From 04c511f02b45457aa45aa312e914e2649d8ad3de Mon Sep 17 00:00:00 2001
From: Josh Cox <joshuacox@users.noreply.github.com>
Date: Mon, 8 Jul 2019 13:30:14 -0500
Subject: [PATCH] Releasing 1.14.2 (#48)

Signed-off-by: Josh Cox <josh@webhosting.coop>
---
 Makefile                     |   4 +-
 bootstrap                    |  13 ++--
 lib/ingress.bash             |  40 ++++++++++++
 lib/istio.bash               |   4 +-
 lib/kcsv.bash                |   8 ++-
 lib/kvars.bash               |   1 +
 lib/net.bash                 |   6 +-
 lib/parse_opts.bash          |   7 +++
 lib/qemu.bash                | 116 ++++++++++++++++++++++++++++++++++-
 lib/storage.bash             |   2 +-
 lib/yaml.bash                |  13 +++-
 submodules/istio             |   2 +-
 submodules/openshift-ansible |   2 +-
 submodules/rook              |   2 +-
 14 files changed, 201 insertions(+), 19 deletions(-)

diff --git a/Makefile b/Makefile
index 317f9c7e..b608cbca 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,7 @@
 # Reactionetes Makefile
 
 # define various versions
-$(eval ISTIO_VERSION := 1.1.5)
+$(eval ISTIO_VERSION := 1.2.2)
 $(eval PACKER_VERSION:=1.4.0)
 $(eval ONESSL_VERSION := 0.10.0)
 
@@ -412,7 +412,7 @@ cfssl:
 
 jinja2:
 	#pip install --user jinja2 jinja2-cli
-	pip install --user jinja2 jinja2
+	pip install --user jinja2-cli
 
 anaconda: $(KUBASH_BIN)/Anaconda.sh
 	bash $(KUBASH_BIN)/Anaconda.sh
diff --git a/bootstrap b/bootstrap
index e0341b42..4a5b9d6d 100755
--- a/bootstrap
+++ b/bootstrap
@@ -99,17 +99,18 @@ flight_checks () {
 main () {
   . /etc/os-release
 
-  if [[ "$NAME" = 'Debian' || $NAME = 'Ubuntu'   ]]; then
+  if [[ "$NAME" = 'Debian GNU/Linux' || $NAME = 'Ubuntu'   ]]; then
+    DEB_PKG_GET='jq git build-essential golang unzip curl wget parallel ansible rlwrap rsync nmap python-pip virtinst qemu-kvm libvirt-clients libvirt-daemon-system'
     if type "apt-get" &> /dev/null; then
-      sudo apt-get install jq git build-essential golang unzip curl wget parallel ansible rlwrap rsync
+      sudo apt-get install $DEB_PKG_GET
     fi
   elif [[ "$NAME" = 'CentOS Linux' ]]; then
     if type "yum" &> /dev/null; then
-      sudo yum install jq git build-essential golang unzip curl wget parallel ansible rlwrap rsync
+      sudo yum install jq git build-essential golang unzip curl wget parallel ansible rlwrap rsync nmap
     fi
   elif [[ "$NAME" = 'Arch Linux' ]]; then
     if type "powerpill" &> /dev/null; then
-      ARCH_PKG_GET='jq git make go unzip curl wget parallel ansible rlwrap python-pip openbsd-netcat rsync'
+      ARCH_PKG_GET='jq git make go unzip curl wget parallel ansible rlwrap python-pip openbsd-netcat rsync nmap'
       sudo pacman -Sy
       sudo powerpill -S $ARCH_PKG_GET
     elif type "pacman" &> /dev/null; then
@@ -124,7 +125,6 @@ main () {
   check_cmd uname
   check_cmd go
   check_cmd pip
-  check_cmd npm
   check_cmd make
   check_cmd parallel
   check_cmd 'grep'
@@ -146,6 +146,9 @@ main () {
   export NVM_DIR="$HOME/.nvm"
   [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm
   [ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"  # This loads nvm bash_completion
+  nvm install --lts
+  nvm alias default
+  check_cmd npm
   make jinja2
   make yaml2json
   check_install ct
diff --git a/lib/ingress.bash b/lib/ingress.bash
index 637c5e12..dbd7e2bc 100755
--- a/lib/ingress.bash
+++ b/lib/ingress.bash
@@ -51,6 +51,46 @@ taint_all_ingress () {
   fi
 }
 
+mark_ingress () {
+  squawk 1 " mark_ingress $@"
+  count_ingress=0
+  for ingress_node in "$@"
+  do
+    squawk 5 "kubectl --kubeconfig=$KUBECONFIG label --overwrite node $ingress_node ingress=true"
+    kubectl --kubeconfig=$KUBECONFIG label --overwrite node $ingress_node ingress=true
+    ((++count_ingress))
+  done
+  if [[ $count_ingress -eq 0 ]]; then
+    croak 3  'No ingress nodes found!'
