Power VS: Add CIS CRN to Infrastructure manifest

.github/workflows/ci.yml

@@ -0,0 +1,32 @@
+name: Power VS Verify
+
+on:
+  pull_request:
+    branches: [ add-ipi ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: actions/setup-go@v2
+      with:
+        go-version: '1.16.6'
+
+    - name: Install dependencies
+      run: |
+        go version
+        go install golang.org/x/lint/golint
+
+    - name: Run go fmt & lint
+      run: |
+        go fmt -mod=readonly ./...
+        git diff HEAD
+        if [ `git diff HEAD --name-only | wc -l` -gt 0 ]; then exit 1; fi
+        golint -set_exit_status=1 `go list -mod=readonly ./... | grep -v /vendor/`
+
+    - name: Build
+      run: |
+        go mod vendor
+        ./hack/build.sh

OWNERS_ALIASES

@@ -35,7 +35,16 @@ aliases:
     - mandre
     - mdbooth
     - pierreprinetti
-    - stephenfin
+  powervs-approvers:
+    - Prashanth684
+    - clnperez
+    - mkumatag
+  powervs-reviewers:
+    - 23TNC
+    - clnperez
+    - mjturek
+    - mkumatag
+    - Prashanth684
   vsphere-approvers:
     - dav1x
     - jcpowermac

data/data/install.openshift.io_installconfigs.yaml

@@ -450,6 +450,30 @@ spec:
                           - high_performance
                           type: string
                       type: object
+                    powervs:
+                      description: PowerVS is the configuration used when installing
+                        on IBM Power VS.
+                      properties:
+                        memory:
+                          description: Memory defines the memory in GB for the instance.
+                          type: integer
+                        procType:
+                          description: ProcType defines the processor sharing model
+                            for the instance.
+                          type: string
+                        processors:
+                          description: Processors defines the processing units for
+                            the instance.
+                        sysType:
+                          description: SysType defines the system type for instance.
+                          type: string
+                        volumeIDs:
+                          description: VolumeIDs is the list of volumes attached to
+                            the instance.
+                          items:
+                            type: string
+                          type: array
+                      type: object
                     vsphere:
                       description: VSphere is the configuration used when installing
                         on vSphere.
@@ -891,6 +915,30 @@ spec:
                         - high_performance
                         type: string
                     type: object
+                  powervs:
+                    description: PowerVS is the configuration used when installing
+                      on IBM Power VS.
+                    properties:
+                      memory:
+                        description: Memory defines the memory in GB for the instance.
+                        type: integer
+                      procType:
+                        description: ProcType defines the processor sharing model
+                          for the instance.
+                        type: string
+                      processors:
+                        description: Processors defines the processing units for the
+                          instance.
+                      sysType:
+                        description: SysType defines the system type for instance.
+                        type: string
+                      volumeIDs:
+                        description: VolumeIDs is the list of volumes attached to
+                          the instance.
+                        items:
+                          type: string
+                        type: array
+                    type: object
                   vsphere:
                     description: VSphere is the configuration used when installing
                       on vSphere.
@@ -2089,6 +2137,87 @@ spec:
                 - ovirt_cluster_id
                 - ovirt_storage_domain_id
                 type: object
+              powervs:
+                description: PowerVS is the configuration used when installing on
+                  Power VS.
+                properties:
+                  APIKey:
+                    description: APIKey is the API key for the user's IBM Cloud account.
+                    type: string
+                  clusterOSImage:
+                    description: ClusterOSImage is a pre-created Power VS boot image
+                      that overrides the default image for cluster nodes.
+                    type: string
+                  defaultMachinePlatform:
+                    description: DefaultMachinePlatform is the default configuration
+                      used when installing on Power VS for machine pools which do
+                      not define their own platform configuration.
+                    properties:
+                      memory:
+                        description: Memory defines the memory in GB for the instance.
+                        type: integer
+                      procType:
+                        description: ProcType defines the processor sharing model
+                          for the instance.
+                        type: string
+                      processors:
+                        description: Processors defines the processing units for the
+                          instance.
+                      sysType:
+                        description: SysType defines the system type for instance.
+                        type: string
+                      volumeIDs:
+                        description: VolumeIDs is the list of volumes attached to
+                          the instance.
+                        items:
+                          type: string
+                        type: array
+                    type: object
+                  powervsResourceGroup:
+                    description: PowerVSResourceGroup is the resource group for creating
+                      Power VS resources.
+                    type: string
+                  pvsNetworkName:
+                    description: PVSNetworkName specifies an existing network within
+                      the Power VS Service Instance.
+                    type: string
+                  region:
+                    description: Region specifies the IBM Cloud region where the cluster
+                      will be created.
+                    type: string
+                  serviceInstance:
+                    description: ServiceInstanceID is the ID of the Power IAAS instance
+                      created from the IBM Cloud Catalog
+                    type: string
+                  subnets:
+                    description: Subnets specifies existing subnets (by ID) where
+                      cluster resources will be created.  Leave unset to have the
+                      installer create subnets in a new VPC on your behalf.
+                    items:
+                      type: string
+                    type: array
+                  userID:
+                    description: UserID is the login for the user's IBM Cloud account.
+                    type: string
+                  vpc:
+                    description: VPC is a VPC inside IBM Cloud. Needed in order to
+                      create VPC Load Balancers.
+                    type: string
+                  vpcRegion:
+                    description: Zone in the region used to create VPC resources.
+                      Leave unset to allow installer to randomly select a zone.
+                    type: string
+                  zone:
+                    description: Zone specifies the IBM Cloud colo region where the
+                      cluster will be created. Required for multi-zone regions.
+                    type: string
+                required:
+                - powervsResourceGroup
+                - region
+                - serviceInstance
+                - userID
+                - zone
+                type: object
               vsphere:
                 description: VSphere is the configuration used when installing on
                   vSphere.

