-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix host image builds on Arc runners
Arc runners are kubernetes-orchestrated github runners. Host image builds do not work on these runners, so this commit adapts the host image build workflow to spin up a worker VM which executes the build.
- Loading branch information
1 parent
6b347d2
commit 6ce7d97
Showing
13 changed files
with
476 additions
and
186 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
--- | ||
# This playbook is desinged to be used by the overcloud-host-image-build.yml | ||
# GitHub workflow to upload newly-built images to a development cloud for | ||
# testing and use in CI. | ||
- name: Upload an OS image to Glance | ||
hosts: seed | ||
vars: | ||
local_image_path: "/opt/kayobe/images/overcloud-{{ os_distribution }}-{{ os_release }}/overcloud-{{ os_distribution }}-{{ os_release }}.qcow2" | ||
image_name: "overcloud-{{ os_distribution }}-{{ os_release }}" | ||
tasks: | ||
- name: Write out clouds.yml | ||
copy: | ||
content: "{{ lookup('ansible.builtin.env', 'CLOUDS_YAML') }}" | ||
dest: clouds.yaml | ||
mode: 0664 | ||
|
||
- name: Write out secure.yml | ||
no_log: true | ||
vars: | ||
- os_secrets: | ||
clouds: | ||
openstack: | ||
auth: | ||
application_credential_id: "{{ lookup('ansible.builtin.env', 'OS_APPLICATION_CREDENTIAL_ID') }}" | ||
application_credential_secret: "{{ lookup('ansible.builtin.env', 'OS_APPLICATION_CREDENTIAL_SECRET') }}" | ||
copy: | ||
content: "{{ os_secrets | to_nice_yaml }}" | ||
dest: secure.yaml | ||
mode: 0664 | ||
|
||
- name: Ensure dependencies are installed | ||
pip: | ||
name: openstacksdk | ||
|
||
- name: Upload an image to Glance | ||
openstack.cloud.image: | ||
cloud: openstack | ||
name: "{{ image_name }}" | ||
container_format: bare | ||
disk_format: qcow2 | ||
state: present | ||
filename: "{{ local_image_path }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,8 @@ | ||
--- | ||
# Overcloud host image versioning tags | ||
# These images must be in SMS, since they are used by our AIO CI runners | ||
stackhpc_centos_8_stream_overcloud_host_image_version: "yoga-20230525T095243" | ||
stackhpc_rocky_8_overcloud_host_image_version: "yoga-20230629T135322" | ||
stackhpc_rocky_9_overcloud_host_image_version: "yoga-20240124T094316" | ||
stackhpc_ubuntu_focal_overcloud_host_image_version: "yoga-20230609T120720" | ||
stackhpc_ubuntu_jammy_overcloud_host_image_version: "yoga-20231012T121552" | ||
stackhpc_centos_8_stream_overcloud_host_image_version: "yoga-20240326T091511" | ||
stackhpc_rocky_8_overcloud_host_image_version: "yoga-20240326T091511" | ||
stackhpc_rocky_9_overcloud_host_image_version: "yoga-20240326T091511" | ||
stackhpc_ubuntu_focal_overcloud_host_image_version: "yoga-20240326T091511" | ||
stackhpc_ubuntu_jammy_overcloud_host_image_version: "yoga-20240326T091511" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
============================ | ||
Terraform Host Image Builder | ||
============================ | ||
|
||
This Terraform configuration deploys a single VM on an OpenStack cloud, to | ||
build overcloud host images. | ||
|
||
This configuration is used in the GitHub Actions overcloud-host-image-build.yml | ||
workflow. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
output "access_ip_v4" { | ||
value = openstack_compute_instance_v2.kayobe-host-image-builder.access_ip_v4 | ||
} | ||
|
||
output "access_interface" { | ||
value = var.host_image_builder_interface | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
#provider "openstack" { | ||
# use environment variables | ||
#} | ||
|
||
terraform { | ||
required_version = ">= 0.14" | ||
backend "local" { | ||
} | ||
required_providers { | ||
openstack = { | ||
source = "terraform-provider-openstack/openstack" | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
#cloud-config | ||
# Don't automatically mount ephemeral disk | ||
mounts: | ||
- [/dev/vdb, null] | ||
