projects / osm / devops.git / blob
? search:


50b9b0e11cddcfe75df321bf4cdfb291e5ca13a9
[osm/devops.git] /
1 #######################################################################################
2 # Copyright ETSI Contributors and Others.
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 #    http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
13 # implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
16 #######################################################################################
17
18 apiVersion: argoproj.io/v1alpha1
19 kind: WorkflowTemplate
20 metadata:
21   name: cluster-management-wft
22   namespace: osm-workflows
23 spec:
24   templates:
25
26   # Create a PaaS cluster using CrossPlane (any cloud)
27   - name: create-crossplane-cluster
28     inputs:
29       parameters:
30       # Volumes with cloned repos
31       - name: fleet_volume_name
32       - name: fleet_mount_path
33         value: "/fleet"
34       - name: sw_catalogs_volume_name
35       - name: sw_catalogs_mount_path
36         value: "/sw-catalogs"
37
38       # Specific parameters
39       - name: cluster_kustomization_name
40       - name: cluster_name
41       ## As of today, one among `aks`, `eks` or `gke`:
42       - name: cluster_type
43       - name: providerconfig_name
44       - name: vm_size
45       - name: node_count
46       - name: cluster_location
47       - name: k8s_version
48       - name: public_key_mgmt
49       - name: public_key_new_cluster
50       - name: secret_name_private_age_key_for_new_cluster
51       - name: key_name_in_secret
52         value: "agekey"
53       - name: fleet_repo_url
54       - name: sw_catalogs_repo_url
55       - name: mgmt_project_name
56         value: "osm_admin"
57       ## Do we want to skip OSM's bootstrap?
58       - name: skip_bootstrap
59         value: "false"
60       ## AKS only (otherwise, empty)
61       - name: rg_name
62         values: ""
63       ## GKE only (otherwise, empty)
64       - name: preemptible_nodes
65         values: "false"
66       # Other parameters - Recommended to keep defaults
67       - name: mgmt_cluster_name
68         value: "_management"
69       - name: base_templates_path
70         value: "cloud-resources"
71       - name: cloned_fleet_folder_name
72         value: "fleet-osm"
73       - name: cloned_sw_catalogs_folder_name
74         value: "sw-catalogs-osm"
75       ## EKS only (otherwise, empty)
76       - name: cluster_iam_role
77       - name: cluster_private_subnets_id
78       - name: cluster_public_subnets_id
79       - name: cluster_subnets_configmap_name
80       # Debug?
81       - name: debug
82         value: "false"
83
84     container:
85       image: opensourcemano/osm-krm-functions:testing-daily
86       # imagePullPolicy: Always
87       env:
88       - name: PRIVATE_KEY_NEW_CLUSTER
89         valueFrom:
90           secretKeyRef:
91             name: "{{inputs.parameters.secret_name_private_age_key_for_new_cluster}}"
92             key: "{{inputs.parameters.key_name_in_secret}}"
93       - name: DEBUG
94         value: "{{inputs.parameters.debug}}"
95       command: ["/app/scripts/entrypoint.sh"]
96       args:
97       - create_crossplane_cluster
98       - "{{inputs.parameters.cluster_kustomization_name}}"
99       - "{{inputs.parameters.cluster_name}}"
100       - "{{inputs.parameters.cluster_type}}"
101       - "{{inputs.parameters.providerconfig_name}}"
102       - "{{inputs.parameters.vm_size}}"
103       - "{{inputs.parameters.node_count}}"
104       - "{{inputs.parameters.cluster_location}}"
105       - "{{inputs.parameters.k8s_version}}"
106       - "{{inputs.parameters.public_key_mgmt}}"
107       - "{{inputs.parameters.public_key_new_cluster}}"
108       - ''
109       - "{{inputs.parameters.rg_name}}"
110       - "{{inputs.parameters.preemptible_nodes}}"
111       - "{{inputs.parameters.fleet_mount_path}}/{{inputs.parameters.cloned_fleet_folder_name}}"
112       - "{{inputs.parameters.fleet_repo_url}}"
113       - "{{inputs.parameters.sw_catalogs_mount_path}}/{{inputs.parameters.cloned_sw_catalogs_folder_name}}"
114       - "{{inputs.parameters.sw_catalogs_repo_url}}"
115       - "{{inputs.parameters.skip_bootstrap}}"
116       - "{{inputs.parameters.mgmt_project_name}}"
117       - "{{inputs.parameters.mgmt_cluster_name}}"
