Git Product home page Git Product logo

openshift-network-playground's Introduction

OpenShift Network Playground (onp)

licence downloads artifact issues pullrequests openshiftlab

The OpenShift Network Playground is both web-based and cli-based interface built for advanced OpenShift users that makes it easy to quickly build and test different OpenShift network scenarios.

Architecture

OpenShift network playground

Features

  • Zero-touch installation (ZTI).
  • Cockpit cluster deployment.
  • Easy NIC addition to the cluster nodes.
  • Web-based file manager, VM management and container management.
  • RHCOS console login for unreachable nodes.
  • Quick Operator installation and sample manifests for test.
  • Network tools.
  • Single-stack IPv6 cluster.
  • Easy RHCOS/FCOS VM provisioning.
  • Kind cluster.
  • Golang network tools.

Prerequisites

OpenShift cluster manager API token

Copy it from here.

Machine

Machine CPU RAM DISK
VM or Bare-metal 20 80 GB 320 GB

INFO: Enable nested virtualization if the host is a VM. In Red Hat Virtualization, enable the Pass-Through Host CPU CPU option in the Virtual Machine settings (Under the Host section). In VMware ESXi, enable Hardware virtualization (Expose hardware assisted virtualization to the guest OS). This can be checked using the virt-host-validate command from the VM itself. The output of the command should provide QEMU: Checking for hardware virtualization : PASS.

Installation

  • Download the ISO.
curl -LO $(curl -s https://api.github.com/repos/kevydotvinu/openshift-network-playground/releases/latest | grep "browser_download_url.*\.iso" | cut -d : -f 2,3 | tr -d \")
  • Boot it and wait for the installation to complete (Monitor the progress in the machine console).

WARNING: The ISO boot will erase ALL the data on the /dev/sda disk and install OpenShift Network Playground automatically.

OpenShift cluster deployment

Web-based

  • Access Cockpit console (https://<IP>:9090/).
  • Authenticate using the credentials (username: onp, password: Onp@123).
  • Go to OpenShift tab.
  • Enter the release (stable-4.12, 4.12.2, etc) and OCM API token.
  • Press the Deploy button.

INFO: To monitor the deployment progress, go to Services tab and search for deploy-cluster.service.

CLI-based

onp help
onp deploy RELEASE=<release> OCM_TOKEN=<token>

Single-stack IPv6 cluster architecture

Single-stack IPv6 cluster architecture

Sponsor

Many thanks to JetBrains for Open Source development license(s).

JetBrains Logo (Main) logo

openshift-network-playground's People

Contributors

kevydotvinu avatar

Stargazers

avatar avatar avatar

Watchers

avatar avatar

Forkers

emmahone

openshift-network-playground's Issues

Trouble accessing SNO console

  • Need to remove the below iptables rules.
$ sudo iptables -t nat -D PREROUTING -i enp2s0 -p tcp -m tcp --dport 6443 -j DNAT --to-destination 192.168.123.88:6443
$ sudo iptables -t nat -D PREROUTING -i enp2s0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.123.89:80
$ sudo iptables -t nat -D PREROUTING -i enp2s0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 192.168.123.89:443

Add disk space check in `store-release` Make target 

function check_size() {
        SIZE=$(du -cs /opt/openshift-network-playground/libvirt/master* | tail -n1 | awk '{print $1}')
        SIZEH=$(du -csh /opt/openshift-network-playground/libvirt/master* | tail -n1 | awk '{print $1}')
        FREE=$(df -P /opt | sed -n 2p | awk '{print $4}')
        FREEH=$(df -Ph /opt | sed -n 2p | awk '{print $4}')
        if [[ ${SIZE} -gt ${FREE} ]]; then
                echo "Error: /opt does not have enough space - Have: ${FREEH} Need: ${SIZEH}"
                exit 0
        fi
}

bug: OCM_TOKEN check issue

No VMs on startup 

[systemd]
Failed Units: 5
  master0.service
  master1.service
  master2.service
  worker0.service
  worker1.service

