Add fake_ipa config

Author: mboukhalfa

Support/Multitenancy/ironic-env/01-vm-setup.sh

@@ -1,9 +1,11 @@
 set -e
 #install kvm for minikube
-dnf -y install qemu-kvm libvirt virt-install net-tools
+dnf -y install qemu-kvm libvirt virt-install net-tools podman firewalld
 systemctl enable --now libvirtd
+systemctl start firewalld
+systemctl enable firewalld
 # create provisioning network
-cat <<EOF > provisioning.xml
+cat <<EOF >provisioning.xml
 <network
 	xmlns:dnsmasq='http://libvirt.org/schemas/network/dnsmasq/1.0'>
 	<dnsmasq:options>
@@ -16,7 +18,7 @@ cat <<EOF > provisioning.xml
 </network>
 EOF
 
-cat <<EOF > baremetal.xml
+cat <<EOF >baremetal.xml
 <network xmlns:dnsmasq='http://libvirt.org/schemas/network/dnsmasq/1.0'>
   <name>baremetal</name>
   <forward mode='nat'>
@@ -46,11 +48,11 @@ cat <<EOF > baremetal.xml
 </network>
 EOF
 # define networks
-virsh net-define baremetal.xml 
+virsh net-define baremetal.xml
 virsh net-start baremetal
 virsh net-autostart baremetal
 
-virsh net-define provisioning.xml 
+virsh net-define provisioning.xml
 virsh net-start provisioning
 virsh net-autostart provisioning
 tee -a /etc/NetworkManager/system-connections/provisioning.nmconnection <<EOF