data/data/powervs/bootstrap/main.tf

@@ -0,0 +1,83 @@
+# TODO(mjturek): network and image data blocks can be in main module
+#                as master and bootstrap will be using the same
+#                network and image. Once we add in master module, make
+#                the move.
+data "ibm_pi_network" "network" {
+  pi_network_name      = var.network_name
+  pi_cloud_instance_id = var.cloud_instance_id
+}
+
+data "ignition_config" "bootstrap" {
+  merge {
+    source = ibms3presign.bootstrap_ignition.presigned_url
+  }
+}
+
+data "ibm_resource_group" "cos_group" {
+  name = var.resource_group
+}
+
+resource "ibm_resource_instance" "cos_instance" {
+  name              = "${var.cluster_id}-cos"
+  resource_group_id = data.ibm_resource_group.cos_group.id
+  service           = "cloud-object-storage"
+  plan              = "standard"
+  location          = var.cos_instance_location
+  tags              = [var.cluster_id]
+}
+
+# Create an IBM COS Bucket to store ignition
+resource "ibm_cos_bucket" "ignition" {
+  bucket_name          = "${var.cluster_id}-bootstrap-ign"
+  resource_instance_id = ibm_resource_instance.cos_instance.id
+  region_location      = var.cos_bucket_location
+  storage_class        = var.cos_storage_class
+}
+
+resource "ibm_resource_key" "cos_service_cred" {
+  name                 = "${var.cluster_id}-cred"
+  role                 = "Reader"
+  resource_instance_id = ibm_resource_instance.cos_instance.id
+  parameters           = { HMAC = true }
+}
+
+resource "ibms3presign" "bootstrap_ignition" {
+  access_key_id     = ibm_resource_key.cos_service_cred.credentials["cos_hmac_keys.access_key_id"]
+  secret_access_key = ibm_resource_key.cos_service_cred.credentials["cos_hmac_keys.secret_access_key"]
+  bucket_name       = "${var.cluster_id}-bootstrap-ign"
+  key               = "bootstrap.ign"
+  region_location   = ibm_cos_bucket.ignition.region_location
+  storage_class     = ibm_cos_bucket.ignition.storage_class
+}
+
+# Place the bootstrap ignition file in the ignition COS bucket
+resource "ibm_cos_bucket_object" "ignition" {
+  bucket_crn      = ibm_cos_bucket.ignition.crn
+  bucket_location = ibm_cos_bucket.ignition.region_location
+  content         = var.ignition
+  key             = "bootstrap.ign"
+}
+
+# Create the bootstrap instance
+resource "ibm_pi_instance" "bootstrap" {
+  pi_memory            = var.memory
+  pi_processors        = var.processors
+  pi_instance_name     = "${var.cluster_id}-bootstrap"
+  pi_proc_type         = var.proc_type
+  pi_image_id          = var.image_id
+  pi_sys_type          = var.sys_type
+  pi_cloud_instance_id = var.cloud_instance_id
+  pi_network_ids       = [data.ibm_pi_network.network.id]
+
+  pi_user_data         = base64encode(data.ignition_config.bootstrap.rendered)
+  pi_key_pair_name     = var.key_id
+  pi_health_status     = "WARNING"
+}
+
+data "ibm_pi_instance_ip" "bootstrap_ip" {
+  depends_on = [ibm_pi_instance.bootstrap]
+
+  pi_instance_name     = ibm_pi_instance.bootstrap.pi_instance_name
+  pi_network_name      = data.ibm_pi_network.network.pi_network_name
+  pi_cloud_instance_id = var.cloud_instance_id
+}

