Skip to content

Comments

CORS-2830: Provision AWS Infrastructure with SDK#7676

Merged
openshift-merge-bot[bot] merged 33 commits intoopenshift:masterfrom
r4f4:aws-sdk-infra
Nov 16, 2023
Merged

CORS-2830: Provision AWS Infrastructure with SDK#7676
openshift-merge-bot[bot] merged 33 commits intoopenshift:masterfrom
r4f4:aws-sdk-infra

Conversation

@r4f4
Copy link
Contributor

@r4f4 r4f4 commented Nov 3, 2023

Provision AWS infrastructure without the use of Terraform.

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Nov 3, 2023
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Nov 3, 2023
edited by openshift-ci bot
Loading

@r4f4: This pull request references CORS-2830 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the epic to target the "4.15.0" version, but no target version was set.

Details

In response to this:

Provision AWS infrastructure without the use of Terraform.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

r4f4
r4f4 commented Nov 3, 2023
View reviewed changes
Copy link
Contributor Author

@r4f4 r4f4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/hold

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 3, 2023
@r4f4 r4f4 mentioned this pull request Nov 3, 2023
Closed
@r4f4
Copy link
Contributor Author

r4f4 commented Nov 3, 2023

/test e2e-aws-ovn-shared-vpc

@r4f4
Copy link
Contributor Author

r4f4 commented Nov 4, 2023

/test verify-vendor
/test verify-codegen
/test unit
/test gofmt
/test golint
/test govet

@r4f4
Copy link
Contributor Author

r4f4 commented Nov 4, 2023

The linter complaints about sets can be solved once #7680 merges.

@r4f4
Copy link
Contributor Author

r4f4 commented Nov 6, 2023

Update: squashed fixup commits.

r4f4
r4f4 commented Nov 6, 2023
View reviewed changes
pkg/infrastructure/aws/vpc.go Outdated
Comment on lines 186 to 200
Copy link
Contributor Author

@r4f4 r4f4 Nov 6, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ops, this was supposed to go together with afcb170. I'll fix once I have other feedback to work on.

@mtulio
Copy link
Contributor

mtulio commented Nov 6, 2023
edited
Loading

Reviewing Local Zones:
1721327505312321536 reports a bug, not related to this PR. I filing a bug for it. For some reason the new zone in Las Vegas (us-west-2-las-1b) isn't filling the instance type, because AWS is not returning anything in their API:

 aws ec2 describe-instance-type-offerings --region us-west-2 --location-type availability-zone --filters Name=location,Values=us-west-2-las-1b
{
    "InstanceTypeOfferings": []
}

$ aws ec2 describe-instance-type-offerings --region us-west-2 --location-type availability-zone --filters Name=location,Values=us-west-2-las-1a  | jq .InstanceTypeOfferings[].InstanceType
"t3.xlarge"
"c5d.2xlarge"
"c5d.12xlarge"
"t3.medium"
"r5d.2xlarge"
"c5d.4xlarge"
"g4dn.2xlarge"

/test e2e-aws-ovn-localzones

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Nov 6, 2023
@r4f4
Copy link
Contributor Author

r4f4 commented Nov 6, 2023

/test ?

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Nov 6, 2023

@r4f4: The following commands are available to trigger required jobs:

  • /test agent-integration-tests
  • /test altinfra-images
  • /test aro-unit
  • /test e2e-agent-compact-ipv4
  • /test e2e-aws-ovn
  • /test e2e-aws-ovn-upi
  • /test e2e-azure-ovn
  • /test e2e-azure-ovn-upi
  • /test e2e-gcp-ovn
  • /test e2e-gcp-ovn-upi
  • /test e2e-metal-ipi-ovn-ipv6
  • /test e2e-openstack-ovn
  • /test e2e-vsphere-ovn
  • /test e2e-vsphere-upi
  • /test gofmt
  • /test golint
  • /test govet
  • /test images
  • /test okd-images
  • /test okd-scos-images
  • /test okd-unit
  • /test okd-verify-codegen
  • /test openstack-manifests
  • /test shellcheck
  • /test tf-lint
  • /test unit
  • /test verify-codegen
  • /test verify-vendor
  • /test yaml-lint

