From 25c706d016a56de0983d79757a4f0151f77ab5c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Reme=C5=A1?= Date: Thu, 10 Jun 2021 15:25:17 +0200 Subject: [PATCH 1/2] Gather all MachineConfig definitions --- docs/gathered-data.md | 31 ++- .../config/machineconfigs/00-master.json | 225 ++++++++++++++++++ .../config/machineconfigs/00-worker.json | 216 +++++++++++++++++ .../01-master-container-runtime.json | 98 ++++++++ .../machineconfigs/01-master-kubelet.json | 111 +++++++++ .../01-worker-container-runtime.json | 98 ++++++++ .../machineconfigs/01-worker-kubelet.json | 111 +++++++++ .../75-worker-sap-data-intelligence.json | 63 ----- .../99-master-generated-registries.json | 90 +++++++ .../config/machineconfigs/99-master-ssh.json | 69 ++++++ .../99-sdi-generated-containerruntime.json | 95 -------- .../99-worker-generated-registries.json | 90 +++++++ .../config/machineconfigs/99-worker-ssh.json | 69 ++++++ ...ster-e87e5e9a903559fdc31ebab60a8a33a6.json | 224 +++++++++++++++++ ...rker-ce8ef65e999c2c7a5b42944c37ca8a54.json | 215 +++++++++++++++++ manifests/03-clusterrole.yaml | 8 + .../clusterconfig/clusterconfig_gatherer.go | 1 + .../clusterconfig/machine_configs.go | 67 ++++++ ...onfigs_test.go => machine_configs_test.go} | 10 +- .../clusterconfig/sap_machine_configs.go | 84 ------- 20 files changed, 1711 insertions(+), 264 deletions(-) create mode 100644 docs/insights-archive-sample/config/machineconfigs/00-master.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/00-worker.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/01-master-container-runtime.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/01-master-kubelet.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/01-worker-container-runtime.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/01-worker-kubelet.json delete mode 100644 docs/insights-archive-sample/config/machineconfigs/75-worker-sap-data-intelligence.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/99-master-generated-registries.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/99-master-ssh.json delete mode 100644 docs/insights-archive-sample/config/machineconfigs/99-sdi-generated-containerruntime.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/99-worker-generated-registries.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/99-worker-ssh.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/rendered-master-e87e5e9a903559fdc31ebab60a8a33a6.json create mode 100644 docs/insights-archive-sample/config/machineconfigs/rendered-worker-ce8ef65e999c2c7a5b42944c37ca8a54.json create mode 100644 pkg/gatherers/clusterconfig/machine_configs.go rename pkg/gatherers/clusterconfig/{sap_machine_configs_test.go => machine_configs_test.go} (89%) delete mode 100644 pkg/gatherers/clusterconfig/sap_machine_configs.go diff --git a/docs/gathered-data.md b/docs/gathered-data.md index ca9f686eb..2afe24a2f 100644 --- a/docs/gathered-data.md +++ b/docs/gathered-data.md @@ -312,6 +312,20 @@ Response see: * 4.6+ +## MachineConfigs + +collects MachineConfigs definitions. Following data is intentionally removed from the definitions: +* `spec.config.storage.files` +* `spec.config.passwd.users` + +Response see https://docs.openshift.com/container-platform/4.7/rest_api/machine_apis/machineconfig-machineconfiguration-openshift-io-v1.html + +* Location in archive: config/machineconfigs/.json +* Id in config: machine_configs +* Since versions: + * 4.9+ + + ## MachineHealthCheck collects MachineHealthCheck information @@ -542,23 +556,6 @@ collects `datahubs.installers.datahub.sap.com` resources from SAP/SDI clusters. * 4.8+ -## SAPMachineConfigs - -collects a subset of MachineConfigs related to SDI by applying a set of filtering rules. - -Gathered MachineConfigs at the time of implementation of the gatherer: -* `75-worker-sap-data-intelligence` -* `75-master-sap-data-intelligence` -* `99-sdi-generated-containerruntime` - -Response see https://docs.openshift.com/container-platform/4.7/rest_api/machine_apis/machineconfig-machineconfiguration-openshift-io-v1.html - -* Location in archive: config/machineconfigs/.json -* Id in config: sap_machine_configs -* Since versions: - * 4.8+ - - ## SAPPods collects information about pods running in SAP/SDI namespaces. diff --git a/docs/insights-archive-sample/config/machineconfigs/00-master.json b/docs/insights-archive-sample/config/machineconfigs/00-master.json new file mode 100644 index 000000000..3e5eac5f1 --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/00-master.json @@ -0,0 +1,225 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "annotations": { + "machineconfiguration.openshift.io/generated-by-controller-version": "c4b7e3f5118d62fc3aaaa1fed5eb9ba0d12792de" + }, + "creationTimestamp": "2021-06-14T09:51:37Z", + "generation": 1, + "labels": { + "machineconfiguration.openshift.io/role": "master" + }, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:machineconfiguration.openshift.io/generated-by-controller-version": {} + }, + "f:labels": { + ".": {}, + "f:machineconfiguration.openshift.io/role": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4\"}": { + ".": {}, + "f:apiVersion": {}, + "f:blockOwnerDeletion": {}, + "f:controller": {}, + "f:kind": {}, + "f:name": {}, + "f:uid": {} + } + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + }, + "f:storage": { + ".": {}, + "f:files": {} + }, + "f:systemd": { + ".": {}, + "f:units": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "machine-config-controller", + "operation": "Update", + "time": "2021-06-14T09:51:37Z" + } + ], + "name": "00-master", + "ownerReferences": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "ControllerConfig", + "name": "machine-config-controller", + "uid": "68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4" + } + ], + "resourceVersion": "7525", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/00-master", + "uid": "5b0b0ab2-c5cd-493f-8cd0-0b54b43b921e" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + }, + "systemd": { + "units": [ + { + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + }, + { + "contents": "[Service]\nEnvironment=\"ENABLE_PROFILE_UNIX_SOCKET=true\"\n", + "name": "10-mco-profile-unix-socket.conf" + }, + { + "contents": "[Service]\nEnvironment=\"GODEBUG=x509ignoreCN=0,madvdontneed=1\"\n", + "name": "10-mco-default-madv.conf" + } + ], + "name": "crio.service" + }, + { + "dropins": [ + { + "contents": "[Unit]\nConditionPathExists=/enoent\n", + "name": "mco-disabled.conf" + } + ], + "name": "docker.socket" + }, + { + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + }, + { + "contents": "[Service]\nEnvironment=\"GODEBUG=x509ignoreCN=0,madvdontneed=1\"\n", + "name": "10-mco-default-madv.conf" + } + ], + "name": "kubelet.service" + }, + { + "contents": "[Unit]\nDescription=Machine Config Daemon Firstboot\n# Make sure it runs only on OSTree booted system\nConditionPathExists=/run/ostree-booted\n# Removal of this file signals firstboot completion\nConditionPathExists=/etc/ignition-machine-config-encapsulated.json\nAfter=machine-config-daemon-pull.service\nBefore=crio.service crio-wipe.service\nBefore=kubelet.service\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\n# Disable existing repos (if any) so that OS extensions would use embedded RPMs only\nExecStartPre=-/usr/bin/sh -c \"sed -i 's/enabled=1/enabled=0/' /etc/yum.repos.d/*.repo\"\nExecStart=/run/bin/machine-config-daemon firstboot-complete-machineconfig\n[Install]\nWantedBy=multi-user.target\nRequiredBy=crio.service kubelet.service\n", + "enabled": true, + "name": "machine-config-daemon-firstboot.service" + }, + { + "contents": "[Unit]\nDescription=Machine Config Daemon Pull\n# Make sure it runs only on OSTree booted system\nConditionPathExists=/run/ostree-booted\n# This \"stamp file\" is unlinked when we complete\n# machine-config-daemon-firstboot.service\nConditionPathExists=/etc/ignition-machine-config-encapsulated.json\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\n# See https://github.com/coreos/fedora-coreos-tracker/issues/354\nExecStart=/bin/sh -c '/bin/mkdir -p /run/bin \u0026\u0026 chcon --reference=/usr/bin /run/bin'\nExecStart=/bin/sh -c \"while ! /usr/bin/podman pull --authfile=/var/lib/kubelet/config.json --quiet 'quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4780d931f9287b49fc1125caaa75d6cb92f722b6cc02dc6e562319942a5165a1'; do sleep 1; done\"\nExecStart=/bin/sh -c \"/usr/bin/podman run --rm --quiet --net=host --entrypoint=cat 'quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4780d931f9287b49fc1125caaa75d6cb92f722b6cc02dc6e562319942a5165a1' /usr/bin/machine-config-daemon \u003e /run/bin/machine-config-daemon.tmp\"\nExecStart=/bin/sh -c '/usr/bin/chmod a+x /run/bin/machine-config-daemon.tmp \u0026\u0026 mv /run/bin/machine-config-daemon.tmp /run/bin/machine-config-daemon'\n[Install]\nRequiredBy=machine-config-daemon-firstboot.service\n", + "enabled": true, + "name": "machine-config-daemon-pull.service" + }, + { + "contents": "[Unit]\nBefore=NetworkManager.service\nAfter=systemd-tmpfiles-setup.service\n[Mount]\nWhere=/etc/NetworkManager/system-connections-merged\nWhat=overlay\nType=overlay\nOptions=lowerdir=/etc/NetworkManager/system-connections,upperdir=/run/nm-system-connections,workdir=/run/nm-system-connections-work\n[Install]\nWantedBy=multi-user.target\n", + "enabled": true, + "name": "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount" + }, + { + "contents": "[Unit]\nDescription=Ensure the node hostname is valid for the cluster\nBefore=network-online.target\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\nUser=root\n\n# SystemD prevents direct execution of the script in /usr/local/sbin,\n# so it is sourced. See the script for functionality.