From 07904d22bd37a14ae09a7aec52bd4154e1a8be0a Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Thu, 18 Jul 2024 15:17:09 +0200 Subject: [PATCH 01/16] Bump releases to version v0.18.5 (#203) Co-authored-by: metal-stack --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 2e6d70d838..707290af7b 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.4") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.5") ifeq ($(CI),true) DOCKER_TTY_ARG= From 616b0e1673203c06bea5c3b09930308fc9b6ae09 Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Mon, 29 Jul 2024 11:48:26 +0200 Subject: [PATCH 02/16] Bump releases to version v0.18.6 (#204) Co-authored-by: metal-stack --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 707290af7b..ec1f3c0a3d 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.5") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.6") ifeq ($(CI),true) DOCKER_TTY_ARG= From c9a7d30f3b0be717eddb0aa6a944ca676ee66f61 Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Tue, 30 Jul 2024 12:52:27 +0200 Subject: [PATCH 03/16] Bump releases to version v0.18.7 (#205) Co-authored-by: metal-stack --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index ec1f3c0a3d..9e9b32ceb4 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.6") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.7") ifeq ($(CI),true) DOCKER_TTY_ARG= From f60fb43e971564d0f776dc8fa7ea86bd2ca14e26 Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 12:58:19 +0200 Subject: [PATCH 04/16] Bump releases to version v0.18.8 (#206) * Bump releases to version v0.18.8 * Auto generate --------- Co-authored-by: metal-stack --- Makefile | 2 +- docs/src/external/metalctl/docs/metalctl_network_ip_list.md | 2 +- docs/src/external/metalctl/docs/metalctl_switch_delete.md | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 9e9b32ceb4..39c4f981da 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.7") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.8") ifeq ($(CI),true) DOCKER_TTY_ARG= diff --git a/docs/src/external/metalctl/docs/metalctl_network_ip_list.md b/docs/src/external/metalctl/docs/metalctl_network_ip_list.md index 8359c88b19..b1b8a6aaca 100644 --- a/docs/src/external/metalctl/docs/metalctl_network_ip_list.md +++ b/docs/src/external/metalctl/docs/metalctl_network_ip_list.md @@ -16,7 +16,7 @@ metalctl network ip list [flags] --network string network to filter [optional] --prefix string prefix to filter [optional] --project string project to filter [optional] - --sort-by strings sort by (comma separated) column(s), sort direction can be changed by appending :asc or :desc behind the column identifier. possible values: description|id|ipaddress|name|network|type + --sort-by strings sort by (comma separated) column(s), sort direction can be changed by appending :asc or :desc behind the column identifier. possible values: age|description|id|ipaddress|name|network|type --tags strings tags to filter [optional] --type string type to filter [optional] ``` diff --git a/docs/src/external/metalctl/docs/metalctl_switch_delete.md b/docs/src/external/metalctl/docs/metalctl_switch_delete.md index 5b6663e1fc..b511d00eff 100644 --- a/docs/src/external/metalctl/docs/metalctl_switch_delete.md +++ b/docs/src/external/metalctl/docs/metalctl_switch_delete.md @@ -22,6 +22,7 @@ metalctl switch delete [flags] the file can also contain multiple documents and perform a bulk operation. + --force forcefully delete the switch accepting the risk that it still has machines connected to it -h, --help help for delete --skip-security-prompts skips security prompt for bulk operations --timestamps when used with --file (bulk operation): prints timestamps in-between the operations From 6774884158c595181dc0a01529bcc90fec673eb3 Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Wed, 7 Aug 2024 11:05:20 +0200 Subject: [PATCH 05/16] Bump releases to version v0.18.9 (#207) * Bump releases to version v0.18.9 * Auto generate --------- Co-authored-by: metal-stack --- Makefile | 2 +- docs/src/external/mini-lab/README.md | 18 ++++-------------- 2 files changed, 5 insertions(+), 15 deletions(-) diff --git a/Makefile b/Makefile index 39c4f981da..0a39801f63 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.8") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.9") ifeq ($(CI),true) DOCKER_TTY_ARG= diff --git a/docs/src/external/mini-lab/README.md b/docs/src/external/mini-lab/README.md index 80163c1227..aa10d164d9 100644 --- a/docs/src/external/mini-lab/README.md +++ b/docs/src/external/mini-lab/README.md @@ -21,10 +21,10 @@ The mini-lab is a small, virtual setup to locally run the metal-stack. It deploy - Linux machine with hardware virtualization support - kvm as hypervisor for the VMs (you can check through the `kvm-ok` command) -- [docker](https://www.docker.com/) >= 20.10.13 (for using kind and our deployment base image) -- [kind](https://github.com/kubernetes-sigs/kind/releases) == v0.20.0 (for hosting the metal control plane) -- [containerlab](https://containerlab.srlinux.dev/install/) >= v0.47.1 -- the lab creates a docker network on your host machine (`172.17.0.1`), this hopefully does not overlap with other networks you have +- [docker](https://www.docker.com/) >= 24.x.y (for using kind and our deployment base image) +- [kind](https://github.com/kubernetes-sigs/kind/releases) == v0.23.0 (for hosting the metal control plane) +- [containerlab](https://containerlab.dev/install/) >= v0.56.0 +- the lab creates a docker network on your host machine with the address block `203.0.113.0/24`, designated as TEST-NET-3 for documentation and examples. - (recommended) haveged to have enough random entropy (only needed if the PXE process does not work) Here is some code that should help you to set up most of the requirements: @@ -167,16 +167,6 @@ Login with user name metal and the console password from docker compose run --rm metalctl machine consolepassword e0ab02d2-27cd-5a5e-8efc-080ba80cf258 ``` -If you want to access the firewall with SSH or have internet connectivity from the firewall and machine, you'll need to have a static route configured that points to the leaf switches: - -```bash -# Add the route to the network internet-mini-lab 100.255.254.0/24 via leaf01 and leaf02, whose IPs are dynamically allocated. Make sure there's no old route before execution. -make route - -# Connect to the firewall -ssh metal@100.255.254.1 -``` - To remove the kind cluster, the switches and machines, run: ```bash From 84ecd2c6d5ad21790c76e62cbe4cd4cbb4027687 Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Fri, 9 Aug 2024 13:19:36 +0200 Subject: [PATCH 06/16] Bump releases to version v0.18.10 (#208) Co-authored-by: metal-stack --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 0a39801f63..91e0536cf8 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.9") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.10") ifeq ($(CI),true) DOCKER_TTY_ARG= From 4a52e63134edd7187dcf84b66a49568967cb0eb1 Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Tue, 3 Sep 2024 13:18:56 +0200 Subject: [PATCH 07/16] Bump releases to version v0.18.11 (#210) Co-authored-by: metal-stack --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 91e0536cf8..47e0176038 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.10") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.11") ifeq ($(CI),true) DOCKER_TTY_ARG= From 11e4b363d3bb249ddba59c947ac775d6761960da Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Fri, 6 Sep 2024 14:38:53 +0200 Subject: [PATCH 08/16] Bump releases to version v0.18.12 (#211) * Bump releases to version v0.18.12 * Auto generate --------- Co-authored-by: metal-stack --- Makefile | 2 +- .../metalctl/docs/metalctl_network_create.md | 59 ++++++++++--------- .../metalctl/docs/metalctl_network_update.md | 49 +++++++-------- 3 files changed, 56 insertions(+), 54 deletions(-) diff --git a/Makefile b/Makefile index 47e0176038..6d2b940ed3 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.11") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.12") ifeq ($(CI),true) DOCKER_TTY_ARG= diff --git a/docs/src/external/metalctl/docs/metalctl_network_create.md b/docs/src/external/metalctl/docs/metalctl_network_create.md index 6eadea422c..75f568bb48 100644 --- a/docs/src/external/metalctl/docs/metalctl_network_create.md +++ b/docs/src/external/metalctl/docs/metalctl_network_create.md @@ -9,35 +9,36 @@ metalctl network create [flags] ## Options ``` - --bulk-output when used with --file (bulk operation): prints results at the end as a list. default is printing results intermediately during the operation, which causes single entities to be printed in a row. - -d, --description string description of the network to create. [optional] - --destination-prefixes strings destination prefixes in this network. - -f, --file string filename of the create or update request in yaml format, or - for stdin. - - Example: - $ metalctl network describe network-1 -o yaml > network.yaml - $ vi network.yaml - $ # either via stdin - $ cat network.yaml | metalctl network create -f - - $ # or via file - $ metalctl network create -f network.yaml - - the file can also contain multiple documents and perform a bulk operation. - - -h, --help help for create - --id string id of the network to create. [optional] - --labels strings add initial labels, must be in the form of key=value, use it like: --labels "key1=value1,key2=value2". - -n, --name string name of the network to create. [optional] - --nat set nat flag of network, if set to true, traffic from this network will be natted. - -p, --partition string partition where this network should exist. - --prefixes strings prefixes in this network. - --privatesuper set private super flag of network, if set to true, this network is used to start machines there. - --project string project of the network to create. [optional] - --skip-security-prompts skips security prompt for bulk operations - --timestamps when used with --file (bulk operation): prints timestamps in-between the operations - --underlay set underlay flag of network, if set to true, this is used to transport underlay network traffic - --vrf int vrf of this network - --vrfshared vrf shared allows multiple networks to share a vrf + --additional-announcable-cidrs strings list of cidrs which are added to the route maps per tenant private network, these are typically pod- and service cidrs, can only be set in a supernetwork + --bulk-output when used with --file (bulk operation): prints results at the end as a list. default is printing results intermediately during the operation, which causes single entities to be printed in a row. + -d, --description string description of the network to create. [optional] + --destination-prefixes strings destination prefixes in this network. + -f, --file string filename of the create or update request in yaml format, or - for stdin. + + Example: + $ metalctl network describe network-1 -o yaml > network.yaml + $ vi network.yaml + $ # either via stdin + $ cat network.yaml | metalctl network create -f - + $ # or via file + $ metalctl network create -f network.yaml + + the file can also contain multiple documents and perform a bulk operation. + + -h, --help help for create + --id string id of the network to create. [optional] + --labels strings add initial labels, must be in the form of key=value, use it like: --labels "key1=value1,key2=value2". + -n, --name string name of the network to create. [optional] + --nat set nat flag of network, if set to true, traffic from this network will be natted. + -p, --partition string partition where this network should exist. + --prefixes strings prefixes in this network. + --privatesuper set private super flag of network, if set to true, this network is used to start machines there. + --project string project of the network to create. [optional] + --skip-security-prompts skips security prompt for bulk operations + --timestamps when used with --file (bulk operation): prints timestamps in-between the operations + --underlay set underlay flag of network, if set to true, this is used to transport underlay network traffic + --vrf int vrf of this network + --vrfshared vrf shared allows multiple networks to share a vrf ``` ## Options inherited from parent commands diff --git a/docs/src/external/metalctl/docs/metalctl_network_update.md b/docs/src/external/metalctl/docs/metalctl_network_update.md index da66542566..91c3d65a28 100644 --- a/docs/src/external/metalctl/docs/metalctl_network_update.md +++ b/docs/src/external/metalctl/docs/metalctl_network_update.md @@ -9,30 +9,31 @@ metalctl network update [flags] ## Options ``` - --add-destinationprefixes strings destination prefixes to be added to the network [optional] - --add-prefixes strings prefixes to be added to the network [optional] - --bulk-output when used with --file (bulk operation): prints results at the end as a list. default is printing results intermediately during the operation, which causes single entities to be printed in a row. - --description string the description of the network [optional] - -f, --file string filename of the create or update request in yaml format, or - for stdin. - - Example: - $ metalctl network describe network-1 -o yaml > network.yaml - $ vi network.yaml - $ # either via stdin - $ cat network.yaml | metalctl network update -f - - $ # or via file - $ metalctl network update -f network.yaml - - the file can also contain multiple documents and perform a bulk operation. - - -h, --help help for update - --labels strings the labels of the network, must be in the form of key=value, use it like: --labels "key1=value1,key2=value2". [optional] - --name string the name of the network [optional] - --remove-destinationprefixes strings destination prefixes to be removed from the network [optional] - --remove-prefixes strings prefixes to be removed from the network [optional] - --shared marks a network as shared or not [optional] - --skip-security-prompts skips security prompt for bulk operations - --timestamps when used with --file (bulk operation): prints timestamps in-between the operations + --add-destinationprefixes strings destination prefixes to be added to the network [optional] + --add-prefixes strings prefixes to be added to the network [optional] + --additional-announcable-cidrs strings list of cidrs which are added to the route maps per tenant private network, these are typically pod- and service cidrs, can only be set in a supernetwork + --bulk-output when used with --file (bulk operation): prints results at the end as a list. default is printing results intermediately during the operation, which causes single entities to be printed in a row. + --description string the description of the network [optional] + -f, --file string filename of the create or update request in yaml format, or - for stdin. + + Example: + $ metalctl network describe network-1 -o yaml > network.yaml + $ vi network.yaml + $ # either via stdin + $ cat network.yaml | metalctl network update -f - + $ # or via file + $ metalctl network update -f network.yaml + + the file can also contain multiple documents and perform a bulk operation. + + -h, --help help for update + --labels strings the labels of the network, must be in the form of key=value, use it like: --labels "key1=value1,key2=value2". [optional] + --name string the name of the network [optional] + --remove-destinationprefixes strings destination prefixes to be removed from the network [optional] + --remove-prefixes strings prefixes to be removed from the network [optional] + --shared marks a network as shared or not [optional] + --skip-security-prompts skips security prompt for bulk operations + --timestamps when used with --file (bulk operation): prints timestamps in-between the operations ``` ## Options inherited from parent commands From 096b107b82d84ce017eef0f538d62b2c48bf9e13 Mon Sep 17 00:00:00 2001 From: Simon Mayer <49491825+simcod@users.noreply.github.com> Date: Mon, 9 Sep 2024 08:59:03 +0200 Subject: [PATCH 09/16] Fix some typos (#212) --- docs/src/installation/deployment.md | 126 +++++++++++++--------------- docs/src/overview/architecture.md | 4 +- docs/src/overview/networking.md | 2 +- 3 files changed, 61 insertions(+), 71 deletions(-) diff --git a/docs/src/installation/deployment.md b/docs/src/installation/deployment.md index d59c7633dc..71a3dd099a 100644 --- a/docs/src/installation/deployment.md +++ b/docs/src/installation/deployment.md @@ -4,7 +4,7 @@ We are bootstrapping the [metal control plane](../overview/architecture.md#Metal In