diff --git a/data/data/baremetal/main.tf b/data/data/baremetal/main.tf index 0a2b02890fe..3ff703f6681 100644 --- a/data/data/baremetal/main.tf +++ b/data/data/baremetal/main.tf @@ -26,11 +26,13 @@ module "bootstrap" { module "masters" { source = "./masters" - master_count = var.master_count - ignition = var.ignition_master - hosts = var.hosts - properties = var.properties - root_devices = var.root_devices - driver_infos = var.driver_infos - instance_infos = var.instance_infos + master_count = var.master_count + ignition = var.ignition_master + hosts = var.hosts + properties = var.properties + root_devices = var.root_devices + driver_infos = var.driver_infos + instance_infos = var.instance_infos + ignition_url = var.ignition_url + ignition_url_ca_cert = var.ignition_url_ca_cert } diff --git a/data/data/baremetal/masters/main.tf b/data/data/baremetal/masters/main.tf index c97fc3a7863..9f4db448f21 100644 --- a/data/data/baremetal/masters/main.tf +++ b/data/data/baremetal/masters/main.tf @@ -42,8 +42,9 @@ resource "ironic_deployment" "openshift-master-deployment" { count.index, ) - instance_info = var.instance_infos[count.index] - user_data = var.ignition + instance_info = var.instance_infos[count.index] + user_data_url = var.ignition_url + user_data_url_ca_cert = var.ignition_url_ca_cert } data "ironic_introspection" "openshift-master-introspection" { diff --git a/data/data/baremetal/masters/variables.tf b/data/data/baremetal/masters/variables.tf index b6f39fec3d5..a4ed49c7d85 100644 --- a/data/data/baremetal/masters/variables.tf +++ b/data/data/baremetal/masters/variables.tf @@ -33,3 +33,13 @@ variable "instance_infos" { type = list(map(string)) description = "Instance information for hosts" } + +variable "ignition_url" { + type = string + description = "The URL of the full ignition" +} + +variable "ignition_url_ca_cert" { + type = string + description = "Root CA cert of the full ignition URL" +} diff --git a/data/data/baremetal/variables-baremetal.tf b/data/data/baremetal/variables-baremetal.tf index 8a810ced260..7326220314c 100644 --- a/data/data/baremetal/variables-baremetal.tf +++ b/data/data/baremetal/variables-baremetal.tf @@ -52,3 +52,13 @@ variable "instance_infos" { type = list(map(string)) description = "Instance information for hosts" } + +variable "ignition_url" { + type = string + description = "The URL of the full ignition" +} + +variable "ignition_url_ca_cert" { + type = string + description = "Root CA cert of the full ignition URL" +} diff --git a/pkg/asset/cluster/tfvars.go b/pkg/asset/cluster/tfvars.go index b87dd938f6a..4ba24a64fad 100644 --- a/pkg/asset/cluster/tfvars.go +++ b/pkg/asset/cluster/tfvars.go @@ -32,6 +32,7 @@ import ( "github.com/openshift/installer/pkg/asset/machines" "github.com/openshift/installer/pkg/asset/openshiftinstall" "github.com/openshift/installer/pkg/asset/rhcos" + "github.com/openshift/installer/pkg/asset/tls" rhcospkg "github.com/openshift/installer/pkg/rhcos" "github.com/openshift/installer/pkg/tfvars" awstfvars "github.com/openshift/installer/pkg/tfvars/aws" @@ -92,6 +93,7 @@ func (t *TerraformVariables) Dependencies() []asset.Asset { &machines.Master{}, &machines.Worker{}, &baremetalbootstrap.IronicCreds{}, + &tls.RootCA{}, } } @@ -442,6 +444,7 @@ func (t *TerraformVariables) Generate(parents asset.Parents) error { string(*rhcosImage), ironicCreds.Username, ironicCreds.Password, + masterIgn, ) if err != nil { return errors.Wrapf(err, "failed to get %s Terraform variables", platform) diff --git a/pkg/tfvars/baremetal/baremetal.go b/pkg/tfvars/baremetal/baremetal.go index ff2a052d0eb..07fc5c5ba13 100644 --- a/pkg/tfvars/baremetal/baremetal.go +++ b/pkg/tfvars/baremetal/baremetal.go @@ -9,6 +9,8 @@ import ( "path" "strings" + igntypes "github.com/coreos/ignition/v2/config/v3_1/types" + "github.com/metal3-io/baremetal-operator/pkg/bmc" "github.com/metal3-io/baremetal-operator/pkg/hardware" "github.com/openshift/installer/pkg/tfvars/internal/cache" @@ -25,6 +27,9 @@ type config struct { IronicUsername string `json:"ironic_username"` IronicPassword string `json:"ironic_password"` + IgnitionURL string `json:"ignition_url,omitempty"` + IgnitionURLCACert string `json:"ignition_url_ca_cert,omitempty"` + // Data required for control plane deployment - several maps per host, because of terraform's limitations Hosts []map[string]interface{} `json:"hosts"` RootDevices []map[string]interface{} `json:"root_devices"` @@ -34,7 +39,7 @@ type config struct { } // TFVars generates bare metal specific Terraform variables. -func TFVars(libvirtURI, bootstrapProvisioningIP, bootstrapOSImage, externalBridge, externalMAC, provisioningBridge, provisioningMAC string, platformHosts []*baremetal.Host, image, ironicUsername, ironicPassword string) ([]byte, error) { +func TFVars(libvirtURI, bootstrapProvisioningIP, bootstrapOSImage, externalBridge, externalMAC, provisioningBridge, provisioningMAC string, platformHosts []*baremetal.Host, image, ironicUsername, ironicPassword, ignition string) ([]byte, error) { bootstrapOSImage, err := cache.DownloadImageFile(bootstrapOSImage) if err != nil { return nil, errors.Wrap(err, "failed to use cached bootstrap libvirt image") @@ -155,6 +160,13 @@ func TFVars(libvirtURI, bootstrapProvisioningIP, bootstrapOSImage, externalBridg }) } + var masterIgn igntypes.Config + if err := json.Unmarshal([]byte(ignition), &masterIgn); err != nil { + return nil, err + } + ignitionURL := masterIgn.Ignition.Config.Merge[0].Source + ignitionURLCACert := masterIgn.Ignition.Security.TLS.CertificateAuthorities[0].Source + cfg := &config{ LibvirtURI: libvirtURI, BootstrapProvisioningIP: bootstrapProvisioningIP, @@ -167,6 +179,8 @@ func TFVars(libvirtURI, bootstrapProvisioningIP, bootstrapOSImage, externalBridg DriverInfos: driverInfos, RootDevices: rootDevices, InstanceInfos: instanceInfos, + IgnitionURL: *ignitionURL, + IgnitionURLCACert: *ignitionURLCACert, } return json.MarshalIndent(cfg, "", " ")