From a4948da155974fc04dc0bd6e8dcdc1d56507a427 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Wed, 24 Apr 2019 10:37:16 -0700 Subject: [PATCH] ci-operator/templates/openshift: Drop KUBE_SSH_* These are from b7cc91630c (Set KUBE_SSH_USER for new installer for AWS tests, #2274) and 43dde9e751 (Set KUBE_SSH_BASTION and KUBE_SSH_KEY_PATH in installer tests, 2018-12-23, #2469). But moving forward, reliable SSH access direct to nodes will be hard, with things like openshift/installer@6add0ab447 (Remove public IPs from masters, 2019-01-10, openshift/installer#1045) making a SSH bastion a requirement for that sort of thing (at least on AWS). Going forward, ideally e2e tests can be ported to use privileged pods within the cluster to check what they need to check. But however that works out, stop carrying local dead code that is not affecting test results. We can always drag it back out of version control later if it turns out we actually want to go down the KUBE_SSH_* route. --- .../installer/cluster-launch-installer-console.yaml | 4 ---- .../openshift/installer/cluster-launch-installer-e2e.yaml | 4 ---- .../installer/cluster-launch-installer-metal-e2e.yaml | 2 -- .../installer/cluster-launch-installer-openstack-e2e.yaml | 3 --- .../openshift/installer/cluster-launch-installer-src.yaml | 4 ---- .../installer/cluster-launch-installer-upi-e2e.yaml | 4 ---- .../openshift/openshift-ansible/cluster-launch-e2e-40.yaml | 3 --- .../cluster-launch-e2e-openshift-ansible.yaml | 1 - .../cluster-launch-e2e-openshift-jenkins.yaml | 2 -- .../openshift-ansible/cluster-launch-e2e-upgrade.yaml | 1 - .../openshift/openshift-ansible/cluster-launch-e2e.yaml | 1 - .../openshift/openshift-ansible/cluster-launch-src.yaml | 1 - .../openshift/openshift-ansible/cluster-scaleup-e2e-40.yaml | 5 ----- 13 files changed, 35 deletions(-) diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-console.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-console.yaml index 4ccead6181762..12754ae9573f9 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-console.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-console.yaml @@ -145,11 +145,8 @@ objects: done # set up cloud-provider-specific env vars - export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" - export KUBE_SSH_KEY_PATH=/tmp/cluster/ssh-privatekey if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' @@ -160,7 +157,6 @@ objects: export PROVIDER_ARGS="-provider=aws -gce-zone=us-east-1" # TODO: make openshift-tests auto-discover this from cluster config export TEST_PROVIDER='{"type":"aws","region":"us-east-1","zone":"us-east-1a","multizone":true,"multimaster":true}' - export KUBE_SSH_USER=core elif [[ "${CLUSTER_TYPE}" == "openstack" ]]; then mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/kube_openstack_rsa || true diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-e2e.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-e2e.yaml index 33e91fd4b80a1..1c6c260a60711 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-e2e.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-e2e.yaml @@ -138,11 +138,8 @@ objects: done # set up cloud-provider-specific env vars - export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" - export KUBE_SSH_KEY_PATH=/tmp/cluster/ssh-privatekey if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' @@ -153,7 +150,6 @@ objects: export PROVIDER_ARGS="-provider=aws -gce-zone=us-east-1" # TODO: make openshift-tests auto-discover this from cluster config export TEST_PROVIDER='{"type":"aws","region":"us-east-1","zone":"us-east-1a","multizone":true,"multimaster":true}' - export KUBE_SSH_USER=core fi mkdir -p /tmp/output diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-metal-e2e.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-metal-e2e.yaml index f6e73d205a1cd..7ed9466bfb556 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-metal-e2e.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-metal-e2e.yaml @@ -145,8 +145,6 @@ objects: done # set up cloud-provider-specific env vars - export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" - export KUBE_SSH_KEY_PATH=/tmp/cluster/ssh-privatekey mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/kube_metal_rsa || true diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-openstack-e2e.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-openstack-e2e.yaml index 6fdf37ca560c3..a27ea526c342b 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-openstack-e2e.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-openstack-e2e.yaml @@ -142,9 +142,6 @@ objects: sleep 10 & wait done - # set up env vars - export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" - export KUBE_SSH_KEY_PATH=/tmp/cluster/ssh-privatekey mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/kube_openstack_rsa || true diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-src.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-src.yaml index 00d46d09847d0..e206f339033cb 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-src.