order to build up your deployment, we recommend to make use of the same Ansible roles that we are using by ourselves in order to deploy the metal-stack. You can find them in the repository called [metal-roles](https://github.com/metal-stack/metal-roles). -In order to wrap up deployment dependencies there is a special [deployment base image](https://hub.docker.com/r/metalstack/metal-deployment-base) hosted on Docker Hub that you can use for running the deployment. Using this Docker image eliminates a lot of moving parts in the deployment and should keep the footprints on your system fairly small and maintainable. +In order to wrap up deployment dependencies there is a special [deployment base image](https://github.com/metal-stack/metal-deployment-base/pkgs/container/metal-deployment-base) hosted on GitHub that you can use for running the deployment. Using this Docker image eliminates a lot of moving parts in the deployment and should keep the footprints on your system fairly small and maintainable. This document will from now on assume that you want to use our Ansible deployment roles for setting up metal-stack. We will also use the deployment base image, so you should also have [Docker](https://docs.docker.com/get-docker/) installed. It is in the nature of software deployments to differ from site to site, company to company, user to user. Therefore, we can only describe you the way of how the deployment works for us. It is up to you to tweak the deployment described in this document to your requirements. @@ -290,38 +290,30 @@ Also define the following configurations for `cfssl`: - `files/certs/ca-config.json` ```json { - "signing": { - "default": { - "expiry": "43800h" - }, - "profiles": { - "server": { - "expiry": "43800h", - "usages": [ - "signing", - "key encipherment", - "server auth" - ] - }, - "client": { - "expiry": "43800h", - "usages": [ - "signing", - "key encipherment", - "client auth" - ] - }, - "client-server": { - "expiry": "43800h", - "usages": [ - "signing", - "key encipherment", - "client auth", - "server auth" - ] - } - } + "signing": { + "default": { + "expiry": "43800h" + }, + "profiles": { + "server": { + "expiry": "43800h", + "usages": ["signing", "key encipherment", "server auth"] + }, + "client": { + "expiry": "43800h", + "usages": ["signing", "key encipherment", "client auth"] + }, + "client-server": { + "expiry": "43800h", + "usages": [ + "signing", + "key encipherment", + "client auth", + "server auth" + ] + } } + } } ``` - `files/certs/ca-csr.json` @@ -335,9 +327,9 @@ Also define the following configurations for `cfssl`: }, "names": [ { - "C": "DE", - "L": "Munich", - "O": "Metal-Stack", + "C": "DE", + "L": "Munich", + "O": "Metal-Stack", "OU": "DevOps", "ST": "Bavaria" } @@ -355,9 +347,9 @@ Also define the following configurations for `cfssl`: }, "names": [ { - "C": "DE", - "L": "Munich", - "O": "Metal-Stack", + "C": "DE", + "L": "Munich", + "O": "Metal-Stack", "OU": "DevOps", "ST": "Bavaria" } @@ -380,9 +372,9 @@ Also define the following configurations for `cfssl`: }, "names": [ { - "C": "DE", - "L": "Munich", - "O": "Metal-Stack", + "C": "DE", + "L": "Munich", + "O": "Metal-Stack", "OU": "DevOps", "ST": "Bavaria" } @@ -400,9 +392,9 @@ Also define the following configurations for `cfssl`: }, "names": [ { - "C": "DE", - "L": "Munich", - "O": "Metal-Stack", + "C": "DE", + "L": "Munich", + "O": "Metal-Stack", "OU": "DevOps", "ST": "Bavaria" } @@ -413,18 +405,16 @@ Also define the following configurations for `cfssl`: ```json { "CN": "metal-api", - "hosts": [ - "" - ], + "hosts": [""], "key": { "algo": "rsa", "size": 4096 }, "names": [ { - "C": "DE", - "L": "Munich", - "O": "Metal-Stack", + "C": "DE", + "L": "Munich", + "O": "Metal-Stack", "OU": "DevOps", "ST": "Bavaria" } @@ -660,24 +650,24 @@ You can find installation instructions for Gardener on the Gardener website bene 1. Register the [os-extension-provider-metal](https://github.com/metal-stack/os-metal-extension) controller by deploying the [controller-registration](https://github.com/metal-stack/os-metal-extension/blob/v0.4.1/example/controller-registration.yaml) into your Gardener cluster, this controller can transform the operating system configuration from Gardener into Ignition user data 1. You need to use the Gardener's [networking-calico](https://github.com/gardener/gardener-extension-networking-calico) controller for setting up shoot CNI, you will have to put specific provider configuration into the shoot spec to make it work with metal-stack: ```yaml - networking: - type: calico - # we can peer with the frr within 10.244.0.0/16, which we do with the metallb - # the networks for the shoot need to be disjunct with the networks of the seed, otherwise the VPN connection will not work properly - # the seeds are typically deployed with podCIDR 10.244.128.0/18 and serviceCIDR 10.244.192.0/18 - # the shoots are typically deployed with podCIDR 10.244.0.0/18 and serviceCIDR 10.244.64.0/18 - pods: 10.244.0.0/18 - services: 10.244.64.0/18 - providerConfig: - apiVersion: calico.networking.extensions.gardener.cloud/v1alpha1 - kind: NetworkConfig - backend: vxlan - ipv4: - pool: vxlan - mode: Always - autoDetectionMethod: interface=lo - typha: - enabled: false + networking: + type: calico + # we can peer with the frr within 10.244.0.0/16, which we do with the metallb + # the networks for the shoot need to be disjunct with the networks of the seed, otherwise the VPN connection will not work properly + # the seeds are typically deployed with podCIDR 10.244.128.0/18 and serviceCIDR 10.244.192.0/18 + # the shoots are typically deployed with podCIDR 10.244.0.0/18 and serviceCIDR 10.244.64.0/18 + pods: 10.244.0.0/18 + services: 10.244.64.0/18 + providerConfig: + apiVersion: calico.networking.extensions.gardener.cloud/v1alpha1 + kind: NetworkConfig + backend: vxlan + ipv4: + pool: vxlan + mode: Always + autoDetectionMethod: interface=lo + typha: + enabled: false ``` 1. For your seed cluster you will need to provide the provider secret for metal-stack containing the key `metalAPIHMac`, which is the API HMAC to grant editor access to the metal-api 1. Checkout our current provider configuration for [infrastructure](https://github.com/metal-stack/gardener-extension-provider-metal/blob/master/pkg/apis/metal/v1alpha1/types_infrastructure.go) and [control-plane](https://github.com/metal-stack/gardener-extension-provider-metal/blob/master/pkg/apis/metal/v1alpha1/types_controlplane.go) before deploying your shoot diff --git a/docs/src/overview/architecture.md b/docs/src/overview/architecture.md index a90f1a5694..864de29678 100644 --- a/docs/src/overview/architecture.md +++ b/docs/src/overview/architecture.md @@ -29,10 +29,10 @@ One more word towards determining the location for your metal control plane: It The foundation of the metal-stack is what we call the _metal control plane_. -The control plane contains of a couple of essential microservices for the metal-stack including: +The control plane contains a couple of essential microservices for the metal-stack including: - **[metal-api](https://github.com/metal-stack/metal-api)** - The API to manage and control plane resources like machines, switches, operating system images, machine sizes, networks, IP addresses and more. The exposed API is an old-fashioned REST API with different authentication methods. The metal-api stores the state of these entities in a [RethinkDB](https://rethinkdb.com/) database. The metal-api also has its own IP address management ([go-ipam](https://github.com/metal-stack/go-ipam)), which writes IP address and network allocations into a PostgreSQL backend. + The API to manage control plane resources like machines, switches, operating system images, machine sizes, networks, IP addresses and more. The exposed API is an old-fashioned REST API with different authentication methods. The metal-api stores the state of these entities in a [RethinkDB](https://rethinkdb.com/) database. The metal-api also has its own IP address management ([go-ipam](https://github.com/metal-stack/go-ipam)), which writes IP address and network allocations into a PostgreSQL backend. - **[masterdata-api](https://github.com/metal-stack/masterdata-api)** Manages tenant and project entities, which can