cp provisioning missing etcd

docs/guides/DigitalOcean/index.md

@@ -50,22 +50,33 @@ ansible-galaxy collection install -r collections/ansible_collections/mtulio/okd_
 export DO_API_TOKEN=value
 ```
 
+- Create Spaces credentials and export it
+
+```bash
+export AWS_ACCESS_KEY_ID="DO00..."
+export AWS_SECRET_ACCESS_KEY="..."
+```
+
 ## Setup the configuration
 
 ```bash
-CLUSTER_NAME=do-lab02
+CLUSTER_NAME=do-lab10
 VARS_FILE=./vars-do-ha_${CLUSTER_NAME}.yaml
 
 cat <<EOF > ${VARS_FILE}
 provider: do
-cluster_name: ${CLUSTER_NAME}
 config_cluster_region: nyc3
 
+cluster_name: ${CLUSTER_NAME}
+# Already default:
+# config_platform: none
+# config_platform_spec: '{}'
+
 cluster_profile: ha
 destroy_bootstrap: no
 
 config_base_domain: splat-do.devcluster.openshift.com
-config_ssh_key: "$(cat ~/.ssh/openshift-dev.pub)"
+config_ssh_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCbXCby9r69mn+lGn7/mjZRkr+ShGWmVcXT4pbwA8IJBkjJg/EtXFuL1VjP5QbbWvjakQ1ZpMEYkL4V1Gm1etzkoDuMV+VhvvL8uW59XezLH1My9RQ5vtXY7GpB3t4qbTX2AQ5abAlTAoRgOxr5mKT62m3uUpU6HBWkcqwhNGRNPQOhUBybbpxMyakJ/TyS5F7GOajsCWdhx3ErldXrtUgbArPwR16Nh0lA3jO81QJnKzbkcaVlCNd8A3to0Dx1g5cel2HDK37Ri6xYZssh1qGN+fecc7Gf4lqvp1gGMtKMyZw8t54/cJrSeVhzi+mq8aeTIaOAwpoa8C4H80HE35wog1tsS0WALlPdNZ8IyPZRfhH3iG12X0WttB5x2hHngQaYzSWzs1TvEGwrci1Y8EFE1xXG6ArAPG5Iy79tmXlOZM/R/D1K6oVRrVB6T4fWKtHFHJExlRI6HWT+Qxye96RPWxEdKEhWzOLRrBiWPSXYCtT4SCbBirP4C/htnDNcMGlT/HIETVf0R+ixjnsqeYYQn15cXvWSSDQ4LTnW9vBrDLsWVFV8hJ4outZ67Ztf/tBuGKfUFzLkTCFhWJER1bbH7Zhxn5xCplI4REr2+PKnhRaPCrz6W2TRO94pACkJG3M4eP3OyCbVfC1N1c0+MPwwJ0R7TAllli94t5jQthu8xw=="
 config_pull_secret_file: "${HOME}/.openshift/pull-secret-latest.json"
 
 config_cluster_version: 4.13.0
@@ -84,8 +95,14 @@ os_mirror_to_do:
   bucket: rhcos-images
   image_type: QCOW2
 
+# Manifest Patches
 config_patches:
 - rm-capi-machines
+- mc-kubelet-provider-nodename
+
+# Ignition Patches
+config_patches_ignitions:
+- ign-hostnamectl-metadata
 
 EOF
 ```
@@ -153,9 +170,13 @@ ansible-playbook mtulio.okd_installer.config -e mode=patch-manifests -e @$VARS_F
 ansible-playbook mtulio.okd_installer.config -e mode=create-ignitions -e @$VARS_FILE
 ```
 
+```bash
+ansible-playbook mtulio.okd_installer.config -e mode=patch-ignitions -e @$VARS_FILE
+```
+
 #### Mirror OS boot image
 
-> TODO for DigitalOcean
+> TODO fixes for DigitalOcean
 
 ```bash
 ansible-playbook mtulio.okd_installer.os_mirror -e @$VARS_FILE
@@ -165,7 +186,7 @@ ansible-playbook mtulio.okd_installer.os_mirror -e @$VARS_FILE
 
 ##### Bootstrap node
 
-- Upload the bootstrap ignition to blob and Create the Bootstrap Instance
+- Upload the bootstrap ignition to blob and Create the Bootstrap Droplet
 
