frankmit11 · Joshua-Beha · Jul 27, 2023 · Jul 28, 2023
diff --git a/ICIC_UPI/ocp_upi/inventory-yaml-README.md b/ICIC_UPI/ocp_upi/inventory-yaml-README.md
@@ -0,0 +1,7 @@
+# Quick notes:
+- For inventory file, make sure to replace any text that is surrounded by `<like this>`. These values should be in the TLS cert, the SSH key and the image registry credentials.
+- We thought it would be nice to be able to add multiple SSH keys to the OCP nodes. We didn't think there was a good way to do it automatically so the we manually edited the bootstrap.ign file where all SSH keys are listed to include a new SSH key.
+
+
+# Generating ignition files
+After editing the inventory.yaml to suit your needs, you should be able to just run "ansible-playbook -i inventory.yaml 01-preparation.yaml" and the bootstrap, master and worker.ign files should be generated.
diff --git a/ICIC_UPI/ocp_upi/inventory.yaml b/ICIC_UPI/ocp_upi/inventory.yaml
@@ -33,46 +33,51 @@ all:
     localhost:
       ansible_connection: local
       ansible_python_interpreter: "{{ansible_playbook_python}}"
-      
+
       # use_network_name: 'vlan_1287'
       # use_network_subnet: 'fe07a275-8314-47b0-b31d-bd6145c6ba2a'
 
       vm_type: 'zvm' # kvm or zvm
       disk_type: 'dasd' # dasd or scsi
       #volume_type_id: '<storage-template-id>'
-      
-      openshift_version: '4.10'
-      openshift_minor_version: '16'
-      
+
+      openshift_version: '4.12'
+      openshift_minor_version: '17'
+
       auto_allocated_ip: false  # true or false
       #allocation_pool_start: '<ip range start>'
       #allocation_pool_end: '<ip range end>'
       # os_flavor_bootstrap: 'medium'
       # os_flavor_master: 'ocpmgr_small'
-      # os_flavor_worker: 'ocpwrk_medium' 
+      # os_flavor_worker: 'ocpwrk_medium'
 
       # create_server_zone: 'z15_AZ'
       os_control_nodes_number: 3
-      os_compute_nodes_number: 3
+      os_compute_nodes_number: 6
 
       # os_bootstrap_ip: '10.20.84.59'
       # os_master_ip: ['10.20.84.62', '10.20.84.63', '10.20.84.64']
       # os_infra_ip: ['10.20.84.65', '10.20.84.66', '10.20.84.67']
-      
+
       use_proxy: false # true or false
       #http_proxy: '<http-proxy>'
       #https_proxy: '<https-proxy>'
       #no_proxy: '<no-proxy>'
 
       use_localreg: true # true or false
-      localreg_mirror: "intreg0.fpet.pokprv.stglabs.ibm.com:5000/test0/ocp4/openshift4/install"
+      localreg_mirror: "intreg0.fpet.pokprv.stglabs.ibm.com:5000/secret0/ocp4/openshift4/1217/install"
       localreg_source1: "quay.io/openshift-release-dev/ocp-release"
       localreg_source2: "quay.io/openshift-release-dev/ocp-v4.0-art-dev"
-      local_openshift_install: 'http://fpetutil.fpet.pokprv.stglabs.ibm.com/test0/openshift-install-linux.tar.gz'
-      local_openshift_client: 'http://fpetutil.fpet.pokprv.stglabs.ibm.com/test0/openshift-client-linux.tar.gz'
-      local_rhcos_image: 'http://fpetutil.fpet.pokprv.stglabs.ibm.com/test0/rhcos-4.10.16-s390x-dasd.s390x.raw.gz'
+      local_openshift_install: 'http://fpetutil.fpet.pokprv.stglabs.ibm.com/secret0/openshift-install-linux-4.12.17.tar.gz'
+      local_openshift_client: 'http://fpetutil.fpet.pokprv.stglabs.ibm.com/secret0/openshift-client-linux.tar.gz'
+      local_rhcos_image: 'http://fpetutil.fpet.pokprv.stglabs.ibm.com/secret0/rhcos-4.12.17-390x-live-rootfs.s390x.img'
+
+      additional_certs: |
+        additionalTrustBundle: |
+          -----BEGIN CERTIFICATE-----
+          <cert text>
+          -----END CERTIFICATE-----
 
