Add shared vpc CI job for installer repo and informing periodics

* `==` vs `=~` the regex match allows the cluster_variant to be a mix like `compact,shared-vpc` * Azure vritual network (an other resources) need to be in the same location as the various cluster resources like virtual machines, load balancers etc. So, The job picks the right resources based on the regions picked. The resources were created using the work-in-progress UPI Azure docs with some modifications [4]. * AWS needs to picks set of subnets from 4 groups because of the limitation on the number of tags on the each resource [1] The max tags allowed per resource is 50, and since we need atleast one tag (kubernetes.io/cluster/<>: shared) on each subnet, and also internal-lb on some subnets, 25% load sharing on 4 sets allows ~200, but since these subnets were created by CloudFormation, there are already 3 tags on each subnet, so its definitely not 200. There is no regions switch on AWS currently, therefore there was no need to crate subnets per region, but whenever that happends we might have to add those. The resources where created using the AWS CF templates for creating VPC [3] ``` aws cloudformation create-stack --stack-policy-body --stack-name do-not-delete-shared-vpc-1 --template-body "$(cat upi/aws/cloudformation/01_vpc.yaml)" --parameters ParameterKey=AvailabilityZoneCount,ParameterValue=3 ``` * GCP has one set of network resources There is no regions switch on GCP currently, therefore there was no need to crate subnets per region, but whenever that happends we might have to add those. The resources where created using the GCP UPI template for creating a VPC [2] ``` gcloud --project openshift-gce-devel-ci deployment-manager deployments create do-no-delete-shared-vpc --config 01_vpc.yaml ``` [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-restrictions [2]: https://github.com/openshift/installer/blob/release-4.3/upi/gcp/01_vpc.py [3]: https://github.com/openshift/installer/blob/release-4.3/upi/aws/cloudformation/01_vpc.yaml [4]: https://github.com/glennswest/ocpupi4azure
wking · Oct 29, 2019 · 424a04a · 424a04a
1 parent 1810823
commit 424a04a
Show file tree

