openstack: No neutron dns

data/data/openstack/main.tf

@@ -36,6 +36,7 @@ module "service" {
   service_port_id   = "${module.topology.service_port_id}"
   master_ips        = "${module.topology.master_ips}"
   master_port_names = "${module.topology.master_port_names}"
+  bootstrap_ip      = "${module.topology.bootstrap_port_ip}"
 }
 
 module "bootstrap" {
@@ -68,12 +69,13 @@ module "masters" {
 module "topology" {
   source = "./topology"
 
-  cidr_block       = "${var.machine_cidr}"
-  cluster_id       = "${var.cluster_id}"
-  external_network = "${var.openstack_external_network}"
-  masters_count    = "${var.master_count}"
-  lb_floating_ip   = "${var.openstack_lb_floating_ip}"
-  trunk_support    = "${var.openstack_trunk_support}"
+  cidr_block          = "${var.machine_cidr}"
+  cluster_id          = "${var.cluster_id}"
+  external_network    = "${var.openstack_external_network}"
+  external_network_id = "${var.openstack_external_network_id}"
+  masters_count       = "${var.master_count}"
+  lb_floating_ip      = "${var.openstack_lb_floating_ip}"
+  trunk_support       = "${var.openstack_trunk_support}"
 }
 
 resource "openstack_objectstorage_container_v1" "container" {

data/data/openstack/service/main.tf

@@ -69,29 +69,55 @@ data "ignition_file" "haproxy_watcher_script" {
 
 set -x
 
+# NOTE(flaper87): We're doing this here for now
+# because our current vendored verison for terraform
+# doesn't support appending to an ignition_file. This
+# is coming in 2.3
+grep -qxF "127.0.0.1 api.${var.cluster_domain}" /etc/hosts || echo "127.0.0.1 api.${var.cluster_domain}" | sudo tee -a /etc/hosts
+
+mkdir -p /etc/haproxy
 export KUBECONFIG=/opt/openshift/auth/kubeconfig
-TEMPLATE="{{range .items}}{{\$name:=.metadata.name}}{{range .status.conditions}}{{if eq .type \"Ready\"}}{{if eq .status \"True\" }}{{\$name}}{{end}}{{end}}{{end}} {{end}}"
+TEMPLATE="{{range .items}}{{\$addresses:=.status.addresses}}{{range .status.conditions}}{{if eq .type \"Ready\"}}{{if eq .status \"True\" }}{{range \$addresses}}{{if eq .type \"InternalIP\"}}{{.address}}{{end}}{{end}}{{end}}{{end}}{{end}} {{end}}"
 MASTERS=$(oc get nodes -l node-role.kubernetes.io/master -ogo-template="$TEMPLATE")
 WORKERS=$(oc get nodes -l node-role.kubernetes.io/worker -ogo-template="$TEMPLATE")
 
+update_cfg_and_restart() {
+    CHANGED=$(diff /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.new)
+
+    if [[ ! -f /etc/haproxy/haproxy.cfg ]] || [[ ! $CHANGED -eq "" ]];
+    then
+        cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.backup || true
+        cp /etc/haproxy/haproxy.cfg.new /etc/haproxy/haproxy.cfg
+        systemctl restart haproxy
+    fi
+}
+
 if [[ $MASTERS -eq "" ]];
 then
-    MASTER_LINES="
-    server ${var.cluster_id}-bootstrap-22623 ${var.cluster_id}-bootstrap.${var.cluster_domain} check port 22623
-    server ${var.cluster_id}-bootstrap-6443 ${var.cluster_id}-bootstrap.${var.cluster_domain} check port 6443"
-    MASTERS="${var.cluster_id}-master-0 ${var.cluster_id}-master-1 ${var.cluster_id}-master-2"
+cat > /etc/haproxy/haproxy.cfg.new << EOF
+listen ${var.cluster_id}-api-masters
+    bind 0.0.0.0:6443
+    bind 0.0.0.0:22623
+    mode tcp
+    balance roundrobin
+    server bootstrap-22623 ${var.bootstrap_ip} check port 22623
+    server bootstrap-6443 ${var.bootstrap_ip} check port 6443
+    ${replace(join("\n    ", formatlist("server master-%s %s check port 6443", var.master_port_names, var.master_ips)), "master-port-", "")}
+EOF
+    update_cfg_and_restart
+    exit 0
 fi
 
