From 256cb9c7b4ba0df5fee13d31105734a6b642beab Mon Sep 17 00:00:00 2001
From: Zane Bitter <zbitter@redhat.com>
Date: Mon, 30 Nov 2020 20:50:55 -0500
Subject: [PATCH] Set IPA URLs using API VIP

Store the IPA kernel and initrd in the image cache, pass the URLs for
them to the baremetal-operator that resolve to the API VIP. This ensures
that ironic can fetch these files whether or not there is a provisioning
VIP.
---
 provisioning/baremetal_config.go      | 22 ++++++++--------------
 provisioning/baremetal_config_test.go |  8 ++++----
 provisioning/baremetal_pod.go         |  1 +
 provisioning/image_cache.go           |  1 +
 4 files changed, 14 insertions(+), 18 deletions(-)

diff --git a/provisioning/baremetal_config.go b/provisioning/baremetal_config.go
index 81245c8dd2d..13b23474560 100644
--- a/provisioning/baremetal_config.go
+++ b/provisioning/baremetal_config.go
@@ -142,20 +142,14 @@ func getProvisioningIPCIDR(config *metal3iov1alpha1.ProvisioningSpec) *string {
 	return nil
 }
 
-func getDeployKernelUrl(config *metal3iov1alpha1.ProvisioningSpec) *string {
-	if config.ProvisioningIP != "" {
-		deployKernelUrl := fmt.Sprintf("http://%s/%s", net.JoinHostPort(config.ProvisioningIP, baremetalHttpPort), baremetalKernelUrlSubPath)
-		return &deployKernelUrl
-	}
-	return nil
+func getDeployKernelUrl() *string {
+	deployKernelUrl := fmt.Sprintf("http://localhost:%d/%s", imageCachePort, baremetalKernelUrlSubPath)
+	return &deployKernelUrl
 }
 
-func getDeployRamdiskUrl(config *metal3iov1alpha1.ProvisioningSpec) *string {
-	if config.ProvisioningIP != "" {
-		deployRamdiskUrl := fmt.Sprintf("http://%s/%s", net.JoinHostPort(config.ProvisioningIP, baremetalHttpPort), baremetalRamdiskUrlSubPath)
-		return &deployRamdiskUrl
-	}
-	return nil
+func getDeployRamdiskUrl() *string {
+	deployRamdiskUrl := fmt.Sprintf("http://localhost:%d/%s", imageCachePort, baremetalRamdiskUrlSubPath)
+	return &deployRamdiskUrl
 }
 
 func getIronicEndpoint() *string {
@@ -182,9 +176,9 @@ func getMetal3DeploymentConfig(name string, baremetalConfig *metal3iov1alpha1.Pr
 	case provisioningInterface:
 		return &baremetalConfig.ProvisioningInterface
 	case deployKernelUrl:
-		return getDeployKernelUrl(baremetalConfig)
+		return getDeployKernelUrl()
 	case deployRamdiskUrl:
-		return getDeployRamdiskUrl(baremetalConfig)
+		return getDeployRamdiskUrl()
 	case ironicEndpoint:
 		return getIronicEndpoint()
 	case ironicInspectorEndpoint:
diff --git a/provisioning/baremetal_config_test.go b/provisioning/baremetal_config_test.go
index 9b6821900bf..b9132460f93 100644
--- a/provisioning/baremetal_config_test.go
+++ b/provisioning/baremetal_config_test.go
@@ -236,25 +236,25 @@ func TestGetMetal3DeploymentConfig(t *testing.T) {
 			name:          "Unmanaged DeployKernelUrl",
 			configName:    deployKernelUrl,
 			spec:          unmanagedProvisioning().build(),
-			expectedValue: "http://172.30.20.3:6180/images/ironic-python-agent.kernel",
+			expectedValue: "http://localhost:6181/images/ironic-python-agent.kernel",
 		},
 		{
 			name:          "Disabled DeployKernelUrl",
 			configName:    deployKernelUrl,
 			spec:          disabledProvisioning().build(),
-			expectedValue: "http://172.30.20.3:6180/images/ironic-python-agent.kernel",
+			expectedValue: "http://localhost:6181/images/ironic-python-agent.kernel",
 		},
 		{
 			name:          "Unmanaged DeployRamdiskUrl",
 			configName:    deployRamdiskUrl,
 			spec:          unmanagedProvisioning().build(),
-			expectedValue: "http://172.30.20.3:6180/images/ironic-python-agent.initramfs",
+			expectedValue: "http://localhost:6181/images/ironic-python-agent.initramfs",
 		},
 		{
 			name:          "Disabled DeployRamdiskUrl",
 			configName:    deployRamdiskUrl,
 			spec:          disabledProvisioning().build(),
-			expectedValue: "http://172.30.20.3:6180/images/ironic-python-agent.initramfs",
+			expectedValue: "http://localhost:6181/images/ironic-python-agent.initramfs",
 		},
 		{
 			name:          "Disabled IronicEndpoint",
diff --git a/provisioning/baremetal_pod.go b/provisioning/baremetal_pod.go
index 0ab8da7b3af..ecbf518b4e5 100644
--- a/provisioning/baremetal_pod.go
+++ b/provisioning/baremetal_pod.go
@@ -556,6 +556,7 @@ func newMetal3PodTemplateSpec(images *Images, config *metal3iov1alpha1.Provision
 			InitContainers:    initContainers,
 			Containers:        containers,
 			HostNetwork:       true,
+			DNSPolicy:         corev1.DNSClusterFirstWithHostNet,
 			PriorityClassName: "system-node-critical",
 			NodeSelector:      map[string]string{"node-role.kubernetes.io/master": ""},
 			SecurityContext: &corev1.PodSecurityContext{
diff --git a/provisioning/image_cache.go b/provisioning/image_cache.go
index 212093848c1..9cb64b1bf50 100644
--- a/provisioning/image_cache.go
+++ b/provisioning/image_cache.go
@@ -156,6 +156,7 @@ func newImageCachePodTemplateSpec(targetNamespace string, images *Images, provis
 			},
 			InitContainers: []corev1.Container{
 				createInitContainerMachineOsDownloader(images, cacheConfig),
+				createInitContainerIpaDownloader(images),
 			},
 			Containers: []corev1.Container{
 				createContainerImageCache(images),