be described as entities used for company-specific resource separation and grouping. Having these "higher level entities" managed by a separate microservice was a design choice that allows to re-use the information by other microservices without having them to know the metal-api at all. The masterdata gets persisted in a dedicated PostgreSQL database. - **[metal-console](https://github.com/metal-stack/metal-console)** diff --git a/docs/src/overview/networking.md b/docs/src/overview/networking.md index 5f668b70a1..21cb54c253 100644 --- a/docs/src/overview/networking.md +++ b/docs/src/overview/networking.md @@ -94,7 +94,7 @@ In BGP, ASN is how BGP peers know each other. Within the data center each BGP router is identified by a private autonomous system number (ASN). This ASN is used for internal communication. The default is to have 2-byte ASN. To avoid having to find workarounds in case the ASN address space is exhausted, a 4-byte ASN that supports up to 95 million ASNs (4200000000–4294967294) is used from the beginning. -ASN numbering in a CLOS topology should follow a model to avoid routing problems (path hunting) due to it's redundant nature. Within a CLOS topology the following ANS numbering model is suggested to solve path hunting problems: +ASN numbering in a CLOS topology should follow a model to avoid routing problems (path hunting) due to it's redundant nature. Within a CLOS topology the following ASN numbering model is suggested to solve path hunting problems: - Leaves have unique ASN - Spines share an ASN From 69e62f7d12330b723397f0a44c02525b85322dfc Mon Sep 17 00:00:00 2001 From: Simon Mayer <49491825+simcod@users.noreply.github.com> Date: Mon, 9 Sep 2024 09:48:27 +0200 Subject: [PATCH 10/16] MEP-14 (#213) * MEP-14 * Add MEP-14 to overview page --------- Co-authored-by: Stefan Majer --- .../src/development/proposals/MEP14/README.md | 25 +++++++++++++++++++ docs/src/development/proposals/index.md | 1 + 2 files changed, 26 insertions(+) create mode 100644 docs/src/development/proposals/MEP14/README.md diff --git a/docs/src/development/proposals/MEP14/README.md b/docs/src/development/proposals/MEP14/README.md new file mode 100644 index 0000000000..7226337e84 --- /dev/null +++ b/docs/src/development/proposals/MEP14/README.md @@ -0,0 +1,25 @@ +# Independence from external sources + +In certain situations some customers may need to operate and create machines without making use of external services like DNS or NTP through the internet. To make this possible, all metal-stack components reaching external services need to be configurable with custom endpoints. + +So far, the following components have been identified as requiring changes: + +- pixiecore +- metal-hammer +- metal-images + +More components are likely to be added to the list during processing. + +## pixiecore + +A NTP server endpoint need to be configured on the pixiecore. This can be achieved by providing it through environment variables on start up. + +## metal-hammer + +If using a self-deployed NTP server, also the metal-hammer need to be configured with it. For backward compatibility, default values from `pool.ntp.org` and `time.google.com` are used. + +## metal-images + +Configurations for the `metal-images` are different for machines and firewalls. + +The implementation of this MEP will make metal-stack possible to create and maintain machines without requiring an internet connection. diff --git a/docs/src/development/proposals/index.md b/docs/src/development/proposals/index.md index 41a5bc2429..a0d0f7cd7e 100644 --- a/docs/src/development/proposals/index.md +++ b/docs/src/development/proposals/index.md @@ -30,3 +30,4 @@ Once a proposal was accepted, an issue should be raised and the implementation s | [MEP-10](MEP10/README.md) | SONiC Support | `Completed` | | [MEP-11](MEP11/README.md) | Auditing of metal-stack resources | `Completed` | | [MEP-12](MEP12/README.md) | Rack Spreading | `Completed` | +| [MEP-14](MEP14/README.md) | Independence from external sources | `In Discussion` | From 50abdb7e25c7cbd4c0a7ba488f7af981dca4381f Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Fri, 13 Sep 2024 11:48:03 +0200 Subject: [PATCH 11/16] Bump releases to version v0.18.13 (#214) Co-authored-by: metal-stack --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 6d2b940ed3..4644913fad 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.12") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.13") ifeq ($(CI),true) DOCKER_TTY_ARG= From 3924f44d37dc92d0296aebfea9a4a9fc0fba3eed Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Thu, 19 Sep 2024 08:36:48 +0200 Subject: [PATCH 12/16] Bump releases to version v0.18.14 (#215) Co-authored-by: metal-stack --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 4644913fad..843a99a2e0 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.13") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.14") ifeq ($(CI),true) DOCKER_TTY_ARG= From 83dee9859caac3d8511ab9df562deecc3ded6ca1 Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Wed, 9 Oct 2024 10:07:51 +0200 Subject: [PATCH 13/16] Bump releases to version v0.18.15 (#216) * Bump releases to version v0.18.15 * Auto generate --------- Co-authored-by: metal-stack --- Makefile | 2 +- docs/src/external/csi-driver-lvm/README.md | 2 +- .../metalctl/docs/metalctl_machine_update.md | 6 +- .../metalctl/docs/metalctl_network_update.md | 6 +- .../external/metalctl/docs/metalctl_size.md | 2 +- .../docs/metalctl_size_reservation.md | 54 +++++++++++++++ .../docs/metalctl_size_reservation_apply.md | 61 +++++++++++++++++ .../docs/metalctl_size_reservation_create.md | 68 +++++++++++++++++++ .../docs/metalctl_size_reservation_delete.md | 61 +++++++++++++++++ ... => metalctl_size_reservation_describe.md} | 11 ++- .../docs/metalctl_size_reservation_edit.md | 46 +++++++++++++ .../docs/metalctl_size_reservation_list.md | 51 ++++++++++++++ .../docs/metalctl_size_reservation_update.md | 65 ++++++++++++++++++ ....md => metalctl_size_reservation_usage.md} | 13 ++-- 14 files changed, 426 insertions(+), 22 deletions(-) create mode 100644 docs/src/external/metalctl/docs/metalctl_size_reservation.md create mode 100644 docs/src/external/metalctl/docs/metalctl_size_reservation_apply.md create mode 100644 docs/src/external/metalctl/docs/metalctl_size_reservation_create.md create mode 100644 docs/src/external/metalctl/docs/metalctl_size_reservation_delete.md rename docs/src/external/metalctl/docs/{metalctl_size_reservations.md => metalctl_size_reservation_describe.md} (86%) create mode 100644 docs/src/external/metalctl/docs/metalctl_size_reservation_edit.md create mode 100644 docs/src/external/metalctl/docs/metalctl_size_reservation_list.md create mode 100644 docs/src/external/metalctl/docs/metalctl_size_reservation_update.md rename docs/src/external/metalctl/docs/{metalctl_size_reservations_list.md => metalctl_size_reservation_usage.md} (85%) diff --git a/Makefile b/Makefile index 843a99a2e0..30fbe63b2f 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.14") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.15") ifeq ($(CI),true) DOCKER_TTY_ARG= diff --git a/docs/src/external/csi-driver-lvm/README.md b/docs/src/external/csi-driver-lvm/README.md index 2fb7e03177..de256e29fa 100644 --- a/docs/src/external/csi-driver-lvm/README.md +++ b/docs/src/external/csi-driver-lvm/README.md @@ -19,7 +19,7 @@ For the special case of block volumes, the filesystem-expansion has to be perfor You have to set the devicePattern for your hardware to specify which disks should be used to create the volume group. ```bash -helm install --repo https://helm.metal-stack.io mytest helm/csi-driver-lvm --set lvm.devicePattern='/dev/nvme[0-9]n[0-9]' +helm install --repo https://helm.metal-stack.io mytest csi-driver-lvm --set lvm.devicePattern='/dev/nvme[0-9]n[0-9]' ``` Now you can use one of following storageClasses: diff --git a/docs/src/external/metalctl/docs/metalctl_machine_update.md b/docs/src/external/metalctl/docs/metalctl_machine_update.md index ed2fca4031..d07f90cb69 100644 --- a/docs/src/external/metalctl/docs/metalctl_machine_update.md +++ b/docs/src/external/metalctl/docs/metalctl_machine_update.md @@ -3,7 +3,7 @@ updates the machine ``` -metalctl machine update [flags] +metalctl machine update [flags] ``` ## Options @@ -18,9 +18,9 @@ metalctl machine update [flags] $ metalctl machine describe machine-1 -o yaml > machine.yaml $ vi machine.yaml $ # either via stdin - $ cat machine.yaml | metalctl machine update -f - + $ cat machine.yaml | metalctl machine update -f - $ # or via file - $ metalctl machine update -f machine.yaml + $ metalctl machine update -f machine.yaml the file can also contain multiple documents and perform a bulk operation. diff --git a/docs/src/external/metalctl/docs/metalctl_network_update.md b/docs/src/external/metalctl/docs/metalctl_network_update.md index 91c3d65a28..2f6f8625cf 100644 --- a/docs/src/external/metalctl/docs/metalctl_network_update.md +++ b/docs/src/external/metalctl/docs/metalctl_network_update.md @@ -3,7 +3,7 @@ updates the network ``` -metalctl network update [flags] +metalctl network update [flags] ``` ## Options @@ -20,9 +20,9 @@ metalctl network update [flags] $ metalctl network describe network-1 -o yaml > network.yaml $ vi network.yaml $ # either via stdin - $ cat network.yaml | metalctl network update -f - + $ cat network.yaml | metalctl network update -f - $ # or via file - $ metalctl network update -f network.yaml + $ metalctl network update -f network.yaml the file can also contain multiple documents and perform a bulk operation. diff --git a/docs/src/external/metalctl/docs/metalctl_size.md b/docs/src/external/metalctl/docs/metalctl_size.md index 6de6a8aa1c..165a6731bb 100644 --- a/docs/src/external/metalctl/docs/metalctl_size.md +++ b/docs/src/external/metalctl/docs/metalctl_size.md @@ -50,7 +50,7 @@ a size matches a machine in terms of cpu cores, ram and storage. * [metalctl size edit](metalctl_size_edit.md) - edit the size through an editor and update * [metalctl size imageconstraint](metalctl_size_imageconstraint.md) - manage imageconstraint entities * [metalctl size list](metalctl_size_list.md) - list all sizes -* [metalctl size reservations](metalctl_size_reservations.md) - manage size reservations +* [metalctl size reservation](metalctl_size_reservation.md) - manage reservation entities * [metalctl size suggest](metalctl_size_suggest.md) - suggest size from a given machine id * [metalctl size update](metalctl_size_update.md) - updates the size diff --git a/docs/src/external/metalctl/docs/metalctl_size_reservation.md b/docs/src/external/metalctl/docs/metalctl_size_reservation.md new file mode 100644 index 0000000000..67031e48ee --- /dev/null +++ b/docs/src/external/metalctl/docs/metalctl_size_reservation.md @@ -0,0 +1,54 @@ +# metalctl size reservation + +manage reservation entities + +## Synopsis + +manage size reservations + +## Options + +``` + -h, --help help for reservation +``` + +## Options inherited from parent commands + +``` + --api-token string api token to authenticate. Can be specified with METALCTL_API_TOKEN environment variable. + --api-url string api server address. Can be specified with METALCTL_API_URL environment variable. + -c, --config string alternative config file path, (default is ~/.metalctl/config.yaml). + Example config.yaml: + + --- + apitoken: "alongtoken" + ... + + + --debug debug output + --force-color force colored output even without tty + --kubeconfig string Path to the kube-config to use for authentication and authorization. Is updated by login. Uses default path if not specified. + --no-headers do not print headers of table output format (default print headers) + -o, --output-format string output format (table|wide|markdown|json|yaml|template), wide is a table with more columns. (default "table") + --template string output template for template output-format, go template format. + For property names inspect the output of -o json or -o yaml for reference. + Example for machines: + + metalctl machine list -o template --template "{{ .id }}:{{ .size.id }}" + + + --yes-i-really-mean-it skips security prompts (which can be dangerous to set blindly because actions can lead to data loss or additional costs) +``` + +## SEE ALSO + +* [metalctl size](metalctl_size.md) - manage size entities +* [metalctl size reservation apply](metalctl_size_reservation_apply.md) - applies one or more reservations from a given file +* [metalctl size reservation create](metalctl_size_reservation_create.md) - creates the reservation +* [metalctl size reservation delete](metalctl_size_reservation_delete.md) - deletes the reservation +* [metalctl size reservation describe](metalctl_size_reservation_describe.md) - describes the reservation +* [metalctl size reservation edit](metalctl_size_reservation_edit.md) - edit the reservation through an editor and update +* [metalctl size reservation list](metalctl_size_reservation_list.md) - list all reservations +* [metalctl size reservation update](metalctl_size_reservation_update.md) - updates the reservation +* [metalctl size reservation usage](metalctl_size_reservation_usage.md) - see current usage of size reservations + diff --git a/docs/src/external/metalctl/docs/metalctl_size_reservation_apply.md b/docs/src/external/metalctl/docs/metalctl_size_reservation_apply.md new file mode 100644 index 0000000000..90ff479354 --- /dev/null +++ b/docs/src/external/metalctl/docs/metalctl_size_reservation_apply.md @@ -0,0 +1,61 @@ +# metalctl size reservation apply + +applies one or more reservations from a given file + +``` +metalctl size reservation apply [flags] +``` + +## Options + +``` + --bulk-output when used with --file (bulk operation): prints results at the end as a list. default is printing results intermediately during the operation, which causes single entities to be printed in a row. + -f, --file string filename of the create or update request in yaml format, or - for stdin. + + Example: + $ metalctl reservation describe reservation-1 -o yaml > reservation.yaml + $ vi reservation.yaml + $ # either via stdin + $ cat reservation.yaml | metalctl reservation apply -f - + $ # or via file + $ metalctl reservation apply -f reservation.yaml + + the file can also contain multiple documents and perform a bulk operation. + + -h, --help help for apply + --skip-security-prompts skips security prompt for bulk operations + --timestamps when used with --file (bulk operation): prints timestamps in-between the operations +``` + +## Options inherited from parent commands + +``` + --api-token string api token to authenticate. Can be specified with METALCTL_API_TOKEN environment variable. + --api-url string api server address. Can be specified with METALCTL_API_URL environment variable. + -c, --config string alternative config file path, (default is ~/.metalctl/config.yaml). + Example config.yaml: + + --- + apitoken: "alongtoken" + ... + + + --debug debug output + --force-color force colored output even without tty + --kubeconfig string Path to the kube-config to use for authentication and authorization. Is updated by login. Uses default path if not specified. + --no-headers do not print headers of table output format (default print headers) + -o, --output-format string output format (table|wide|markdown|json|yaml|template), wide is a table with more columns. (default "table") + --template string output template for template output-format, go template format. + For property names inspect the output of -o json or -o yaml for reference. + Example for machines: + + metalctl machine list -o template --template "{{ .id }}:{{ .size.id }}" + + + --yes-i-really-mean-it skips security prompts (which can be dangerous to set blindly because actions can lead to data loss or additional costs) +``` + +## SEE ALSO + +* [metalctl size reservation](metalctl_size_reservation.md) - manage reservation entities + diff --git a/docs/src/external/metalctl/docs/metalctl_size_reservation_create.md b/docs/src/external/metalctl/docs/metalctl_size_reservation_create.md new file mode 100644 index 0000000000..bbb79eb59d --- /dev/null +++ b/docs/src/external/metalctl/docs/metalctl_size_reservation_create.md @@ -0,0 +1,68 @@ +# metalctl size reservation create + +creates the reservation + +``` +metalctl size reservation create [flags] +``` + +## Options + +``` + --amount int32 the amount to associate with this reservation + --bulk-output when used with --file (bulk operation): prints results at the end as a list. default is printing results intermediately