From a73939081f8dd19143ac11e6c42d01df0afb7b76 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 18 Jun 2024 22:57:10 +0530 Subject: [PATCH 01/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium.sh | 2 +- azure/azurefiles/azurefiles-premium_aro.sh | 4 +- azure/azurefiles/crd-csi-snapshot.yaml | 1355 ++++++++++------- .../azurefiles/csi-azurefile-controller.yaml | 74 +- azure/azurefiles/csi-azurefile-driver.yaml | 6 +- .../csi-azurefile-node-windows.yaml | 20 +- azure/azurefiles/csi-azurefile-node.yaml | 20 +- azure/azurefiles/csi-snapshot-controller.yaml | 21 +- azure/azurefiles/managed-premium.yaml | 2 +- .../rbac-csi-azurefile-controller.yaml | 6 +- azure/azurefiles/rbac-csi-azurefile-node.yaml | 4 +- .../rbac-csi-snapshot-controller.yaml | 2 +- azure/deploy.sh | 34 +- init.sh | 8 +- 14 files changed, 882 insertions(+), 676 deletions(-) diff --git a/azure/azurefiles/azurefiles-premium.sh b/azure/azurefiles/azurefiles-premium.sh index 738d49a4..e0d026b7 100755 --- a/azure/azurefiles/azurefiles-premium.sh +++ b/azure/azurefiles/azurefiles-premium.sh @@ -20,7 +20,7 @@ oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:csi-a #Install CSI Driver oc create configmap azure-cred-file --from-literal=path="/etc/kubernetes/cloud.conf" -n kube-system -export driver_version=v1.12.0 +export driver_version=v1.30.2 echo "Driver version " $driver_version ./install-driver.sh $driver_version oc patch storageclass managed-csi -p '{"metadata": {"annotations": {"storageclass.kubernetes.io/is-default-class": "false"}}}' diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index 113bd251..3b20f80d 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -92,8 +92,8 @@ parameters: storageAccount: $AZURE_STORAGE_ACCOUNT_NAME reclaimPolicy: Delete mountOptions: - - dir_mode=0600 - - file_mode=0600 + - dir_mode=0640 + - file_mode=0640 - uid=0 - gid=0 - mfsymlinks diff --git a/azure/azurefiles/crd-csi-snapshot.yaml b/azure/azurefiles/crd-csi-snapshot.yaml index 18d97e6b..29e76d16 100755 --- a/azure/azurefiles/crd-csi-snapshot.yaml +++ b/azure/azurefiles/crd-csi-snapshot.yaml @@ -3,8 +3,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + controller-gen.kubebuilder.io/version: v0.8.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/665" creationTimestamp: null name: volumesnapshots.snapshot.storage.k8s.io spec: @@ -14,230 +14,305 @@ spec: listKind: VolumeSnapshotList plural: volumesnapshots shortNames: - - vs + - vs singular: volumesnapshot scope: Namespaced versions: - - additionalPrinterColumns: - - description: Indicates if the snapshot is ready to be used to restore a volume. - jsonPath: .status.readyToUse - name: ReadyToUse - type: boolean - - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. - jsonPath: .spec.source.persistentVolumeClaimName - name: SourcePVC - type: string - - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. - jsonPath: .spec.source.volumeSnapshotContentName - name: SourceSnapshotContent - type: string - - description: Represents the minimum size of volume required to rehydrate from this snapshot. - jsonPath: .status.restoreSize - name: RestoreSize - type: string - - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. - jsonPath: .spec.volumeSnapshotClassName - name: SnapshotClass - type: string - - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. - jsonPath: .status.boundVolumeSnapshotContentName - name: SnapshotContent - type: string - - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. - jsonPath: .status.creationTime - name: CreationTime - type: date - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' - properties: - source: - description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. - properties: - persistentVolumeClaimName: - description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. - type: string - volumeSnapshotContentName: - description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. - type: string - type: object - oneOf: - - required: ["persistentVolumeClaimName"] - - required: ["volumeSnapshotContentName"] - volumeSnapshotClassName: - description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' - type: string - required: - - source - type: object - status: - description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. - properties: - boundVolumeSnapshotContentName: - description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' - type: string - creationTime: - description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. - format: date-time - type: string - error: - description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurrs during the snapshot creation. Upon success, this error field will be cleared. - properties: - message: - description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' - type: string - time: - description: time is the timestamp when the error was encountered. - format: date-time - type: string - type: object - readyToUse: - description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. - type: boolean - restoreSize: - type: string - description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - description: Indicates if the snapshot is ready to be used to restore a volume. - jsonPath: .status.readyToUse - name: ReadyToUse - type: boolean - - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. - jsonPath: .spec.source.persistentVolumeClaimName - name: SourcePVC - type: string - - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. - jsonPath: .spec.source.volumeSnapshotContentName - name: SourceSnapshotContent - type: string - - description: Represents the minimum size of volume required to rehydrate from this snapshot. - jsonPath: .status.restoreSize - name: RestoreSize - type: string - - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. - jsonPath: .spec.volumeSnapshotClassName - name: SnapshotClass - type: string - - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. - jsonPath: .status.boundVolumeSnapshotContentName - name: SnapshotContent - type: string - - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. - jsonPath: .status.creationTime - name: CreationTime - type: date - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - # This indicates the v1beta1 version of the custom resource is deprecated. - # API requests to this version receive a warning in the server response. - deprecated: true - # This overrides the default warning returned to clients making v1beta1 API requests. - deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshot is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshot" - schema: - openAPIV3Schema: - description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' - properties: - source: - description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. - properties: - persistentVolumeClaimName: - description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. - type: string - volumeSnapshotContentName: - description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. - type: string - type: object - volumeSnapshotClassName: - description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' - type: string - required: - - source - type: object - status: - description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. - properties: - boundVolumeSnapshotContentName: - description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' - type: string - creationTime: - description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. - format: date-time - type: string - error: - description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurrs during the snapshot creation. Upon success, this error field will be cleared. - properties: - message: - description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' - type: string - time: - description: time is the timestamp when the error was encountered. - format: date-time - type: string - type: object - readyToUse: - description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. - type: boolean - restoreSize: - type: string - description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of + the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing + VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from + this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot + object intends to bind to. Please note that verification of binding actually + requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure + both are pointing at each other. Binding MUST be verified prior to usage of + this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying + storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time + snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested + by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots + Required.' + properties: + source: + description: source specifies where a snapshot will be created from. + This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the + PersistentVolumeClaim object representing the volume from which + a snapshot should be created. This PVC is assumed to be in the + same namespace as the VolumeSnapshot object. This field should + be set if the snapshot does not exists, and needs to be created. + This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a + pre-existing VolumeSnapshotContent object representing an existing + volume snapshot. This field should be set if the snapshot already + exists and only needs a representation in Kubernetes. This field + is immutable. + type: string + type: object + oneOf: + - required: ["persistentVolumeClaimName"] + - required: ["volumeSnapshotContentName"] + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass + requested by the VolumeSnapshot. VolumeSnapshotClassName may be + left nil to indicate that the default SnapshotClass should be used. + A given cluster may have multiple default Volume SnapshotClasses: + one default per CSI Driver. If a VolumeSnapshot does not specify + a SnapshotClass, VolumeSnapshotSource will be checked to figure + out what the associated CSI Driver is, and the default VolumeSnapshotClass + associated with that CSI Driver will be used. If more than one VolumeSnapshotClass + exist for a given CSI Driver and more than one have been marked + as default, CreateSnapshot will fail and generate an event. Empty + string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. + Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent + objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent + point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent + object to which this VolumeSnapshot object intends to bind to. If + not specified, it indicates that the VolumeSnapshot object has not + been successfully bound to a VolumeSnapshotContent object yet. NOTE: + To avoid possible security issues, consumers must verify binding + between VolumeSnapshot and VolumeSnapshotContent objects is successful + (by validating that both VolumeSnapshot and VolumeSnapshotContent + point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time + snapshot is taken by the underlying storage system. In dynamic snapshot + creation case, this field will be filled in by the snapshot controller + with the "creation_time" value returned from CSI "CreateSnapshot" + gRPC call. For a pre-existing snapshot, this field will be filled + with the "creation_time" value returned from the CSI "ListSnapshots" + gRPC call if the driver supports it. If not specified, it may indicate + that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, + if any. This field could be helpful to upper level controllers(i.e., + application controller) to decide whether they should continue on + waiting for the snapshot to be created based on the type of error + reported. The snapshot controller will keep retrying when an error + occurs during the snapshot creation. Upon success, this error field + will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error + during snapshot creation if specified. NOTE: message may be + logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used + to restore a volume. In dynamic snapshot creation case, this field + will be filled in by the snapshot controller with the "ready_to_use" + value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing + snapshot, this field will be filled with the "ready_to_use" value + returned from the CSI "ListSnapshots" gRPC call if the driver supports + it, otherwise, this field will be set to "True". If not specified, + it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required + to create a volume from this snapshot. In dynamic snapshot creation + case, this field will be filled in by the snapshot controller with + the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. + For a pre-existing snapshot, this field will be filled with the + "size_bytes" value returned from the CSI "ListSnapshots" gRPC call + if the driver supports it. When restoring a volume from this snapshot, + the size of the volume MUST NOT be smaller than the restoreSize + if it is specified, otherwise the restoration will fail. If not + specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + # This indicates the v1beta1 version of the custom resource is deprecated. + # API requests to this version receive a warning in the server response. + deprecated: true + # This overrides the default warning returned to clients making v1beta1 API requests. + deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshot is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshot" + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: false + storage: false + subresources: + status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + controller-gen.kubebuilder.io/version: v0.8.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/665" creationTimestamp: null name: volumesnapshotclasses.snapshot.storage.k8s.io spec: @@ -247,116 +322,131 @@ spec: listKind: VolumeSnapshotClassList plural: volumesnapshotclasses shortNames: - - vsclass - - vsclasses + - vsclass + - vsclasses singular: volumesnapshotclass scope: Cluster versions: - - additionalPrinterColumns: - - jsonPath: .driver - name: Driver - type: string - - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. - jsonPath: .deletionPolicy - name: DeletionPolicy - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - deletionPolicy: - description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. - enum: - - Delete - - Retain - type: string - driver: - description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - parameters: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the + VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage + system uses when creating a volume snapshot. A specific VolumeSnapshotClass + is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses + are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent + created through the VolumeSnapshotClass should be deleted when its bound + VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". + "Retain" means that the VolumeSnapshotContent and its physical snapshot + on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent + and its physical snapshot on underlying storage system are deleted. + Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this + VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific + parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: true + subresources: {} + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + # This indicates the v1beta1 version of the custom resource is deprecated. + # API requests to this version receive a warning in the server response. + deprecated: true + # This overrides the default warning returned to clients making v1beta1 API requests. + deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshotClass is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshotClass" + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain type: string - description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. - type: object - required: - - deletionPolicy - - driver - type: object - served: true - storage: true - subresources: {} - - additionalPrinterColumns: - - jsonPath: .driver - name: Driver - type: string - - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. - jsonPath: .deletionPolicy - name: DeletionPolicy - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - # This indicates the v1beta1 version of the custom resource is deprecated. - # API requests to this version receive a warning in the server response. - deprecated: true - # This overrides the default warning returned to clients making v1beta1 API requests. - deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshotClass is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshotClass" - schema: - openAPIV3Schema: - description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - deletionPolicy: - description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. - enum: - - Delete - - Retain - type: string - driver: - description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - parameters: - additionalProperties: + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. type: string - description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. - type: object - required: - - deletionPolicy - - driver - type: object - served: true - storage: false - subresources: {} + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: false + storage: false + subresources: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + controller-gen.kubebuilder.io/version: v0.8.