$ sudo virsh list --all
Id   Name   State
-------------------

Add `.zshenv` file 

alias onp='make --no-print-directory -C ${HOME} -f /home/onp/.Makefile'
alias konp='kubectl --kubeconfig ${HOME}/.kube/onp-kind-config'
alias kovn='kubectl --kubeconfig ${HOME}/.kube/ovn-kind-config'
alias kind='sudo KIND_EXPERIMENTAL_PROVIDER=podman kind'
alias sno='oc --kubeconfig ${HOME}/openshift-network-playground/sno/auth/kubeconfig'
alias ssh='ssh -i ${HOME}/openshift-network-playground/id_ed25519 -o StrictHostKeyChecking=no'
export EDITOR=vi
export PATH=${PATH}:/usr/local/go/bin
export PATH=${PATH}:${HOME}/.local/network-tools/debug-scripts
export KUBECONFIG=${HOME}/openshift-network-playground/clusterconfigs/auth/kubeconfig
sed -i -e 's/      /\t/g' ${HOME}/.Makefile

bug: Correct hostname

openshift-network-playground/ignition/00-core.bu

Line 2888 in 311ce3c

for node in $(oc get nodes -o json | jq -r --arg domain ".ocp.example.local" '.items[].metadata.name + $domain'); do ssh -i openshift-network-playground/id_ed25519 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no core@${node} -- sudo shutdown -h 1; done 

oc get nodes -o jsonpath='{.items[*].metadata.name}'

Add `true` and remove `exit 0`

openshift-network-playground/ignition/00-core.bu

Lines 1839 to 1861 in a21d79b

sudo virsh -q destroy ${RESOURCE} 2>/dev/null
sudo virsh -q undefine ${RESOURCE} 2>/dev/null
sudo virsh -q pool-start ${RESOURCE} 2>/dev/null
sudo virsh -q vol-delete ${RESOURCE} --pool ${RESOURCE} 2>/dev/null
sudo virsh -q vol-delete ${RESOURCE}-base --pool ${RESOURCE} 2>/dev/null
sudo virsh -q vol-delete ${RESOURCE}.ign --pool ${RESOURCE} 2>/dev/null
sudo virsh -q pool-destroy ${RESOURCE} 2>/dev/null
sudo virsh -q pool-delete ${RESOURCE} 2>/dev/null
sudo virsh -q pool-undefine ${RESOURCE} 2>/dev/null
exit 0
done
fi
echo "Removing installation directory ..."
rm -rf ${HOME}/openshift-network-playground/clusterconfigs
echo "Powering off master nodes ..."
if [[ -z ${MASTER_RESOURCES} ]]; then
echo "No master resources ..."
else
for i in master0 master1 master2 worker0 worker1; do
sudo virsh -q destroy $i 2>/dev/null
exit 0

Align `onp help` 

  onp-files                             Clone the ONP sample manifests
  rhcos-livecd NETWORK=baremetal                Create a RHCOS Live CD
  rhcos BUTANE=file.bu                  Create a RHCOS VM with custom butane
  disconnect-cluster                    Disconnect cluster from internet
  connect-cluster                       Connect cluster to internet
  services                              List services status
  bootstrap-ip                          Show bootstrap IP
  store-release FROM=4.x.y              Store OpenShift 4.x.y release
  restore-release TO=4.x.y              Restore OpenShift 4.x.y release
  list-releases                         List stored OpenShift releases
  store-sno4-release FROM=4.x.y         Store single node OpenShift 4.x.y release
  restore-sno4-release TO=4.x.y         Restore single node OpenShift 4.x.y release
  list-sno4-releases                            List stored single node OpenShift releases

Release changelog 

git log --pretty='%h - %s (%an)' $(git describe --tags --abbrev=0)..HEAD | grep -i -E '^.{10}(refactor:|feat:|ci:|docs:|bug:|chore:|revert:|style:test:)'

Add sno4 Make target

  • To deploy IPv4 SNO cluster
  • Modify sno.sh, sno-restart.sh, dns64 forward, dns64 reverse and .Makefile
  • Modify /etc/hosts, /etc/NetworkManager/dnsmasq.d/openshift-network-playground.confand ~/.bashrc

Cannot run `onp fedora` 

missing 'genisoimage'.  Required for --filesystem=iso9660.
make: *** [/home/onp/.Makefile:458: fedora] Error 1

Host ONP on KVM 

$ cat macvtap.xml
<network>
  <name>macvtap-net</name>
  <forward mode="bridge">
    <interface dev="ens1f0"/>
  </forward>
</network>

$ cat vm.sh
VM_NAME=${1}
ISO=${2}
VCPU=20
MEMORY=81920
VM_DISK=${VM_NAME}.img,bus=scsi
# NETWORK=network=macvtap-net,model=virtio,mac=52:54:00:1e:4d:ae
NETWORK=network=macvtap-net,model=virtio
CDROM=${ISO}