The following commands are available to trigger optional jobs:

  • /test altinfra-e2e-aws-ovn
  • /test altinfra-e2e-aws-ovn-imdsv2
  • /test altinfra-e2e-aws-ovn-localzones
  • /test altinfra-e2e-aws-ovn-shared-vpc
  • /test altinfra-e2e-aws-ovn-shared-vpc-localzones
  • /test altinfra-e2e-azure-ovn
  • /test altinfra-e2e-azure-ovn-resourcegroup
  • /test altinfra-e2e-azure-ovn-shared-vpc
  • /test e2e-agent-compact-ipv4-appliance
  • /test e2e-agent-compact-ipv4-none-platform
  • /test e2e-agent-ha-dualstack
  • /test e2e-agent-sno-ipv4-pxe
  • /test e2e-agent-sno-ipv6
  • /test e2e-alibaba
  • /test e2e-aws-custom-security-groups
  • /test e2e-aws-ovn-fips
  • /test e2e-aws-ovn-imdsv2
  • /test e2e-aws-ovn-localzones
  • /test e2e-aws-ovn-proxy
  • /test e2e-aws-ovn-public-subnets
  • /test e2e-aws-ovn-shared-vpc
  • /test e2e-aws-ovn-shared-vpc-localzones
  • /test e2e-aws-ovn-single-node
  • /test e2e-aws-ovn-upgrade
  • /test e2e-aws-ovn-workers-rhel8
  • /test e2e-aws-upi-proxy
  • /test e2e-azure-ovn-resourcegroup
  • /test e2e-azure-ovn-shared-vpc
  • /test e2e-azurestack
  • /test e2e-azurestack-upi
  • /test e2e-crc
  • /test e2e-gcp-ovn-shared-vpc
  • /test e2e-gcp-ovn-xpn
  • /test e2e-gcp-secureboot
  • /test e2e-gcp-upgrade
  • /test e2e-gcp-upi-xpn
  • /test e2e-ibmcloud-ovn
  • /test e2e-libvirt
  • /test e2e-metal-assisted
  • /test e2e-metal-ipi-ovn-dualstack
  • /test e2e-metal-ipi-sdn
  • /test e2e-metal-ipi-sdn-swapped-hosts
  • /test e2e-metal-ipi-sdn-virtualmedia
  • /test e2e-metal-single-node-live-iso
  • /test e2e-nutanix-ovn
  • /test e2e-nutanix-sdn
  • /test e2e-openstack-ccpmso
  • /test e2e-openstack-ccpmso-zone
  • /test e2e-openstack-dualstack-techpreview
  • /test e2e-openstack-externallb
  • /test e2e-openstack-nfv-intel
  • /test e2e-openstack-proxy
  • /test e2e-openstack-sdn-parallel
  • /test e2e-openstack-upi
  • /test e2e-vsphere-static-ovn
  • /test e2e-vsphere-upi-zones
  • /test e2e-vsphere-zones
  • /test e2e-vsphere-zones-techpreview
  • /test okd-e2e-agent-compact-ipv4
  • /test okd-e2e-agent-ha-dualstack
  • /test okd-e2e-agent-sno-ipv6
  • /test okd-e2e-aws-ovn
  • /test okd-e2e-aws-ovn-upgrade
  • /test okd-e2e-gcp
  • /test okd-e2e-gcp-ovn-upgrade
  • /test okd-e2e-vsphere
  • /test okd-scos-e2e-agent-compact-ipv4
  • /test okd-scos-e2e-agent-sno-ipv6
  • /test okd-scos-e2e-aws-ovn
  • /test okd-scos-e2e-aws-upgrade
  • /test okd-scos-e2e-gcp
  • /test okd-scos-e2e-gcp-ovn-upgrade
  • /test okd-scos-e2e-vsphere
  • /test okd-scos-unit
  • /test okd-scos-verify-codegen
  • /test tf-fmt