+  fi
+}
+
+mark_all_ingress () {
+  squawk 1 " mark_all_ingress $@"
+  count_all_ingress=0
+  nodes_to_mark=' '
+  while IFS="," read -r $csv_columns
+  do
+    squawk 185 "ROLE $K8S_role $K8S_user $K8S_ip1 $K8S_sshPort"
+    if [[ "$K8S_role" = "ingress" ]]; then
+      squawk 5 "ROLE $K8S_role $K8S_user $K8S_ip1 $K8S_sshPort"
+      squawk 121 "nodes_to_mark $K8S_node $nodes_to_mark"
+      new_nodes_to_mark="$K8S_node $nodes_to_mark"
+      nodes_to_mark="$new_nodes_to_mark"
+      ((++count_all_ingress))
+    fi
+  done <<< "$kubash_hosts_csv_slurped"
+  echo "count_all_ingress $count_all_ingress"
+  if [[ $count_all_ingress -eq 0 ]]; then
+    squawk 150 "slurpy -----> $(echo $kubash_hosts_csv_slurped)"
+    croak 3  'No ingress nodes found!!!'
+  else
+    squawk 185 "ROLE $K8S_role $K8S_user $K8S_ip1 $K8S_sshPort"
+    squawk 101 "mark these nodes_to_mark=$K8S_node $nodes_to_mark"
+    mark_ingress $nodes_to_mark
+  fi
+}
+
 do_voyager () {
   squawk 1 " do_voyager"
   taint_all_ingress
diff --git a/lib/istio.bash b/lib/istio.bash
index e8b57155..bdfcd9c2 100755
--- a/lib/istio.bash
+++ b/lib/istio.bash
@@ -25,7 +25,7 @@ do_istio () {
     sleep 1
     ISTIO_CRD_COUNT=0
     countzero=0
-    while [[ $ISTIO_CRD_COUNT -lt 58 ]]
+    while [[ $ISTIO_CRD_COUNT -lt 28 ]]
     do
       ISTIO_CRD_COUNT=$(kubectl get crds | grep 'istio.io\|certmanager.k8s.io' | wc -l)
       if [[ $countzero > 15 ]]; then
@@ -47,6 +47,8 @@ do_istio () {
       --set certmanager.email=$LETSENCRYPT_EMAIL \
       --set global.k8sIngress.enabled=true \
       --set global.k8sIngress.enableHttps=true \
+      --set gateways.istio-ingressgateway.nodeSelector.ingress='"true"' \
+      --set gateways.istio-ingressgateway.type=$ISTIO_GATEWAY_TYPE \
       --set gateways.istio-ingressgateway.sds.enabled=true \
       --set global.k8sIngress.gatewayName=ingressgateway \
       --set "kiali.dashboard.grafanaURL=http://grafana:3000" \
diff --git a/lib/kcsv.bash b/lib/kcsv.bash
index c75fc19e..aaf4252c 100755
--- a/lib/kcsv.bash
+++ b/lib/kcsv.bash
@@ -4,7 +4,9 @@ user_csv_columns="user_email user_role"
 uniq_hosts_list_columns="K8S_provisionerHost K8S_provisionerUser K8S_provisionerPort K8S_provisionerBasePath K8S_os K8S_virt"
 
 test_kubash_csv_ver () {
-  if [ "$KUBASH_CSV_VER" = '3.0.0' ]; then
+  if [ "$KUBASH_CSV_VER" = '4.0.0' ]; then
+    uniq_hosts="$(grep -v '^#' $KUBASH_PROVISION_CSV|cut -d, -f13,14,15,16,17,18|sort|uniq)"
+  elif [ "$KUBASH_CSV_VER" = '3.0.0' ]; then
     uniq_hosts="$(grep -v '^#' $KUBASH_PROVISION_CSV|cut -d, -f13,14,15,16,17,18|sort|uniq)"
   elif [ "$KUBASH_CSV_VER" = '2.0.0' ]; then
     uniq_hosts="$(grep -v '^#' $KUBASH_PROVISION_CSV|cut -d, -f13,14,15,16,17,18|sort|uniq)"
@@ -23,7 +25,9 @@ set_csv_columns () {
   else
     KUBASH_CSV_VER=$(cat $KUBASH_CSV_VER_FILE)
   fi
-  if [ "$KUBASH_CSV_VER" = '3.0.0' ]; then
+  if [ "$KUBASH_CSV_VER" = '4.0.0' ]; then
+    csv_columns="K8S_node K8S_role K8S_cpuCount K8S_Memory K8S_sshPort K8S_network1 K8S_mac1 K8S_ip1 K8S_routingprefix1 K8S_subnetmask1 K8S_broadcast1 K8S_gateway1 K8S_provisionerHost K8S_provisionerUser K8S_provisionerPort K8S_provisionerBasePath K8S_os K8S_virt K8S_network2 K8S_mac2 K8S_ip2 K8S_routingprefix2 K8S_subnetmask2 K8S_broadcast2 K8S_gateway2 K8S_network3 K8S_mac3 K8S_ip3 K8S_routingprefix3 K8S_subnetmask3 K8S_broadcast3 K8S_gateway3 K8S_iscsitarget K8S_iscsichapusername K8S_iscsichappassword K8S_iscsihost K8S_storagePath K8S_storageType K8S_storageSize"