\nExecStart=/bin/bash -c \"source /usr/local/sbin/set-valid-hostname.sh; wait_localhost; set_valid_hostname `hostname`\"\n\n# Wait up to 5min for the node to get a real hostname.\nTimeoutSec=300\n\n[Install]\nWantedBy=multi-user.target\n# Ensure that network-online.target will not complete until the node has a real hostname.\nRequiredBy=network-online.target\n", + "enabled": true, + "name": "node-valid-hostname.service" + }, + { + "contents": "[Unit]\nDescription=Writes IP address configuration so that kubelet and crio services select a valid node IP\nWants=network-online.target\nAfter=network-online.target ignition-firstboot-complete.service\nBefore=kubelet.service crio.service\n\n[Service]\n# Need oneshot to delay kubelet\nType=oneshot\n# Would prefer to do Restart=on-failure instead of this bash retry loop, but\n# the version of systemd we have right now doesn't support it. It should be\n# available in systemd v244 and higher.\nExecStart=/bin/bash -c \" \\\n until \\\n /usr/bin/podman run --rm \\\n --authfile /var/lib/kubelet/config.json \\\n --net=host \\\n --volume /etc/systemd/system:/etc/systemd/system:z \\\n quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:eb85ef6d9b93360145b51ecd6e7b5fdc15239272fbcd439eac3b91f88b992501 \\\n node-ip \\\n set \\\n --retry-on-failure; \\\n do \\\n sleep 5; \\\n done\"\nExecStart=/bin/systemctl daemon-reload\n\n[Install]\nRequiredBy=kubelet.service\n", + "enabled": false, + "name": "nodeip-configuration.service" + }, + { + "enabled": true, + "name": "openvswitch.service" + }, + { + "contents": "[Unit]\nDescription=Configures OVS with proper host networking configuration\n# Removal of this file signals firstboot completion\nConditionPathExists=!/etc/ignition-machine-config-encapsulated.json\n# This service is used to move a physical NIC into OVS and reconfigure OVS to use the host IP\nRequires=openvswitch.service\nWants=NetworkManager-wait-online.service\nAfter=NetworkManager-wait-online.service openvswitch.service network.service\nBefore=network-online.target kubelet.service crio.service node-valid-hostname.service\n\n[Service]\n# Need oneshot to delay kubelet\nType=oneshot\nExecStart=/usr/local/bin/configure-ovs.sh OpenShiftSDN\nStandardOutput=journal+console\nStandardError=journal+console\n\n[Install]\nWantedBy=network-online.target\n", + "enabled": true, + "name": "ovs-configuration.service" + }, + { + "dropins": [ + { + "contents": "[Service]\nRestart=always\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /var/lib/openvswitch'\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /etc/openvswitch'\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /run/openvswitch'\n", + "name": "10-ovs-vswitchd-restart.conf" + } + ], + "name": "ovs-vswitchd.service" + }, + { + "dropins": [ + { + "contents": "[Service]\nRestart=always\n", + "name": "10-ovsdb-restart.conf" + } + ], + "enabled": true, + "name": "ovsdb-server.service" + }, + { + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + } + ], + "name": "pivot.service" + }, + { + "dropins": [ + { + "contents": "# See https://github.com/openshift/machine-config-operator/issues/1897\n[Service]\nNice=10\nIOSchedulingClass=best-effort\nIOSchedulingPriority=6\n", + "name": "mco-controlplane-nice.conf" + } + ], + "name": "rpm-ostreed.service" + }, + { + "dropins": [ + { + "contents": "[Unit]\nConditionPathExists=/enoent\n", + "name": "mco-disabled.conf" + } + ], + "name": "zincati.service" + } + ] + } + }, + "extensions": null, + "fips": false, + "kernelArguments": null, + "kernelType": "", + "osImageURL": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5649fe979b5ebe2615344d398ee0a841c9ea49d72be9edaf4048ccea5a729c32" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/00-worker.json b/docs/insights-archive-sample/config/machineconfigs/00-worker.json new file mode 100644 index 000000000..548d67776 --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/00-worker.json @@ -0,0 +1,216 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "annotations": { + "machineconfiguration.openshift.io/generated-by-controller-version": "c4b7e3f5118d62fc3aaaa1fed5eb9ba0d12792de" + }, + "creationTimestamp": "2021-06-14T09:51:37Z", + "generation": 1, + "labels": { + "machineconfiguration.openshift.io/role": "worker" + }, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:machineconfiguration.openshift.io/generated-by-controller-version": {} + }, + "f:labels": { + ".": {}, + "f:machineconfiguration.openshift.io/role": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4\"}": { + ".": {}, + "f:apiVersion": {}, + "f:blockOwnerDeletion": {}, + "f:controller": {}, + "f:kind": {}, + "f:name": {}, + "f:uid": {} + } + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + }, + "f:storage": { + ".": {}, + "f:files": {} + }, + "f:systemd": { + ".": {}, + "f:units": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "machine-config-controller", + "operation": "Update", + "time": "2021-06-14T09:51:37Z" + } + ], + "name": "00-worker", + "ownerReferences": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "ControllerConfig", + "name": "machine-config-controller", + "uid": "68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4" + } + ], + "resourceVersion": "7526", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/00-worker", + "uid": "3d16328d-2a48-4d77-aa1b-3973a8ac332c" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + }, + "systemd": { + "units": [ + { + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + }, + { + "contents": "[Service]\nEnvironment=\"ENABLE_PROFILE_UNIX_SOCKET=true\"\n", + "name": "10-mco-profile-unix-socket.conf" + }, + { + "contents": "[Service]\nEnvironment=\"GODEBUG=x509ignoreCN=0,madvdontneed=1\"\n", + "name": "10-mco-default-madv.conf" + } + ], + "name": "crio.service" + }, + { + "dropins": [ + { + "contents": "[Unit]\nConditionPathExists=/enoent\n", + "name": "mco-disabled.conf" + } + ], + "name": "docker.socket" + }, + { + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + }, + { + "contents": "[Service]\nEnvironment=\"GODEBUG=x509ignoreCN=0,madvdontneed=1\"\n", + "name": "10-mco-default-madv.conf" + } + ], + "name": "kubelet.service" + }, + { + "contents": "[Unit]\nDescription=Machine Config Daemon Firstboot\n# Make sure it runs only on OSTree booted system\nConditionPathExists=/run/ostree-booted\n# Removal of this file signals firstboot completion\nConditionPathExists=/etc/ignition-machine-config-encapsulated.json\nAfter=machine-config-daemon-pull.service\nBefore=crio.service crio-wipe.service\nBefore=kubelet.service\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\n# Disable existing repos (if any) so that OS extensions would use embedded RPMs only\nExecStartPre=-/usr/bin/sh -c \"sed -i 's/enabled=1/enabled=0/' /etc/yum.repos.d/*.repo\"\nExecStart=/run/bin/machine-config-daemon firstboot-complete-machineconfig\n[Install]\nWantedBy=multi-user.target\nRequiredBy=crio.service kubelet.service\n", + "enabled": true, + "name": "machine-config-daemon-firstboot.service" + }, + { + "contents": "[Unit]\nDescription=Machine Config Daemon Pull\n# Make sure it runs only on OSTree booted system\nConditionPathExists=/run/ostree-booted\n# This \"stamp file\" is unlinked when we complete\n# machine-config-daemon-firstboot.service\nConditionPathExists=/etc/ignition-machine-config-encapsulated.json\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\n# See https://github.com/coreos/fedora-coreos-tracker/issues/354\nExecStart=/bin/sh -c '/bin/mkdir -p /run/bin \u0026\u0026 chcon --reference=/usr/bin /run/bin'\nExecStart=/bin/sh -c \"while ! /usr/bin/podman pull --authfile=/var/lib/kubelet/config.json --quiet 'quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4780d931f9287b49fc1125caaa75d6cb92f722b6cc02dc6e562319942a5165a1'; do sleep 1; done\"\nExecStart=/bin/sh -c \"/usr/bin/podman run --rm --quiet --net=host --entrypoint=cat 'quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4780d931f9287b49fc1125caaa75d6cb92f722b6cc02dc6e562319942a5165a1' /usr/bin/machine-config-daemon \u003e /run/bin/machine-config-daemon.tmp\"\nExecStart=/bin/sh -c '/usr/bin/chmod a+x /run/bin/machine-config-daemon.tmp \u0026\u0026 mv /run/bin/machine-config-daemon.tmp /run/bin/machine-config-daemon'\n[Install]\nRequiredBy=machine-config-daemon-firstboot.service\n", + "enabled": true, + "name": "machine-config-daemon-pull.service" + }, + { + "contents": "[Unit]\nBefore=NetworkManager.service\nAfter=systemd-tmpfiles-setup.service\n[Mount]\nWhere=/etc/NetworkManager/system-connections-merged\nWhat=overlay\nType=overlay\nOptions=lowerdir=/etc/NetworkManager/system-connections,upperdir=/run/nm-system-connections,workdir=/run/nm-system-connections-work\n[Install]\nWantedBy=multi-user.target\n", + "enabled": true, + "name": "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount" + }, + { + "contents": "[Unit]\nDescription=Ensure the node hostname is valid for the cluster\nBefore=network-online.target\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\nUser=root\n\n# SystemD prevents direct execution of the script in /usr/local/sbin,\n# so it is sourced. See the script for functionality.