118       - "{{inputs.parameters.base_templates_path}}"
119       - "{{inputs.parameters.cluster_iam_role}}"
120       - "{{inputs.parameters.cluster_private_subnets_id}}"
121       - "{{inputs.parameters.cluster_public_subnets_id}}"
122       - "{{inputs.parameters.cluster_subnets_configmap_name}}"
123
124       volumeMounts:
125       - name: fleet-repo-volume
126         mountPath: '{{inputs.parameters.fleet_mount_path}}'
127       - name: sw-catalogs-repo-volume
128         mountPath: '{{inputs.parameters.sw_catalogs_mount_path}}'
129     volumes:
130       - name: fleet-repo-volume
131         persistentVolumeClaim:
132           claimName: '{{inputs.parameters.fleet_volume_name}}'
133       - name: sw-catalogs-repo-volume
134         persistentVolumeClaim:
135           claimName: '{{inputs.parameters.sw_catalogs_volume_name}}'
136     securityContext:
137       runAsUser: 10000
138     #   runAsGroup: 10000
139     #   fsGroup: 10000
140
141
142   # Update a PaaS cluster created using CrossPlane (any cloud)
143   - name: update-crossplane-cluster
144     inputs:
145       parameters:
146       # Volumes with cloned repos
147       - name: fleet_volume_name
148       - name: fleet_mount_path
149         value: "/fleet"
150       - name: sw_catalogs_volume_name
151       - name: sw_catalogs_mount_path
152         value: "/sw-catalogs"
153
154       # Specific parameters
155       - name: cluster_kustomization_name
156       - name: cluster_name
157       ## As of today, one among `aks`, `eks` or `gke`:
158       - name: cluster_type
159       - name: providerconfig_name
160       - name: vm_size
161       - name: node_count
162       - name: cluster_location
163       - name: k8s_version
164       - name: public_key_mgmt
165       - name: public_key_new_cluster
166       - name: secret_name_private_age_key_for_new_cluster
167       - name: key_name_in_secret
168         value: "agekey"
169       - name: fleet_repo_url
170       - name: sw_catalogs_repo_url
171       - name: mgmt_project_name
172         value: "osm_admin"
173       ## AKS only (otherwise, empty)
174       - name: rg_name
175         values: ""
176       ## GKE only (otherwise, empty)
177       - name: preemptible_nodes
178         values: "false"
179       # Other parameters - Recommended to keep defaults
180       - name: mgmt_cluster_name
181         value: "_management"
182       - name: base_templates_path
183         value: "cloud-resources"
184       - name: cloned_fleet_folder_name
185         value: "fleet-osm"
186       - name: cloned_sw_catalogs_folder_name
187         value: "sw-catalogs-osm"
188       # Debug?
189       - name: debug
190         value: "false"
191
192     container:
193       image: opensourcemano/osm-krm-functions:testing-daily
194       # imagePullPolicy: Always
195       env:
196       - name: PRIVATE_KEY_NEW_CLUSTER
197         valueFrom:
198           secretKeyRef:
199             name: "{{inputs.parameters.secret_name_private_age_key_for_new_cluster}}"
200             key: "{{inputs.parameters.key_name_in_secret}}"
201       - name: DEBUG
202         value: "{{inputs.parameters.debug}}"
203       command: ["/app/scripts/entrypoint.sh"]
204       args:
205       - update_crossplane_cluster
206       - "{{inputs.parameters.cluster_kustomization_name}}"
207       - "{{inputs.parameters.cluster_name}}"
208       - "{{inputs.parameters.cluster_type}}"
209       - "{{inputs.parameters.providerconfig_name}}"
210       - "{{inputs.parameters.vm_size}}"
211       - "{{inputs.parameters.node_count}}"
212       - "{{inputs.parameters.cluster_location}}"
213       - "{{inputs.parameters.k8s_version}}"
214       - "{{inputs.parameters.public_key_mgmt}}"
215       - "{{inputs.parameters.public_key_new_cluster}}"
216       - ''
217       - "{{inputs.parameters.rg_name}}"
218       - "{{inputs.parameters.preemptible_nodes}}"
219       - "{{inputs.parameters.fleet_mount_path}}/{{inputs.parameters.cloned_fleet_folder_name}}"
220       - "{{inputs.parameters.fleet_repo_url}}"
221       - "{{inputs.parameters.sw_catalogs_mount_path}}/{{inputs.parameters.cloned_sw_catalogs_folder_name}}"
222       - "{{inputs.parameters.sw_catalogs_repo_url}}"
223       ## Note that during upgrades, OSM's bootstrap is avoided:
224       - "true"
225       - "{{inputs.parameters.mgmt_project_name}}"
