openshift disconnected: improve okd support

kvirt/baseconfig.py

@@ -1127,13 +1127,13 @@ def list_apps_openshift(self, quiet=True, installed=False):
     def download_openshift_installer(self, overrides={}):
         OPENSHIFT_TAG = kdefaults.OPENSHIFT_TAG
         pull_secret = overrides.get('pull_secret') or 'openshift_pull.json'
-        upstream = overrides.get('upstream') or False
+        okd = overrides.get('okd') or False
         baremetal = overrides.get('baremetal') or False
         tag = overrides.get('tag') or OPENSHIFT_TAG
         version = overrides.get('version') or detect_openshift_version(tag, OPENSHIFT_TAG)
         macosx = os.path.exists('/Users')
-        if upstream:
-            run = openshift.get_upstream_installer(tag, version=version, debug=self.debug)
+        if okd:
+            run = openshift.get_okd_installer(tag, version=version, debug=self.debug)
         elif version in ['ci', 'nightly']:
             nightly = version == 'nightly'
             run = openshift.get_ci_installer(pull_secret, tag=tag, macosx=macosx, debug=self.debug, nightly=nightly,

kvirt/cluster/openshift/__init__.py

@@ -333,7 +333,7 @@ def get_downstream_installer(version='stable', macosx=False, tag=None, debug=Fal
     return call(cmd, shell=True)
 
 
-def get_upstream_installer(tag, version='stable', debug=False):
+def get_okd_installer(tag, version='stable', debug=False):
     if 'quay.io' not in str(tag) and 'registry.ci.openshift.org' not in str(tag):
         if version == 'candidate':
             url = "https://amd64.origin.releases.ci.openshift.org/api/v1/releasestream/4-scos-next/latest"
@@ -692,7 +692,7 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
             return {'result': 'failure', 'reason': f'domain {domain} needs to exist'}
     original_domain = None
     async_install = data['async']
-    upstream = data['upstream']
+    okd = data['okd']
     autoscale = data['autoscale']
     sslip = data['sslip']
     if 'baremetal_hosts' not in data and 'bmc_url' in data:
@@ -876,7 +876,7 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
     ctlplanes = data['ctlplanes']
     workers = data['workers']
     tag = data['tag']
-    pull_secret = pwd_path(data.get('pull_secret')) if not upstream else f"{plandir}/fake_pull.json"
+    pull_secret = pwd_path(data.get('pull_secret')) if not okd else f"{plandir}/fake_pull.json"
     pull_secret = os.path.expanduser(pull_secret)
     macosx = data['macosx']
     if macosx and not os.path.exists('/i_am_a_container'):
@@ -936,8 +936,8 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
     if which_openshift is not None and not has_internet():
         pprint("Using existing openshift-install found in your PATH")
         warning("Not checking version")
-    elif upstream:
-        run = get_upstream_installer(tag, version=version)
+    elif okd:
+        run = get_okd_installer(tag, version=version)
     elif not same_release_images(version=version, tag=tag, pull_secret=pull_secret, path=openshift_dir):
         if version in ['ci', 'nightly'] or '/' in str(tag):
             nightly = version == 'nightly'
@@ -981,7 +981,7 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
         image_type = provider
         region = k.region if provider == 'aws' else None
         try:
-            if upstream:
+            if okd:
                 fcos_url = 'https://builds.coreos.fedoraproject.org/streams/stable.json'
                 image_url = get_latest_fcos(fcos_url, _type=image_type)
             else:

kvirt/cluster/openshift/disconnected/mirror-config.yaml

@@ -10,7 +10,8 @@ mirror:
   platform:
     graph: false
 {% if version in ['ci', 'nightly'] %}
-    release: registry.ci.openshift.org/ocp/release:{{ tag }}
+{% set release = 'origin/release-scos:scos-%s' % tag if okd else 'registry.ci.openshift.org/ocp/release:%s' % tag %}
+    release: registry.ci.openshift.org/{{ release }}
 {% else %}
     channels:
     - name: {{ 'candidate' if 'rc' in tag else version }}-{{ release }}

kvirt/cluster/openshift/disconnected/scripts/02_packages.sh → kvirt/cluster/openshift/disconnected/scripts/01_packages.sh