+  elif [ "$KUBASH_CSV_VER" = '3.0.0' ]; then
     csv_columns="K8S_node K8S_role K8S_cpuCount K8S_Memory K8S_sshPort K8S_network1 K8S_mac1 K8S_ip1 K8S_routingprefix1 K8S_subnetmask1 K8S_broadcast1 K8S_gateway1 K8S_provisionerHost K8S_provisionerUser K8S_provisionerPort K8S_provisionerBasePath K8S_os K8S_virt K8S_network2 K8S_mac2 K8S_ip2 K8S_routingprefix2 K8S_subnetmask2 K8S_broadcast2 K8S_gateway2 K8S_network3 K8S_mac3 K8S_ip3 K8S_routingprefix3 K8S_subnetmask3 K8S_broadcast3 K8S_gateway3 K8S_iscsitarget K8S_iscsichapusername K8S_iscsichappassword K8S_iscsihost"
   elif [ "$KUBASH_CSV_VER" = '2.0.0' ]; then
     csv_columns="K8S_node K8S_role K8S_cpuCount K8S_Memory K8S_sshPort K8S_network1 K8S_mac1 K8S_ip1 K8S_routingprefix1 K8S_subnetmask1 K8S_broadcast1 K8S_gateway1 K8S_provisionerHost K8S_provisionerUser K8S_provisionerPort K8S_provisionerBasePath K8S_os K8S_virt K8S_network2 K8S_mac2 K8S_ip2 K8S_routingprefix2 K8S_subnetmask2 K8S_broadcast2 K8S_gateway2 K8S_network3 K8S_mac3 K8S_ip3 K8S_routingprefix3 K8S_subnetmask3 K8S_broadcast3 K8S_gateway3"
diff --git a/lib/kvars.bash b/lib/kvars.bash
index 2e30c663..d249d3a9 100755
--- a/lib/kvars.bash
+++ b/lib/kvars.bash
@@ -66,6 +66,7 @@
 : ${VOYAGER_VERSION:='9.0.0'}
 : ${VOYAGER_ADMISSIONWEBHOOK:='--set apiserver.enableAdmissionWebhook=true'}
 : ${LINKERD_URL:='https://raw.githubusercontent.com/linkerd/linkerd-examples/master/k8s-daemonset/k8s/linkerd-ingress-controller.yml'}
+: ${ISTIO_GATEWAY_TYPE=LoadBalancer}
 : ${TAB_1:='  '}
 : ${TAB_2:='    '}
 : ${TAB_3:='      '}
diff --git a/lib/net.bash b/lib/net.bash
index bbd086a1..b975aff5 100755
--- a/lib/net.bash
+++ b/lib/net.bash
@@ -182,7 +182,11 @@ refresh_network_addresses () {
       done
       set -e
       KUBASH_CSV_VER=$(cat $KUBASH_CSV_VER_FILE)
-      if [ "$KUBASH_CSV_VER" = '3.0.0' ]; then
+      if [ "$KUBASH_CSV_VER" = '4.0.0' ]; then
+        squawk 6 "$K8S_node,$K8S_role,$K8S_cpuCount,$K8S_Memory,$K8S_sshPort,$K8S_network1,$K8S_mac1,$this_node_ip,$K8S_routingprefix1,$K8S_subnetmask1,$K8S_broadcast1,$K8S_gateway1,$K8S_provisionerHost,$K8S_provisionerUser,$K8S_provisionerPort,$K8S_provisionerBasePath,$K8S_os,$K8S_virt,$K8S_network2,$K8S_mac2,$K8S_ip2,$K8S_routingprefix2,$K8S_subnetmask2,$K8S_broadcast2,$K8S_gateway2,$K8S_network3,$K8S_mac3,$K8S_ip3,$K8S_routingprefix3,$K8S_subnetmask3,$K8S_broadcast3,$K8S_gateway3,$K8S_iscsitarget,$K8S_iscsichapusername,$K8S_iscsichappassword,$K8S_iscsihost,$K8S_storagePath,$K8S_storageType,$K8S_storageSize"
+        echo "$K8S_node,$K8S_role,$K8S_cpuCount,$K8S_Memory,$K8S_sshPort,$K8S_network1,$K8S_mac1,$this_node_ip,$K8S_routingprefix1,$K8S_subnetmask1,$K8S_broadcast1,$K8S_gateway1,$K8S_provisionerHost,$K8S_provisionerUser,$K8S_provisionerPort,$K8S_provisionerBasePath,$K8S_os,$K8S_virt,$K8S_network2,$K8S_mac2,$K8S_ip2,$K8S_routingprefix2,$K8S_subnetmask2,$K8S_broadcast2,$K8S_gateway2,$K8S_network3,$K8S_mac3,$K8S_ip3,$K8S_routingprefix3,$K8S_subnetmask3,$K8S_broadcast3,$K8S_gateway3,$K8S_iscsitarget,$K8S_iscsichapusername,$K8S_iscsichappassword,$K8S_iscsihost,$K8S_storagePath,$K8S_storageType,$K8S_storageSize" \
