README
¶
OpenShift cluster-api-provider-powervs
This repository hosts an implementation of a provider for PowerVS for the OpenShift machine-api.
This provider runs as a machine-controller deployed by the machine-api-operator
How to build the images in the RH infrastructure
The Dockerfiles use as builder in the FROM instruction which is not currently supported
by the RH's docker fork (see https://github.com/kubernetes-sigs/kubebuilder/issues/268).
One needs to run the imagebuilder command instead of the docker build.
Note: this info is RH only, it needs to be backported every time the README.md is synced with the upstream one.
Deploy machine API plane with kubernetes cluster
-
Deploying the cluster
Use any existing mechanism for deploying the kubernetes cluster, e.g: kubeadm https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/
-
Deploying machine API controllers
For development purposes the powervs machine controller itself will run out of the machine API stack. Otherwise, docker images needs to be built, pushed into a docker registry and deployed within the stack.
To deploy the stack:
kustomize build config | kubectl apply -f - -
Deploy secret with Power VS credentials
Power VS nodeupdate controller assumes existence of a secret file:
apiVersion: v1 kind: Secret metadata: name: powervs-credentials-secret namespace: openshift-machine-api type: Opaque data: IBMCLOUD_API_KEY: FILLINYou can use
examples/render-powervs-secrets.shscript to generate the secret:# Set the IBMCLOUD_API_KEY with a proper IBM Cloud API Key $ IBMCLOUD_API_KEY=<API_KEY> ./examples/render-powervs-secrets.sh examples/addons.yaml | kubectl apply -f -Go to How to create IBM Cloud API Key for creating API Key
-
Test by creating example machine
# Update the relevant fields like serviceInstanceID, imageID, subnets, keyName etc.. $ kubectl create -f examples/machine-with-user-data.yaml $ kubectl create -f examples/userdata.yml
Test locally built aws actuator
-
Tear down machine-controller
Deployed machine API plane (
machine-api-controllersdeployment) is (among other controllers) runningmachine-controller. In order to run locally built one, simply editmachine-api-controllersdeployment and removemachine-controllercontainer from it. -
Build and run aws actuator outside of the cluster
$ go build -o bin/machine-controller-manager github.com/openshift/cluster-api-provider-powervs/cmd/manager$ .bin/machine-controller-manager --kubeconfig ~/.kube/config --logtostderr -v 5 -alsologtostderrIf running in container with
podman, or locally withoutdockerinstalled, and encountering issues, see hacking-guide. -
Deploy k8s apiserver through machine manifest:
To deploy user data secret with kubernetes apiserver initialization (under config/master-user-data-secret.yaml):
$ kubectl apply -f config/master-user-data-secret.yamlTo deploy kubernetes master machine (under config/master-machine.yaml):
$ kubectl apply -f config/master-machine.yaml -
Pull kubeconfig from created master machine
The master public IP can be accessed from AWS Portal. Once done, you can collect the kube config by running:
$ ssh -i SSHPMKEY ec2-user@PUBLICIP 'sudo cat /root/.kube/config' > kubeconfig $ kubectl --kubeconfig=kubeconfig config set-cluster kubernetes --server=https://PUBLICIP:8443Once done, you can access the cluster via
kubectl. E.g.$ kubectl --kubeconfig=kubeconfig get nodes
Deploy k8s cluster in AWS with machine API plane deployed
-
Generate bootstrap user data
To generate bootstrap script for machine api plane, simply run:
$ ./config/generate-bootstrap.shThe script requires
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYenvironment variables to be set. It generatesconfig/bootstrap.yamlsecret for master machine underconfig/master-machine.yaml.The generated bootstrap secret contains user data responsible for:
- deployment of kube-apiserver
- deployment of machine API plane with aws machine controllers
- generating worker machine user data script secret deploying a node
- deployment of worker machineset
-
Deploy machine API plane through machine manifest:
First, deploy generated bootstrap secret:
$ kubectl apply -f config/bootstrap.yamlThen, deploy master machine (under config/master-machine.yaml):
$ kubectl apply -f config/master-machine.yaml -
Pull kubeconfig from created master machine
The master public IP can be accessed from AWS Portal. Once done, you can collect the kube config by running:
$ ssh -i SSHPMKEY ec2-user@PUBLICIP 'sudo cat /root/.kube/config' > kubeconfig $ kubectl --kubeconfig=kubeconfig config set-cluster kubernetes --server=https://PUBLICIP:8443Once done, you can access the cluster via
kubectl. E.g.$ kubectl --kubeconfig=kubeconfig get nodes
How to create IBM Cloud API Key
Method 1: Create an API Key via IAM
https://cloud.ibm.com/docs/account?topic=account-userapikey&locale=en#create_user_key
Method 2: Create an API Key via Service Account
Upstream Implementation
Other branches of this repository may choose to track the upstream Kubernetes Cluster-API AWS provider
In the future, we may align the master branch with the upstream project as it stabilizes within the community.
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
pkg
|
|
|
apis
Package apis contains Kubernetes API groups.
|
Package apis contains Kubernetes API groups. |
|
apis/powervsprovider
Package powervsprovider contains powervsprovider API versions
|
Package powervsprovider contains powervsprovider API versions |
|
apis/powervsprovider/v1alpha1
Package v1alpha1 contains API Schema definitions for the powervsproviderconfig v1alpha1 API group +kubebuilder:object:generate=true +groupName=powervsproviderconfig.openshift.io
|
Package v1alpha1 contains API Schema definitions for the powervsproviderconfig v1alpha1 API group +kubebuilder:object:generate=true +groupName=powervsproviderconfig.openshift.io |
|
client/mock
Package mock is a generated GoMock package.
|
Package mock is a generated GoMock package. |