virsh destroy ${VM_NAME}
virsh undefine ${VM_NAME}
sudo qemu-img create ${VM_NAME}.img 540G
virt-install --name $VM_NAME \
        --os-variant fedora-coreos-stable \
        --vcpus $VCPU \
        --memory $MEMORY \
        --disk $VM_DISK \
        --network $NETWORK \
        --pxe \
        --cdrom $CDROM \
        --boot hd,cdrom \
        --filesystem type=mount,mode=mapped,source=/mnt,target=/mnt \
        --graphics spice,listen=0.0.0.0 \
        --video virtio \
        --channel spicevmc \
        --console pty,target.type=virtio \
        --serial pty \
        --noautoconsole

function WAIT_FOR_REBOOT {
sp='/-\|'
sc=0

spin() {
   printf "\r[${sp:sc++:1}] $1"
   ((sc==${#sp})) && sc=0
}

endspin() {
   printf "\r%s\n" "$@"
}

until [[ $(sudo virsh -q list | grep -o ${VM_NAME} | wc -c) -eq 0 ]]
do spin "Waiting for the installation and restart ..."
sleep 0.5
done
endspin
}

function START_NODE {
        sudo virsh start ${VM_NAME} > /dev/null
        echo "[✔] Installation completed!"
}

WAIT_FOR_REBOOT
START_NODE

Correct ISO download URL 

curl -LO $(curl -s https://api.github.com/repos/kevydotvinu/openshift-network-playground/releases/latest | grep "browser_download_url.*\.iso" | cut -d : -f 2,3 | tr -d \")

Add `[email protected]` 

systemd:
  units:
    - name: [email protected]
      dropins:
      - name: autologin-core.conf
        contents: |
          [Service]
          # Override Execstart in main unit
          ExecStart=
          # Add new Execstart with `-` prefix to ignore failure`
          ExecStart=-/usr/sbin/agetty --autologin core --noclear %I $TERM

Consider the scenario of having an onp host with multiple IPs.

  • The host-configure.service fails to configure the iptables rules due to the incorrect interface name parsing.

  • openshift-network-playground/ignition/00-core.bu

    Lines 551 to 553 in eb5caae

    /usr/sbin/iptables -t nat -I PREROUTING -p tcp -i $(/usr/sbin/ip r | grep default | awk '{print $5}') --dport 443 -j DNAT --to-destination 192.168.123.89:443
    /usr/sbin/iptables -t nat -I PREROUTING -p tcp -i $(/usr/sbin/ip r | grep default | awk '{print $5}') --dport 80 -j DNAT --to-destination 192.168.123.89:80
    /usr/sbin/iptables -t nat -I PREROUTING -p tcp -i $(/usr/sbin/ip r | grep default | awk '{print $5}') --dport 6443 -j DNAT --to-destination 192.168.123.88:6443
  • Change the above to:
/usr/sbin/ip r | grep default | awk '{print $5}' | head -n 1

Add `rhcos` and `fcos` `Make` target 

#!/bin/bash
# The script only needs the butane file as an arg

set -eou pipefail

BUTANE=$(readlink -f ${1})
IGNITION_NAME=$(basename -- ${BUTANE})
IGNITION_NAME=${IGNITION_NAME%.*}
RELEASE=$(grep 4[.][0-9] ${BUTANE} | awk '{print $2}')
RELEASE_IMAGE=$(curl -s https://mirror.openshift.com/pub/openshift-v4/clients/ocp/${RELEASE}/release.txt | grep 'Pull From: quay.io' | awk -F ' ' '{print $3}')
CMD=openshift-baremetal-install
PULLSECRET=${HOME}/openshift-network-playground/pullsecret
DIRECTORY=/opt/openshift-network-playground/libvirt/rhcos

sudo podman run --interactive --rm quay.io/coreos/butane:release --raw --strict < ${BUTANE} > ${DIRECTORY}/${IGNITION_NAME}.ign

echo "Downloading oc binary ..."
if [ ! -f "${DIRECTORY}/oc" ] || [ "$(${DIRECTORY}/oc version --client -o json | jq -r .releaseClientVersion)" != "${RELEASE}" ]; then
curl -s https://mirror.openshift.com/pub/openshift-v4/clients/ocp/${RELEASE}/openshift-client-linux.tar.gz | tar zxf - -C ${DIRECTORY} oc
fi
echo "✔ Downloaded!"

echo "Downloading openshift-install binary ..."
if [ ! -f "${DIRECTORY}/openshift-baremetal-install" ] || [ "$(${DIRECTORY}/openshift-baremetal-install version | head -n 1 | awk '{print $2}')" != "${RELEASE}" ]; then
${DIRECTORY}/oc adm release extract --registry-config "${PULLSECRET}" --command=${CMD} --to "${DIRECTORY}" ${RELEASE_IMAGE}
fi
echo "✔ Downloaded!"