+          >> $KUBASH_HOSTS_CSV
+      elif [ "$KUBASH_CSV_VER" = '3.0.0' ]; then
         squawk 6 "$K8S_node,$K8S_role,$K8S_cpuCount,$K8S_Memory,$K8S_sshPort,$K8S_network1,$K8S_mac1,$this_node_ip,$K8S_routingprefix1,$K8S_subnetmask1,$K8S_broadcast1,$K8S_gateway1,$K8S_provisionerHost,$K8S_provisionerUser,$K8S_provisionerPort,$K8S_provisionerBasePath,$K8S_os,$K8S_virt,$K8S_network2,$K8S_mac2,$K8S_ip2,$K8S_routingprefix2,$K8S_subnetmask2,$K8S_broadcast2,$K8S_gateway2,$K8S_network3,$K8S_mac3,$K8S_ip3,$K8S_routingprefix3,$K8S_subnetmask3,$K8S_broadcast3,$K8S_gateway3,$K8S_iscsitarget,$K8S_iscsichapusername,$K8S_iscsichappassword,$K8S_iscsihost"
         echo "$K8S_node,$K8S_role,$K8S_cpuCount,$K8S_Memory,$K8S_sshPort,$K8S_network1,$K8S_mac1,$this_node_ip,$K8S_routingprefix1,$K8S_subnetmask1,$K8S_broadcast1,$K8S_gateway1,$K8S_provisionerHost,$K8S_provisionerUser,$K8S_provisionerPort,$K8S_provisionerBasePath,$K8S_os,$K8S_virt,$K8S_network2,$K8S_mac2,$K8S_ip2,$K8S_routingprefix2,$K8S_subnetmask2,$K8S_broadcast2,$K8S_gateway2,$K8S_network3,$K8S_mac3,$K8S_ip3,$K8S_routingprefix3,$K8S_subnetmask3,$K8S_broadcast3,$K8S_gateway3,$K8S_iscsitarget,$K8S_iscsichapusername,$K8S_iscsichappassword,$K8S_iscsihost" \
           >> $KUBASH_HOSTS_CSV
diff --git a/lib/parse_opts.bash b/lib/parse_opts.bash
index f71b766e..4fd4c55a 100755
--- a/lib/parse_opts.bash
+++ b/lib/parse_opts.bash
@@ -470,6 +470,13 @@ parse_opts () {
       exit 1
     fi
     taint_all_ingress $@
+  elif [[ $RAISON == "mark_ingress" ]]; then
+    if [[ $print_help == "true" ]]; then
+      horizontal_rule
+      usage
+      exit 1
+    fi
+    mark_all_ingress $@
   elif [[ $RAISON == "dashboard" ]]; then
     if [[ $print_help == "true" ]]; then
       horizontal_rule
diff --git a/lib/qemu.bash b/lib/qemu.bash
index 414df944..8039e2a5 100755
--- a/lib/qemu.bash
+++ b/lib/qemu.bash
@@ -123,7 +123,7 @@ qemu-provisioner () {
     --noautoconsole \
     --accelerate \
     --hvm \
-    --os-variant=virtio26 \
+    --os-variant=auto \
     --disk path=$qemunodeimg,format=qcow2,bus=virtio \
     --network=$K8S_network1,mac=$K8S_mac1,model=virtio \
     $SECOND_NIC \
@@ -131,6 +131,7 @@ qemu-provisioner () {
   --print-xml
   " >&3 2>&3
   else
+    # not coreOS
     virshcmd2run="$PSEUDO virt-install --connect qemu:///system \
   --import \
     --autostart \
@@ -141,7 +142,7 @@ qemu-provisioner () {
     --noautoconsole \
     --accelerate \
     --hvm \
-    --os-variant=virtio26 \
+    --os-variant=auto \
     --disk path=$qemunodeimg,format=qcow2,bus=virtio \
     --network=$K8S_network1,mac=$K8S_mac1,model=virtio \
     $SECOND_NIC \
@@ -162,10 +163,53 @@ qemu-provisioner () {
       rsync -az $KUBASH_CLUSTERS_DIR/$KUBASH_CLUSTER_NAME $K8S_provisionerBasePath/
 
       $PSEUDO virsh define $KUBASH_CLUSTERS_DIR/$KUBASH_CLUSTER_NAME/$K8S_node/domain.xml
+      if [[ $K8S_storageType == 'raw' ]]; then
+	if [[ -f $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw ]]; then
+	  squawk 33 "File already exists using it"
+	else
+	  $PSEUDO qemu-img create \
+		  -f raw $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw \
+		  $K8S_storageSize \
