-m2xlarge-arm64.region: us-east-1 + dynamic.linux-m2xlarge-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-m2xlarge-arm64.instance-type: m6g.2xlarge + dynamic.linux-m2xlarge-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-m2xlarge-arm64.aws-secret: aws-account + dynamic.linux-m2xlarge-arm64.ssh-secret: aws-ssh-key + dynamic.linux-m2xlarge-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-m2xlarge-arm64.max-instances: "20" + dynamic.linux-m2xlarge-arm64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-m4xlarge-arm64.type: aws + dynamic.linux-m4xlarge-arm64.region: us-east-1 + dynamic.linux-m4xlarge-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-m4xlarge-arm64.instance-type: m6g.4xlarge + dynamic.linux-m4xlarge-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-m4xlarge-arm64.aws-secret: aws-account + dynamic.linux-m4xlarge-arm64.ssh-secret: aws-ssh-key + dynamic.linux-m4xlarge-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-m4xlarge-arm64.max-instances: "20" + dynamic.linux-m4xlarge-arm64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-m8xlarge-arm64.type: aws + dynamic.linux-m8xlarge-arm64.region: us-east-1 + dynamic.linux-m8xlarge-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-m8xlarge-arm64.instance-type: m6g.8xlarge + dynamic.linux-m8xlarge-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-m8xlarge-arm64.aws-secret: aws-account + dynamic.linux-m8xlarge-arm64.ssh-secret: aws-ssh-key + dynamic.linux-m8xlarge-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-m8xlarge-arm64.max-instances: "20" + dynamic.linux-m8xlarge-arm64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-amd64.type: aws + dynamic.linux-amd64.region: us-east-1 + dynamic.linux-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-amd64.instance-type: m6a.large + dynamic.linux-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-amd64.aws-secret: aws-account + dynamic.linux-amd64.ssh-secret: aws-ssh-key + dynamic.linux-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-amd64.max-instances: "10" + dynamic.linux-amd64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-mlarge-amd64.type: aws + dynamic.linux-mlarge-amd64.region: us-east-1 + dynamic.linux-mlarge-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-mlarge-amd64.instance-type: m6a.large + dynamic.linux-mlarge-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-mlarge-amd64.aws-secret: aws-account + dynamic.linux-mlarge-amd64.ssh-secret: aws-ssh-key + dynamic.linux-mlarge-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-mlarge-amd64.max-instances: "10" + dynamic.linux-mlarge-amd64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-mxlarge-amd64.type: aws + dynamic.linux-mxlarge-amd64.region: us-east-1 + dynamic.linux-mxlarge-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-mxlarge-amd64.instance-type: m6a.xlarge + dynamic.linux-mxlarge-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-mxlarge-amd64.aws-secret: aws-account + dynamic.linux-mxlarge-amd64.ssh-secret: aws-ssh-key + dynamic.linux-mxlarge-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-mxlarge-amd64.max-instances: "10" + dynamic.linux-mxlarge-amd64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-m2xlarge-amd64.type: aws + dynamic.linux-m2xlarge-amd64.region: us-east-1 + dynamic.linux-m2xlarge-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-m2xlarge-amd64.instance-type: m6a.2xlarge + dynamic.linux-m2xlarge-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-m2xlarge-amd64.aws-secret: aws-account + dynamic.linux-m2xlarge-amd64.ssh-secret: aws-ssh-key + dynamic.linux-m2xlarge-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-m2xlarge-amd64.max-instances: "10" + dynamic.linux-m2xlarge-amd64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-m4xlarge-amd64.type: aws + dynamic.linux-m4xlarge-amd64.region: us-east-1 + dynamic.linux-m4xlarge-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-m4xlarge-amd64.instance-type: