From e6fefb764fa7ef7eb3fb933ac6e4a563cd827eae Mon Sep 17 00:00:00 2001 From: Paul Czarkowski Date: Thu, 14 Jul 2022 15:07:38 -0500 Subject: [PATCH] first version of aro pull secret chart Signed-off-by: Paul Czarkowski --- charts/aro-pull-secret/.helmignore | 23 +++++++ charts/aro-pull-secret/Chart.yaml | 8 +++ charts/aro-pull-secret/README.md | 59 +++++++++++++++++ charts/aro-pull-secret/templates/NOTES.txt | 0 charts/aro-pull-secret/templates/_helpers.tpl | 66 +++++++++++++++++++ .../templates/pull-secret.yaml | 15 +++++ charts/aro-pull-secret/values.yaml | 3 + 7 files changed, 174 insertions(+) create mode 100644 charts/aro-pull-secret/.helmignore create mode 100644 charts/aro-pull-secret/Chart.yaml create mode 100644 charts/aro-pull-secret/README.md create mode 100644 charts/aro-pull-secret/templates/NOTES.txt create mode 100644 charts/aro-pull-secret/templates/_helpers.tpl create mode 100644 charts/aro-pull-secret/templates/pull-secret.yaml create mode 100644 charts/aro-pull-secret/values.yaml diff --git a/charts/aro-pull-secret/.helmignore b/charts/aro-pull-secret/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/aro-pull-secret/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/aro-pull-secret/Chart.yaml b/charts/aro-pull-secret/Chart.yaml new file mode 100644 index 0000000..bffb664 --- /dev/null +++ b/charts/aro-pull-secret/Chart.yaml @@ -0,0 +1,8 @@ +apiVersion: v2 +name: aro-pull-secret +description: A Helm chart configuring a pull secret for the Aro cluster. +maintainers: + - name: paulczar +home: https://github.com/rh-mobb/helm-charts +type: application +version: 0.1.0 diff --git a/charts/aro-pull-secret/README.md b/charts/aro-pull-secret/README.md new file mode 100644 index 0000000..24e0905 --- /dev/null +++ b/charts/aro-pull-secret/README.md @@ -0,0 +1,59 @@ +# Helm Chart to set up GPU nodes on ARO clusters + +This Helm chart will deploy GPU nodes on ARO clusters. + +## Prerequisites + +* An ARO 4.10 cluster +* Helm CLI +* [Azure GPU Quota](https://mobb.ninja/docs/aro/gpu/) + +## Prepare Environment + +1. Add the MOBB chart repository to your Helm + + ```bash + helm repo add mobb https://rh-mobb.github.io/helm-charts/ + ``` + +1. Update your repositories + + ```bash + helm repo update + ``` + +## Deploy the Helm Chart + +1. Before Deploying the chart you need it to adopt the existing pull secret + + ```bash + kubectl -n openshift-config annotate secret \ + pull-secret meta.helm.sh/release-name=pull-secret + kubectl -n openshift-config annotate secret \ + pull-secret meta.helm.sh/release-namespace=openshift-config + kubectl -n openshift-config label secret \ + pull-secret app.kubernetes.io/managed-by=Helm + ``` + +1. Download your pull secret from **https://console.redhat.com/openshift/downloads -> Tokens -> Pull secret** and save it to values.yaml + +1. Update the pull secret + + ``` + helm upgrade --install pull-secret mobb/aro-pull-secret \ + -n openshift-config + ``` + +1. Optionally enable Operator Hub + + ```bash + oc patch configs.samples.operator.openshift.io cluster --type=merge \ + -p='{"spec":{"managementState":"Managed"}}' + oc patch operatorhub cluster --type=merge \ + -p='{"spec":{"sources":[ + {"name":"redhat-operators","disabled":false}, + {"name":"certified-operators","disabled":false}, + {"name":"community-operators","disabled":false}, + {"name":"redhat-marketplace","disabled":false} + ]}}' + ``` diff --git a/charts/aro-pull-secret/templates/NOTES.txt b/charts/aro-pull-secret/templates/NOTES.txt new file mode 100644 index 0000000..e69de29 diff --git a/charts/aro-pull-secret/templates/_helpers.tpl b/charts/aro-pull-secret/templates/_helpers.tpl new file mode 100644 index 0000000..2ffac61 --- /dev/null +++ b/charts/aro-pull-secret/templates/_helpers.tpl @@ -0,0 +1,66 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "aro-pull-secret.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{- define "aro-pull-secret.dummy" -}} +{"apiVersion":"v1","data":{".dockerconfigjson":"eyJhdXRocyI6eyJhcm9zdmMuYXp1cmVjci5pbyI6eyJhdXRoIjoiZGFkc2Rha016UXhNell0TjJVMVl5MDBZV0V4TFRnNU9EQXRZakF3TWpnM00yTmlObU0yT201R01XUmpkVDExUXpkRE16VnlPRDB3ZVdjMlVYbGxWMXBMVFZaaVdFRksifX19Cg=="},"kind":"Secret","metadata":{"creationTimestamp":"2022-07-14T15:14:43Z","managedFields":[{"apiVersion":"v1","fieldsType":"FieldsV1","fieldsV1":{"f:data":{".":{},"f:.dockerconfigjson":{}},"f:type":{}},"manager":"cluster-bootstrap","operation":"Update","time":"2022-07-14T15:14:43Z"}],"name":"pull-secret","namespace":"openshift-config","resourceVersion":"1859","uid":"864ad900-a9a3-4fdd-a897-b0fde32b18d3"},"type":"kubernetes.io/dockerconfigjson"} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "aro-pull-secret.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "aro-pull-secret.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "aro-pull-secret.labels" -}} +helm.sh/chart: {{ include "aro-pull-secret.chart" . }} +{{ include "aro-pull-secret.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "aro-pull-secret.selectorLabels" -}} +app.kubernetes.io/name: {{ include "aro-pull-secret.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "aro-pull-secret.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "aro-pull-secret.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/aro-pull-secret/templates/pull-secret.yaml b/charts/aro-pull-secret/templates/pull-secret.yaml new file mode 100644 index 0000000..5b2e278 --- /dev/null +++ b/charts/aro-pull-secret/templates/pull-secret.yaml @@ -0,0 +1,15 @@ +{{- $clusterPullSecret := lookup "v1" "Secret" "openshift-config" "pull-secret" -}} +{{- $dockerConfigJson := get ((include "aro-pull-secret.dummy" .) | fromJson).data ".dockerconfigjson" | b64dec }} +{{- if not (empty $clusterPullSecret) -}} +{{- $dockerConfigJson = get ($clusterPullSecret.data) ".dockerconfigjson" | b64dec }} +{{- end -}} +apiVersion: v1 +kind: Secret +metadata: + name: pull-secret + namespace: openshift-config + labels: + {{- include "aro-pull-secret.labels" . | nindent 4 }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ merge ($dockerConfigJson | fromJson) (.Values.pullSecret | fromJson) | toJson | b64enc }} diff --git a/charts/aro-pull-secret/values.yaml b/charts/aro-pull-secret/values.yaml new file mode 100644 index 0000000..3f98ac3 --- /dev/null +++ b/charts/aro-pull-secret/values.yaml @@ -0,0 +1,3 @@ +# copy this from https://console.redhat.com/openshift/downloads -> Tokens -> Pull secret + +pullSecret: '{"auths":{"cloud.openshift.com":{...}}'