This repository contains source code for the following container images.
This directory provides the ability to build an OCI container that:
-
Provides customizable custom IPXE firmware building functionality.
-
Ability to either build IPXE firmware from an already existing cash.
-
Ability to pull IPXE firmware source code and build the firmware based on that.
-
Embed custom IPXE script in the firmware.
-
Enable IPV6 or TLS 1.3 support for the firmware.
- In order to build the iPXE firmware with TLS support, the user needs to provide relevant certificate and certificate key files e.g. via a mounted volume.
- If the ipxe-builder is instructed to build from existing iPXE source code cache, then the cahce has to be provided e.g. via a mounted volume.
- In order to get a usable output the user needs to mount a directory where the iPXE builder script can put the build outputs.
Expected paths to the external runtime dependencies can be configured via run-time environment variables.
The following environment variables can be passed in to customize run-time functionality:
- BUILD_FROM_CACHE
- specifies whether the ipxebuilder should build the firmware from a local directory or not. (defaulttrue`) IPXE_BUILD_FROM_REPOspecifies whether the ipxebuilder should build from a remote git repo. (defaultfalse)IPXE_SHARED_FIRMWARE_SOURCEpath to the iPXE source directory (default/shared/ipxe-source)IPXE_EMBED_SCRIPTpath to the iPXE script that will be embedded in the custom iPXE firmware built bythe ipxebuilder. (default/bin/embed.ipxe)IPXE_EMBED_SCRIPT_TEMPLATEpath to the jinja template of the iPXE script that will be embedded in the custom firmware built by the ipxebuilder. This template is rendered in runtime by the builder script (default/bin/embed.ipxe.j2)IPXE_RELEASE_BRANCHthe iPXE source code should be pulled from this branch , only relevant whenIPXE_BUILD_FROM_REPOistrue(defaultv1.21.1)IPXE_ENABLE_IPV6build the iPXE firmware with IPV6 support enabledfalseIPXE_ENABLE_HTTPSbuild the iPXE firmware with TLS support enabledfalseIPXE_CUSTOM_FIRMWARE_DIRoutput location for the build process (default:/shared/custom_ipxe_firmware)IPXE_CERT_FILEexpected location of the TLS certificate used during build (default:/certs/ipxe/tls.crt)IPXE_KEY_FILEexpected location of the TLS key used during build (default:/certs/ipxe/tls.key)IPXE_TLS_PORTthis port will be used to start chainloading by a TLS enabled iPXE firmware, this value is used to render the embed.ipxe.j2 script template (default:8084)IPXE_CHAIN_HOSTthis ip will be used to start chainloading by a TLS enabled iPXE firmware, this value is used to render the embed.ipxe.j2 script template (default:0.0.0.0)
FakeIPA is a tool to help test ironic scalability.
FakeIPA simulate the IPA by:
- Running an API server with the needed real IPA endpoint.
- Send back fake inspection data when requested.
- Lookup the node and save tokens.
- Heartbeating to Ironic API with several threads looping over a queue of fake agents.
- Faking the sync/async commands needed by ironic to inspect, clean and provision a node.
Keepalived container used in Ironic deployments. Keepalived is used to provide fixed IP address for Ironic in such a manner that even after pivoting operations the IP of Ironic stays persistent.
Deployment configuration options:
CUSTOM_CONF_DIR- when specified, a subdirectory (named keepalived) will be created under this path then the config files will be moved to the subdirectory and the variable substitution will happen in this subdirectoryCUSTOM_DATA_DIR- subdirectory (named keepalived) will be created here to hold the keepalived and vrrp pid filesPROVISIONING_IP- the fixed IP provided by keepalivedPROVISIONING_INTERFACE- The name of the interface that will be used to "host" the fixed IP (keepalived is used in a pod that is attached to host network, thus the interface names are the same as the interface names on the host)
NOTE: If run with container that has read-only root file-system, then
CUSTOM_CONF_DIR, CUSTOM_DATA_DIR and /var/log paths have to mounted from
external volume.