Issue: https://github.com/code-ready/snc/issues/112 have been raised. It
is for permission denied errors that was caused by selinux. Selinux
isn't available on Debian/Ubuntu, and should be disabled in `qemu.conf`.
This is a bit more accessible than pointing folks at Godocs, since it
allows us to focus on the YAML property names (while Godocs
understandably focus on Go property names) and YAML renderings. Also
break up our old "one big example" install-config.yaml into a minimal
per-platform example and a series of small extentions excercising
groups of properties.
The vSphere docs are based heavily on [1].
Also drop proxy.md. It was added in e7edbf71fd (Add proxy
configuration to bootstrap node, 2019-06-24, #1832), but:
* Proxy testing and Squid configuration information belongs in
openshift/release, not in the installer repository.
* docs/user/customization.md now contains a more complete proxy-config
fragment.
OpenStack computeFlavor precedence is based on [2].
[1]: https://github.com/openshift/openshift-docs/blob/enterprise-4.2/modules/installation-vsphere-config-yaml.adoc
Last touched by commit openshift/openshift-docs@25afc7626d , 2019-08-19
[2]: https://github.com/openshift/installer/pull/2162#discussion_r322410878
The documents outlines the proposal and details for using alternate source/repositories for release-image.
The proposal is driven by the fact that, only flows using the `oc adm release mirror` to create the alternate sources for release-image will be supported.
Modification of `bootstrapTemplateData` struct to include proxy requirements.
Modification of `getTemplateData` and `addStorageFiles` to support proxy
Modification of proxy manifests
Added:
- /etc/profile.d/proxy.sh.template
- /etc/systemd/system.conf.d/10-default-env.conf.template
There are some significant firewalld zone differences between Fedora
Workstation and RHEL8. This commit takes this into account, and adjusts
the Fedora instructions so that the libvirt port does not get exposed
externally.
Since by default the installer uses qemu+tcp://192.168.122.1 and we
document to disable auth on tcp connections, the policykit step is not
required for the installer.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Commit 30b1ae8e4 changed the subnet the cluster will use from
192.168.124.0 to 192.168.126.0. However, it also changed mentions of the default
libvirt from 192.168.122.0 to 192.168.124.0.
This commit revert the last part of the change as 192.168.122.0 is more
likely to be used as it's the upstream libvirt default.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Currently cluster created by libvirt not able to resolve the auth route
and because of that console doesn't comeup. This troubleshooting doc entry
direct users to make some modification before running the cluster so that
auth route can be resolved by the cluster. Fix #1007
This is to give ownership of libvirt backend of Installer to CRC team. For
now I've only added two members from CRC team (myself and Praveen). I also
added two members of Installer team who seem to have been the most active
devs developing the relevant code.
We don't add `libvirt-approvers` for `pkg/types/libvirt`. For reasons:
https://github.com/openshift/installer/pull/1662#issuecomment-485895942
Instead of modifying the main NetworkManager configuration, let's add a
separate configuration file for our purposes.
Based on a patch from Colin Walters <walters@verbum.org>
Previously, destroy support was behind TAGS=libvirt_destroy and create
support was always built in. But since 3fb4400c (terraform/plugins:
add `libvirt`, `aws`, `ignition`, `openstack` to KnownPlugins,
2018-12-14, #919), the bundled libvirt Terraform provider has also
been behind libvirt_destroy. That leads to cluster creation failing
with:
$ openshift-install create cluster
...
ERROR Missing required providers.
ERROR
ERROR The following provider constraints are not met by the currently-installed
ERROR provider plugins:
ERROR
ERROR * libvirt (any version)
ERROR
ERROR Terraform can automatically download and install plugins to meet the given
ERROR constraints, but this step was skipped due to the use of -get-plugins=false
ERROR and/or -plugin-dir on the command line.
...
With this commit, folks trying to 'create cluster' without libvirt
compiled in will get:
FATAL failed to fetch Common Manifests: failed to load asset "Install Config": invalid "install-config.yaml" file: platform: Invalid value: types.Platform{AWS:(*aws.Platform)(nil), Libvirt:(*libvirt.Platform)(0xc4209511f0), OpenStack:(*openstack.Platform)(nil)}: platform must be one of: aws, openstack
before we get to Terraform.
Now that the build tag guards both creation and deletion, I've renamed
it from 'libvirt_destroy' to the unqualified 'libvirt'.
I've also adjusted the install-config validation testing to use
regular expressions so we can distinguish between failures because
libvirt was not compiled in as a valid platform and failures because
some portion of the libvirt configuration was broken. In order to get
stable error messages for comparison, I've added some strings.Sort
calls for various allowed-value string-slice computations.
The long forms are less likely to exist in the user's environment
since 6be4c253 (*: remove support for environment variables,
2018-12-10, #861), and we no longer need the context to distinguish
from all the other environment variables on a user's system.
The environment variables were originally added to make CI testing a
little easier, since the installer didn't support consumption of
provided assets (e.g. the install config). Now that the installer
supports consumption, there is no need for most of the environment
variables anymore. The variables have actually been confusing to users,
so their removal should simplify the mental model.
That approach should be documented in the CVO itself, since it's not
installer-specific and moving it gets the docs and implementation for
that approach into the same repository. I've filed [1] to land
dynamic-object docs in the CVO repo (based on some of the content I'm
removing here). Naming files, etc. are already covered by the
existing CVO documentation.
[1]: https://github.com/openshift/cluster-version-operator/pull/59
On RHEL (and IIRC Fedora as well) installing Libvirt doesn't actually
automatically mean you pulled in a hypervisor to actually run VMs on. As
a result you can encounter this error because qemu-kvm or equivalent is
not present:
Could not find any guests for architecure type hvm/x86_64
To avoid this, explicitly install qemu-kvm (if qemu-kvm-rhev or
qemu-kvm-ev are available in the machine's yum/dnf configuration they
will automatically get pulled in instead). The other package needed is
libvirt-daemon-kvm.
The kube-addon operator was the last remaining component in that
namespace, and it was just controlling a metrics server. Metrics
aren't critical to cluster functions, and dropping kube-addon means we
don't need the old pull secret anymore (although we will shortly need
new pull secrets for pulling private release images [1]).
Also drop the admin and user roles [2], although I'm less clear on
their connection.
[1]: https://github.com/openshift/installer/pull/663
[2]: https://github.com/openshift/installer/pull/682#issuecomment-439145907
The account.coreos.com reference was stale, and pull-secrets aren't
libvirt-specific, so I've dropped them from the libvirt docs entirely.
From Clayton, the flow for getting a pull secret will be:
1. Log in to try.openshift.com.
2. Accept the terms.
3. Get a pull secret you can download or copy/paste back into a local
file.
Podman doesn't really come into it. Currently the secret you get
there looks like:
$ cat ~/.personal/pull-secret.json
{
"auths": {
"cloud.openshift.com": {"auth": "...", "email": "..."},
"quay.io": {"auth": "...", "email": "..."}
}
}
Besides pulling images, the secret may also be used to authenticate to
other services (e.g. telemetry) on hosts that do not contain image
registries, which is more reason to decouple this from Podman.
