[94a3c8a080d43e4e] Enable customHostnamesEnabled option

Andrey Bubyr

.gitignore

@@ -0,0 +1,22 @@
+*
+!*.*
+!*/
+!LICENSE
+!README
+!Makefile
+!Dockerfile
+!Containerfile
+.vscode
+vendor/
+_artifacts/
+dist/
+*.swp
+*.cover
+.idea/
+*.bak
+.govc.env
+.deploy.env
+.workdir
+bin/govc
+mirantis.lic
+.tox

README.md

@@ -0,0 +1,135 @@
+Virtualised MCC/MOSK for on-premise self-evaluation
+===================================================
+
+Introduction
+============
+Project is developed for demo purposes on
+[MCC](<https://docs.mirantis.com/container-cloud/latest/overview.html>)
+and [MOSK](https://docs.mirantis.com/mosk/latest/overview.html)
+products on top of Vsphere infrastrcutre.
+
+Pre-requesities
+===============
+
+Network configuration
+---------------------
+Demo environment setup requires two dedicated networks assigned for the
+deployment:
+
+* <b>LCM network</b>. Used for MCC cluster setup (including machines provisioning)
+  and also to access the MCC services. From MCC standpoint it is used as
+  public network to download MCC artifacts,
+  so it should have access to the internet or to the proxy (if used).
+
+* <b>Openstack network</b>. Used to access Virtual machines created on top of
+  deployed Openstack cluster. Network should be routable in your infrastructure,
+  so you can access the Openstack VMs.
+
+**_NOTE:_** Vsphere networks must be configured with following network policies:
+
+* Promiscuous mode: Accept
+* MAC address changes: Accept
+* Forged transmits: Accept
+
+User permissions
+----------------
+
+Vsphere user manages full installation of MCC product onto your infrastructure
+and requires following privileges:
+
+* Datastore
+* Distributed switch
+* Folder
+* Global
+* Host local operations
+* Network
+* Resource
+* Scheduled task
+* Sessions
+* Storage views
+* Tasks
+* Virtual machine
+
+Seed node
+---------
+Seed or bootstrap node is an initial node in MCC deployment which holds
+bootstrap cluster and MCC configuration. It is mandatory to prepare
+this seed node from the Ubuntu 22.04 image.
+You can download official Ubuntu 22.04 `vmdk` image
+from following [download page](https://cloud-images.ubuntu.com/releases/22.04/release/).
+You can upload the image directly to dedicated Vsphere datastore and provide path
+to it via `VSPHERE_VMDK_IMAGE_DATASTORE_PATH` variable or you can download
+the image locally and provide it via `VSPHERE_VMDK_IMAGE_LOCAL_PATH` variable.
+
+The alternative (and less-preferred) way is to use existing
+VM template of Ubuntu 22.04 with cloud-init installed of the latest version.
+The VM template can be provided via `VSPHERE_VM_TEMPLATE` variable.
+Please specify full path to template to unique identify it in your Vsphere cluster.
+
+Get started
+===========
+
+Environment variables
+---------------------
+
+Run following command to get detailed information about the script
+and the available commands and parameters:
+
+```./deploy.sh help```
+
+Minimal mandatory parameters
+----------------------------
+
+```
+VSPHERE_SERVER="<fqdn or ip>"
+VSPHERE_USERNAME="<username>"
+VSPHERE_PASSWORD="<password>"
+VSPHERE_DATACENTER="<datacenter>"
+VSPHERE_DATASTORE="/<datacenter>/datastore/<datastore name>"
+VSPHERE_RESOURCE_POOL="/<datacenter>/host/<vsphere cluster name>/Resources/<resource pool name>"
+VSPHERE_VMDK_IMAGE_DATASTORE_PATH="<folder>/ubuntu-22.04-server-cloudimg-amd64.vmdk"
+VSPHERE_FOLDER="/<datacenter>/vm/<folder name>/mcc"
+VSPHERE_SERVER_INSECURE="true"
+
+VSPHERE_NETWORK_LCM="/<datacenter>/network/<lcm network name>"
+NETWORK_LCM_SUBNET=172.16.10.0/24
+NETWORK_LCM_GATEWAY=172.16.10.1
+NETWORK_LCM_RANGE=172.16.10.2-172.16.10.100
+
+VSPHERE_NETWORK_OPENSTACK="/<datacenter>/network/<openstack network name>"
+NETWORK_OPENSTACK_SUBNET=172.16.20.0/24
+NETWORK_OPENSTACK_GATEWAY=172.16.20.1
+NETWORK_OPENSTACK_RANGE=172.16.20.2-172.16.20.100
+
+NTP_SERVERS=us.pool.ntp.org,pool.ntp.org
+NAMESERVERS=8.8.8.8,8.8.4.4
+```
+
+Proxy settings
+--------------
+
+```
+HTTP_PROXY="<http proxy url>"
+HTTPS_PROXY="<https proxy url>"
+NO_PROXY="<comma-separated list of no proxy hosts>" # should include vsphere fqdn and IP
+PROXY_CA_CERTIFICATE_PATH="<path>/<to>/certificate.pem" # in case of MITM proxy
+```
+
+Deploy MCC environment
+----------------------
+
+MCC environment deployment includes:
+
+* seed node setup
+* creating and provisioning for management and child cluster machines
+* deployment of MCC management cluster
+* deployment of MCC child cluster:
+  * ceph deployment
+  * openstack deployment
+
+Each stage can be run separately. See `./deploy.sh help` for details.
+
+To deploy whole env with one command:
+
+```./deploy.sh all```
+