 for master in $MASTERS;
 do
     MASTER_LINES="$MASTER_LINES
-    server $master $master.${var.cluster_domain} check port 6443"
+    server $master $master check port 6443"
 done
 
 for worker in $WORKERS;
 do
     WORKER_LINES="$WORKER_LINES
-    server $worker $worker.${var.cluster_domain} check port 443"
+    server $worker $worker check port 443"
 done
 
 cat > /etc/haproxy/haproxy.cfg.new << EOF
@@ -108,16 +134,7 @@ listen ${var.cluster_id}-api-workers
     balance roundrobin$WORKER_LINES
 EOF
 
-
-mkdir -p /etc/haproxy
-CHANGED=$(diff /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.new)
-
-if [[ ! -f /etc/haproxy/haproxy.cfg ]] || [[ ! $CHANGED -eq "" ]];
-then
-    cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.backup || true
-    cp /etc/haproxy/haproxy.cfg.new /etc/haproxy/haproxy.cfg
-    systemctl restart haproxy
-fi
+update_cfg_and_restart
 TFEOF
   }
 }
@@ -140,8 +157,15 @@ ${length(var.lb_floating_ip) == 0 ? "" : "    file /etc/coredns/db.${var.cluster
     file /etc/coredns/db.${var.cluster_domain} _etcd-server-ssl._tcp.${var.cluster_domain} {
     }
 
+    file /etc/coredns/db.${var.cluster_domain} bootstrap.${var.cluster_domain} {
+        upstream /etc/resolv.conf
+    }
+
+${replace(join("\n", formatlist("    file /etc/coredns/db.${var.cluster_domain} master-%s.${var.cluster_domain} {\n    upstream /etc/resolv.conf\n    }\n", var.master_port_names)), "master-port-", "")}
+
 ${replace(join("\n", formatlist("    file /etc/coredns/db.${var.cluster_domain} etcd-%s.${var.cluster_domain} {\n    upstream /etc/resolv.conf\n    }\n", var.master_port_names)), "master-port-", "")}
 
+
     forward . /etc/resolv.conf {
     }
 }
@@ -179,9 +203,11 @@ $ORIGIN ${var.cluster_domain}.
 ${length(var.lb_floating_ip) == 0 ? "" : "api  IN  A  ${var.lb_floating_ip}"}
 ${length(var.lb_floating_ip) == 0 ? "" : "*.apps  IN  A  ${var.lb_floating_ip}"}
 
-${replace(join("\n", formatlist("etcd-%s  IN  CNAME  master-%s", var.master_port_names, var.master_port_names)), "master-port-", "")}
+bootstrap.${var.cluster_domain}  IN  A  ${var.bootstrap_ip}
+${replace(join("\n", formatlist("master-%s  IN  A %s", var.master_port_names, var.master_ips)), "master-port-", "")}
 
-${replace(join("\n", formatlist("_etcd-server-ssl._tcp.${var.cluster_domain}  8640  IN  SRV  0  10  2380   etcd-%s.${var.cluster_domain}.", var.master_port_names)), "master-port-", "")}
+${replace(join("\n", formatlist("etcd-%s  IN  A  %s", var.master_port_names, var.master_ips)), "master-port-", "")}
+${replace(join("\n", formatlist("_etcd-server-ssl._tcp  8640  IN  SRV  0  10  2380   etcd-%s.${var.cluster_domain}.", var.master_port_names)), "master-port-", "")}
 EOF
   }
 }

data/data/openstack/service/variables.tf

@@ -42,6 +42,10 @@ variable "master_port_names" {
   type = "list"
 }
 
+variable "bootstrap_ip" {
+  type = "string"
+}
+
 variable "lb_floating_ip" {
   type = "string"
 }

data/data/openstack/topology/outputs.tf

@@ -6,6 +6,10 @@ output "bootstrap_port_id" {
   value = "${openstack_networking_port_v2.bootstrap_port.id}"
 }
 