 ```bash
 ansible-playbook mtulio.okd_installer.create_node -e node_role=bootstrap -e @$VARS_FILE

playbooks/create_all.yaml

@@ -9,6 +9,9 @@
       ansible.builtin.set_fact:
         okdi_call_timer_start: "{{ ansible_date_time.date }} {{ ansible_date_time.time }}"
 
+- name: OKD Installer | Create all | Clients
+  ansible.builtin.import_playbook: install_clients.yaml
+
 - name: OKD Installer | Create all | Config | create config
   ansible.builtin.import_playbook: config.yaml
   vars:
@@ -41,18 +44,23 @@
   vars:
     mode: create-ignitions
 
+- name: OKD Installer | Create all | Config | patch ignitions
+  ansible.builtin.import_playbook: config.yaml
+  vars:
+    mode: patch-ignitions
+
 - name: OKD Installer | Create all | os_mirror
   ansible.builtin.import_playbook: os_mirror.yaml
   when: os_mirror | d(false)
 
 - name: OKD Installer | Create all | create stack | Compute nodes
   ansible.builtin.import_playbook: create_node_all.yaml
 
-- name: OKD Installer | Create all | create stack | Load Balancer Router
-  ansible.builtin.import_playbook: stack_loadbalancer.yaml
-  vars:
-    var_file: "{{ playbook_dir }}/vars/{{ config_provider }}/profiles/{{ cluster_profile  }}/loadbalancer-router-default.yaml"
-  when: config_platform|d('') == "none"
+# - name: OKD Installer | Create all | create stack | Load Balancer Router
+#   ansible.builtin.import_playbook: stack_loadbalancer.yaml
+#   vars:
+#     var_file: "{{ playbook_dir }}/vars/{{ config_provider }}/profiles/{{ cluster_profile  }}/loadbalancer-router-default.yaml"
+#   when: config_platform|d('') == "none"
 
 - name: OKD Installer | Create all | create stack | approve certs
   ansible.builtin.import_playbook: approve_certs.yaml

playbooks/create_node_all.yaml

@@ -53,27 +53,27 @@
         loop:
           - "cloud_compute"
 
-    # Create Compute: Compute nodes
-    - name: okd-installer | Stack | Compute | Worker
-      when: create_worker | d('yes') == 'yes'
-      block:
-      - name: okd-installer | Stack | Compute | Set User provided (CMP)
-        ansible.builtin.include_vars:
-          file: "{{ var_file_compute }}"
-        when: var_file_compute is defined
+    # # Create Compute: Compute nodes
+    # - name: okd-installer | Stack | Compute | Worker
+    #   when: create_worker | d('yes') == 'yes'
+    #   block:
+    #   - name: okd-installer | Stack | Compute | Set User provided (CMP)
+    #     ansible.builtin.include_vars:
+    #       file: "{{ var_file_compute }}"
+    #     when: var_file_compute is defined
 
-      - name: okd-installer | Stack | Compute | Include Topology {{ cluster_profile }}
-        ansible.builtin.include_vars:
-          file: "{{ profile_path }}/node-compute.yaml"
-        when:
-          - var_file_compute is not defined
-          - cluster_profile in topologies_allowed_multinode
+    #   - name: okd-installer | Stack | Compute | Include Topology {{ cluster_profile }}
+    #     ansible.builtin.include_vars:
+    #       file: "{{ profile_path }}/node-compute.yaml"
+    #     when:
+    #       - var_file_compute is not defined
+    #       - cluster_profile in topologies_allowed_multinode
 
-      - name: okd-installer | Stack | Compute | Create compute nodes
-        ansible.builtin.include_role:
-          name: "{{ item }}"
-        loop:
-          - "cloud_compute"
+    #   - name: okd-installer | Stack | Compute | Create compute nodes
+    #     ansible.builtin.include_role:
+    #       name: "{{ item }}"
+    #     loop:
+    #       - "cloud_compute"
 