during the operation, which causes single entities to be printed in a row. + --description string the description to associate with this reservation + -f, --file string filename of the create or update request in yaml format, or - for stdin. + + Example: + $ metalctl reservation describe reservation-1 -o yaml > reservation.yaml + $ vi reservation.yaml + $ # either via stdin + $ cat reservation.yaml | metalctl reservation create -f - + $ # or via file + $ metalctl reservation create -f reservation.yaml + + the file can also contain multiple documents and perform a bulk operation. + + -h, --help help for create + --id string the id to associate with this reservation + --labels strings the labels to associate with this reservation + --partitions strings the partition ids to associate with this reservation + --project string the project id to associate with this reservation + --size string the size id to associate with this reservation + --skip-security-prompts skips security prompt for bulk operations + --timestamps when used with --file (bulk operation): prints timestamps in-between the operations +``` + +## Options inherited from parent commands + +``` + --api-token string api token to authenticate. Can be specified with METALCTL_API_TOKEN environment variable. + --api-url string api server address. Can be specified with METALCTL_API_URL environment variable. + -c, --config string alternative config file path, (default is ~/.metalctl/config.yaml). + Example config.yaml: + + --- + apitoken: "alongtoken" + ... + + + --debug debug output + --force-color force colored output even without tty + --kubeconfig string Path to the kube-config to use for authentication and authorization. Is updated by login. Uses default path if not specified. + --no-headers do not print headers of table output format (default print headers) + -o, --output-format string output format (table|wide|markdown|json|yaml|template), wide is a table with more columns. (default "table") + --template string output template for template output-format, go template format. + For property names inspect the output of -o json or -o yaml for reference. + Example for machines: + + metalctl machine list -o template --template "{{ .id }}:{{ .size.id }}" + + + --yes-i-really-mean-it skips security prompts (which can be dangerous to set blindly because actions can lead to data loss or additional costs) +``` + +## SEE ALSO + +* [metalctl size reservation](metalctl_size_reservation.md) - manage reservation entities + diff --git a/docs/src/external/metalctl/docs/metalctl_size_reservation_delete.md b/docs/src/external/metalctl/docs/metalctl_size_reservation_delete.md new file mode 100644 index 0000000000..4e12f87662 --- /dev/null +++ b/docs/src/external/metalctl/docs/metalctl_size_reservation_delete.md @@ -0,0 +1,61 @@ +# metalctl size reservation delete + +deletes the reservation + +``` +metalctl size reservation delete [flags] +``` + +## Options + +``` + --bulk-output when used with --file (bulk operation): prints results at the end as a list. default is printing results intermediately during the operation, which causes single entities to be printed in a row. + -f, --file string filename of the create or update request in yaml format, or - for stdin. + + Example: + $ metalctl reservation describe reservation-1 -o yaml > reservation.yaml + $ vi reservation.yaml + $ # either via stdin + $ cat reservation.yaml | metalctl reservation delete -f - + $ # or via file + $ metalctl reservation delete -f reservation.yaml + + the file can also contain multiple documents and perform a bulk operation. + + -h, --help help for delete + --skip-security-prompts skips security prompt for bulk operations + --timestamps when used with --file (bulk operation): prints timestamps in-between the operations +``` + +## Options inherited from parent commands + +``` + --api-token string api token to authenticate. Can be specified with METALCTL_API_TOKEN environment variable. + --api-url string api server address. Can be specified with METALCTL_API_URL environment variable. + -c, --config string alternative config file path, (default is ~/.metalctl/config.yaml). + Example config.yaml: + + --- + apitoken: "alongtoken" + ... + + + --debug debug output + --force-color force colored output even without tty + --kubeconfig string Path to the kube-config to use for authentication and authorization. Is updated by login. Uses default path if not specified. + --no-headers do not print headers of table output format (default print headers) + -o, --output-format string output format (table|wide|markdown|json|yaml|template), wide is a table with more columns. (default "table") + --template string output template for template output-format, go template format. + For property names inspect the output of -o json or -o yaml for reference. + Example for machines: + + metalctl machine list -o template --template "{{ .id }}:{{ .size.id }}" + + + --yes-i-really-mean-it skips security prompts (which can be dangerous to set blindly because actions can lead to data loss or additional costs) +``` + +## SEE ALSO + +* [metalctl size reservation](metalctl_size_reservation.md) - manage reservation entities + diff --git a/docs/src/external/metalctl/docs/metalctl_size_reservations.md b/docs/src/external/metalctl/docs/metalctl_size_reservation_describe.md similarity index 86% rename from docs/src/external/metalctl/docs/metalctl_size_reservations.md rename to docs/src/external/metalctl/docs/metalctl_size_reservation_describe.md index 8b5a70e6ed..68e3d261d7 100644 --- a/docs/src/external/metalctl/docs/metalctl_size_reservations.md +++ b/docs/src/external/metalctl/docs/metalctl_size_reservation_describe.md @@ -1,15 +1,15 @@ -# metalctl size reservations +# metalctl size reservation describe -manage size reservations +describes the reservation ``` -metalctl size reservations [flags] +metalctl size reservation describe [flags] ``` ## Options ``` - -h, --help help for reservations + -h, --help help for describe ``` ## Options inherited from parent commands @@ -42,6 +42,5 @@ metalctl size reservations [flags] ## SEE ALSO -* [metalctl size](metalctl_size.md) - manage size entities -* [metalctl size reservations list](metalctl_size_reservations_list.md) - list size reservations +* [metalctl size reservation](metalctl_size_reservation.md) - manage reservation entities diff --git a/docs/src/external/metalctl/docs/metalctl_size_reservation_edit.md b/docs/src/external/metalctl/docs/metalctl_size_reservation_edit.md new file mode 100644 index 0000000000..a18e39597e --- /dev/null +++ b/docs/src/external/metalctl/docs/metalctl_size_reservation_edit.md @@ -0,0 +1,46 @@ +# metalctl size reservation edit + +edit the reservation through an editor and update + +``` +metalctl size reservation edit [flags] +``` + +## Options + +``` + -h, --help help for edit +``` + +## Options inherited from parent commands + +``` + --api-token string api token to authenticate. Can be specified with METALCTL_API_TOKEN environment variable. + --api-url string api server address. Can be specified with METALCTL_API_URL environment variable. + -c, --config string alternative config file path, (default is ~/.metalctl/config.yaml). + Example config.yaml: + + --- + apitoken: "alongtoken" + ... + + + --debug debug output + --force-color force colored output even without tty + --kubeconfig string Path to the kube-config to use for authentication and authorization. Is updated by login. Uses default path if not specified. + --no-headers do not print headers of table output format (default print headers) + -o, --output-format string output format (table|wide|markdown|json|yaml|template), wide is a table with more columns. (default "table") + --template string output template for template output-format, go template format. + For property names inspect the output of -o json or -o yaml for reference. + Example for machines: + + metalctl machine list -o template --template "{{ .id }}:{{ .size.id }}" + + + --yes-i-really-mean-it skips security prompts (which can be dangerous to set blindly because actions can lead to data loss or additional costs) +``` + +## SEE ALSO + +* [metalctl size reservation](metalctl_size_reservation.md) - manage reservation entities + diff --git a/docs/src/external/metalctl/docs/metalctl_size_reservation_list.md b/docs/src/external/metalctl/docs/metalctl_size_reservation_list.md new file mode 100644 index 0000000000..d13feb33f7 --- /dev/null +++ b/docs/src/external/metalctl/docs/metalctl_size_reservation_list.md @@ -0,0 +1,51 @@ +# metalctl size reservation list + +list all reservations + +``` +metalctl size reservation list [flags] +``` + +## Options + +``` + -h, --help help for list + --id string the id to filter + --partition string the partition id to filter + --project string the project id to filter + --size string the size id to filter + --sort-by strings sort by (comma separated) column(s), sort direction can be changed by appending :asc or :desc behind the column identifier. possible values: amount|id|partition|project|size +``` + +## Options inherited from parent commands + +``` + --api-token string api token to authenticate. Can be specified with METALCTL_API_TOKEN environment variable. + --api-url string api server address. Can be specified with METALCTL_API_URL environment variable. + -c, --config string alternative config file path, (default is ~/.metalctl/config.yaml). + Example config.yaml: + + --- + apitoken: "alongtoken" + ... + + + --debug debug output + --force-color force colored output even without tty + --kubeconfig string Path to the kube-config to use for authentication and authorization. Is updated by login. Uses default path if not specified. + --no-headers do not print headers of table output format (default print headers) + -o, --output-format string output format (table|wide|markdown|json|yaml|template), wide is a table with more columns. (default "table") + --template string output template for template output-format, go template format. + For property names inspect the output of -o json or -o yaml for reference. + Example for machines: + + metalctl machine list -o template --template "{{ .id }}:{{ .size.id }}" + + + --yes-i-really-mean-it skips security prompts (which can be dangerous to set blindly because actions can lead to data loss or additional costs) +``` + +## SEE ALSO + +* [metalctl size reservation](metalctl_size_reservation.md) - manage reservation entities + diff --git a/docs/src/external/metalctl/docs/metalctl_size_reservation_update.md b/docs/src/external/metalctl/docs/metalctl_size_reservation_update.md new file mode 100644 index 0000000000..5b089bfe8b --- /dev/null +++ b/docs/src/external/metalctl/docs/metalctl_size_reservation_update.md @@ -0,0 +1,65 @@ +# metalctl size reservation update + +updates the reservation + +``` +metalctl size reservation update [flags] +``` + +## Options + +``` + --amount int32 the amount to associate with this reservation + --bulk-output when used with --file (bulk operation): prints results at the end as a list. default is printing results intermediately during the operation, which causes single entities to be printed in a row. + --description string the description to associate with this reservation + -f, --file string filename of the create or update request in yaml format, or - for stdin. + + Example: + $ metalctl reservation describe reservation-1 -o yaml > reservation.yaml + $ vi reservation.yaml + $ # either via stdin + $ cat reservation.yaml | metalctl reservation update -f - + $ # or via file + $ metalctl reservation update -f reservation.yaml + + the file can also contain multiple documents and perform a bulk operation. + + -h, --help help for update + --labels strings the labels to associate with this reservation + --partitions strings the partition ids to associate with this reservation + --skip-security-prompts skips security prompt for bulk operations + --timestamps when used with --file (bulk operation): prints timestamps in-between the operations +``` + +## Options inherited from parent commands + +``` + --api-token string api token to authenticate. Can be specified with METALCTL_API_TOKEN environment variable. + --api-url string api server address. Can be specified with METALCTL_API_URL environment variable. + -c, --config string alternative config file path, (default is ~/.metalctl/config.yaml). + Example config.yaml: + + --- + apitoken: "alongtoken" + ... + + + --debug debug output + --force-color force colored output even without tty + --kubeconfig string Path to the kube-config to use for authentication and authorization. Is updated by login. Uses default path if not specified. + --no-headers do not print headers of table output format (default print headers) + -o, --output-format string output format (table|wide|markdown|json|yaml|template), wide is a table with more columns. (default "table") + --template string output template for template output-format, go template format. + For property names inspect the output of -o json or -o yaml for reference. + Example for machines: + + metalctl machine list -o template --template "{{ .id }}:{{ .size.id }}" + + + --yes-i-really-mean-it skips security prompts (which can be dangerous to set blindly because actions can lead to data loss or additional costs) +``` + +## SEE ALSO + +* [metalctl size reservation](metalctl_size_reservation.md) - manage reservation entities + diff --git a/docs/src/external/metalctl/docs/metalctl_size_reservations_list.md b/docs/src/external/metalctl/docs/metalctl_size_reservation_usage.md similarity index 85% rename from docs/src/external/metalctl/docs/metalctl_size_reservations_list.md rename to docs/src/external/metalctl/docs/metalctl_size_reservation_usage.md index 5e919c6f50..02aa95047a 100644 --- a/docs/src/external/metalctl/docs/metalctl_size_reservations_list.md +++ b/docs/src/external/metalctl/docs/metalctl_size_reservation_usage.md @@ -1,20 +1,19 @@ -# metalctl size reservations list +# metalctl size reservation usage -list size reservations +see current usage of size reservations ``` -metalctl size reservations list [flags] +metalctl size reservation usage [flags] ``` ## Options ``` - -h, --help help for list + -h, --help help for usage --partition string the partition to filter --project string the project to filter --size-id string the size-id to filter - --sort-by strings sort by (comma separated) column(s), sort direction can be changed by appending :asc or :desc behind the column identifier. possible values: partition|project|size|tenant - --tenant string the tenant to filter + --sort-by strings sort by (comma separated) column(s), sort direction can be changed by appending :asc or :desc behind the column identifier. possible values: amount|id|partition|project|size|used-amount ``` ## Options inherited from parent commands @@ -47,5 +46,5 @@ metalctl size reservations list [flags] ## SEE ALSO -* [metalctl size reservations](metalctl_size_reservations.md) - manage size reservations +* [metalctl size reservation](metalctl_size_reservation.md) - manage reservation entities From 6ae774a79aeb0c57c209b792ea3bc82cc0fe83a6 Mon Sep 17 00:00:00 2001 From: "metal-robot[bot]" <68018895+metal-robot[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 16:19:09 +0200 Subject: [PATCH 14/16] Bump releases to version v0.18.16 (#218) Co-authored-by: metal-stack --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 30fbe63b2f..861eeffd11 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .DEFAULT_GOAL := build -RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.15") +RELEASE_VERSION := $(or ${RELEASE_VERSION},"v0.18.16") ifeq ($(CI),true) DOCKER_TTY_ARG= From 3cb4405f23ed591d00114412141a615c0b2a6d54 Mon Sep 17 00:00:00 2001 From: Ilja Rotar <77339620+iljarotar@users.noreply.github.com> Date: Mon, 21 Oct 2024 07:29:36 +0200 Subject: [PATCH 15/16] Document switch migrate (#219) Co-authored-by: iljarotar --- docs/src/installation/troubleshoot.md | 45 +++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/docs/src/installation/troubleshoot.md b/docs/src/installation/troubleshoot.md index 3b67b2dcad..6a68ed2d48 100644 --- a/docs/src/installation/troubleshoot.md +++ b/docs/src/installation/troubleshoot.md @@ -234,3 +234,48 @@ For your network infrastructure it is key to adapt to new configuration. In case Depending on your switch operating system, the error sources might differ a lot. Try to connect to your switch using the console or ssh and investigate the logs. Check if the