Support/Multitenancy/ironic-env/03-images-and-run-local-services.sh

@@ -1,47 +1,96 @@
-set -e
-virsh attach-interface --domain minikube --model virtio --source provisioning --type network --config
+# Set variables
+REGISTRY_NAME="registry"
+REGISTRY_PORT="5000"
+IMAGE_NAMES=(
+    "quay.io/metal3-io/sushy-tools"
+    "quay.io/metal3-io/ironic-ipa-downloader"
+    "quay.io/metal3-io/ironic:latest"
+    "quay.io/metal3-io/ironic-client"
+    "quay.io/metal3-io/keepalived"
+)
+
+# Attach provisioning and baremetal network interfaces to minikube domain
 virsh attach-interface --domain minikube --model virtio --source provisioning --type network --config
 virsh attach-interface --domain minikube --model virtio --source baremetal --type network --config
-# Download images
-podman run -d -p 5000:5000 --name registry docker.io/library/registry:2.7.1
-# Create pods 
-podman pod create -n infra-pod || true
-podman pod create -n ironic-pod || true
-# Pull images
-mkdir -p /opt/metal3-dev-env/ironic/html/images
-podman pull quay.io/metal3-io/sushy-tools
-podman pull quay.io/metal3-io/ironic-ipa-downloader
-podman pull quay.io/metal3-io/ironic:latest
-podman pull quay.io/metal3-io/ironic-client
-podman pull quay.io/metal3-io/keepalived
-podman tag quay.io/metal3-io/sushy-tools 127.0.0.1:5000/localimages/sushy-tools
-podman tag quay.io/metal3-io/ironic-ipa-downloader 127.0.0.1:5000/localimages/ironic-ipa-downloader
-podman tag quay.io/metal3-io/ironic-client 127.0.0.1:5000/localimages/ironic-client
-podman tag quay.io/metal3-io/keepalived 127.0.0.1:5000/localimages/keepalived
-podman tag quay.io/metal3-io/ironic:latest 127.0.0.1:5000/localimages/ironic:latest
-podman push --tls-verify=false 127.0.0.1:5000/localimages/keepalived
-podman push --tls-verify=false 127.0.0.1:5000/localimages/ironic-client
-podman push --tls-verify=false 127.0.0.1:5000/localimages/ironic:latest
-podman push --tls-verify=false 127.0.0.1:5000/localimages/ironic-ipa-downloader
-podman push --tls-verify=false 127.0.0.1:5000/localimages/sushy-tools
-# Run host services
-# Run httpd
-podman run -d --net host --name httpd-infra --pod infra-pod -v /opt/metal3-dev-env/ironic:/shared -e PROVISIONING_INTERFACE=provisioning -e LISTEN_ALL_INTERFACES=false --entrypoint /bin/runhttpd 127.0.0.1:5000/localimages/ironic:latest
-# Run sushy-tools 
-mkdir /opt/metal3-dev-env/ironic/virtualbmc
-mkdir /opt/metal3-dev-env/ironic/virtualbmc/sushy-tools
-chmod -R 755 /opt/metal3-dev-env/ironic/virtualbmc
-
-cat <<EOF > /opt/metal3-dev-env/ironic/virtualbmc/sushy-tools/conf.py
-SUSHY_EMULATOR_LIBVIRT_URI = "qemu+ssh://[email protected]/system?&keyfile=/root/ssh/id_rsa_virt_power&no_verify=1&no_tty=1"
+
+# Start podman registry if it's not already running
+if ! podman ps | grep -q "$REGISTRY_NAME"; then
+    podman run -d -p "$REGISTRY_PORT":"$REGISTRY_PORT" --name "$REGISTRY_NAME" docker.io/library/registry:2.7.1
+fi
+
+# Pull images, tag to local registry, and push to registry
+for NAME in "${IMAGE_NAMES[@]}"; do
+    # Pull and tag the image
+    if ! podman images | grep -q "${NAME##*/}"; then
+        podman pull "$NAME"
+        podman tag "$NAME" 127.0.0.1:"$REGISTRY_PORT"/localimages/"${NAME##*/}"
+    fi
+
+    # Push the image to the local registry
+    if ! podman images | grep -q 127.0.0.1:"$REGISTRY_PORT"/localimages; then
+        podman push --tls-verify=false 127.0.0.1:5000/localimages/"${NAME##*/}"
+    fi
+done
+
+# Define variables for repeated values
+IRONIC_IMAGE="127.0.0.1:5000/localimages/ironic:latest"
+SUSHY_TOOLS_IMAGE="127.0.0.1:5000/localimages/sushy-tools"
+LIBVIRT_URI="qemu+ssh://[email protected]/system?&keyfile=/root/ssh/id_rsa_virt_power&no_verify=1&no_tty=1"
+API_URL="http://172.22.0.2:6385"
+CALLBACK_URL="http://172.22.0.2:5050/v1/continue"
+ADVERTISE_HOST="192.168.111.1"
+ADVERTISE_PORT="9999"
+
+# Create directories
+DIRECTORIES=(
+    "/opt/metal3-dev-env/ironic/virtualbmc"
+    "/opt/metal3-dev-env/ironic/virtualbmc/sushy-tools"
+)
+for DIR in "${DIRECTORIES[@]}"; do
+    mkdir -p "$DIR"
+    chmod -R 755 "$DIR"
+done
+
+# Generate SSH key
+sudo ssh-keygen -f /root/.ssh/id_rsa_virt_power -P "" -q
+sudo cat /root/.ssh/id_rsa_virt_power.pub | sudo tee -a /root/.ssh/authorized_keys
+
+# Run httpd container
+podman run -d --net host --name httpd-infra \
+    --pod infra-pod \
+    -v /opt/metal3-dev-env/ironic:/shared \
+    -e PROVISIONING_INTERFACE=provisioning \
+    -e LISTEN_ALL_INTERFACES=false \
+    --entrypoint /bin/runhttpd \
+    "$IRONIC_IMAGE"
+# Set configuration options
+cat <<EOF >/opt/metal3-dev-env/ironic/virtualbmc/sushy-tools/conf.py
+import collections
+
+Host = collections.namedtuple('Host', ['hostname', 'port'])
+
+SUSHY_EMULATOR_LIBVIRT_URI = "${LIBVIRT_URI}"
 SUSHY_EMULATOR_IGNORE_BOOT_DEVICE = False
 SUSHY_EMULATOR_VMEDIA_VERIFY_SSL = False
 SUSHY_EMULATOR_AUTH_FILE = "/root/sushy/htpasswd"
 SUSHY_EMULATOR_FAKE_DRIVER = True
+
+FAKE_IPA_API_URL = "${API_URL}"
+FAKE_IPA_INSPECTION_CALLBACK_URL = "${CALLBACK_URL}"
+FAKE_IPA_ADVERTISE_ADDRESS = Host(hostname="${ADVERTISE_HOST}", port="${ADVERTISE_PORT}")
 EOF
-cat <<'EOF' > /opt/metal3-dev-env/ironic/virtualbmc/sushy-tools/htpasswd
-admin:$2b$12$/dVOBNatORwKpF.ss99KB.vESjfyONOxyH.UgRwNyZi1Xs/W2pGVS
+
+# Create an htpasswd file
+cat <<EOF >/opt/metal3-dev-env/ironic/virtualbmc/sushy-tools/htpasswd
+admin:$2b${12}$/dVOBNatORwKpF.ss99KB.vESjfyONOxyH.UgRwNyZi1Xs/W2pGVS
 EOF
-ssh-keygen -f /root/.ssh/id_rsa_virt_power -P ""
-/root/.ssh/id_rsa_virt_power.pub | tee -a /root/.ssh/authorized_keys
-podman run -d --net host --name sushy-tools --pod infra-pod      -v /opt/metal3-dev-env/ironic/virtualbmc/sushy-tools:/root/sushy -v "/root/.ssh":/root/ssh      127.0.0.1:5000/localimages/sushy-tools
+
+# Generate ssh keys to use for virtual power and add them to authorized_keys
+ssh-keygen -f /root/.ssh/id_rsa_virt_power -P "" -q
+cat /root/.ssh/id_rsa_virt_power.pub >>/root/.ssh/authorized_keys
+
+# Create and start a container for sushy-tools
+podman run -d --net host --name sushy-tools --pod infra-pod \
+    -v /opt/metal3-dev-env/ironic/virtualbmc/sushy-tools:/root/sushy \
+    -v /root/.ssh:/root/ssh \
+    "${SUSHY_TOOLS_IMAGE}"

