Creating a System Inventory
The first step to start managing WRCP Systems using the Entity Model is to create a System Inventory. Deployment environments are spun up from System Inventories.
The WRCP plugin and its blueprint named “wrcp-blueprint” must be uploaded prior to the creation of any System Inventory.
A WRCP Secret containing the credentials to access the WRCP system also must be created prior to the System Inventory.
Secrets and System Inventories are Kubernetes resources which means they can be created by using any supported procedure to create Kubernetes resources. This guide describes how to create them using the kubectl create CLI.
Creating a WRCP Secret using kubectl create
- Prepare the YAML file containing the description of a valid WRCP Secret (see Secret in Upgrade Operator and Entity Model for the full list of key-value pairs). Example:
apiVersion: v1
kind: Secret
metadata:
name: wrcp-endpoint-my-controller
namespace: wrcp
labels:
app: conductor
data:
OS_USERNAME: dXNlcm5hbWUK
OS_PASSWORD: cGFzc3dvcmQK
SSH_USERNAME: dXNlcm5hbWUK
SSH_PASSWORD: c3NocGFzc3dvcmQK
CACERT: Y2VydGRhdGEK
stringData:
INSECURE: "false"
OS_AUTH_URL: https://1.1.1.1:5000/v3
OS_AUTH_TYPE: password
OS_IDENTITY_API_VERSION: "3"
OS_INTERFACE: internal
OS_KEYSTONE_REGION_NAME: RegionOne
OS_PROJECT_DOMAIN_NAME: Default
OS_USER_DOMAIN_NAME: Default
OS_PROJECT_NAME: admin
OS_REGION_NAME: RegionOne
type: Opaque
- Create the resource from the YAML file:
$ kubectl create -f <wrcp-secret>.yaml
After these steps, the created secret can be inspected with:
$ kubectl describe secret wrcp-endpoint-my-controller --namespace wrcp
Name: wrcp-endpoint-my-controller
Namespace: wrcp
Labels: app=conductor
Annotations: kopf.zalando.org/last-handled-configuration:
{"data":{"CACERT":"Y2VydGRhdGEK","INSECURE":"ZmFsc2U=","OS_AUTH_TYPE":"cGFzc3dvcmQ=","OS_AUTH_URL":"aHR0cHM6Ly8xLjEuMS4xOjUwMDAvdjM=","OS_...
wrcp-secret: yes
wrcp-status: Ready
Type: Opaque
Data
====
OS_PASSWORD: 9 bytes
SSH_USERNAME: 9 bytes
OS_IDENTITY_API_VERSION: 1 bytes
OS_USERNAME: 9 bytes
OS_USER_DOMAIN_NAME: 7 bytes
OS_AUTH_TYPE: 8 bytes
OS_INTERFACE: 8 bytes
OS_KEYSTONE_REGION_NAME: 9 bytes
OS_PROJECT_DOMAIN_NAME: 7 bytes
CACERT: 9 bytes
INSECURE: 5 bytes
OS_AUTH_URL: 23 bytes
OS_PROJECT_NAME: 5 bytes
OS_REGION_NAME: 9 bytes
SSH_PASSWORD: 12 bytes
Some fields defined by the system are added to the Secret. The annotation “wrcp-secret: True” for example, means the Secret’s fields successfully match the expected fields to connect with a WRCP system. A “wrcp-status” different than “Ready” means there was an error while processing the secret.
When the secret is marked with “wrcp-status: Ready”, some the key-value pairs are mapped to Conductor’s secrets as detailed below.
| Kubernetes Secret Key | Conductor Secret Name |
|---|---|
| CACERT | wrcp-endpoint-my-controller_wrcp_cacert |
| OS_PASSWORD | wrcp-endpoint-my-controller_wrcp_api_key |
| OS_USERNAME | wrcp-endpoint-my-controller_wrcp_username |
| SSH_PASSWORD | wrcp-endpoint-my-controller_wrcp_ssh_password |
| SSH_USERNAME | wrcp-endpoint-my-controller_wrcp_ssh_username |
Other key-value pairs will be used to create the Deployment environment that represents the WRCP system in Conductor.