@@ -5,3 +5,7 @@ else
 apt-get update
 apt-get -y install podman apache2 apache2-utils jq skopeo haproxy
 fi
+
+curl https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/stable/openshift-client-linux.tar.gz | tar zxf - oc
+chmod +x oc
+mv oc /root/bin

kvirt/cluster/openshift/disconnected/scripts/04_mirror.sh → kvirt/cluster/openshift/disconnected/scripts/03_mirror.sh

@@ -13,7 +13,7 @@ jq ".transports.docker += {\"registry.redhat.io/redhat/certified-operator-index\
 mv /etc/containers/policy.json.new /etc/containers/policy.json
 
 {% if version == 'ci' %}
-export OCP_RELEASE={{ tag }}
+export OCP_RELEASE={{ "scos-%s" % tag if okd else tag }}
 
 {% elif version in ['nightly', 'stable'] %}
 
@@ -33,18 +33,19 @@ OCP_RELEASE=$(grep 'Name:' /tmp/release.txt | awk -F ' ' '{print $2}')-x86_64
 {% endif %}
 
 {% if version == 'ci' %}
-{% set namespace = 'ocp/release' %}
-{% elif version == 'candidate' %}
-{% set namespace = 'openshift/release-images' %}
-{% else %}
-{% set namespace = 'openshift-release-dev/ocp-release' %}
+{% set namespace = 'origin/release-scos' if okd else 'openshift-release-dev/ocp-release' %}
 {% endif %}
 NAMESPACE={{ namespace }}
 echo $REGISTRY:5000/$NAMESPACE:$OCP_RELEASE > /root/version.txt
 
 REGISTRY_USER={{ disconnected_user }}
 REGISTRY_PASSWORD={{ disconnected_password }}
 podman login -u $REGISTRY_USER -p $REGISTRY_PASSWORD $REGISTRY:5000
+
+KEY=$( echo -n $REGISTRY_USER:$REGISTRY_PASSWORD | base64)
+mv /root/openshift_pull.json /root/openshift_pull.json.old
+jq ".auths += {\"$REGISTRY:5000\": {\"auth\": \"$KEY\",\"email\": \"[email protected]\"}}" < /root/openshift_pull.json.old > /root/openshift_pull.json
+
 REDHAT_CREDS=$(cat /root/openshift_pull.json | jq .auths.\"registry.redhat.io\".auth -r | base64 -d)
 RHN_USER=$(echo $REDHAT_CREDS | cut -d: -f1)
 RHN_PASSWORD=$(echo $REDHAT_CREDS | cut -d: -f2)
@@ -63,18 +64,7 @@ cp -f /root/openshift_pull.json /root/.docker/config.json
 oc-mirror --v2 --workspace file:// --config=mirror-config.yaml docker://$REGISTRY:5000
 
 {% if prega %}
-[ ! -d /root/idms ] || rm -rf /root/idms
-mkdir /root/idms
-sed -i -e '/source:/!b;/bundle/b;/cincinnati/b;s,quay.io/prega/test/,registry.redhat.io/,' /root/oc-mirror-workspace/results-*/*imageContentSourcePolicy.yaml
-oc adm migrate icsp /root/oc-mirror-workspace/results-*/*imageContentSourcePolicy.yaml --dest-dir /root/idms
+sed -i '[email protected]/prega/[email protected]@' /root/working-dir/cluster-resources/idms-oc-mirror.yaml
 {% endif %}
 
