Revise quick-start guide

The guide has been broken by upstream changes, and is a bit outdated
anyway. This is a quite substantial refresh of it that also introduces
IrSO.

- Bump k8s to v1.34.1
- Deploy Ironic using IrSO
- Switch to UEFI boot mode

Signed-off-by: Lennart Jern <[email protected]>

Author: lentzi90

docs/user-guide/examples/bmc-secret.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: bml-01
+type: Opaque
+stringData:
+  username: replaceme
+  password: replaceme

docs/user-guide/examples/bmh-01-provision.yaml

@@ -0,0 +1,17 @@
+apiVersion: metal3.io/v1alpha1
+kind: BareMetalHost
+metadata:
+  name: bml-vm-01
+spec:
+  online: true
+  bootMACAddress: 00:60:2f:31:81:01
+  bootMode: UEFI
+  hardwareProfile: libvirt
+  bmc:
+    address: redfish-virtualmedia+http://192.168.222.1:8000/redfish/v1/Systems/bmh-vm-01
+    credentialsName: bml-01
+  image:
+    checksumType: sha256
+    checksum: http://192.168.222.1/SHA256SUMS
+    format: qcow2
+    url: http://192.168.222.1/jammy-server-cloudimg-amd64.img

docs/user-guide/examples/bmh-01.yaml

@@ -0,0 +1,12 @@
+apiVersion: metal3.io/v1alpha1
+kind: BareMetalHost
+metadata:
+  name: bml-vm-01
+spec:
+  online: true
+  bootMACAddress: 00:60:2f:31:81:01
+  bootMode: UEFI
+  hardwareProfile: libvirt
+  bmc:
+    address: redfish-virtualmedia+http://192.168.222.1:8000/redfish/v1/Systems/bmh-vm-01
+    credentialsName: bml-01

docs/user-guide/examples/bmo/kustomization.yaml

@@ -0,0 +1,9 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: baremetal-operator-system
+# This is the kustomization that we build on. You can download it and change
+# the URL to a relative path if you do not want to access it over the network.
+# Note that the ref=main specifies the version to use.
+# We use main here simply because the integration with IrSO is not included in a release yet.
+resources:
+- https://github.com/metal3-io/baremetal-operator/config/use-irso?ref=main

docs/user-guide/examples/capm3-vars.sh

@@ -0,0 +1,33 @@
+# Baremetal lab image variables
+# export IMAGE_URL="http://192.168.0.150/CENTOS_10_NODE_IMAGE_K8S_v1.34.1.qcow2"
+# export IMAGE_CHECKSUM="afa7e95ee6fb92b952ab85bae4d01033651e690cf04a626c668041d7b94ddd4a"
+# export IMAGE_FORMAT="qcow2"
+# Virtualized setup variables
+export IMAGE_URL="http://192.168.222.1/CENTOS_10_NODE_IMAGE_K8S_v1.34.1.raw"
+export IMAGE_CHECKSUM="20537529c0588e1c3d1929981207ef6fac73df7b2500b84f462d09badcc670ea"
+export IMAGE_FORMAT="raw"
+# Common variables
+export IMAGE_CHECKSUM_TYPE="sha256"
+export KUBERNETES_VERSION="v1.34.1"
+# Make sure this does not conflict with other networks
+export POD_CIDR='["192.168.10.0/24"]'
+# These can be used to add user-data
+export CTLPLANE_KUBEADM_EXTRA_CONFIG="
+    preKubeadmCommands:
+    - systemctl enable --now crio
+    users:
+    - name: user
+      sshAuthorizedKeys:
+      - ssh-ed25519 ABCD... [email protected]"
+export WORKERS_KUBEADM_EXTRA_CONFIG="
+      preKubeadmCommands:
+      - systemctl enable --now crio
+      users:
+      - name: user
+        sshAuthorizedKeys:
+        - ssh-ed25519 ABCD... [email protected]"
+# NOTE! You must ensure that this is forwarded or assigned somehow to the
+# server(s) that is selected for the control-plane.
+# We reserved this address in the net.xml as a basic way to get a fixed IP.
+export CLUSTER_APIENDPOINT_HOST="192.168.222.101"
+export CLUSTER_APIENDPOINT_PORT="6443"