RHCOS_QEMU_URI=$(${DIRECTORY}/openshift-baremetal-install coreos print-stream-json | jq -r --arg ARCH "$(arch)" '.architectures[$ARCH].artifacts.qemu.formats["qcow2.gz"].disk.location')
RHCOS_QEMU_NAME=${RHCOS_QEMU_URI##*/}
echo "Downloading image ..."

if [ ! -f "${DIRECTORY}/${RHCOS_QEMU_NAME}" ]; then
curl -#L ${RHCOS_QEMU_URI} -o ${DIRECTORY}/${RHCOS_QEMU_NAME}
fi
echo "✔ Downloaded!"

echo "Extracting image ..."
gunzip -c ${DIRECTORY}/${RHCOS_QEMU_NAME} > ${DIRECTORY}/${RHCOS_QEMU_NAME%.*}
cp ${DIRECTORY}/${RHCOS_QEMU_NAME%.*} ${DIRECTORY}/rhcos.qcow2
echo "✔ Extracted!"

DISK=${DIRECTORY}/rhcos.qcow2
VM_NAME=$(basename -- ${DISK})
VM_NAME=${VM_NAME%.*}

sudo virsh -q destroy ${VM_NAME} > /dev/null || true
sudo virsh -q undefine ${VM_NAME} > /dev/null || true
sudo virt-install --name ${VM_NAME} \
                  --vcpus 2 \
                  --ram 2048 \
                  --os-variant fedora-coreos-stable \
                  --import --network bridge=baremetal \
                  --qemu-commandline="-fw_cfg name=opt/com.coreos/config,file=${DIRECTORY}/${IGNITION_NAME}.ign" \
                  --disk ${DISK} \
                  --graphics spice,listen=0.0.0.0 \
                  --video virtio \
                  --channel spicevmc \
                  --console pty \
                  --serial pty \
                  --noautoconsole
sudo virsh console ${VM_NAME}

Add Fedora & Ubuntu VM for IPv6 network 

#!/bin/bash
# The script needs network, directory and image url as an args

set -eou pipefail

BRIDGE=${1}
NETWORK=$(echo ${BRIDGE} | tr "," "\n" | while read bridge; do echo --network bridge=${bridge}; done)
DIRECTORY=${2}
IMAGE=${3}
HOST_IP=$(ip r s default | awk '{print $9}')
ONP_DIR=/home/onp/openshift-network-playground

VM_NAME=$(basename -- ${DIRECTORY})
VM_NAME=${VM_NAME%.*}
IMAGE_NAME=$(basename -- ${IMAGE})
EXTENSION=${IMAGE_NAME##*.}
DISK=${DIRECTORY}/${VM_NAME}.${EXTENSION}

sudo rm -rf ${DIRECTORY}
sudo mkdir -p ${DIRECTORY}
sudo cloud-localds -v -m local --network-config=${ONP_DIR}/fedora-network-config-v1.yaml ${DIRECTORY}/seed.iso ${ONP_DIR}/fedora-user-data.yaml
sudo curl -#Lo ${DISK} ${IMAGE}

sudo virsh -q destroy ${VM_NAME} > /dev/null || true
sudo virsh -q undefine ${VM_NAME} > /dev/null || true
sudo virt-install --name ${VM_NAME} \
                  --vcpus 1 \
                  --ram 2048 \
                  --os-variant fedora-unknown \
                  --import \
                  ${NETWORK} \
                  --disk ${DISK} \
                  --disk ${DIRECTORY}/seed.iso,readonly=on \
                  --graphics spice,listen=${HOST_IP} \
                  --video virtio \
                  --channel spicevmc \
                  --console pty,target.type=virtio \
                  --serial pty \
                  --noautoconsole
sudo virsh console ${VM_NAME}

#cloud-config
preserve_hostname: False
hostname: fedora
fqdn: fedora.sno6.example.local
packages:
  - cloud-initramfs-growroot
output:
  all: ">> /var/log/cloud-init.log"
users:
  - name: onp
    plain_text_passwd: 'Onp@123'
    lock-passwd: False
    sudo: ['ALL=(ALL) NOPASSWD:ALL']
    groups: sudo
    shell: /bin/bash
ssh_pwauth: True

network:
  version: 1
  config:
    - type: physical
      name: eth0
      subnets:
        - type: static
          address: fd00:dead:beef::5/96
          gateway: fd00:dead:beef::1
          dns_nameservers:
            - fd00:dead:beef::1
          dns_search:
            - sno6.example.local

Add cloud-utils package in https://github.com/kevydotvinu/openshift-network-playground/blob/main/manifest.yaml
https://blog.josefsson.org/2022/08/22/static-network-config-with-debian-cloud-images/

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.