m6a.4xlarge + dynamic.linux-m4xlarge-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-m4xlarge-amd64.aws-secret: aws-account + dynamic.linux-m4xlarge-amd64.ssh-secret: aws-ssh-key + dynamic.linux-m4xlarge-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-m4xlarge-amd64.max-instances: "10" + dynamic.linux-m4xlarge-amd64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-m8xlarge-amd64.type: aws + dynamic.linux-m8xlarge-amd64.region: us-east-1 + dynamic.linux-m8xlarge-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-m8xlarge-amd64.instance-type: m6a.8xlarge + dynamic.linux-m8xlarge-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-m8xlarge-amd64.aws-secret: aws-account + dynamic.linux-m8xlarge-amd64.ssh-secret: aws-ssh-key + dynamic.linux-m8xlarge-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-m8xlarge-amd64.max-instances: "10" + dynamic.linux-m8xlarge-amd64.subnet-id: subnet-0c39ff75f819abfc5 + + # cpu:memory (1:2) + dynamic.linux-cxlarge-arm64.type: aws + dynamic.linux-cxlarge-arm64.region: us-east-1 + dynamic.linux-cxlarge-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-cxlarge-arm64.instance-type: c6g.xlarge + dynamic.linux-cxlarge-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-cxlarge-arm64.aws-secret: aws-account + dynamic.linux-cxlarge-arm64.ssh-secret: aws-ssh-key + dynamic.linux-cxlarge-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-cxlarge-arm64.max-instances: "50" + dynamic.linux-cxlarge-arm64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-c2xlarge-arm64.type: aws + dynamic.linux-c2xlarge-arm64.region: us-east-1 + dynamic.linux-c2xlarge-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-c2xlarge-arm64.instance-type: c6g.2xlarge + dynamic.linux-c2xlarge-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-c2xlarge-arm64.aws-secret: aws-account + dynamic.linux-c2xlarge-arm64.ssh-secret: aws-ssh-key + dynamic.linux-c2xlarge-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-c2xlarge-arm64.max-instances: "20" + dynamic.linux-c2xlarge-arm64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-c4xlarge-arm64.type: aws + dynamic.linux-c4xlarge-arm64.region: us-east-1 + dynamic.linux-c4xlarge-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-c4xlarge-arm64.instance-type: c6g.4xlarge + dynamic.linux-c4xlarge-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-c4xlarge-arm64.aws-secret: aws-account + dynamic.linux-c4xlarge-arm64.ssh-secret: aws-ssh-key + dynamic.linux-c4xlarge-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-c4xlarge-arm64.max-instances: "20" + dynamic.linux-c4xlarge-arm64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-c8xlarge-arm64.type: aws + dynamic.linux-c8xlarge-arm64.region: us-east-1 + dynamic.linux-c8xlarge-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-c8xlarge-arm64.instance-type: c6g.8xlarge + dynamic.linux-c8xlarge-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-c8xlarge-arm64.aws-secret: aws-account + dynamic.linux-c8xlarge-arm64.ssh-secret: aws-ssh-key + dynamic.linux-c8xlarge-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-c8xlarge-arm64.max-instances: "20" + dynamic.linux-c8xlarge-arm64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-cxlarge-amd64.type: aws + dynamic.linux-cxlarge-amd64.region: us-east-1 + dynamic.linux-cxlarge-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-cxlarge-amd64.instance-type: c6a.xlarge + dynamic.linux-cxlarge-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-cxlarge-amd64.aws-secret: aws-account + dynamic.linux-cxlarge-amd64.ssh-secret: aws-ssh-key + dynamic.linux-cxlarge-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-cxlarge-amd64.max-instances: "10" + dynamic.linux-cxlarge-amd64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-c2xlarge-amd64.type: aws + dynamic.linux-c2xlarge-amd64.region: us-east-1 + dynamic.linux-c2xlarge-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-c2xlarge-amd64.instance-type: c6a.2xlarge + dynamic.linux-c2xlarge-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-c2xlarge-amd64.aws-secret: aws-account + dynamic.linux-c2xlarge-amd64.ssh-secret: aws-ssh-key + dynamic.linux-c2xlarge-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-c2xlarge-amd64.max-instances: "10" + dynamic.linux-c2xlarge-amd64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-c4xlarge-amd64.type: aws + dynamic.linux-c4xlarge-amd64.region: us-east-1 + dynamic.linux-c4xlarge-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-c4xlarge-amd64.instance-type: c6a.4xlarge + dynamic.linux-c4xlarge-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-c4xlarge-amd64.aws-secret: aws-account + dynamic.linux-c4xlarge-amd64.ssh-secret: aws-ssh-key + dynamic.linux-c4xlarge-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-c4xlarge-amd64.max-instances: "10" + dynamic.linux-c4xlarge-amd64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-c8xlarge-amd64.type: aws + dynamic.linux-c8xlarge-amd64.region: us-east-1 + dynamic.linux-c8xlarge-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-c8xlarge-amd64.instance-type: c6a.8xlarge + dynamic.linux-c8xlarge-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-c8xlarge-amd64.aws-secret: aws-account + dynamic.linux-c8xlarge-amd64.ssh-secret: aws-ssh-key + dynamic.linux-c8xlarge-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-c8xlarge-amd64.max-instances: "10" + dynamic.linux-c8xlarge-amd64.subnet-id: subnet-0c39ff75f819abfc5 + + dynamic.linux-root-arm64.type: aws + dynamic.linux-root-arm64.region: us-east-1 + dynamic.linux-root-arm64.ami: ami-03d6a5256a46c9feb + dynamic.linux-root-arm64.instance-type: m6g.large + dynamic.linux-root-arm64.key-name: konflux-prod-ext-mab01 + dynamic.linux-root-arm64.aws-secret: aws-account + dynamic.linux-root-arm64.ssh-secret: aws-ssh-key + dynamic.linux-root-arm64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-root-arm64.subnet-id: subnet-0c39ff75f819abfc5 + dynamic.linux-root-arm64.max-instances: "50" + dynamic.linux-root-arm64.sudo-commands: "/usr/bin/podman" + dynamic.linux-root-arm64.disk: "200" + dynamic.linux-root-arm64.iops: "16000" + dynamic.linux-root-arm64.throughput: "1000" + + + dynamic.linux-fast-amd64.type: aws + dynamic.linux-fast-amd64.region: us-east-1 + dynamic.linux-fast-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-fast-amd64.instance-type: c7a.8xlarge + dynamic.linux-fast-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-fast-amd64.aws-secret: aws-account + dynamic.linux-fast-amd64.ssh-secret: aws-ssh-key + dynamic.linux-fast-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-fast-amd64.subnet-id: subnet-0c39ff75f819abfc5 + dynamic.linux-fast-amd64.max-instances: "10" + dynamic.linux-fast-amd64.disk: "200" + # dynamic.linux-fast-amd64.iops: "16000" + # dynamic.linux-fast-amd64.throughput: "1000" + + dynamic.linux-extra-fast-amd64.type: aws + dynamic.linux-extra-fast-amd64.region: us-east-1 + dynamic.linux-extra-fast-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-extra-fast-amd64.instance-type: c7a.12xlarge + dynamic.linux-extra-fast-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-extra-fast-amd64.aws-secret: aws-account + dynamic.linux-extra-fast-amd64.ssh-secret: aws-ssh-key + dynamic.linux-extra-fast-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-extra-fast-amd64.subnet-id: subnet-0c39ff75f819abfc5 + dynamic.linux-extra-fast-amd64.max-instances: "10" + dynamic.linux-extra-fast-amd64.disk: "200" + # dynamic.linux-extra-fast-amd64.iops: "16000" + # dynamic.linux-extra-fast-amd64.throughput: "1000" + + dynamic.linux-root-amd64.type: aws + dynamic.linux-root-amd64.region: us-east-1 + dynamic.linux-root-amd64.ami: ami-026ebd4cfe2c043b2 + dynamic.linux-root-amd64.instance-type: m6idn.2xlarge + dynamic.linux-root-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-root-amd64.aws-secret: aws-account + dynamic.linux-root-amd64.ssh-secret: aws-ssh-key + dynamic.linux-root-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-root-amd64.subnet-id: subnet-0c39ff75f819abfc5 + dynamic.linux-root-amd64.max-instances: "10" + dynamic.linux-root-amd64.sudo-commands: "/usr/bin/podman" + dynamic.linux-root-amd64.user-data: |- + Content-Type: multipart/mixed; boundary="//" + MIME-Version: 1.0 + + --// + Content-Type: text/cloud-config; charset="us-ascii" + MIME-Version: 1.0 + Content-Transfer-Encoding: 7bit + Content-Disposition: attachment; filename="cloud-config.txt" + + #cloud-config + cloud_final_modules: + - [scripts-user, always] + + --// + Content-Type: text/x-shellscript; charset="us-ascii" + MIME-Version: 1.0 + Content-Transfer-Encoding: 7bit + Content-Disposition: attachment; filename="userdata.txt" + + #!/bin/bash -ex + + if lsblk -no FSTYPE /dev/nvme1n1 | grep -qE '\S'; then + echo "File system exists on the disk." + else + echo "No file system found on the disk /dev/nvme1n1" + mkfs -t xfs /dev/nvme1n1 + fi + + mount /dev/nvme1n1 /home + + if [ -d "/home/var-lib-containers" ]; then + echo "Directory '/home/var-lib-containers' exist" + else + echo "Directory '/home/var-lib-containers' doesn't exist" + mkdir -p /home/var-lib-containers /var/lib/containers + fi + + mount --bind /home/var-lib-containers /var/lib/containers + + if [ -d "/home/var-tmp" ]; then + echo "Directory '/home/var-tmp' exist" + else + echo "Directory '/home/var-tmp' doesn't exist" + mkdir -p /home/var-tmp /var/tmp + fi + + mount --bind /home/var-tmp /var/tmp + + if [ -d "/home/ec2-user" ]; then + echo "ec2-user home exists" + else + echo "ec2-user home doesn't exist" + mkdir -p /home/ec2-user/.ssh + chown -R ec2-user /home/ec2-user + fi + + sed -n 's,.*\(ssh-.*\s\),\1,p' /root/.ssh/authorized_keys > /home/ec2-user/.ssh/authorized_keys + chown ec2-user /home/ec2-user/.ssh/authorized_keys + chmod 600 /home/ec2-user/.ssh/authorized_keys + chmod 700 /home/ec2-user/.ssh + restorecon -r /home/ec2-user + + --//-- + + # Enable After the s390x issue is fixed. + + # dynamic.linux-s390x.type: ibmz + # dynamic.linux-s390x.ssh-secret: "ibm-ssh-key" + # dynamic.linux-s390x.secret: "ibm-api-key" + # dynamic.linux-s390x.vpc: "konflux-prod-multi-rh02" + # dynamic.linux-s390x.key: "konflux-s390x-root" + # dynamic.linux-s390x.subnet: "sn-20241213-02" + # dynamic.linux-s390x.image-id: "r006-20e160c3-58d7-4b3b-827f-9d7994b68095" + # dynamic.linux-s390x.region: "us-south-2" + # dynamic.linux-s390x.url: "https://us-south.iaas.cloud.ibm.com/v1" + # dynamic.linux-s390x.profile: "bz2-2x8" + # dynamic.linux-s390x.max-instances: "30" + # dynamic.linux-s390x.private-ip: "true" + +# GPU Instances + dynamic.linux-g6xlarge-amd64.type: aws + dynamic.linux-g6xlarge-amd64.region: us-east-1 + dynamic.linux-g6xlarge-amd64.ami: ami-0ad6c6b0ac6c36199 + dynamic.linux-g6xlarge-amd64.instance-type: g6.xlarge + dynamic.linux-g6xlarge-amd64.key-name: konflux-prod-ext-mab01 + dynamic.linux-g6xlarge-amd64.aws-secret: aws-account + dynamic.linux-g6xlarge-amd64.ssh-secret: aws-ssh-key + dynamic.linux-g6xlarge-amd64.security-group-id: sg-0fbf35ced0d59fd4a + dynamic.linux-g6xlarge-amd64.max-instances: "10" + dynamic.linux-g6xlarge-amd64.subnet-id: subnet-0c39ff75f819abfc5 + dynamic.linux-g6xlarge-amd64.user-data: |- + Content-Type: multipart/mixed; boundary="//" + MIME-Version: 1.0 + + --// + Content-Type: text/cloud-config; charset="us-ascii" + MIME-Version: 1.0 + Content-Transfer-Encoding: 7bit + Content-Disposition: attachment; filename="cloud-config.txt" + + #cloud-config + cloud_final_modules: + - [scripts-user, always] + + --// + Content-Type: text/x-shellscript; charset="us-ascii" + MIME-Version: 1.0 + Content-Transfer-Encoding: 7bit + Content-Disposition: attachment; filename="userdata.txt" + + #!