226       - "{{inputs.parameters.mgmt_cluster_name}}"
227       - "{{inputs.parameters.base_templates_path}}"
228
229       volumeMounts:
230       - name: fleet-repo-volume
231         mountPath: '{{inputs.parameters.fleet_mount_path}}'
232       - name: sw-catalogs-repo-volume
233         mountPath: '{{inputs.parameters.sw_catalogs_mount_path}}'
234     volumes:
235       - name: fleet-repo-volume
236         persistentVolumeClaim:
237           claimName: '{{inputs.parameters.fleet_volume_name}}'
238       - name: sw-catalogs-repo-volume
239         persistentVolumeClaim:
240           claimName: '{{inputs.parameters.sw_catalogs_volume_name}}'
241     securityContext:
242       runAsUser: 10000
243     #   runAsGroup: 10000
244     #   fsGroup: 10000
245
246
247   # Bootstrap remote cluster running in **ANY cloud**
248   - name: bootstrap-remote-cluster
249     inputs:
250       parameters:
251       # Volumes with cloned repos
252       - name: fleet_volume_name
253       - name: fleet_mount_path
254         value: "/fleet"
255       - name: sw_catalogs_volume_name
256       - name: sw_catalogs_mount_path
257         value: "/sw-catalogs"
258
259       # Specific parameters
260       - name: cluster_name
261       - name: cluster_kustomization_name
262       - name: public_key_mgmt
263       - name: public_key_new_cluster
264       - name: secret_name_private_age_key_for_new_cluster
265       - name: key_name_in_secret
266         value: "agekey"
267       - name: fleet_repo_url
268       - name: sw_catalogs_repo_url
269
270       # Other parameters - Recommended to keep defaults
271       - name: mgmt_project_name
272         value: "osm_admin"
273       - name: imported_cluster
274         value: "false"
275       - name: fleet_repo_dir
276         value: "/fleet/fleet-osm/"
277       - name: sw_catalogs_repo_dir
278         value: "/sw-catalogs/sw-catalogs-osm/"
279
280       # Debug/dry run?
281       - name: debug
282         value: "false"
283
284     container:
285       image: opensourcemano/osm-krm-functions:testing-daily
286       # imagePullPolicy: Always
287       env:
288       - name: PRIVATE_KEY_NEW_CLUSTER
289         valueFrom:
290           secretKeyRef:
291             name: "{{inputs.parameters.secret_name_private_age_key_for_new_cluster}}"
292             key: "{{inputs.parameters.key_name_in_secret}}"
293       - name: DEBUG
294         value: "{{inputs.parameters.debug}}"
295       command: ["/app/scripts/entrypoint.sh"]
296       args:
297       - create_bootstrap_for_remote_cluster
298       - "{{inputs.parameters.cluster_name}}"
299       - "{{inputs.parameters.cluster_kustomization_name}}"
300       - "{{inputs.parameters.fleet_repo_dir}}"
301       - "{{inputs.parameters.sw_catalogs_repo_dir}}"
302       - "{{inputs.parameters.fleet_repo_url}}"
303       - "{{inputs.parameters.sw_catalogs_repo_url}}"
304       - "{{inputs.parameters.mgmt_project_name}}"
305       - "{{inputs.parameters.public_key_mgmt}}"
306       - "{{inputs.parameters.public_key_new_cluster}}"
307       - ''
308       - "{{inputs.parameters.imported_cluster}}"
309       volumeMounts:
310       - name: fleet-repo-volume
311         mountPath: '{{inputs.parameters.fleet_mount_path}}'
312       - name: sw-catalogs-repo-volume
313         mountPath: '{{inputs.parameters.sw_catalogs_mount_path}}'
314     volumes:
315       - name: fleet-repo-volume
316         persistentVolumeClaim:
317           claimName: '{{inputs.parameters.fleet_volume_name}}'
318       - name: sw-catalogs-repo-volume
319         persistentVolumeClaim:
320           claimName: '{{inputs.parameters.sw_catalogs_volume_name}}'
321     securityContext:
322       runAsUser: 10000
323     #   runAsGroup: 10000
324     #   fsGroup: 10000
325
326
327   # Disconnect Flux in remote cluster running in **ANY cloud**
328   - name: disconnect-flux-remote-cluster
329     inputs:
330       parameters:
331       # Volumes with cloned repos
332       - name: fleet_volume_name
333       - name: fleet_mount_path
334         value: "/fleet"
335
336       # Specific parameters
337       - name: cluster_kustomization_name
338       - name: mgmt_project_name
339         value: "osm_admin"
340
341       # Other parameters - Recommended to keep defaults
342       - name: fleet_repo_dir
343         value: "/fleet/fleet-osm/"
344
345       # Debug/dry run?