# WORKAROUND: internal DNS missing from SMS lab. (currently unused) | ||
runcmd: | ||
- 'echo "10.0.0.34 pelican pelican.service.compute.sms-lab.cloud" >> /etc/hosts' | ||
- 'echo "10.205.3.187 pulp-server pulp-server.internal.sms-cloud" >> /etc/hosts' | ||
# Configure SSH keys here, to avoid creating an ephemeral keypair. | ||
# This means only the instance needs to be cleaned up if the destroy fails. | ||
ssh_authorized_keys: | ||
- ${ssh_public_key} | ||
|
||
write_files: | ||
# WORKAROUND: https://bugs.launchpad.net/kolla-ansible/+bug/1995409 | ||
- content: | | ||
#!/bin/bash | ||
docker exec openvswitch_vswitchd ovs-vsctl "$@" | ||
owner: root:root | ||
path: /usr/bin/ovs-vsctl | ||
permissions: '0755' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
ssh_public_key = "id_rsa.pub" | ||
ssh_username = "rocky" | ||
host_image_builder_name = "skc-ci-host-image-builder" | ||
# Must be a Rocky Linux 9 host to successfully build all images | ||
# This MUST NOT be an LVM image. It can cause confusing conficts with the built image. | ||
host_image_builder_image = "Rocky-9-GenericCloud-Base-9.3-20231113.0.x86_64.qcow2" | ||
host_image_builder_flavor = "en1.medium" | ||
host_image_builder_network = "stackhpc-ci" | ||
host_image_builder_subnet = "stackhpc-ci" | ||
host_image_builder_interface = "eth0" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,98 @@ | ||
variable "ssh_public_key" { | ||
type = string | ||
} | ||
|
||
variable "ssh_username" { | ||
type = string | ||
} | ||
|
||
variable "host_image_builder_name" { | ||
type = string | ||
default = "kayobe-host-image-builder" | ||
} | ||
|
||
variable "host_image_builder_image" { | ||
type = string | ||
default = "Rocky-9" | ||
} | ||
|
||
variable "host_image_builder_interface" { | ||
type = string | ||
default = "eth0" | ||
} | ||
|
||
variable "host_image_builder_flavor" { | ||
type = string | ||
} | ||
|
||
variable "host_image_builder_network" { | ||
type = string | ||
} | ||
|
||
variable "host_image_builder_subnet" { | ||
type = string | ||
} | ||
|
||
variable "host_image_builder_volume_size" { | ||
type = number | ||
default = 150 | ||
} | ||
|
||
variable "host_image_builder_tags" { | ||
type = list(string) | ||
default = [] | ||
} | ||
|
||
locals { | ||
image_is_uuid = length(regexall("^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$", var.host_image_builder_image)) > 0 | ||
} | ||
|
||
data "openstack_images_image_v2" "image" { | ||
name = var.host_image_builder_image | ||
most_recent = true | ||
count = local.image_is_uuid ? 0 : 1 | ||
} | ||
|
||
data "openstack_networking_subnet_v2" "network" { | ||
name = var.host_image_builder_subnet | ||
} | ||
|
||
resource "openstack_compute_instance_v2" "kayobe-host-image-builder" { | ||
name = var.host_image_builder_name | ||
flavor_name = "en1.medium" | ||
config_drive = true | ||
user_data = templatefile("templates/userdata.cfg.tpl", {ssh_public_key = file(var.ssh_public_key)}) | ||
network { | ||
name = var.host_image_builder_network | ||
} | ||
|
||
block_device { | ||
uuid = local.image_is_uuid ? var.host_image_builder_image: data.openstack_images_image_v2.image[0].id | ||
source_type = "image" | ||
volume_size = var.host_image_builder_volume_size | ||
boot_index = 0 | ||
destination_type = "volume" | ||
delete_on_termination = true | ||
} | ||
|
||
tags = var.host_image_builder_tags | ||
} | ||
|
||
# Wait for the instance to be accessible via SSH before progressing. | ||
resource "null_resource" "kayobe-host-image-builder" { | ||
provisioner "remote-exec" { | ||
connection { | ||
host = openstack_compute_instance_v2.kayobe-host-image-builder.access_ip_v4 | ||
user = var.ssh_username | ||
private_key = file("id_rsa") | ||
# Terraform will run the start script from /tmp by default. For the | ||
# current images, /tmp is noexec, so the path must be changed | ||
script_path = "/home/${var.ssh_username}/start.sh" | ||
} | ||
|
||
inline = [ | ||
"#!/bin/sh", | ||
"echo 'connected!'" | ||
] | ||
} | ||
} |