Add the Equinix Metal provider

.gitignore

@@ -1 +1,4 @@
 /bin/
+.openshift_install_state.json
+.openshift_install.log
+.vscode

OWNERS_ALIASES

@@ -86,3 +86,9 @@ aliases:
     - Gal-Zaidman
     - rgolangh
     - eslutsky
+  equinix-approvers:
+    - displague
+    - detiber
+  equinix-reviewers:
+    - displague
+    - detiber

README.md

@@ -15,6 +15,7 @@
 * [Power](docs/user/power/install_upi.md)
 * [oVirt](docs/user/ovirt/install_ipi.md)
 * [oVirt (UPI)](docs/user/ovirt/install_upi.md)
+* [Equinix Metal](docs/user/equinixmetal/install_ipi.md)
 * [vSphere](docs/user/vsphere/README.md)
 * [vSphere (UPI)](docs/user/vsphere/install_upi.md)
 * [z/VM](docs/user/zvm/install_upi.md)

cmd/openshift-install/destroy.go

@@ -14,6 +14,7 @@ import (
 	_ "github.com/openshift/installer/pkg/destroy/azure"
 	_ "github.com/openshift/installer/pkg/destroy/baremetal"
 	"github.com/openshift/installer/pkg/destroy/bootstrap"
+	_ "github.com/openshift/installer/pkg/destroy/equinixmetal"
 	_ "github.com/openshift/installer/pkg/destroy/gcp"
 	_ "github.com/openshift/installer/pkg/destroy/libvirt"
 	_ "github.com/openshift/installer/pkg/destroy/openstack"

cmd/openshift-install/gather.go

@@ -28,6 +28,7 @@ import (
 	gatheraws "github.com/openshift/installer/pkg/terraform/gather/aws"
 	gatherazure "github.com/openshift/installer/pkg/terraform/gather/azure"
 	gatherbaremetal "github.com/openshift/installer/pkg/terraform/gather/baremetal"
+	gatherequinix "github.com/openshift/installer/pkg/terraform/gather/equinixmetal"
 	gathergcp "github.com/openshift/installer/pkg/terraform/gather/gcp"
 	gatherlibvirt "github.com/openshift/installer/pkg/terraform/gather/libvirt"
 	gatheropenstack "github.com/openshift/installer/pkg/terraform/gather/openstack"
@@ -37,6 +38,7 @@ import (
 	awstypes "github.com/openshift/installer/pkg/types/aws"
 	azuretypes "github.com/openshift/installer/pkg/types/azure"
 	baremetaltypes "github.com/openshift/installer/pkg/types/baremetal"
+	equinixtypes "github.com/openshift/installer/pkg/types/equinixmetal"
 	gcptypes "github.com/openshift/installer/pkg/types/gcp"
 	libvirttypes "github.com/openshift/installer/pkg/types/libvirt"
 	openstacktypes "github.com/openshift/installer/pkg/types/openstack"
@@ -228,6 +230,15 @@ func extractHostAddresses(config *types.InstallConfig, tfstate *terraform.State)
 			return bootstrap, port, masters, err
 		}
 		masters, err = gatherovirt.ControlPlaneIPs(tfstate)
+	case equinixtypes.Name:
+		bootstrap, err = gatherequinix.BootstrapIP(tfstate)
+		if err != nil {
+			return bootstrap, port, masters, err
+		}
+		masters, err = gatherequinix.ControlPlaneIPs(tfstate)
+		if err != nil {
+			logrus.Error(err)
+		}
 	case vspheretypes.Name:
 		bootstrap, err = gathervsphere.BootstrapIP(config, tfstate)
 		if err != nil {

data/data/bootstrap/equinixmetal/OWNERS

@@ -0,0 +1,7 @@
+# See the OWNERS docs: https://git.k8s.io/community/contributors/guide/owners.md
+# This file just uses aliases defined in OWNERS_ALIASES.
+
+approvers:
+  - equinix-approvers
+reviewers:
+  - equinix-reviewers

data/data/bootstrap/files/usr/local/bin/bootkube.sh.template

@@ -275,6 +275,7 @@ then
 	copy_static_resources_for baremetal
 	copy_static_resources_for openstack
 	copy_static_resources_for ovirt
+	copy_static_resources_for equinixmetal
 	copy_static_resources_for vsphere
 
 	cp mco-bootstrap/manifests/* manifests/

data/data/equinixmetal/OWNERS

@@ -0,0 +1,7 @@
+# See the OWNERS docs: https://git.k8s.io/community/contributors/guide/owners.md
+# This file just uses aliases defined in OWNERS_ALIASES.
+
+approvers:
+  - equinix-approvers
+reviewers:
+  - equinix-reviewers

