Merge pull request #53180 from amolnar-rh/TELCODOCS-642

TELCODOCS-642: Factory precaching tool

Author: skrthomas

_attributes/common-attributes.adoc

@@ -153,3 +153,5 @@ endif::[]
 //Formerly known as CodeReady Containers and CodeReady Workspaces
 :openshift-local-productname: Red Hat OpenShift Local
 :openshift-dev-spaces-productname: Red Hat OpenShift Dev Spaces
+:factory-prestaging-tool: factory-precaching-cli tool
+:factory-prestaging-tool-caps: Factory-precaching-cli tool

_topic_maps/_topic_map.yml

@@ -2458,6 +2458,8 @@ Topics:
       File: ztp-updating-gitops
     - Name: Adding worker nodes to single-node OpenShift cluster
       File: ztp-sno-additional-worker-node
+    - Name: Pre-caching images for single-node OpenShift deployments
+      File: ztp-precaching-tool
 ---
 Name: Specialized hardware and driver enablement
 Dir: hardware_enablement

installing/installing_sno/install-sno-installing-sno.adoc

@@ -49,3 +49,5 @@ include::modules/install-sno-monitoring-the-installation-manually.adoc[leveloffs
 include::modules/install-sno-installing-with-usb-media.adoc[leveloffset=+1]
 
 include::modules/install-booting-from-an-iso-over-http-redfish.adoc[leveloffset=+1]
+
+include::modules/creating-custom-live-rhcos-iso.adoc[leveloffset=+1]

