diff --git a/examples/tectonic.aws.yaml b/examples/tectonic.aws.yaml index 25adbccc079..1229a816126 100644 --- a/examples/tectonic.aws.yaml +++ b/examples/tectonic.aws.yaml @@ -11,34 +11,6 @@ aws: # (optional) AMI override for all nodes. Example: `ami-foobar123`. # ec2AMIOverride: - etcd: - # Instance size for the etcd node(s). Example: `t2.medium`. Read the [etcd recommended hardware](https://coreos.com/etcd/docs/latest/op-guide/hardware.html) guide for best performance - ec2Type: t2.medium - - # (optional) List of additional security group IDs for etcd nodes. - # - # Example: `["sg-51530134", "sg-b253d7cc"]` - # extraSGIDs: - - # (optional) Name of IAM role to use for the instance profiles of etcd nodes. - # The name is also the last part of a role's ARN. - # - # Example: - # * Role ARN = arn:aws:iam::123456789012:role/tectonic-installer - # * Role Name = tectonic-installer - # iamRoleName: - - rootVolume: - # The amount of provisioned IOPS for the root block device of etcd nodes. - # Ignored if the volume type is not io1. - iops: 100 - - # The size of the volume in gigabytes for the root block device of etcd nodes. - size: 30 - - # The type of volume for the root block device of etcd nodes. - type: gp2 - external: # (optional) List of subnet IDs within an existing VPC to deploy master nodes into. # Required to use an existing VPC and the list must match the AZ count. @@ -206,11 +178,6 @@ containerLinux: # (optional) A list of PEM encoded CA files that will be installed in /etc/ssl/certs on etcd, master, and worker nodes. # customCAPEMList: -etcd: - # The name of the node pool(s) to use for etcd nodes - nodePools: - - etcd - iscsi: # (optional) Start iscsid.service to enable iscsi volume attachment. # enabled: false @@ -256,11 +223,6 @@ networking: # type: flannel nodePools: - # The number of etcd nodes to be created. - # If set to zero, the count of etcd nodes will be determined automatically. - - count: 3 - name: etcd - # The number of master nodes to be created. # This applies only to cloud platforms. - count: 1 diff --git a/examples/tectonic.libvirt.yaml b/examples/tectonic.libvirt.yaml index fbd741582bc..c120e81939a 100644 --- a/examples/tectonic.libvirt.yaml +++ b/examples/tectonic.libvirt.yaml @@ -44,14 +44,9 @@ containerLinux: # Examples: `latest`, `1465.6.0` version: latest - # (optional) A list of PEM encoded CA files that will be installed in /etc/ssl/certs on etcd, master, and worker nodes. + # (optional) A list of PEM encoded CA files that will be installed in /etc/ssl/certs on master and worker nodes. # customCAPEMList: -etcd: - # The name of the node pool(s) to use for etcd nodes - nodePools: - - etcd - iscsi: # (optional) Start iscsid.service to enable iscsi volume attachment. # enabled: false @@ -96,11 +91,6 @@ networking: # type: flannel nodePools: - # The number of etcd nodes to be created. - # If set to zero, the count of etcd nodes will be determined automatically. - - count: 1 - name: etcd - # The number of master nodes to be created. # This applies only to cloud platforms. - count: 1 diff --git a/installer/pkg/config-generator/ignition.go b/installer/pkg/config-generator/ignition.go index ee0a9d93b42..729067a5a3a 100644 --- a/installer/pkg/config-generator/ignition.go +++ b/installer/pkg/config-generator/ignition.go @@ -13,103 +13,90 @@ import ( "github.com/vincent-petithory/dataurl" ) -var ( - ignVersion = "2.2.0" - ignFilesPath = map[string]string{ - "master": config.IgnitionMaster, - "worker": config.IgnitionWorker, - "etcd": config.IgnitionEtcd, - } +const ( caPath = "generated/tls/root-ca.crt" ) -func (c *ConfigGenerator) poolToRoleMap() map[string]string { - poolToRole := make(map[string]string) - // assume no roles can share pools - for _, n := range c.Master.NodePools { - poolToRole[n] = "master" - } - for _, n := range c.Worker.NodePools { - poolToRole[n] = "worker" +// GenerateIgnConfig generates Ignition configs for the workers and masters. +func (c *ConfigGenerator) GenerateIgnConfig(clusterDir string) error { + var masters config.NodePool + var workers config.NodePool + for _, pool := range c.NodePools { + switch pool.Name { + case "master": + masters = pool + case "worker": + workers = pool + case "etcd": // FIXME: ignore these until openshift/release stops defining them + default: + return fmt.Errorf("unrecognized role: %s", pool.Name) + } } - for _, n := range c.Etcd.NodePools { - poolToRole[n] = "etcd" + + ca, err := ioutil.ReadFile(filepath.Join(clusterDir, caPath)) + if err != nil { + return err } - return poolToRole -} -// GenerateIgnConfig generates, if successful, files with the ign config for each role. -func (c *ConfigGenerator) GenerateIgnConfig(clusterDir string) error { - poolToRole := c.poolToRoleMap() - for _, p := range c.NodePools { - role := poolToRole[p.Name] - if _, ok := ignFilesPath[role]; !ok { - return fmt.Errorf("unrecognized pool: %s", p.Name) - } + workerCfg, err := parseIgnFile(workers.IgnitionFile) + if err != nil { + return fmt.Errorf("failed to parse Ignition config for workers: %v", err) + } - ignCfg, err := parseIgnFile(p.IgnitionFile) - if err != nil { - return fmt.Errorf("failed to GenerateIgnConfig for pool %s and file %s: %v", p.Name, p.IgnitionFile, err) - } + // XXX(crawford): The SSH key should only be added to the bootstrap + // node. After that, MCO should be responsible for + // distributing SSH keys. + c.embedUserBlock(&workerCfg) + c.appendCertificateAuthority(&workerCfg, ca) + c.embedAppendBlock(&workerCfg, "worker", "") - var ignCfgs []ignconfigtypes.Config - for i := 0; i < p.Count; i++ { - ignCfgs = append(ignCfgs, *ignCfg) - } + if err = ignCfgToFile(workerCfg, filepath.Join(clusterDir, config.IgnitionPathWorker)); err != nil { + return err + } - ca, err := ioutil.ReadFile(filepath.Join(clusterDir, caPath)) - if err != nil { - return err - } + masterCfg, err := parseIgnFile(masters.IgnitionFile) + if err != nil { + return fmt.Errorf("failed to parse Ignition config for masters: %v", err) + } - for i := range ignCfgs { - c.appendCertificateAuthority(&ignCfgs[i], ca) - } + for i := 0; i < masters.Count; i++ { + ignCfg := masterCfg // XXX(crawford): The SSH key should only be added to the bootstrap // node. After that, MCO should be responsible for // distributing SSH keys. - for i := range ignCfgs { - c.embedUserBlock(&ignCfgs[i]) - } + c.embedUserBlock(&ignCfg) + c.appendCertificateAuthority(&ignCfg, ca) + c.embedAppendBlock(&ignCfg, "master", fmt.Sprintf("etcd_index=%d", i)) - fileTargetPath := filepath.Join(clusterDir, ignFilesPath[role]) - if