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/665" creationTimestamp: null name: volumesnapshotcontents.snapshot.storage.k8s.io spec: @@ -366,291 +456,380 @@ spec: listKind: VolumeSnapshotContentList plural: volumesnapshotcontents shortNames: - - vsc - - vscs + - vsc + - vscs singular: volumesnapshotcontent scope: Cluster versions: - - additionalPrinterColumns: - - description: Indicates if the snapshot is ready to be used to restore a volume. - jsonPath: .status.readyToUse - name: ReadyToUse - type: boolean - - description: Represents the complete size of the snapshot in bytes - jsonPath: .status.restoreSize - name: RestoreSize - type: integer - - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. - jsonPath: .spec.deletionPolicy - name: DeletionPolicy - type: string - - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. - jsonPath: .spec.driver - name: Driver - type: string - - description: Name of the VolumeSnapshotClass to which this snapshot belongs. - jsonPath: .spec.volumeSnapshotClassName - name: VolumeSnapshotClass - type: string - - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. - jsonPath: .spec.volumeSnapshotRef.name - name: VolumeSnapshot - type: string - - description: Namespace of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. - jsonPath: .spec.volumeSnapshotRef.namespace - name: VolumeSnapshotNamespace - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. - properties: - deletionPolicy: - description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. - enum: - - Delete - - Retain - type: string - driver: - description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. - type: string - source: - description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. - properties: - snapshotHandle: - description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. - type: string - volumeHandle: - description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. - type: string - type: object - oneOf: - - required: ["snapshotHandle"] - - required: ["volumeHandle"] - volumeSnapshotClassName: - description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. - type: string - volumeSnapshotRef: - description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - required: - - deletionPolicy - - driver - - source - - volumeSnapshotRef - type: object - status: - description: status represents the current information of a snapshot. - properties: - creationTime: - description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. - format: int64 - type: integer - error: - description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. - properties: - message: - description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' - type: string - time: - description: time is the timestamp when the error was encountered. - format: date-time - type: string - type: object - readyToUse: - description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. - type: boolean - restoreSize: - description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. - format: int64 - minimum: 0 - type: integer - snapshotHandle: - description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - description: Indicates if the snapshot is ready to be used to restore a volume. - jsonPath: .status.readyToUse - name: ReadyToUse - type: boolean - - description: Represents the complete size of the snapshot in bytes - jsonPath: .status.restoreSize - name: RestoreSize - type: integer - - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. - jsonPath: .spec.deletionPolicy - name: DeletionPolicy - type: string - - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. - jsonPath: .spec.driver - name: Driver - type: string - - description: Name of the VolumeSnapshotClass to which this snapshot belongs. - jsonPath: .spec.volumeSnapshotClassName - name: VolumeSnapshotClass - type: string - - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. - jsonPath: .spec.volumeSnapshotRef.name - name: VolumeSnapshot - type: string - - description: Namespace of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. - jsonPath: .spec.volumeSnapshotRef.namespace - name: VolumeSnapshotNamespace - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - # This indicates the v1beta1 version of the custom resource is deprecated. - # API requests to this version receive a warning in the server response. - deprecated: true - # This overrides the default warning returned to clients making v1beta1 API requests. - deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshotContent is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshotContent" - schema: - openAPIV3Schema: - description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - spec: - description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. - properties: - deletionPolicy: - description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. - enum: - - Delete - - Retain - type: string - driver: - description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. - type: string - source: - description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. - properties: - snapshotHandle: - description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. - type: string - volumeHandle: - description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. - type: string - type: object - volumeSnapshotClassName: - description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. - type: string - volumeSnapshotRef: - description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - required: - - deletionPolicy - - driver - - source - - volumeSnapshotRef - type: object - status: - description: status represents the current information of a snapshot. - properties: - creationTime: - description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. - format: int64 - type: integer - error: - description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. - properties: - message: - description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' - type: string - time: - description: time is the timestamp when the error was encountered. - format: date-time - type: string - type: object - readyToUse: - description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. - type: boolean - restoreSize: - description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. - format: int64 - minimum: 0 - type: integer - snapshotHandle: - description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. - type: string - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical + snapshot on the underlying storage system should be deleted when its bound + VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on + the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent + object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - description: Namespace of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.namespace + name: VolumeSnapshotNamespace + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot + object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created + by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent + and its physical snapshot on the underlying storage system should + be deleted when its bound VolumeSnapshot is deleted. Supported values + are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent + and its physical snapshot on underlying storage system are kept. + "Delete" means that the VolumeSnapshotContent and its physical snapshot + on underlying storage system are deleted. For dynamically provisioned + snapshots, this field will automatically be filled in by the CSI + snapshotter sidecar with the "DeletionPolicy" field defined in the + corresponding VolumeSnapshotClass. For pre-existing snapshots, users + MUST specify this field when creating the VolumeSnapshotContent + object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the + physical snapshot on the underlying storage system. This MUST be + the same as the name returned by the CSI GetPluginName() call for + that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) + dynamically provisioned or already exists, and just requires a Kubernetes + object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of + a pre-existing snapshot on the underlying storage system for + which a Kubernetes object representation was (or should be) + created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the + volume from which a snapshot should be dynamically taken from. + This field is immutable. + type: string + type: object + oneOf: + - required: ["snapshotHandle"] + - required: ["volumeHandle"] + sourceVolumeMode: + description: SourceVolumeMode is the mode of the volume whose snapshot + is taken. Can be either “Filesystem” or “Block”. If not specified, + it indicates the source volume's mode is unknown. This field is + immutable. This field is an alpha field. + type: string + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot + was (or will be) created. Note that after provisioning, the VolumeSnapshotClass + may be deleted or recreated with different set of values, and as + such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object + to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName + field must reference to this VolumeSnapshotContent's name for the + bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent + object, name and namespace of the VolumeSnapshot object MUST be + provided for binding to happen. This field is immutable after creation. + Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time + snapshot is taken by the underlying storage system. In dynamic snapshot + creation case, this field will be filled in by the CSI snapshotter + sidecar with the "creation_time" value returned from CSI "CreateSnapshot" + gRPC call. For a pre-existing snapshot, this field will be filled + with the "creation_time" value returned from the CSI "ListSnapshots" + gRPC call if the driver supports it. If not specified, it indicates + the creation time is unknown. The format of this field is a Unix + nanoseconds time encoded as an int64. On Unix, the command `date + +%s%N` returns the current time in nanoseconds since 1970-01-01 + 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, + if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error + during snapshot creation if specified. NOTE: message may be + logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used + to restore a volume. In dynamic snapshot creation case, this field + will be filled in by the CSI snapshotter sidecar with the "ready_to_use" + value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing + snapshot, this field will be filled with the "ready_to_use" value + returned from the CSI "ListSnapshots" gRPC call if the driver supports + it, otherwise, this field will be set to "True". If not specified, + it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot + in bytes. In dynamic snapshot creation case, this field will be + filled in by the CSI snapshotter sidecar with the "size_bytes" value + returned from CSI "CreateSnapshot" gRPC call. For a pre-existing + snapshot, this field will be filled with the "size_bytes" value + returned from the CSI "ListSnapshots" gRPC call if the driver supports + it. When restoring a volume from this snapshot, the size of the + volume MUST NOT be smaller than the restoreSize if it is specified, + otherwise the restoration will fail. If not specified, it indicates + that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot + on the underlying storage system. If not specified, it indicates + that dynamic snapshot creation has either failed or it is still + in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - description: Namespace of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.namespace + name: VolumeSnapshotNamespace + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + # This indicates the v1beta1 version of the custom resource is deprecated. + # API requests to this version receive a warning in the server response. + deprecated: true + # This overrides the default warning returned to clients making v1beta1 API requests. + deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshotContent is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshotContent" + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: false + storage: false + subresources: + status: {} status: acceptedNames: kind: "" diff --git a/azure/azurefiles/csi-azurefile-controller.yaml b/azure/azurefiles/csi-azurefile-controller.yaml index b270e815..24fa4bc5 100755 --- a/azure/azurefiles/csi-azurefile-controller.yaml +++ b/azure/azurefiles/csi-azurefile-controller.yaml @@ -26,16 +26,22 @@ spec: - key: "node-role.kubernetes.io/controlplane" operator: "Exists" effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Exists" + effect: "NoSchedule" containers: - name: csi-provisioner - image: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner:v3.1.0 + image: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner:v4.0.1 args: - "-v=2" - "--csi-address=$(ADDRESS)" - "--leader-election" - "--leader-election-namespace=kube-system" - - "--timeout=300s" + - "--timeout=1200s" - "--extra-create-metadata=true" + - "--kube-api-qps=50" + - "--kube-api-burst=100" + - "--feature-gates=HonorPVReclaimPolicy=true" env: - name: ADDRESS value: /csi/csi.sock @@ -48,28 +54,12 @@ spec: requests: cpu: 10m memory: 20Mi - - name: csi-attacher - image: mcr.microsoft.com/oss/kubernetes-csi/csi-attacher:v3.4.0 - args: - - "-v=2" - - "-csi-address=$(ADDRESS)" - - "-timeout=120s" - - "--leader-election" - - "--leader-election-namespace=kube-system" - env: - - name: ADDRESS - value: /csi/csi.sock - volumeMounts: - - mountPath: /csi - name: socket-dir - resources: - limits: - memory: 500Mi - requests: - cpu: 10m - memory: 20Mi + securityContext: + capabilities: + drop: + - ALL - name: csi-snapshotter - image: mcr.microsoft.com/oss/kubernetes-csi/csi-snapshotter:v5.0.1 + image: mcr.microsoft.com/oss/kubernetes-csi/csi-snapshotter:v7.0.2 args: - "-v=2" - "-csi-address=$(ADDRESS)" @@ -83,12 +73,16 @@ spec: mountPath: /csi resources: limits: - memory: 100Mi + memory: 200Mi requests: cpu: 10m memory: 20Mi + securityContext: + capabilities: + drop: + - ALL - name: csi-resizer - image: mcr.microsoft.com/oss/kubernetes-csi/csi-resizer:v1.4.0 + image: mcr.microsoft.com/oss/kubernetes-csi/csi-resizer:v1.10.1 args: - "-csi-address=$(ADDRESS)" - "-v=2" @@ -109,12 +103,16 @@ spec: requests: cpu: 10m memory: 20Mi + securityContext: + capabilities: + drop: + - ALL - name: liveness-probe - image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.6.0 + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.12.0 args: - --csi-address=/csi/csi.sock - --probe-timeout=3s - - --health-port=29612 + - --http-endpoint=localhost:29612 - --v=2 volumeMounts: - name: socket-dir @@ -125,8 +123,12 @@ spec: requests: cpu: 10m memory: 20Mi + securityContext: + capabilities: + drop: + - ALL - name: azurefile - image: mcr.microsoft.com/k8s/csi/azurefile-csi:latest + image: mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.30.2 imagePullPolicy: IfNotPresent args: - "--v=5" @@ -134,17 +136,15 @@ spec: - "--metrics-address=0.0.0.0:29614" - "--user-agent-suffix=OSS-kubectl" ports: - - containerPort: 29612 - name: healthz - protocol: TCP - containerPort: 29614 name: metrics protocol: TCP livenessProbe: failureThreshold: 5 httpGet: + host: localhost path: /healthz - port: healthz + port: 29612 initialDelaySeconds: 30 timeoutSeconds: 10 periodSeconds: 30 @@ -160,6 +160,8 @@ spec: volumeMounts: - mountPath: /csi name: socket-dir + - mountPath: /root/.azcopy + name: azcopy-dir - mountPath: /etc/kubernetes/ name: azure-cred resources: @@ -168,10 +170,16 @@ spec: requests: cpu: 10m memory: 20Mi + securityContext: + capabilities: + drop: + - ALL volumes: - name: socket-dir emptyDir: {} + - name: azcopy-dir + emptyDir: {} - name: azure-cred hostPath: path: /etc/kubernetes/ - type: DirectoryOrCreate + type: DirectoryOrCreate \ No newline at end of file diff --git a/azure/azurefiles/csi-azurefile-driver.yaml b/azure/azurefiles/csi-azurefile-driver.yaml index 55d31ed2..dc227c44 100755 --- a/azure/azurefiles/csi-azurefile-driver.yaml +++ b/azure/azurefiles/csi-azurefile-driver.yaml @@ -4,12 +4,12 @@ kind: CSIDriver metadata: name: file.csi.azure.com annotations: - csiDriver: latest - snapshot: v5.0.1 + csiDriver: v1.30.0 + snapshot: v6.2.2 spec: attachRequired: false podInfoOnMount: true volumeLifecycleModes: - Persistent - Ephemeral - fsGroupPolicy: ReadWriteOnceWithFSType + fsGroupPolicy: ReadWriteOnceWithFSType \ No newline at end of file diff --git a/azure/azurefiles/csi-azurefile-node-windows.yaml b/azure/azurefiles/csi-azurefile-node-windows.yaml index 347b0c1b..6c5efe87 100755 --- a/azure/azurefiles/csi-azurefile-node-windows.yaml +++ b/azure/azurefiles/csi-azurefile-node-windows.yaml @@ -34,12 +34,15 @@ spec: values: - virtual-kubelet priorityClassName: system-node-critical + securityContext: + seccompProfile: + type: RuntimeDefault containers: - name: liveness-probe volumeMounts: - mountPath: C:\csi name: plugin-dir - image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.6.0 + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.12.0 args: - --csi-address=$(CSI_ENDPOINT) - --probe-timeout=3s @@ -50,12 +53,12 @@ spec: value: unix://C:\\csi\\csi.sock resources: limits: - memory: 100Mi + memory: 150Mi requests: cpu: 10m memory: 40Mi - name: node-driver-registrar - image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.5.0 + image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.10.1 args: - --v=2 - --csi-address=$(CSI_ENDPOINT) @@ -86,19 +89,18 @@ spec: mountPath: C:\registration resources: limits: - memory: 100Mi + memory: 150Mi requests: - cpu: 10m + cpu: 30m memory: 40Mi - name: azurefile - image: mcr.microsoft.com/k8s/csi/azurefile-csi:latest + image: mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.30.2 imagePullPolicy: IfNotPresent args: - --v=5 - --endpoint=$(CSI_ENDPOINT) - --nodeid=$(KUBE_NODE_NAME) - - --kubeconfig=C:\\k\\config - - --metrics-address=0.0.0.0:29615 + - --metrics-address="0.0.0.0:29615" ports: - containerPort: 29613 name: healthz @@ -178,4 +180,4 @@ spec: - name: azure-config hostPath: path: C:\k - type: DirectoryOrCreate + type: DirectoryOrCreate \ No newline at end of file diff --git a/azure/azurefiles/csi-azurefile-node.yaml b/azure/azurefiles/csi-azurefile-node.yaml index d07451fc..ebbc2427 100755 --- a/azure/azurefiles/csi-azurefile-node.yaml +++ b/azure/azurefiles/csi-azurefile-node.yaml @@ -32,6 +32,9 @@ spec: values: - virtual-kubelet priorityClassName: system-node-critical + securityContext: + seccompProfile: + type: RuntimeDefault tolerations: - operator: "Exists" containers: @@ -39,7 +42,7 @@ spec: volumeMounts: - mountPath: /csi name: socket-dir - image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.6.0 + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.12.0 args: - --csi-address=/csi/csi.sock - --probe-timeout=3s @@ -52,7 +55,7 @@ spec: cpu: 10m memory: 20Mi - name: node-driver-registrar - image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.5.0 + image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.10.1 args: - --csi-address=$(ADDRESS) - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) @@ -82,22 +85,19 @@ spec: cpu: 10m memory: 20Mi - name: azurefile - image: mcr.microsoft.com/k8s/csi/azurefile-csi:latest + image: mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.30.2 imagePullPolicy: IfNotPresent args: - "--v=5" - "--endpoint=$(CSI_ENDPOINT)" - "--nodeid=$(KUBE_NODE_NAME)" - "--metrics-address=0.0.0.0:29615" - ports: - - containerPort: 29613 - name: healthz - protocol: TCP livenessProbe: failureThreshold: 5 httpGet: + host: localhost path: /healthz - port: healthz + port: 29613 initialDelaySeconds: 30 timeoutSeconds: 10 periodSeconds: 30 @@ -129,7 +129,7 @@ spec: name: device-dir resources: limits: - memory: 300Mi + memory: 400Mi requests: cpu: 10m memory: 20Mi @@ -154,4 +154,4 @@ spec: path: /dev type: Directory name: device-dir ---- +--- \ No newline at end of file diff --git a/azure/azurefiles/csi-snapshot-controller.yaml b/azure/azurefiles/csi-snapshot-controller.yaml index ea3d07dd..de89b13e 100755 --- a/azure/azurefiles/csi-snapshot-controller.yaml +++ b/azure/azurefiles/csi-snapshot-controller.yaml @@ -9,6 +9,15 @@ spec: selector: matchLabels: app: csi-snapshot-controller + # the snapshot controller won't be marked as ready if the v1 CRDs are unavailable + # in #504 the snapshot-controller will exit after around 7.5 seconds if it + # can't find the v1 CRDs so this value should be greater than that + minReadySeconds: 15 + strategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: 1 + type: RollingUpdate template: metadata: labels: @@ -27,16 +36,24 @@ spec: operator: "Equal" value: "true" effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Equal" + value: "true" + effect: "NoSchedule" containers: - name: csi-snapshot-controller - image: mcr.microsoft.com/oss/kubernetes-csi/snapshot-controller:v5.0.1 + image: mcr.microsoft.com/oss/kubernetes-csi/snapshot-controller:v7.0.2 args: - "--v=2" - "--leader-election=true" - "--leader-election-namespace=kube-system" resources: limits: - memory: 100Mi + memory: 300Mi requests: cpu: 10m memory: 20Mi + securityContext: + capabilities: + drop: + - ALL \ No newline at end of file diff --git a/azure/azurefiles/managed-premium.yaml b/azure/azurefiles/managed-premium.yaml index 2637511e..e650677f 100644 --- a/azure/azurefiles/managed-premium.yaml +++ b/azure/azurefiles/managed-premium.yaml @@ -10,4 +10,4 @@ parameters: storageaccounttype: Premium_LRS reclaimPolicy: Delete allowVolumeExpansion: true -volumeBindingMode: WaitForFirstConsumer +volumeBindingMode: WaitForFirstConsumer \ No newline at end of file diff --git a/azure/azurefiles/rbac-csi-azurefile-controller.yaml b/azure/azurefiles/rbac-csi-azurefile-controller.yaml index 69d43ac5..5994b620 100755 --- a/azure/azurefiles/rbac-csi-azurefile-controller.yaml +++ b/azure/azurefiles/rbac-csi-azurefile-controller.yaml @@ -106,7 +106,7 @@ rules: verbs: ["list", "watch", "create", "update", "patch"] - apiGroups: [""] resources: ["secrets"] - verbs: ["get", "list"] + verbs: ["get"] - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshotclasses"] verbs: ["get", "list", "watch"] @@ -177,7 +177,7 @@ metadata: rules: - apiGroups: [""] resources: ["secrets"] - verbs: ["get", "list", "create"] + verbs: ["get", "create"] --- kind: ClusterRoleBinding @@ -191,4 +191,4 @@ subjects: roleRef: kind: ClusterRole name: csi-azurefile-controller-secret-role - apiGroup: rbac.authorization.k8s.io + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/azure/azurefiles/rbac-csi-azurefile-node.yaml b/azure/azurefiles/rbac-csi-azurefile-node.yaml index 903f6c8e..8ed3508a 100755 --- a/azure/azurefiles/rbac-csi-azurefile-node.yaml +++ b/azure/azurefiles/rbac-csi-azurefile-node.yaml @@ -13,7 +13,7 @@ metadata: rules: - apiGroups: [""] resources: ["secrets"] - verbs: ["get", "list"] + verbs: ["get"] --- kind: ClusterRoleBinding @@ -27,4 +27,4 @@ subjects: roleRef: kind: ClusterRole name: csi-azurefile-node-secret-role - apiGroup: rbac.authorization.k8s.io + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/azure/azurefiles/rbac-csi-snapshot-controller.yaml b/azure/azurefiles/rbac-csi-snapshot-controller.yaml index 03af7654..f224208c 100755 --- a/azure/azurefiles/rbac-csi-snapshot-controller.yaml +++ b/azure/azurefiles/rbac-csi-snapshot-controller.yaml @@ -75,4 +75,4 @@ subjects: roleRef: kind: ClusterRole name: csi-snapshot-controller-leaderelection-role - apiGroup: rbac.authorization.k8s.io + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/azure/deploy.sh b/azure/deploy.sh index 2f9c773d..4609bcd8 100755 --- a/azure/deploy.sh +++ b/azure/deploy.sh @@ -237,7 +237,7 @@ fi set -e ## Deploy MongoDB log "==== MongoDB deployment started ====" -export ROLE_NAME=mongodb && ansible-playbook ibm.mas_devops.run_role +#export ROLE_NAME=mongodb && ansible-playbook ibm.mas_devops.run_role log "==== MongoDB deployment completed ====" ## Copying the entitlement.lic to MAS_CONFIG_DIR @@ -253,13 +253,13 @@ if [[ (-z $SLS_URL) || (-z $SLS_REGISTRATION_KEY) || (-z $SLS_PUB_CERT_URL) ]]; ## Deploy SLS log "==== SLS deployment started ====" # sls and gencfg_sls are combined in common sls role - export ROLE_NAME=sls && ansible-playbook ibm.mas_devops.run_role + #export ROLE_NAME=sls && ansible-playbook ibm.mas_devops.run_role log "==== SLS deployment completed ====" else log "=== Using Existing SLS Deployment ===" # # works when SLS_URL is set, handled in same sls role - export ROLE_NAME=sls && ansible-playbook ibm.mas_devops.run_role + #export ROLE_NAME=sls && ansible-playbook ibm.mas_devops.run_role log "=== Generated SLS Config YAML ===" fi @@ -268,13 +268,13 @@ if [[ (-z $UDS_API_KEY) || (-z $UDS_ENDPOINT_URL) || (-z $UDS_PUB_CERT_URL) ]]; # Deploy UDS log "==== UDS/DRO deployment started ====" # uds and gencfg_uds are combined in common uds role - export ROLE_NAME=uds && ansible-playbook ibm.mas_devops.run_role + #export ROLE_NAME=uds && ansible-playbook ibm.mas_devops.run_role log "==== UDS deployment completed ====" else log "=== Using Existing UDS Deployment ===" # works when UDS_ENDPOINT_URL is set, handled in same uds role - export ROLE_NAME=uds && ansible-playbook ibm.mas_devops.run_role + #export ROLE_NAME=uds && ansible-playbook ibm.mas_devops.run_role log "=== Generated UDS Config YAML ===" fi @@ -287,19 +287,19 @@ fi ## Deploy Manage if [[ $DEPLOY_MANAGE == "true" && (-z $MAS_JDBC_USER) && (-z $MAS_JDBC_PASSWORD) && (-z $MAS_JDBC_URL) && (-z $MAS_JDBC_CERT_URL) ]]; then - if [[ $EXISTING_CLUSTER == "ARO" ]]; then - log "==== Currently internal db2 is not supported for ARO ====" - else + # if [[ $EXISTING_CLUSTER == "ARO" ]]; then + # log "==== Currently internal db2 is not supported for ARO ====" + #else log "==== Configure internal db2 for manage started ====" export ROLE_NAME=db2 && ansible-playbook ibm.mas_devops.run_role export ROLE_NAME=suite_db2_setup_for_manage && ansible-playbook ibm.mas_devops.run_role log "==== Configuration of internal db2 for manage completed ====" - fi + #fi fi ## Create MAS Workspace log "==== MAS Workspace generation started ====" -export ROLE_NAME=gencfg_workspace && ansible-playbook ibm.mas_devops.run_role +#export ROLE_NAME=gencfg_workspace && ansible-playbook ibm.mas_devops.run_role log "==== MAS Workspace generation completed ====" if [[ $DEPLOY_MANAGE == "true" && (-n $MAS_JDBC_USER) && (-n $MAS_JDBC_PASSWORD) && (-n $MAS_JDBC_URL) ]]; then @@ -330,28 +330,28 @@ if [[ $DEPLOY_MANAGE == "true" && (-n $MAS_JDBC_USER) && (-n $MAS_JDBC_PASSWORD) export SSL_ENABLED=true fi log "==== Configure JDBC started for external DB2 ==== SSL_ENABLED = $SSL_ENABLED" - export ROLE_NAME=gencfg_jdbc && ansible-playbook ibm.mas_devops.run_role + # export ROLE_NAME=gencfg_jdbc && ansible-playbook ibm.mas_devops.run_role log "==== Configure JDBC completed for external DB2 ====" fi ## Deploy MAS log "==== MAS deployment started ====" -export ROLE_NAME=suite_dns && ansible-playbook ibm.mas_devops.run_role -export ROLE_NAME=suite_install && ansible-playbook ibm.mas_devops.run_role -export ROLE_NAME=suite_config && ansible-playbook ibm.mas_devops.run_role -export ROLE_NAME=suite_verify && ansible-playbook ibm.mas_devops.run_role +#export ROLE_NAME=suite_dns && ansible-playbook ibm.mas_devops.run_role +#export ROLE_NAME=suite_install && ansible-playbook ibm.mas_devops.run_role +#export ROLE_NAME=suite_config && ansible-playbook ibm.mas_devops.run_role +#export ROLE_NAME=suite_verify && ansible-playbook ibm.mas_devops.run_role log "==== MAS deployment completed ====" ## Deploy Manage if [[ $DEPLOY_MANAGE == "true" ]]; then # Deploy Manage log "==== MAS Manage deployment started ====" - export ROLE_NAME=suite_app_install && ansible-playbook ibm.mas_devops.run_role + #export ROLE_NAME=suite_app_install && ansible-playbook ibm.mas_devops.run_role log "==== MAS Manage deployment completed ====" # Configure app to use the DB log "==== MAS Manage configure app started ====" export MAS_APPWS_BINDINGS_JDBC="workspace-application" - export ROLE_NAME=suite_app_config && ansible-playbook ibm.mas_devops.run_role + #export ROLE_NAME=suite_app_config && ansible-playbook ibm.mas_devops.run_role log "==== MAS Manage configure app completed ====" fi diff --git a/init.sh b/init.sh index 2519c021..db412779 100644 --- a/init.sh +++ b/init.sh @@ -229,8 +229,8 @@ export UDS_TLS_CERT_LOCAL_FILE_PATH="${GIT_REPO_HOME}/uds.crt" export CPD_ENTITLEMENT_KEY=$SLS_ENTITLEMENT_KEY export CPD_VERSION=cpd40 export CPD_PRODUCT_VERSION=4.8.0 -export MAS_CHANNEL=8.11.x -export MAS_CATALOG_VERSION=v8-240430-amd64 +export MAS_CHANNEL=9.0.x +export MAS_CATALOG_VERSION=v9-240625-amd64 if [[ $CLUSTER_TYPE == "aws" ]]; then export CPD_PRIMARY_STORAGE_CLASS="ocs-storagecluster-cephfs" elif [[ $CLUSTER_TYPE == "azure" ]]; then @@ -269,8 +269,8 @@ export MAS_APP_ID=manage export MAS_APPWS_JDBC_BINDING="workspace-application" export MAS_JDBC_CERT_LOCAL_FILE=$GIT_REPO_HOME/db.crt export MAS_CLOUD_AUTOMATION_VERSION=1.0 -export MAS_DEVOPS_COLLECTION_VERSION=18.3.4 -export MAS_APP_CHANNEL=8.7.x +export MAS_DEVOPS_COLLECTION_VERSION=20.4.0 +export MAS_APP_CHANNEL=9.0.x if [ -z "$EXISTING_NETWORK" ]; then export new_or_existing_vpc_subnet="new" export enable_permission_quota_check=true From a1627bec29f7c57f426f6734b8f7ad571bb09839 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 18 Jun 2024 22:58:21 +0530 Subject: [PATCH 02/40] [minor] AROdb2 --- azure/bootnode-image/bootnode-image-step-1.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure/bootnode-image/bootnode-image-step-1.sh b/azure/bootnode-image/bootnode-image-step-1.sh index 10d749d8..dc70c89f 100755 --- a/azure/bootnode-image/bootnode-image-step-1.sh +++ b/azure/bootnode-image/bootnode-image-step-1.sh @@ -73,7 +73,7 @@ echo $output vmip=$(echo $output | jq '.publicIpAddress' | tr -d '"') echo "VM IP address: $vmip" -ssh -i $6 -o StrictHostKeyChecking=no azureuser@$vmip "cd /tmp; curl -skSL 'https://raw.githubusercontent.com/ibm-mas/multicloud-bootstrap/cp4d4.8/azure/bootnode-image/prepare-bootnode-image.sh' -o prepare-bootnode-image.sh; chmod +x prepare-bootnode-image.sh; sudo su - root -c \"/tmp/prepare-bootnode-image.sh '$ANSIBLE_COLLECTION_VERSION' '$ANSIBLE_COLLECTION_BRANCH' '$BOOTSTRAP_AUTOMATION_TAG_OR_BRANCH'\"" +ssh -i $6 -o StrictHostKeyChecking=no azureuser@$vmip "cd /tmp; curl -skSL 'https://raw.githubusercontent.com/ibm-mas/multicloud-bootstrap/AROdb2/azure/bootnode-image/prepare-bootnode-image.sh' -o prepare-bootnode-image.sh; chmod +x prepare-bootnode-image.sh; sudo su - root -c \"/tmp/prepare-bootnode-image.sh '$ANSIBLE_COLLECTION_VERSION' '$ANSIBLE_COLLECTION_BRANCH' '$BOOTSTRAP_AUTOMATION_TAG_OR_BRANCH'\"" az vm deallocate --resource-group masocp-bootnode-vm-rg-${UNIQSTR} --name bootnode-prep echo "az vm deallocate done" From adfabff6d763afc21e0fe1b61a7399db8598e038 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 18 Jun 2024 23:53:51 +0530 Subject: [PATCH 03/40] [minor] AROdb2 --- pre-validate.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pre-validate.sh b/pre-validate.sh index e8524e2f..efa767ef 100644 --- a/pre-validate.sh +++ b/pre-validate.sh @@ -90,12 +90,12 @@ fi # JDBC CFT inputs validation and connection test if [[ $DEPLOY_MANAGE == "true" ]]; then if [[ (-z $MAS_JDBC_USER) && (-z $MAS_JDBC_PASSWORD) && (-z $MAS_JDBC_URL) && (-z $MAS_JDBC_CERT_URL) ]]; then - if [[ ($EXISTING_CLUSTER == "ARO") ]]; then - log "ERROR: All database values are not specified" - SCRIPT_STATUS=14 - else + # if [[ ($EXISTING_CLUSTER == "ARO") ]]; then + # log "ERROR: All database values are not specified" + # SCRIPT_STATUS=14 + #else log "=== New internal DB2 database will be provisioned for MAS Manage deployment ===" - fi + # fi else if [ -z "$MAS_JDBC_USER" ]; then log "ERROR: Database username is not specified" From 7692b0f8103bcae6e17d9e695b598f2bacae16ae Mon Sep 17 00:00:00 2001 From: shajeena Date: Wed, 19 Jun 2024 15:51:40 +0530 Subject: [PATCH 04/40] [minor] AROdb2 --- init.sh | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/init.sh b/init.sh index db412779..999e74b4 100644 --- a/init.sh +++ b/init.sh @@ -14,7 +14,7 @@ export BASE_DOMAIN=$7 export BASE_DOMAIN_RG_NAME=$8 export SSH_KEY_NAME=$9 export DEPLOY_WAIT_HANDLE=${10} -export SLS_ENTITLEMENT_KEY=${11} +export SLS_ENTITLEMENT_KEY=${11}x export OCP_PULL_SECRET=${12} export MAS_LICENSE_URL=${13} export SLS_URL=${14} @@ -444,17 +444,17 @@ fi cd $GIT_REPO_HOME # Perform prevalidation checks log "===== PRE-VALIDATION STARTED =====" -./pre-validate.sh -retcode=$? -log "Pre validation return code is $retcode" -if [[ $retcode -ne 0 ]]; then - log "Prevalidation checks failed" - PRE_VALIDATION=fail - mark_provisioning_failed $retcode -else +#./pre-validate.sh +#retcode=$? +#log "Pre validation return code is $retcode" +#if [[ $retcode -ne 0 ]]; then +# log "Prevalidation checks failed" +# PRE_VALIDATION=fail +# mark_provisioning_failed $retcode +#else log "Prevalidation checks successful" PRE_VALIDATION=pass -fi +#fi log "===== PRE-VALIDATION COMPLETED ($PRE_VALIDATION) =====" From 44045efe58f0e41e7b202305a58ec2411acbc39d Mon Sep 17 00:00:00 2001 From: shajeena Date: Wed, 19 Jun 2024 21:45:32 +0530 Subject: [PATCH 05/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium_aro.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index 3b20f80d..5165bb48 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -83,8 +83,9 @@ apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: azurefiles-premium -provisioner: file.csi.azure.com +provisioner: kubernetes.io/azure-file parameters: + protocol: nfs location: $deployRegion resourceGroup: $AZURE_FILES_RESOURCE_GROUP secretNamespace: kube-system @@ -92,8 +93,8 @@ parameters: storageAccount: $AZURE_STORAGE_ACCOUNT_NAME reclaimPolicy: Delete mountOptions: - - dir_mode=0640 - - file_mode=0640 + - dir_mode=0777 + - file_mode=0777 - uid=0 - gid=0 - mfsymlinks From cb7bd68115c494beeb7920c0de768038db4d5e58 Mon Sep 17 00:00:00 2001 From: shajeena Date: Wed, 19 Jun 2024 22:05:52 +0530 Subject: [PATCH 06/40] [minor] AROdb2 --- init.