+		  -o preallocation=full
+	fi
+        $PSEUDO virsh attach-disk --domain $K8S_node $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw --target vdb --persistent --config --live
+      elif [[ $K8S_storageType == 'qcow2' ]]; then
+	if [[ -f $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 ]]; then
+	  squawk 33 "File already exists using it"
+	else
+	  $PSEUDO qemu-img create \
+		  -f qcow2 $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 \
+		  $K8S_storageSize \
+		  -o preallocation=full
+	fi
+        $PSEUDO virsh attach-disk --domain $K8S_node $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 --target vdb --persistent --config --live
+      fi
       $PSEUDO virsh start $K8S_node
     else
+      # not coreOS
       squawk 5 "$PSEUDO $virshcmd2run"
       $PSEUDO $virshcmd2run
+      if [[ $K8S_storageType == 'raw' ]]; then
+	if [[ -f $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw ]]; then
+	  squawk 33 "File already exists using it"
+	else
+	  $PSEUDO qemu-img create \
+		  -f raw $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw \
+		  $K8S_storageSize \
+		  -o preallocation=full
+	fi
+        $PSEUDO virsh attach-disk --domain $K8S_node $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw --target vdb --persistent --config --live
+      elif [[ $K8S_storageType == 'qcow2' ]]; then
+	if [[ -f $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 ]]; then
+	  squawk 33 "File already exists using it"
+	else
+	  $PSEUDO qemu-img create \
+		  -f qcow2 $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 \
+		  $K8S_storageSize \
+		  -o preallocation=full
+	fi
+        $PSEUDO virsh attach-disk --domain $K8S_node $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 --target vdb --persistent --config --live
+      fi
     fi
   else
     squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $qemucmd2run"
@@ -183,16 +227,84 @@ qemu-provisioner () {
       squawk 9 "rsync $KUBASH_RSYNC_OPTS 'ssh -p$K8S_provisionerPort' $KUBASH_CLUSTERS_DIR/$KUBASH_CLUSTER_NAME $K8S_provisionerUser@$K8S_provisionerHost:~/"
       rsync $KUBASH_RSYNC_OPTS "ssh -p$K8S_provisionerPort" $KUBASH_CLUSTERS_DIR/$KUBASH_CLUSTER_NAME $K8S_provisionerUser@$K8S_provisionerHost:$K8S_provisionerBasePath/
 
+
       virshcmd2run="$PSEUDO virsh define $K8S_provisionerBasePath/$KUBASH_CLUSTER_NAME/$K8S_node/domain.xml"
       squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
       ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
 
+      if [[ $K8S_storageType == 'raw' ]]; then
+	set +e
+        ssh -q -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "test -f $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw"
+	if [[ $? -eq 0 ]]; then
+	  squawk 33 "File already exists using it"
+	else
+	  squawk 33 "File does not already exist. Creating it"
+  	  virshcmd2run="$PSEUDO qemu-img create -f raw $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw $K8S_storageSize -o preallocation=full"
+          squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
+          ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
+	fi
+	set -e
+        virshcmd2run="$PSEUDO virsh attach-disk --domain $K8S_node $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw --target vdb --persistent --config --live"