\nExecStart=/bin/bash -c \"source /usr/local/sbin/set-valid-hostname.sh; wait_localhost; set_valid_hostname `hostname`\"\n\n# Wait up to 5min for the node to get a real hostname.\nTimeoutSec=300\n\n[Install]\nWantedBy=multi-user.target\n# Ensure that network-online.target will not complete until the node has a real hostname.\nRequiredBy=network-online.target\n", + "enabled": true, + "name": "node-valid-hostname.service" + }, + { + "contents": "[Unit]\nDescription=Writes IP address configuration so that kubelet and crio services select a valid node IP\nWants=network-online.target\nAfter=network-online.target ignition-firstboot-complete.service\nBefore=kubelet.service crio.service\n\n[Service]\n# Need oneshot to delay kubelet\nType=oneshot\n# Would prefer to do Restart=on-failure instead of this bash retry loop, but\n# the version of systemd we have right now doesn't support it. It should be\n# available in systemd v244 and higher.\nExecStart=/bin/bash -c \" \\\n until \\\n /usr/bin/podman run --rm \\\n --authfile /var/lib/kubelet/config.json \\\n --net=host \\\n --volume /etc/systemd/system:/etc/systemd/system:z \\\n quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:eb85ef6d9b93360145b51ecd6e7b5fdc15239272fbcd439eac3b91f88b992501 \\\n node-ip \\\n set \\\n --retry-on-failure; \\\n do \\\n sleep 5; \\\n done\"\nExecStart=/bin/systemctl daemon-reload\n\n[Install]\nRequiredBy=kubelet.service\n", + "enabled": false, + "name": "nodeip-configuration.service" + }, + { + "enabled": true, + "name": "openvswitch.service" + }, + { + "contents": "[Unit]\nDescription=Configures OVS with proper host networking configuration\n# Removal of this file signals firstboot completion\nConditionPathExists=!/etc/ignition-machine-config-encapsulated.json\n# This service is used to move a physical NIC into OVS and reconfigure OVS to use the host IP\nRequires=openvswitch.service\nWants=NetworkManager-wait-online.service\nAfter=NetworkManager-wait-online.service openvswitch.service network.service\nBefore=network-online.target kubelet.service crio.service node-valid-hostname.service\n\n[Service]\n# Need oneshot to delay kubelet\nType=oneshot\nExecStart=/usr/local/bin/configure-ovs.sh OpenShiftSDN\nStandardOutput=journal+console\nStandardError=journal+console\n\n[Install]\nWantedBy=network-online.target\n", + "enabled": true, + "name": "ovs-configuration.service" + }, + { + "dropins": [ + { + "contents": "[Service]\nRestart=always\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /var/lib/openvswitch'\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /etc/openvswitch'\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /run/openvswitch'\n", + "name": "10-ovs-vswitchd-restart.conf" + } + ], + "name": "ovs-vswitchd.service" + }, + { + "dropins": [ + { + "contents": "[Service]\nRestart=always\n", + "name": "10-ovsdb-restart.conf" + } + ], + "enabled": true, + "name": "ovsdb-server.service" + }, + { + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + } + ], + "name": "pivot.service" + }, + { + "dropins": [ + { + "contents": "[Unit]\nConditionPathExists=/enoent\n", + "name": "mco-disabled.conf" + } + ], + "name": "zincati.service" + } + ] + } + }, + "extensions": null, + "fips": false, + "kernelArguments": null, + "kernelType": "", + "osImageURL": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5649fe979b5ebe2615344d398ee0a841c9ea49d72be9edaf4048ccea5a729c32" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/01-master-container-runtime.json b/docs/insights-archive-sample/config/machineconfigs/01-master-container-runtime.json new file mode 100644 index 000000000..9cf7d2861 --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/01-master-container-runtime.json @@ -0,0 +1,98 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "annotations": { + "machineconfiguration.openshift.io/generated-by-controller-version": "c4b7e3f5118d62fc3aaaa1fed5eb9ba0d12792de" + }, + "creationTimestamp": "2021-06-14T09:51:37Z", + "generation": 1, + "labels": { + "machineconfiguration.openshift.io/role": "master" + }, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:machineconfiguration.openshift.io/generated-by-controller-version": {} + }, + "f:labels": { + ".": {}, + "f:machineconfiguration.openshift.io/role": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4\"}": { + ".": {}, + "f:apiVersion": {}, + "f:blockOwnerDeletion": {}, + "f:controller": {}, + "f:kind": {}, + "f:name": {}, + "f:uid": {} + } + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + }, + "f:storage": { + ".": {}, + "f:files": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "machine-config-controller", + "operation": "Update", + "time": "2021-06-14T09:51:37Z" + } + ], + "name": "01-master-container-runtime", + "ownerReferences": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "ControllerConfig", + "name": "machine-config-controller", + "uid": "68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4" + } + ], + "resourceVersion": "7527", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/01-master-container-runtime", + "uid": "881bb4a7-4b5b-4504-b37b-9e10bea47b3b" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + } + }, + "extensions": null, + "fips": false, + "kernelArguments": null, + "kernelType": "", + "osImageURL": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5649fe979b5ebe2615344d398ee0a841c9ea49d72be9edaf4048ccea5a729c32" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/01-master-kubelet.json b/docs/insights-archive-sample/config/machineconfigs/01-master-kubelet.json new file mode 100644 index 000000000..7001657f9 --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/01-master-kubelet.json @@ -0,0 +1,111 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "annotations": { + "machineconfiguration.openshift.io/generated-by-controller-version": "c4b7e3f5118d62fc3aaaa1fed5eb9ba0d12792de" + }, + "creationTimestamp": "2021-06-14T09:51:37Z", + "generation": 1, + "labels": { + "machineconfiguration.openshift.io/role": "master" + }, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:machineconfiguration.openshift.io/generated-by-controller-version": {} + }, + "f:labels": { + ".": {}, + "f:machineconfiguration.openshift.io/role": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4\"}": { + ".": {}, + "f:apiVersion": {}, + "f:blockOwnerDeletion": {}, + "f:controller": {}, + "f:kind": {}, + "f:name": {}, + "f:uid": {} + } + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + }, + "f:storage": { + ".": {}, + "f:files": {} + }, + "f:systemd": { + ".": {}, + "f:units": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "machine-config-controller", + "operation": "Update", + "time": "2021-06-14T09:51:37Z" + } + ], + "name": "01-master-kubelet", + "ownerReferences": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "ControllerConfig", + "name": "machine-config-controller", + "uid": "68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4" + } + ], + "resourceVersion": "7528", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/01-master-kubelet", + "uid": "50ed8700-37ac-4b98-87a1-8c9db7e1b4b1" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + }, + "systemd": { + "units": [ + { + "contents": "[Unit]\nDescription=Kubernetes Kubelet\nWants=rpc-statd.service network-online.target crio.service\nAfter=network-online.target crio.service\nAfter=ostree-finalize-staged.service\n\n[Service]\nType=notify\nExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests\nExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state\nEnvironmentFile=/etc/os-release\nEnvironmentFile=-/etc/kubernetes/kubelet-workaround\nEnvironmentFile=-/etc/kubernetes/kubelet-env\n\nExecStart=/usr/bin/hyperkube \\\n kubelet \\\n --config=/etc/kubernetes/kubelet.conf \\\n --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --container-runtime=remote \\\n --container-runtime-endpoint=/var/run/crio/crio.sock \\\n --runtime-cgroups=/system.slice/crio.service \\\n --node-labels=node-role.kubernetes.io/master,node.openshift.io/os_id=${ID} \\\n --node-ip=${KUBELET_NODE_IP} \\\n --minimum-container-ttl-duration=6m0s \\\n --cloud-provider=aws \\\n --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \\\n \\\n --register-with-taints=node-role.kubernetes.io/master=:NoSchedule \\\n --pod-infra-container-image=quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fae531c9a94b12f41c6fcaaecd99e6b40de3e550d1ce86ed110ffd71ccff128d \\\n --v=${KUBELET_LOG_LEVEL}\n\nRestart=always\nRestartSec=10\n\n[Install]\nWantedBy=multi-user.target\n", + "enabled": true, + "name": "kubelet.service" + } + ] + } + }, + "extensions": null, + "fips": false, + "kernelArguments": null, + "kernelType": "", + "osImageURL": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5649fe979b5ebe2615344d398ee0a841c9ea49d72be9edaf4048ccea5a729c32" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/01-worker-container-runtime.json b/docs/insights-archive-sample/config/machineconfigs/01-worker-container-runtime.json new file mode 100644 index 000000000..e4742125a --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/01-worker-container-runtime.json @@ -0,0 +1,98 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "annotations": { + "machineconfiguration.openshift.io/generated-by-controller-version": "c4b7e3f5118d62fc3aaaa1fed5eb9ba0d12792de" + }, + "creationTimestamp": "2021-06-14T09:51:37Z", + "generation": 1, + "labels": { + "machineconfiguration.openshift.io/role": "worker" + }, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:machineconfiguration.openshift.io/generated-by-controller-version": {} + }, + "f:labels": { + ".": {}, + "f:machineconfiguration.openshift.io/role": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4\"}": { + ".": {}, + "f:apiVersion": {}, + "f:blockOwnerDeletion": {}, + "f:controller": {}, + "f:kind": {}, + "f:name": {}, + "f:uid": {} + } + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + }, + "f:storage": { + ".": {}, + "f:files": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "machine-config-controller", + "operation": "Update", + "time": "2021-06-14T09:51:37Z" + } + ], + "name": "01-worker-container-runtime", + "ownerReferences": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "ControllerConfig", + "name": "machine-config-controller", + "uid": "68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4" + } + ], + "resourceVersion": "7532", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/01-worker-container-runtime", + "uid": "8b32c5f8-74e3-4fbf-bc0f-8b77c337d3e1" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + } + }, + "extensions": null, + "fips": false, + "kernelArguments": null, + "kernelType": "", + "osImageURL": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5649fe979b5ebe2615344d398ee0a841c9ea49d72be9edaf4048ccea5a729c32" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/01-worker-kubelet.json b/docs/insights-archive-sample/config/machineconfigs/01-worker-kubelet.json new file mode 100644 index 000000000..85283c949 --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/01-worker-kubelet.json @@ -0,0 +1,111 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "annotations": { + "machineconfiguration.openshift.io/generated-by-controller-version": "c4b7e3f5118d62fc3aaaa1fed5eb9ba0d12792de" + }, + "creationTimestamp": "2021-06-14T09:51:38Z", + "generation": 1, + "labels": { + "machineconfiguration.openshift.io/role": "worker" + }, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:machineconfiguration.openshift.io/generated-by-controller-version": {} + }, + "f:labels": { + ".": {}, + "f:machineconfiguration.openshift.io/role": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4\"}": { + ".": {}, + "f:apiVersion": {}, + "f:blockOwnerDeletion": {}, + "f:controller": {}, + "f:kind": {}, + "f:name": {}, + "f:uid": {} + } + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + }, + "f:storage": { + ".": {}, + "f:files": {} + }, + "f:systemd": { + ".": {}, + "f:units": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "machine-config-controller", + "operation": "Update", + "time": "2021-06-14T09:51:38Z" + } + ], + "name": "01-worker-kubelet", + "ownerReferences": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "ControllerConfig", + "name": "machine-config-controller", + "uid": "68f9cf4f-8c71-4cd5-a82b-a24e8dfa59a4" + } + ], + "resourceVersion": "7551", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/01-worker-kubelet", + "uid": "e971f0a5-5399-4455-8847-0bd29bc4264b" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + }, + "systemd": { + "units": [ + { + "contents": "[Unit]\nDescription=Kubernetes Kubelet\nWants=rpc-statd.service network-online.target crio.service\nAfter=network-online.target crio.service\nAfter=ostree-finalize-staged.service\n\n[Service]\nType=notify\nExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests\nExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state\nEnvironmentFile=/etc/os-release\nEnvironmentFile=-/etc/kubernetes/kubelet-workaround\nEnvironmentFile=-/etc/kubernetes/kubelet-env\n\nExecStart=/usr/bin/hyperkube \\\n kubelet \\\n --config=/etc/kubernetes/kubelet.conf \\\n --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --container-runtime=remote \\\n --container-runtime-endpoint=/var/run/crio/crio.sock \\\n --runtime-cgroups=/system.slice/crio.service \\\n --node-labels=node-role.kubernetes.io/worker,node.openshift.io/os_id=${ID} \\\n --node-ip=${KUBELET_NODE_IP} \\\n --minimum-container-ttl-duration=6m0s \\\n --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \\\n --cloud-provider=aws \\\n \\\n --pod-infra-container-image=quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fae531c9a94b12f41c6fcaaecd99e6b40de3e550d1ce86ed110ffd71ccff128d \\\n --v=${KUBELET_LOG_LEVEL}\n\nRestart=always\nRestartSec=10\n\n[Install]\nWantedBy=multi-user.target\n", + "enabled": true, + "name": "kubelet.service" + } + ] + } + }, + "extensions": null, + "fips": false, + "kernelArguments": null, + "kernelType": "", + "osImageURL": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5649fe979b5ebe2615344d398ee0a841c9ea49d72be9edaf4048ccea5a729c32" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/75-worker-sap-data-intelligence.json b/docs/insights-archive-sample/config/machineconfigs/75-worker-sap-data-intelligence.json deleted file mode 100644 index e27bf0231..000000000 --- a/docs/insights-archive-sample/config/machineconfigs/75-worker-sap-data-intelligence.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "apiVersion": "machineconfiguration.openshift.io/v1", - "kind": "MachineConfig", - "metadata": { - "creationTimestamp": "2021-01-21T09:39:02Z", - "generation": 1, - "labels": { - "machineconfiguration.openshift.io/role": "sdi" - }, - "managedFields": [ - { - "apiVersion": "machineconfiguration.openshift.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:labels": { - ".": {}, - "f:machineconfiguration.openshift.io/role": {} - } - }, - "f:spec": { - ".": {}, - "f:config": { - ".": {}, - "f:ignition": { - ".": {}, - "f:version": {} - }, - "f:storage": { - ".": {}, - "f:files": {} - }, - "f:systemd": { - ".": {}, - "f:units": {} - } - } - } - }, - "manager": "oc", - "operation": "Update", - "time": "2021-01-21T09:39:02Z" - } - ], - "name": "75-worker-sap-data-intelligence", - "resourceVersion": "488484", - "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/75-worker-sap-data-intelligence", - "uid": "ea83db83-39d3-4919-a1fd-d2b432db7117" - }, - "spec": { - "config": { - "ignition": { - "version": "2.2.0" - }, - "storage": { - "files": [] - }, - "systemd": { - "units": [] - } - } - } -} diff --git a/docs/insights-archive-sample/config/machineconfigs/99-master-generated-registries.json b/docs/insights-archive-sample/config/machineconfigs/99-master-generated-registries.json new file mode 100644 index 000000000..a2222af23 --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/99-master-generated-registries.json @@ -0,0 +1,90 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "annotations": { + "machineconfiguration.openshift.io/generated-by-controller-version": "c4b7e3f5118d62fc3aaaa1fed5eb9ba0d12792de" + }, + "creationTimestamp": "2021-06-14T09:51:38Z", + "generation": 1, + "labels": { + "machineconfiguration.openshift.io/role": "master" + }, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:machineconfiguration.openshift.io/generated-by-controller-version": {} + }, + "f:labels": { + ".": {}, + "f:machineconfiguration.openshift.io/role": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"7cb1dbc7-71f5-4bda-90ed-b0c1c1bec27f\"}": { + ".": {}, + "f:apiVersion": {}, + "f:kind": {}, + "f:name": {}, + "f:uid": {} + } + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "machine-config-controller", + "operation": "Update", + "time": "2021-06-14T09:51:38Z" + } + ], + "name": "99-master-generated-registries", + "ownerReferences": [ + { + "apiVersion": "config.openshift.io/v1", + "kind": "Image", + "name": "cluster", + "uid": "7cb1dbc7-71f5-4bda-90ed-b0c1c1bec27f" + } + ], + "resourceVersion": "7545", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/99-master-generated-registries", + "uid": "90bdffd5-e9d8-4802-a374-8760699ee186" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + } + }, + "extensions": null, + "fips": false, + "kernelArguments": null, + "kernelType": "", + "osImageURL": "" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/99-master-ssh.json b/docs/insights-archive-sample/config/machineconfigs/99-master-ssh.json new file mode 100644 index 000000000..4ca9ca2b3 --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/99-master-ssh.json @@ -0,0 +1,69 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "creationTimestamp": "2021-06-14T09:45:45Z", + "generation": 