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/init.sh b/init.sh index 999e74b4..e45129d9 100644 --- a/init.sh +++ b/init.sh @@ -245,7 +245,7 @@ export CPD_INSTANCE_NAMESPACE="ibm-cpd-${RANDOM_STR}" #CPD_SERVICES_NAMESPACE is used in roles - cp4d, cp4dv3_install, cp4dv3_install_services and suite_dns export CPD_SERVICES_NAMESPACE="cpd-services-${RANDOM_STR}" export DB2WH_INSTANCE_NAME="db2wh-cpd-${RANDOM_STR}" -export DB2WH_VERSION="11.5.8.0-CN1" +#export DB2WH_VERSION="11.5.8.0-CN1" export DB2_META_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export DB2_DATA_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export DB2_BACKUP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS @@ -254,7 +254,7 @@ export DB2_TEMP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export CPD_SERVICE_NAME="db2wh" export DB2_INSTANCE_NAME=db2wh-db01 -export DB2_VERSION=11.5.7.0-cn2 +#export DB2_VERSION=11.5.7.0-cn2 export ENTITLEMENT_KEY=$SLS_ENTITLEMENT_KEY # not reqd its hardcoded as db2_namespace: db2u export DB2WH_NAMESPACE="cpd-services-${RANDOM_STR}" From d5f30c9e497eab91c4b9f29ee94093a4f230240b Mon Sep 17 00:00:00 2001 From: shajeena Date: Wed, 19 Jun 2024 23:34:56 +0530 Subject: [PATCH 07/40] [minor] AROdb2 --- azure/deploy.sh | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/azure/deploy.sh b/azure/deploy.sh index 4609bcd8..74a6535f 100755 --- a/azure/deploy.sh +++ b/azure/deploy.sh @@ -237,7 +237,7 @@ fi set -e ## Deploy MongoDB log "==== MongoDB deployment started ====" -#export ROLE_NAME=mongodb && ansible-playbook ibm.mas_devops.run_role +export ROLE_NAME=mongodb && ansible-playbook ibm.mas_devops.run_role log "==== MongoDB deployment completed ====" ## Copying the entitlement.lic to MAS_CONFIG_DIR @@ -253,13 +253,13 @@ if [[ (-z $SLS_URL) || (-z $SLS_REGISTRATION_KEY) || (-z $SLS_PUB_CERT_URL) ]]; ## Deploy SLS log "==== SLS deployment started ====" # sls and gencfg_sls are combined in common sls role - #export ROLE_NAME=sls && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=sls && ansible-playbook ibm.mas_devops.run_role log "==== SLS deployment completed ====" else log "=== Using Existing SLS Deployment ===" # # works when SLS_URL is set, handled in same sls role - #export ROLE_NAME=sls && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=sls && ansible-playbook ibm.mas_devops.run_role log "=== Generated SLS Config YAML ===" fi @@ -268,13 +268,13 @@ if [[ (-z $UDS_API_KEY) || (-z $UDS_ENDPOINT_URL) || (-z $UDS_PUB_CERT_URL) ]]; # Deploy UDS log "==== UDS/DRO deployment started ====" # uds and gencfg_uds are combined in common uds role - #export ROLE_NAME=uds && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=dro && ansible-playbook ibm.mas_devops.run_role log "==== UDS deployment completed ====" else log "=== Using Existing UDS Deployment ===" # works when UDS_ENDPOINT_URL is set, handled in same uds role - #export ROLE_NAME=uds && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=uds && ansible-playbook ibm.mas_devops.run_role log "=== Generated UDS Config YAML ===" fi @@ -299,7 +299,7 @@ fi ## Create MAS Workspace log "==== MAS Workspace generation started ====" -#export ROLE_NAME=gencfg_workspace && ansible-playbook ibm.mas_devops.run_role +export ROLE_NAME=gencfg_workspace && ansible-playbook ibm.mas_devops.run_role log "==== MAS Workspace generation completed ====" if [[ $DEPLOY_MANAGE == "true" && (-n $MAS_JDBC_USER) && (-n $MAS_JDBC_PASSWORD) && (-n $MAS_JDBC_URL) ]]; then @@ -336,22 +336,22 @@ fi ## Deploy MAS log "==== MAS deployment started ====" -#export ROLE_NAME=suite_dns && ansible-playbook ibm.mas_devops.run_role -#export ROLE_NAME=suite_install && ansible-playbook ibm.mas_devops.run_role -#export ROLE_NAME=suite_config && ansible-playbook ibm.mas_devops.run_role -#export ROLE_NAME=suite_verify && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=suite_dns && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=suite_install && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=suite_config && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=suite_verify && ansible-playbook ibm.mas_devops.run_role log "==== MAS deployment completed ====" ## Deploy Manage if [[ $DEPLOY_MANAGE == "true" ]]; then # Deploy Manage log "==== MAS Manage deployment started ====" - #export ROLE_NAME=suite_app_install && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=suite_app_install && ansible-playbook ibm.mas_devops.run_role log "==== MAS Manage deployment completed ====" # Configure app to use the DB log "==== MAS Manage configure app started ====" export MAS_APPWS_BINDINGS_JDBC="workspace-application" - #export ROLE_NAME=suite_app_config && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=suite_app_config && ansible-playbook ibm.mas_devops.run_role log "==== MAS Manage configure app completed ====" fi From 5f87231c00f78ad8be34e4c40ea4366b0a3ce67c Mon Sep 17 00:00:00 2001 From: shajeena Date: Thu, 20 Jun 2024 08:18:06 +0530 Subject: [PATCH 08/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium_aro.sh | 4 ++-- azure/deploy.sh | 16 ++++++++-------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index 5165bb48..8aff1300 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -93,8 +93,8 @@ parameters: storageAccount: $AZURE_STORAGE_ACCOUNT_NAME reclaimPolicy: Delete mountOptions: - - dir_mode=0777 - - file_mode=0777 + - dir_mode=0640 + - file_mode=0640 - uid=0 - gid=0 - mfsymlinks diff --git a/azure/deploy.sh b/azure/deploy.sh index 74a6535f..fc937afe 100755 --- a/azure/deploy.sh +++ b/azure/deploy.sh @@ -5,17 +5,17 @@ set -e ## Variables # Mongo variables -export MONGODB_STORAGE_CLASS=managed-premium +export MONGODB_STORAGE_CLASS=managed-csi # Amqstreams variables -export KAFKA_STORAGE_CLASS=managed-premium +export KAFKA_STORAGE_CLASS=managed-csi # Service principle variables SP_NAME="http://${CLUSTER_NAME}-sp" # SLS variables -export SLS_STORAGE_CLASS=managed-premium +export SLS_STORAGE_CLASS=managed-csi # UDS variables -export UDS_STORAGE_CLASS=managed-premium +export UDS_STORAGE_CLASS=managed-csi # CP4D variables -export CPD_METADATA_STORAGE_CLASS=managed-premium +export CPD_METADATA_STORAGE_CLASS=managed-csi export CPD_SERVICE_STORAGE_CLASS=azurefiles-premium log "Below are Cloud specific deployment parameters," @@ -191,7 +191,7 @@ envsubst /tmp/.dockerconfigjsonexport OCP_INGRESS_TLS_S oc set data secret/pull-secret -n openshift-config --from-file=/tmp/.dockerconfigjson # Run ansible playbook to create azurefiles storage class -log "=== Creating azurefiles-premium Storage class , managed-premium Storage class on OCP cluster ===" +log "=== Creating azurefiles-premium Storage class , managed-csi Storage class on OCP cluster ===" cd $GIT_REPO_HOME/azure/azurefiles ./azurefiles-premium.sh retcode=$? @@ -268,7 +268,7 @@ if [[ (-z $UDS_API_KEY) || (-z $UDS_ENDPOINT_URL) || (-z $UDS_PUB_CERT_URL) ]]; # Deploy UDS log "==== UDS/DRO deployment started ====" # uds and gencfg_uds are combined in common uds role - export ROLE_NAME=dro && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=uds && ansible-playbook ibm.mas_devops.run_role log "==== UDS deployment completed ====" else @@ -330,7 +330,7 @@ if [[ $DEPLOY_MANAGE == "true" && (-n $MAS_JDBC_USER) && (-n $MAS_JDBC_PASSWORD) export SSL_ENABLED=true fi log "==== Configure JDBC started for external DB2 ==== SSL_ENABLED = $SSL_ENABLED" - # export ROLE_NAME=gencfg_jdbc && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=gencfg_jdbc && ansible-playbook ibm.mas_devops.run_role log "==== Configure JDBC completed for external DB2 ====" fi From 825c3b6373817901e53960af2f052360a3ee0292 Mon Sep 17 00:00:00 2001 From: shajeena Date: Thu, 20 Jun 2024 11:53:51 +0530 Subject: [PATCH 09/40] [minor] AROdb2 --- azure/deploy.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure/deploy.sh b/azure/deploy.sh index fc937afe..6f69a246 100755 --- a/azure/deploy.sh +++ b/azure/deploy.sh @@ -268,13 +268,13 @@ if [[ (-z $UDS_API_KEY) || (-z $UDS_ENDPOINT_URL) || (-z $UDS_PUB_CERT_URL) ]]; # Deploy UDS log "==== UDS/DRO deployment started ====" # uds and gencfg_uds are combined in common uds role - export ROLE_NAME=uds && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=dro && ansible-playbook ibm.mas_devops.run_role log "==== UDS deployment completed ====" else log "=== Using Existing UDS Deployment ===" # works when UDS_ENDPOINT_URL is set, handled in same uds role - export ROLE_NAME=uds && ansible-playbook ibm.mas_devops.run_role + export ROLE_NAME=dro && ansible-playbook ibm.mas_devops.run_role log "=== Generated UDS Config YAML ===" fi From 367f7fe3c818daff27a3d4685bfd9368abab981f Mon Sep 17 00:00:00 2001 From: shajeena Date: Thu, 20 Jun 2024 15:00:03 +0530 Subject: [PATCH 10/40] [minor] AROdb2 --- init.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/init.sh b/init.sh index e45129d9..9eff10bc 100644 --- a/init.sh +++ b/init.sh @@ -444,17 +444,17 @@ fi cd $GIT_REPO_HOME # Perform prevalidation checks log "===== PRE-VALIDATION STARTED =====" -#./pre-validate.sh -#retcode=$? -#log "Pre validation return code is $retcode" -#if [[ $retcode -ne 0 ]]; then -# log "Prevalidation checks failed" -# PRE_VALIDATION=fail -# mark_provisioning_failed $retcode -#else +./pre-validate.sh +retcode=$? +log "Pre validation return code is $retcode" +if [[ $retcode -ne 0 ]]; then + log "Prevalidation checks failed" + PRE_VALIDATION=fail + mark_provisioning_failed $retcode +else log "Prevalidation checks successful" PRE_VALIDATION=pass -#fi +fi log "===== PRE-VALIDATION COMPLETED ($PRE_VALIDATION) =====" From 66554e2c19ffb2c090efb217c4ed09ddd6d99fde Mon Sep 17 00:00:00 2001 From: shajeena Date: Thu, 20 Jun 2024 15:10:38 +0530 Subject: [PATCH 11/40] [minor] AROdb2 --- init.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/init.sh b/init.sh index 9eff10bc..c94d8a20 100644 --- a/init.sh +++ b/init.sh @@ -221,9 +221,9 @@ elif [[ $CLUSTER_TYPE == "azure" ]]; then export DRO_STORAGE_CLASS="managed-premium" fi -export UDS_CONTACT_EMAIL="uds.support@ibm.com" -export UDS_CONTACT_FIRSTNAME=Uds -export UDS_CONTACT_LASTNAME=Support +export DRO_CONTACT_EMAIL="dro.support@ibm.com" +export DRO_CONTACT_FIRSTNAME=dro +export DRO_CONTACT_LASTNAME=Support export UDS_TLS_CERT_LOCAL_FILE_PATH="${GIT_REPO_HOME}/uds.crt" # CP4D variables export CPD_ENTITLEMENT_KEY=$SLS_ENTITLEMENT_KEY From b2c9af523b06d51df5d136bf7498e745b4a6672c Mon Sep 17 00:00:00 2001 From: shajeena Date: Thu, 20 Jun 2024 18:56:58 +0530 Subject: [PATCH 12/40] [minor] AROdb2 --- init.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/init.sh b/init.sh index c94d8a20..854e4fc0 100644 --- a/init.sh +++ b/init.sh @@ -14,7 +14,7 @@ export BASE_DOMAIN=$7 export BASE_DOMAIN_RG_NAME=$8 export SSH_KEY_NAME=$9 export DEPLOY_WAIT_HANDLE=${10} -export SLS_ENTITLEMENT_KEY=${11}x +export SLS_ENTITLEMENT_KEY=${11} export OCP_PULL_SECRET=${12} export MAS_LICENSE_URL=${13} export SLS_URL=${14} From a23a778c816893e3d9c69f6916fb76ab1c93e125 Mon Sep 17 00:00:00 2001 From: shajeena Date: Thu, 20 Jun 2024 18:58:11 +0530 Subject: [PATCH 13/40] [minor] AROdb2 --- azure/deploy.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/azure/deploy.sh b/azure/deploy.sh index 6f69a246..1c2883a3 100755 --- a/azure/deploy.sh +++ b/azure/deploy.sh @@ -5,17 +5,17 @@ set -e ## Variables # Mongo variables -export MONGODB_STORAGE_CLASS=managed-csi +export MONGODB_STORAGE_CLASS=managed-premium # Amqstreams variables -export KAFKA_STORAGE_CLASS=managed-csi +export KAFKA_STORAGE_CLASS=managed-premium # Service principle variables SP_NAME="http://${CLUSTER_NAME}-sp" # SLS variables -export SLS_STORAGE_CLASS=managed-csi +export SLS_STORAGE_CLASS=managed-premium # UDS variables -export UDS_STORAGE_CLASS=managed-csi +export UDS_STORAGE_CLASS=managed-premium # CP4D variables -export CPD_METADATA_STORAGE_CLASS=managed-csi +export CPD_METADATA_STORAGE_CLASS=managed-premium export CPD_SERVICE_STORAGE_CLASS=azurefiles-premium log "Below are Cloud specific deployment parameters," @@ -191,7 +191,7 @@ envsubst /tmp/.dockerconfigjsonexport OCP_INGRESS_TLS_S oc set data secret/pull-secret -n openshift-config --from-file=/tmp/.dockerconfigjson # Run ansible playbook to create azurefiles storage class -log "=== Creating azurefiles-premium Storage class , managed-csi Storage class on OCP cluster ===" +log "=== Creating azurefiles-premium Storage class , managed-premium Storage class on OCP cluster ===" cd $GIT_REPO_HOME/azure/azurefiles ./azurefiles-premium.sh retcode=$? From 6b594491ed1ee0aa718c67bc54224b1d7b982ede Mon Sep 17 00:00:00 2001 From: shajeena Date: Fri, 21 Jun 2024 18:51:21 +0530 Subject: [PATCH 14/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium_aro.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index 8aff1300..c02270c1 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -83,7 +83,7 @@ apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: azurefiles-premium -provisioner: kubernetes.io/azure-file +provisioner: file.csi.azure.com parameters: protocol: nfs location: $deployRegion From b9af2bcacee097b13d294fb9efb812dfaf0149c8 Mon Sep 17 00:00:00 2001 From: shajeena Date: Fri, 21 Jun 2024 21:50:38 +0530 Subject: [PATCH 15/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium_aro.sh | 2 +- azure/azurefiles/managed-premium.yaml | 2 +- init.sh | 6 +++++- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index c02270c1..5bf5cf6a 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -39,7 +39,7 @@ if [[ $checkstoragename == "true" ]]; then --allow-shared-key-access true \ --min-tls-version TLS1_2 \ --location $deployRegion \ - --allow-blob-public-access false \ + --allow-blob-public-access true \ --https-only false \ --bypass AzureServices \ --default-action Deny diff --git a/azure/azurefiles/managed-premium.yaml b/azure/azurefiles/managed-premium.yaml index e650677f..2637511e 100644 --- a/azure/azurefiles/managed-premium.yaml +++ b/azure/azurefiles/managed-premium.yaml @@ -10,4 +10,4 @@ parameters: storageaccounttype: Premium_LRS reclaimPolicy: Delete allowVolumeExpansion: true -volumeBindingMode: WaitForFirstConsumer \ No newline at end of file +volumeBindingMode: WaitForFirstConsumer diff --git a/init.sh b/init.sh index 854e4fc0..60b54897 100644 --- a/init.sh +++ b/init.sh @@ -245,7 +245,11 @@ export CPD_INSTANCE_NAMESPACE="ibm-cpd-${RANDOM_STR}" #CPD_SERVICES_NAMESPACE is used in roles - cp4d, cp4dv3_install, cp4dv3_install_services and suite_dns export CPD_SERVICES_NAMESPACE="cpd-services-${RANDOM_STR}" export DB2WH_INSTANCE_NAME="db2wh-cpd-${RANDOM_STR}" -#export DB2WH_VERSION="11.5.8.0-CN1" +export DB2WH_VERSION="11.5.8.0-cn6" + + +export DB2_LOGS_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS +export DB2_TEMP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export DB2_META_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export DB2_DATA_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export DB2_BACKUP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS From 92ee0471612831ceed87d8e15cd15243ea3029a7 Mon Sep 17 00:00:00 2001 From: shajeena Date: Mon, 24 Jun 2024 16:32:09 +0530 Subject: [PATCH 16/40] DRO changes --- .idea/.gitignore | 3 ++ .idea/libraries/masocp_template_1_0_0.xml | 9 ++++++ .idea/libraries/pre_req_vpc_subnets.xml | 9 ++++++ .idea/misc.xml | 6 ++++ .idea/modules.xml | 8 +++++ .idea/multicloud-bootstrap.iml | 9 ++++++ .idea/vcs.xml | 6 ++++ azure/deploy.sh | 30 ++++++++--------- .../byol-existing-ocp/createUiDefinition.json | 30 ++++++++--------- .../byol-existing-ocp/mainTemplate-dev.json | 14 ++++---- .../byol-existing-ocp/mainTemplate.json | 12 +++---- .../byol-ipi/createUiDefinition.json | 31 +++++++++--------- .../master-arm/byol-ipi/mainTemplate-dev.json | 15 ++++----- azure/master-arm/byol-ipi/mainTemplate.json | 14 ++++---- .../byol-upi/createUiDefinition.json | 30 ++++++++--------- .../master-arm/byol-upi/mainTemplate-dev.json | 14 ++++---- azure/master-arm/byol-upi/mainTemplate.json | 14 ++++---- azure/notify.sh | 6 ++-- get-product-versions.sh | 2 +- helper.sh | 8 ++--- init.sh | 32 +++++++++---------- pre-requisite.sh | 6 ++-- pre-validate.sh | 20 ++++++------ script-functions.bash | 2 +- 24 files changed, 190 insertions(+), 140 deletions(-) create mode 100644 .idea/.gitignore create mode 100644 .idea/libraries/masocp_template_1_0_0.xml create mode 100644 .idea/libraries/pre_req_vpc_subnets.xml create mode 100644 .idea/misc.xml create mode 100644 .idea/modules.xml create mode 100644 .idea/multicloud-bootstrap.iml create mode 100644 .idea/vcs.xml diff --git a/.idea/.gitignore b/.idea/.gitignore new file mode 100644 index 00000000..26d33521 --- /dev/null +++ b/.idea/.gitignore @@ -0,0 +1,3 @@ +# Default ignored files +/shelf/ +/workspace.xml diff --git a/.idea/libraries/masocp_template_1_0_0.xml b/.idea/libraries/masocp_template_1_0_0.xml new file mode 100644 index 00000000..4928ed3b --- /dev/null +++ b/.idea/libraries/masocp_template_1_0_0.xml @@ -0,0 +1,9 @@ + + + + + + + + + \ No newline at end of file diff --git a/.idea/libraries/pre_req_vpc_subnets.xml b/.idea/libraries/pre_req_vpc_subnets.xml new file mode 100644 index 00000000..5791dc7f --- /dev/null +++ b/.idea/libraries/pre_req_vpc_subnets.xml @@ -0,0 +1,9 @@ + + + + + + + + + \ No newline at end of file diff --git a/.idea/misc.xml b/.idea/misc.xml new file mode 100644 index 00000000..639900d1 --- /dev/null +++ b/.idea/misc.xml @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git a/.idea/modules.xml b/.idea/modules.xml new file mode 100644 index 00000000..5a494651 --- /dev/null +++ b/.idea/modules.xml @@ -0,0 +1,8 @@ + + + + + + + + \ No newline at end of file diff --git a/.idea/multicloud-bootstrap.iml b/.idea/multicloud-bootstrap.iml new file mode 100644 index 00000000..d6ebd480 --- /dev/null +++ b/.idea/multicloud-bootstrap.iml @@ -0,0 +1,9 @@ + + + + + + + + + \ No newline at end of file diff --git a/.idea/vcs.xml b/.idea/vcs.xml new file mode 100644 index 00000000..35eb1ddf --- /dev/null +++ b/.idea/vcs.xml @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git a/azure/deploy.sh b/azure/deploy.sh index 1c2883a3..024470c1 100755 --- a/azure/deploy.sh +++ b/azure/deploy.sh @@ -12,8 +12,8 @@ export KAFKA_STORAGE_CLASS=managed-premium SP_NAME="http://${CLUSTER_NAME}-sp" # SLS variables export SLS_STORAGE_CLASS=managed-premium -# UDS variables -export UDS_STORAGE_CLASS=managed-premium +# DRO variables +export DRO_STORAGE_CLASS=managed-premium # CP4D variables export CPD_METADATA_STORAGE_CLASS=managed-premium export CPD_SERVICE_STORAGE_CLASS=azurefiles-premium @@ -23,7 +23,7 @@ log " MONGODB_STORAGE_CLASS: $MONGODB_STORAGE_CLASS" log " KAFKA_STORAGE_CLASS: $KAFKA_STORAGE_CLASS" log " SP_NAME: $SP_NAME" log " SLS_STORAGE_CLASS: $SLS_STORAGE_CLASS" -log " UDS_STORAGE_CLASS: $UDS_STORAGE_CLASS" +log " DRO_STORAGE_CLASS: $DRO_STORAGE_CLASS" log " SSH_PUB_KEY: $SSH_PUB_KEY" ## Download files from S3 bucket # Download MAS license @@ -42,9 +42,9 @@ if [[ ! -z ${SLS_PUB_CERT_URL} ]]; then fi # Download BAS certificate cd $GIT_REPO_HOME -if [[ ! -z ${UDS_PUB_CERT_URL} ]]; then - azcopy copy "${UDS_PUB_CERT_URL}" "uds.crt" - chmod 600 uds.crt +if [[ ! -z ${DRO_PUB_CERT_URL} ]]; then + azcopy copy "${DRO_PUB_CERT_URL}" "dro.crt" + chmod 600 dro.crt fi ## Read License File & Retrive SLS hostname and host id @@ -263,19 +263,19 @@ else log "=== Generated SLS Config YAML ===" fi -# Deploy UDS -if [[ (-z $UDS_API_KEY) || (-z $UDS_ENDPOINT_URL) || (-z $UDS_PUB_CERT_URL) ]]; then - # Deploy UDS - log "==== UDS/DRO deployment started ====" - # uds and gencfg_uds are combined in common uds role +# Deploy DRO +if [[ (-z $DRO_API_KEY) || (-z $DRO_ENDPOINT_URL) || (-z $DRO_PUB_CERT_URL) ]]; then + # Deploy DRO + log "==== DRO/DRO deployment started ====" + # DRO and gencfg_DRO are combined in common DRO role export ROLE_NAME=dro && ansible-playbook ibm.mas_devops.run_role - log "==== UDS deployment completed ====" + log "==== DRO deployment completed ====" else - log "=== Using Existing UDS Deployment ===" - # works when UDS_ENDPOINT_URL is set, handled in same uds role + log "=== Using Existing DRO Deployment ===" + # works when DRO_ENDPOINT_URL is set, handled in same DRO role export ROLE_NAME=dro && ansible-playbook ibm.mas_devops.run_role - log "=== Generated UDS Config YAML ===" + log "=== Generated DRO Config YAML ===" fi # Deploy CP4D diff --git a/azure/master-arm/byol-existing-ocp/createUiDefinition.json b/azure/master-arm/byol-existing-ocp/createUiDefinition.json index 73d81606..e61d3f3f 100644 --- a/azure/master-arm/byol-existing-ocp/createUiDefinition.json +++ b/azure/master-arm/byol-existing-ocp/createUiDefinition.json @@ -293,39 +293,39 @@ "visible": true }, { - "name": "udsEndpointUrl", + "name": "DROEndpointUrl", "type": "Microsoft.Common.TextBox", - "label": "UDS endpoint URL", + "label": "DRO endpoint URL", "defaultValue": "", - "toolTip": "Enter the endpoint URL that you retrieved from the 'uds-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end.", + "toolTip": "Enter the endpoint URL that you retrieved from the 'DRO-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end.", "constraints": { - "required": "[or(not(empty(steps('ExistingInfrastructure').udsAPIKey)), not(empty(steps('ExistingInfrastructure').udsPublicCertificateUrl)))]", + "required": "[or(not(empty(steps('ExistingInfrastructure').droAPIKey)), not(empty(steps('ExistingInfrastructure').droPublicCertificateUrl)))]", "regex": "^[A-Za-z0-9-\\\\\\s!