Some helpful snippets of code to automate the creation of Cluster-Stacks
Creating cluster stacks and cluster based on these takes a significant number of stacks that are hard to remember correctly for people that are not cluster-API and Cluster Class expert.
We this hide them in a number of distinct steps that are in numbered scripts. The reason for not doing everything in one script is that you do register cloud secrets or install capi much less often than install cluster classses which happens much less often than creating clusters.
There is a cluster-settings-template.env file that contains the parameters typically adjusted by users. Please create a copy, fill it in, and pass it to the scripts.
-
00-bootstrap-vm-cs.sh: Install the needed software to be able to do cluster management on this host. (Developed for Debian 12.) This is only needed if you do not have the needed tools preinstalled.
-
01-kind-cluster.sh: Create kind cluster
-
02-deploy-capi.sh: Install ORC and CAPI.
-
03-deploy-cso.sh: Install the Cluster Stack Operator.
-
18-delete-kind.sh: Remove kind cluster management again.
- 04-cloud-secret.sh: Create namespace and secrets to work with the wanted OpenStack project.
- 05-deploy-cstack.sh: Create the Cluster Stack which is a template for various clusters with the same major minor version of k8s. Should trigger cluster class creation and image registration.
- 06-wait-clusterclass.sh: Wait for the cluster class
-
07-create-cluster.sh: Create a workload cluster as per all the settings that are passed.
-
08-wait-cluster.sh: Wait for the workload cluster
-
16-cleanup-cluster.sh: Remove loadbalancers and persistent volumes from cluster.
-
17-delete-cluster.sh: Remove cluster again.
The cloud.conf generated by the helm openstack-csp-helper in step 04
references a ca-file=/etc/config/cacert if a custom CA file is being
detected. This works for the OpenStack Cloud Controller Manager (OCCM)
that is deployed into the workload cluster, but not for the CSI Cinder
driver which mounts the cloud-config secrets at /etc/kubernetes
and not /etc/config/ by default, so the ca-file= reference points
to a non-existing file, see ClusterStacks issue #188.
This results in a CrashLoopBackup state for
the openstack-cinder-csi-* pods in the workload cluster. Until this
is fixed up upstream, it can be patched using the 09-fixup-cinder.sh.
The bootstrap KinD management cluster (host) is not set up in a way
that is robust enough for long-term operation. So we should move the
CAPI, CAPO, CSO management objects into a more resilient k8s cluster,
as is supported with clusterctl move. Beyond the capi, capi resources,
this requires tracking all other management resources (objects from
ORC, CSO etc.) -- once this is complete, a script will be offered
to facilitate this.