346       - name: debug
347         value: "false"
348
349     container:
350       image: opensourcemano/osm-krm-functions:testing-daily
351       # imagePullPolicy: Always
352       env:
353       - name: DEBUG
354         value: "{{inputs.parameters.debug}}"
355       command: ["/app/scripts/entrypoint.sh"]
356       args:
357       - disconnect_flux_remote_cluster
358       - "{{inputs.parameters.cluster_kustomization_name}}"
359       - "{{inputs.parameters.fleet_repo_dir}}"
360       - "{{inputs.parameters.mgmt_project_name}}"
361       volumeMounts:
362       - name: fleet-repo-volume
363         mountPath: '{{inputs.parameters.fleet_mount_path}}'
364     volumes:
365       - name: fleet-repo-volume
366         persistentVolumeClaim:
367           claimName: '{{inputs.parameters.fleet_volume_name}}'
368     securityContext:
369       runAsUser: 10000
370     #   runAsGroup: 10000
371     #   fsGroup: 10000
372
373
374   # Delete cluster from **ANY** cloud
375   - name: delete-cluster
376     inputs:
377       parameters:
378       # Volumes with cloned repos
379       - name: fleet_volume_name
380       - name: fleet_mount_path
381         value: "/fleet"
382
383       # Specific parameters
384       - name: cluster_kustomization_name
385       - name: project_name
386         value: "osm_admin"
387
388       # Other parameters - Recommended to keep defaults
389       - name: fleet_repo_dir
390         value: "/fleet/fleet-osm/"
391       - name: mgmt_resources_dir
392         value: "{{inputs.parameters.fleet_repo_dir}}/{{inputs.parameters.project_name}}/managed-resources/_management"
393
394     container:
395       image: opensourcemano/osm-krm-functions:testing-daily
396       # imagePullPolicy: Always
397       command: ["/app/scripts/entrypoint.sh"]
398       args:
399       - delete_remote_cluster
400       - "{{inputs.parameters.cluster_kustomization_name}}"
401       - "{{inputs.parameters.project_name}}"
402       - "{{inputs.parameters.fleet_repo_dir}}"
403       - "{{inputs.parameters.mgmt_resources_dir}}"
404
405       volumeMounts:
406       - name: fleet-repo-volume
407         mountPath: '{{inputs.parameters.fleet_mount_path}}'
408     volumes:
409       - name: fleet-repo-volume
410         persistentVolumeClaim:
411           claimName: '{{inputs.parameters.fleet_volume_name}}'
412     securityContext:
413       runAsUser: 10000
414     #   runAsGroup: 10000
415     #   fsGroup: 10000
416
417
418   # Purge and delete cluster from **ANY** cloud
419   - name: purge-delete-cluster
420     inputs:
421       parameters:
422       # Volumes with cloned repos
423       - name: fleet_volume_name
424       - name: fleet_mount_path
425         value: "/fleet"
426
427       # Specific parameters
428       - name: cluster_kustomization_name
429       - name: project_name
430         value: "osm_admin"
431
432       # Is a purge needed before deleting?
433       - name: purge
434         value: "true"
435       ## Secret where the kubeconfig is stored (may not exist)
436       - name: temp_kubeconfig_secret_name
437         valueFrom:
438           expression: "kubeconfig-{{inputs.parameters.cluster_kustomization_name}}"
439
440       # Other parameters - Recommended to keep defaults
441       - name: temp_kubeconfig_secret_key
442         value: "kubeconfig"
443       - name: fleet_repo_dir
444         value: "/fleet/fleet-osm/"
445       - name: mgmt_resources_dir
446         value: "{{inputs.parameters.fleet_repo_dir}}/{{inputs.parameters.project_name}}/managed-resources/_management"
447
448     container:
449       image: opensourcemano/osm-krm-functions:testing-daily
450       # imagePullPolicy: Always
451       command: ["/app/scripts/entrypoint.sh"]
452       args:
453       - delete_remote_cluster
454       - "{{inputs.parameters.cluster_kustomization_name}}"
455       - "{{inputs.parameters.project_name}}"
456       - "{{inputs.parameters.fleet_repo_dir}}"
457       - "{{inputs.parameters.mgmt_resources_dir}}"
458       - ''
459       - ''
460       - ''
461       - ''
462       - ''
463       - "{{inputs.parameters.purge}}"
464
465       volumeMounts:
466       - name: fleet-repo-volume
467         mountPath: '{{inputs.parameters.fleet_mount_path}}'
468       - name: kubeconfig-volume
469         mountPath: '/app/.kube'
470     volumes:
471       - name: fleet-repo-volume
472         persistentVolumeClaim:
473           claimName: '{{inputs.parameters.fleet_volume_name}}'
474       - name: kubeconfig-volume
475         secret:
476           secretName: '{{inputs.parameters.temp_kubeconfig_secret_name}}'
477           optional: true
478           items:
479             - key: '{{inputs.parameters.temp_kubeconfig_secret_key}}'
480               path: 'config'
481     securityContext:
482       fsGroup: 10000
483       # runAsUser: 10000
484       # runAsGroup: 10000