#@.:=?<>”$%&’()*+,/;[\\^_`{|}~\\]]*$", "validationMessage": "Contain letters, numbers and special characters only." }, "visible": true }, { - "name": "udsAPIKey", + "name": "DROAPIKey", "type": "Microsoft.Common.TextBox", - "label": "UDS API key", + "label": "DRO API key", "defaultValue": "", - "toolTip": "Enter the service's API key that you retrieved from the 'uds-api-key' secret in the ibm-common-services namespace.", + "toolTip": "Enter the service's API key that you retrieved from the 'dro-api-key' secret in the ibm-common-services namespace.", "constraints": { - "required": "[or(not(empty(steps('ExistingInfrastructure').udsEndpointUrl)), not(empty(steps('ExistingInfrastructure').udsPublicCertificateUrl)))]", + "required": "[or(not(empty(steps('ExistingInfrastructure').droEndpointUrl)), not(empty(steps('ExistingInfrastructure').droPublicCertificateUrl)))]", "regex": "^[A-Za-z0-9-\\\\\\s!#@.:=?<>”$%&’()*+,/;[\\^_`{|}~\\]]*$", "validationMessage": "Contain letters, numbers and special characters only." }, "visible": true }, { - "name": "udsPublicCertificateUrl", + "name": "DROPublicCertificateUrl", "type": "Microsoft.Common.TextBox", - "label": "UDS public certificate URL", + "label": "DRO public certificate URL", "defaultValue": "", - "toolTip": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-uds-cfg' route in the MAS core namespace.", + "toolTip": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-dro-cfg' route in the MAS core namespace.", "constraints": { - "required": "[or(not(empty(steps('ExistingInfrastructure').udsEndpointUrl)), not(empty(steps('ExistingInfrastructure').udsAPIKey)))]", + "required": "[or(not(empty(steps('ExistingInfrastructure').droEndpointUrl)), not(empty(steps('ExistingInfrastructure').droAPIKey)))]", "regex": "^[A-Za-z0-9-\\\\\\s!#@.:=?<>”$%&’()*+,/;[\\^_`{|}~\\]]*$", "validationMessage": "Contain letters, numbers and special characters only." }, @@ -567,9 +567,9 @@ "slsEndpointUrl": "[steps('ExistingInfrastructure').slsEndpointUrl]", "slsRegistrationKey": "[steps('ExistingInfrastructure').slsRegistrationKey]", "slsPublicCertificateUrl": "[steps('ExistingInfrastructure').slsPublicCertificateUrl]", - "udsEndpointUrl": "[steps('ExistingInfrastructure').udsEndpointUrl]", - "udsAPIKey": "[steps('ExistingInfrastructure').udsAPIKey]", - "udsPublicCertificateUrl": "[steps('ExistingInfrastructure').udsPublicCertificateUrl]", + "droEndpointUrl": "[steps('ExistingInfrastructure').droEndpointUrl]", + "droAPIKey": "[steps('ExistingInfrastructure').droAPIKey]", + "droPublicCertificateUrl": "[steps('ExistingInfrastructure').droPublicCertificateUrl]", "masManageDBUser": "[steps('DatabaseSettings').masManageDBUser]", diff --git a/azure/master-arm/byol-existing-ocp/mainTemplate-dev.json b/azure/master-arm/byol-existing-ocp/mainTemplate-dev.json index 345550ff..cf1994db 100755 --- a/azure/master-arm/byol-existing-ocp/mainTemplate-dev.json +++ b/azure/master-arm/byol-existing-ocp/mainTemplate-dev.json @@ -220,24 +220,24 @@ }, "defaultValue": "" }, - "udsEndpointUrl": { + "droEndpointUrl": { "type": "string", "metadata": { - "description": "Enter the endpoint URL that you retrieved from the 'uds-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." + "description": "Enter the endpoint URL that you retrieved from the 'dro-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." }, "defaultValue": "" }, - "udsAPIKey": { + "droAPIKey": { "type": "string", "metadata": { - "description": "Enter the service's API key that you retrieved from the 'uds-api-key' secret in the ibm-common-services namespace." + "description": "Enter the service's API key that you retrieved from the 'dro-api-key' secret in the ibm-common-services namespace." }, "defaultValue": "" }, - "udsPublicCertificateUrl": { + "droPublicCertificateUrl": { "type": "string", "metadata": { - "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-uds-cfg' route in the MAS core namespace." + "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-dro-cfg' route in the MAS core namespace." }, "defaultValue": "" }, @@ -594,7 +594,7 @@ "typeHandlerVersion": "2.0", "autoUpgradeMinorVersion": true, "protectedSettings": { - "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('hostedDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('udsEndpointUrl'), ''' ''', parameters('udsAPIKey'), ''' ''', parameters('udsPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' ''', parameters('openShiftClusterApiUrl'), ''' ''', parameters('openShiftUser'), ''' ''', parameters('openShiftPwd'), ''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null ''',parameters('BootNodeVnetId'),''' '''' null null null null null null null ''', parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''',parameters('DBProvisionedVPCId'),''' ''',parameters('ExocpProvisionedVPCId'),''' '''' ''',parameters('masManageTablespace'),''' dev ''', ''' > mas-provisioning.log 2>&1;')]" + "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('hostedDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('droEndpointUrl'), ''' ''', parameters('droAPIKey'), ''' ''', parameters('droPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' ''', parameters('openShiftClusterApiUrl'), ''' ''', parameters('openShiftUser'), ''' ''', parameters('openShiftPwd'), ''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null ''',parameters('BootNodeVnetId'),''' '''' null null null null null null null ''', parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''',parameters('DBProvisionedVPCId'),''' ''',parameters('ExocpProvisionedVPCId'),''' '''' ''',parameters('masManageTablespace'),''' dev ''', ''' > mas-provisioning.log 2>&1;')]" } } } diff --git a/azure/master-arm/byol-existing-ocp/mainTemplate.json b/azure/master-arm/byol-existing-ocp/mainTemplate.json index d3e086cb..bfb93de6 100644 --- a/azure/master-arm/byol-existing-ocp/mainTemplate.json +++ b/azure/master-arm/byol-existing-ocp/mainTemplate.json @@ -223,21 +223,21 @@ "udsEndpointUrl": { "type": "string", "metadata": { - "description": "Enter the endpoint URL that you retrieved from the 'uds-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." + "description": "Enter the endpoint URL that you retrieved from the 'dro-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." }, "defaultValue": "" }, - "udsAPIKey": { + "droAPIKey": { "type": "string", "metadata": { - "description": "Enter the service's API key that you retrieved from the 'uds-api-key' secret in the ibm-common-services namespace." + "description": "Enter the service's API key that you retrieved from the 'dro-api-key' secret in the ibm-common-services namespace." }, "defaultValue": "" }, - "udsPublicCertificateUrl": { + "droPublicCertificateUrl": { "type": "string", "metadata": { - "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-uds-cfg' route in the MAS core namespace." + "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-dro-cfg' route in the MAS core namespace." }, "defaultValue": "" }, @@ -600,7 +600,7 @@ "typeHandlerVersion": "2.0", "autoUpgradeMinorVersion": true, "protectedSettings": { - "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('hostedDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('udsEndpointUrl'), ''' ''', parameters('udsAPIKey'), ''' ''', parameters('udsPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' ''', parameters('openShiftClusterApiUrl'), ''' ''', parameters('openShiftUser'), ''' ''', parameters('openShiftPwd'), ''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null ''',parameters('BootNodeVnetId'),''' '''' null null null null null null null ''', parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''',parameters('DBProvisionedVPCId'),''' ''',parameters('ExocpProvisionedVPCId'),''' '''' ''',parameters('masManageTablespace'),''' prod ''', ''' > mas-provisioning.log 2>&1;')]" + "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('hostedDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('droEndpointUrl'), ''' ''', parameters('droAPIKey'), ''' ''', parameters('droPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' ''', parameters('openShiftClusterApiUrl'), ''' ''', parameters('openShiftUser'), ''' ''', parameters('openShiftPwd'), ''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null ''',parameters('BootNodeVnetId'),''' '''' null null null null null null null ''', parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''',parameters('DBProvisionedVPCId'),''' ''',parameters('ExocpProvisionedVPCId'),''' '''' ''',parameters('masManageTablespace'),''' prod ''', ''' > mas-provisioning.log 2>&1;')]" } } } diff --git a/azure/master-arm/byol-ipi/createUiDefinition.json b/azure/master-arm/byol-ipi/createUiDefinition.json index 8576dbce..a05c9948 100644 --- a/azure/master-arm/byol-ipi/createUiDefinition.json +++ b/azure/master-arm/byol-ipi/createUiDefinition.json @@ -267,39 +267,40 @@ "visible": true }, { - "name": "udsEndpointUrl", + "name": "", + "type": "Microsoft.Common.TextBox", - "label": "UDS endpoint URL", + "label": "DRO endpoint URL", "defaultValue": "", - "toolTip": "Enter the endpoint URL that you retrieved from the 'uds-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end.", + "toolTip": "Enter the endpoint URL that you retrieved from the 'dro-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end.", "constraints": { - "required": "[or(not(empty(steps('ExistingInfrastructure').udsAPIKey)), not(empty(steps('ExistingInfrastructure').udsPublicCertificateUrl)))]", + "required": "[or(not(empty(steps('ExistingInfrastructure').droAPIKey)), not(empty(steps('ExistingInfrastructure').droPublicCertificateUrl)))]", "regex": "^[A-Za-z0-9-\\\\\\s!#@.:=?<>”$%&’()*+,/;[\\^_`{|}~\\]]*$", "validationMessage": "Contain letters, numbers and special characters only." }, "visible": true }, { - "name": "udsAPIKey", + "name": "droAPIKey", "type": "Microsoft.Common.TextBox", - "label": "UDS API key", + "label": "DRO API key", "defaultValue": "", - "toolTip": "Enter the service's API key that you retrieved from the 'uds-api-key' secret in the ibm-common-services namespace.", + "toolTip": "Enter the service's API key that you retrieved from the 'dro-api-key' secret in the ibm-common-services namespace.", "constraints": { - "required": "[or(not(empty(steps('ExistingInfrastructure').udsEndpointUrl)), not(empty(steps('ExistingInfrastructure').udsPublicCertificateUrl)))]", + "required": "[or(not(empty(steps('ExistingInfrastructure').droEndpointUrl)), not(empty(steps('ExistingInfrastructure').droPublicCertificateUrl)))]", "regex": "^[A-Za-z0-9-\\\\\\s!#@.:=?<>”$%&’()*+,/;[\\^_`{|}~\\]]*$", "validationMessage": "Contain letters, numbers and special characters only." }, "visible": true }, { - "name": "udsPublicCertificateUrl", + "name": "droPublicCertificateUrl", "type": "Microsoft.Common.TextBox", - "label": "UDS public certificate URL", + "label": "DRO public certificate URL", "defaultValue": "", - "toolTip": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-uds-cfg' route in the MAS core namespace.", + "toolTip": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-dro-cfg' route in the MAS core namespace.", "constraints": { - "required": "[or(not(empty(steps('ExistingInfrastructure').udsEndpointUrl)), not(empty(steps('ExistingInfrastructure').udsAPIKey)))]", + "required": "[or(not(empty(steps('ExistingInfrastructure').droEndpointUrl)), not(empty(steps('ExistingInfrastructure').droAPIKey)))]", "regex": "^[A-Za-z0-9-\\\\\\s!#@.:=?<>”$%&’()*+,/;[\\^_`{|}~\\]]*$", "validationMessage": "Contain letters, numbers and special characters only." }, @@ -526,9 +527,9 @@ "slsEndpointUrl": "[steps('ExistingInfrastructure').slsEndpointUrl]", "slsRegistrationKey": "[steps('ExistingInfrastructure').slsRegistrationKey]", "slsPublicCertificateUrl": "[steps('ExistingInfrastructure').slsPublicCertificateUrl]", - "udsEndpointUrl": "[steps('ExistingInfrastructure').udsEndpointUrl]", - "udsAPIKey": "[steps('ExistingInfrastructure').udsAPIKey]", - "udsPublicCertificateUrl": "[steps('ExistingInfrastructure').udsPublicCertificateUrl]", + "droEndpointUrl": "[steps('ExistingInfrastructure').droEndpointUrl]", + "droAPIKey": "[steps('ExistingInfrastructure').droAPIKey]", + "droPublicCertificateUrl": "[steps('ExistingInfrastructure').droPublicCertificateUrl]", "masManageDBUser": "[steps('DatabaseSettings').masManageDBUser]", diff --git a/azure/master-arm/byol-ipi/mainTemplate-dev.json b/azure/master-arm/byol-ipi/mainTemplate-dev.json index 0cd57780..8efb0f61 100755 --- a/azure/master-arm/byol-ipi/mainTemplate-dev.json +++ b/azure/master-arm/byol-ipi/mainTemplate-dev.json @@ -19,7 +19,6 @@ "type": "string", "metadata": { "description": "adminUserName" - }, "defaultValue": "azureuser", "allowedValues": [ "azureuser" @@ -185,24 +184,24 @@ }, "defaultValue": "" }, - "udsEndpointUrl": { + "droEndpointUrl": { "type": "string", "metadata": { - "description": "Enter the endpoint URL that you retrieved from the 'uds-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." + "description": "Enter the endpoint URL that you retrieved from the 'dro-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." }, "defaultValue": "" }, - "udsAPIKey": { + "droAPIKey": { "type": "string", "metadata": { - "description": "Enter the service's API key that you retrieved from the 'uds-api-key' secret in the ibm-common-services namespace." + "description": "Enter the service's API key that you retrieved from the 'dro-api-key' secret in the ibm-common-services namespace." }, "defaultValue": "" }, - "udsPublicCertificateUrl": { + "droPublicCertificateUrl": { "type": "string", "metadata": { - "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-uds-cfg' route in the MAS core namespace." + "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-dro-cfg' route in the MAS core namespace." }, "defaultValue": "" }, @@ -542,7 +541,7 @@ "typeHandlerVersion": "2.0", "autoUpgradeMinorVersion": true, "protectedSettings": { - "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('publicDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('udsEndpointUrl'), ''' ''', parameters('udsAPIKey'), ''' ''', parameters('udsPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' '''' '''' '''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null '''' '''' null null null null null null null ''', parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''',parameters('DBProvisionedVPCId'),''' '''' '''' ''',parameters('masManageTablespace'),''' dev ''', ''' > mas-provisioning.log 2>&1;')]" + "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('publicDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('droEndpointUrl'), ''' ''', parameters('droAPIKey'), ''' ''', parameters('droPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' '''' '''' '''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null '''' '''' null null null null null null null ''', parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''',parameters('DBProvisionedVPCId'),''' '''' '''' ''',parameters('masManageTablespace'),''' dev ''', ''' > mas-provisioning.log 2>&1;')]" } } } diff --git a/azure/master-arm/byol-ipi/mainTemplate.json b/azure/master-arm/byol-ipi/mainTemplate.json index 1f09ebdd..b9c515cd 100644 --- a/azure/master-arm/byol-ipi/mainTemplate.json +++ b/azure/master-arm/byol-ipi/mainTemplate.json @@ -186,24 +186,24 @@ }, "defaultValue": "" }, - "udsEndpointUrl": { + "droEndpointUrl": { "type": "string", "metadata": { - "description": "Enter the endpoint URL that you retrieved from the 'uds-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." + "description": "Enter the endpoint URL that you retrieved from the 'dro-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." }, "defaultValue": "" }, - "udsAPIKey": { + "droAPIKey": { "type": "string", "metadata": { - "description": "Enter the service's API key that you retrieved from the 'uds-api-key' secret in the ibm-common-services namespace." + "description": "Enter the service's API key that you retrieved from the 'dro-api-key' secret in the ibm-common-services namespace." }, "defaultValue": "" }, - "udsPublicCertificateUrl": { + "droPublicCertificateUrl": { "type": "string", "metadata": { - "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-uds-cfg' route in the MAS core namespace." + "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-dro-cfg' route in the MAS core namespace." }, "defaultValue": "" }, @@ -549,7 +549,7 @@ "typeHandlerVersion": "2.0", "autoUpgradeMinorVersion": true, "protectedSettings": { - "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('publicDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('udsEndpointUrl'), ''' ''', parameters('udsAPIKey'), ''' ''', parameters('udsPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' '''' '''' '''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null '''' '''' null null null null null null null ''', parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''',parameters('DBProvisionedVPCId'),''' '''' '''' ''',parameters('masManageTablespace'),''' prod ''', ''' > mas-provisioning.log 2>&1;')]" + "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('publicDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('droEndpointUrl'), ''' ''', parameters('droAPIKey'), ''' ''', parameters('droPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' '''' '''' '''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null '''' '''' null null null null null null null ''', parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''',parameters('DBProvisionedVPCId'),''' '''' '''' ''',parameters('masManageTablespace'),''' prod ''', ''' > mas-provisioning.log 2>&1;')]" } } } diff --git a/azure/master-arm/byol-upi/createUiDefinition.json b/azure/master-arm/byol-upi/createUiDefinition.json index 60bf2ee2..83fddb3f 100644 --- a/azure/master-arm/byol-upi/createUiDefinition.json +++ b/azure/master-arm/byol-upi/createUiDefinition.json @@ -333,39 +333,39 @@ "visible": true }, { - "name": "udsEndpointUrl", + "name": "droEndpointUrl", "type": "Microsoft.Common.TextBox", - "label": "UDS endpoint URL", + "label": "DRO endpoint URL", "defaultValue": "", - "toolTip": "Enter the endpoint URL that you retrieved from the 'uds-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end.", + "toolTip": "Enter the endpoint URL that you retrieved from the 'dro-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end.", "constraints": { - "required": "[or(not(empty(steps('ExistingInfrastructure').udsAPIKey)), not(empty(steps('ExistingInfrastructure').udsPublicCertificateUrl)))]", + "required": "[or(not(empty(steps('ExistingInfrastructure').droAPIKey)), not(empty(steps('ExistingInfrastructure').droPublicCertificateUrl)))]", "regex": "^[A-Za-z0-9-\\\\\\s!#@.:=?<>”$%&’()*+,/;[\\^_`{|}~\\]]*$", "validationMessage": "Contain letters, numbers and special characters only." }, "visible": true }, { - "name": "udsAPIKey", + "name": "droAPIKey", "type": "Microsoft.Common.TextBox", - "label": "UDS API key", + "label": "DRO API key", "defaultValue": "", - "toolTip": "Enter the service's API key that you retrieved from the 'uds-api-key' secret in the ibm-common-services namespace.", + "toolTip": "Enter the service's API key that you retrieved from the 'dro-api-key' secret in the ibm-common-services namespace.", "constraints": { - "required": "[or(not(empty(steps('ExistingInfrastructure').udsEndpointUrl)), not(empty(steps('ExistingInfrastructure').udsPublicCertificateUrl)))]", + "required": "[or(not(empty(steps('ExistingInfrastructure').droEndpointUrl)), not(empty(steps('ExistingInfrastructure').droPublicCertificateUrl)))]", "regex": "^[A-Za-z0-9-\\\\\\s!#@.:=?<>”$%&’()*+,/;[\\^_`{|}~\\]]*$", "validationMessage": "Contain letters, numbers and special characters only." }, "visible": true }, { - "name": "udsPublicCertificateUrl", + "name": "droPublicCertificateUrl", "type": "Microsoft.Common.TextBox", - "label": "UDS public certificate URL", + "label": "DRO public certificate URL", "defaultValue": "", - "toolTip": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-uds-cfg' route in the MAS core namespace.", + "toolTip": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-dro-cfg' route in the MAS core namespace.", "constraints": { - "required": "[or(not(empty(steps('ExistingInfrastructure').udsEndpointUrl)), not(empty(steps('ExistingInfrastructure').udsAPIKey)))]", + "required": "[or(not(empty(steps('ExistingInfrastructure').droEndpointUrl)), not(empty(steps('ExistingInfrastructure').droAPIKey)))]", "regex": "^[A-Za-z0-9-\\\\\\s!#@.:=?<>”$%&’()*+,/;[\\^_`{|}~\\]]*$", "validationMessage": "Contain letters, numbers and special characters only." }, @@ -596,9 +596,9 @@ "slsEndpointUrl": "[steps('ExistingInfrastructure').slsEndpointUrl]", "slsRegistrationKey": "[steps('ExistingInfrastructure').slsRegistrationKey]", "slsPublicCertificateUrl": "[steps('ExistingInfrastructure').slsPublicCertificateUrl]", - "udsEndpointUrl": "[steps('ExistingInfrastructure').udsEndpointUrl]", - "udsAPIKey": "[steps('ExistingInfrastructure').udsAPIKey]", - "udsPublicCertificateUrl": "[steps('ExistingInfrastructure').udsPublicCertificateUrl]", + "droEndpointUrl": "[steps('ExistingInfrastructure').droEndpointUrl]", + "droAPIKey": "[steps('ExistingInfrastructure').droAPIKey]", + "droPublicCertificateUrl": "[steps('ExistingInfrastructure').droPublicCertificateUrl]", "masManageDBUser": "[steps('DatabaseSettings').masManageDBUser]", diff --git a/azure/master-arm/byol-upi/mainTemplate-dev.json b/azure/master-arm/byol-upi/mainTemplate-dev.json index 83e32802..ae58a96d 100755 --- a/azure/master-arm/byol-upi/mainTemplate-dev.json +++ b/azure/master-arm/byol-upi/mainTemplate-dev.json @@ -193,24 +193,24 @@ }, "defaultValue": "" }, - "udsEndpointUrl": { + "droEndpointUrl": { "type": "string", "metadata": { - "description": "Enter the endpoint URL that you retrieved from the 'uds-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." + "description": "Enter the endpoint URL that you retrieved from the 'dro-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." }, "defaultValue": "" }, - "udsAPIKey": { + "droAPIKey": { "type": "string", "metadata": { - "description": "Enter the service's API key that you retrieved from the 'uds-api-key' secret in the ibm-common-services namespace." + "description": "Enter the service's API key that you retrieved from the 'dro-api-key' secret in the ibm-common-services namespace." }, "defaultValue": "" }, - "udsPublicCertificateUrl": { + "droPublicCertificateUrl": { "type": "string", "metadata": { - "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-uds-cfg' route in the MAS core namespace." + "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-dro-cfg' route in the MAS core namespace." }, "defaultValue": "" }, @@ -579,7 +579,7 @@ "typeHandlerVersion": "2.0", "autoUpgradeMinorVersion": true, "protectedSettings": { - "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('HostedDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('udsEndpointUrl'), ''' ''', parameters('udsAPIKey'), ''' ''', parameters('udsPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' '''' '''' '''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null ''', parameters('openShiftClustervnetId'), ''' '''' null null null null null null ''', parameters('privateCluster'),''' ''' ,parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''' ,parameters('DBProvisionedVPCId'),''' '''' '''' ''',parameters('masManageTablespace'),''' dev ''', ''' > mas-provisioning.log 2>&1;')]" + "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('HostedDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('droEndpointUrl'), ''' ''', parameters('droAPIKey'), ''' ''', parameters('droPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' '''' '''' '''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null ''', parameters('openShiftClustervnetId'), ''' '''' null null null null null null ''', parameters('privateCluster'),''' ''' ,parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''' ,parameters('DBProvisionedVPCId'),''' '''' '''' ''',parameters('masManageTablespace'),''' dev ''', ''' > mas-provisioning.log 2>&1;')]" } } } diff --git a/azure/master-arm/byol-upi/mainTemplate.json b/azure/master-arm/byol-upi/mainTemplate.json index 946af4ba..332f3359 100644 --- a/azure/master-arm/byol-upi/mainTemplate.json +++ b/azure/master-arm/byol-upi/mainTemplate.json @@ -193,24 +193,24 @@ }, "defaultValue": "" }, - "udsEndpointUrl": { + "droEndpointUrl": { "type": "string", "metadata": { - "description": "Enter the endpoint URL that you retrieved from the 'uds-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." + "description": "Enter the endpoint URL that you retrieved from the 'dro-endpoint' OpenShift route in the ibm-common-services namespace. URL should not have slash (/) at the end." }, "defaultValue": "" }, - "udsAPIKey": { + "droAPIKey": { "type": "string", "metadata": { - "description": "Enter the service's API key that you retrieved from the 'uds-api-key' secret in the ibm-common-services namespace." + "description": "Enter the service's API key that you retrieved from the 'dro-api-key' secret in the ibm-common-services namespace." }, "defaultValue": "" }, - "udsPublicCertificateUrl": { + "droPublicCertificateUrl": { "type": "string", "metadata": { - "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-uds-cfg' route in the MAS core namespace." + "description": "Enter the URL (preferebly with SAS token) of the service's public certificate that you retrieved from the 'ca-bundle.pem' file in the '-dro-cfg' route in the MAS core namespace." }, "defaultValue": "" }, @@ -584,7 +584,7 @@ "typeHandlerVersion": "2.0", "autoUpgradeMinorVersion": true, "protectedSettings": { - "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('HostedDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('udsEndpointUrl'), ''' ''', parameters('udsAPIKey'), ''' ''', parameters('udsPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' '''' '''' '''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null ''', parameters('openShiftClustervnetId'), ''' '''' null null null null null null ''', parameters('privateCluster'),''' ''' ,parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''' ,parameters('DBProvisionedVPCId'),''' '''' '''' ''',parameters('masManageTablespace'),''' prod ''', ''' > mas-provisioning.log 2>&1;')]" + "commandToExecute": "[concat('sleep 120;', 'cd /root/ansible-devops/multicloud-bootstrap;', './init-async.sh azure ''', parameters('offeringType'), ''' ''', parameters('location'), ''' null ''', parameters('clusterSize'), ''' ''', variables('projectName'), ''' ''', parameters('HostedDomain'), ''' null ''', parameters('sshPublicKey'), ''' null ''', parameters('entitledRegistryKey'), ''' ''', parameters('openShiftPullSecret'), ''' ''', parameters('masLicenseUrl'), ''' ''', parameters('slsEndpointUrl'), ''' ''', parameters('slsRegistrationKey'), ''' ''', parameters('slsPublicCertificateUrl'), ''' ''', parameters('droEndpointUrl'), ''' ''', parameters('droAPIKey'), ''' ''', parameters('droPublicCertificateUrl'), ''' ''', parameters('masManageDBUser'), ''' ''', parameters('masManageDBPassword'), ''' ''', parameters('masManageDBJdbcUrl'), ''' ''', parameters('masManageDBCertificateUrl'), ''' ''', parameters('importDemoData'), ''' '''' '''' '''' ''', variables('rgName'), ''' ''', parameters('emailNotification'), ''' ''', parameters('notificattionEmailAddress'), ''' ''', parameters('smtpHost'), ''' ''', parameters('smtpPort'), ''' ''', parameters('smtpUsername'), ''' ''', parameters('smtpPassword'), ''' ''', parameters('azureServicePrincipalClientId'), ''' ''', parameters('azureServicePrincipalClientSecret'), ''' ''', parameters('subscriptionId'), ''' ''', parameters('azureServicePrincipalTenantId'), ''' null null null null ''', parameters('openShiftClustervnetId'), ''' '''' null null null null null null ''', parameters('privateCluster'),''' ''' ,parameters('operationalMode'), ''' '''' '''' '''' '''' '''' '''' '''' '''' ''' ,parameters('DBProvisionedVPCId'),''' '''' '''' ''',parameters('masManageTablespace'),''' prod ''', ''' > mas-provisioning.log 2>&1;')]" } } } diff --git a/azure/notify.sh b/azure/notify.sh index e0f54854..90647213 100755 --- a/azure/notify.sh +++ b/azure/notify.sh @@ -17,9 +17,9 @@ if [[ $STATUS == "SUCCESS" ]]; then get_sls_endpoint_url $RANDOM_STR log " CALL_SLS_URL=$CALL_SLS_URL" fi - if [[ -z $UDS_ENDPOINT_URL ]]; then - get_uds_endpoint_url $RANDOM_STR - log " CALL_UDS_URL=$CALL_UDS_URL" + if [[ -z $DRO_ENDPOINT_URL ]]; then + get_dro_endpoint_url $RANDOM_STR + log " CALL_DRO_URL=$CALL_DRO_URL" fi get_mas_creds $RANDOM_STR log " MAS_USER=$MAS_USER" diff --git a/get-product-versions.sh b/get-product-versions.sh index e174f36d..9d37b20c 100755 --- a/get-product-versions.sh +++ b/get-product-versions.sh @@ -13,7 +13,7 @@ log " Foundational services version is $cpfs_version" # CP4D (if installed) # Cert Manager # SLS -# UDS +# DRO VersionsArray=( ibm-cert-manager-operator user-data-services-operator cpd-platform-operator ibm-sls ) for val in ${VersionsArray[@]}; do diff --git a/helper.sh b/helper.sh index 5da6261f..1fffb978 100644 --- a/helper.sh +++ b/helper.sh @@ -69,12 +69,12 @@ get_sls_registration_key() { } -get_uds_endpoint_url() { +get_dro_endpoint_url() { uniqstr=$1 - export CALL_UDS_URL="https:\/\/$(oc get route uds-endpoint -n ibm-common-services | grep "uds" | awk {'print $2'})" + export CALL_DRO_URL="https:\/\/$(oc get route dro-endpoint -n ibm-common-services | grep "dro" | awk {'print $2'})" } -get_uds_api_key() { +get_dro_api_key() { uniqstr=$1 } @@ -100,7 +100,7 @@ mark_provisioning_failed() { elif [[ $retcode -eq 15 ]]; then export STATUS_MSG="Please provide all the inputs to use existing SLS." elif [[ $retcode -eq 16 ]]; then - export STATUS_MSG="Please provide all the inputs to use existing UDS." + export STATUS_MSG="Please provide all the inputs to use existing DRO." elif [[ $retcode -eq 17 ]]; then export STATUS_MSG="Please provide OCP pull secret." elif [[ $retcode -eq 18 ]]; then diff --git a/init.sh b/init.sh index 60b54897..e9583293 100644 --- a/init.sh +++ b/init.sh @@ -20,9 +20,9 @@ export MAS_LICENSE_URL=${13} export SLS_URL=${14} export SLS_REGISTRATION_KEY=${15} export SLS_PUB_CERT_URL=${16} -export UDS_ENDPOINT_URL=${17} -export UDS_API_KEY=${18} -export UDS_PUB_CERT_URL=${19} +export DRO_ENDPOINT_URL=${17} +export DRO_API_KEY=${18} +export DRO_PUB_CERT_URL=${19} export MAS_JDBC_USER=${20} export MAS_JDBC_PASSWORD=${21} export MAS_JDBC_URL=${22} @@ -80,8 +80,8 @@ export -f retrieve_mas_ca_cert export -f mark_provisioning_failed export -f get_sls_endpoint_url export -f get_sls_registration_key -export -f get_uds_endpoint_url -export -f get_uds_api_key +export -f get_dro_endpoint_url +export -f get_dro_api_key export -f validate_prouduct_type export GIT_REPO_HOME=$(pwd) @@ -213,18 +213,18 @@ fi export SLS_TLS_CERT_LOCAL_FILE_PATH="${GIT_REPO_HOME}/sls.crt" export SLS_INSTANCE_NAME="masocp-${RANDOM_STR}" -# UDS variables +# DRO variables if [[ $CLUSTER_TYPE == "aws" ]]; then - export UDS_STORAGE_CLASS="gp2" + export DRO_STORAGE_CLASS="gp2" elif [[ $CLUSTER_TYPE == "azure" ]]; then - export UDS_STORAGE_CLASS="managed-premium" + export DRO_STORAGE_CLASS="managed-premium" export DRO_STORAGE_CLASS="managed-premium" fi export DRO_CONTACT_EMAIL="dro.support@ibm.com" export DRO_CONTACT_FIRSTNAME=dro export DRO_CONTACT_LASTNAME=Support -export UDS_TLS_CERT_LOCAL_FILE_PATH="${GIT_REPO_HOME}/uds.crt" +export DRO_TLS_CERT_LOCAL_FILE_PATH="${GIT_REPO_HOME}/dro.crt" # CP4D variables export CPD_ENTITLEMENT_KEY=$SLS_ENTITLEMENT_KEY export CPD_VERSION=cpd40 @@ -353,9 +353,9 @@ log " MAS_LICENSE_URL: $MAS_LICENSE_URL" log " SLS_URL: $SLS_URL" log " SLS_REGISTRATION_KEY: $SLS_REGISTRATION_KEY" log " SLS_PUB_CERT_URL: $SLS_PUB_CERT_URL" -log " UDS_ENDPOINT_URL: $UDS_ENDPOINT_URL" -log " UDS_API_KEY: $UDS_API_KEY" -log " UDS_PUB_CERT_URL: $UDS_PUB_CERT_URL" +log " DRO_ENDPOINT_URL: $DRO_ENDPOINT_URL" +log " DRO_API_KEY: $DRO_API_KEY" +log " DRO_PUB_CERT_URL: $DRO_PUB_CERT_URL" log " MAS_JDBC_USER: $MAS_JDBC_USER" log " MAS_JDBC_URL: $MAS_JDBC_URL" log " MAS_JDBC_CERT_URL: $MAS_JDBC_CERT_URL" @@ -414,10 +414,10 @@ log " KAFKA_NAMESPACE: $KAFKA_NAMESPACE" log " KAFKA_CLUSTER_NAME: $KAFKA_CLUSTER_NAME" log " KAFKA_CLUSTER_SIZE: $KAFKA_CLUSTER_SIZE" log " KAFKA_USER_NAME: $KAFKA_USER_NAME" -log " UDS_STORAGE_CLASS: $UDS_STORAGE_CLASS" -log " UDS_CONTACT_EMAIL: $UDS_CONTACT_EMAIL" -log " UDS_CONTACT_FIRSTNAME: $UDS_CONTACT_FIRSTNAME" -log " UDS_CONTACT_LASTNAME: $UDS_CONTACT_LASTNAME" +log " DRO_STORAGE_CLASS: $DRO_STORAGE_CLASS" +log " DRO_CONTACT_EMAIL: $DRO_CONTACT_EMAIL" +log " DRO_CONTACT_FIRSTNAME: $DRO_CONTACT_FIRSTNAME" +log " DRO_CONTACT_LASTNAME: $DRO_CONTACT_LASTNAME" log " CPD_PRIMARY_STORAGE_CLASS: $CPD_PRIMARY_STORAGE_CLASS" log " CPD_PRODUCT_VERSION: $CPD_PRODUCT_VERSION" log " MAS_APP_ID: $MAS_APP_ID" diff --git a/pre-requisite.sh b/pre-requisite.sh index 5547d991..db0489f3 100755 --- a/pre-requisite.sh +++ b/pre-requisite.sh @@ -83,15 +83,15 @@ fi export SLS_MONGODB_CFG_FILE="${MAS_CONFIG_DIR}/mongo-${MONGODB_NAMESPACE}.yml" log " SLS_MONGODB_CFG_FILE: $SLS_MONGODB_CFG_FILE" -# Skip UDS check in case of external UDS details are provided -if [[ (-z $UDS_API_KEY) || (-z $UDS_ENDPOINT_URL) || (-z $UDS_PUB_CERT_URL) ]]; then +# Skip DRO check in case of external DRO details are provided +if [[ (-z $DRO_API_KEY) || (-z $DRO_ENDPOINT_URL) || (-z $DRO_PUB_CERT_URL) ]]; then getOPNamespace user-data-services-operator retcode=$? if [[ $retcode -eq 29 ]]; then return $retcode fi else - log "=== Using External UDS Deployment ===" + log "=== Using External DRO Deployment ===" fi arr=(ibm-cert-manager-operator) diff --git a/pre-validate.sh b/pre-validate.sh index efa767ef..8ba97f96 100644 --- a/pre-validate.sh +++ b/pre-validate.sh @@ -169,21 +169,21 @@ else fi fi -# Check if all the existing UDS inputs are provided -if [[ (-z $UDS_API_KEY) && (-z $UDS_ENDPOINT_URL) && (-z $UDS_PUB_CERT_URL) ]]; then - log "=== New UDS Will be deployed ===" +# Check if all the existing DRO inputs are provided +if [[ (-z $DRO_API_KEY) && (-z $DRO_ENDPOINT_URL) && (-z $DRO_PUB_CERT_URL) ]]; then + log "=== New DRO Will be deployed ===" else - if [ -z "$UDS_API_KEY" ]; then - log "ERROR: UDS API Key is not specified" + if [ -z "$DRO_API_KEY" ]; then + log "ERROR: DRO API Key is not specified" SCRIPT_STATUS=16 - elif [ -z "$UDS_ENDPOINT_URL" ]; then - log "ERROR: UDS Endpoint URL is not specified" + elif [ -z "$DRO_ENDPOINT_URL" ]; then + log "ERROR: DRO Endpoint URL is not specified" SCRIPT_STATUS=16 - elif [ -z "$UDS_PUB_CERT_URL" ]; then - log "ERROR: UDS Public Cerificate URL is not specified" + elif [ -z "$DRO_PUB_CERT_URL" ]; then + log "ERROR: DRO Public Cerificate URL is not specified" SCRIPT_STATUS=16 else - log "=== Using existing UDS deployment inputs ===" + log "=== Using existing DRO deployment inputs ===" fi fi diff --git a/script-functions.bash b/script-functions.bash index d0e4e2c3..dc74c16f 100755 --- a/script-functions.bash +++ b/script-functions.bash @@ -250,7 +250,7 @@ function getOPNamespace() { log " $1 Instance Name : $INSTANCE_NAME" if [[ $INSTANCE_NAME != "null" ]]; then if [[ ${instance_names[${1}]} && (${instance_names[${1}]} = "$INSTANCE_NAME") ]]; then - log " UDS Instance Present" + log " DRO Instance Present" else log " Instance Name for ${1} is not matching." SCRIPT_STATUS=29 From 2fe62df18603155cd3c2d10af7139cdbc5f95cdc Mon Sep 17 00:00:00 2001 From: shajeena Date: Mon, 24 Jun 2024 16:35:36 +0530 Subject: [PATCH 17/40] [minor] AROdb2 --- .idea/.gitignore | 3 --- .idea/libraries/masocp_template_1_0_0.xml | 9 --------- .idea/libraries/pre_req_vpc_subnets.xml | 9 --------- .idea/misc.xml | 6 ------ .idea/modules.xml | 8 -------- .idea/multicloud-bootstrap.iml | 9 --------- .idea/vcs.xml | 6 ------ 7 files changed, 50 deletions(-) delete mode 100644 .idea/.gitignore delete mode 100644 .idea/libraries/masocp_template_1_0_0.xml delete mode 100644 .idea/libraries/pre_req_vpc_subnets.xml delete mode 100644 .idea/misc.xml delete mode 100644 .idea/modules.xml delete mode 100644 .idea/multicloud-bootstrap.iml delete mode 100644 .idea/vcs.xml diff --git a/.idea/.gitignore b/.idea/.gitignore deleted file mode 100644 index 26d33521..00000000 --- a/.idea/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -# Default ignored files -/shelf/ -/workspace.xml diff --git a/.idea/libraries/masocp_template_1_0_0.xml b/.idea/libraries/masocp_template_1_0_0.xml deleted file mode 100644 index 4928ed3b..00000000 --- a/.idea/libraries/masocp_template_1_0_0.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - \ No newline at end of file diff --git a/.idea/libraries/pre_req_vpc_subnets.xml b/.idea/libraries/pre_req_vpc_subnets.xml deleted file mode 100644 index 5791dc7f..00000000 --- a/.idea/libraries/pre_req_vpc_subnets.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - \ No newline at end of file diff --git a/.idea/misc.xml b/.idea/misc.xml deleted file mode 100644 index 639900d1..00000000 --- a/.idea/misc.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - \ No newline at end of file diff --git a/.idea/modules.xml b/.idea/modules.xml deleted file mode 100644 index 5a494651..00000000 --- a/.idea/modules.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - \ No newline at end of file diff --git a/.idea/multicloud-bootstrap.iml b/.idea/multicloud-bootstrap.iml deleted file mode 100644 index d6ebd480..00000000 --- a/.idea/multicloud-bootstrap.iml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - \ No newline at end of file diff --git a/.idea/vcs.xml b/.idea/vcs.xml deleted file mode 100644 index 35eb1ddf..00000000 --- a/.idea/vcs.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - \ No newline at end of file From 35e67ae4e795bce08d3b5ced8777661ff1d88498 Mon Sep 17 00:00:00 2001 From: shajeena Date: Mon, 24 Jun 2024 21:25:18 +0530 Subject: [PATCH 18/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium_aro.sh | 4 ++-- azure/azurefiles/managed-premium.yaml | 2 +- init.sh | 9 ++++----- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index 5bf5cf6a..0d9de4d7 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -93,8 +93,8 @@ parameters: storageAccount: $AZURE_STORAGE_ACCOUNT_NAME reclaimPolicy: Delete mountOptions: - - dir_mode=0640 - - file_mode=0640 + - dir_mode=0777 + - file_mode=0777 - uid=0 - gid=0 - mfsymlinks diff --git a/azure/azurefiles/managed-premium.yaml b/azure/azurefiles/managed-premium.yaml index 2637511e..e650677f 100644 --- a/azure/azurefiles/managed-premium.yaml +++ b/azure/azurefiles/managed-premium.yaml @@ -10,4 +10,4 @@ parameters: storageaccounttype: Premium_LRS reclaimPolicy: Delete allowVolumeExpansion: true -volumeBindingMode: WaitForFirstConsumer +volumeBindingMode: WaitForFirstConsumer \ No newline at end of file diff --git a/init.sh b/init.sh index e9583293..80598248 100644 --- a/init.sh +++ b/init.sh @@ -250,15 +250,14 @@ export DB2WH_VERSION="11.5.8.0-cn6" export DB2_LOGS_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export DB2_TEMP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS -export DB2_META_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS +export DB2_META_STORAGE_CLASS=$CPD_METADATA_STORAGE_CLASS export DB2_DATA_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS -export DB2_BACKUP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS -export DB2_LOGS_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS -export DB2_TEMP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS +export DB2_BACKUP_STORAGE_CLASS=$CPD_METADATA_STORAGE_CLASS + export CPD_SERVICE_NAME="db2wh" export DB2_INSTANCE_NAME=db2wh-db01 -#export DB2_VERSION=11.5.7.0-cn2 +#export DB2_VERSION=11.5.8.0-cn6 export ENTITLEMENT_KEY=$SLS_ENTITLEMENT_KEY # not reqd its hardcoded as db2_namespace: db2u export DB2WH_NAMESPACE="cpd-services-${RANDOM_STR}" From c039a64293ee79fb3b07eb44d1800dec6c424147 Mon Sep 17 00:00:00 2001 From: shajeena Date: Mon, 24 Jun 2024 22:54:56 +0530 Subject: [PATCH 19/40] [minor] AROdb2 --- init.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/init.sh b/init.sh index 80598248..90e7d352 100644 --- a/init.sh +++ b/init.sh @@ -250,9 +250,9 @@ export DB2WH_VERSION="11.5.8.0-cn6" export DB2_LOGS_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export DB2_TEMP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS -export DB2_META_STORAGE_CLASS=$CPD_METADATA_STORAGE_CLASS +export DB2_META_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export DB2_DATA_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS -export DB2_BACKUP_STORAGE_CLASS=$CPD_METADATA_STORAGE_CLASS +export DB2_BACKUP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export CPD_SERVICE_NAME="db2wh" From f514d50f7b600a5773a4627f82b005822eb63e43 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 10:02:56 +0530 Subject: [PATCH 20/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium_aro.sh | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index 0d9de4d7..cc7718fa 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -88,19 +88,11 @@ parameters: protocol: nfs location: $deployRegion resourceGroup: $AZURE_FILES_RESOURCE_GROUP + networkEndpointType: privateEndpoint secretNamespace: kube-system skuName: Premium_LRS storageAccount: $AZURE_STORAGE_ACCOUNT_NAME reclaimPolicy: Delete -mountOptions: - - dir_mode=0777 - - file_mode=0777 - - uid=0 - - gid=0 - - mfsymlinks - - cache=strict - - actimeo=30 - - noperm volumeBindingMode: Immediate EOF oc create -f azure-storageclass-azure-file.yaml From 7bb36bec5ffd559164e896c0c6fe287aaa7de353 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 11:10:25 +0530 Subject: [PATCH 21/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium_aro.sh | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index cc7718fa..c646044d 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -39,7 +39,7 @@ if [[ $checkstoragename == "true" ]]; then --allow-shared-key-access true \ --min-tls-version TLS1_2 \ --location $deployRegion \ - --allow-blob-public-access true \ + --allow-blob-public-access false \ --https-only false \ --bypass AzureServices \ --default-action Deny @@ -83,16 +83,24 @@ apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: azurefiles-premium -provisioner: file.csi.azure.com +provisioner: kubernetes.io/azure-file parameters: - protocol: nfs location: $deployRegion resourceGroup: $AZURE_FILES_RESOURCE_GROUP - networkEndpointType: privateEndpoint secretNamespace: kube-system skuName: Premium_LRS storageAccount: $AZURE_STORAGE_ACCOUNT_NAME reclaimPolicy: Delete +mountOptions: + - dir_mode=0777 + - file_mode=0777 + - uid=0 + - gid=0 + - mfsymlinks + - cache=strict + - actimeo=30 + - noperm volumeBindingMode: Immediate EOF oc create -f azure-storageclass-azure-file.yaml +oc apply -f persistent-volume-binder.yaml \ No newline at end of file From ee581429d2ae23478e329b95adbbb4ceed593c27 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 13:23:31 +0530 Subject: [PATCH 22/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium_aro.sh | 9 ++++----- init.sh | 2 +- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index c646044d..01bae3ae 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -83,7 +83,7 @@ apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: azurefiles-premium -provisioner: kubernetes.io/azure-file +provisioner: file.csi.azure.com parameters: location: $deployRegion resourceGroup: $AZURE_FILES_RESOURCE_GROUP @@ -92,8 +92,8 @@ parameters: storageAccount: $AZURE_STORAGE_ACCOUNT_NAME reclaimPolicy: Delete mountOptions: - - dir_mode=0777 - - file_mode=0777 + - dir_mode=0600 + - file_mode=0600 - uid=0 - gid=0 - mfsymlinks @@ -102,5 +102,4 @@ mountOptions: - noperm volumeBindingMode: Immediate EOF -oc create -f azure-storageclass-azure-file.yaml -oc apply -f persistent-volume-binder.yaml \ No newline at end of file +oc create -f azure-storageclass-azure-file.yaml \ No newline at end of file diff --git a/init.sh b/init.sh index 90e7d352..03f7d889 100644 --- a/init.sh +++ b/init.sh @@ -257,7 +257,7 @@ export DB2_BACKUP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS export CPD_SERVICE_NAME="db2wh" export DB2_INSTANCE_NAME=db2wh-db01 -#export DB2_VERSION=11.5.8.0-cn6 +#export DB2_VERSION=11.5.7.0-cn2 export ENTITLEMENT_KEY=$SLS_ENTITLEMENT_KEY # not reqd its hardcoded as db2_namespace: db2u export DB2WH_NAMESPACE="cpd-services-${RANDOM_STR}" From bc5fca497351f2a0971d6a17514b2ecf6dffffd9 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 14:29:10 +0530 Subject: [PATCH 23/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index 423e3cdc..7d87eeff 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -39,7 +39,7 @@ dnf --config='https://rhelimage.blob.core.windows.net/repositories/rhui-microsof dnf update -y ## Install pre-reqs -dnf install git httpd-tools java python39 unzip wget zip pip container-tools -y +dnf install git httpd-tools java python39 unzip wget zip pip container-tools -y --nobest ln -s --force /usr/bin/python3.9 /usr/bin/python ln -s --force /usr/bin/pip3.9 /usr/bin/pip From 1a67937f68846ef705d6f16fc59b682fa1251fb5 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 14:31:55 +0530 Subject: [PATCH 24/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index 7d87eeff..aa290579 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -37,9 +37,9 @@ dnf --config='https://rhelimage.blob.core.windows.net/repositories/rhui-microsof # Update all packages to latest dnf update -y - +dnf clean all ## Install pre-reqs -dnf install git httpd-tools java python39 unzip wget zip pip container-tools -y --nobest +dnf install git httpd-tools java python39 unzip wget zip pip container-tools -y ln -s --force /usr/bin/python3.9 /usr/bin/python ln -s --force /usr/bin/pip3.9 /usr/bin/pip From f4a8cf9f5ab4323dc93e7ea439d45e6daf4d7836 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 14:36:22 +0530 Subject: [PATCH 25/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index aa290579..35cb648f 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -36,10 +36,12 @@ dnf --disablerepo='*' -y remove 'rhui-azure-rhel9-eus' dnf --config='https://rhelimage.blob.core.windows.net/repositories/rhui-microsoft-azure-rhel9.config' install rhui-azure-rhel9 -y # Update all packages to latest -dnf update -y dnf clean all +dnf update -y + ## Install pre-reqs -dnf install git httpd-tools java python39 unzip wget zip pip container-tools -y +dnf install git httpd-tools java unzip wget zip pip container-tools -y +dnf update python39 python-unversioned-command -y ln -s --force /usr/bin/python3.9 /usr/bin/python ln -s --force /usr/bin/pip3.9 /usr/bin/pip From 55ca828bcfcb80500fd77481d866844695b2c824 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 14:47:29 +0530 Subject: [PATCH 26/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index 35cb648f..37784e31 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -41,7 +41,7 @@ dnf update -y ## Install pre-reqs dnf install git httpd-tools java unzip wget zip pip container-tools -y -dnf update python39 python-unversioned-command -y +#dnf update python39 python-unversioned-command -y ln -s --force /usr/bin/python3.9 /usr/bin/python ln -s --force /usr/bin/pip3.9 /usr/bin/pip From 849f73970175b0f99ee2ffcbe771c81f71c2f18c Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 14:49:03 +0530 Subject: [PATCH 27/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index 37784e31..45c302da 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -42,6 +42,7 @@ dnf update -y ## Install pre-reqs dnf install git httpd-tools java unzip wget zip pip container-tools -y #dnf update python39 python-unversioned-command -y + yum install python-unversioned-command -y ln -s --force /usr/bin/python3.9 /usr/bin/python ln -s --force /usr/bin/pip3.9 /usr/bin/pip From 4a548cf8e383e9b160ca1ed45dc1b3e6e82283d9 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 14:50:50 +0530 Subject: [PATCH 28/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index 45c302da..72d7e1b9 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -38,11 +38,12 @@ dnf --config='https://rhelimage.blob.core.windows.net/repositories/rhui-microsof # Update all packages to latest dnf clean all dnf update -y - + yum install python-unversioned-command -y ## Install pre-reqs dnf install git httpd-tools java unzip wget zip pip container-tools -y #dnf update python39 python-unversioned-command -y - yum install python-unversioned-command -y + + ln -s --force /usr/bin/python3.9 /usr/bin/python ln -s --force /usr/bin/pip3.9 /usr/bin/pip From 7b9e51465dc5ada53ac0708c1cd695405035bfce Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 14:54:32 +0530 Subject: [PATCH 29/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index 72d7e1b9..6e9b2b21 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -37,7 +37,7 @@ dnf --config='https://rhelimage.blob.core.windows.net/repositories/rhui-microsof # Update all packages to latest dnf clean all -dnf update -y +#dnf update -y yum install python-unversioned-command -y ## Install pre-reqs dnf install git httpd-tools java unzip wget zip pip container-tools -y From e0267c54fe149c4169e6a0c1bb00a1e9c1459fb1 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 14:58:15 +0530 Subject: [PATCH 30/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index 6e9b2b21..c61e6c71 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -40,7 +40,7 @@ dnf clean all #dnf update -y yum install python-unversioned-command -y ## Install pre-reqs -dnf install git httpd-tools java unzip wget zip pip container-tools -y +dnf install git httpd-tools java unzip wget zip pip container-tools -y --skip-broken #dnf update python39 python-unversioned-command -y From 32a49450d01f1b4bc4ce1c9d7c1661800f44171d Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 15:03:04 +0530 Subject: [PATCH 31/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index c61e6c71..150dc194 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -40,7 +40,7 @@ dnf clean all #dnf update -y yum install python-unversioned-command -y ## Install pre-reqs -dnf install git httpd-tools java unzip wget zip pip container-tools -y --skip-broken +#dnf install git httpd-tools java unzip wget zip pip container-tools -y --skip-broken #dnf update python39 python-unversioned-command -y From 19d2d0f33629320a849d1c5917cf7bd8f61fdefb Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 15:07:49 +0530 Subject: [PATCH 