docs/user-guide/examples/cleanup-virtual-lab.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+docker rm -f sushy-tools
+
+virsh -c qemu:///system destroy --domain "bmh-vm-01"
+virsh -c qemu:///system undefine --domain "bmh-vm-01" --remove-all-storage --nvram
+
+# Clear network
+virsh -c qemu:///system net-destroy baremetal-e2e
+virsh -c qemu:///system net-undefine baremetal-e2e
+
+sudo iptables -D FORWARD -i kind -o metal3 -j ACCEPT
+sudo iptables -D FORWARD -i metal3 -o kind -j ACCEPT
+
+sudo ip link delete metalend type veth

docs/user-guide/examples/image-server.sh

@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+mkdir disk-images
+
+pushd disk-images || exit
+wget https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
+wget https://cloud-images.ubuntu.com/jammy/current/SHA256SUMS
+sha256sum --ignore-missing -c SHA256SUMS
+wget https://artifactory.nordix.org/artifactory/metal3/images/k8s_v1.34.1/CENTOS_10_NODE_IMAGE_K8S_v1.34.1.qcow2
+sha256sum CENTOS_10_NODE_IMAGE_K8S_v1.34.1.qcow2
+# Convert to raw.
+# This helps lower memory requirements, since the raw image can be streamed to disk
+# instead of first loaded to memory by IPA for conversion.
+qemu-img convert -f qcow2 -O raw CENTOS_10_NODE_IMAGE_K8S_v1.34.1.qcow2 CENTOS_10_NODE_IMAGE_K8S_v1.34.1.raw
+# Local cache of IPA
+wget https://tarballs.opendev.org/openstack/ironic-python-agent/dib/ipa-centos9-master.tar.gz
+popd || exit
+
+docker run --name image-server --rm -d -p 80:8080 \
+  -v "$(pwd)/disk-images:/usr/share/nginx/html" nginxinc/nginx-unprivileged

docs/user-guide/examples/ironic/certificate.yaml

@@ -0,0 +1,44 @@
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: selfsigned-issuer
+  namespace: baremetal-operator-system
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: ironic-cacert
+  namespace: baremetal-operator-system
+spec:
+  commonName: ironic-ca
+  isCA: true
+  issuerRef:
+    kind: Issuer
+    name: selfsigned-issuer
+  secretName: ironic-cacert
+---
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: ca-issuer
+  namespace: baremetal-operator-system
+spec:
+  ca:
+    secretName: ironic-cacert
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: ironic-cert
+  namespace: baremetal-operator-system
+spec:
+  ipAddresses:
+  - 192.168.222.2
+  dnsNames:
+  - ironic.baremetal-operator-system.svc
+  issuerRef:
+    kind: Issuer
+    name: ca-issuer
+  secretName: ironic-cert

docs/user-guide/examples/ironic/ironic.yaml

@@ -0,0 +1,16 @@
+apiVersion: ironic.metal3.io/v1alpha1
+kind: Ironic
+metadata:
+  name: ironic
+  namespace: baremetal-operator-system
+spec:
+  networking:
+    dhcp:
+      rangeBegin: "192.168.222.100"
+      rangeEnd: "192.168.222.200"
+      networkCIDR: "192.168.222.0/24"
+    interface: "eth0"
+    ipAddress: "192.168.222.2"
+    ipAddressManager: "keepalived"
+  tls:
+    certificateName: ironic-cert

docs/user-guide/examples/ironic/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: baremetal-operator-system
+resources:
+- ironic.yaml
+- certificate.yaml