Hide file tree

Showing 4 changed files with 572 additions and 5 deletions.
diff --git a/ci-operator/jobs/openshift/installer/openshift-installer-master-presubmits.yaml b/ci-operator/jobs/openshift/installer/openshift-installer-master-presubmits.yaml
@@ -485,6 +485,77 @@ presubmits:
         secret:
           secretName: sentry-dsn
     trigger: (?m)^/test( | .* )e2e-aws-scaleup-rhel7,?($|\s.*)
+  - agent: kubernetes
+    always_run: false
+    branches:
+    - master
+    context: ci/prow/e2e-aws-shared-vpc
+    decorate: true
+    decoration_config:
+      skip_cloning: true
+    labels:
+      pj-rehearse.openshift.io/can-be-rehearsed: "true"
+    name: pull-ci-openshift-installer-master-e2e-aws-shared-vpc
+    optional: true
+    rerun_command: /test e2e-aws-shared-vpc
+    spec:
+      containers:
+      - args:
+        - --artifact-dir=$(ARTIFACTS)
+        - --branch=master
+        - --give-pr-author-access-to-namespace=true
+        - --org=openshift
+        - --repo=installer
+        - --resolver-address=http://ci-operator-configresolver
+        - --secret-dir=/usr/local/e2e-aws-shared-vpc-cluster-profile
+        - --sentry-dsn-path=/etc/sentry-dsn/ci-operator
+        - --target=e2e-aws-shared-vpc
+        - --template=/usr/local/e2e-aws-shared-vpc
+        command:
+        - ci-operator
+        env:
+        - name: CLUSTER_TYPE
+          value: aws
+        - name: CLUSTER_VARIANT
+          value: shared-vpc
+        - name: CONFIG_SPEC
+          valueFrom:
+            configMapKeyRef:
+              key: openshift-installer-master.yaml
+              name: ci-operator-master-configs
+        - name: JOB_NAME_SAFE
+          value: e2e-aws-shared-vpc
+        - name: TEST_COMMAND
+          value: TEST_SUITE=openshift/conformance/parallel run-tests
+        image: ci-operator:latest
+        imagePullPolicy: Always
+        name: ""
+        resources:
+          requests:
+            cpu: 10m
+        volumeMounts:
+        - mountPath: /usr/local/e2e-aws-shared-vpc-cluster-profile
+          name: cluster-profile
+        - mountPath: /usr/local/e2e-aws-shared-vpc
+          name: job-definition
+          subPath: cluster-launch-installer-e2e.yaml
+        - mountPath: /etc/sentry-dsn
+          name: sentry-dsn
+          readOnly: true
+      serviceAccountName: ci-operator
+      volumes:
+      - name: cluster-profile
+        projected:
+          sources:
+          - secret:
+              name: cluster-secrets-aws
+      - configMap:
+          name: prow-job-cluster-launch-installer-e2e
+        name: job-definition
+      - name: sentry-dsn
+        secret:
+          secretName: sentry-dsn
+    trigger: (?m)^/test( | .* )e2e-aws-shared-vpc,?($|\s.*)
   - agent: kubernetes
     always_run: true
     branches:
@@ -681,6 +752,77 @@ presubmits:
         secret:
           secretName: sentry-dsn
     trigger: (?m)^/test( | .* )e2e-azure,?($|\s.*)
+  - agent: kubernetes
+    always_run: false
+    branches:
+    - master
+    context: ci/prow/e2e-azure-shared-vpc
+    decorate: true
+    decoration_config:
+      skip_cloning: true
+    labels:
+      pj-rehearse.openshift.io/can-be-rehearsed: "true"
+    name: pull-ci-openshift-installer-master-e2e-azure-shared-vpc
+    optional: true
+    rerun_command: /test e2e-azure-shared-vpc
+    spec:
+      containers:
+      - args:
+        - --artifact-dir=$(ARTIFACTS)
+        - --branch=master
+        - --give-pr-author-access-to-namespace=true
+        - --org=openshift
+        - --repo=installer
+        - --resolver-address=http://ci-operator-configresolver
+        - --secret-dir=/usr/local/e2e-azure-shared-vpc-cluster-profile
+        - --sentry-dsn-path=/etc/sentry-dsn/ci-operator
+        - --target=e2e-azure-shared-vpc
+        - --template=/usr/local/e2e-azure-shared-vpc
+        command:
+        - ci-operator
+        env:
+        - name: CLUSTER_TYPE
+          value: azure4
+        - name: CLUSTER_VARIANT
+          value: shared-vpc
+        - name: CONFIG_SPEC
+          valueFrom:
+            configMapKeyRef:
+              key: openshift-installer-master.yaml
+              name: ci-operator-master-configs
+        - name: JOB_NAME_SAFE
+          value: e2e-azure-shared-vpc
+        - name: TEST_COMMAND
+          value: TEST_SUITE=openshift/conformance/parallel run-tests
+        image: ci-operator:latest
+        imagePullPolicy: Always
+        name: ""
+        resources:
+          requests:
+            cpu: 10m
+        volumeMounts:
+        - mountPath: /usr/local/e2e-azure-shared-vpc-cluster-profile
+          name: cluster-profile
+        - mountPath: /usr/local/e2e-azure-shared-vpc
+          name: job-definition
+          subPath: cluster-launch-installer-e2e.yaml
+        - mountPath: /etc/sentry-dsn
+          name: sentry-dsn
+          readOnly: true
+      serviceAccountName: ci-operator
+      volumes:
+      - name: cluster-profile
+        projected:
+          sources:
+          - secret:
+              name: cluster-secrets-azure4
+      - configMap:
+          name: prow-job-cluster-launch-installer-e2e
+        name: job-definition
+      - name: sentry-dsn
+        secret:
+          secretName: sentry-dsn
+    trigger: (?m)^/test( | .* )e2e-azure-shared-vpc,?($|\s.*)
   - agent: kubernetes
     always_run: false
     branches:
@@ -753,6 +895,79 @@ presubmits:
         secret:
           secretName: sentry-dsn
     trigger: (?m)^/test( | .* )e2e-gcp,?($|\s.*)
+  - agent: kubernetes
+    always_run: false
+    branches:
+    - master
+    context: ci/prow/e2e-gcp-shared-vpc
+    decorate: true
+    decoration_config:
+      skip_cloning: true
+    labels:
+      pj-rehearse.openshift.io/can-be-rehearsed: "true"
+    name: pull-ci-openshift-installer-master-e2e-gcp-shared-vpc
+    optional: true
+    rerun_command: /test e2e-gcp-shared-vpc
+    spec:
+      containers:
+      - args:
+        - --artifact-dir=$(ARTIFACTS)
+        - --branch=master
+        - --give-pr-author-access-to-namespace=true
+        - --org=openshift
+        - --repo=installer
+        - --resolver-address=http://ci-operator-configresolver
+        - --secret-dir=/usr/local/e2e-gcp-shared-vpc-cluster-profile
+        - --sentry-dsn-path=/etc/sentry-dsn/ci-operator
+        - --target=e2e-gcp-shared-vpc
+        - --template=/usr/local/e2e-gcp-shared-vpc
+        command:
+        - ci-operator
+        env:
+        - name: CLUSTER_TYPE
+          value: gcp
+        - name: CLUSTER_VARIANT
+          value: shared-vpc
+        - name: CONFIG_SPEC
+          valueFrom:
+            configMapKeyRef:
+              key: openshift-installer-master.yaml
+              name: ci-operator-master-configs
+        - name: JOB_NAME_SAFE
+          value: e2e-gcp-shared-vpc
+        - name: TEST_COMMAND
+          value: TEST_SUITE=openshift/conformance/parallel run-tests
+        image: ci-operator:latest
+        imagePullPolicy: Always
+        name: ""
+        resources:
+          requests:
+            cpu: 10m
+        volumeMounts:
+        - mountPath: /usr/local/e2e-gcp-shared-vpc-cluster-profile
+          name: cluster-profile
+        - mountPath: /usr/local/e2e-gcp-shared-vpc
+          name: job-definition
+          subPath: cluster-launch-installer-e2e.yaml
+        - mountPath: /etc/sentry-dsn
+          name: sentry-dsn
+          readOnly: true
+      serviceAccountName: ci-operator
+      volumes:
+      - name: cluster-profile
+        projected:
+          sources:
+          - secret:
+              name: cluster-secrets-gcp
+          - configMap:
+              name: cluster-profile-gcp
+      - configMap:
+          name: prow-job-cluster-launch-installer-e2e
+        name: job-definition
+      - name: sentry-dsn
+        secret:
+          secretName: sentry-dsn
+    trigger: (?m)^/test( | .* )e2e-gcp-shared-vpc,?($|\s.*)
   - agent: kubernetes
     always_run: false
     branches: