Change method of disabling lab public network interface from customizing ignition config to inserting a machineconfig
dustinblack opened this issue · 0 comments
We have since 4.3 used customization of ignition config files at install time as the method of disabling the lab public network interfaces so that there are no DHCP conflicts for shared lab deployments. Recently, this hit a bug in 4.6, which is a genuine regression, but in the process of testing a workaround it was discovered that using machineconfigs at install time might be a more maintainable and bullet-proof way to make the modifications we need. Pasted below are the current workaround instructions that we can use to inform a change to the JetSki and/or upstream code.
- Add a pause task to the JetSki
ansible-ipi-install/roles/installer/tasks/40_create_manifest.ymlfile after the manifests are created:
---
- name: Create OpenShift Manifest
shell: |
/usr/local/bin/openshift-baremetal-install --dir {{ dir }} create manifests
tags: manifests
- pause:
...- When you hit this pause point while running the Ansible playbook, connect to the provisioning/deployment/jump host, su to the kni user, and add the file
/home/kni/clusterconfigs/openshift/50-disable-lab-public-nic.yamlwith the below yaml:
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
labels:
machineconfiguration.openshift.io/role: worker
name: 50-disable-lab-public-nic
spec:
config:
ignition:
version: 2.2.0
storage:
files:
- contents:
source: data:text/plain;charset=utf-8;base64,REVWSUNFPWVubzEKQk9PVFBST1RPPW5vbmUKT05CT09UPW5vCg==
filesystem: root
mode: 0644
path: /etc/sysconfig/network-scripts/ifcfg-eno1This will insert the ifcfg-eno1 file with the correct settings to disable the NIC, and this will apply correctly to both master and worker nodes. With this done, the bridges that are new in 4.6 will associate with the correct interfaces, and the deployment will complete successfully.
Note that this specifically targets disabling interface eno1, which is the public NIC for both the FC640 and the R640 nodes in the scale lab. If you need to disable a different NIC, you will need to change the path value and modify the base64 encoded source content.