That's the latest RHCOS release:
$ curl -s https://releases-rhcos.svc.ci.openshift.org/storage/releases/maipo/builds.json | jq '{latest: .builds[0], timestamp}'
{
"latest": "47.212",
"timestamp": "2018-12-14T23:43:06Z"
}
And Clayton just pushed 4.0.0-0.alpha-2018-12-13-230701 to
quay.io/openshift-release-dev/ocp-release:4.0.0-6.
Renaming OPENSHIFT_INSTALL_RELEASE_IMAGE_OVERRIDE gets us CI testing
of the pinned release despite openshift/release@60007df2 (Use
RELEASE_IMAGE_LATEST for CVO payload, 2018-10-03,
openshift/release#1793).
I'd initially expected to export the pinning environment variables in
release.sh, but I've put them in build.sh here because our continuous
integration tests use build.sh directly and don't go through
release.sh.
Move the fetching of openstack platform values to types/openstack/validation
so that it can be used to validate values in the install-config.yml as well.
https://jira.coreos.com/browse/CORS-888
When an InstallConfig asset is loaded from an on-disk file, validate that
the fields of the InstallConfig have appropriate values. This uses all the
same validations that are down on the user-provided assets upon which the
InstalConfig asset depends as well as addition validations on other fields.
https://github.com/openshift/installer/pull/711
Much of the code that made of the CIDR validation was there to give a custom
description of what made the CIDR provided invalid. This has been removed in
favor of using the error returned by the golang library's ParseCIDR function.
Additionally, the code to determine whether two CIDRs overlap was unnecessary
complex because it did not take advantage of the fact that CIDRs only overlap
if one is a subset of the other.
https://jira.coreos.com/browse/CORS-850
Move the uri validation from pkg/asset/installconfig/libvirt to pkg/validation
for consistency with other validation functions.
https://jira.coreos.com/browse/CORS-850
Validate that (1) there is an "auths" field, (2) the "auths"
value has fields, and (3) each field in the "auth" value has
an "auth" or a "credsStore" field.
https://jira.coreos.com/browse/CORS-850
Use kubernetes validation of rfc-1123 sub-domains. This change
removes the restriction that each label in the cluster name is at most 63
characters long.
https://jira.coreos.com/browse/CORS-850
Use kubernetes validation of rfc-1123 sub-domains, with the
addition that the base domain can end with a dot. This change removes the
ability to use uppercase letters in the base domain.
https://jira.coreos.com/browse/CORS-850
One environment variable to be used when building the pinned release binary:
RHCOS_BUILD_NAME: a string representing the build name(or rather number e.g. 47.48). If empty, then the latest one will be picked up.
This could just be hardcoded in the hack/build.sh script before making the release branch so that it stays baked in.
But still leave an override env var so that it can be overridden. Use the following env var to pin the image while building the binary:
```
$ # export the release-image variable
$ export RELEASE_IMAGE=registry.redhat.io/openshift/origin-release:v4.0"
$ # build the openshift-install binary
$ ./hack/build.sh
$ # distribute the binary to customers and run with pinned image being picked up
$ ./bin/openshift-install create cluster...
```
The only way to override it would be to use an env var OPENSHIFT_INSTALL_RELEASE_IMAGE_OVERRIDE while running the openshift-install binary.
This worked previously since we only had one tag in the filter
but since we added both via #817 we exposed a bug which is we
should break after matching any key since we've deleted the
things and don't need to iterate over the filter keys anymore.
We're still getting issue reports about installer crashes that attempt
to summarize the issue but do not include copies of the actual error
messages. While summaries can be accurate, they're usually not much
more compact than a copy/paste of the errors from the logs, and it's a
lot easier to find existing reports for a given error if those reports
include the error you're looking for.
This line is from 4c347524 (log,return error if console URL is not
obtained, 2018-12-10, #859). But while the rest of that commit fixed
error handling for the no-routes-found case, this line was just dead
code.
This patch introduces a temporary service VM, that provides enough DNS and LB
functionality to bring up the cluster. It's a VM running dnsmasq to provide the
required DNS records necessary to bring up the cluster and haproxy to LB
against the master nodes for the API.
OpenStack support will remain experimental as long as this VM exists, but it
provides a better test and dev experience while we work on improving.
This includes the folowing additional cleanups in passing:
- drop unused console security group
- hack to disable openstack cloud provider temporarily while some issues
are resolved
Co-authored-by: Flavio Percoco <flavio@redhat.com>
Co-authored-by: Tomas Sedovic <tsedovic@redhat.com>
With the removal of the option to use an external VPC, the following
variables are not used and are removed.
aws_external_master_subnet_ids
aws_external_private_zone
aws_external_worker_subnet_ids
https://jira.coreos.com/browse/CORS-873
For the limited scope of the installer, we do not want the user to
have the ability to share the VPC between clusters. A shared VPC
could potentially be deleted when destroying one of the clusters,
leaving the rest of the clusters using the shared VPC in an unusable
state.
Fixes https://jira.coreos.com/browse/CORS-873
The old implementation depended on terraform auto picking up `*.auto.tfvars` in the current directory.
And since we ran terraform as separate process we changes the CWD of that to the `tempDir`.
With https://github.com/openshift/installer/pull/822 terraform in run as part of installer so var and state files need to be explicit to the `tempDir`