Use /test all to run the following jobs that were automatically triggered:

  • pull-ci-openshift-installer-master-altinfra-images
  • pull-ci-openshift-installer-master-aro-unit
  • pull-ci-openshift-installer-master-e2e-aws-custom-security-groups
  • pull-ci-openshift-installer-master-e2e-aws-ovn
  • pull-ci-openshift-installer-master-e2e-aws-ovn-fips
  • pull-ci-openshift-installer-master-e2e-aws-ovn-imdsv2
  • pull-ci-openshift-installer-master-e2e-aws-ovn-localzones
  • pull-ci-openshift-installer-master-e2e-aws-ovn-shared-vpc
  • pull-ci-openshift-installer-master-e2e-aws-ovn-shared-vpc-localzones
  • pull-ci-openshift-installer-master-e2e-aws-ovn-single-node
  • pull-ci-openshift-installer-master-gofmt
  • pull-ci-openshift-installer-master-golint
  • pull-ci-openshift-installer-master-govet
  • pull-ci-openshift-installer-master-images
  • pull-ci-openshift-installer-master-okd-e2e-aws-ovn-upgrade
  • pull-ci-openshift-installer-master-okd-images
  • pull-ci-openshift-installer-master-okd-scos-images
  • pull-ci-openshift-installer-master-okd-scos-unit
  • pull-ci-openshift-installer-master-okd-scos-verify-codegen
  • pull-ci-openshift-installer-master-okd-unit
  • pull-ci-openshift-installer-master-okd-verify-codegen
  • pull-ci-openshift-installer-master-shellcheck
  • pull-ci-openshift-installer-master-tf-fmt
  • pull-ci-openshift-installer-master-tf-lint
  • pull-ci-openshift-installer-master-unit
  • pull-ci-openshift-installer-master-verify-codegen
  • pull-ci-openshift-installer-master-verify-vendor
  • pull-ci-openshift-installer-master-yaml-lint
Details

In response to this:

/test ?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@r4f4
Copy link
Contributor Author

r4f4 commented Nov 6, 2023

/test e2e-aws-ovn-proxy
/test e2e-aws-ovn-public-subnets

1 similar comment
@r4f4
Copy link
Contributor Author

r4f4 commented Nov 7, 2023

/test e2e-aws-ovn-proxy
/test e2e-aws-ovn-public-subnets

@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Nov 7, 2023
@r4f4
Copy link
Contributor Author

r4f4 commented Nov 7, 2023

Update: rebased to fix merge conflicts.

@r4f4
Copy link
Contributor Author

r4f4 commented Nov 7, 2023

/test e2e-aws-ovn-proxy
/test e2e-aws-ovn-public-subnets

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Nov 7, 2023
@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Nov 8, 2023
@r4f4
Copy link
Contributor Author

r4f4 commented Nov 8, 2023

Update:

  • Rebased to fix merge conflicts
  • Added a fix for public-only subnets
  • Enable SDK provisioning by default on altinfra image.

