Updated: sap_hypervisor_node_preconfigure and sap_vm_provision #95
Conversation
sap_hypervisor_node_preconfigure - added wait for MCP update - removed authentication from playbook - enable DownwardMetrics Feature Gate sap_vm_provision - removed authentication from playbook - removed VM authentications password and inline key, only support ssh key files
| # Namespace where the VM should be created in | ||
| sap_vm_provision_kubevirt_vm_target_namespace: sap | ||
| sap_vm_provision_kubevirt_vm_target_namespace: openshift-sriov-network-operator |
There was a problem hiding this comment.
@newkit sap_hypervisor_node_preconfigure is currently supporting only RH, but sap_vm_provision was not intended to be tied to one OS, as visible in
Please ensure that default name you pre-set is not specific, like it was before with generic sap.
There was a problem hiding this comment.
Hi @marcelmamula!
You are right, the preset should not be OpenShift specific, I will revert that.
| ansible.builtin.set_fact: | ||
| sap_hypervisor_node_preconfigure_ocp_kubeconfig_path: "{{ lookup('env', 'K8S_AUTH_KUBECONFIG') | default(None) }}" | ||
| sap_hypervisor_node_preconfigure_kubeconfig: "{{ lookup('env', 'K8S_AUTH_KUBECONFIG') | lookup('env', 'KUBECONFIG') | default(None) }}" |
There was a problem hiding this comment.
"{{ lookup('env', 'K8S_AUTH_KUBECONFIG') | lookup('env', 'KUBECONFIG') | default(None) }}"
-- here we are sending output of lookup('env', 'K8S_AUTH_KUBECONFIG') to lookup('env', 'KUBECONFIG')
Also is it better to use lookup('env', 'K8S_AUTH_KUBECONFIG') or lookup('env', 'KUBECONFIG') -?
Ideally we want flow to be
- look for K8S_AUTH_KUBECONFIG, if found stop.
- if not found look for KUBECONFIG, if found stop
- if none is there, do we want to fail ? in current case it is silently setting to None which has no use? Add a fail in next step if None?
There was a problem hiding this comment.
Hi @geetikakay, thanks for sharing your thoughts on this.
What should be happening is:
- sap_hypervisor_node_preconfigure_kubeconfig is set --> use this and continue
- Else look for K8S_AUTH_KUBECONFIG and if set --> use this and continue
- Else look for KUBECONFIG and if set --> use this and continue
- Fail with Error message that kubeconfig is not set.
I'll add a task which will handle 4.) which is currently missing.
| content: "{{ __sap_vm_provision_kubevirt_vm_register_kubeconfig_data | to_nice_yaml }}" | ||
| dest: "{{ __sap_vm_provision_kubevirt_vm_register_kubeconfig }}" | ||
| mode: "0600" | ||
| sap_vm_provision_kubevirt_vm_kubeconfig: "{{ lookup('env', 'K8S_AUTH_KUBECONFIG') | default(lookup('env', 'KUBECONFIG'), true) }}" |
There was a problem hiding this comment.
ditto Should we fail if both are missing? That way Jenkins CI failures would be easier to narrow down.
| # Namespace where the VM should be created in | ||
| sap_vm_provision_kubevirt_vm_target_namespace: sap | ||
| sap_vm_provision_kubevirt_vm_target_namespace: openshift-sriov-network-operator |
There was a problem hiding this comment.
we should avoid configuring vm in operator namespaces .
There was a problem hiding this comment.
True, but SRIOV has not been working outside of that namespace. But we can set the default to sap again and fix it in documentation.
sap_hypervisor_node_preconfigure
sap_vm_provision