1, + "labels": { + "machineconfiguration.openshift.io/role": "master" + }, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:machineconfiguration.openshift.io/role": {} + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + }, + "f:passwd": { + ".": {}, + "f:users": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "cluster-bootstrap", + "operation": "Update", + "time": "2021-06-14T09:45:45Z" + } + ], + "name": "99-master-ssh", + "resourceVersion": "1680", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/99-master-ssh", + "uid": "b03d9af5-4801-4945-b419-481d683eb8dd" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + } + }, + "extensions": null, + "fips": false, + "kernelArguments": null, + "kernelType": "", + "osImageURL": "" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/99-sdi-generated-containerruntime.json b/docs/insights-archive-sample/config/machineconfigs/99-sdi-generated-containerruntime.json deleted file mode 100644 index 6b858fe60..000000000 --- a/docs/insights-archive-sample/config/machineconfigs/99-sdi-generated-containerruntime.json +++ /dev/null @@ -1,95 +0,0 @@ -{ - "apiVersion": "machineconfiguration.openshift.io/v1", - "kind": "MachineConfig", - "metadata": { - "annotations": { - "machineconfiguration.openshift.io/generated-by-controller-version": "14a2b82d9f4c4d8b423f8f05f6926778ef36870d" - }, - "creationTimestamp": "2021-01-21T09:39:43Z", - "generation": 1, - "labels": { - "machineconfiguration.openshift.io/role": "sdi" - }, - "managedFields": [ - { - "apiVersion": "machineconfiguration.openshift.io/v1", - "fieldsType": "FieldsV1", - "fieldsV1": { - "f:metadata": { - "f:annotations": { - ".": {}, - "f:machineconfiguration.openshift.io/generated-by-controller-version": {} - }, - "f:labels": { - ".": {}, - "f:machineconfiguration.openshift.io/role": {} - }, - "f:ownerReferences": { - ".": {}, - "k:{\"uid\":\"13fe29b8-e386-4c58-97b4-6e52eb5dcb1f\"}": { - ".": {}, - "f:apiVersion": {}, - "f:blockOwnerDeletion": {}, - "f:controller": {}, - "f:kind": {}, - "f:name": {}, - "f:uid": {} - } - } - }, - "f:spec": { - ".": {}, - "f:config": { - ".": {}, - "f:ignition": { - ".": {}, - "f:version": {} - }, - "f:storage": { - ".": {}, - "f:files": {} - } - }, - "f:extensions": {}, - "f:fips": {}, - "f:kernelArguments": {}, - "f:kernelType": {}, - "f:osImageURL": {} - } - }, - "manager": "machine-config-controller", - "operation": "Update", - "time": "2021-03-11T16:48:22Z" - } - ], - "name": "99-sdi-generated-containerruntime", - "ownerReferences": [ - { - "apiVersion": "machineconfiguration.openshift.io/v1", - "blockOwnerDeletion": true, - "controller": true, - "kind": "ContainerRuntimeConfig", - "name": "sdi-pids-limit", - "uid": "13fe29b8-e386-4c58-97b4-6e52eb5dcb1f" - } - ], - "resourceVersion": "38056012", - "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/99-sdi-generated-containerruntime", - "uid": "d421f83d-124d-4fa5-bf21-dd271c7e2139" - }, - "spec": { - "config": { - "ignition": { - "version": "3.1.0" - }, - "storage": { - "files": [] - } - }, - "extensions": null, - "fips": false, - "kernelArguments": null, - "kernelType": "", - "osImageURL": "" - } -} diff --git a/docs/insights-archive-sample/config/machineconfigs/99-worker-generated-registries.json b/docs/insights-archive-sample/config/machineconfigs/99-worker-generated-registries.json new file mode 100644 index 000000000..b9af782c7 --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/99-worker-generated-registries.json @@ -0,0 +1,90 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "annotations": { + "machineconfiguration.openshift.io/generated-by-controller-version": "c4b7e3f5118d62fc3aaaa1fed5eb9ba0d12792de" + }, + "creationTimestamp": "2021-06-14T09:51:38Z", + "generation": 1, + "labels": { + "machineconfiguration.openshift.io/role": "worker" + }, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:machineconfiguration.openshift.io/generated-by-controller-version": {} + }, + "f:labels": { + ".": {}, + "f:machineconfiguration.openshift.io/role": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"7cb1dbc7-71f5-4bda-90ed-b0c1c1bec27f\"}": { + ".": {}, + "f:apiVersion": {}, + "f:kind": {}, + "f:name": {}, + "f:uid": {} + } + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "machine-config-controller", + "operation": "Update", + "time": "2021-06-14T09:51:38Z" + } + ], + "name": "99-worker-generated-registries", + "ownerReferences": [ + { + "apiVersion": "config.openshift.io/v1", + "kind": "Image", + "name": "cluster", + "uid": "7cb1dbc7-71f5-4bda-90ed-b0c1c1bec27f" + } + ], + "resourceVersion": "7543", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/99-worker-generated-registries", + "uid": "65acc4b3-97fe-405f-aefb-5c060ab61d33" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + } + }, + "extensions": null, + "fips": false, + "kernelArguments": null, + "kernelType": "", + "osImageURL": "" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/99-worker-ssh.json b/docs/insights-archive-sample/config/machineconfigs/99-worker-ssh.json new file mode 100644 index 000000000..bb112629e --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/99-worker-ssh.json @@ -0,0 +1,69 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "creationTimestamp": "2021-06-14T09:45:45Z", + "generation": 1, + "labels": { + "machineconfiguration.openshift.io/role": "worker" + }, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:machineconfiguration.openshift.io/role": {} + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + }, + "f:passwd": { + ".": {}, + "f:users": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "cluster-bootstrap", + "operation": "Update", + "time": "2021-06-14T09:45:45Z" + } + ], + "name": "99-worker-ssh", + "resourceVersion": "1686", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/99-worker-ssh", + "uid": "eee92fcd-64b7-486e-a900-1dd46755c321" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + } + }, + "extensions": null, + "fips": false, + "kernelArguments": null, + "kernelType": "", + "osImageURL": "" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/rendered-master-e87e5e9a903559fdc31ebab60a8a33a6.json b/docs/insights-archive-sample/config/machineconfigs/rendered-master-e87e5e9a903559fdc31ebab60a8a33a6.json new file mode 100644 index 000000000..69fcd08e3 --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/rendered-master-e87e5e9a903559fdc31ebab60a8a33a6.json @@ -0,0 +1,224 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "annotations": { + "machineconfiguration.openshift.io/generated-by-controller-version": "c4b7e3f5118d62fc3aaaa1fed5eb9ba0d12792de" + }, + "creationTimestamp": "2021-06-14T09:51:42Z", + "generation": 1, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:machineconfiguration.openshift.io/generated-by-controller-version": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9d5bfd97-4e9a-4e7a-974e-704994dd243b\"}": { + ".": {}, + "f:apiVersion": {}, + "f:blockOwnerDeletion": {}, + "f:controller": {}, + "f:kind": {}, + "f:name": {}, + "f:uid": {} + } + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + }, + "f:passwd": { + ".": {}, + "f:users": {} + }, + "f:storage": { + ".": {}, + "f:files": {} + }, + "f:systemd": { + ".": {}, + "f:units": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "machine-config-controller", + "operation": "Update", + "time": "2021-06-14T09:51:42Z" + } + ], + "name": "rendered-master-e87e5e9a903559fdc31ebab60a8a33a6", + "ownerReferences": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "MachineConfigPool", + "name": "master", + "uid": "9d5bfd97-4e9a-4e7a-974e-704994dd243b" + } + ], + "resourceVersion": "7680", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/rendered-master-e87e5e9a903559fdc31ebab60a8a33a6", + "uid": "3bf0e4af-caf0-4675-9286-4ef183b73f4c" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + }, + "systemd": { + "units": [ + { + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + }, + { + "contents": "[Service]\nEnvironment=\"ENABLE_PROFILE_UNIX_SOCKET=true\"\n", + "name": "10-mco-profile-unix-socket.conf" + }, + { + "contents": "[Service]\nEnvironment=\"GODEBUG=x509ignoreCN=0,madvdontneed=1\"\n", + "name": "10-mco-default-madv.conf" + } + ], + "name": "crio.service" + }, + { + "dropins": [ + { + "contents": "[Unit]\nConditionPathExists=/enoent\n", + "name": "mco-disabled.conf" + } + ], + "name": "docker.socket" + }, + { + "contents": "[Unit]\nDescription=Kubernetes Kubelet\nWants=rpc-statd.service network-online.target crio.service\nAfter=network-online.target crio.service\nAfter=ostree-finalize-staged.service\n\n[Service]\nType=notify\nExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests\nExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state\nEnvironmentFile=/etc/os-release\nEnvironmentFile=-/etc/kubernetes/kubelet-workaround\nEnvironmentFile=-/etc/kubernetes/kubelet-env\n\nExecStart=/usr/bin/hyperkube \\\n kubelet \\\n --config=/etc/kubernetes/kubelet.conf \\\n --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --container-runtime=remote \\\n --container-runtime-endpoint=/var/run/crio/crio.sock \\\n --runtime-cgroups=/system.slice/crio.service \\\n --node-labels=node-role.kubernetes.io/master,node.openshift.io/os_id=${ID} \\\n --node-ip=${KUBELET_NODE_IP} \\\n --minimum-container-ttl-duration=6m0s \\\n --cloud-provider=aws \\\n --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \\\n \\\n --register-with-taints=node-role.kubernetes.io/master=:NoSchedule \\\n --pod-infra-container-image=quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fae531c9a94b12f41c6fcaaecd99e6b40de3e550d1ce86ed110ffd71ccff128d \\\n --v=${KUBELET_LOG_LEVEL}\n\nRestart=always\nRestartSec=10\n\n[Install]\nWantedBy=multi-user.target\n", + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + }, + { + "contents": "[Service]\nEnvironment=\"GODEBUG=x509ignoreCN=0,madvdontneed=1\"\n", + "name": "10-mco-default-madv.conf" + } + ], + "enabled": true, + "name": "kubelet.service" + }, + { + "contents": "[Unit]\nDescription=Machine Config Daemon Firstboot\n# Make sure it runs only on OSTree booted system\nConditionPathExists=/run/ostree-booted\n# Removal of this file signals firstboot completion\nConditionPathExists=/etc/ignition-machine-config-encapsulated.json\nAfter=machine-config-daemon-pull.service\nBefore=crio.service crio-wipe.service\nBefore=kubelet.service\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\n# Disable existing repos (if any) so that OS extensions would use embedded RPMs only\nExecStartPre=-/usr/bin/sh -c \"sed -i 's/enabled=1/enabled=0/' /etc/yum.repos.d/*.repo\"\nExecStart=/run/bin/machine-config-daemon firstboot-complete-machineconfig\n[Install]\nWantedBy=multi-user.target\nRequiredBy=crio.service kubelet.service\n", + "enabled": true, + "name": "machine-config-daemon-firstboot.service" + }, + { + "contents": "[Unit]\nDescription=Machine Config Daemon Pull\n# Make sure it runs only on OSTree booted system\nConditionPathExists=/run/ostree-booted\n# This \"stamp file\" is unlinked when we complete\n# machine-config-daemon-firstboot.service\nConditionPathExists=/etc/ignition-machine-config-encapsulated.json\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\n# See https://github.com/coreos/fedora-coreos-tracker/issues/354\nExecStart=/bin/sh -c '/bin/mkdir -p /run/bin \u0026\u0026 chcon --reference=/usr/bin /run/bin'\nExecStart=/bin/sh -c \"while ! /usr/bin/podman pull --authfile=/var/lib/kubelet/config.json --quiet 'quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4780d931f9287b49fc1125caaa75d6cb92f722b6cc02dc6e562319942a5165a1'; do sleep 1; done\"\nExecStart=/bin/sh -c \"/usr/bin/podman run --rm --quiet --net=host --entrypoint=cat 'quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4780d931f9287b49fc1125caaa75d6cb92f722b6cc02dc6e562319942a5165a1' /usr/bin/machine-config-daemon \u003e /run/bin/machine-config-daemon.tmp\"\nExecStart=/bin/sh -c '/usr/bin/chmod a+x /run/bin/machine-config-daemon.tmp \u0026\u0026 mv /run/bin/machine-config-daemon.tmp /run/bin/machine-config-daemon'\n[Install]\nRequiredBy=machine-config-daemon-firstboot.service\n", + "enabled": true, + "name": "machine-config-daemon-pull.service" + }, + { + "contents": "[Unit]\nBefore=NetworkManager.service\nAfter=systemd-tmpfiles-setup.service\n[Mount]\nWhere=/etc/NetworkManager/system-connections-merged\nWhat=overlay\nType=overlay\nOptions=lowerdir=/etc/NetworkManager/system-connections,upperdir=/run/nm-system-connections,workdir=/run/nm-system-connections-work\n[Install]\nWantedBy=multi-user.target\n", + "enabled": true, + "name": "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount" + }, + { + "contents": "[Unit]\nDescription=Ensure the node hostname is valid for the cluster\nBefore=network-online.target\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\nUser=root\n\n# SystemD prevents direct execution of the script in /usr/local/sbin,\n# so it is sourced. See the script for functionality.\nExecStart=/bin/bash -c \"source /usr/local/sbin/set-valid-hostname.sh; wait_localhost; set_valid_hostname `hostname`\"\n\n# Wait up to 5min for the node to get a real hostname.\nTimeoutSec=300\n\n[Install]\nWantedBy=multi-user.target\n# Ensure that network-online.target will not complete until the node has a real hostname.\nRequiredBy=network-online.target\n", + "enabled": true, + "name": "node-valid-hostname.service" + }, + { + "contents": "[Unit]\nDescription=Writes IP address configuration so that kubelet and crio services select a valid node IP\nWants=network-online.target\nAfter=network-online.target ignition-firstboot-complete.service\nBefore=kubelet.service crio.service\n\n[Service]\n# Need oneshot to delay kubelet\nType=oneshot\n# Would prefer to do Restart=on-failure instead of this bash retry loop, but\n# the version of systemd we have right now doesn't support it. It should be\n# available in systemd v244 and higher.\nExecStart=/bin/bash -c \" \\\n until \\\n /usr/bin/podman run --rm \\\n --authfile /var/lib/kubelet/config.json \\\n --net=host \\\n --volume /etc/systemd/system:/etc/systemd/system:z \\\n quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:eb85ef6d9b93360145b51ecd6e7b5fdc15239272fbcd439eac3b91f88b992501 \\\n node-ip \\\n set \\\n --retry-on-failure; \\\n do \\\n sleep 5; \\\n done\"\nExecStart=/bin/systemctl daemon-reload\n\n[Install]\nRequiredBy=kubelet.service\n", + "enabled": false, + "name": "nodeip-configuration.service" + }, + { + "enabled": true, + "name": "openvswitch.service" + }, + { + "contents": "[Unit]\nDescription=Configures OVS with proper host networking configuration\n# Removal of this file signals firstboot completion\nConditionPathExists=!/etc/ignition-machine-config-encapsulated.json\n# This service is used to move a physical NIC into OVS and reconfigure OVS to use the host IP\nRequires=openvswitch.service\nWants=NetworkManager-wait-online.service\nAfter=NetworkManager-wait-online.service openvswitch.service network.service\nBefore=network-online.target kubelet.service crio.service node-valid-hostname.service\n\n[Service]\n# Need oneshot to delay kubelet\nType=oneshot\nExecStart=/usr/local/bin/configure-ovs.sh OpenShiftSDN\nStandardOutput=journal+console\nStandardError=journal+console\n\n[Install]\nWantedBy=network-online.target\n", + "enabled": true, + "name": "ovs-configuration.service" + }, + { + "dropins": [ + { + "contents": "[Service]\nRestart=always\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /var/lib/openvswitch'\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /etc/openvswitch'\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /run/openvswitch'\n", + "name": "10-ovs-vswitchd-restart.conf" + } + ], + "name": "ovs-vswitchd.service" + }, + { + "dropins": [ + { + "contents": "[Service]\nRestart=always\n", + "name": "10-ovsdb-restart.conf" + } + ], + "enabled": true, + "name": "ovsdb-server.service" + }, + { + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + } + ], + "name": "pivot.service" + }, + { + "dropins": [ + { + "contents": "# See https://github.com/openshift/machine-config-operator/issues/1897\n[Service]\nNice=10\nIOSchedulingClass=best-effort\nIOSchedulingPriority=6\n", + "name": "mco-controlplane-nice.conf" + } + ], + "name": "rpm-ostreed.service" + }, + { + "dropins": [ + { + "contents": "[Unit]\nConditionPathExists=/enoent\n", + "name": "mco-disabled.conf" + } + ], + "name": "zincati.service" + } + ] + } + }, + "extensions": [], + "fips": false, + "kernelArguments": [], + "kernelType": "default", + "osImageURL": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5649fe979b5ebe2615344d398ee0a841c9ea49d72be9edaf4048ccea5a729c32" + } +} \ No newline at end of file diff --git a/docs/insights-archive-sample/config/machineconfigs/rendered-worker-ce8ef65e999c2c7a5b42944c37ca8a54.json b/docs/insights-archive-sample/config/machineconfigs/rendered-worker-ce8ef65e999c2c7a5b42944c37ca8a54.json new file mode 100644 index 000000000..ec220bdfd --- /dev/null +++ b/docs/insights-archive-sample/config/machineconfigs/rendered-worker-ce8ef65e999c2c7a5b42944c37ca8a54.json @@ -0,0 +1,215 @@ +{ + "apiVersion": "machineconfiguration.openshift.io/v1", + "kind": "MachineConfig", + "metadata": { + "annotations": { + "machineconfiguration.openshift.io/generated-by-controller-version": "c4b7e3f5118d62fc3aaaa1fed5eb9ba0d12792de" + }, + "creationTimestamp": "2021-06-14T09:51:42Z", + "generation": 1, + "managedFields": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:machineconfiguration.openshift.io/generated-by-controller-version": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"d994fe65-089c-4260-9be2-fdfd59e5e609\"}": { + ".": {}, + "f:apiVersion": {}, + "f:blockOwnerDeletion": {}, + "f:controller": {}, + "f:kind": {}, + "f:name": {}, + "f:uid": {} + } + } + }, + "f:spec": { + ".": {}, + "f:config": { + ".": {}, + "f:ignition": { + ".": {}, + "f:version": {} + }, + "f:passwd": { + ".": {}, + "f:users": {} + }, + "f:storage": { + ".": {}, + "f:files": {} + }, + "f:systemd": { + ".": {}, + "f:units": {} + } + }, + "f:extensions": {}, + "f:fips": {}, + "f:kernelArguments": {}, + "f:kernelType": {}, + "f:osImageURL": {} + } + }, + "manager": "machine-config-controller", + "operation": "Update", + "time": "2021-06-14T09:51:42Z" + } + ], + "name": "rendered-worker-ce8ef65e999c2c7a5b42944c37ca8a54", + "ownerReferences": [ + { + "apiVersion": "machineconfiguration.openshift.io/v1", + "blockOwnerDeletion": true, + "controller": true, + "kind": "MachineConfigPool", + "name": "worker", + "uid": "d994fe65-089c-4260-9be2-fdfd59e5e609" + } + ], + "resourceVersion": "7681", + "selfLink": "/apis/machineconfiguration.openshift.io/v1/machineconfigs/rendered-worker-ce8ef65e999c2c7a5b42944c37ca8a54", + "uid": "957c9af4-4f71-4d3c-a975-cea8f142769b" + }, + "spec": { + "config": { + "ignition": { + "version": "3.2.0" + }, + "passwd": { + "users": null + }, + "storage": { + "files": null + }, + "systemd": { + "units": [ + { + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + }, + { + "contents": "[Service]\nEnvironment=\"ENABLE_PROFILE_UNIX_SOCKET=true\"\n", + "name": "10-mco-profile-unix-socket.conf" + }, + { + "contents": "[Service]\nEnvironment=\"GODEBUG=x509ignoreCN=0,madvdontneed=1\"\n", + "name": "10-mco-default-madv.conf" + } + ], + "name": "crio.service" + }, + { + "dropins": [ + { + "contents": "[Unit]\nConditionPathExists=/enoent\n", + "name": "mco-disabled.conf" + } + ], + "name": "docker.socket" + }, + { + "contents": "[Unit]\nDescription=Kubernetes Kubelet\nWants=rpc-statd.service network-online.target crio.service\nAfter=network-online.target crio.service\nAfter=ostree-finalize-staged.service\n\n[Service]\nType=notify\nExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests\nExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state\nEnvironmentFile=/etc/os-release\nEnvironmentFile=-/etc/kubernetes/kubelet-workaround\nEnvironmentFile=-/etc/kubernetes/kubelet-env\n\nExecStart=/usr/bin/hyperkube \\\n kubelet \\\n --config=/etc/kubernetes/kubelet.conf \\\n --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --container-runtime=remote \\\n --container-runtime-endpoint=/var/run/crio/crio.sock \\\n --runtime-cgroups=/system.slice/crio.service \\\n --node-labels=node-role.kubernetes.io/worker,node.openshift.io/os_id=${ID} \\\n --node-ip=${KUBELET_NODE_IP} \\\n --minimum-container-ttl-duration=6m0s \\\n --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \\\n --cloud-provider=aws \\\n \\\n --pod-infra-container-image=quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fae531c9a94b12f41c6fcaaecd99e6b40de3e550d1ce86ed110ffd71ccff128d \\\n --v=${KUBELET_LOG_LEVEL}\n\nRestart=always\nRestartSec=10\n\n[Install]\nWantedBy=multi-user.target\n", + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + }, + { + "contents": "[Service]\nEnvironment=\"GODEBUG=x509ignoreCN=0,madvdontneed=1\"\n", + "name": "10-mco-default-madv.conf" + } + ], + "enabled": true, + "name": "kubelet.service" + }, + { + "contents": "[Unit]\nDescription=Machine Config Daemon Firstboot\n# Make sure it runs only on OSTree booted system\nConditionPathExists=/run/ostree-booted\n# Removal of this file signals firstboot completion\nConditionPathExists=/etc/ignition-machine-config-encapsulated.json\nAfter=machine-config-daemon-pull.service\nBefore=crio.service crio-wipe.service\nBefore=kubelet.service\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\n# Disable existing repos (if any) so that OS extensions would use embedded RPMs only\nExecStartPre=-/usr/bin/sh -c \"sed -i 's/enabled=1/enabled=0/' /etc/yum.repos.d/*.repo\"\nExecStart=/run/bin/machine-config-daemon firstboot-complete-machineconfig\n[Install]\nWantedBy=multi-user.target\nRequiredBy=crio.service kubelet.service\n", + "enabled": true, + "name": "machine-config-daemon-firstboot.service" + }, + { + "contents": "[Unit]\nDescription=Machine Config Daemon Pull\n# Make sure it runs only on OSTree booted system\nConditionPathExists=/run/ostree-booted\n# This \"stamp file\" is unlinked when we complete\n# machine-config-daemon-firstboot.service\nConditionPathExists=/etc/ignition-machine-config-encapsulated.json\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\n# See https://github.com/coreos/fedora-coreos-tracker/issues/354\nExecStart=/bin/sh -c '/bin/mkdir -p /run/bin \u0026\u0026 chcon --reference=/usr/bin /run/bin'\nExecStart=/bin/sh -c \"while ! /usr/bin/podman pull --authfile=/var/lib/kubelet/config.json --quiet 'quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4780d931f9287b49fc1125caaa75d6cb92f722b6cc02dc6e562319942a5165a1'; do sleep 1; done\"\nExecStart=/bin/sh -c \"/usr/bin/podman run --rm --quiet --net=host --entrypoint=cat 'quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4780d931f9287b49fc1125caaa75d6cb92f722b6cc02dc6e562319942a5165a1' /usr/bin/machine-config-daemon \u003e /run/bin/machine-config-daemon.tmp\"\nExecStart=/bin/sh -c '/usr/bin/chmod a+x /run/bin/machine-config-daemon.tmp \u0026\u0026 mv /run/bin/machine-config-daemon.tmp /run/bin/machine-config-daemon'\n[Install]\nRequiredBy=machine-config-daemon-firstboot.service\n", + "enabled": true, + "name": "machine-config-daemon-pull.service" + }, + { + "contents": "[Unit]\nBefore=NetworkManager.service\nAfter=systemd-tmpfiles-setup.service\n[Mount]\nWhere=/etc/NetworkManager/system-connections-merged\nWhat=overlay\nType=overlay\nOptions=lowerdir=/etc/NetworkManager/system-connections,upperdir=/run/nm-system-connections,workdir=/run/nm-system-connections-work\n[Install]\nWantedBy=multi-user.target\n", + "enabled": true, + "name": "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount" + }, + { + "contents": "[Unit]\nDescription=Ensure the node hostname is valid for the cluster\nBefore=network-online.target\n\n[Service]\nType=oneshot\nRemainAfterExit=yes\nUser=root\n\n# SystemD prevents direct execution of the script in /usr/local/sbin,\n# so it is sourced. See the script for functionality.\nExecStart=/bin/bash -c \"source /usr/local/sbin/set-valid-hostname.sh; wait_localhost; set_valid_hostname `hostname`\"\n\n# Wait up to 5min for the node to get a real hostname.\nTimeoutSec=300\n\n[Install]\nWantedBy=multi-user.target\n# Ensure that network-online.target will not complete until the node has a real hostname.\nRequiredBy=network-online.target\n", + "enabled": true, + "name": "node-valid-hostname.service" + }, + { + "contents": "[Unit]\nDescription=Writes IP address configuration so that kubelet and crio services select a valid node IP\nWants=network-online.target\nAfter=network-online.target ignition-firstboot-complete.service\nBefore=kubelet.service crio.service\n\n[Service]\n# Need oneshot to delay kubelet\nType=oneshot\n# Would prefer to do Restart=on-failure instead of this bash retry loop, but\n# the version of systemd we have right now doesn't support it. It should be\n# available in systemd v244 and higher.\nExecStart=/bin/bash -c \" \\\n until \\\n /usr/bin/podman run --rm \\\n --authfile /var/lib/kubelet/config.json \\\n --net=host \\\n --volume /etc/systemd/system:/etc/systemd/system:z \\\n quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:eb85ef6d9b93360145b51ecd6e7b5fdc15239272fbcd439eac3b91f88b992501 \\\n node-ip \\\n set \\\n --retry-on-failure; \\\n do \\\n sleep 5; \\\n done\"\nExecStart=/bin/systemctl daemon-reload\n\n[Install]\nRequiredBy=kubelet.service\n", + "enabled": false, + "name": "nodeip-configuration.service" + }, + { + "enabled": true, + "name": "openvswitch.service" + }, + { + "contents": "[Unit]\nDescription=Configures OVS with proper host networking configuration\n# Removal of this file signals firstboot completion\nConditionPathExists=!/etc/ignition-machine-config-encapsulated.json\n# This service is used to move a physical NIC into OVS and reconfigure OVS to use the host IP\nRequires=openvswitch.service\nWants=NetworkManager-wait-online.service\nAfter=NetworkManager-wait-online.service openvswitch.service network.service\nBefore=network-online.target kubelet.service crio.service node-valid-hostname.service\n\n[Service]\n# Need oneshot to delay kubelet\nType=oneshot\nExecStart=/usr/local/bin/configure-ovs.sh OpenShiftSDN\nStandardOutput=journal+console\nStandardError=journal+console\n\n[Install]\nWantedBy=network-online.target\n", + "enabled": true, + "name": "ovs-configuration.service" + }, + { + "dropins": [ + { + "contents": "[Service]\nRestart=always\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /var/lib/openvswitch'\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /etc/openvswitch'\nExecStartPre=-/bin/sh -c '/usr/bin/chown -R :$${OVS_USER_ID##*:} /run/openvswitch'\n", + "name": "10-ovs-vswitchd-restart.conf" + } + ], + "name": "ovs-vswitchd.service" + }, + { + "dropins": [ + { + "contents": "[Service]\nRestart=always\n", + "name": "10-ovsdb-restart.conf" + } + ], + "enabled": true, + "name": "ovsdb-server.service" + }, + { + "dropins": [ + { + "contents": "", + "name": "10-mco-default-env.conf" + } + ], + "name": "pivot.service" + }, + { + "dropins": [ + { + "contents": "[Unit]\nConditionPathExists=/enoent\n", + "name": "mco-disabled.conf" + } + ], + "name": "zincati.service" + } + ] + } + }, + "extensions": [], + "fips": false, + "kernelArguments": [], + "kernelType": "default", + "osImageURL": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5649fe979b5ebe2615344d398ee0a841c9ea49d72be9edaf4048ccea5a729c32" + } +} \ No newline at end of file diff --git a/manifests/03-clusterrole.yaml