@r4f4
Copy link
Contributor Author

r4f4 commented Nov 8, 2023

/test e2e-aws-ovn-public-subnets

1 similar comment
@r4f4
Copy link
Contributor Author

r4f4 commented Nov 8, 2023

/test e2e-aws-ovn-public-subnets

@patrickdillon
Copy link
Contributor

patrickdillon commented Nov 9, 2023

/test altinfra-e2e-aws-ovn

r4f4 added 18 commits November 16, 2023 15:21
@r4f4
infra/aws: create compute resources
d3f15ef
@r4f4
destroy/aws: generalize functions for reuse
8c2c5d5 
These functions can be reused to destroy bootstrap resources when
provisioning a cluster without terraform.
@r4f4
CORS-2833: infra/aws: implement bootstrap destroy
4aa2b19
@r4f4
infra/aws: generate output from cluster provisioning
4e3c1de 
This output will be useful when information is needed about resources
created during cluster provisioning.
@r4f4
CORS-2834: infra/aws: implement bootstrap gather
9a20ef7
@r4f4
CORS-2878: infra/aws: support existing/shared VPC
c8bbdaf 
Installs to existing subnets when installconfig.platform.aws.subnets is
specified
@r4f4
CORS-2943: infra/aws: copy AMI when not in target region.
b66a588
@r4f4
CORS-2944: infra/aws: support CNAME for gov cloud regions
8e6aed0
@r4f4
aws: vendor changes
cba8f1d
@r4f4
CORS-2887: infra/aws: preserve bootstrap ignition when specified
f8a53e2 
Bootstrap ignition is not deleted when
installconfig.platform.aws.preserveBootstrapIgnition is specified.
@r4f4
CORS-2880: infra/aws: use user-supplied iam role
914fb2f 
iam role is correctly attached to control plane node when
installconfig.controlPlane.platform.aws.iamRole is specified
@r4f4
CORS-2881: infra/aws: support AWS local zones
258d5e5
@r4f4
infra/aws: wait for instance to acquire IP address
651082b 
We need to know the instances IP address so we can gather logs in case
something goes wrong. Since it might take a while for an instance to
acquire an IP address, let's wait until that happens when creating an
instance.
@r4f4
infra/aws: reuse code to associate a subnet with a route table
4183eda
@r4f4
CORS-2886: infra/aws: phz and shared VPC support
53ffdb2 
Private hosted zone and cross-account shared vpc works when
installconfig.platform.aws.hostedZone is specified.
@r4f4
infra/aws: use a boolean for public endpoints.
b75d9eb 
It's a bit better than comparing strings all the time.
@r4f4
infra/aws: fix public subnets only clusters
6ed6982 
We must allow control plane VMs to acquire a public IP if we are running
with public subnets only (and no nat gateway).
@r4f4
infra: enable AWS SDK provider when building altinfra image
393fc2e
@r4f4
Copy link
Contributor Author

r4f4 commented Nov 16, 2023

Update: rebased on top of current master and squashed commits.
/hold cancel

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 16, 2023
@r4f4
Copy link
Contributor Author

r4f4 commented Nov 16, 2023

/label acknowledge-critical-fixes-only
This funtionality is built with a separate build TAG, so it shouldn't affect releases. The only change that could have some kind of impact on standard releases is 8c2c5d5.

@openshift-ci openshift-ci bot added the acknowledge-critical-fixes-only Indicates if the issuer of the label is OK with the policy. label Nov 16, 2023
@patrickdillon
Copy link
Contributor

patrickdillon commented Nov 16, 2023

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Nov 16, 2023
@openshift-merge-bot openshift-merge-bot bot merged commit 7f7d6ec into openshift:master Nov 16, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Nov 16, 2023

@r4f4: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/altinfra-e2e-aws-upi-proxy cdf5bf2f870ae965326c0a366ac76b21387c5700 link false /test altinfra-e2e-aws-upi-proxy
ci/prow/e2e-aws-ovn-localzones 393fc2e link false /test e2e-aws-ovn-localzones
ci/prow/okd-e2e-aws-ovn-upgrade 393fc2e link false /test okd-e2e-aws-ovn-upgrade
ci/prow/e2e-aws-ovn-shared-vpc-localzones 393fc2e link false /test e2e-aws-ovn-shared-vpc-localzones

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@openshift-bot
Copy link
Contributor

openshift-bot commented Nov 16, 2023

[ART PR BUILD NOTIFIER]

This PR has been included in build ose-installer-altinfra-container-v4.15.0-202311161952.p0.g7f7d6ec.assembly.stream for distgit ose-installer-altinfra.
All builds following this will include this PR.

@r4f4 r4f4 mentioned this pull request Nov 21, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtulio mtulio Awaiting requested review from mtulio

@patrickdillon patrickdillon Awaiting requested review from patrickdillon

Assignees

@patrickdillon patrickdillon

Labels

acknowledge-critical-fixes-only Indicates if the issuer of the label is OK with the policy. approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@r4f4 @openshift-ci-robot @mtulio @patrickdillon @openshift-bot @openshift-merge-robot