data/data/equinixmetal/bootstrap/main.tf

@@ -0,0 +1,176 @@
+
+locals {
+  arch = "x86_64"
+  // TODO(displague) use an EquinixMetal proxy
+  /*
+  coreos_baseurl = "http://mirror.openshift.com/pub/openshift-v4/${local.arch}/dependencies/rhcos"
+  coreos_url     = "${local.coreos_baseurl}/${var.ocp_version}/${var.ocp_version}.${var.ocp_version_zstream}"
+  coreos_filenm  = "rhcos-${var.ocp_version}.${var.ocp_version_zstream}-${local.arch}"
+  coreos_img     = "${local.coreos_filenm}-metal.${local.arch}.raw.gz"
+  coreos_kernel  = "${local.coreos_filenm}-installer-kernel-${local.arch}"
+  coreos_initrd  = "${local.coreos_filenm}-installer-initramfs.${local.arch}.img"
+  */
+
+  // extracting "api.<clustername>" from <clusterdomain>
+  external_name = "api-int.${replace(var.cluster_domain, ".${var.base_domain}", "")}.${var.base_domain}"
+}
+
+/*
+
+data "template_file" "user_data" {
+  template = file("${path.module}/templates/user_data_${var.operating_system}.sh")
+}
+
+data "template_file" "ipxe_script" {
+  depends_on = [packet_device.bootstrap]
+  for_each   = toset(var.nodes)
+  template   = file("${path.module}/templates/ipxe.tpl")
+
+  vars = {
+    node_type           = each.value
+    bootstrap_ip          = packet_device.bootstrap.access_public_ipv4
+    ocp_version         = var.ocp_version
+    ocp_version_zstream = var.ocp_version_zstream
+  }
+}
+
+data "template_file" "ignition_append" {
+  depends_on = [packet_device.bootstrap]
+  for_each   = toset(var.nodes)
+  template   = file("${path.module}/templates/ignition-append.json.tpl")
+
+  vars = {
+    node_type          = each.value
+    bootstrap_ip         = packet_device.bootstrap.access_public_ipv4
+    cluster_name       = var.cluster_name
+    cluster_basedomain = var.cluster_basedomain
+  }
+}
+*/
+
+resource "packet_device" "bootstrap" {
+  hostname   = local.external_name
+  plan       = var.plan
+  facilities = [var.facility]
+  // metro            = var.metro
+  operating_system = "custom_ipxe"
+  billing_cycle    = var.billing_cycle
+  project_id       = var.project_id
+  ipxe_script_url  = "https://gist.githubusercontent.com/displague/5282172449a83c7b83821f8f8333a072/raw/0f0d50c744bb758689911d1f8d421b7730c0fb3e/rhcos.ipxe"
+
+  // user_data        = data.template_file.user_data.rendered
+  user_data = var.ignition
+}
+
+resource "packet_ip_attachment" "node-address" {
+  device_id     = packet_device.bootstrap.id
+  cidr_notation = "${var.ip_address}/32"
+}
+
+/*
+resource "null_resource" "dircheck" {
+
+  provisioner "remote-exec" {
+
+    connection {
+      private_key = file(var.ssh_private_key_path)
+      host        = packet_device.bootstrap.access_public_ipv4
+    }
+
+
+    inline = [
+      "while [ ! -d /usr/share/nginx/html ]; do sleep 2; done; ls /usr/share/nginx/html/",
+      "while [ ! -f /usr/lib/systemd/system/nfs-server.service ]; do sleep 2; done; ls /usr/lib/systemd/system/nfs-server.service"
+    ]
+  }
+}
+
+resource "null_resource" "ocp_install_ignition" {
+
+  depends_on = [null_resource.dircheck]
+
+
+  provisioner "remote-exec" {
+
+    connection {
+      private_key = file(var.ssh_private_key_path)
+      host        = packet_device.bootstrap.access_public_ipv4
+    }
+
+
+    inline = [
+      "curl -o /usr/share/nginx/html/${local.coreos_img} ${local.coreos_url}/${local.coreos_img}",
+      "curl -o /usr/share/nginx/html/${local.coreos_kernel} ${local.coreos_url}/${local.coreos_kernel}",
+      "curl -o /usr/share/nginx/html/${local.coreos_initrd} ${local.coreos_url}/${local.coreos_initrd}",
+      "chmod -R 0755 /usr/share/nginx/html/"
+    ]
+  }
+}
+
+resource "null_resource" "ipxe_files" {
+
+  depends_on = [null_resource.dircheck]
+  for_each   = data.template_file.ipxe_script
+
+  provisioner "file" {
+
+    connection {
+      private_key = file(var.ssh_private_key_path)
+      host        = packet_device.bootstrap.access_public_ipv4
+    }
+
+    content     = each.value.rendered
+    destination = "/usr/share/nginx/html/${each.key}.ipxe"
+  }
+
+  provisioner "remote-exec" {
+
+    connection {
+      private_key = file(var.ssh_private_key_path)
+      host        = packet_device.bootstrap.access_public_ipv4
+    }
+
+
+    inline = [
+      "chmod -R 0755 /usr/share/nginx/html/",
+    ]
+  }
+}
+
+resource "null_resource" "ignition_append_files" {
+
+  depends_on = [null_resource.dircheck]
+  for_each   = data.template_file.ignition_append
+
+  provisioner "file" {
+
+    connection {
+      private_key = file(var.ssh_private_key_path)
+      host        = packet_device.bootstrap.access_public_ipv4
+    }
+
+    content     = each.value.rendered
+    destination = "/usr/share/nginx/html/${each.key}-append.ign"
+  }
+
+  provisioner "remote-exec" {
+
+    connection {
+      private_key = file(var.ssh_private_key_path)
+      host        = packet_device.bootstrap.access_public_ipv4
+    }
+
+
+    inline = [
+      "chmod -R 0755 /usr/share/nginx/html/",
+    ]
+  }
+}
+
+
+output "finished" {
+  depends_on = [null_resource.file_uploads, null_resource.ipxe_files]
+  value      = "Loadbalancer provisioning finished."
+}
+
+*/