b/manifests/03-clusterrole.yaml index 3fcf79af9..9ee1b73bc 100644 --- a/manifests/03-clusterrole.yaml +++ b/manifests/03-clusterrole.yaml @@ -196,6 +196,14 @@ rules: - get - list - watch +- apiGroups: + - machineconfiguration.openshift.io + resources: + - machineconfigs + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 diff --git a/pkg/gatherers/clusterconfig/clusterconfig_gatherer.go b/pkg/gatherers/clusterconfig/clusterconfig_gatherer.go index 2407af73c..ab4ac2c11 100644 --- a/pkg/gatherers/clusterconfig/clusterconfig_gatherer.go +++ b/pkg/gatherers/clusterconfig/clusterconfig_gatherer.go @@ -67,6 +67,7 @@ var gatheringFunctions = map[string]gatheringFunction{ "crds": importantFunc((*Gatherer).GatherCRD), "host_subnets": importantFunc((*Gatherer).GatherHostSubnet), "machine_sets": importantFunc((*Gatherer).GatherMachineSet), + "machine_configs": failableFunc((*Gatherer).GatherMachineConfigs), "machine_healthchecks": importantFunc((*Gatherer).GatherMachineHealthCheck), "install_plans": importantFunc((*Gatherer).GatherInstallPlans), "service_accounts": importantFunc((*Gatherer).GatherServiceAccounts), diff --git a/pkg/gatherers/clusterconfig/machine_configs.go b/pkg/gatherers/clusterconfig/machine_configs.go new file mode 100644 index 000000000..c5c85c2dd --- /dev/null +++ b/pkg/gatherers/clusterconfig/machine_configs.go @@ -0,0 +1,67 @@ +package clusterconfig + +import ( + "context" + "fmt" + + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/client-go/dynamic" + "k8s.io/klog/v2" + + "github.com/openshift/insights-operator/pkg/record" +) + +// GatherMachineConfigs collects MachineConfigs definitions. Following data is intentionally removed from the definitions: +// * `spec.config.storage.files` +// * `spec.config.passwd.users` +// +// Response see https://docs.openshift.com/container-platform/4.7/rest_api/machine_apis/machineconfig-machineconfiguration-openshift-io-v1.html +// +// * Location in archive: config/machineconfigs/.json +// * Id in config: machine_configs +// * Since versions: +// * 4.9+ +func (g *Gatherer) GatherMachineConfigs(ctx context.Context) ([]record.Record, []error) { + gatherDynamicClient, err := dynamic.NewForConfig(g.gatherKubeConfig) + if err != nil { + return nil, []error{err} + } + + return gatherMachineConfigs(ctx, gatherDynamicClient) +} + +func gatherMachineConfigs(ctx context.Context, dynamicClient dynamic.Interface) ([]record.Record, []error) { + mcList, err := dynamicClient.Resource(machineConfigGroupVersionResource).List(ctx, metav1.ListOptions{}) + if errors.IsNotFound(err) { + return nil, nil + } + if err != nil { + return nil, []error{err} + } + records := []record.Record{} + var errs []error + for i := range mcList.Items { + mc := mcList.Items[i] + // remove the sensitive content by overwriting the values + err := unstructured.SetNestedField(mc.Object, nil, "spec", "config", "storage", "files") + if err != nil { + klog.Errorf("unable to set nested field: %v", err) + errs = append(errs, err) + } + err = unstructured.SetNestedField(mc.Object, nil, "spec", "config", "passwd", "users") + if err != nil { + klog.Errorf("unable to set nested field: %v", err) + errs = append(errs, err) + } + records = append(records, record.Record{ + Name: fmt.Sprintf("config/machineconfigs/%s", mc.GetName()), + Item: record.JSONMarshaller{Object: mc.Object}, + }) + } + if len(errs) > 0 { + return records, errs + } + return records, nil +} diff --git a/pkg/gatherers/clusterconfig/sap_machine_configs_test.go b/pkg/gatherers/clusterconfig/machine_configs_test.go similarity index 89% rename from pkg/gatherers/clusterconfig/sap_machine_configs_test.go rename to pkg/gatherers/clusterconfig/machine_configs_test.go index 570c98d99..77e9bc3c8 100644 --- a/pkg/gatherers/clusterconfig/sap_machine_configs_test.go +++ b/pkg/gatherers/clusterconfig/machine_configs_test.go @@ -32,7 +32,7 @@ func Test_SAPMachineConfigs(t *testing.T) { machineConfigGroupVersionResource: "MachineConfigsList", }) - records, errs := gatherSAPMachineConfigs(context.Background(), machineConfigClient) + records, errs := gatherMachineConfigs(context.Background(), machineConfigClient) if len(errs) > 0 { t.Fatalf("unexpected errors: %#v", errs) } @@ -49,7 +49,7 @@ metadata: ` createMockConfigMachine(t, machineConfigClient, machineConfigYAML1) - records, errs = gatherSAPMachineConfigs(context.Background(), machineConfigClient) + records, errs = gatherMachineConfigs(context.Background(), machineConfigClient) if len(errs) > 0 { t.Fatalf("unexpected errors: %#v", errs) } @@ -66,7 +66,7 @@ metadata: ` createMockConfigMachine(t, machineConfigClient, machineConfigYAML2) - records, errs = gatherSAPMachineConfigs(context.Background(), machineConfigClient) + records, errs = gatherMachineConfigs(context.Background(), machineConfigClient) if len(errs) > 0 { t.Fatalf("unexpected errors: %#v", errs) } @@ -86,7 +86,7 @@ metadata: ` createMockConfigMachine(t, machineConfigClient, machineConfigYAML3) - records, errs = gatherSAPMachineConfigs(context.Background(), machineConfigClient) + records, errs = gatherMachineConfigs(context.Background(), machineConfigClient) if len(errs) > 0 { t.Fatalf("unexpected errors: %#v", errs) } @@ -105,7 +105,7 @@ metadata: ` createMockConfigMachine(t, machineConfigClient, machineConfigYAML4) - records, errs = gatherSAPMachineConfigs(context.Background(), machineConfigClient) + records, errs = gatherMachineConfigs(context.Background(), machineConfigClient) if len(errs) > 0 { t.Fatalf("unexpected errors: %#v", errs) } diff --git a/pkg/gatherers/clusterconfig/sap_machine_configs.go b/pkg/gatherers/clusterconfig/sap_machine_configs.go deleted file mode 100644 index 2ba4c13fb..000000000 --- a/pkg/gatherers/clusterconfig/sap_machine_configs.go +++ /dev/null @@ -1,84 +0,0 @@ -package clusterconfig - -import ( - "context" - "fmt" - - "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "k8s.io/client-go/dynamic" - - "github.com/openshift/insights-operator/pkg/record" -) - -var ( - sapMachineConfigNameList = map[string]struct{}{ - "75-worker-sap-data-intelligence": {}, - "75-master-sap-data-intelligence": {}, - } -) - -// GatherSAPMachineConfigs collects a subset of MachineConfigs related to SDI by applying a set of filtering rules. -// -// Gathered MachineConfigs at the time of implementation of the gatherer: -// * `75-worker-sap-data-intelligence` -// * `75-master-sap-data-intelligence` -// * `99-sdi-generated-containerruntime` -// -// Response see https://docs.openshift.com/container-platform/4.7/rest_api/machine_apis/machineconfig-machineconfiguration-openshift-io-v1.html -// -// * Location in archive: config/machineconfigs/.json -// * Id in config: sap_machine_configs -// * Since versions: -// * 4.8+ -func (g *Gatherer) GatherSAPMachineConfigs(ctx context.Context) ([]record.Record, []error) { - gatherDynamicClient, err := dynamic.NewForConfig(g.gatherKubeConfig) - if err != nil { - return nil, []error{err} - } - - return gatherSAPMachineConfigs(ctx, gatherDynamicClient) -} - -func isSAPMachineConfig(mc unstructured.Unstructured) bool { - if _, exists := sapMachineConfigNameList[mc.GetName()]; exists { - return true - } - - for labelName, labelValue := range mc.GetLabels() { - if labelName == "workload" && labelValue == "sap-data-intelligence" { - return true - } - } - - for _, ownerRef := range mc.GetOwnerReferences() { - if ownerRef.Kind == "ContainerRuntimeConfig" && ownerRef.Name == "sdi-pids-limit" { - return true - } - } - - return false -} - -func gatherSAPMachineConfigs(ctx context.Context, dynamicClient dynamic.Interface) ([]record.Record, []error) { - mcList, err := dynamicClient.Resource(machineConfigGroupVersionResource).List(ctx, metav1.ListOptions{}) - if errors.IsNotFound(err) { - return nil, nil - } - if err != nil { - return nil, []error{err} - } - - records := []record.Record{} - for _, mc := range mcList.Items { - if isSAPMachineConfig(mc) { - records = append(records, record.Record{ - Name: fmt.Sprintf("config/machineconfigs/%s", mc.GetName()), - Item: record.JSONMarshaller{Object: mc.Object}, - }) - } - } - - return records, nil -} From 9445298bd43d700327e303620f338afb5c09b147 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Reme=C5=A1?= Date: Wed, 16 Jun 2021 15:58:41 +0200 Subject: [PATCH 2/2] Rename the test function --- pkg/gatherers/clusterconfig/machine_configs_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/gatherers/clusterconfig/machine_configs_test.go b/pkg/gatherers/clusterconfig/machine_configs_test.go index 77e9bc3c8..ed4059487 100644 --- a/pkg/gatherers/clusterconfig/machine_configs_test.go +++ b/pkg/gatherers/clusterconfig/machine_configs_test.go @@ -26,7 +26,7 @@ func createMockConfigMachine(t *testing.T, c dynamic.Interface, data string) { Create(context.Background(), testMachineConfig, metav1.CreateOptions{}) } -func Test_SAPMachineConfigs(t *testing.T) { +func Test_MachineConfigs(t *testing.T) { // Initialize the fake dynamic client. machineConfigClient := dynamicfake.NewSimpleDynamicClientWithCustomListKinds(runtime.NewScheme(), map[schema.GroupVersionResource]string{ machineConfigGroupVersionResource: "MachineConfigsList",