openshift · openshift-merge-robot · Jul 9, 2020 · Jun 5, 2020 · wking · Jun 17, 2020
diff --git a/ci-operator/config/openshift/installer/openshift-installer-master.yaml b/ci-operator/config/openshift/installer/openshift-installer-master.yaml
@@ -194,10 +194,6 @@ tests:
   openshift_installer:
     cluster_profile: gcp
     upgrade: true
-- as: e2e-vsphere-upi
-  commands: TEST_SUITE=openshift/conformance/parallel run-tests
-  openshift_installer_upi:
-    cluster_profile: vsphere
 - as: e2e-metal-ipi
   steps:
     cluster_profile: packet
@@ -206,6 +202,10 @@ tests:
   steps:
     cluster_profile: vsphere
     workflow: openshift-e2e-vsphere
+- as: e2e-vsphere-upi
+  steps:
+    cluster_profile: vsphere
+    workflow: openshift-e2e-vsphere-upi
 zz_generated_metadata:
   branch: master
   org: openshift

diff --git a/ci-operator/config/openshift/installer/openshift-installer-release-4.4.yaml b/ci-operator/config/openshift/installer/openshift-installer-release-4.4.yaml
@@ -171,9 +171,9 @@ tests:
     cluster_profile: gcp
     upgrade: true
 - as: e2e-vsphere
-  commands: TEST_SUITE=openshift/conformance/parallel run-tests
-  openshift_installer_upi:
+  steps:
     cluster_profile: vsphere
+    workflow: openshift-e2e-vsphere-upi
 - as: e2e-metal-ipi
   steps:
     cluster_profile: packet

diff --git a/ci-operator/jobs/openshift/installer/openshift-installer-master-presubmits.yaml b/ci-operator/jobs/openshift/installer/openshift-installer-master-presubmits.yaml
@@ -2054,16 +2054,8 @@ presubmits:
         - --report-username=ci
         - --secret-dir=/usr/local/e2e-vsphere-upi-cluster-profile
         - --target=e2e-vsphere-upi
-        - --template=/usr/local/e2e-vsphere-upi
         command:
         - ci-operator
-        env:
-        - name: CLUSTER_TYPE
-          value: vsphere
-        - name: JOB_NAME_SAFE
-          value: e2e-vsphere-upi
-        - name: TEST_COMMAND
-          value: TEST_SUITE=openshift/conformance/parallel run-tests
         image: ci-operator:latest
         imagePullPolicy: Always
         name: ""
@@ -2076,9 +2068,6 @@ presubmits:
           readOnly: true
         - mountPath: /usr/local/e2e-vsphere-upi-cluster-profile
           name: cluster-profile
-        - mountPath: /usr/local/e2e-vsphere-upi
-          name: job-definition
-          subPath: cluster-launch-installer-upi-e2e.yaml
         - mountPath: /etc/pull-secret
           name: pull-secret
           readOnly: true
@@ -2098,9 +2087,6 @@ presubmits:
           sources:
           - secret:
               name: cluster-secrets-vsphere
-      - configMap:
-          name: prow-job-cluster-launch-installer-upi-e2e
-        name: job-definition
       - name: pull-secret
         secret:
           secretName: regcred

diff --git a/ci-operator/jobs/openshift/installer/openshift-installer-release-4.4-presubmits.yaml b/ci-operator/jobs/openshift/installer/openshift-installer-release-4.4-presubmits.yaml
@@ -1926,16 +1926,8 @@ presubmits:
         - --report-username=ci
         - --secret-dir=/usr/local/e2e-vsphere-cluster-profile
         - --target=e2e-vsphere
-        - --template=/usr/local/e2e-vsphere
         command:
         - ci-operator
-        env:
-        - name: CLUSTER_TYPE
-          value: vsphere
-        - name: JOB_NAME_SAFE
-          value: e2e-vsphere
-        - name: TEST_COMMAND
-          value: TEST_SUITE=openshift/conformance/parallel run-tests
         image: ci-operator:latest
         imagePullPolicy: Always
         name: ""
@@ -1948,9 +1940,6 @@ presubmits:
           readOnly: true
         - mountPath: /usr/local/e2e-vsphere-cluster-profile
           name: cluster-profile