+        squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
+        ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
+      elif [[ $K8S_storageType == 'qcow2' ]]; then
+	virshcmd2run="$PSEUDO qemu-img create -f qcow2 $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 $K8S_storageSize -o preallocation=full"
+        squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
+        ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
+	set +e
+        ssh -q -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "test -f $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2"
+	if [[ $? -eq 0 ]]; then
+	  squawk 33 "File already exists using it"
+	else
+	  squawk 33 "File does not already exist. Creating it"
+  	  virshcmd2run="$PSEUDO qemu-img create -f qcow2 $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 $K8S_storageSize -o preallocation=full"
+          squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
+          ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
+	fi
+	set -e
+        virshcmd2run="$PSEUDO virsh attach-disk --domain $K8S_node $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 --target vdb --persistent --config --live"
+        squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
+        ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
+      fi
+
       virshcmd2run="$PSEUDO virsh start $K8S_node"
       squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
       ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
     else
+      # not coreOS
       squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
       ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
+      if [[ $K8S_storageType == 'raw' ]]; then
+	set +e
+        ssh -q -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "test -f $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw"
+	if [[ $? -eq 0 ]]; then
+	  squawk 33 "File already exists using it"
+	else
+	  squawk 33 "File does not already exist. Creating it"
+  	  virshcmd2run="$PSEUDO qemu-img create -f raw $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw $K8S_storageSize -o preallocation=full"
+          squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
+          ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
+	fi
+	set -e
+        virshcmd2run="$PSEUDO virsh attach-disk --domain $K8S_node $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.raw --target vdb --persistent --config --live"
+        squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
+        ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
+      elif [[ $K8S_storageType == 'qcow2' ]]; then
+	set +e
+        ssh -q -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "test -f $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2"
+	if [[ $? -eq 0 ]]; then
+	  squawk 33 "File already exists using it"
+	else
+	  squawk 33 "File does not already exist. Creating it"
+  	  virshcmd2run="$PSEUDO qemu-img create -f qcow2 $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 $K8S_storageSize -o preallocation=full"
+          squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
+          ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
+	fi
+	set -e
