diff --git a/hack/run-integration-tests.sh b/hack/run-integration-tests.sh index aa669199..0c8cade2 100755 --- a/hack/run-integration-tests.sh +++ b/hack/run-integration-tests.sh @@ -32,7 +32,7 @@ IMAGE_NAME="${IMAGE_OS}-kube-${KUBE_TAG}" # If `BUILD_NEW_IMAGE` is true, then we use the provided artifact, otherwise # we download the latest promoted image. if [[ "${BUILD_NEW_IMAGE,,}" != "true" ]]; then - curl -LO https://object-storage.public.mtl1.vexxhost.net/swift/v1/a91f106f55e64246babde7402c21b87a/magnum-capi/${IMAGE_NAME}.qcow2 + curl --fail -LO https://object-storage.public.mtl1.vexxhost.net/swift/v1/a91f106f55e64246babde7402c21b87a/magnum-capi/${IMAGE_NAME}.qcow2 else test -f ${IMAGE_NAME}.qcow2 || exit 1 fi diff --git a/hack/stack.sh b/hack/stack.sh index 6ceb35c9..b7d93205 100755 --- a/hack/stack.sh +++ b/hack/stack.sh @@ -97,6 +97,12 @@ kubernetes_allowed_network_drivers = calico,cilium kubernetes_default_network_driver = calico [nova_client] api_version = 2.15 + +# See bug: https://bugs.launchpad.net/nova/+bug/2091114 +# Needs discussion with Flatcar team. +[[post-config|/etc/nova/nova-cpu.conf]] +[workarounds] +disable_deep_image_inspection = true EOF # Start DevStack deployment diff --git a/magnum_cluster_api/resources.py b/magnum_cluster_api/resources.py index 003711bf..80576c86 100644 --- a/magnum_cluster_api/resources.py +++ b/magnum_cluster_api/resources.py @@ -1190,6 +1190,15 @@ def get_object(self) -> objects.ClusterClass: }, }, }, + { + "name": "configureKubeProxy", + "required": True, + "schema": { + "openAPIV3Schema": { + "type": "string", + }, + }, + }, { "name": "fixedSubnetId", "required": True, @@ -1645,27 +1654,41 @@ def get_object(self) -> objects.ClusterClass: { "op": "add", "path": "/spec/template/spec/kubeadmConfigSpec/ignition", - "value": { - "containerLinuxConfig": { - "additionalConfig": textwrap.dedent( - """\ + "valueFrom": { + "template": textwrap.dedent( + """\ + containerLinuxConfig: + additionalConfig: | systemd: - units: - - name: coreos-metadata-sshkeys@.service - enabled: true - - name: kubeadm.service - enabled: true - dropins: - - name: 10-flatcar.conf + units: + - name: write-configure-kube-proxy.service + enabled: true contents: | [Unit] - Requires=containerd.service coreos-metadata.service - After=containerd.service coreos-metadata.service + Description=Write configure-kube-proxy.sh + Requires=coreos-metadata.service + After=coreos-metadata.service [Service] - EnvironmentFile=/run/metadata/flatcar - """ # noqa: E501 - ), - }, + Type=oneshot + ExecStart=/usr/bin/mkdir -p /run/kubeadm + ExecStart=/bin/bash -c 'echo {{ .configureKubeProxy }} | /usr/bin/base64 -d > /run/kubeadm/configure-kube-proxy.sh' + ExecStart=/bin/chmod +x /run/kubeadm/configure-kube-proxy.sh + [Install] + WantedBy=multi-user.target + - name: coreos-metadata-sshkeys@.service + enabled: true + - name: kubeadm.service + enabled: true + dropins: + - name: 10-flatcar.conf + contents: | + [Unit] + Requires=containerd.service coreos-metadata.service write-configure-kube-proxy.service + After=containerd.service coreos-metadata.service write-configure-kube-proxy.service + [Service] + EnvironmentFile=/run/metadata/flatcar + """ # noqa: E501 + ), }, }, { @@ -2801,6 +2824,17 @@ def get_object(self) -> objects.Cluster: ) or "", }, + { + "name": "configureKubeProxy", + "value": base64.encode_as_text( + importlib.resources.files( + "magnum_cluster_api.files.run.kubeadm" + ) + .joinpath("configure-kube-proxy.sh") + .read_text() + ) + or "", + }, { "name": "fixedSubnetId", "value": neutron.get_fixed_subnet_id(