/bin/bash -ex + + if lsblk -no FSTYPE /dev/nvme1n1 | grep -qE '\S'; then + echo "File system exists on the disk." + else + echo "No file system found on the disk /dev/nvme1n1" + mkfs -t xfs /dev/nvme1n1 + fi + + mount /dev/nvme1n1 /home + + if [ -d "/home/var-lib-containers" ]; then + echo "Directory '/home/var-lib-containers' exist" + else + echo "Directory '/home/var-lib-containers' doesn't exist" + mkdir -p /home/var-lib-containers /var/lib/containers + fi + + mount --bind /home/var-lib-containers /var/lib/containers + + if [ -d "/home/var-tmp" ]; then + echo "Directory '/home/var-tmp' exist" + else + echo "Directory '/home/var-tmp' doesn't exist" + mkdir -p /home/var-tmp /var/tmp + fi + + mount --bind /home/var-tmp /var/tmp + chmod a+rw /var/tmp + + if [ -d "/home/ec2-user" ]; then + echo "ec2-user home exists" + else + echo "ec2-user home doesn't exist" + mkdir -p /home/ec2-user/.ssh + chown -R ec2-user /home/ec2-user + fi + + sed -n 's,.*\(ssh-.*\s\),\1,p' /root/.ssh/authorized_keys > /home/ec2-user/.ssh/authorized_keys + chown ec2-user /home/ec2-user/.ssh/authorized_keys + chmod 600 /home/ec2-user/.ssh/authorized_keys + chmod 700 /home/ec2-user/.ssh + restorecon -r /home/ec2-user + + mkdir -p /etc/cdi + chmod a+rwx /etc/cdi + su - ec2-user + nvidia-ctk cdi generate --output=/etc/cdi/nvidia.yaml + --//-- diff --git a/components/multi-platform-controller/production/kustomization.yaml b/components/multi-platform-controller/production/kflux-prd-rh02/kustomization.yaml similarity index 92% rename from components/multi-platform-controller/production/kustomization.yaml rename to components/multi-platform-controller/production/kflux-prd-rh02/kustomization.yaml index fd24020be38..f14d638bdd9 100644 --- a/components/multi-platform-controller/production/kustomization.yaml +++ b/components/multi-platform-controller/production/kflux-prd-rh02/kustomization.yaml @@ -4,14 +4,14 @@ kind: Kustomization namespace: multi-platform-controller resources: -- ../base/common +- ../../base/common - host-config.yaml - external-secrets.yaml - https://github.com/konflux-ci/multi-platform-controller/deploy/operator?ref=644f445cdc34b9d52a00f0e3e6d3f08820f22e07 - https://github.com/konflux-ci/multi-platform-controller/deploy/otp?ref=644f445cdc34b9d52a00f0e3e6d3f08820f22e07 components: - - ../k-components/manager-resources + - ../../k-components/manager-resources images: - name: multi-platform-controller diff --git a/components/multi-platform-controller/production/external-secrets.yaml b/components/multi-platform-controller/production/stone-prd-rh01/external-secrets.yaml similarity index 100% rename from components/multi-platform-controller/production/external-secrets.yaml rename to components/multi-platform-controller/production/stone-prd-rh01/external-secrets.yaml diff --git a/components/multi-platform-controller/production/host-config.yaml b/components/multi-platform-controller/production/stone-prd-rh01/host-config.yaml similarity index 100% rename from components/multi-platform-controller/production/host-config.yaml rename to components/multi-platform-controller/production/stone-prd-rh01/host-config.yaml diff --git a/components/multi-platform-controller/production/stone-prd-rh01/kustomization.yaml b/components/multi-platform-controller/production/stone-prd-rh01/kustomization.yaml new file mode 100644 index 00000000000..f14d638bdd9 --- /dev/null +++ b/components/multi-platform-controller/production/stone-prd-rh01/kustomization.yaml @@ -0,0 +1,22 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: multi-platform-controller + +resources: +- ../../base/common +- host-config.yaml +- external-secrets.yaml +- https://github.com/konflux-ci/multi-platform-controller/deploy/operator?ref=644f445cdc34b9d52a00f0e3e6d3f08820f22e07 +- https://github.com/konflux-ci/multi-platform-controller/deploy/otp?ref=644f445cdc34b9d52a00f0e3e6d3f08820f22e07 + +components: + - ../../k-components/manager-resources + +images: +- name: multi-platform-controller + newName: quay.io/konflux-ci/multi-platform-controller + newTag: 644f445cdc34b9d52a00f0e3e6d3f08820f22e07 +- name: multi-platform-otp-server + newName: quay.io/konflux-ci/multi-platform-controller-otp-service + newTag: 644f445cdc34b9d52a00f0e3e6d3f08820f22e07