data/data/powervs/bootstrap/outputs.tf

@@ -0,0 +1,3 @@
+output "bootstrap_ip" {
+  value = data.ibm_pi_instance_ip.bootstrap_ip.ip
+}

data/data/powervs/bootstrap/variables.tf

@@ -0,0 +1,16 @@
+variable "memory" {}
+variable "processors" {}
+variable "ignition" {}
+
+variable "cloud_instance_id" {}
+variable "resource_group" {}
+variable "image_id" {}
+variable "network_name" {}
+variable "proc_type" {}
+variable "sys_type" {}
+variable "cluster_id" {}
+variable "key_id" {}
+
+variable "cos_instance_location" {}
+variable "cos_bucket_location" {}
+variable "cos_storage_class" {}

data/data/powervs/dns/dns.tf

@@ -0,0 +1,31 @@
+data "ibm_cis_domain" "base_domain" {
+  cis_id = var.cis_id
+  domain = var.base_domain
+}
+
+resource "ibm_cis_dns_record" "kubernetes_api" {
+  cis_id    = var.cis_id
+  domain_id = data.ibm_cis_domain.base_domain.id
+  type      = "CNAME"
+  name      = "api.${var.cluster_domain}"
+  content   = var.load_balancer_hostname
+  ttl       = 60
+}
+
+resource "ibm_cis_dns_record" "kubernetes_api_internal" {
+  cis_id    = var.cis_id
+  domain_id = data.ibm_cis_domain.base_domain.id
+  type      = "CNAME"
+  name      = "api-int.${var.cluster_domain}"
+  content   = var.load_balancer_int_hostname
+  ttl       = 60
+}
+
+resource "ibm_cis_dns_record" "apps" {
+  cis_id    = var.cis_id
+  domain_id = data.ibm_cis_domain.base_domain.id
+  type      = "CNAME"
+  name      = "*.apps.${var.cluster_domain}"
+  content   = var.load_balancer_hostname
+  ttl       = 60
+}

data/data/powervs/dns/variables.tf

@@ -0,0 +1,13 @@
+variable "cis_id" {}
+
+variable "base_domain" {}
+
+variable "cluster_domain" {}
+
+variable "load_balancer_hostname" {}
+
+variable "load_balancer_int_hostname" {}
+
+
+
+

data/data/powervs/iaas/power-iaas.tf

@@ -0,0 +1,22 @@
+provider "ibm" {
+  ibmcloud_api_key = var.powervs_api_key
+}
+
+data "ibm_resource_group" "group" {
+  name = var.powervs_resource_group
+}
+
+resource "ibm_resource_instance" "resource_instance" {
+  name              = "${var.cluster_id}-power-iaas"
+  service           = "power-iaas"
+  plan              = "power-virtual-server-group"
+  location          = var.powervs_region
+  tags              = concat(var.service_tags, ["${var.cluster_id}-power-iaas", "${var.cluster_id}"])
+  resource_group_id = data.ibm_resource_group.group.id
+
+  timeouts {
+    create = "10m"
+    update = "10m"
+    delete = "10m"
+  }
+}