OpenShift on VMware Cloud on AWS #2603
Conversation
openshift-ci-robot
added
do-not-merge/work-in-progress
|
This most certainly will not pass CI. Would like to start getting review while I am still testing and modifying. |
jcpowermac
force-pushed
the
vmware_on_aws
branch
from
cda2000 to
8f3f452
Compare
|
@jcpowermac just a heads up in case you haven't seen #2057 which i was trying to get it in for a long time but it was put on hold by the installer team lead. While i understand from your work that you are focusing on extending the work done initially to run the whole VMware deployment in AWS, i do worry that you are changing the scope which will affect folks who were using this upi sample to bootstrap OCP on a standalone VMware env. If the installer team desire is to have this upi examples used for CI only then may i suggest you add a bold note so everyone knows that they are not consumable outside RH CI ? |
Hi @DanyC97 if you have any suggestions I am certainly open to it. Though atm my priority is to have CI green which is why we are moving to VMC. I teased apart the IPAM and Route53 terraform from the virtual machine creation so that someone could actually use it without requiring either. That is how I initially tested VMC: ran the AWS terraform that created DNS and LB then ran the terraform that created the virtual machines. Theoretically as long as you had DNS configured correctly with whatever you use it should work. |
jcpowermac
force-pushed
the
vmware_on_aws
branch
3 times, most recently
from
ad6b73c to
7d63493
Compare
jcpowermac
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
patrickdillon
left a comment
patrickdillon
left a comment
There was a problem hiding this comment.
Left a few comments, granted that I don't have background in vsphere. have not had a chance to look at the changes in machine, which it looks like are substantial
There was a problem hiding this comment.
Are these variables private- and public_subnet_ids used? I can't find subsequent references to them. Where do aws_subnet variables come from?
upi/vsphere/modules/aws/vpc/vpc.tf
Outdated
There was a problem hiding this comment.
are these cidr ranges used? I can't find subsequent references to them but perhaps I am missing something.
upi/vsphere/modules/aws/vpc/vpc.tf
Outdated
There was a problem hiding this comment.
nit: new_vpc makes me think we are creating a vpc, when we are reading it in. cluster?
There was a problem hiding this comment.
nit: I find it curious to have a hard coded value as a module output
There was a problem hiding this comment.
@patrickdillon /shrug I took the AWS terraform from aws IPI and modified it for VMC. Even in 4.3 its a hard coded output:
installer/data/data/aws/vpc/outputs.tf
Line 48 in 3b221a9
upi/vsphere/README.md
Outdated
There was a problem hiding this comment.
nit: "terraform" -> "Terraform", here and later.
upi/vsphere/README.md
Outdated
There was a problem hiding this comment.
nit: openshift-installer -> openshift-install
upi/vsphere/README.md
Outdated
There was a problem hiding this comment.
nit: "ignition" -> "Ignition", here and later.
upi/vsphere/README.md
Outdated
There was a problem hiding this comment.
nit: We can probably drop "for OpenShift RHCOS virtual machines" while remaining sufficiently specific. For comparison, AWS and GCP docs have "Create Ignition configs" (they disagree on Configs vs. configs, I don't think we have a clear title vs. sentence case policy for h2+ ;).
upi/vsphere/README.md
Outdated
There was a problem hiding this comment.
nit: no need for the leading ./ or trailing /. Not that it matters much, for folks copy/pasting.
upi/vsphere/README.md
Outdated
There was a problem hiding this comment.
nit: brace expansion is a Bashism. We'd be portable across all POSIX shells with:
cp install-config.yaml.example install-config.yaml
upi/vsphere/README.md
Outdated
There was a problem hiding this comment.
nit: doesn't really add much in the way of syntax highlighting in most cases, but it's nice to explicitly declare this to be a shell block with ```sh.
There was a problem hiding this comment.
nit: no need for this leading document separator, and most of our other YAML examples omit it.
There was a problem hiding this comment.
nit: did we want to fill these in with placeholders/examples like these examples?
upi/vsphere/modules/aws/README.md
Outdated
There was a problem hiding this comment.
nit: maybe rephrase to:
This is an internal Terraform module for installing OpenShift in a VMware Cloud on AWS.
That makes implicitly not for other uses, so we don't have to talk about how not-useful it is going to be for those off-label uses ;)
upi/vsphere/modules/aws/variables.tf
Outdated
There was a problem hiding this comment.
Do you want to address this before merging? I don't see a problem with a single zone for Terraform modules we use for internal testing. Folks who want a vSphere cluster are probably not going to be using AWS, because if you want a cluster on AWS you'd just use our native AWS providers, right?
There was a problem hiding this comment.
you can drop this if you go with a single zone.
There was a problem hiding this comment.
I know the AWS Terraform uses master/worker, but if you already have control-plane/compute in the vSphere Terraform I'd rather stay with it instead of backsliding. See also #1330.
upi/vsphere/packet/README.md
Outdated
There was a problem hiding this comment.
nit: backticks around paths and other literals: terraform.tfvars.
upi/vsphere/vmc/README.md
Outdated
|
Thanks @wking and @patrickdillon for taking the time to review. I am in process of cleaning it up. Will need to retest. |
jcpowermac
force-pushed
the
vmware_on_aws
branch
4 times, most recently
from
b700611 to
4c93cd0
Compare
|
@wking and @patrickdillon I think I addressed all the concerns. Though I wonder if we shouldn't move to terraform 0.12? From the template it looks like only vSphere is using terraform. The only other UPI that is still terraform 0.11 is Metal but it doesn't look like that template is used with it. |
jcpowermac
force-pushed
the
vmware_on_aws
branch
from
4c93cd0 to
290c363
Compare
jcpowermac
force-pushed
the
vmware_on_aws
branch
2 times, most recently
from
916f5d6 to
22ce1ed
Compare
openshift-ci-robot
added
the
needs-rebase
|
/hold |
openshift-ci-robot
added
the
do-not-merge/hold
Reuses existing AWS IPI terraform and vSphere UPI terraform to support VMware Cloud on AWS which will be the replacement of Packet for CI. Need 0.21.0 of govc to support content library in vSphere vCenter. Use ignition.config.data inplace of guestinfo
jcpowermac
force-pushed
the
vmware_on_aws
branch
from
22ce1ed to
9abafe8
Compare
openshift-ci-robot
removed
the
needs-rebase
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
/uncc @jstuever |
|
@jcpowermac: PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
needs-rebase
|
@jcpowermac: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
/close |
|
@jcpowermac: Closed this PR. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
6 participants
Reuses existing AWS IPI terraform and vSphere UPI
terraform to support VMware Cloud on AWS which
will be the replacement of Packet for CI.