+        virshcmd2run="$PSEUDO virsh attach-disk --domain $K8S_node $K8S_storagePath/$KUBASH_CLUSTER_NAME-k8s-$K8S_node-vdb.qcow2 --target vdb --persistent --config --live"
+        squawk 5 "ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost $virshcmd2run"
+        ssh -n -p $K8S_provisionerPort $K8S_provisionerUser@$K8S_provisionerHost "$virshcmd2run"
+      fi
     fi
   fi
 }
diff --git a/lib/storage.bash b/lib/storage.bash
index 382f65be..96c9fb2e 100755
--- a/lib/storage.bash
+++ b/lib/storage.bash
@@ -8,7 +8,7 @@ mount_all_iscsi_targets () {
     if [[ "$K8S_role" = "storage" ]]; then
       squawk 3 "initializing storage node $@"
       squawk 33 "${K8S_iscsihost} ${K8S_iscsitarget} $K8S_iscsichapusername"
-      if [[ ! -z "$K8S_iscsitarget" ]]; then
+      if [[ "$K8S_iscsitarget" != "null" ]]; then
         squawk 3 "K8S_iscsitarget=$K8S_iscsitarget"
         command2run="iscsiadm --mode discovery --type sendtargets --portal ${K8S_iscsihost}"
         sudo_command $K8S_sshPort $K8S_user $K8S_ip1 "$command2run"
diff --git a/lib/yaml.bash b/lib/yaml.bash
index 2a522280..2045a8a7 100755
--- a/lib/yaml.bash
+++ b/lib/yaml.bash
@@ -40,7 +40,12 @@ json2cluster () {
 
   KUBASH_CSV_VER=$(cat $json2cluster_tmp/csv_version)
   squawk 11 "CSV_VER=$KUBASH_CSV_VER"
-  if [ "$KUBASH_CSV_VER" = '3.0.0' ]; then
+  if [ "$KUBASH_CSV_VER" = '4.0.0' ]; then
+    # provision.csv
+    jq -r \
+	    '.hosts[] | "\(.hostname),\(.role),\(.cpuCount),\(.Memory),\(.sshPort),\(.network1.network),\(.network1.mac),\(.network1.ip),\(.network1.routingprefix),\(.network1.subnetmask),\(.network1.broadcast),\(.network1.gateway),\(.provisioner.Host),\(.provisioner.User),\(.provisioner.Port),\(.provisioner.BasePath),\(.os),\(.virt),\(.network2.network),\(.network2.mac),\(.network2.ip),\(.network2.routingprefix),\(.network2.subnetmask),\(.network2.broadcast),\(.network2.gateway),\(.network3.network),\(.network3.mac),\(.network3.ip),\(.network3.routingprefix),\(.network3.subnetmask),\(.network3.broadcast),\(.network3.gateway),\(.iscsi.target),\(.iscsi.chap_username),\(.iscsi.chap_password),\(.iscsi.host),\(.storage.path),\(.storage.type),\(.storage.size)"' \
+      $this_json >  $json2cluster_tmp/tmp.csv
+  elif [ "$KUBASH_CSV_VER" = '3.0.0' ]; then
     # provision.csv
     jq -r \
         '.hosts[] | "\(.hostname),\(.role),\(.cpuCount),\(.Memory),\(.sshPort),\(.network1.network),\(.network1.mac),\(.network1.ip),\(.network1.routingprefix),\(.network1.subnetmask),\(.network1.broadcast),\(.network1.gateway),\(.provisioner.Host),\(.provisioner.User),\(.provisioner.Port),\(.provisioner.BasePath),\(.os),\(.virt),\(.network2.network),\(.network2.mac),\(.network2.ip),\(.network2.routingprefix),\(.network2.subnetmask),\(.network2.broadcast),\(.network2.gateway),\(.network3.network),\(.network3.mac),\(.network3.ip),\(.network3.routingprefix),\(.network3.subnetmask),\(.network3.broadcast),\(.network3.gateway),\(.iscsi.target),\(.iscsi.chap_username),\(.iscsi.chap_password),\(.iscsi.host)"' \
@@ -75,7 +80,11 @@ json2cluster () {
         K8S_mac3=$(VERBOSITY=0 kubash --verbosity=1 genmac)
       fi
     fi
-    if [ "$KUBASH_CSV_VER" = '3.0.0' ]; then
+    if [ "$KUBASH_CSV_VER" = '4.0.0' ]; then
