WIP

Signed-off-by: Lennart Jern <[email protected]>

Author: lentzi90

docs/user-guide/examples/bmc-secret.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: bml-01
+type: Opaque
+stringData:
+  username: replaceme
+  password: replaceme

docs/user-guide/examples/bmh-01-provision.yaml

@@ -0,0 +1,17 @@
+apiVersion: metal3.io/v1alpha1
+kind: BareMetalHost
+metadata:
+  name: bml-vm-01
+spec:
+  online: true
+  bootMACAddress: 00:60:2f:31:81:01
+  bootMode: UEFI
+  hardwareProfile: libvirt
+  bmc:
+    address: redfish-virtualmedia+http://192.168.222.1:8000/redfish/v1/Systems/bmh-vm-01
+    credentialsName: bml-01
+  image:
+    checksumType: sha256
+    checksum: http://192.168.222.1/SHA256SUMS
+    format: qcow2
+    url: http://192.168.222.1/jammy-server-cloudimg-amd64.img

docs/user-guide/examples/bmh-01.yaml

@@ -0,0 +1,12 @@
+apiVersion: metal3.io/v1alpha1
+kind: BareMetalHost
+metadata:
+  name: bml-vm-01
+spec:
+  online: true
+  bootMACAddress: 00:60:2f:31:81:01
+  bootMode: UEFI
+  hardwareProfile: libvirt
+  bmc:
+    address: redfish-virtualmedia+http://192.168.222.1:8000/redfish/v1/Systems/bmh-vm-01
+    credentialsName: bml-01

docs/user-guide/examples/capm3-vars.sh

@@ -0,0 +1,29 @@
+# export IMAGE_CHECKSUM="ab54897a1bcae83581512cdeeda787f009846cfd7a63b298e472c1bd6c522d23"
+export IMAGE_CHECKSUM="0df8b1f15e4af64485e2b155f871b83d904b4b26bbd600cce81ae9ff418bbd5c"
+export IMAGE_CHECKSUM_TYPE="sha256"
+# export IMAGE_FORMAT="qcow2"
+export IMAGE_FORMAT="raw"
+# Baremetal lab IMAGE_URL
+# export IMAGE_URL="http://192.168.0.150/CENTOS_9_NODE_IMAGE_K8S_v1.33.0.qcow2"
+# Virtualized setup IMAGE_URL
+# export IMAGE_URL="http://192.168.222.1/CENTOS_9_NODE_IMAGE_K8S_v1.33.0.qcow2"
+export IMAGE_URL="http://192.168.222.1/CENTOS_9_NODE_IMAGE_K8S_v1.33.0.raw"
+export KUBERNETES_VERSION="v1.33.0"
+# Make sure this does not conflict with other networks
+export POD_CIDR='["192.168.10.0/24"]'
+# These can be used to add user-data
+export CTLPLANE_KUBEADM_EXTRA_CONFIG="
+    users:
+    - name: user
+      sshAuthorizedKeys:
+      - ssh-ed25519 ABCD... [email protected]"
+export WORKERS_KUBEADM_EXTRA_CONFIG="
+      users:
+      - name: user
+        sshAuthorizedKeys:
+        - ssh-ed25519 ABCD... [email protected]"
+# NOTE! You must ensure that this is forwarded or assigned somehow to the
+# server(s) that is selected for the control-plane.
+export CLUSTER_APIENDPOINT_HOST="192.168.222.24"
+# export CLUSTER_APIENDPOINT_HOST="192.168.0.101"
+export CLUSTER_APIENDPOINT_PORT="6443"

docs/user-guide/examples/cleanup.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+docker rm -f sushy-tools
+
+virsh -c qemu:///system destroy --domain "bmh-vm-01"
+virsh -c qemu:///system undefine --domain "bmh-vm-01" --remove-all-storage
+
+# Clear network
+virsh -c qemu:///system net-destroy baremetal-e2e
+virsh -c qemu:///system net-undefine baremetal-e2e
+
+sudo iptables -D FORWARD -i kind -o metal3 -j ACCEPT
+sudo iptables -D FORWARD -i metal3 -o kind -j ACCEPT
+
+sudo ip link delete metalend type veth

docs/user-guide/examples/image-server.sh

@@ -6,11 +6,14 @@ pushd disk-images
 wget https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
 wget https://cloud-images.ubuntu.com/jammy/current/SHA256SUMS
 sha256sum --ignore-missing -c SHA256SUMS
-wget https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-latest.x86_64.qcow2
-wget https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-latest.x86_64.qcow2.SHA256SUM
-sha256sum -c CentOS-Stream-GenericCloud-9-latest.x86_64.qcow2.SHA256SUM
 wget https://artifactory.nordix.org/artifactory/metal3/images/k8s_v1.33.0/CENTOS_9_NODE_IMAGE_K8S_v1.33.0.qcow2
 sha256sum CENTOS_9_NODE_IMAGE_K8S_v1.33.0.qcow2
+# Convert to raw.
+# This helps lower memory requirements, since the raw image can be streamed to disk
+# instead of first loaded to memory by IPA for conversion.
+qemu-img convert -f qcow2 -O raw CENTOS_9_NODE_IMAGE_K8S_v1.33.0.qcow2 CENTOS_9_NODE_IMAGE_K8S_v1.33.0.raw
+# Local cache of IPA
+wget https://tarballs.opendev.org/openstack/ironic-python-agent/dib/ipa-centos9-master.tar.gz
 popd
 
 docker run --name image-server --rm -d -p 80:8080 \

docs/user-guide/examples/ironic/certificate.yaml

@@ -0,0 +1,44 @@
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: selfsigned-issuer
+  namespace: baremetal-operator-system
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: ironic-cacert
+  namespace: baremetal-operator-system
+spec:
+  commonName: ironic-ca
+  isCA: true
+  issuerRef:
+    kind: Issuer
+    name: selfsigned-issuer
+  secretName: ironic-cacert
+---
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: ca-issuer
+  namespace: baremetal-operator-system
+spec:
+  ca:
+    secretName: ironic-cacert
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: ironic-cert
+  namespace: baremetal-operator-system
+spec:
+  ipAddresses:
+  - 192.168.222.2
+  dnsNames:
+  - ironic.baremetal-operator-system.svc
+  issuerRef:
+    kind: Issuer
+    name: ca-issuer
+  secretName: ironic-cert

docs/user-guide/examples/ironic.yaml renamed to docs/user-guide/examples/ironic/ironic.yaml

@@ -12,3 +12,5 @@ spec:
     interface: "eth0"
     ipAddress: "192.168.222.2"
     ipAddressManager: "keepalived"
+  tls:
+    certificateName: ironic-cert

docs/user-guide/examples/ironic/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: baremetal-operator-system
+resources:
+- ironic.yaml
+- certificate.yaml

docs/user-guide/examples/irso/kustomization.yaml

@@ -0,0 +1,32 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: ironic-standalone-operator-system
+
+resources:
+- https://github.com/metal3-io/ironic-standalone-operator/releases/latest/download/install.yaml
+
+generatorOptions:
+  disableNameSuffixHash: true
+
+configMapGenerator:
+- name: ironic-operator-config
+  literals:
+  - IPA_BASEURI=http://192.168.222.1
+
+patches:
+- target:
+    kind: Deployment
+    name: ironic-standalone-operator-controller-manager
+  patch: |-
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      name: ironic-standalone-operator
+    spec:
+      template:
+        spec:
+          containers:
+            - name: manager
+              envFrom:
+                - configMapRef:
+                    name: ironic-operator-config