data/data/equinixmetal/bootstrap/output.tf

@@ -0,0 +1,3 @@
+output "lb_ip" {
+  value = packet_device.bootstrap.access_public_ipv4
+}

data/data/equinixmetal/bootstrap/variables.tf

@@ -0,0 +1,40 @@
+variable "ignition" {
+  type        = string
+  description = "The content of the bootstrap ignition file."
+}
+
+
+
+
+
+
+variable "depends" {
+  type    = any
+  default = null
+}
+
+variable "plan" {}
+variable "facility" { default = "" }
+variable "metro" { default = "" }
+variable "operating_system" {}
+variable "project_id" {}
+variable "billing_cycle" {}
+variable "ssh_private_key_path" { default = "TODO" }
+variable "cluster_domain" {}
+variable "base_domain" {}
+// variable "cf_zone_id" {}
+//variable "ocp_version" {default = "TODO" }
+//variable "ocp_version_zstream" {default = "TODO" }
+
+/*
+variable "nodes" {
+  description = "Generic list of OpenShift node types"
+  type        = list(string)
+  default     = ["bootstrap", "master", "worker"]
+}
+*/
+
+variable "ip_address" {
+  description = "IP Reservation IPv4 addresses to assign to the bootstrap node"
+  type        = string
+}

data/data/equinixmetal/bootstrap/versions.tf

@@ -0,0 +1,3 @@
+terraform {
+  required_version = ">= 0.12"
+}

data/data/equinixmetal/dns/dns.tf

@@ -0,0 +1,57 @@
+provider "dns" {
+  /**
+  // TODO: accept dns update options so DNS can be configured following EM devices
+  update {
+    server        = "192.168.0.1"
+    key_name      = "example.com."
+    key_algorithm = "hmac-md5"
+    key_secret    = "3VwZXJzZWNyZXQ="
+  }
+  **/
+}
+
+locals {
+  basedomain = join(".", [replace(var.cluster_name, ".${var.cluster_basedomain}", ""), var.cluster_basedomain])
+}
+
+data "dns_a_record_set" "bootstrap" {
+  host = "bootstrap.${local.basedomain}"
+}
+
+data "dns_a_record_set" "masters" {
+  count = var.masters_count
+  host  = "master${count.index}.${local.basedomain}"
+}
+
+/*
+data "dns_a_record_set" "etcd_a" {
+  count = var.masters_count
+  host  = "etcd-${count.index}.${local.basedomain}"
+}
+
+data "dns_srv_record_set" "etcd_srv" {
+  // Verifies etcd SRV records have been created
+  // TODO: verify that these match the etcd nodes
+  service = "_etcd-server-ssl._tcp.${local.basedomain}"
+}
+*/
+
+/*
+data "dns_a_record_set" "workers" {
+  count = var.workers_count
+  host  = "worker${count.index}.${local.basedomain}"
+}
+*/
+
+data "dns_a_record_set" "lb" {
+  host = "api-int.${local.basedomain}"
+}
+
+/*
+// *.apps is considered optional, don't validate it
+data "dns_a_record_set" "apps" {
+  // TODO: validate that *.apps matches the lb
+  // TODO: permit CNAME, dns_cname_record_set is valid 
+  host = "*.apps.${local.basedomain}"
+}
+*/

data/data/equinixmetal/dns/outputs.tf

@@ -0,0 +1,22 @@
+output "bootstrap_a" {
+  description = "IP Address of the bootstrap node"
+  value       = data.dns_a_record_set.bootstrap.addrs[0]
+}
+
+output "lb_a" {
+  description = "IP Address of the LoadBalancer node"
+  value       = data.dns_a_record_set.lb.addrs[0]
+}
+
+output "masters_a" {
+  description = "IP Addresses of the bootstrap node"
+  // TODO: this assume 1 address per master
+  value = flatten(data.dns_a_record_set.masters.*.addrs)
+}
+
+/*
+output "workers_a" {
+  description = "IP Addresses of the bootstrap node"
+  value       = data.dns_a_record_set.workers.addrs
+}
+*/