-        - mountPath: /usr/local/e2e-vsphere
-          name: job-definition
-          subPath: cluster-launch-installer-upi-e2e.yaml
         - mountPath: /etc/pull-secret
           name: pull-secret
           readOnly: true
@@ -1970,9 +1959,6 @@ presubmits:
           sources:
           - secret:
               name: cluster-secrets-vsphere
-      - configMap:
-          name: prow-job-cluster-launch-installer-upi-e2e
-        name: job-definition
       - name: pull-secret
         secret:
           secretName: regcred

diff --git a/ci-operator/step-registry/openshift/e2e/vsphere/upi/OWNERS b/ci-operator/step-registry/openshift/e2e/vsphere/upi/OWNERS
@@ -0,0 +1,4 @@
+approvers:
+- abhinavdahiya
+- jcpowermac
+- patrickdillon
diff --git a/ci-operator/step-registry/openshift/e2e/vsphere/upi/openshift-e2e-vsphere-upi-workflow.yaml b/ci-operator/step-registry/openshift/e2e/vsphere/upi/openshift-e2e-vsphere-upi-workflow.yaml
@@ -0,0 +1,11 @@
+workflow:
+  as: openshift-e2e-vsphere-upi
+  steps:
+    pre:
+    - chain: upi-vsphere-pre
+    test:
+    - ref: openshift-e2e-test
+    post:
+    - chain: upi-vsphere-post
+  documentation: |-
+    VSphere E2E wraps the Openshift E2E workflow and executes the common end-to-end test suite.
diff --git a/ci-operator/step-registry/upi/conf/vsphere/OWNERS b/ci-operator/step-registry/upi/conf/vsphere/OWNERS
@@ -0,0 +1,4 @@
+approvers:
+- abhinavdahiya
+- jcpowermac
+- patrickdillon
diff --git a/ci-operator/step-registry/upi/conf/vsphere/ova/OWNERS b/ci-operator/step-registry/upi/conf/vsphere/ova/OWNERS
@@ -0,0 +1,4 @@
+approvers:
+- abhinavdahiya
+- jcpowermac
+- patrickdillon
diff --git a/ci-operator/step-registry/upi/conf/vsphere/ova/upi-conf-vsphere-ova-commands.sh b/ci-operator/step-registry/upi/conf/vsphere/ova/upi-conf-vsphere-ova-commands.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+set -o nounset
+set -o errexit
+set -o pipefail
+
+trap 'CHILDREN=$(jobs -p); if test -n "${CHILDREN}"; then kill ${CHILDREN} && wait; fi' TERM
+
+HOME=/tmp
+export HOME
+
+echo "$(date -u --rfc-3339=seconds) - Locating RHCOS image for release..."
+
+openshift_install_path="/var/lib/openshift-install"
+image_json_file="${openshift_install_path}/rhcos.json"
+fcos_json_file="${openshift_install_path}/fcos.json"
+
+if [[ -f "$fcos_json_file" ]]; then
+    image_json_file=$fcos_json_file
+fi
+
+ova_url="$(jq -r '.baseURI + .images["vmware"].path' $image_json_file)"
+vm_template="${ova_url##*/}"
+
+echo "$(date -u --rfc-3339=seconds) - Configuring govc exports..."
+# shellcheck source=/dev/null
+source "${SHARED_DIR}/govc.sh"
+
+cat > /tmp/rhcos.json << EOF
+{
+   "DiskProvisioning": "thin",
+   "MarkAsTemplate": false,
+   "PowerOn": false,
+   "InjectOvfEnv": false,
+   "WaitForIP": false,
+   "Name": "${vm_template}"
+}
+EOF
+
+echo "$(date -u --rfc-3339=seconds) - Checking if RHCOS OVA needs to be downloaded from ${ova_url}..."
+
+if [[ "$(govc vm.info "${vm_template}" | wc -c)" -eq 0 ]]
+then
+    echo "$(date -u --rfc-3339=seconds) - Creating a template for the VMs from ${ova_url}..."
+    curl -L -o /tmp/rhcos.ova "${ova_url}"
+    govc import.ova -options=/tmp/rhcos.json /tmp/rhcos.ova &
+    wait "$!"
+fi
diff --git a/ci-operator/step-registry/upi/conf/vsphere/ova/upi-conf-vsphere-ova-ref.yaml b/ci-operator/step-registry/upi/conf/vsphere/ova/upi-conf-vsphere-ova-ref.yaml
@@ -0,0 +1,12 @@
+ref:
+  as: upi-conf-vsphere-ova
+  from: upi-installer
+  commands: upi-conf-vsphere-ova-commands.sh
+  resources:
+    requests:
+      cpu: 1000m
+      memory: 512Mi
+  documentation: >-
+    vSphere OVA checks if appropriate template exists.