role == "master" { - for i := range ignCfgs { - c.embedAppendBlock(&ignCfgs[i], role, fmt.Sprintf("etcd_index=%d", i)) - if err = ignCfgToFile(ignCfgs[i], fmt.Sprintf(fileTargetPath, i)); err != nil { - return err - } - } - } else { - c.embedAppendBlock(&ignCfgs[0], role, "") - if err = ignCfgToFile(ignCfgs[0], fileTargetPath); err != nil { - return err - } + if err = ignCfgToFile(ignCfg, filepath.Join(clusterDir, fmt.Sprintf(config.IgnitionPathMaster, i))); err != nil { + return err } } + return nil } -func parseIgnFile(filePath string) (*ignconfigtypes.Config, error) { +func parseIgnFile(filePath string) (ignconfigtypes.Config, error) { if filePath == "" { - ignition := &ignconfigtypes.Ignition{ - Version: ignVersion, - } - return &ignconfigtypes.Config{Ignition: *ignition}, nil + return ignconfigtypes.Config{ + Ignition: ignconfigtypes.Ignition{ + Version: ignconfigtypes.MaxVersion.String(), + }, + }, nil } data, err := ioutil.ReadFile(filePath) if err != nil { - return nil, err + return ignconfigtypes.Config{}, err } cfg, rpt, _ := ignconfig.Parse(data) if len(rpt.Entries) > 0 { - return nil, fmt.Errorf("failed to parse ignition file %s: %s", filePath, rpt.String()) + return ignconfigtypes.Config{}, fmt.Errorf("failed to parse ignition file %s: %s", filePath, rpt.String()) } - return &cfg, nil + return cfg, nil } func (c *ConfigGenerator) embedAppendBlock(ignCfg *ignconfigtypes.Config, role string, query string) { diff --git a/installer/pkg/config/aws/aws.go b/installer/pkg/config/aws/aws.go index c3dbf1f122b..fec04d572cf 100644 --- a/installer/pkg/config/aws/aws.go +++ b/installer/pkg/config/aws/aws.go @@ -22,7 +22,6 @@ const ( type AWS struct { EC2AMIOverride string `json:"tectonic_aws_ec2_ami_override,omitempty" yaml:"ec2AMIOverride,omitempty"` Endpoints Endpoints `json:"tectonic_aws_endpoints,omitempty" yaml:"endpoints,omitempty"` - Etcd `json:",inline" yaml:"etcd,omitempty"` External `json:",inline" yaml:"external,omitempty"` ExtraTags map[string]string `json:"tectonic_aws_extra_tags,omitempty" yaml:"extraTags,omitempty"` InstallerRole string `json:"tectonic_aws_installer_role,omitempty" yaml:"installerRole,omitempty"` @@ -41,21 +40,6 @@ type External struct { WorkerSubnetIDs []string `json:"tectonic_aws_external_worker_subnet_ids,omitempty" yaml:"workerSubnetIDs,omitempty"` } -// Etcd converts etcd related config. -type Etcd struct { - EC2Type string `json:"tectonic_aws_etcd_ec2_type,omitempty" yaml:"ec2Type,omitempty"` - ExtraSGIDs []string `json:"tectonic_aws_etcd_extra_sg_ids,omitempty" yaml:"extraSGIDs,omitempty"` - IAMRoleName string `json:"tectonic_aws_etcd_iam_role_name,omitempty" yaml:"iamRoleName,omitempty"` - EtcdRootVolume `json:",inline" yaml:"rootVolume,omitempty"` -} - -// EtcdRootVolume converts etcd rool volume related config. -type EtcdRootVolume struct { - IOPS int `json:"tectonic_aws_etcd_root_volume_iops,omitempty" yaml:"iops,omitempty"` - Size int `json:"tectonic_aws_etcd_root_volume_size,omitempty" yaml:"size,omitempty"` - Type string `json:"tectonic_aws_etcd_root_volume_type,omitempty" yaml:"type,omitempty"` -} - // Master converts master related config. type Master struct { CustomSubnets map[string]string `json:"tectonic_aws_master_custom_subnets,omitempty" yaml:"customSubnets,omitempty"` diff --git a/installer/pkg/config/cluster.go b/installer/pkg/config/cluster.go index 866e51abfd0..27ce4d0412f 100644 --- a/installer/pkg/config/cluster.go +++ b/installer/pkg/config/cluster.go @@ -12,13 +12,11 @@ import ( ) const ( - // IgnitionMaster is the relative path to the ign master cfg from the tf working directory + // IgnitionPathMaster is the relative path to the ign master cfg from the tf working directory // This is a format string so that the index can be populated later - IgnitionMaster = "master-%d.ign" - // IgnitionWorker is the relative path to the ign worker cfg from the tf working directory - IgnitionWorker = "worker.ign" - // IgnitionEtcd is the relative path to the ign etcd cfg from the tf working directory - IgnitionEtcd = "etcd.ign" + IgnitionPathMaster = "master-%d.ign" + // IgnitionPathWorker is the relative path to the ign worker cfg from the tf working directory + IgnitionPathWorker = "worker.ign" // PlatformAWS is the platform for a cluster launched on AWS. PlatformAWS Platform = "aws" // PlatformLibvirt is the platform for a cluster launched on libvirt. @@ -81,8 +79,6 @@ type Cluster struct { BaseDomain string `json:"tectonic_base_domain,omitempty" yaml:"baseDomain,omitempty"` CA `json:",inline" yaml:"CA,omitempty"` ContainerLinux `json:",inline" yaml:"containerLinux,omitempty"` - Etcd `json:",inline" yaml:"etcd,omitempty"` - IgnitionEtcd string `json:"tectonic_ignition_etcd,omitempty" yaml:"-"` IgnitionMasters []string `json:"tectonic_ignition_masters,omitempty" yaml:"-"` IgnitionWorker string `json:"tectonic_ignition_worker,omitempty" yaml:"-"` Internal `json:",inline" yaml:"-"` @@ -114,20 +110,18 @@ func (c Cluster) NodeCount(names []string) int { // TFVars will return the config for the cluster in tfvars format. func (c *Cluster) TFVars() (string, error) { - c.Etcd.Count = c.NodeCount(c.Etcd.NodePools) c.Master.Count = c.NodeCount(c.Master.NodePools) c.Worker.Count = c.NodeCount(c.Worker.NodePools) for i := 0; i < c.Master.Count; i++ { - c.IgnitionMasters = append(c.IgnitionMasters, fmt.Sprintf(IgnitionMaster, i)) + c.IgnitionMasters = append(c.IgnitionMasters, fmt.Sprintf(IgnitionPathMaster, i)) } - c.IgnitionWorker = IgnitionWorker - c.IgnitionEtcd = IgnitionEtcd + c.IgnitionWorker = IgnitionPathWorker // fill in master ips if c.Platform == PlatformLibvirt { - if err := c.Libvirt.TFVars(c.Master.Count, c.Worker.Count, c.Etcd.Count); err != nil { + if err := c.Libvirt.TFVars(c.Master.Count, c.Worker.Count); err != nil { return "", err } } @@ -142,12 +136,6 @@ func (c *Cluster) TFVars() (string, error) { // YAML will return the config for the cluster in yaml format. func (c *Cluster) YAML() (string, error) { - c.NodePools = append(c.NodePools, NodePool{ - Count: c.Etcd.Count, - Name: "etcd", - }) - c.Etcd.NodePools = []string{"etcd"} - c.NodePools = append(c.NodePools, NodePool{ Count: c.Master.Count, Name: "master", diff --git a/installer/pkg/config/libvirt/libvirt.go b/installer/pkg/config/libvirt/libvirt.go index 02ee58586f8..5012816264e 100644 --- a/installer/pkg/config/libvirt/libvirt.go +++ b/installer/pkg/config/libvirt/libvirt.go @@ -21,7 +21,6 @@ type Libvirt struct { Network `json:",inline" yaml:"network"` MasterIPs []string `json:"tectonic_libvirt_master_ips,omitempty" yaml:"masterIPs"` WorkerIPs []string `json:"tectonic_libvirt_worker_ips,omitempty" yaml:"workerIPs"` - EtcdIPs []string `json:"tectonic_libvirt_etcd_ips,omitempty" yaml:"etcdIPs"` BootstrapIP string `json:"tectonic_libvirt_bootstrap_ip,omitempty" yaml:"bootstrapIP"` } @@ -34,7 +33,7 @@ type Network struct { } // TFVars fills in computed Terraform variables. -func (l *Libvirt) TFVars(masterCount int, workerCount int, etcdCount int) error { +func (l *Libvirt) TFVars(masterCount int, workerCount int) error { _, network, err := net.ParseCIDR(l.Network.IPRange) if err != nil { return fmt.Errorf("failed to parse libvirt network ipRange: %v", err) @@ -72,18 +71,6 @@ func (l *Libvirt) TFVars(masterCount int, workerCount int, etcdCount int) error } } - if len(l.EtcdIPs) > 0 { - if len(l.EtcdIPs) != etcdCount { - return fmt.Errorf("length of EtcdIPs doesn't match etcd count") - } - } else { - if ips, err := generateIPs("etcd", network, etcdCount, 20); err == nil { - l.EtcdIPs = ips - } else { - return err - } - } - return nil } diff --git a/installer/pkg/config/types.go b/installer/pkg/config/types.go index ae9e30a3b09..3b72398ade6 100644 --- a/installer/pkg/config/types.go +++ b/installer/pkg/config/types.go @@ -36,12 +36,6 @@ type ContainerLinux struct { Version string `json:"tectonic_container_linux_version,omitempty" yaml:"version,omitempty"` } -// Etcd converts etcd related config. -type Etcd struct { - Count int `json:"tectonic_etcd_count,omitempty" yaml:"-"` - NodePools []string `json:"-" yaml:"nodePools"` -} - // NodePool converts node pool related config. type NodePool struct { Count int `json:"-" yaml:"count"` diff --git a/installer/pkg/config/validate.go b/installer/pkg/config/validate.go index aa7d556ee07..069a3acc1fc 100644 --- a/installer/pkg/config/validate.go +++ b/installer/pkg/config/validate.go @@ -374,28 +374,6 @@ func (c *Cluster) validateNoSharedNodePools() []error { fields[c.Master.NodePools[i]]["worker"] = struct{}{} } } - for j := range c.Etcd.NodePools { - if c.Master.NodePools[i] == c.Etcd.NodePools[j] { - if fields[c.Master.NodePools[i]] == nil { - fields[c.Master.NodePools[i]] = make(map[string]struct{}) - } - fields[c.Master.NodePools[i]]["master"] = struct{}{} - fields[c.Master.NodePools[i]]["etcd"] = struct{}{} - } - } - } - } - for i := range c.Worker.NodePools { - if c.Worker.NodePools[i] != "" { - for j := range c.Etcd.NodePools { - if c.Worker.NodePools[i] == c.Etcd.NodePools[j] { - if fields[c.Worker.NodePools[i]] == nil { - fields[c.Worker.NodePools[i]] = make(map[string]struct{}) - } - fields[c.Worker.NodePools[i]]["worker"] = struct{}{} - fields[c.Worker.NodePools[i]]["etcd"] = struct{}{} - } - } } } for k, v := range fields { diff --git a/installer/pkg/workflow/fixtures/aws.basic.yaml b/installer/pkg/workflow/fixtures/aws.basic.yaml index c050c697393..8aed6352838 100644 --- a/installer/pkg/workflow/fixtures/aws.basic.yaml +++ b/installer/pkg/workflow/fixtures/aws.basic.yaml @@ -2,12 +2,6 @@ admin: email: fake-email@example.com password: fake-password aws: - etcd: - ec2Type: m4.large - rootVolume: - iops: 100 - size: 30 - type: gp2 master: ec2Type: m4.large rootVolume: @@ -23,9 +17,6 @@ aws: baseDomain: tectonic-ci.de containerLinux: channel: beta -etcd: - nodePools: - - etcd licensePath: master: nodePools: @@ -37,8 +28,6 @@ networking: serviceCIDR: 10.3.0.0/16 type: canal nodePools: - - name: etcd - count: 3 - name: master count: 2 - name: worker diff --git a/installer/pkg/workflow/fixtures/terraform.tfvars b/installer/pkg/workflow/fixtures/terraform.tfvars index 2df6cca97c9..e87d24cfcec 100644 --- a/installer/pkg/workflow/fixtures/terraform.tfvars +++ b/installer/pkg/workflow/fixtures/terraform.tfvars @@ -2,10 +2,6 @@ "tectonic_admin_email": "fake-email@example.com", "tectonic_admin_password": "fake-password", "tectonic_aws_endpoints": "all", - "tectonic_aws_etcd_ec2_type": "m4.large", - "tectonic_aws_etcd_root_volume_iops": 100, - "tectonic_aws_etcd_root_volume_size": 30, - "tectonic_aws_etcd_root_volume_type": "gp2", "tectonic_aws_master_ec2_type": "m4.large", "tectonic_aws_master_root_volume_iops": 100, "tectonic_aws_master_root_volume_size": 30, @@ -20,8 +16,6 @@ "tectonic_base_domain": "tectonic-ci.de", "tectonic_container_linux_channel": "beta", "tectonic_container_linux_version": "latest", - "tectonic_etcd_count": 3, - "tectonic_ignition_etcd": "etcd.ign", "tectonic_ignition_masters": [ "master-0.ign", "master-1.ign" diff --git a/modules/ignition/assets.tf b/modules/ignition/assets.tf index 087dcbe4a1d..7543988b1bc 100644 --- a/modules/ignition/assets.tf +++ b/modules/ignition/assets.tf @@ -14,20 +14,6 @@ data "ignition_systemd_unit" "docker_dropin" { ] } -data "template_file" "installer_runtime_mappings" { - template = "${file("${path.module}/resources/kubernetes/runtime-mappings.yaml")}" -} - -data "ignition_file" "installer_runtime_mappings" { - filesystem = "root" - path = "/etc/kubernetes/installer/runtime-mappings.yaml" - mode = 0644 - - content { - content = "${data.template_file.installer_runtime_mappings.rendered}" - } -} - data "template_file" "kubelet" { template = "${file("${path.module}/resources/services/kubelet.service")}" diff --git a/modules/ignition/outputs.import b/modules/ignition/outputs.import index 09eee50aa42..1c37829a600 100644 --- a/modules/ignition/outputs.import +++ b/modules/ignition/outputs.import @@ -16,10 +16,6 @@ variable "ign_locksmithd_service_id" { type = "string" } -variable "ign_installer_runtime_mappings_id" { - type = "string" -} - variable "ign_update_ca_certificates_dropin_id" { type = "string" } diff --git a/modules/ignition/outputs.tf b/modules/ignition/outputs.tf index 09a87d2d990..189b4e30225 100644 --- a/modules/ignition/outputs.tf +++ b/modules/ignition/outputs.tf @@ -22,7 +22,6 @@ output "ignition_file_id_list" { "${data.ignition_file.root_ca_cert_pem.id}", "${data.ignition_file.ingress_ca_cert_pem.id}", "${data.ignition_file.etcd_ca_cert_pem.id}", - "${data.ignition_file.installer_runtime_mappings.id}", ] } diff --git a/modules/ignition/resources/kubernetes/runtime-mappings.yaml b/modules/ignition/resources/kubernetes/runtime-mappings.yaml deleted file mode 100644 index 7e16d78ad21..00000000000 --- a/modules/ignition/resources/kubernetes/runtime-mappings.yaml +++ /dev/null @@ -1,13 +0,0 @@ -kind: VersionManifestV1 -versions: - k8s: - 1.6: - docker: [ "1.12"] - 1.7: - docker: [ "1.12" ] - 1.8: - docker: [ "17.03", "1.12"] - 1.9: - docker: [ "17.03", "1.12"] - 3.10: - docker: [ "17.03", "1.12"] \ No newline at end of file