-if [ -d /root/idms ] ; then
-  cp /root/idms/*yaml /root/manifests/imageContentSourcePolicy.yaml
-fi
 cp /root/working-dir/cluster-resources/{cs*,*oc-mirror*} /root
-
-KEY=$( echo -n $REGISTRY_USER:$REGISTRY_PASSWORD | base64)
-jq ".auths += {\"$REGISTRY:5000\": {\"auth\": \"$KEY\",\"email\": \"[email protected]\"}}" < $PULL_SECRET > /root/temp.json
-cat /root/temp.json | tr -d [:space:] > $PULL_SECRET
-echo "{\"auths\": {\"$REGISTRY:5000\": {\"auth\": \"$KEY\", \"email\": \"[email protected]\"}}}" > /root/temp.json

kvirt/cluster/openshift/disconnected/scripts/deploy.sh

@@ -1,14 +1,12 @@
 blue='\033[0;36m'
 clear='\033[0m'
-echo -e "${blue}************ RUNNING 01_get_oc.sh ************${clear}"
-bash /root/scripts/01_get_oc.sh
-echo -e "${blue}************ RUNNING 02_packages.sh ************${clear}"
-bash /root/scripts/02_packages.sh
-echo -e "${blue}************ RUNNING 03_registry.sh ************${clear}"
-bash /root/scripts/03_registry.sh
+echo -e "${blue}************ RUNNING 01_packages.sh ************${clear}"
+bash /root/scripts/01_packages.sh
+echo -e "${blue}************ RUNNING 02_registry.sh ************${clear}"
+bash /root/scripts/02_registry.sh
 {% if disconnected_sync %}
-echo -e "${blue}************ RUNNING 04_mirror.sh ************${clear}"
-bash /root/scripts/04_mirror.sh
+echo -e "${blue}************ RUNNING 03_mirror.sh ************${clear}"
+bash /root/scripts/03_mirror.sh
 {% endif %}
-echo -e "${blue}************ RUNNING 05_web.sh ************${clear}"
-bash /root/scripts/05_web.sh
+echo -e "${blue}************ RUNNING 04_web.sh ************${clear}"
+bash /root/scripts/04_web.sh

kvirt/cluster/openshift/install-config.yaml

@@ -148,6 +148,6 @@ imageContentSources:
   - {{ disconnected_url }}/openshift-release-dev
   source: quay.io/openshift-release-dev
 - mirrors:
-  - {{ disconnected_url }}/openshift-release-dev
-  source: registry.ci.openshift.org/ocp/release
+  - {{ disconnected_url }}/{{ 'origin' if okd else 'openshift-release-dev' }}
+  source: registry.ci.openshift.org/{{ 'origin/scos-release' if okd else 'ocp/release' }}
 {% endif %}

kvirt/cluster/openshift/kcli_default.yml

@@ -153,7 +153,7 @@ sslip: false
 pub_key:
 baremetal_cidr:
 manifests: manifests
-upstream: false
+okd: false
 autoscale: false
 calico_version:
 cilium_version:

kvirt/config.py

@@ -3160,7 +3160,7 @@ def create_openshift_registry(self, plan, overrides={}):
         data['OPENSHIFT_TAG'] = OPENSHIFT_TAG
         plandir = os.path.dirname(openshift.create.__code__.co_filename)
         cluster = data.get('cluster', 'myopenshift')
-        upstream = data.get('upstream', False)
+        okd = data.get('okd', False)
         tag = data.get('tag', OPENSHIFT_TAG)
         version = data.get('version') or detect_openshift_version(tag, OPENSHIFT_TAG)
         pprint(f"Using version {version} and tag {tag}")
@@ -3169,8 +3169,8 @@ def create_openshift_registry(self, plan, overrides={}):
         registry_sync = data.get('disconnected_sync', True)
         pprint(f"Deploying registry vm {registry_vm}")
         if registry_sync:
-            pull_secret = pwd_path(data.get('pull_secret')) if not upstream else f"{plandir}/fake_pull.json"
-            if not upstream:
+            pull_secret = pwd_path(data.get('pull_secret')) if not okd else f"{plandir}/fake_pull.json"
+            if not okd:
                 pull_secret = pwd_path(data.get('pull_secret', 'openshift_pull.json'))
             else:
                 pull_secret = f"{plandir}/fake_pull.json"