+output "bootstrap_port_ip" {
+  value = "${openstack_networking_port_v2.bootstrap_port.all_fixed_ips[0]}"
+}
+
 output "master_ips" {
   value = "${flatten(openstack_networking_port_v2.masters.*.all_fixed_ips)}"
 }

data/data/openstack/topology/private-network.tf

@@ -76,8 +76,9 @@ resource "openstack_networking_port_v2" "service_port" {
 }
 
 data "openstack_networking_network_v2" "external_network" {
-  name     = "${var.external_network}"
-  external = true
+  name       = "${var.external_network}"
+  network_id = "${var.external_network_id}"
+  external   = true
 }
 
 resource "openstack_networking_floatingip_associate_v2" "service_fip" {

data/data/openstack/topology/variables.tf

@@ -7,6 +7,12 @@ variable "cluster_id" {
 }
 
 variable "external_network" {
+  description = "Name of the external network providing Floating IP addresses."
+  type        = "string"
+  default     = ""
+}
+
+variable "external_network_id" {
   description = "UUID of the external network providing Floating IP addresses."
   type        = "string"
   default     = ""

data/data/openstack/variables-openstack.tf

@@ -194,9 +194,21 @@ variable "openstack_external_network" {
   type    = "string"
   default = ""
 
+  description = <<EOF
+(optional) Name of the external network. The network is used to provide
+Floating IP access to the deployed nodes. Optional, but either the Name
+or UUID option must be specified.
+EOF
+}
+
+variable "openstack_external_network_id" {
+  type    = "string"
+  default = ""
+
   description = <<EOF
 (optional) UUID of the external network. The network is used to provide
-Floating IP access to the deployed nodes.
+Floating IP access to the deployed nodes. Optional, but either the Name
+or UUID option must be specified.
 EOF
 }
 

docs/user/openstack/README.md

@@ -274,6 +274,18 @@ api VM:
 
 * `openstack server delete <cluster name>-api`
 
+## Disambiguating the External Network
+
+The installer assumes that the name of the external network is unique.  In case
+there is more than one network with the same name as the desired external
+network, it’s possible to provide a UUID to specify which network should be
+used.
+
+```
+$ env TF_VAR_openstack_external_network_id="6a32627e-d98d-40d8-9324-5da7cf1452fc" \
+> bin/openshift-install create cluster
+```
+
 ## Troubleshooting
 
 See the [troubleshooting installer issues in OpenStack](./troubleshooting.md) guide.

pkg/asset/machines/openstack/machines.go

@@ -78,6 +78,7 @@ func Machines(clusterID string, config *types.InstallConfig, pool *types.Machine
 }
 
 func provider(clusterID string, platform *openstack.Platform, mpool *openstack.MachinePool, osImage string, az string, role, userDataSecret string) (*openstackprovider.OpenstackProviderSpec, error) {
+
 	return &openstackprovider.OpenstackProviderSpec{
 		TypeMeta: metav1.TypeMeta{
 			APIVersion: "openstackproviderconfig.k8s.io/v1alpha1",
@@ -94,8 +95,13 @@ func provider(clusterID string, platform *openstack.Platform, mpool *openstack.M
 		UserDataSecret: &corev1.SecretReference{Name: userDataSecret},
 		Networks: []openstackprovider.NetworkParam{
 			{
-				Filter: openstackprovider.Filter{
-					Tags: fmt.Sprintf("%s=%s", "openshiftClusterID", clusterID),
+				Subnets: []openstackprovider.SubnetParam{
+					{
+						Filter: openstackprovider.SubnetFilter{
+							Name: "nodes",
+							Tags: fmt.Sprintf("%s=%s", "openshiftClusterID", clusterID),
+						},
+					},
 				},
 			},
 		},

pkg/asset/machines/userdata.go

@@ -23,6 +23,7 @@ items:
     namespace: openshift-machine-api
   type: Opaque
   data:
+    disableTemplating: "dHJ1ZQo="
     userData: {{$content}}
 {{- end}}
 `))

pkg/types/openstack/platform.go

@@ -17,7 +17,7 @@ type Platform struct {
 	Cloud string `json:"cloud"`
 
 	// ExternalNetwork
-	// The OpenStack external network to be used for installation.
+	// The OpenStack external network name to be used for installation.
 	ExternalNetwork string `json:"externalNetwork"`
 
 	// FlavorName