diff --git a/krm-functions/toolbox/Dockerfile b/krm-functions/toolbox/Dockerfile index 22fcca380..bbff9dc04 100644 --- a/krm-functions/toolbox/Dockerfile +++ b/krm-functions/toolbox/Dockerfile @@ -26,6 +26,7 @@ COPY main.go . RUN /usr/local/go/bin/go build -v -o /usr/local/bin/config-function ./ FROM ${PLUGINS_RELEASE_IMAGE} as release +RUN apk update && apk add curl && rm -rf /var/cache/apk/* COPY --from=ctls /kubectl /calicoctl /usr/local/bin/ COPY --from=builder /usr/local/bin/config-function /usr/local/bin/config-function CMD ["/usr/local/bin/config-function"] diff --git a/manifests/function/phase-helpers/check_ingress_ctrl/kubectl_check_ingress_ctrl.sh b/manifests/function/phase-helpers/check_ingress_ctrl/kubectl_check_ingress_ctrl.sh new file mode 100644 index 000000000..daa713dc1 --- /dev/null +++ b/manifests/function/phase-helpers/check_ingress_ctrl/kubectl_check_ingress_ctrl.sh @@ -0,0 +1,37 @@ +#!/bin/sh + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -xe + +export TARGET_IP=$(kubectl --context $KCTL_CONTEXT \ + --namespace ingress \ + get pods \ + -l app.kubernetes.io/component=controller \ + -o jsonpath='{.items[*].status.hostIP}') + + +echo "Ensure we can reach ingress controller default backend" 1>&2 +if [ "404" != "$(curl --head \ + --write-out '%{http_code}' \ + --silent \ + --output /dev/null \ + $TARGET_IP/should-404)" ]; then + echo "Failed to reach ingress controller default backend." 1>&2 + + kubectl --context $KCTL_CONTEXT get all -n flux-system 1>&2 + kubectl --context $KCTL_CONTEXT logs -n flux-system -l app=helm-controller 1>&2 + kubectl --context $KCTL_CONTEXT get hr --all-namespaces -o yaml 1>&2 + + exit 1 +fi diff --git a/manifests/function/phase-helpers/check_ingress_ctrl/kustomization.yaml b/manifests/function/phase-helpers/check_ingress_ctrl/kustomization.yaml new file mode 100644 index 000000000..778994331 --- /dev/null +++ b/manifests/function/phase-helpers/check_ingress_ctrl/kustomization.yaml @@ -0,0 +1,6 @@ +configMapGenerator: +- name: kubectl-check-ingress-ctrl + options: + disableNameSuffixHash: true + files: + - script=kubectl_check_ingress_ctrl.sh diff --git a/manifests/function/phase-helpers/kustomization.yaml b/manifests/function/phase-helpers/kustomization.yaml index b3caadb41..42acf45d9 100644 --- a/manifests/function/phase-helpers/kustomization.yaml +++ b/manifests/function/phase-helpers/kustomization.yaml @@ -11,3 +11,4 @@ resources: - virsh-destroy-vms - wait_bmh - wait_label_node +- check_ingress_ctrl diff --git a/manifests/phases/executors.yaml b/manifests/phases/executors.yaml index afe9520ef..0b30c1260 100644 --- a/manifests/phases/executors.yaml +++ b/manifests/phases/executors.yaml @@ -493,3 +493,15 @@ configRef: kind: ConfigMap name: kubectl-wait-label-node apiVersion: v1 +--- +apiVersion: airshipit.org/v1alpha1 +kind: GenericContainer +metadata: + name: kubectl-check-ingress-ctrl +spec: + image: quay.io/airshipit/toolbox:latest + hostNetwork: true +configRef: + kind: ConfigMap + name: kubectl-check-ingress-ctrl + apiVersion: v1 diff --git a/manifests/phases/phases.yaml b/manifests/phases/phases.yaml index 920d57f5b..b5d1df889 100644 --- a/manifests/phases/phases.yaml +++ b/manifests/phases/phases.yaml @@ -433,3 +433,14 @@ config: kind: GenericContainer name: kubectl-wait-label-node documentEntryPoint: target/workers +--- +apiVersion: airshipit.org/v1alpha1 +kind: Phase +metadata: + name: kubectl-check-ingress-ctrl-target + clusterName: target-cluster +config: + executorRef: + apiVersion: airshipit.org/v1alpha1 + kind: GenericContainer + name: kubectl-check-ingress-ctrl diff --git a/tools/deployment/36_deploy_workload.sh b/tools/deployment/36_deploy_workload.sh index 34869f1e4..7384f7f8d 100755 --- a/tools/deployment/36_deploy_workload.sh +++ b/tools/deployment/36_deploy_workload.sh @@ -14,23 +14,11 @@ set -xe -#Default wait timeout is 600 seconds -export TIMEOUT=${TIMEOUT:-600s} -export KUBECONFIG=${KUBECONFIG:-"$HOME/.airship/kubeconfig"} -export KUBECONFIG_TARGET_CONTEXT=${KUBECONFIG_TARGET_CONTEXT:-"target-cluster"} -export TARGET_IP=${TARGET_IP:-"10.23.25.102"} -export TARGET_PORT=${TARGET_PORT:-"30000"} - echo "Deploy workload" airshipctl phase run workload-target --debug -echo "Ensure we can reach ingress controller default backend" -if [ "404" != "$(curl --head --write-out '%{http_code}' --silent --output /dev/null $TARGET_IP:$TARGET_PORT/should-404)" ]; then - echo -e "\nFailed to reach ingress controller default backend." - - kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get all -n flux-system - kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT logs -n flux-system -l app=helm-controller - kubectl --kubeconfig $KUBECONFIG --context $KUBECONFIG_TARGET_CONTEXT get hr --all-namespaces -o yaml - - exit 1 -fi +# Ensure we can reach ingress controller default backend +# Scripts for this phase placed in manifests/function/phase-helpers/check_ingress_ctrl/ +# To get ConfigMap for this phase, execute `airshipctl phase render --source config -k ConfigMap` +# and find ConfigMap with name kubectl-check-ingress-ctrl +airshipctl phase run kubectl-check-ingress-ctrl-target --debug