+    If it does not exist download the ova and upload to vCenter.
+
diff --git a/ci-operator/step-registry/upi/conf/vsphere/upi-conf-vsphere-chain.yaml b/ci-operator/step-registry/upi/conf/vsphere/upi-conf-vsphere-chain.yaml
@@ -0,0 +1,11 @@
+chain:
+  as: upi-conf-vsphere
+  steps:
+  - ref: ipi-conf
+  - ref: upi-conf-vsphere
+  - ref: upi-conf-vsphere-ova
+  documentation: >-
+    This chain generates the files necessary to deploy a vSphere UPI cluster.
+    It creates an install-config.yaml using the ipi-conf-vsphere chain.
+    Then it uses that file to create the Ignition, metadata.json, and kubeconfig files.
+    These files are copied to the shared dir for future consumption.
diff --git a/ci-operator/step-registry/upi/conf/vsphere/upi-conf-vsphere-commands.sh b/ci-operator/step-registry/upi/conf/vsphere/upi-conf-vsphere-commands.sh
@@ -0,0 +1,149 @@
+#!/bin/bash
+
+set -o nounset
+set -o errexit
+set -o pipefail
+
+trap 'CHILDREN=$(jobs -p); if test -n "${CHILDREN}"; then kill ${CHILDREN} && wait; fi' TERM
+
+if [[ -z "$RELEASE_IMAGE_LATEST" ]]; then
+  echo "RELEASE_IMAGE_LATEST is an empty string, exiting"
+  exit 1
+fi
+
+export HOME=/tmp
+export OPENSHIFT_INSTALL_RELEASE_IMAGE_OVERRIDE=${RELEASE_IMAGE_LATEST}
+# Ensure ignition assets are configured with the correct invoker to track CI jobs.
+export OPENSHIFT_INSTALL_INVOKER=openshift-internal-ci/${JOB_NAME_SAFE}/${BUILD_ID}
+
+echo "$(date -u --rfc-3339=seconds) - Creating reusable variable files..."
+# Create basedomain.txt
+echo "origin-ci-int-aws.dev.rhcloud.com" > "${SHARED_DIR}"/basedomain.txt
+base_domain=$(<"${SHARED_DIR}"/basedomain.txt)
+
+# Create clustername.txt
+echo "${NAMESPACE}-${JOB_NAME_HASH}" > "${SHARED_DIR}"/clustername.txt
+cluster_name=$(<"${SHARED_DIR}"/clustername.txt)
+
+# Create clusterdomain.txt
+echo "${cluster_name}.${base_domain}" > "${SHARED_DIR}"/clusterdomain.txt
+cluster_domain=$(<"${SHARED_DIR}"/clusterdomain.txt)
+
+
+ssh_pub_key_path="${CLUSTER_PROFILE_DIR}/ssh-publickey"
+install_config="${SHARED_DIR}/install-config.yaml"
+tfvars_path=/var/run/secrets/ci.openshift.io/cluster-profile/secret.auto.tfvars
+vsphere_user=$(grep -oP 'vsphere_user\s*=\s*"\K[^"]+' ${tfvars_path})
+vsphere_password=$(grep -oP 'vsphere_password\s*=\s*"\K[^"]+' ${tfvars_path})
+ova_url="$(jq -r '.baseURI + .images["vmware"].path' /var/lib/openshift-install/rhcos.json)"
+vm_template="${ova_url##*/}"
+
+
+echo "$(date -u --rfc-3339=seconds) - Creating govc.sh file..."
+cat >> "${SHARED_DIR}/govc.sh" << EOF
+export GOVC_URL=vcsa-ci.vmware.devcluster.openshift.com
+export GOVC_USERNAME="${vsphere_user}"
+export GOVC_PASSWORD="${vsphere_password}"
+export GOVC_INSECURE=1
+export GOVC_DATACENTER=dc1
+export GOVC_DATASTORE=vsanDatastore
+EOF
+
+echo "$(date -u --rfc-3339=seconds) - Extend install-config.yaml ..."
+
+# We are not setting
+# machineCIDR: 139.178.94.128/25
+# does this cause an issue?
