diff --git a/Documentation/dev/node-bootstrap-flow.md b/Documentation/dev/node-bootstrap-flow.md index fc44997163..6f404f91f8 100644 --- a/Documentation/dev/node-bootstrap-flow.md +++ b/Documentation/dev/node-bootstrap-flow.md @@ -20,7 +20,9 @@ When a cluster node is being bootstrapped from scratch, it goes through several Additionally, only on one of the master nodes the following kubernetes bootstrapping happens: -1. `bootkube.service` is started after `kubelet.service` start +1. `kvo.service` is started after `kubelet.service` start +1. `kvo.service` renders all bootstrap and self-hosted control plane assets +1. `bootkube.service` is started after `kvo.service` start 1. a static bootstrapping control-plane is deployed 1. a fully self-hosted control-plane starts and takes over the previous one 1. `bootkube.service` is completed with success @@ -37,7 +39,8 @@ The following systemd units are deployed to a node by tectonic-installer and tak Additionally, only on one of the master nodes the following kubernetes bootstrapping happens: -* `bootkube.service` deploys the initial bootstrapping control-plane. It is started only after `kubelet.service` _is started_. It is a oneshot unit and cannot crash, and it runs only during bootstrap +* `kvo.service` renders all bootstrap and self-hosted control plane assets using the cluster config object that was pre-rendered by Terraform +* `bootkube.service` deploys the initial bootstrapping control-plane. It is started only after `kvo.service` _is finished. It is a oneshot unit and cannot crash, and it runs only during bootstrap * `bootkube.path` waits for bootkube assets/scripts to exist on disk and triggers `bootkube.service` * `tectonic.service` deploys tectonic control-plane. It is started only after `bootkube.service` _has completed_. It is a oneshot unit and cannot crash, and it runs only during bootstrap * `bootkube.path` waits for tectonic assets/scripts to exist on disk and triggers `tectonic.service` @@ -80,6 +83,20 @@ On first boot, it is initially blocked by `k8s-node-bootstrap.service`. It crash-loop until the `kubelet.env` file exists. It is started on every boot. +### `kvo.service` + +``` +Description=Generate resources for Bootkube +ConditionPathExists=!/opt/tectonic/init_kvo.done +Wants=kubelet.service +After=kubelet.service +Type=simple +Restart=on-failure +RemainAfterExit=true +WorkingDirectory=/opt/tectonic +``` + + ### `bootkube.path` and `bootkube.service` ``` diff --git a/config.tf b/config.tf index 0265de023c..8d7755eac5 100644 --- a/config.tf +++ b/config.tf @@ -55,7 +55,7 @@ variable "tectonic_container_images" { default = { addon_resizer = "gcr.io/google_containers/addon-resizer:2.1" awscli = "quay.io/coreos/awscli:025a357f05242fdad6a81e8a6b520098aa65a600" - bootkube = "quay.io/coreos/bootkube:v0.6.2" + bootkube = "quay.io/coreos/bootkube-dev:6e1c2723123964ba91b4186483893672df8e3286" calico = "quay.io/calico/node:v2.4.1" calico_cni = "quay.io/calico/cni:v1.10.0" console = "quay.io/coreos/tectonic-console:v2.2.1" @@ -73,7 +73,7 @@ variable "tectonic_container_images" { kubednsmasq = "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.5" kubedns_sidecar = "gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.5" kube_version = "quay.io/coreos/kube-version:0.1.0" - kube_version_operator = "quay.io/coreos/kube-version-operator:v1.7.5-kvo.10" + kube_version_operator = "quay.io/coreos/kube-version-operator-dev:4b53e2363d433b04bb22778bc984ec4c1149fe80" node_agent = "quay.io/coreos/node-agent:v1.7.5-kvo.3" pod_checkpointer = "quay.io/coreos/pod-checkpointer:3517908b1a1837e78cfd041a0e51e61c7835d85f" stats_emitter = "quay.io/coreos/tectonic-stats:6e882361357fe4b773adbf279cddf48cb50164c1" diff --git a/modules/aws/master-asg/ignition.tf b/modules/aws/master-asg/ignition.tf index b96f55fd1e..ccbe68f5af 100644 --- a/modules/aws/master-asg/ignition.tf +++ b/modules/aws/master-asg/ignition.tf @@ -14,6 +14,7 @@ data "ignition_config" "main" { var.ign_k8s_node_bootstrap_service_id, data.ignition_systemd_unit.init_assets.id, var.ign_bootkube_service_id, + var.ign_kvo_service_id, var.ign_tectonic_service_id, var.ign_bootkube_path_unit_id, var.ign_tectonic_path_unit_id, diff --git a/modules/aws/master-asg/variables.tf b/modules/aws/master-asg/variables.tf index 1982de400c..341ebcca0a 100644 --- a/modules/aws/master-asg/variables.tf +++ b/modules/aws/master-asg/variables.tf @@ -130,6 +130,11 @@ variable "ign_bootkube_service_id" { description = "The ID of the bootkube systemd service unit" } +variable "ign_kvo_service_id" { + type = "string" + description = "The ID of the kvo systemd service unit" +} + variable "ign_bootkube_path_unit_id" { type = "string" } diff --git a/modules/bootkube/assets.tf b/modules/bootkube/assets.tf index 1248e0eff9..9e4f8938cc 100644 --- a/modules/bootkube/assets.tf +++ b/modules/bootkube/assets.tf @@ -50,11 +50,13 @@ resource "template_dir" "bootkube" { destination_dir = "./generated/manifests" vars { - hyperkube_image = "${var.container_images["hyperkube"]}" - pod_checkpointer_image = "${var.container_images["pod_checkpointer"]}" - kubedns_image = "${var.container_images["kubedns"]}" - kubednsmasq_image = "${var.container_images["kubednsmasq"]}" - kubedns_sidecar_image = "${var.container_images["kubedns_sidecar"]}" + kube_version_operator_image = "${var.container_images["kube_version_operator"]}" + pull_secret = "${base64encode(file(var.pull_secret_path))}" + hyperkube_image = "${var.container_images["hyperkube"]}" + pod_checkpointer_image = "${var.container_images["pod_checkpointer"]}" + kubedns_image = "${var.container_images["kubedns"]}" + kubednsmasq_image = "${var.container_images["kubednsmasq"]}" + kubedns_sidecar_image = "${var.container_images["kubedns_sidecar"]}" # Choose the etcd endpoints to use. # 1. If experimental mode is enabled (self-hosted etcd), then use @@ -185,17 +187,66 @@ resource "local_file" "bootkube_sh" { filename = "./generated/bootkube.sh" } +resource "local_file" "kvo_config" { + content = "${data.template_file.kvo_config.rendered}" + filename = "./generated/kvo-config.yaml" +} + +resource "local_file" "pull_secret" { + content = "${file(var.pull_secret_path)}" + filename = "./generated/config.json" +} + # bootkube.service (available as output variable) data "template_file" "bootkube_service" { template = "${file("${path.module}/resources/bootkube.service")}" } +# kvo.service (available as output variable) +data "template_file" "kvo_service" { + template = "${file("${path.module}/resources/kvo.service")}" + vars { + kube_version_operator_image = "${var.container_images["kube_version_operator"]}" + kubernetes_version = "${var.versions["kubernetes"]}" + } +} + +data "template_file" "kvo_config" { + template = "${file("${path.module}/resources/kvo-config.yaml")}" + vars { + advertise_address = "${var.advertise_address}" + cloud_provider_profile = "${var.cloud_provider != "" ? "${var.cloud_provider}" : "metal"}" + cloud_config_path = "${var.cloud_config_path}" + cluster_cidr = "${var.cluster_cidr}" + master_count = "${var.master_count}" + oidc_issuer_url = "${var.oidc_issuer_url}" + oidc_client_id = "${var.oidc_client_id}" + oidc_username_claim = "${var.oidc_username_claim}" + oidc_groups_claim = "${var.oidc_groups_claim}" + service_cidr = "${var.service_cidr}" + + etcd_servers = "${ + var.experimental_enabled + ? format("https://%s:2379", cidrhost(var.service_cidr, 15)) + : var.etcd_ca_cert_pem == "" + ? join(",", formatlist("http://%s:2379", var.etcd_endpoints)) + : join(",", formatlist("https://%s:2379", var.etcd_endpoints)) + }" + } +} + data "ignition_systemd_unit" "bootkube_service" { name = "bootkube.service" enable = false content = "${data.template_file.bootkube_service.rendered}" } +data "ignition_systemd_unit" "kvo_service" { + name = "kvo.service" + enable = true + content = "${data.template_file.kvo_service.rendered}" +} + # bootkube.path (available as output variable) data "template_file" "bootkube_path_unit" { template = "${file("${path.module}/resources/bootkube.path")}" diff --git a/modules/bootkube/outputs.tf b/modules/bootkube/outputs.tf index cff3acad88..768f75fff5 100644 --- a/modules/bootkube/outputs.tf +++ b/modules/bootkube/outputs.tf @@ -19,7 +19,9 @@ output "id" { value = "${sha1(" ${local_file.kubeconfig.id} ${local_file.bootkube_sh.id} - ${template_dir.bootkube.id} ${template_dir.bootkube_bootstrap.id} + ${local_file.pull_secret.id} + ${local_file.kvo_config.id} + ${template_dir.bootkube.id} ${join(" ", template_dir.experimental.*.id, template_dir.bootstrap_experimental.*.id, @@ -40,6 +42,14 @@ output "systemd_service_id" { value = "${data.ignition_systemd_unit.bootkube_service.id}" } +output "kvo_config_id" { + value = "${data.template_file.kvo_config.id}" +} + +output "kvo_systemd_service_id" { + value = "${data.ignition_systemd_unit.kvo_service.id}" +} + output "systemd_path_unit_rendered" { value = "${data.template_file.bootkube_path_unit.rendered}" } diff --git a/modules/bootkube/resources/bootkube.service b/modules/bootkube/resources/bootkube.service index a53f195d6e..92789b11b6 100644 --- a/modules/bootkube/resources/bootkube.service +++ b/modules/bootkube/resources/bootkube.service @@ -1,8 +1,8 @@ [Unit] Description=Bootstrap a Kubernetes cluster ConditionPathExists=!/opt/tectonic/init_bootkube.done -Wants=kubelet.service -After=kubelet.service +Wants=kvo.service +After=kvo.service [Service] Type=oneshot @@ -16,4 +16,4 @@ ExecStart=/usr/bin/bash /opt/tectonic/bootkube.sh ExecStartPost=/bin/touch /opt/tectonic/init_bootkube.done [Install] -WantedBy=multi-user.target \ No newline at end of file +WantedBy=multi-user.target diff --git a/modules/bootkube/resources/bootstrap-manifests/bootstrap-apiserver.yaml b/modules/bootkube/resources/bootstrap-manifests/bootstrap-apiserver.yaml deleted file mode 100644 index 5662286e30..0000000000 --- a/modules/bootkube/resources/bootstrap-manifests/bootstrap-apiserver.yaml +++ /dev/null @@ -1,68 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: bootstrap-kube-apiserver - namespace: kube-system -spec: - containers: - - name: kube-apiserver - image: ${hyperkube_image} - command: - - /usr/bin/flock - - /var/lock/api-server.lock - - /hyperkube - - apiserver - - --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota - - --allow-privileged=true - - --authorization-mode=RBAC - - --bind-address=0.0.0.0 - - --client-ca-file=/etc/kubernetes/secrets/ca.crt - - --cloud-provider=${cloud_provider} - ${cloud_provider_config_flag} - - --etcd-servers=${etcd_servers} - - --etcd-quorum-read=true - ${etcd_ca_flag} - ${etcd_cert_flag} - ${etcd_key_flag} - - --insecure-port=0 - - --advertise-address=${advertise_address} - - --kubelet-client-certificate=/etc/kubernetes/secrets/apiserver.crt - - --kubelet-client-key=/etc/kubernetes/secrets/apiserver.key - - --secure-port=443 - - --service-account-key-file=/etc/kubernetes/secrets/service-account.pub - - --service-cluster-ip-range=${service_cidr} - - --storage-backend=etcd3 - - --tls-ca-file=/etc/kubernetes/secrets/ca.crt - - --tls-cert-file=/etc/kubernetes/secrets/apiserver.crt - - --tls-private-key-file=/etc/kubernetes/secrets/apiserver.key - volumeMounts: - - mountPath: /etc/ssl/certs - name: ssl-certs-host - readOnly: true - - mountPath: /etc/kubernetes/secrets - name: secrets - readOnly: true - - mountPath: /etc/kubernetes/cloud - name: etc-kubernetes-cloud - readOnly: true - - mountPath: /var/lock - name: var-lock - readOnly: false - hostNetwork: true - volumes: - - name: secrets - hostPath: - path: /etc/kubernetes/bootstrap-secrets - - name: etc-kubernetes-cloud - hostPath: - path: /etc/kubernetes/cloud - - name: ssl-certs-host - hostPath: - path: /usr/share/ca-certificates - - name: var-lock - hostPath: - path: /var/lock - updateStrategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate diff --git a/modules/bootkube/resources/bootstrap-manifests/bootstrap-controller-manager.yaml b/modules/bootkube/resources/bootstrap-manifests/bootstrap-controller-manager.yaml deleted file mode 100644 index b69b9963f9..0000000000 --- a/modules/bootkube/resources/bootstrap-manifests/bootstrap-controller-manager.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: bootstrap-kube-controller-manager - namespace: kube-system -spec: - containers: - - name: kube-controller-manager - image: ${hyperkube_image} - command: - - ./hyperkube - - controller-manager - - --allocate-node-cidrs=true - - --cluster-cidr=${cluster_cidr} - - --cloud-provider=${cloud_provider} - ${cloud_provider_config_flag} - - --configure-cloud-routes=false - - --leader-elect=true - - --kubeconfig=/etc/kubernetes/kubeconfig - - --root-ca-file=/etc/kubernetes/bootstrap-secrets/ca.crt - - --service-account-private-key-file=/etc/kubernetes/bootstrap-secrets/service-account.key - volumeMounts: - - name: etc-kubernetes - mountPath: /etc/kubernetes - readOnly: true - - name: ssl-host - mountPath: /etc/ssl/certs - readOnly: true - hostNetwork: true - volumes: - - name: etc-kubernetes - hostPath: - path: /etc/kubernetes - - name: ssl-host - hostPath: - path: /usr/share/ca-certificates diff --git a/modules/bootkube/resources/bootstrap-manifests/bootstrap-scheduler.yaml b/modules/bootkube/resources/bootstrap-manifests/bootstrap-scheduler.yaml deleted file mode 100644 index 9b223f5a3d..0000000000 --- a/modules/bootkube/resources/bootstrap-manifests/bootstrap-scheduler.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: bootstrap-kube-scheduler - namespace: kube-system -spec: - hostNetwork: true - containers: - - name: kube-scheduler - image: ${hyperkube_image} - command: - - ./hyperkube - - scheduler - - --kubeconfig=/etc/kubernetes/kubeconfig - - --leader-elect=true - volumeMounts: - - name: etc-kubernetes - mountPath: /etc/kubernetes - readOnly: true - volumes: - - name: etc-kubernetes - hostPath: - path: /etc/kubernetes diff --git a/modules/bootkube/resources/kvo-config.yaml b/modules/bootkube/resources/kvo-config.yaml new file mode 100644 index 0000000000..ef2fb16085 --- /dev/null +++ b/modules/bootkube/resources/kvo-config.