Support/Multitenancy/ironic-env/04-start-minikube.sh

@@ -1,11 +1,15 @@
 set -e
+
+# Start Minikube with insecure registry flag
 minikube start --insecure-registry 172.22.0.1:5000
+
+# SSH into the Minikube VM and execute the following commands
 sudo su -l -c "minikube ssh sudo brctl addbr ironicendpoint" "${USER}"
 sudo su -l -c "minikube ssh sudo  ip link set ironicendpoint up" "${USER}"
 sudo su -l -c "minikube ssh sudo  brctl addif  ironicendpoint eth2" "${USER}"
 sudo su -l -c "minikube ssh sudo  ip addr add 172.22.0.2/24 dev ironicendpoint" "${USER}"
 
-# Firewall
-for i in 8000 80 9999 6385 5050 6180 53 5000; do   sudo  firewall-cmd --zone=public --add-port=${i}/tcp; done
-for i in 69 547 546 68 67 5353 6230 6231 6232 6233 6234 6235; do  sudo firewall-cmd --zone=libvirt --add-port=${i}/udp; done
+# Firewall rules
+for i in 8000 80 9999 6385 5050 6180 53 5000; do sudo firewall-cmd --zone=public --add-port=${i}/tcp; done
+for i in 69 547 546 68 67 5353 6230 6231 6232 6233 6234 6235; do sudo firewall-cmd --zone=libvirt --add-port=${i}/udp; done
 sudo firewall-cmd --zone=libvirt --add-port=8000/tcp

Support/Multitenancy/ironic-env/clean.sh

@@ -1,25 +1,36 @@
+#!/bin/bash
 
+# Delete network connections
+sudo nmcli con delete baremetal provisioning
 
-sudo nmcli con delete baremetal
-sudo nmcli con delete provisioning
-sudo nmcli con delete provisioning
+# Disable and delete bridge interfaces
+for iface in baremetal provisioning; do
+    if ip link show $iface &>/dev/null; then
+        sudo ip link set $iface down
+        sudo brctl delbr $iface
+    fi
+done
 
-sudo virsh net-undefine provisioning
-sudo virsh net-undefine baremetal
+# Delete libvirt networks
+for net in provisioning baremetal; do
+    if sudo virsh net-info $net &>/dev/null; then
+        sudo virsh net-destroy $net
+        sudo virsh net-undefine $net
+    fi
+done
 
-sudo virsh net-destroy baremetal
-sudo virsh net-destroy  provisioning
-
-sudo ip link set provisioning down
-sudo ip link set provisioning down
-sudo ip link set baremetal down
-sudo brctl delbr baremetal
-sudo brctl delbr provisioning
-sudo brctl delbr provisioning
-#sudo rm -rf /opt/metal3-dev-env
-sudo rm -rf /opt/metal3-dev-env/ironic/virtualbmc/
-sudo podman stop -a
-sudo podman rmi "$(sudo podman images -qa)" -f
+# Delete directories
+sudo rm -rf /opt/metal3-dev-env
+sudo rm -rf "$(dirname "$0")/_clouds_yaml"
 
+# Stop and delete minikube cluster
 minikube stop
 minikube delete --all --purge
+
+# Stop and delete containers
+containers=("sushy-tools" "ironic-ipa-downloader" "ironic" "keepalived" "registry" "ironic-client")
+for container in "${containers[@]}"; do
+    echo "Deleting the container: $container"
+    sudo podman stop "$container" &>/dev/null
+    sudo podman rm "$container" &>/dev/null
+done