modules/creating-custom-live-rhcos-iso.adoc

@@ -0,0 +1,121 @@
+// Module included in the following assemblies:
+//
+// * installing/installing_sno/install-sno-installing-sno.adoc
+
+:_module-type: PROCEDURE
+[id="create-custom-live-rhcos-iso_{context}"]
+= Creating a custom live {op-system} ISO for remote server access
+
+In some cases, you cannot attach an external disk drive to a server, however, you need to access the server remotely to provision a node.
+It is recommended to enable SSH access to the server.
+You can create a live {op-system} ISO with SSHd enabled and with predefined credentials so that you can access the server after it boots.
+
+.Prerequisites
+
+* You installed the `butane` utility.
+
+.Procedure
+
+. Download the `coreos-installer` binary from the `coreos-installer` image link:https://mirror.openshift.com/pub/openshift-v4/clients/coreos-installer/latest/[mirror] page.
+
+. Download the latest live {op-system} ISO from link:https://mirror.openshift.com/pub/openshift-v4/x86_64/dependencies/rhcos/latest/rhcos-live.x86_64.iso[mirror.openshift.com].
+
+. Create the `embedded.yaml` file that the `butane` utility uses to create the Ignition file:
++
+[source,yaml]
+----
+variant: rhcos
+version: 0.1.0
+passwd:
+  users:
+    - name: root
+      ssh_authorized_keys:
+        - '<ssh_key>'
+      password_hash: '$2b$05$aAd9TkvWnvUmeDQEA9vkiOoCqCZgd6cWn0xXwe.ii/TqeCxUC0Z0G' <1>
+storage:
+  files:
+    - path: /etc/ssh/sshd_config
+      contents:
+        local: ./live-sshd_config
+      mode: 0600
+      overwrite: true
+----
+<1> `yescrypt` passwords are not supported in {op-system}. Use `bcrypt` instead when you create the `password_hash`.
+
+. Create the `files-dir/` folder and copy the default `sshd_config` file into the folder.
+
+. Update the following fields in the `files-dir/sshd_config` file:
++
+[source,bash]
+----
+[...]
+PermitRootLogin yes <1>
+[...]
+PasswordAuthentication yes <2>
+----
+<1> Allows access to the server as a root user.
+<2> Allows access to the server by using a password.
+
++
+[IMPORTANT]
+====
+The modified `sshd_config` file overrides the default `sshd_config` file.
+====
+
+. Pass the YAML file and the folder to the `butane` utility:
++
+[source,terminal]
+----
+$ butane -p embedded.yaml -d files-dir/ > embedded.ign
+----
+
+. Once the Ignition file is created, you can include the configuration in a new live {op-system} ISO, which is named `rhcos-sshd-4.11.0-x86_64-live.x86_64.iso`, with the `coreos-installer` utility:
++
+[source,terminal]
+----
+$ coreos-installer iso ignition embed -i embedded.ign rhcos-4.11.0-x86_64-live.x86_64.iso -o rhcos-sshd-4.11.0-x86_64-live.x86_64.iso
+----
+
+.Verification
+
+. Check that the custom live ISO can be used to boot the server by running the following command:
++
+[source,terminal]
+----
+# coreos-installer iso ignition show rhcos-sshd-4.11.0-x86_64-live.x86_64.iso
+----
+
++
+.Example output
+[source,json]
+----
+{
+  "ignition": {
+    "version": "3.2.0"
+  },
+  "passwd": {
+    "users": [
+      {
+        "name": "root",
+        "passwordHash": "$2b$05$aAd9TkvWnvUmeDQEA9vkiOoCqCZgd6cWn0xXwe.ii/TqeCxUC0Z0G",
+        "sshAuthorizedKeys": [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZnG8AIzlDAhpyENpK2qKiTT8EbRWOrz7NXjRzopbPu215mocaJgjjwJjh1cYhgPhpAp6M/ttTk7I4OI7g4588Apx4bwJep6oWTU35LkY8ZxkGVPAJL8kVlTdKQviDv3XX12l4QfnDom4tm4gVbRH0gNT1wzhnLP+LKYm2Ohr9D7p9NBnAdro6k++XWgkDeijLRUTwdEyWunIdW1f8G0Mg8Y1Xzr13BUo3+8aey7HLKJMDtobkz/C8ESYA/f7HJc5FxF0XbapWWovSSDJrr9OmlL9f4TfE+cQk3s+eoKiz2bgNPRgEEwihVbGsCN4grA+RzLCAOpec+2dTJrQvFqsD [email protected]"
+        ]
+      }
+    ]
+  },
+  "storage": {
+    "files": [
+      {
+        "overwrite": true,
+        "path": "/etc/ssh/sshd_config",
+        "contents": {
+          "compression": "gzip",
+          "source": "data:;base64,H4sIAAAAAAAC/4RXX2/bOBJ/16eYWy2QFoj/pdtDN8A9qI6SGLEdw3b22qeAlsY21xQpkJQd3cN99sUMZcUuvFsXbUXO8Mf5P8MYwu/X5xL118XdLTi3zV8zo9dyc72HQXfQ/wQ3/cGXXv+3Xv93uOnf/ja4vbkB/yekbyX8GkUxLLfSgXTgt8jnwaHdowVXO49F5yBzhABZWeGl0bCWCrsAC8QoPr3yw+ePsDYWCmMRpF4bW/CBbnsN4x+Eg8wUpVSYw0H6LcyS5eN/epWzPWUyoXorqW952X6Efdeu6SugIjhvhcdNDZXDnAUwJV3rQGrWKse1qJQ/FRXcVpZlc38UA1lwsXhkOxhwJWZyXbc4LKTforQt1l6oCuGwRUtGKI1zcqXwGlaVB4Vij8RfkJ4Fao95F+BFt6sW2ezRWrKw3xLOGTqbbbSG2lRwENqTZNlW6A1zQ2msB6NBwCIdS129NR675gNbFsGAR6WiuGURK1N58OSLANUlF2IhtNg0kB0BHbbVKy1fPXRK8FkJ8ex5vpy+TL6m8yiO4hnx3txEcZLnFp27F4VUNQhdR/FYOo+6IUC/y39+3L69jaJH4/wT1tBDn/Wc29Lf161x/tU68brD+h84MMt/zpPffP48+J25ohiGstyidSB0Djuspd5E8Rx3WI9lIX1rfW00vocsG5UCY22UMgepN+epYevSGyiNklnd5YAMlqVIiuKWbk2J1kt08KER4xomydBdQ7fb/QgHqRRo44PjhK4B12vMPFCEdUOk14FrhcewyVHDquYgEzrvKKmxjaxSOEoHCgHKEc7pKKaAadiB2Al5plA4vIZsi9kOCqEroaAUpAElU1XmwmMn6NFhPSW6D18+shnP059Ddmw2GzbtonbKbO5FJpX0NSQvy8fowt5sPvojisdmM8Y9KhhN758JJqn8FrWXGdeQ24hZpH6wIsOlLBBuimiGtpB+boxnGtToonjhrcz8xOTowsZEvBHY0pL1/83rBTrHZhr0oyieVasd1ucX8tGmwhwDI1SHYKeV8VvoUrSJym+Nlf/DnOIsRNclwk0Uc3nwTcE9caIzILXzQilxrDhKgdGqbm67hBcl7foJa3cvFYZ+cJE5it/ZZ1bqTJZChUNNvJ/DDZsoYeJl2otDC9qsTM7ZdW9s0M0bOBi7C4WLFBHKGdCIOVBWAltJ6vN83Wlz0Jy1Loopo1fCYf6DTzRl1LCpgYZcBDIUyNzoKw/eVs7D/3tsgRNECuQohr+BjeLRRhuLpM8THXrkM3zZHeNaFDnnUeXQXjm6wQZgMhHd11wjFQVcgJuHvWMcGcilEyuF4CutkZpfplBY8PjmOV0Pxubuuq3xBrTh9P9XFM8a8oUYjUMSpEXp6yMbC/8PZ86sqA39exTO9XZYv4sTxcOtUAr1BufoSqMdXsD7GY82dOUT2hVa4441KoqPOxfcfCQ92zH1flYmDwofSUuZ7dAPFQpdleekB/TJ/WJpdniO9uLwiXxodkc7PCwWyWzUihSWF1QMhOayocWc6EKFMAnEUHiSLMPSGzvkxGWpAvkJ6/Stce77oVST2XefSSrXGGqBvs2kqxrdFX0gM8IsmYA4E+8aRJaZSntqMhkVNr25juJQnkOdO6F0aaQ4lqCAmV9fQOXMpYqFIKjvUS/ZWlNteBKCn3lc6Jxay8UQ7ALcYYk6p15K5jWVZQnOxkxS4YJYeyl+enkhaljVFMNR3LQ/7/myNfzyY8+g4c5UvnMM+V+672PXn1ROwuy1bUzfmPrUuFyi2Vm2avEuSn9NOProSvYCdQSH/m9M1bjxZwpTnGhzRZL/N5lPR9OHW7h6cUgSaHNFrqbZwlUlzXSYU/W9x9xYwfBkr0xUjgy1RyvI76U1K4WF60YNTsiXhGIh2aD298YehGUfcpAzZZmVP+4/CI8HUdO8yPH9bTD4keXbYHAnXalE/bxekzEGfd58ccjJz13jpNYtl9+P6TvirmwxjNZ5mHhIk1IUr4XxedtoSlF08x6/QKjXUkU3a6BW6CfG55wxDiTj8QumjUbyFZlpj9YJL9lzIjwtVpVUviM10/ip0wKGXOblWDgKtqDCcjh7QiwTJfd4qhR1n1TvpTWaHglcIoamKG0TZTkqUWMeDZVE7fn4SHu0e6Fg8KUfxSeEIcXoRLzBpyh+cXg3XTDcTObc8Ht7YXu20myNbinzMBN5YX1V0kx0+6l/O+j3W3tzwwoSba0x/k5azLyxdTMe/BG0T2iYyauinaC1aWenldAaLZSC3ltfw+LIFkom8CMPOxaVoBjFE2PshZXkBxcF3lTvYZxMH2A8fB0uv89S+pi+TNL5aEify9GEt4bP43Gy5M/J8zRdJvPv/J0uFslDujhFG77Oklk6Z6AknE7u7ubpYsGA6TidPT5PA1SaLF7m6SSdLs8RRnfpdDm6Hw2T5eh5yhDjMQv6kjykJ7zfJs93o/tROl+Q/u0r8GgssybTuWoVXhouWhw/mye/W/uS/g+PY7nCN8x6pkTN49Tal51m4o9iSN9EUSok0OYifsOEkujCE7JE26EOBCvhJI/MPtsCD3hCG53tqZKG33n+8pAUfhcKwAn1PXNPNu+NzfA4aWZ7d3yn/BUAAP//SwsNmNoQAAA="
+        },
+        "mode": 384
+      }
+    ]
+  }
+}
+----