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: KubeVersionOperatorConfig +authConfig: + oidc_client_id: ${oidc_client_id} + oidc_issuer_url: ${oidc_issuer_url} + oidc_groups_claim: ${oidc_groups_claim} + oidc_username_claim: ${oidc_username_claim} +cloudProviderConfig: + cloud_config_path: ${cloud_config_path} + cloud_provider_profile: ${cloud_provider_profile} +networkConfig: + advertise_address: ${advertise_address} + cluster_cidr: ${cluster_cidr} + etcd_servers: ${etcd_servers} + service_cidr: ${service_cidr} +initialConfig: + initial_master_count: ${master_count} diff --git a/modules/bootkube/resources/kvo.service b/modules/bootkube/resources/kvo.service new file mode 100644 index 0000000000..9740270008 --- /dev/null +++ b/modules/bootkube/resources/kvo.service @@ -0,0 +1,31 @@ +[Unit] +Description=Generate resources for Bootkube +ConditionPathExists=!/opt/tectonic/init_kvo.done +Wants=kubelet.service +After=kubelet.service + +[Service] +Type=simple +Restart=on-failure +RemainAfterExit=true +WorkingDirectory=/opt/tectonic + +User=root +Group=root + +ExecStartPre=/usr/bin/docker \ + --config=/opt/tectonic \ + run --rm \ + -v /opt/tectonic:/opt/tectonic \ + ${kube_version_operator_image} \ + /kube-version-operator \ + --upgrade-spec=/upgrade-spec.yaml \ + --version=${kubernetes_version} \ + --cluster-config=/opt/tectonic/kvo-config.yaml \ + --outdir=/opt/tectonic \ + render + +ExecStartPost=/bin/touch /opt/tectonic/init_kvo.done + +[Install] +WantedBy=multi-user.target diff --git a/modules/tectonic/resources/manifests/updater/app-version-kind.yaml b/modules/bootkube/resources/manifests/02-app-version-kind.yaml similarity index 100% rename from modules/tectonic/resources/manifests/updater/app-version-kind.yaml rename to modules/bootkube/resources/manifests/02-app-version-kind.yaml diff --git a/modules/tectonic/resources/manifests/updater/app_versions/app-version-kubernetes.yaml b/modules/bootkube/resources/manifests/03-kubernetes-app-version.yaml similarity index 85% rename from modules/tectonic/resources/manifests/updater/app_versions/app-version-kubernetes.yaml rename to modules/bootkube/resources/manifests/03-kubernetes-app-version.yaml index f05d0cd2a9..5891cccc77 100644 --- a/modules/tectonic/resources/manifests/updater/app_versions/app-version-kubernetes.yaml +++ b/modules/bootkube/resources/manifests/03-kubernetes-app-version.yaml @@ -9,5 +9,4 @@ spec: desiredVersion: ${kubernetes_version} paused: false status: - currentVersion: ${kubernetes_version} paused: false diff --git a/modules/tectonic/resources/manifests/secrets/pull.json b/modules/bootkube/resources/manifests/04-pull.json similarity index 100% rename from modules/tectonic/resources/manifests/secrets/pull.json rename to modules/bootkube/resources/manifests/04-pull.json diff --git a/modules/tectonic/resources/manifests/updater/operators/kube-version-operator.yaml b/modules/bootkube/resources/manifests/kube-version-operator.yaml similarity index 93% rename from modules/tectonic/resources/manifests/updater/operators/kube-version-operator.yaml rename to modules/bootkube/resources/manifests/kube-version-operator.yaml index 96761c2f3d..bb22586648 100644 --- a/modules/tectonic/resources/manifests/updater/operators/kube-version-operator.yaml +++ b/modules/bootkube/resources/manifests/kube-version-operator.yaml @@ -23,7 +23,7 @@ spec: command: - /kube-version-operator - --cache-images=true - - --version-mapping=/upgrade-spec.json + - --version-mapping=/upgrade-spec.yaml imagePullSecrets: - name: coreos-pull-secret securityContext: diff --git a/modules/bootkube/variables.tf b/modules/bootkube/variables.tf index 364636fa0d..6ec7a6905e 100644 --- a/modules/bootkube/variables.tf +++ b/modules/bootkube/variables.tf @@ -163,3 +163,9 @@ variable "versions" { description = "Container versions to use" type = "map" } + +variable "pull_secret_path" { + type = "string" + description = "Path on disk to your Tectonic pull secret. Obtain this from your Tectonic Account: https://account.coreos.com." +} + diff --git a/modules/tectonic/assets.tf b/modules/tectonic/assets.tf index e28d78ed08..1422fac661 100644 --- a/modules/tectonic/assets.tf +++ b/modules/tectonic/assets.tf @@ -15,7 +15,6 @@ resource "template_dir" "tectonic" { heapster_image = "${var.container_images["heapster"]}" identity_image = "${var.container_images["identity"]}" ingress_controller_image = "${var.container_images["ingress_controller"]}" - kube_version_operator_image = "${var.container_images["kube_version_operator"]}" node_agent_image = "${var.container_images["node_agent"]}" etcd_operator_image = "${var.container_images["etcd_operator"]}" stats_emitter_image = "${var.container_images["stats_emitter"]}" @@ -47,7 +46,6 @@ resource "template_dir" "tectonic" { etcd_cluster_size = "${var.master_count > 2 ? 3 : 1}" license = "${base64encode(file(var.license_path))}" - pull_secret = "${base64encode(file(var.pull_secret_path))}" ca_cert = "${base64encode(var.ca_cert)}" update_server = "${var.update_server}" diff --git a/modules/tectonic/resources/manifests/updater/cluster-config.yaml b/modules/tectonic/resources/manifests/updater/cluster-config.yaml deleted file mode 100644 index e67e59f8e6..0000000000 --- a/modules/tectonic/resources/manifests/updater/cluster-config.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: "etcd.database.coreos.com/v1beta2" -kind: "EtcdCluster" -metadata: - name: "kube-etcd" - namespace: kube-system -spec: - size: ${etcd_cluster_size} - version: "${etcd_version}" - pod: - resources: - requests: - cpu: 500m - memory: 300Mi diff --git a/modules/tectonic/resources/tectonic.sh b/modules/tectonic/resources/tectonic.sh index a911230bac..c6df29bac3 100755 --- a/modules/tectonic/resources/tectonic.sh +++ b/modules/tectonic/resources/tectonic.sh @@ -134,7 +134,6 @@ echo "Creating Tectonic ConfigMaps" kubectl create -f config.yaml echo "Creating Tectonic Secrets" -kubectl create -f secrets/pull.json kubectl create -f secrets/license.json kubectl create -f secrets/ingress-tls.yaml kubectl create -f secrets/ca-cert.yaml @@ -178,7 +177,6 @@ kubectl create -f stats-emitter.yaml echo "Creating Operators" kubectl create -f updater/tectonic-channel-operator-kind.yaml -kubectl create -f updater/app-version-kind.yaml kubectl create -f updater/migration-status-kind.yaml kubectl create -f updater/node-agent.yaml kubectl create -f updater/tectonic-monitoring-config.yaml @@ -186,14 +184,12 @@ kubectl create -f updater/tectonic-monitoring-config.yaml wait_for_crd tectonic-system channeloperatorconfigs.tco.coreos.com kubectl create -f updater/tectonic-channel-operator-config.yaml -kubectl create -f updater/operators/kube-version-operator.yaml kubectl create -f updater/operators/tectonic-channel-operator.yaml kubectl create -f updater/operators/tectonic-prometheus-operator.yaml kubectl create -f updater/operators/tectonic-cluo-operator.yaml wait_for_crd tectonic-system appversions.tco.coreos.com kubectl create -f updater/app_versions/app-version-tectonic-cluster.yaml -kubectl create -f updater/app_versions/app-version-kubernetes.yaml kubectl create -f updater/app_versions/app-version-tectonic-monitoring.yaml kubectl create -f updater/app_versions/app-version-tectonic-cluo.yaml diff --git a/platforms/aws/main.tf b/platforms/aws/main.tf index ef64af573e..930ffb46a8 100644 --- a/platforms/aws/main.tf +++ b/platforms/aws/main.tf @@ -130,6 +130,7 @@ module "masters" { ign_bootkube_path_unit_id = "${module.bootkube.systemd_path_unit_id}" ign_bootkube_service_id = "${module.bootkube.systemd_service_id}" + ign_kvo_service_id = "${module.bootkube.kvo_systemd_service_id}" ign_docker_dropin_id = "${module.ignition_masters.docker_dropin_id}" ign_installer_kubelet_env_id = "${module.ignition_masters.installer_kubelet_env_id}" ign_k8s_node_bootstrap_service_id = "${module.ignition_masters.k8s_node_bootstrap_service_id}" diff --git a/platforms/aws/tectonic.tf b/platforms/aws/tectonic.tf index 5a1b3ba3d9..fe3119567a 100644 --- a/platforms/aws/tectonic.tf +++ b/platforms/aws/tectonic.tf @@ -53,6 +53,7 @@ module "bootkube" { # Platform-independent variables wiring, do not modify. container_images = "${var.tectonic_container_images}" versions = "${var.tectonic_versions}" + pull_secret_path = "${var.tectonic_vanilla_k8s ? "/dev/null" : pathexpand(var.tectonic_pull_secret_path)}" service_cidr = "${var.tectonic_service_cidr}" cluster_cidr = "${var.tectonic_cluster_cidr}" @@ -123,7 +124,6 @@ module "tectonic" { versions = "${var.tectonic_versions}" license_path = "${var.tectonic_vanilla_k8s ? "/dev/null" : pathexpand(var.tectonic_license_path)}" - pull_secret_path = "${var.tectonic_vanilla_k8s ? "/dev/null" : pathexpand(var.tectonic_pull_secret_path)}" admin_email = "${var.tectonic_admin_email}" admin_password = "${var.tectonic_admin_password}" diff --git a/tests/rspec/lib/operators.rb b/tests/rspec/lib/operators.rb index 0f144a2fd9..87098779f1 100644 --- a/tests/rspec/lib/operators.rb +++ b/tests/rspec/lib/operators.rb @@ -2,6 +2,8 @@ # Operators contains helper functions to test creation of the CoreOS operators module Operators + DEFAULT_OPERATOR_PATH = 'tectonic/updater/operators' + KVO_PATH = 'manifests' OPERATOR_NAMES = [ 'kube-version-operator', 'tectonic-channel-operator', @@ -12,8 +14,9 @@ module Operators def self.manifests_generated?(manifest_path) OPERATOR_NAMES.each do |operator_name| + operator_path = operator_name == 'kube-version-operator' ? KVO_PATH : DEFAULT_OPERATOR_PATH file_path = File.join( - manifest_path, 'tectonic/updater/operators', "#{operator_name}.yaml" + manifest_path, operator_path, "#{operator_name}.yaml" ) next if File.exist?(file_path) diff --git a/tests/smoke/aws/vars/aws-vpc.tfvars b/tests/smoke/aws/vars/aws-vpc.tfvars new file mode 100644 index 0000000000..b3244cfe5f --- /dev/null +++ b/tests/smoke/aws/vars/aws-vpc.tfvars @@ -0,0 +1,29 @@ +tectonic_worker_count = "2" + +tectonic_master_count = "1" + +tectonic_etcd_count = "1" + +tectonic_etcd_servers = [""] + +tectonic_base_domain = "tectonic.dev.coreos.systems" + +tectonic_cl_channel = "stable" + +tectonic_ca_cert = "" + +tectonic_ca_key = "" + +tectonic_aws_master_ec2_type = "m4.large" + +tectonic_aws_worker_ec2_type = "m4.large" + +tectonic_aws_etcd_ec2_type = "m4.large" + +tectonic_aws_vpc_cidr_block = "10.0.0.0/16" + +tectonic_aws_public_dns = false + +tectonic_aws_az_count = "2" + +tectonic_stats_url = "https://stats-collector-staging.tectonic.com" diff --git a/tests/smoke/cluster_test.go b/tests/smoke/cluster_test.go index 6a76c4f944..502fa6cafb 100644 --- a/tests/smoke/cluster_test.go +++ b/tests/smoke/cluster_test.go @@ -42,7 +42,7 @@ const ( var ( // defaultIgnoredManifests represents the manifests that are ignored by // testAllResourcesCreated by default. - defaultIgnoredManifests = []string{"bootstrap"} + defaultIgnoredManifests = []string{"bootstrap", "kvo-config.yaml", "config.json"} // experimentalManifests represents the manifests that are ignored by // testAllResourcesCreated when manifestExperimentalEnv isn't set to 'true'.