-      additional_certs: "{{ lookup('file', '/home/lozcoc/zVM_UPI/test0_upi/certs/domain.crt') | indent (width=2) }}"
 
       # approve_nodes_csr: 35 # minute
       # create_server_timeout: 45 # minute
@@ -86,7 +91,8 @@ all:
 
   vars:
     # os_dns_domain: '10.0.10.4'
-    cluster_name: 'test0'
+    cluster_name: 'secret0'
     base_domain: 'fpet.pokprv.stglabs.ibm.com'
-    pullsecret: '{"auths":{"intreg0.fpet.pokprv.stglabs.ibm.com:5000": {"auth": "dGVzdDp0ZXN0MA=="}}}'
-    sshkey: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBlBQw4IBxyn9W2hF+MDTRW21fq91PT3e0fwnKa2aTQz [email protected]'
+    pullsecret: '{"auths":{"intreg0.fpet.pokprv.stglabs.ibm.com:5000": {"auth": "<base64 encoded username:password>"}}}'
+    sshkey: '<your ssh public key>'
+
diff --git a/ICIC_UPI/ocp_upi/roles/configure-install-config/tasks/main.yaml b/ICIC_UPI/ocp_upi/roles/configure-install-config/tasks/main.yaml
@@ -25,10 +25,10 @@
     src: templates/install-config-yaml.j2
     dest: "install-config.yaml"
 
-- name: Configure machine network in install configuration
-  ansible.builtin.script: tools/config-machine-network.py {{ sunbet_range.stdout_lines[0] }}
-  args:
-    executable: python3
+#- name: Configure machine network in install configuration
+#  ansible.builtin.script: tools/config-machine-network.py {{ sunbet_range.stdout_lines[0] }}
+#  args:
+#    executable: python3
 
 - name: Add http proxy and https proxy in install-config.yaml
   ansible.builtin.shell:

diff --git a/ICIC_UPI/ocp_upi/roles/configure-install-ignition/tasks/main.yaml b/ICIC_UPI/ocp_upi/roles/configure-install-ignition/tasks/main.yaml
@@ -40,7 +40,8 @@
 #   register: glance_token
 
 - name: Generate bootstrap ignition shim
-  ansible.builtin.script: tools/generate-bootstrap-ignitionshim.py {{ image_url.stdout_lines[0] }} {{ glance_token.stdout }} {{ infra_id.stdout_lines[0] }}
+  #ansible.builtin.script: tools/generate-bootstrap-ignitionshim.py {{ image_url.stdout_lines[0] }} {{ glance_token.stdout }} {{ infra_id.stdout_lines[0] }}
+  ansible.builtin.script: tools/generate-bootstrap-ignitionshim.py {{ infra_id.stdout_lines[0] }}
   args:
     executable: python3
 

diff --git a/ICIC_UPI/ocp_upi/tools/generate-bootstrap-ignitionshim.py b/ICIC_UPI/ocp_upi/tools/generate-bootstrap-ignitionshim.py
@@ -13,24 +13,24 @@
 import os
 import sys
 
-image_url = sys.argv[1]
-token = sys.argv[2]
+#image_url = sys.argv[1]
+#token = sys.argv[2]
 
 bootstrap_ign_shim = {
     "ignition": {
-      "config": {
-        "merge": [
-          {
-            "source": image_url,
-            "httpHeaders": [
-                	{
-		              "name": "X-Auth-Token",
-		              "value": token
-	              }
-              ]
-          }
-        ]
-      },
+#      "config": {
+#        "merge": [
+#          {
+#            "source": image_url,
+#            "httpHeaders": [
+#                	{
+#		              "name": "X-Auth-Token",
+#		              "value": token
+#	              }
+#              ]
+#          }
+#        ]
+#      },
     "version": "3.1.0"
     },
 }
@@ -54,7 +54,8 @@
       }
     })
 
-infra_id = sys.argv[3]
+#infra_id = sys.argv[3] -> moved to arg 1 since we don't need image_url or cic token
+infra_id = sys.argv[1]
 if infra_id:
     with open(infra_id+'-bootstrap-ignition.json', 'a') as f:
-        json.dump(bootstrap_ign_shim, f)
+        json.dump(bootstrap_ign_shim, f)