32/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index 150dc194..aff720b4 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -37,8 +37,8 @@ dnf --config='https://rhelimage.blob.core.windows.net/repositories/rhui-microsof # Update all packages to latest dnf clean all -#dnf update -y - yum install python-unversioned-command -y +dnf update -y +# yum install python-unversioned-command -y ## Install pre-reqs #dnf install git httpd-tools java unzip wget zip pip container-tools -y --skip-broken #dnf update python39 python-unversioned-command -y From 8a0eecb25bc99cf77e3aaa85b97f7c2ba408b76e Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 15:17:48 +0530 Subject: [PATCH 33/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index aff720b4..dcd2ac59 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -34,7 +34,7 @@ dnf -y remove polkit rm /etc/dnf/vars/releasever dnf --disablerepo='*' -y remove 'rhui-azure-rhel9-eus' dnf --config='https://rhelimage.blob.core.windows.net/repositories/rhui-microsoft-azure-rhel9.config' install rhui-azure-rhel9 -y - +python3 --version # Update all packages to latest dnf clean all dnf update -y From a3cf3cacafc8284aecc867ecd2d821255a87942b Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 15:21:26 +0530 Subject: [PATCH 34/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index dcd2ac59..1e98a3f7 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -44,11 +44,11 @@ dnf update -y #dnf update python39 python-unversioned-command -y -ln -s --force /usr/bin/python3.9 /usr/bin/python -ln -s --force /usr/bin/pip3.9 /usr/bin/pip +#ln -s --force /usr/bin/python3.9 /usr/bin/python +#ln -s --force /usr/bin/pip3.9 /usr/bin/pip -ln -s --force /usr/bin/python3.9 /usr/bin/python3 -ln -s --force /usr/bin/pip3.9 /usr/bin/pip3 +#ln -s --force /usr/bin/python3.9 /usr/bin/python3 +#ln -s --force /usr/bin/pip3.9 /usr/bin/pip3 #Install openshift-install 4.14.26 wget "https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/4.14.26/openshift-client-linux.tar.gz" From 48574c7e8a5e07bbfd389511e67e5d8e75e2c700 Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 15:24:44 +0530 Subject: [PATCH 35/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index 1e98a3f7..674da2f6 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -37,7 +37,7 @@ dnf --config='https://rhelimage.blob.core.windows.net/repositories/rhui-microsof python3 --version # Update all packages to latest dnf clean all -dnf update -y +#dnf update -y # yum install python-unversioned-command -y ## Install pre-reqs #dnf install git httpd-tools java unzip wget zip pip container-tools -y --skip-broken From dd41a57da5ca7eee1be8970a0a5e6106a429f20f Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 15:30:44 +0530 Subject: [PATCH 36/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index 674da2f6..cf26ab7e 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -40,15 +40,15 @@ dnf clean all #dnf update -y # yum install python-unversioned-command -y ## Install pre-reqs -#dnf install git httpd-tools java unzip wget zip pip container-tools -y --skip-broken -#dnf update python39 python-unversioned-command -y +dnf install git httpd-tools java unzip wget zip pip container-tools -y -#ln -s --force /usr/bin/python3.9 /usr/bin/python -#ln -s --force /usr/bin/pip3.9 /usr/bin/pip -#ln -s --force /usr/bin/python3.9 /usr/bin/python3 -#ln -s --force /usr/bin/pip3.9 /usr/bin/pip3 +ln -s --force /usr/bin/python3.9 /usr/bin/python +ln -s --force /usr/bin/pip3.9 /usr/bin/pip + +ln -s --force /usr/bin/python3.9 /usr/bin/python3 +ln -s --force /usr/bin/pip3.9 /usr/bin/pip3 #Install openshift-install 4.14.26 wget "https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/4.14.26/openshift-client-linux.tar.gz" From b70e266e05e975c42fbde2c720b2b48a0806044f Mon Sep 17 00:00:00 2001 From: shajeena Date: Tue, 25 Jun 2024 15:37:29 +0530 Subject: [PATCH 37/40] [minor] AROdb2 --- azure/bootnode-image/prepare-bootnode-image.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/azure/bootnode-image/prepare-bootnode-image.sh b/azure/bootnode-image/prepare-bootnode-image.sh index cf26ab7e..d06d64a1 100755 --- a/azure/bootnode-image/prepare-bootnode-image.sh +++ b/azure/bootnode-image/prepare-bootnode-image.sh @@ -42,8 +42,6 @@ dnf clean all ## Install pre-reqs dnf install git httpd-tools java unzip wget zip pip container-tools -y - - ln -s --force /usr/bin/python3.9 /usr/bin/python ln -s --force /usr/bin/pip3.9 /usr/bin/pip From 666fc6287c9890364b39ef5fa17d17ba7dbdfc16 Mon Sep 17 00:00:00 2001 From: shajeena Date: Wed, 26 Jun 2024 11:13:51 +0530 Subject: [PATCH 38/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium_aro.sh | 40 ++++++++++++++++------ init.sh | 12 +++---- 2 files changed, 35 insertions(+), 17 deletions(-) diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index 01bae3ae..cdef6a76 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -14,6 +14,7 @@ export CLUSTER_NAME=$(az resource list --name $resourceGroupName --query "[].{i echo "CLUSTER_NAME" $CLUSTER_NAME log "CLUSTER_NAME" $CLUSTER_NAME export AZURE_STORAGE_ACCOUNT_NAME=stg${resourceGroupName,,} +export AZURE_STORAGE_BLOCK_ACCOUNT_NAME=blk${resourceGroupName,,} echo "AZURE_STORAGE_ACCOUNT_NAME" $AZURE_STORAGE_ACCOUNT_NAME export AZURE_FILES_RESOURCE_GROUP=$resourceGroupName echo "AZURE_FILES_RESOURCE_GROUP" $AZURE_FILES_RESOURCE_GROUP @@ -25,9 +26,14 @@ az provider register -n Microsoft.Compute --wait az provider register -n Microsoft.Storage --wait az provider register -n Microsoft.Authorization --wait export checkstoragename=$(az storage account check-name --name $AZURE_STORAGE_ACCOUNT_NAME --query nameAvailable) +export checkstorageblockname=$(az storage account check-name --name $AZURE_STORAGE_BLOCK_ACCOUNT_NAME --query nameAvailable) echo "Check if the storage name is available : $checkstoragename" log "Check if the storage name is available : $checkstoragename" #zcheck if the storage name exists +if [[ checkstorageblockname == "true" ]]; then + az storage account create --name ${AZURE_STORAGE_BLOCK_ACCOUNT_NAME} --resource-group ${AZURE_FILES_RESOURCE_GROUP} --location ${deployRegion} --sku Premium_LRS --kind BlockBlobStorage +fi + if [[ $checkstoragename == "true" ]]; then echo "no storage class" #create a storage @@ -69,13 +75,16 @@ export subnets=(worker-subnet master-subnet) for subnet in "${subnets[@]}" do echo "{subnet}" - az network vnet subnet update --resource-group $AZURE_FILES_RESOURCE_GROUP --vnet-name $VNET --name $subnet --service-endpoints "Microsoft.Storage.Global" + #az network vnet subnet update --resource-group $AZURE_FILES_RESOURCE_GROUP --vnet-name $VNET --name $subnet --service-endpoints "Microsoft.Storage.Global" subnetid=$(az network vnet subnet show --resource-group $AZURE_FILES_RESOURCE_GROUP --vnet-name $VNET --name $subnet --query id --output tsv) az storage account network-rule add --resource-group $AZURE_FILES_RESOURCE_GROUP --account-name $AZURE_STORAGE_ACCOUNT_NAME --subnet $subnetid + az storage account network-rule add --resource-group $AZURE_FILES_RESOURCE_GROUP --account-name AZURE_STORAGE_BLOCK_ACCOUNT_NAME --subnet $subnetid + done #delete the azurepremium and create a new premium log "Delete the azurepremium and create a new azurepremium for ARO" oc delete sc/azurefiles-premium +oc delete sc/azuredisk-premium #Deploy premium Storage Class for aro cat << EOF >> azure-storageclass-azure-file.yaml @@ -89,17 +98,26 @@ parameters: resourceGroup: $AZURE_FILES_RESOURCE_GROUP secretNamespace: kube-system skuName: Premium_LRS + protocol: nfs storageAccount: $AZURE_STORAGE_ACCOUNT_NAME reclaimPolicy: Delete -mountOptions: - - dir_mode=0600 - - file_mode=0600 - - uid=0 - - gid=0 - - mfsymlinks - - cache=strict - - actimeo=30 - - noperm volumeBindingMode: Immediate +allowVolumeExpansion: true +EOF +oc create -f azure-storageclass-azure-file.yaml + +cat << EOF >> azure-storageclass-azure-disk.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: azuredisk-premium +provisioner: disk.csi.azure.com +parameters: + location: $deployRegion + resourceGroup: $AZURE_FILES_RESOURCE_GROUP + secretNamespace: kube-system + skuName: Premium_LRS + storageAccount: $AZURE_STORAGE_BLOCK_ACCOUNT_NAME EOF -oc create -f azure-storageclass-azure-file.yaml \ No newline at end of file +oc create -f azure-storageclass-azure-file.yaml +oc create -f azure-storageclass-azure-disk.yaml \ No newline at end of file diff --git a/init.sh b/init.sh index 03f7d889..5122cdf6 100644 --- a/init.sh +++ b/init.sh @@ -236,7 +236,7 @@ if [[ $CLUSTER_TYPE == "aws" ]]; then elif [[ $CLUSTER_TYPE == "azure" ]]; then #export CPD_PRIMARY_STORAGE_CLASS="azurefile-premium-new" export CPD_PRIMARY_STORAGE_CLASS="azurefiles-premium" - export CPD_METADATA_STORAGE_CLASS="managed-premium" + export CPD_METADATA_STORAGE_CLASS="azuredisk-premium" fi #export DRO_STORAGE_CLASS=true # DB2WH variables @@ -248,11 +248,11 @@ export DB2WH_INSTANCE_NAME="db2wh-cpd-${RANDOM_STR}" export DB2WH_VERSION="11.5.8.0-cn6" -export DB2_LOGS_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS -export DB2_TEMP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS -export DB2_META_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS -export DB2_DATA_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS -export DB2_BACKUP_STORAGE_CLASS=$CPD_PRIMARY_STORAGE_CLASS +export DB2_LOGS_STORAGE_CLASS="azuredisk-premium" +export DB2_TEMP_STORAGE_CLASS="azuredisk-premium" +export DB2_META_STORAGE_CLASS="azurefiles-premium" +export DB2_DATA_STORAGE_CLASS="azuredisk-premium" +export DB2_BACKUP_STORAGE_CLASS="azurefiles-premium" export CPD_SERVICE_NAME="db2wh" From 4a6e75be52fb3b19708400fac8045e6c4cfb8fc2 Mon Sep 17 00:00:00 2001 From: shajeena Date: Thu, 27 Jun 2024 13:35:30 +0530 Subject: [PATCH 39/40] [minor] AROdb2 --- azure/azurefiles/azurefiles-premium.sh | 4 +-- azure/azurefiles/azurefiles-premium_aro.sh | 37 ++++++++-------------- azure/deploy.sh | 10 +++--- init.sh | 8 ++--- 4 files changed, 24 insertions(+), 35 deletions(-) diff --git a/azure/azurefiles/azurefiles-premium.sh b/azure/azurefiles/azurefiles-premium.sh index e0d026b7..c85cf482 100755 --- a/azure/azurefiles/azurefiles-premium.sh +++ b/azure/azurefiles/azurefiles-premium.sh @@ -22,8 +22,8 @@ oc create configmap azure-cred-file --from-literal=path="/etc/kubernetes/cloud.c export driver_version=v1.30.2 echo "Driver version " $driver_version -./install-driver.sh $driver_version -oc patch storageclass managed-csi -p '{"metadata": {"annotations": {"storageclass.kubernetes.io/is-default-class": "false"}}}' +#./install-driver.sh $driver_version +#oc patch storageclass managed-csi -p '{"metadata": {"annotations": {"storageclass.kubernetes.io/is-default-class": "false"}}}' #Deploy premium Storage Class envsubst < azurefiles-premium.yaml | tee azurefiles-premium.yaml oc apply -f azurefiles-premium.yaml diff --git a/azure/azurefiles/azurefiles-premium_aro.sh b/azure/azurefiles/azurefiles-premium_aro.sh index cdef6a76..f297f872 100755 --- a/azure/azurefiles/azurefiles-premium_aro.sh +++ b/azure/azurefiles/azurefiles-premium_aro.sh @@ -26,13 +26,11 @@ az provider register -n Microsoft.Compute --wait az provider register -n Microsoft.Storage --wait az provider register -n Microsoft.Authorization --wait export checkstoragename=$(az storage account check-name --name $AZURE_STORAGE_ACCOUNT_NAME --query nameAvailable) -export checkstorageblockname=$(az storage account check-name --name $AZURE_STORAGE_BLOCK_ACCOUNT_NAME --query nameAvailable) + echo "Check if the storage name is available : $checkstoragename" log "Check if the storage name is available : $checkstoragename" #zcheck if the storage name exists -if [[ checkstorageblockname == "true" ]]; then - az storage account create --name ${AZURE_STORAGE_BLOCK_ACCOUNT_NAME} --resource-group ${AZURE_FILES_RESOURCE_GROUP} --location ${deployRegion} --sku Premium_LRS --kind BlockBlobStorage -fi + if [[ $checkstoragename == "true" ]]; then echo "no storage class" @@ -66,8 +64,8 @@ oc create clusterrole azure-secret-reader --verb=create,get --resource=secrets oc adm policy add-cluster-role-to-user azure-secret-reader system:serviceaccount:kube-system:persistent-volume-binder #Assign networks to the storage #https://learn.microsoft.com/en-us/azure/storage/common/storage-network-security?tabs=azure-cli - -az storage account update --resource-group $AZURE_FILES_RESOURCE_GROUP --name $AZURE_STORAGE_ACCOUNT_NAME --default-action Deny +#try without +#az storage account update --resource-group $AZURE_FILES_RESOURCE_GROUP --name $AZURE_STORAGE_ACCOUNT_NAME --default-action Deny export VNET=$(oc get machineset -n openshift-machine-api -o json|jq -r '.items[0].spec.template.spec.providerSpec.value.vnet') #export subnets=$(az network vnet subnet list -g $AZURE_FILES_RESOURCE_GROUP --vnet-name $VNET|jq -r '.[].name') @@ -78,13 +76,11 @@ for subnet in "${subnets[@]}" #az network vnet subnet update --resource-group $AZURE_FILES_RESOURCE_GROUP --vnet-name $VNET --name $subnet --service-endpoints "Microsoft.Storage.Global" subnetid=$(az network vnet subnet show --resource-group $AZURE_FILES_RESOURCE_GROUP --vnet-name $VNET --name $subnet --query id --output tsv) az storage account network-rule add --resource-group $AZURE_FILES_RESOURCE_GROUP --account-name $AZURE_STORAGE_ACCOUNT_NAME --subnet $subnetid - az storage account network-rule add --resource-group $AZURE_FILES_RESOURCE_GROUP --account-name AZURE_STORAGE_BLOCK_ACCOUNT_NAME --subnet $subnetid - done #delete the azurepremium and create a new premium log "Delete the azurepremium and create a new azurepremium for ARO" oc delete sc/azurefiles-premium -oc delete sc/azuredisk-premium + #Deploy premium Storage Class for aro cat << EOF >> azure-storageclass-azure-file.yaml @@ -93,6 +89,14 @@ kind: StorageClass metadata: name: azurefiles-premium provisioner: file.csi.azure.com +mountOptions: + - nconnect=4 + - noresvport + - actimeo=30 + - dir_mode=0600 + - file_mode=0600 + - uid=0 + - gid=0 parameters: location: $deployRegion resourceGroup: $AZURE_FILES_RESOURCE_GROUP @@ -106,18 +110,3 @@ allowVolumeExpansion: true EOF oc create -f azure-storageclass-azure-file.yaml -cat << EOF >> azure-storageclass-azure-disk.yaml -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: azuredisk-premium -provisioner: disk.csi.azure.com -parameters: - location: $deployRegion - resourceGroup: $AZURE_FILES_RESOURCE_GROUP - secretNamespace: kube-system - skuName: Premium_LRS - storageAccount: $AZURE_STORAGE_BLOCK_ACCOUNT_NAME -EOF -oc create -f azure-storageclass-azure-file.yaml -oc create -f azure-storageclass-azure-disk.yaml \ No newline at end of file diff --git a/azure/deploy.sh b/azure/deploy.sh index 024470c1..56eecad4 100755 --- a/azure/deploy.sh +++ b/azure/deploy.sh @@ -5,17 +5,17 @@ set -e ## Variables # Mongo variables -export MONGODB_STORAGE_CLASS=managed-premium +export MONGODB_STORAGE_CLASS=managed-csi # Amqstreams variables -export KAFKA_STORAGE_CLASS=managed-premium +export KAFKA_STORAGE_CLASS=managed-csi # Service principle variables SP_NAME="http://${CLUSTER_NAME}-sp" # SLS variables -export SLS_STORAGE_CLASS=managed-premium +export SLS_STORAGE_CLASS=managed-csi # DRO variables -export DRO_STORAGE_CLASS=managed-premium +export DRO_STORAGE_CLASS=managed-csi # CP4D variables -export CPD_METADATA_STORAGE_CLASS=managed-premium +export CPD_METADATA_STORAGE_CLASS=managed-csi export CPD_SERVICE_STORAGE_CLASS=azurefiles-premium log "Below are Cloud specific deployment parameters," diff --git a/init.sh b/init.sh index 5122cdf6..1832f496 100644 --- a/init.sh +++ b/init.sh @@ -236,7 +236,7 @@ if [[ $CLUSTER_TYPE == "aws" ]]; then elif [[ $CLUSTER_TYPE == "azure" ]]; then #export CPD_PRIMARY_STORAGE_CLASS="azurefile-premium-new" export CPD_PRIMARY_STORAGE_CLASS="azurefiles-premium" - export CPD_METADATA_STORAGE_CLASS="azuredisk-premium" + export CPD_METADATA_STORAGE_CLASS="managed-csi" fi #export DRO_STORAGE_CLASS=true # DB2WH variables @@ -248,10 +248,10 @@ export DB2WH_INSTANCE_NAME="db2wh-cpd-${RANDOM_STR}" export DB2WH_VERSION="11.5.8.0-cn6" -export DB2_LOGS_STORAGE_CLASS="azuredisk-premium" -export DB2_TEMP_STORAGE_CLASS="azuredisk-premium" +export DB2_LOGS_STORAGE_CLASS="managed-csi" +export DB2_TEMP_STORAGE_CLASS="managed-csi" export DB2_META_STORAGE_CLASS="azurefiles-premium" -export DB2_DATA_STORAGE_CLASS="azuredisk-premium" +export DB2_DATA_STORAGE_CLASS="managed-csi" export DB2_BACKUP_STORAGE_CLASS="azurefiles-premium" export CPD_SERVICE_NAME="db2wh" From 4714fb7b073679372eb57b8cfe3d1fa7f8cdda19 Mon Sep 17 00:00:00 2001 From: shajeena Date: Thu, 27 Jun 2024 16:58:56 +0530 Subject: [PATCH 40/40] [minor] AROdb2 --- azure/deploy.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/azure/deploy.sh b/azure/deploy.sh index 56eecad4..dab7ab07 100755 --- a/azure/deploy.sh +++ b/azure/deploy.sh @@ -191,14 +191,14 @@ envsubst /tmp/.dockerconfigjsonexport OCP_INGRESS_TLS_S oc set data secret/pull-secret -n openshift-config --from-file=/tmp/.dockerconfigjson # Run ansible playbook to create azurefiles storage class -log "=== Creating azurefiles-premium Storage class , managed-premium Storage class on OCP cluster ===" -cd $GIT_REPO_HOME/azure/azurefiles -./azurefiles-premium.sh -retcode=$? -if [[ $retcode -ne 0 ]]; then - log "Failed to create azurefiles-premium storageclass" +#log "=== Creating azurefiles-premium Storage class , managed-premium Storage class on OCP cluster ===" +#cd $GIT_REPO_HOME/azure/azurefiles +#./azurefiles-premium.sh +#retcode=$? +#if [[ $retcode -ne 0 ]]; then + # log "Failed to create azurefiles-premium storageclass" #exit 27 -fi +#fi ## Configure OCP cluster log "==== OCP cluster configuration (Cert Manager) started ===="