bin/prepare_network.py

@@ -0,0 +1,66 @@
+import ipaddress
+import sys
+
+print(sys.argv)
+
+if len(sys.argv) != 4:
+    raise Exception("prepare_network.py requires exactly 3 arguments")
+
+net_type = sys.argv[1]
+net_range = sys.argv[2]
+out_file = sys.argv[3]
+
+net_required_ranges = {
+    'pxe': {
+        'NETWORK_PXE_BRIDGE_IP': 1,
+        'NETWORK_PXE_DHCP_RANGE': 10,
+        'NETWORK_PXE_STATIC_RANGE_MGMT': 3,
+        'NETWORK_PXE_METALLB_RANGE': 5
+    },
+    'lcm': {
+        'NETWORK_LCM_SEED_IP': 1,
+        'NETWORK_LCM_MGMT_LB_HOST': 1,
+        'NETWORK_LCM_METALLB_RANGE_MGMT': 15,
+        'NETWORK_LCM_CHILD_LB_HOST': 1,
+        'NETWORK_LCM_STATIC_RANGE_MGMT': 3,
+        'NETWORK_LCM_METALLB_RANGE_CHILD': 7,
+        'NETWORK_LCM_STATIC_RANGE_CHILD': 7,
+        'NETWORK_LCM_METALLB_OPENSTACK_ADDRESS': 1
+    }
+}
+
+if not net_required_ranges.get(net_type, False):
+    raise Exception(f"unknown network type is provided: {net_type}")
+
+required_num_ips = 0
+for _, v in net_required_ranges[net_type].items():
+    required_num_ips += v
+
+net_range_start, net_range_end = net_range.split('-')[0], net_range.split('-')[1]
+ranges = ipaddress.summarize_address_range(ipaddress.IPv4Address(net_range_start),
+                                           ipaddress.IPv4Address(net_range_end))
+addresses = []
+for ir in ranges:
+    for ip in ir:
+        addresses.append(ip)
+
+if len(addresses) < required_num_ips:
+    raise Exception("Not enough IP addresses for deployment."
+                    f"Required: {required_num_ips}. Provided: {len(addresses)}")
+
+result = {}
+cur_index = 0
+for item, amount in net_required_ranges[net_type].items():
+    if amount == 1:
+        result[item] = str(addresses[cur_index])
+    else:
+        result[item] = str(f"{addresses[cur_index]}-{addresses[cur_index+amount-1]}")
+
+    cur_index += amount
+
+f = open(out_file, 'w')
+for k, v in result.items():
+    f.write(f"export {k}={v}\n")
+f.close()
+
+print(f"Ranges for {net_type} network were generated successfully")

bin/prepare_seed_node.sh

@@ -0,0 +1,147 @@
+#!/usr/bin/env bash
+
+set -eux
+
+script_dir="$(dirname "${BASH_SOURCE[0]}")"
+prep_seed_node_env_file="${script_dir}/.prepare_seed_node.env"
+if [ -f "${prep_seed_node_env_file}" ]; then
+    # shellcheck source=/dev/null
+    chmod +x "${prep_seed_node_env_file}" && source "${prep_seed_node_env_file}"
+fi
+
+HTTP_PROXY="${HTTP_PROXY:=}"
+HTTPS_PROXY="${HTTPS_PROXY:=}"
+NO_PROXY="${NO_PROXY:=}"
+PROXY_CA_CERTIFICATE_PATH="${PROXY_CA_CERTIFICATE_PATH:=}"
+
+MCC_CDN_REGION="${MCC_CDN_REGION:=}"
+MCC_CDN_BASE_URL="${MCC_CDN_BASE_URL:=}"
+MCC_RELEASES_URL="${MCC_RELEASES_URL:=}"
+SEED_NODE_USER="${SEED_NODE_USER:="mcc-user"}"
+MCC_VERSION="${MCC_VERSION:=}"
+
+kaas_release_yaml=""
+releases_dir="kaas-bootstrap/releases"
+
+# fail fast
+if [ "${MCC_CDN_REGION}" != "public" ] && [ -z "${MCC_VERSION}" ]; then
+    echo "Error: MCC_VERSION must be provided for non-public cdn region"
+    exit 1
+fi
+
+sudo mkdir -p /etc/docker/
+cat << EOF > daemon.json
+{
+  "default-address-pools":
+  [
+    {"base":"10.200.0.0/16","size":24}
+  ],
+  "proxies": {
+    "http-proxy": "${HTTP_PROXY}",
+    "https-proxy": "${HTTPS_PROXY}",
+    "no-proxy": "${NO_PROXY}"
+  }
+}
+EOF
+sudo mv daemon.json /etc/docker/daemon.json
+
+apt_cmd="DEBIAN_FRONTEND=noninteractive apt-get"
+if [ -n "${HTTP_PROXY}" ] || [ -n "${HTTPS_PROXY}" ]; then
+    apt_cmd="http_proxy=${HTTP_PROXY} https_proxy=${HTTPS_PROXY} ${apt_cmd}"
+    if [ -n "${NO_PROXY}" ]; then
+        apt_cmd="no_proxy=${NO_PROXY} ${apt_cmd}"
+    fi
+    if [ -n "${PROXY_CA_CERTIFICATE_PATH}" ]; then
+        sudo cp "${PROXY_CA_CERTIFICATE_PATH}" /usr/local/share/ca-certificates/
+        sudo update-ca-certificates
+    fi
+fi
+apt_cmd="sudo ${apt_cmd}"
+
+${apt_cmd} update
+${apt_cmd} install \
+    arping bridge-utils docker.io golang-cfssl ipmitool net-tools tar traceroute wget -y
+sudo usermod -aG docker "${SEED_NODE_USER}"
+
+function get_kaas_release_yaml {
+    kaas_release_yaml="$(find "${releases_dir}/kaas" -name "*.yaml" -type f)"
+    # Sanity check: only one kaas release file should exist there
+    if [ "$(echo "${kaas_release_yaml}" | wc -l)" -ne "1" ]; then
+        echo "Error: more than one yaml file is found in kaas releases folder"
+        exit 1
+    fi
+
+    echo "${kaas_release_yaml}"
+}
+
+wget_cmd=$(which wget)
+if [ -z "${wget_cmd}" ]; then
+    echo "Error: wget command is not found"
+    exit 1
+fi
+wget_cmd="${wget_cmd} --tries 5 --no-verbose --show-progress --waitretry=15 --retry-connrefused"
+
+if [ -n "${HTTPS_PROXY}" ] || [ -n "${HTTP_PROXY}" ]; then