Creating a System Inventory using kubectl create
- Prepare the YAML file pointing to the secret created in the step above, e.g.:
apiVersion: wrcp.windriver.com/v1
kind: SystemInventory
metadata:
name: my-controller
namespace: wrcp
labels:
custom-label: custom-value
spec:
wrcp-endpoint-secret: wrcp-endpoint-my-controller
- Create the resource from the YAML file:
$ kubectl create -f <sysinv>.yaml
After creating the system inventory, the system will add more fields with extra information:
$ kubectl describe systeminventory my-controller --namespace wrcp
Name: my-controller
Namespace: wrcp
Labels: distributed-cloud-role=systemcontroller
kubernetes-version=v1.23.1
oam-floating-ip=128.224.54.41
release-version=22.12
sysinv-creation-status=READY
Annotations: deployment-upgrade: my-controller
kopf.zalando.org/last-handled-configuration:
{"spec":{"wrcp-endpoint-secret":"sp"},"metadata":{"labels":{"distributed-cloud-role":"systemcontroller","kubernetes-version":"v1.23.1","oa...
API Version: wrcp.windriver.com/v1
Kind: SystemInventory
Metadata:
Creation Timestamp: 2024-12-10T14:24:23Z
Finalizers:
kopf.zalando.org/KopfFinalizerMarker
Generation: 1
Resource Version: 411062
UID: 317e209a-0f6a-4e8b-8448-884eb8bb3290
Spec:
Wrcp - Endpoint - Secret: wrcp-endpoint-my-controller
Status:
Events:
The label “sysinv-creation-status” shows if the creation was successful (READY) or if it has failed (FAILED). The label distributed-cloud-role show the role of the system in the DC environment (systemcontroller or subcloud). There are other labels that represent the system components' versions.
The successful creation of a system inventory will trigger a few other procedures:
- The creation of the Deployment environment that represents the WRCP system in Conductor.
- If there is an active Upgrade Group with a selector that matches the system inventory labels, the executions defined in the Upgrade Group are scheduled in Conductor accordingly.
- The discovery of the DC subclouds that are managed and online if the system inventory represents a DC central cloud (a system controller).
- The discovery causes the automatic creation of the system inventory for each subcloud, which causes the creation of the Sub-deployment environment that represents the WRCP system in Conductor and the Upgrade Group matching, if any.
Debugging
Errors are shown in the Events section of describe’s output. Example:
$ kubectl describe systeminventory my-controller -n wrcp
Name: my-controller
Namespace: wrcp
Labels: custom-label=custom-value
sysinv-creation-status=FAILED
Annotations: kopf.zalando.org/handle_labels_change.metadata.labels:
{"started":"2024-12-10T14:24:23.405994","stopped":"2024-12-10T14:24:38.696836","purpose":"create","retries":1,"success":true,"failure":fal...
kopf.zalando.org/handle_sysinv_creation:
{"started":"2024-12-10T14:24:23.405979","delayed":"2024-12-10T14:28:09.306743","purpose":"create","retries":3,"success":false,"failure":fa...
API Version: wrcp.windriver.com/v1
Kind: SystemInventory
Metadata:
Creation Timestamp: 2024-12-10T14:24:23Z
Finalizers:
kopf.zalando.org/KopfFinalizerMarker
Generation: 1
Resource Version: 411062
UID: 317e209a-0f6a-4e8b-8448-884eb8bb3290
Spec:
Wrcp - Endpoint - Secret: wrcp-endpoint-my-controller
Status:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Logging 3m34s kopf Checking connection to WRCP.
Normal Logging 3m18s kopf Handler 'handle_labels_change/metadata.labels' succeeded.
Error Logging 3m19s kopf Handler 'handle_sysinv_creation' failed with an exception. Will retry.
Traceback (most recent call last):
File "/usr/local/lib/python3.11/site-packages/urllib3/connectionpool.py", line 404, in _make_request
self._validate_conn(conn)
File "/usr/local/lib/python3.11/site-packages/urllib3/connectionpool.py", line 1060, in _validate_conn
conn.connect()
File "/usr/local/lib/python3.11/site-packages/urllib3/connection.py", line 419, in connect
self.sock = ssl_wrap_socket(
^^^^^^... in request
resp = self.send(prep, **send_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/requests/sessions.py", line 703, in send
r = adapter.send(request, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/requests/adapters.py", line 713, in send
raise ReadTimeout(e, request=request)
Logs can also be inspected in the operator pod’s logs with:
$ kubectl logs <podname> -n <namespace>