+cat >> "${install_config}" << EOF
+baseDomain: $base_domain
+controlPlane:
+  name: "master"
+  replicas: 3
+compute:
+- name: "worker"
+  replicas: 0
+platform:
+  vsphere:
+    cluster: devel
+    datacenter: dc1
+    defaultDatastore: vsanDatastore
+    network: "VM Network"
+    password: ${vsphere_password}
+    username: ${vsphere_user}
+    vCenter: vcsa-ci.vmware.devcluster.openshift.com
+    folder: "/dc1/vm/${cluster_name}"
+EOF
+
+echo "$(date -u --rfc-3339=seconds) - Create terraform.tfvars ..."
+cat > "${SHARED_DIR}/terraform.tfvars" <<-EOF
+machine_cidr = "139.178.94.128/25"
+vm_template = "${vm_template}"
+vsphere_cluster = "devel"
+vsphere_datacenter = "dc1"
+vsphere_datastore = "vsanDatastore"
+vsphere_server = "vcsa-ci.vmware.devcluster.openshift.com"
+ipam = "139.178.89.254"
+cluster_id = "${cluster_name}"
+base_domain = "${base_domain}"
+cluster_domain = "${cluster_domain}"
+ssh_public_key_path = "${ssh_pub_key_path}"
+compute_memory = "16384"
+compute_num_cpus = "4"
+EOF
+
+dir=/tmp/installer
+mkdir "${dir}/"
+pushd ${dir}
+cp -t "${dir}" \
+    "${SHARED_DIR}/install-config.yaml"
+
+### Create manifests
+echo "Creating manifests..."
+openshift-install --dir="${dir}" create manifests &
+
+set +e
+wait "$!"
+ret="$?"
+set -e
+
+if [ $ret -ne 0 ]; then
+  cp "${dir}/.openshift_install.log" "${ARTIFACT_DIR}/.openshift_install.log"
+  exit "$ret"
+fi
+
+### Remove control plane machines
+echo "Removing control plane machines..."
+rm -f openshift/99_openshift-cluster-api_master-machines-*.yaml
+
+### Remove compute machinesets (optional)
+echo "Removing compute machinesets..."
+rm -f openshift/99_openshift-cluster-api_worker-machineset-*.yaml
+
+### Make control-plane nodes unschedulable
+echo "Making control-plane nodes unschedulable..."
+sed -i "s;mastersSchedulable: true;mastersSchedulable: false;g" manifests/cluster-scheduler-02-config.yml
+
+### Create Ignition configs
+echo "Creating Ignition configs..."
+openshift-install --dir="${dir}" create ignition-configs &
+
+set +e
+wait "$!"
+ret="$?"
+set -e
+
+cp "${dir}/.openshift_install.log" "${ARTIFACT_DIR}/.openshift_install.log"
+
+if [ $ret -ne 0 ]; then
+  exit "$ret"
+fi
+
+cp -t "${SHARED_DIR}" \
+    "${dir}/auth/kubeadmin-password" \
+    "${dir}/auth/kubeconfig" \
+    "${dir}/metadata.json" \
+    "${dir}"/*.ign
+
+# Removed tar of openshift state. Not enough room in SHARED_DIR with terraform state
+
+popd
diff --git a/ci-operator/step-registry/upi/conf/vsphere/upi-conf-vsphere-ref.yaml b/ci-operator/step-registry/upi/conf/vsphere/upi-conf-vsphere-ref.yaml
@@ -0,0 +1,13 @@
+ref:
+  as: upi-conf-vsphere
+  from: upi-installer
+  commands: upi-conf-vsphere-commands.sh
+  resources:
+    requests:
+      cpu: 10m
+      memory: 100Mi
+  documentation: >-
+    This step creates the files necessary to deploy a vSphere UPI cluster.
+    It requires an existing install-config.yaml to exist in the shared directory with the necessary configuration to deploy a cluster to the vSphere CI project.
+    It uses this install-config.yaml to generate the govc.sh, Ignition, metadata.json, and kubeconfig files with the modifications required to support the vSphere UPI workflow.
+    These files are copied to the shared directory for future consumption.
diff --git a/ci-operator/step-registry/upi/deprovision/vsphere/OWNERS b/ci-operator/step-registry/upi/deprovision/vsphere/OWNERS
@@ -0,0 +1,4 @@
+approvers:
+- abhinavdahiya
+- jcpowermac
+- patrickdillon