modules/ztp-precaching-booting-from-live-os.adoc

@@ -0,0 +1,64 @@
+// Module included in the following assemblies:
+//
+// * scalability_and_performance/ztp_far_edge/ztp-pre-caching-tool.adoc
+
+:_module-type: PROCEDURE
+[id="ztp-booting-from-live-os_{context}"]
+= Booting from a live operating system image
+
+You can use the {factory-prestaging-tool} with to boot servers where only one disk is available and external disk drive cannot be attached to the server.
+
+[WARNING]
+====
+{op-system} requires the disk to not be in use when the disk is about to be written with an {op-system} image.
+====
+
+Depending on the server hardware, you can mount the {op-system} live ISO on the blank server using one of the following methods:
+
+* Using the Dell RACADM tool on a Dell server.
+* Using the HPONCFG tool on a HP server.
+* Using the Redfish BMC API.
+
+[NOTE]
+====
+It is recommended to automate the mounting procedure. To automate the procedure, you need to pull the required images and host them on a local HTTP server.
+====
+
+.Prerequisites
+
+* You powered up the host.
+* You have network connectivity to the host.
+
+.Procedure
+
+[NOTE]
+====
+This example procedure uses the Redfish BMC API to mount the {op-system} live ISO.
+====
+
+. Mount the {op-system} live ISO:
+
+.. Check virtual media status:
++
+[source,terminal]
+----
+$ curl --globoff -H "Content-Type: application/json" -H \
+"Accept: application/json" -k -X GET --user ${username_password} \
+https://$BMC_ADDRESS/redfish/v1/Managers/Self/VirtualMedia/1 | python -m json.tool
+----
+
+.. Mount the ISO file as a virtual media:
++
+[source,terminal]
+----
+$ curl --globoff -L -w "%{http_code} %{url_effective}\\n" -ku ${username_password} -H "Content-Type: application/json" -H "Accept: application/json" -d '{"Image": "http://[$HTTPd_IP]/RHCOS-live.iso"}' -X POST https://$BMC_ADDRESS/redfish/v1/Managers/Self/VirtualMedia/1/Actions/VirtualMedia.InsertMedia
+----
+
+.. Set the boot order to boot from the virtual media once:
++
+[source,terminal]
+----
+$ curl --globoff  -L -w "%{http_code} %{url_effective}\\n"  -ku ${username_password}  -H "Content-Type: application/json" -H "Accept: application/json" -d '{"Boot":{ "BootSourceOverrideEnabled": "Once", "BootSourceOverrideTarget": "Cd", "BootSourceOverrideMode": "UEFI"}}' -X PATCH https://$BMC_ADDRESS/redfish/v1/Systems/Self
+----
+
+. Reboot and ensure that the server is booting from virtual media.