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-src.yaml @@ -141,11 +141,8 @@ objects: done # set up cloud-provider-specific env vars - export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" - export KUBE_SSH_KEY_PATH=/tmp/cluster/ssh-privatekey if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' @@ -156,7 +153,6 @@ objects: export PROVIDER_ARGS="-provider=aws -gce-zone=us-east-1" # TODO: make openshift-tests auto-discover this from cluster config export TEST_PROVIDER='{"type":"aws","region":"us-east-1","zone":"us-east-1a","multizone":true,"multimaster":true}' - export KUBE_SSH_USER=core elif [[ "${CLUSTER_TYPE}" == "openstack" ]]; then mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/kube_openstack_rsa || true diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml index 3a947623e6666..99330de42c6a9 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml @@ -210,11 +210,8 @@ objects: done # set up cloud-provider-specific env vars - export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" - export KUBE_SSH_KEY_PATH=/tmp/cluster/ssh-privatekey if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' @@ -225,7 +222,6 @@ objects: export PROVIDER_ARGS="-provider=aws -gce-zone=us-east-1" # TODO: make openshift-tests auto-discover this from cluster config export TEST_PROVIDER='{"type":"aws","region":"us-east-1","zone":"us-east-1a","multizone":true,"multimaster":true}' - export KUBE_SSH_USER=core fi mkdir -p /tmp/output diff --git a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-40.yaml b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-40.yaml index 0a289fb0ac087..35fc64beac885 100644 --- a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-40.yaml +++ b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-40.yaml @@ -126,11 +126,8 @@ objects: done # set up cloud-provider-specific env vars - export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" - export KUBE_SSH_KEY_PATH=/tmp/cluster/ssh-privatekey if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' diff --git a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-openshift-ansible.yaml b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-openshift-ansible.yaml index 1b035ad3f32e9..75fa7cf706f72 100644 --- a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-openshift-ansible.yaml +++ b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-openshift-ansible.yaml @@ -118,7 +118,6 @@ objects: # set up cloud-provider-specific env vars if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' diff --git a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-openshift-jenkins.yaml b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-openshift-jenkins.yaml index a46f18e0f4be3..096f1e4b26e7f 100644 --- a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-openshift-jenkins.yaml +++ b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-openshift-jenkins.yaml @@ -122,7 +122,6 @@ objects: # set up cloud provider specific env vars if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' @@ -210,7 +209,6 @@ objects: # set up cloud-provider-specific env vars if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' diff --git a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-upgrade.yaml b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-upgrade.yaml index 332fadfee53fd..f066c6e2f11e7 100644 --- a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-upgrade.yaml +++ b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e-upgrade.yaml @@ -122,7 +122,6 @@ objects: # set up cloud-provider-specific env vars if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' diff --git a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e.yaml b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e.yaml index 86f8063bed045..b70f1f9320174 100644 --- a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e.yaml +++ b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-e2e.yaml @@ -120,7 +120,6 @@ objects: # set up cloud-provider-specific env vars if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' diff --git a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-src.yaml b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-src.yaml index 020055c755082..196aba102c0f8 100644 --- a/ci-operator/templates/openshift/openshift-ansible/cluster-launch-src.yaml +++ b/ci-operator/templates/openshift/openshift-ansible/cluster-launch-src.yaml @@ -132,7 +132,6 @@ objects: # set up cloud-provider-specific env vars if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' diff --git a/ci-operator/templates/openshift/openshift-ansible/cluster-scaleup-e2e-40.yaml b/ci-operator/templates/openshift/openshift-ansible/cluster-scaleup-e2e-40.yaml index 3df4e382a346d..beeb20d7e1e32 100644 --- a/ci-operator/templates/openshift/openshift-ansible/cluster-scaleup-e2e-40.yaml +++ b/ci-operator/templates/openshift/openshift-ansible/cluster-scaleup-e2e-40.yaml @@ -202,13 +202,9 @@ objects: # oh god the blood sleep 180 - export KUBE_SSH_BASTION="$( oc get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" - export KUBE_SSH_KEY_PATH=/tmp/cluster/ssh-privatekey - # set up cloud-provider-specific env vars if [[ "${CLUSTER_TYPE}" == "gcp" ]]; then export GOOGLE_APPLICATION_CREDENTIALS="/tmp/cluster/gce.json" - export KUBE_SSH_USER=cloud-user mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/google_compute_engine || true export PROVIDER_ARGS='-provider=gce -gce-zone=us-east1-c -gce-project=openshift-gce-devel-ci' @@ -219,7 +215,6 @@ objects: export PROVIDER_ARGS="-provider=aws -gce-zone=us-east-1" # TODO: make openshift-tests auto-discover this from cluster config export TEST_PROVIDER='{"type":"aws","region":"us-east-1","zone":"us-east-1a","multizone":true,"multimaster":true}' - export KUBE_SSH_USER=core elif [[ "${CLUSTER_TYPE}" == "openstack" ]]; then mkdir -p ~/.ssh cp /tmp/cluster/ssh-privatekey ~/.ssh/kube_openstack_rsa || true