 - name: okd-installer | Stack | Compute ALL | Save state
   import_playbook: config.yaml

playbooks/group_vars/all.yaml

@@ -10,6 +10,7 @@ config_install_dir: "{{ collection_cluster_dir }}/{{ cluster_name }}"
 bin_openshift_install: "{{ collection_bin_dir }}/openshift-install-{{ cluster_name }}"
 bin_oc: "{{ collection_bin_dir }}/oc-{{ cluster_name }}"
 bin_butane: "{{ collection_bin_dir }}/butane-{{ cluster_name }}"
+bin_filetranspile: "{{ collection_bin_dir }}/filetranspile-{{ cluster_name }}"
 
 ## export CONFIG_PULL_SECRET_FILE=${HOME}/.openshift/pull-secret-latest.jso
 config_pull_secret_file: "{{ lookup('ansible.builtin.env', 'CONFIG_PULL_SECRET_FILE') }}"

playbooks/stack_loadbalancer.yaml

@@ -13,7 +13,7 @@
     cloud_loadbalancers_state: []
     profile_path: "{{ playbook_dir }}/vars/{{ config_provider }}/profiles/{{ cluster_profile|d('default') }}"
 
-  pre_tasks:
+  tasks:
     - name: okd-installer | Stack | LB | Include vars - User Provided
       ansible.builtin.include_vars:
         file: "{{ var_file }}"

playbooks/vars/digitalocean/profiles/HighlyAvailable/dns.yaml

@@ -1,17 +1,9 @@
 ---
-
-#AWS: https://docs.ansible.com/ansible/latest/collections/community/aws/route53_module.html
+# https://docs.ansible.com/ansible/latest/collections/community/digitalocean/digital_ocean_domain_module.html
 cloud_dns_zones:
-
-  # private
-  - name: "{{ cluster_state.dns.cluster_domain }}"
-    type: cluster
-    provider: do
-    #vpc_name: "{{ cluster_state.infra_id }}-vpc"
+  - provider: do
     vpc_region: "{{ cluster_state.region }}"
-    #private_zone: yes
-    project: "{{ cluster_state.infra_id }}"
-#    records:
-#      - name: "api.{{ cluster_state.zones.cluster }}"
-#        value: "lb.{{ cluster_state.zones.cluster }}"
-#        type: CNAME
+    spec:
+      name: "{{ cluster_state.dns.cluster_domain }}"
+      project_name: "{{ cluster_state.infra_id }}"
+      state: present

playbooks/vars/digitalocean/profiles/HighlyAvailable/loadbalancer-router-default.yaml

@@ -0,0 +1,3 @@
+---
+# placeholder
+cloud_loadbalancers: []

playbooks/vars/digitalocean/profiles/HighlyAvailable/loadbalancer.yaml

@@ -6,50 +6,51 @@ cloud_load_balancer_provider: do
 #> when specific service goes down. Recommened is to create one LB by
 #> rule with proper health check (not cover here)
 cloud_loadbalancers:
-  - name: "{{ cluster_state.infra_id }}-ext"
-    openshift_id: public
-    provider: do
+  - provider: do
     vpc_name: "{{ cluster_state.infra_id }}-vpc"
-    project: "{{ cluster_state.infra_id }}"
-    region: "{{ cluster_state.region }}"
+    spec:
+      name: "{{ cluster_state.infra_id }}-ext"
+      state: present
+      project_name: "{{ cluster_state.infra_id }}"
+      region: "{{ cluster_state.region }}"
+      redirect_http_to_https: no
+      size: "lb-small"
+      #algorithm: round_robin
+      enable_backend_keepalive: no
+      enable_proxy_protocol: no
+      wait: true
+      tag: "{{ cluster_state.infra_id }}-control-planes"
+      forwarding_rules:
+        - entry_protocol: tcp
+          entry_port: 6443
+          target_protocol: tcp
+          target_port: 6443
+          tls_passthrough: false
+        - entry_protocol: tcp
+          entry_port: 22623
+          target_protocol: tcp
+          target_port: 22623
+          tls_passthrough: false
+        - entry_protocol: tcp
+          entry_port: 80
+          target_protocol: tcp
+          target_port: 80
+          tls_passthrough: false
+        - entry_protocol: tcp
+          entry_port: 443
+          target_protocol: tcp
+          target_port: 443
+          tls_passthrough: false
+      health_check:
+        check_interval_seconds: 10
+        healthy_threshold: 5
+        path: "/healthz"
+        port: 6443
+        protocol: "https"
+        response_timeout_seconds: 5
+        unhealthy_threshold: 3
 