+    wget_proxy_optons="-e use_proxy=yes"
+    if [ -n "${HTTPS_PROXY}" ]; then
+        wget_proxy_optons="${wget_proxy_optons} -e https_proxy=${HTTPS_PROXY}"
+    fi
+    if [ -n "${HTTP_PROXY}" ]; then
+        wget_proxy_optons="${wget_proxy_optons} -e http_proxy=${HTTP_PROXY}"
+    fi
+    if [ -n "${NO_PROXY}" ]; then
+        wget_proxy_optons="${wget_proxy_optons} -e no_proxy=${NO_PROXY}"
+    fi
+    if [ -n "${PROXY_CA_CERTIFICATE_PATH}" ]; then
+        wget_proxy_optons="${wget_proxy_optons} --ca-certificate=${PROXY_CA_CERTIFICATE_PATH}"
+    fi
+    wget_cmd="${wget_cmd} ${wget_proxy_optons}"
+fi
+
+yq_bin=$(which yq || true)
+if [ -z "${yq_bin}" ]; then
+    os_tag=$(uname -s)
+    yq_bin_url="https://github.com/mikefarah/yq/releases/download/v${YQ_VERSION}/yq_${os_tag}_amd64"
+    yq_bin="/home/${SEED_NODE_USER}/yq"
+    ${wget_cmd} -O "${yq_bin}" "${yq_bin_url}"
+    chmod a+x "${yq_bin}"
+fi
+
+if [ "${MCC_CDN_REGION}" == "public" ]; then
+    ${wget_cmd} https://binary.mirantis.com/releases/get_container_cloud.sh
+    chmod a+x get_container_cloud.sh
+    ./get_container_cloud.sh
+else
+    kaas_release_yaml="kaas/${MCC_VERSION}.yaml"
+    mkdir -p ${releases_dir}/{kaas,cluster}
+
+    pushd "${releases_dir}" || exit 1
+
+    # Donwload kaas release
+    ${wget_cmd} "${MCC_RELEASES_URL}/releases/${kaas_release_yaml}" -O "${kaas_release_yaml}"
+
+    # Download cluster releases
+    for cr in $(${yq_bin} eval '.spec.supportedClusterReleases[].version' "${kaas_release_yaml}"); do
+        cr_file="cluster/${cr}.yaml"
+        ${wget_cmd} "${MCC_RELEASES_URL}/releases/${cr_file}" -O "${cr_file}"
+    done
+
+    bootstrap_version="$(${yq_bin} eval '.spec.bootstrap.version' "${kaas_release_yaml}")"
+
+    popd || exit 1
+
+    bootstrap_tarball_url="${MCC_CDN_BASE_URL}/core/bin/bootstrap-linux-${bootstrap_version}.tar.gz"
+    ${wget_cmd} --show-progress "${bootstrap_tarball_url}"
+    tar -xzf "$(basename "${bootstrap_tarball_url}")" -C kaas-bootstrap
+fi
+
+if [ -z "${kaas_release_yaml}" ]; then
+    kaas_release_yaml=$(get_kaas_release_yaml)
+fi
+if [ -z "${MCC_VERSION}" ]; then
+    mcc_version="$(${yq_bin} eval '.spec.version' "${kaas_release_yaml}")"
+    # Return kaas version
+    echo "${mcc_version}" > "${script_dir}/mcc_version"
+fi
+
+echo "export PATH=\$PATH:/home/${SEED_NODE_USER}/kaas-bootstrap/bin" >> "/home/${SEED_NODE_USER}/.bashrc"

bin/render_template.py

@@ -0,0 +1,5 @@
+import os
+import sys
+import jinja2
+
+sys.stdout.write(jinja2.Template(sys.stdin.read()).render(os.environ))

bin/requirements.txt

@@ -0,0 +1,2 @@
+Jinja2==3.1.4
+ipaddress==1.0.23