Skip to content

Commit

Permalink
Move wow from dev-tools
Browse files Browse the repository at this point in the history
  • Loading branch information
@mboukhalfa
mboukhalfa committed Jan 31, 2024
1 parent c1e7a06 commit 5d020ef
Show file tree
Hide file tree
Showing 6 changed files with 579 additions and 0 deletions.
64 changes: 64 additions & 0 deletions wow/Upgrade-image.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
# Metal3 node and openstack images upgrading

## 1. Download the vanilla image

- **Ubuntu**

Download the target raw version from [ubuntu.com](https://cloud-images.ubuntu.com/)
then convert it to `qcow2`

```console
qemu-img convert -O qcow2 ubuntu-22.04-server-cloudimg-amd64.img ubuntu-22.04-server-cloudimg-amd64.qcow2
```

- **Centos**

Download the target qcow2 version directly from
[centos.org](https://cloud.centos.org/centos/9-stream/x86_64/images/)

## 2. Upload the qcow2 to both regions in citycloud

The region target can be specified in the openstack rc-file, download
and source the rc-file then run

```sh
openstack image create --disk-format qcow2 --container-format bare \
--private --file ./Centos-7-9-22.qcow2 CentOS-Stream-9-20220829
```

## 3. Update the source image name in the dev-tools

Create a PR to update the source image name `SOURCE_IMAGE_NAME` that
will be used when running the image building job, [for example](
https://github.com/Nordix/metal3-dev-tools/pull/592/files).

## 4. Trigger image building job

Once the dev-tools PR get merged, the image building job will be
triggered automatically and build node images with the default
kubernetes version and the openstack images in the different regions,
but you still need to re-trigger the job manually from jenkins to build
the node images with old kubernetes versions needed. (Login to Jenkins
go to openstack_node_image_building Job and click "Build with
Parameters" after that set the kubernetes version needed).

The main tests usually use two node images with different kubernetes
minor versions needed when testing kubernetes upgrade. check
`KUBERNETES_VERSION` and `UPGRADED_K8S_VERSION` in dev-env.

The older CAPM3 releases might still need different kubernetes versions
for their tests!

## 5. Update dev-env and CAPM3

After building all the necessary images and uploading them, we need to
update the images name and location in dev-env and CAPM3 repos. Example
PRs:
[dev-env uplift](https://github.com/metal3-io/metal3-dev-env/pull/1069/files),
[CAPM3 uplift](https://github.com/metal3-io/cluster-api-provider-metal3/pull/712/files).
Please to be noted, we might need to back port the updates to the old
releases in CAPM3.

For PR testing, it is preferred to start with dev-env since the CAPM3 PR
depends on dev-env but both PR need to go in together since after
changing dev-env CAPM3 might be failing.
80 changes: 80 additions & 0 deletions wow/cleura.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
# Cleura Openstack

## Overview

Our Openstack infrastructure is provided by Cleura. The main interface is the
web UI and can be accessed [here](https://cleura.cloud). You will need
to have an account there, you can ask the team to get one.

## Accessing the Openstack API

In order to access the openstack API, you need to create a user. The web page to
do so can be accessed in the menu, API -> Native Openstack API. You then need to
add the projects to which the user will be authorized. Once done, you can
download an `openstack.rc` file for each of the projects you need to access

## Projects

We have three projects :

- **default**: The CI project, please do not create machines there
- **dev**: The developers project
- **dev2**: The second developers project

For development purposes, please use either *dev* or *dev2*

## Connectivity

In the *dev* and *dev2* projects, we have a jumphost as a bastion host. No
floating IP should be given to the VMs directly except the jumphost. All SSH
access goes through the jumphosts.

## Example SSH config

In order to access the dev VMs (`10.101.10.*` or `10.201.10.*`), the SSH traffic
needs to go through the jumphost. If you want to SSH to the jumphost itself,
please use the metal3ci account with the correct SSH key.

Replace user by your username in the following script

```bash
Host dev_jumphost
User <user>
IdentityFile /home/<user>/.ssh/id_rsa
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
Hostname 188.212.109.109
Host 10.101.10.*
User ubuntu
IdentityFile /home/<user>/.ssh/id_rsa
StrictHostKeyChecking no
UserKnownHostsFile no
ProxyCommand ssh -W %h:%p dev_jumphost
Host dev2_jumphost
User <user>
IdentityFile /home/<user>/.ssh/id_rsa
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
Hostname 188.95.226.253
Host 10.201.10.*
User ubuntu
IdentityFile /home/<user>/.ssh/id_rsa
StrictHostKeyChecking no
UserKnownHostsFile no
ProxyCommand ssh -W %h:%p dev2_jumphost
```

## Create a VM

You can create the VM through the web UI or the API as you wish, as long as it
follows those rules:

- no floating IP
- port security and security group set (*default* allows only ssh as incoming
traffic from the jumphost or other machines in the default security group).
You can create your own security group if needed.
- sensible specs (we are sharing resources)
- network connectivity : metal3-ext-dev only , no direct connection to the
external network
- don't use passwords but SSH keys
- delete your machine when you don't need it anymore
Loading

0 comments on commit 5d020ef

Please sign in to comment.