+      squawk 6 "$K8S_node,$K8S_role,$K8S_cpuCount,$K8S_Memory,$K8S_sshPort,$K8S_network1,$K8S_mac1,$K8S_ip1,$K8S_routingprefix1,$K8S_subnetmask1,$K8S_broadcast1,$K8S_gateway1,$K8S_provisionerHost,$K8S_provisionerUser,$K8S_provisionerPort,$K8S_provisionerBasePath,$K8S_os,$K8S_virt,$K8S_network2,$K8S_mac2,$K8S_ip2,$K8S_routingprefix2,$K8S_subnetmask2,$K8S_broadcast2,$K8S_gateway2,$K8S_network3,$K8S_mac3,$K8S_ip3,$K8S_routingprefix3,$K8S_subnetmask3,$K8S_broadcast3,$K8S_gateway3,$K8S_iscsitarget,$K8S_iscsichapusername,$K8S_iscsichappassword,$K8S_iscsihost,$K8S_storagePath,$K8S_storageType,$K8S_storageSize"
+      echo "$K8S_node,$K8S_role,$K8S_cpuCount,$K8S_Memory,$K8S_sshPort,$K8S_network1,$K8S_mac1,$K8S_ip1,$K8S_routingprefix1,$K8S_subnetmask1,$K8S_broadcast1,$K8S_gateway1,$K8S_provisionerHost,$K8S_provisionerUser,$K8S_provisionerPort,$K8S_provisionerBasePath,$K8S_os,$K8S_virt,$K8S_network2,$K8S_mac2,$K8S_ip2,$K8S_routingprefix2,$K8S_subnetmask2,$K8S_broadcast2,$K8S_gateway2,$K8S_network3,$K8S_mac3,$K8S_ip3,$K8S_routingprefix3,$K8S_subnetmask3,$K8S_broadcast3,$K8S_gateway3,$K8S_iscsitarget,$K8S_iscsichapusername,$K8S_iscsichappassword,$K8S_iscsihost,$K8S_storagePath,$K8S_storageType,$K8S_storageSize" \
+        >>  $json2cluster_tmp/provision.csv
+    elif [ "$KUBASH_CSV_VER" = '3.0.0' ]; then
       squawk 6 "$K8S_node,$K8S_role,$K8S_cpuCount,$K8S_Memory,$K8S_sshPort,$K8S_network1,$K8S_mac1,$K8S_ip1,$K8S_routingprefix1,$K8S_subnetmask1,$K8S_broadcast1,$K8S_gateway1,$K8S_provisionerHost,$K8S_provisionerUser,$K8S_provisionerPort,$K8S_provisionerBasePath,$K8S_os,$K8S_virt,$K8S_network2,$K8S_mac2,$K8S_ip2,$K8S_routingprefix2,$K8S_subnetmask2,$K8S_broadcast2,$K8S_gateway2,$K8S_network3,$K8S_mac3,$K8S_ip3,$K8S_routingprefix3,$K8S_subnetmask3,$K8S_broadcast3,$K8S_gateway3,$K8S_iscsitarget,$K8S_iscsichapusername,$K8S_iscsichappassword,$K8S_iscsihost"
       echo "$K8S_node,$K8S_role,$K8S_cpuCount,$K8S_Memory,$K8S_sshPort,$K8S_network1,$K8S_mac1,$K8S_ip1,$K8S_routingprefix1,$K8S_subnetmask1,$K8S_broadcast1,$K8S_gateway1,$K8S_provisionerHost,$K8S_provisionerUser,$K8S_provisionerPort,$K8S_provisionerBasePath,$K8S_os,$K8S_virt,$K8S_network2,$K8S_mac2,$K8S_ip2,$K8S_routingprefix2,$K8S_subnetmask2,$K8S_broadcast2,$K8S_gateway2,$K8S_network3,$K8S_mac3,$K8S_ip3,$K8S_routingprefix3,$K8S_subnetmask3,$K8S_broadcast3,$K8S_gateway3,$K8S_iscsitarget,$K8S_iscsichapusername,$K8S_iscsichappassword,$K8S_iscsihost" \
         >>  $json2cluster_tmp/provision.csv
diff --git a/submodules/istio b/submodules/istio
index 790c8682..73cfe5b9 160000
--- a/submodules/istio
+++ b/submodules/istio
@@ -1 +1 @@
-Subproject commit 790c86828a989f317ae7baed53340c900c9ea669
+Subproject commit 73cfe5b9d53efca9c59d862b51c5d63e3d2ce01c
diff --git a/submodules/openshift-ansible b/submodules/openshift-ansible
index fb59e73e..1f1b1758 160000
--- a/submodules/openshift-ansible
+++ b/submodules/openshift-ansible
@@ -1 +1 @@
-Subproject commit fb59e73ed45d3aa887dd63c0b915ea689d5be8be
+Subproject commit 1f1b175803e9069c834e7b1161abba7b45179702
diff --git a/submodules/rook b/submodules/rook
index 88013858..004f795a 160000
--- a/submodules/rook
+++ b/submodules/rook
@@ -1 +1 @@
-Subproject commit 88013858bd2a41077bdaa7210764479f524643fb
+Subproject commit 004f795a7928f407d4d108cd678ffbd1264834fe