hard drive is full. + +### Switch Replacement and Migration + +There are two mechanisms to replace an existing switch with a new one, both of which will transfer existing VRF configuration and machine connections from one switch to another. +Due to the redundance of the CLOS topology, a switch replacement can be performed without downtime. + +#### Replacing a Switch + +If the new switch should have the same ID as the old one you should perform a switch replacement. +To find detailed information about the procedure of a switch replacement use `metalctl switch replace --help`. +Basically, what you need to do is mark the switch for replacement via `metalctl switch replace`, then physically replace the switch with the new one and configure it. +The last step is to deploy metal-core on the switch. +Once metal-core registers the new switch at the metal-api, the old switches configuration and machine connections will be transfered to the new one. +Note that the replacement only works if the new switch has the same ID as the old one. +Otherwise metal-core will simply register a new switch and leave the old one untouched. + +#### Migrating from one Switch to another + +If the new switch should not or cannot have the same ID as the old one, then the `switch migrate` command can be used to achieve the same result as a switch replacement. +Perform the following steps: + +1. Leave the old switch in place. +1. Install the new switch in the rack without connecting it to any machines yet. +1. Adjust the metal-stack deployment in the same way as for a switch replacement. +1. Deploy metal-core on the new switch and wait for it to register at the metal-api. Once the switch is registered it will be listed when you run `metalctl switch ls`. +1. Run `metalctl switch migrate `. +1. Disconnect all machines from the old switch and connect them to the new one. + +In between steps 5 and 6 there is a mismatch between the switch-machine-connections known to the metal-api and the real connections. +Since the metal-api learns about the connections from what a machine reports during registration, a machine registration that occurs in between steps 5 and 6 will result in a condition that looks somewhat broken. +The metal-api will think that a machine is connected to three switches. +This, however, should not cause any problems. +Just move on to step 6 and delete the old switch from the metal-api afterwards. +If the case just described really occurs, then `metalctl switch delete ` will throw an error, because deleting a switch with existing machine connections might be dangerous. +If, apart from that, the migration was successfull, then the old switch can be safely deleted with `metalctl switch delete --force`. + +#### Preconditions for Migration and Replacement + +An invariant that must be satisfied throughout is that the switch ports a machine is connected to must match, i.e. a machine connected to `Ethernet0` on switch 1 must be connected to `Ethernet0` on switch 2 etc. +Furthermore, the breakout configurations of both switches must match and the new switch must contain at least all of the old switch's interfaces. + +#### Migrating from Cumulus to Edgecore SONiC + +Both migration and replacement can be used to move from Cumulus to Edgecore SONiC (or vice versa). +Migrating to or from Broadcom SONiC or mixing Broadcom SONiC with Cumulus or Edgecore SONiC is not supported. From 4467243c0d849558a237cb1afddfb4fd9f589443 Mon Sep 17 00:00:00 2001 From: mwindower Date: Mon, 21 Oct 2024 09:39:12 +0200 Subject: [PATCH 16/16] Update supported hardware (#217) * added network cards and server models that will be supported soon * update * Add teltonika Router --------- Co-authored-by: Stefan Majer --- docs/src/overview/hardware.md | 46 +++++++++++++++++++++++------------ 1 file changed, 30 insertions(+), 16 deletions(-) diff --git a/docs/src/overview/hardware.md b/docs/src/overview/hardware.md index 77d3760288..a289643ef5 100644 --- a/docs/src/overview/hardware.md +++ b/docs/src/overview/hardware.md @@ -8,15 +8,17 @@ We came up with a repository called [go-hal](https://github.com/metal-stack/go-h The following server types are officially supported and verified by the metal-stack project: -| Vendor | Series | Model | Board Type | Status | -|------------|-------------|------------------|:---------------|:-------| -| Supermicro | Big-Twin | SYS-2029BT-HNR | X11DPT-B | stable | -| Supermicro | Big-Twin | SYS-220BT-HNTR | X12DPT-B6 | stable | -| Supermicro | SuperServer | SSG-5019D8-TR12P | X11SDV-8C-TP8F | stable | -| Supermicro | SuperServer | 2029UZ-TN20R25M | X11DPU | stable | -| Supermicro | SuperServer | SYS-621C-TN12R | X13DDW-A | stable | -| Supermicro | Microcloud | 5039MD8-H8TNR | X11SDD-8C-F | stable | -| Lenovo | ThinkSystem | SD530 | | alpha | +| Vendor | Series | Model | Board Type | Status | +|------------|-------------|------------------|:---------------|:------------| +| Supermicro | Big-Twin | SYS-2029BT-HNR | X11DPT-B | stable | +| Supermicro | Big-Twin | SYS-220BT-HNTR | X12DPT-B6 | stable | +| Supermicro | SuperServer | SSG-5019D8-TR12P | X11SDV-8C-TP8F | stable | +| Supermicro | SuperServer | 2029UZ-TN20R25M | X11DPU | stable | +| Supermicro | SuperServer | SYS-621C-TN12R | X13DDW-A | stable | +| Supermicro | Microcloud | 5039MD8-H8TNR | X11SDD-8C-F | stable | +| Supermicro | Microcloud | SYS-531MC-H8TNR | X13SCD-F | coming soon | +| Supermicro | Microcloud | 3015MR-H8TNR | H13SRD-F | coming soon | +| Lenovo | ThinkSystem | SD530 | | alpha | Other server series and models might work but were not reported to us. @@ -25,17 +27,29 @@ Other server series and models might work but were not reported to us. The following GPU types are officially supported and verified by the metal-stack project: | Vendor | Model | Status | -| ------ | -------- | :----- | +|--------|----------|:-------| | NVIDIA | RTX 6000 | stable | +| NVIDIA | H100 | stable | Other GPU models might work but were not reported to us. For a detailed description howto use GPU support in a kubernetes cluster please check this [documentation](gpu-support.md) +## Network Cards + +The following network cards are officially supported and verified by the metal-stack project for usage in servers: + +| Vendor | Series | Model | Status | +|----------|------------|-----------------------------|:-------| +| Intel | XXV710 | DA2 DualPort 2x25G SFP28 | stable | +| Intel | E810 | DA2 DualPort 2x25G SFP28 | stable | +| Intel | E810 | CQDA2 DualPort 2x100G SFP28 | stable | +| Mellanox | ConnectX-5 | MCX512A-ACAT 2x25G SFP28 | stable | + ## Switches The following switch types are officially supported and verified by the metal-stack project: | Vendor | Series | Model | OS | Status | -| :-------- | :------------ | :--------- | :------------- | :----- | +|:----------|:--------------|:-----------|:---------------|:-------| | Edge-Core | AS7700 Series | AS7712-32X | Cumulus 3.7.13 | stable | | Edge-Core | AS7700 Series | AS7726-32X | Cumulus 4.1.1 | stable | | Edge-Core | AS7700 Series | AS7712-32X | Edgecore SONiC | stable | @@ -59,11 +73,11 @@ A minimal physical hardware setup may contain at least the following components: This setup should work as the components are very similar to the currently supported ones but it's currently untested. -| # | Vendor | Series | Model | Function | -| :-- | :---------- | :--------------- | :------------------- | :----------------------------------------------------------------------- | -| 2x | Edge-Core | AS5500 Series | AS5512-54x (10G) | Leaf / Exit switches | -| 1x | Supermicro | Microcloud | SYS-5039MA16-H12RFT | Usable machines | -| 1x | Unifi | Edgemax | Edgerouter Pro | Front router for internet and out-of-band access to servers and switches | +| # | Vendor | Series | Model | Function | +|:---|:-----------|:--------------|:--------------------|:-------------------------------------------------------------------------| +| 2x | Edge-Core | AS5500 Series | AS5512-54x (10G) | Leaf / Exit switches | +| 1x | Supermicro | Microcloud | SYS-5039MA16-H12RFT | Usable machines | +| 1x | Teltonika | Router | RUTXR1 | Front router for internet and out-of-band access to servers and switches | Besides that, a 6HE rack with 1000mm depth and a portable LTE modem is needed.