-    redirect_http_to_https: no
-    size: "lb-small"
-    #algorithm: round_robin
-    enable_backend_keepalive: no
-    enable_proxy_protocol: no
-
-    forwarding_rules:
-      - entry_protocol: tcp
-        entry_port: 6443
-        target_protocol: tcp
-        target_port: 6443
-        tls_passthrough: false
-      - entry_protocol: tcp
-        entry_port: 22623
-        target_protocol: tcp
-        target_port: 22623
-        tls_passthrough: false
-      - entry_protocol: tcp
-        entry_port: 80
-        target_protocol: tcp
-        target_port: 80
-        tls_passthrough: false
-      - entry_protocol: tcp
-        entry_port: 443
-        target_protocol: tcp
-        target_port: 443
-        tls_passthrough: false
-    health_check:
-      check_interval_seconds: 10
-      healthy_threshold: 5
-      path: "/healthz"
-      port: 6443
-      protocol: "https"
-      response_timeout_seconds: 5
-      unhealthy_threshold: 3
-
-    register_resources:
+    callbacks:
       - service: dns
         domain: "{{ cluster_state.dns.cluster_domain }}"
         records:
@@ -66,4 +67,7 @@ cloud_loadbalancers:
           type: CNAME
         - name: "oauth-openshift.app"
           value: "lb"
-          type: CNAME
+          type: CNAME
+
+
+# TODO: create internal load balancer based on haproxy for API

playbooks/vars/digitalocean/profiles/HighlyAvailable/node-bootstrap.yaml

@@ -1,34 +1,23 @@
 ---
-openshift_prefix: "{{ cluster_state.infra_id }}"
-openshift_bootstrap_bucket: "{{ openshift_prefix }}"
-
-openshift_instance_type: s-4vcpu-8gb
-openshift_image_id: "{{ cluster_state.compute.image_id }}"
-openshift_vpc_name: "{{ openshift_prefix }}-vpc"
-openshift_security_groups:
-  - "{{ openshift_prefix }}-bootstrap-sg"
-  - "{{ openshift_prefix }}-controlplane-sg"
-openshift_tags: "{{ cluster_state.tags }}"
 
+_instance_type: s-4vcpu-8gb
 userdata_config_source: "{{ bootstrap_ign_url }}"
 
 _def:
-  name: "{{ openshift_prefix }}-bootstrap"
+  name: "{{ cluster_state.infra_id }}-bootstrap"
   region: "{{ cluster_state.region }}"
   project: "{{ cluster_state.infra_id }}"
-  image_id: "{{ openshift_image_id }}"
-  instance_type: "{{ openshift_instance_type }}"
+  image_id: "{{ cluster_state.compute.image_id }}"
+  instance_type: "{{ _instance_type }}"
   state: present
-  vpc_name: "{{ openshift_vpc_name }}"
+  vpc_name: "{{ cluster_state.infra_id }}-vpc"
   wait: yes
   wait_timeout: 500
 
 compute_resources:
-    # Module 'machine' options:
+
+# https://docs.ansible.com/ansible/latest/collections/community/digitalocean/digital_ocean_droplet_module.html
     - provider: do
-      type: machine
-      name: "{{ _def.name }}"
-      state: "{{ _def.state }}"
       #filters:
       #  tag:Name: "{{ _def.name }}"
       #  instance-state-name: running
@@ -64,12 +53,19 @@ compute_resources:
         size: "{{ _def.instance_type }}"
         region: "{{ _def.region }}"
         project_name: "{{ _def.project }}"
-        private_networking: yes
+        private_networking: true
         wait_timeout: 500
+        #wait: no
+        ipv6: false
+        monitoring: false
+        tags:
+        - "{{ _def.project }}-control-planes"
+        - "cluster-name-{{ _def.project }}"
 
-      register_resources:
-        - service: loadbalancer
-          service_type: lb
-          resource_name: "{{ openshift_prefix}}-ext"
-          resource_type: ip
-          #resource_id: private_ip
+      callbacks:
+        - service: dns
+          domain: "{{ cluster_state.dns.cluster_domain }}"
+          rr_type: A
+          rr_name: "{{ _def.name }}"
+          droplet_network: v4
+          droplet_network_type: private