[WIP] PoC Hostnetworkless Ironic with VirtualMedia Using MetalLB LoadBalancer

[mboukhalfa]

⚠️ Do not merge this is only to demonstrate a PoC

This is a small PoC part of the short focus discussion metal3-io/baremetal-operator#1739. It demonstrate running Ironic without hostNetwork, limited to the virtualMedia use case, using a LoadBalancer service.

Changes Needed

1. Edit Ironic Deployment:

   • Remove hostNetwork: true.
   • Remove dnsmasq container.
   • Remove keepalived container.
   • Remove security restrictions to allow root access for debugging inside the containers.

2. Add MetalLB Service:
   Enable MetalLB on Minikube : minikube addons enable metallb
   and install it on the target cluster : kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.14.5/config/manifests/metallb-native.yaml
   and create an ip pool:

   apiVersion: metallb.io/v1beta1
   kind: IPAddressPool
   metadata:
     name: ironic-pool
     namespace: metallb-system
   spec:
     addresses:
     - 172.22.0.2-172.22.0.2
   ---
   apiVersion: metallb.io/v1beta1
   kind: L2Advertisement
   metadata:
     name: ironic
     namespace: metallb-system
   spec:
     ipAddressPools:
         - ironic-pool
   

3. Add LoadBalancer Service:

   apiVersion: v1
   kind: Service
   metadata:
    name: ironic
    annotations:
      metallb.universe.tf/loadBalancerIPs: 172.22.0.2
   spec:
    ports:
      - name: ironic
        port: 6385
        targetPort: 6385
      - name: inspector
        port: 5050
        targetPort: 5050
      - name: httpd
        port: 6180
        targetPort: 6180
    selector:
      name: ironic
    type: LoadBalancer
   

4. Edit Ironic ConfigMap:

   • Remove PROVISIONING_IP so that the runironic script uses the pod's IP from the eth0 interface.
   • Add external Ironic IPs to be published to external components like IPA.

5. Provisioning Networks:

   • No need to configure the ironicendpoint with 172.22.0.2

/hold

[metal3-io-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from mboukhalfa. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[mboukhalfa]

/test metal3-dev-env-integration-test-centos-main

[mboukhalfa]

/test metal3-dev-env-integration-test-centos-main

[mboukhalfa]

Quite strange error:

22:07:56  TASK [run_tests : Set fact for NIC names for the first BMH found] **************
22:07:56  An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'status'
22:07:56  task path: /home/metal3ci/tested_repo/tests/roles/run_tests/tasks/generate_templates.yml:9
22:07:56  fatal: [localhost]: FAILED! => {"changed": false}

Retriggering the PR is not changing the templates !

/test metal3-dev-env-integration-test-centos-main

[mboukhalfa]

/test metal3-dev-env-integration-test-centos-main

[mboukhalfa]

/test metal3-dev-env-integration-test-centos-main

[mboukhalfa]

/test metal3-dev-env-integration-test-centos-main

[mboukhalfa]

/test metal3-dev-env-integration-test-centos-main

[mboukhalfa]

Seems the issue seen RETRYING: Wait until no metal3cluster is remaining 132/150 relate to changes here since the issue has not been seen on the other periodic tests or the PR tests

[mboukhalfa]

/test ?

[metal3-io-bot]

@mboukhalfa: The following commands are available to trigger required jobs:

• /test markdownlint
• /test metal3-centos-e2e-integration-test-release-1-7
• /test metal3-dev-env-integration-test-ubuntu-main
• /test shellcheck

The following commands are available to trigger optional jobs:

• /test metal3-bml-integration-test-centos
• /test metal3-centos-e2e-basic-test-main
• /test metal3-centos-e2e-basic-test-release-1-6
• /test metal3-centos-e2e-basic-test-release-1-7
• /test metal3-centos-e2e-feature-test-main
• /test metal3-centos-e2e-feature-test-release-1-5
• /test metal3-centos-e2e-feature-test-release-1-6
• /test metal3-centos-e2e-feature-test-release-1-7
• /test metal3-centos-e2e-integration-test-main
• /test metal3-centos-e2e-integration-test-release-1-5
• /test metal3-centos-e2e-integration-test-release-1-6
• /test metal3-dev-env-integration-test-centos-main
• /test metal3-dev-env-integration-test-centos-release-1-5
• /test metal3-dev-env-integration-test-centos-release-1-6
• /test metal3-dev-env-integration-test-centos-release-1-7
• /test metal3-dev-env-integration-test-ubuntu-release-1-5
• /test metal3-dev-env-integration-test-ubuntu-release-1-6
• /test metal3-dev-env-integration-test-ubuntu-release-1-7
• /test metal3-e2e-1-26-1-27-upgrade-test-main
• /test metal3-e2e-1-26-1-27-upgrade-test-release-1-5
• /test metal3-e2e-1-26-1-27-upgrade-test-release-1-6
• /test metal3-e2e-1-26-1-27-upgrade-test-release-1-7
• /test metal3-e2e-1-27-1-28-upgrade-test-main
• /test metal3-e2e-1-27-1-28-upgrade-test-release-1-5
• /test metal3-e2e-1-27-1-28-upgrade-test-release-1-6
• /test metal3-e2e-1-27-1-28-upgrade-test-release-1-7
• /test metal3-e2e-1-28-1-29-upgrade-test-main
• /test metal3-e2e-1-28-1-29-upgrade-test-release-1-5
• /test metal3-e2e-1-28-1-29-upgrade-test-release-1-6
• /test metal3-e2e-1-28-1-29-upgrade-test-release-1-7
• /test metal3-e2e-clusterctl-upgrade-test-main
• /test metal3-e2e-clusterctl-upgrade-test-release-1-5
• /test metal3-e2e-clusterctl-upgrade-test-release-1-6
• /test metal3-e2e-clusterctl-upgrade-test-release-1-7
• /test metal3-ubuntu-e2e-basic-test-main
• /test metal3-ubuntu-e2e-basic-test-release-1-6
• /test metal3-ubuntu-e2e-basic-test-release-1-7
• /test metal3-ubuntu-e2e-feature-test-main
• /test metal3-ubuntu-e2e-feature-test-release-1-5
• /test metal3-ubuntu-e2e-feature-test-release-1-6
• /test metal3-ubuntu-e2e-feature-test-release-1-7
• /test metal3-ubuntu-e2e-integration-test-main
• /test metal3-ubuntu-e2e-integration-test-release-1-5
• /test metal3-ubuntu-e2e-integration-test-release-1-6
• /test metal3-ubuntu-e2e-integration-test-release-1-7

Use /test all to run the following jobs that were automatically triggered:

• shellcheck

In response to this:

/test ?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[mboukhalfa]

/test metal3-centos-e2e-basic-test-main

[mboukhalfa]

/test metal3-dev-env-integration-test-centos-main

[mboukhalfa]

The Changes is not implemented to be tested with e2e test
/override metal3-centos-e2e-basic-test-main

[metal3-io-bot]

@mboukhalfa: Overrode contexts on behalf of mboukhalfa: metal3-centos-e2e-basic-test-main

In response to this:

The Changes is not implemented to be tested with e2e test
/override metal3-centos-e2e-basic-test-main

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[metal3-io-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues will close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[mboukhalfa]

/close
Done in #1465

[metal3-io-bot]

@mboukhalfa: Closed this PR.

In response to this:

/close
Done in #1465

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.