From 83c1cc82b64c2839c9734b29dd28432141be4570 Mon Sep 17 00:00:00 2001 From: Ian Letourneau Date: Tue, 11 Nov 2025 14:12:56 +0000 Subject: [PATCH 1/9] fix(host_network): remove extra fields from bond config to prevent clashes (#186) Also alias `port` to support both `port` and `ports` as per the nmstate spec. Reviewed-on: https://git.nationtech.io/NationTech/harmony/pulls/186 --- harmony/src/infra/network_manager.rs | 4 +--- harmony/src/modules/okd/crd/nmstate.rs | 1 + harmony_types/src/net.rs | 10 +++++++++- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/harmony/src/infra/network_manager.rs b/harmony/src/infra/network_manager.rs index 89321fe..e5dbd24 100644 --- a/harmony/src/infra/network_manager.rs +++ b/harmony/src/infra/network_manager.rs @@ -135,8 +135,6 @@ impl OpenShiftNmStateNetworkManager { description: Some(format!("Member of bond {bond_name}")), r#type: nmstate::InterfaceType::Ethernet, state: "up".to_string(), - mtu: Some(switch_port.interface.mtu), - mac_address: Some(switch_port.interface.mac_address.to_string()), ipv4: Some(nmstate::IpStackSpec { enabled: Some(false), ..Default::default() @@ -162,7 +160,7 @@ impl OpenShiftNmStateNetworkManager { interfaces.push(nmstate::Interface { name: bond_name.to_string(), - description: Some(format!("Network bond for host {host}")), + description: Some(format!("HARMONY - Network bond for host {host}")), r#type: nmstate::InterfaceType::Bond, state: "up".to_string(), copy_mac_from, diff --git a/harmony/src/modules/okd/crd/nmstate.rs b/harmony/src/modules/okd/crd/nmstate.rs index f0eb4ae..3055766 100644 --- a/harmony/src/modules/okd/crd/nmstate.rs +++ b/harmony/src/modules/okd/crd/nmstate.rs @@ -417,6 +417,7 @@ pub struct EthernetSpec { #[serde(rename_all = "kebab-case")] pub struct BondSpec { pub mode: String, + #[serde(alias = "port")] pub ports: Vec, #[serde(skip_serializing_if = "Option::is_none")] pub options: Option>, diff --git a/harmony_types/src/net.rs b/harmony_types/src/net.rs index 51de86e..6086e54 100644 --- a/harmony_types/src/net.rs +++ b/harmony_types/src/net.rs @@ -1,6 +1,6 @@ use serde::{Deserialize, Serialize}; -#[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, Serialize, Deserialize, PartialOrd, Ord)] +#[derive(Copy, Clone, PartialEq, Eq, Hash, Serialize, Deserialize, PartialOrd, Ord)] pub struct MacAddress(pub [u8; 6]); impl MacAddress { @@ -19,6 +19,14 @@ impl From<&MacAddress> for String { } } +impl std::fmt::Debug for MacAddress { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + f.debug_tuple("MacAddress") + .field(&String::from(self)) + .finish() + } +} + impl std::fmt::Display for MacAddress { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { f.write_str(&String::from(self)) From 29c82db70d11f18c158151c139b8dcaf163bfe82 Mon Sep 17 00:00:00 2001 From: Willem Date: Wed, 12 Nov 2025 13:21:55 -0500 Subject: [PATCH 2/9] fix: added fields missing for haproxy after most recent update --- opnsense-config-xml/src/data/haproxy.rs | 29 +++++++++++++++++++++++- opnsense-config-xml/src/data/opnsense.rs | 5 +++- 2 files changed, 32 insertions(+), 2 deletions(-) diff --git a/opnsense-config-xml/src/data/haproxy.rs b/opnsense-config-xml/src/data/haproxy.rs index b0aedc2..a7622db 100644 --- a/opnsense-config-xml/src/data/haproxy.rs +++ b/opnsense-config-xml/src/data/haproxy.rs @@ -106,11 +106,38 @@ pub struct HAProxy { pub groups: MaybeString, pub users: MaybeString, pub cpus: MaybeString, - pub resolvers: MaybeString, + pub resolvers: HAProxyResolvers, pub mailers: MaybeString, pub maintenance: Maintenance, } +#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] +pub struct HAProxyResolvers { + #[yaserde(rename = "resolver")] + pub resolver: Resolver, + +} + +#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] +pub struct Resolver { + pub id: String, + pub enabled: i32, + pub name: String, + pub description: MaybeString, + pub nameservers: String, + pub parse_resolv_conf: String, + pub resolve_retries: i32, + pub timeout_resolve: String, + pub timeout_retry: String, + pub accepted_payload_size: MaybeString, + pub hold_valid: MaybeString, + pub hold_obsolete: MaybeString, + pub hold_refused: MaybeString, + pub hold_nx: MaybeString, + pub hold_timeout: MaybeString, + pub hold_other: MaybeString, +} + #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] pub struct Maintenance { #[yaserde(rename = "cronjobs")] diff --git a/opnsense-config-xml/src/data/opnsense.rs b/opnsense-config-xml/src/data/opnsense.rs index fa5f985..9880423 100644 --- a/opnsense-config-xml/src/data/opnsense.rs +++ b/opnsense-config-xml/src/data/opnsense.rs @@ -8,6 +8,8 @@ use yaserde_derive::{YaDeserialize, YaSerialize}; use super::{Interface, Pischem}; + + #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] #[yaserde(rename = "opnsense")] pub struct OPNsense { @@ -216,7 +218,7 @@ pub struct System { pub maximumfrags: Option, pub aliasesresolveinterval: Option, pub maximumtableentries: Option, - pub language: String, + pub language: Option, pub dnsserver: Option, pub dns1gw: Option, pub dns2gw: Option, @@ -1291,6 +1293,7 @@ pub struct WireguardServerItem { pub gateway: MaybeString, pub carp_depend_on: MaybeString, pub peers: String, + pub debug: MaybeString, pub endpoint: MaybeString, pub peer_dns: MaybeString, } From 43a17811ccbb0688f8a34588a5e3f5f4a598e6ed Mon Sep 17 00:00:00 2001 From: Willem Date: Fri, 14 Nov 2025 12:53:43 -0500 Subject: [PATCH 3/9] fix formatting --- opnsense-config-xml/src/data/haproxy.rs | 1 - opnsense-config-xml/src/data/opnsense.rs | 2 -- 2 files changed, 3 deletions(-) diff --git a/opnsense-config-xml/src/data/haproxy.rs b/opnsense-config-xml/src/data/haproxy.rs index a7622db..e82cb33 100644 --- a/opnsense-config-xml/src/data/haproxy.rs +++ b/opnsense-config-xml/src/data/haproxy.rs @@ -115,7 +115,6 @@ pub struct HAProxy { pub struct HAProxyResolvers { #[yaserde(rename = "resolver")] pub resolver: Resolver, - } #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] diff --git a/opnsense-config-xml/src/data/opnsense.rs b/opnsense-config-xml/src/data/opnsense.rs index 9880423..debbfbf 100644 --- a/opnsense-config-xml/src/data/opnsense.rs +++ b/opnsense-config-xml/src/data/opnsense.rs @@ -8,8 +8,6 @@ use yaserde_derive::{YaDeserialize, YaSerialize}; use super::{Interface, Pischem}; - - #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] #[yaserde(rename = "opnsense")] pub struct OPNsense { From bfde5f58ed77b954ff240bd997ca71b36389a517 Mon Sep 17 00:00:00 2001 From: Jean-Gabriel Gill-Couture Date: Tue, 9 Dec 2025 11:23:30 -0500 Subject: [PATCH 4/9] adr: Higher order topologies These types of Topologies will orchestrate behavior in regular Topologies. For example, a FailoverTopology is a Higher Order, it will orchestrate its capabilities between a primary and a replica topology. A great use case for this is a database deployment. The FailoverTopology will deploy both instances, connect them, and the able to execute the appropriate actions to promote de replica to primary and revert back to original state. Other use cases are ShardedTopology, DecentralizedTopology, etc. --- adr/015-higher-order-topologies.md | 114 +++++++++++++++ adr/015-higher-order-topologies/example.rs | 153 +++++++++++++++++++++ 2 files changed, 267 insertions(+) create mode 100644 adr/015-higher-order-topologies.md create mode 100644 adr/015-higher-order-topologies/example.rs diff --git a/adr/015-higher-order-topologies.md b/adr/015-higher-order-topologies.md new file mode 100644 index 0000000..41c3172 --- /dev/null +++ b/adr/015-higher-order-topologies.md @@ -0,0 +1,114 @@ +# Architecture Decision Record: Higher-Order Topologies + +**Initial Author:** Jean-Gabriel Gill-Couture +**Initial Date:** 2025-12-08 +**Last Updated Date:** 2025-12-08 + +## Status + +Implemented + +## Context + +Harmony models infrastructure as **Topologies** (deployment targets like `K8sAnywhereTopology`, `LinuxHostTopology`) implementing **Capabilities** (tech traits like `PostgreSQL`, `Docker`). + +**Higher-Order Topologies** (e.g., `FailoverTopology`) compose/orchestrate capabilities *across* multiple underlying topologies (e.g., primary+replica `T`). + +Naive design requires manual `impl Capability for HigherOrderTopology` *per T per capability*, causing: +- **Impl explosion**: N topologies × M capabilities = N×M boilerplate. +- **ISP violation**: Topologies forced to impl unrelated capabilities. +- **Maintenance hell**: New topology needs impls for *all* orchestrated capabilities; new capability needs impls for *all* topologies/higher-order. +- **Barrier to extension**: Users can't easily add topologies without todos/panics. + +This makes scaling Harmony impractical as ecosystem grows. + +## Decision + +Use **blanket trait impls** on higher-order topologies to *automatically* derive orchestration: + +````rust +/// Higher-Order Topology: Orchestrates capabilities across sub-topologies. +pub struct FailoverTopology { + /// Primary sub-topology. + primary: T, + /// Replica sub-topology. + replica: T, +} + +/// Automatically provides PostgreSQL failover for *any* `T: PostgreSQL`. +/// Delegates to primary for queries; orchestrates deploy across both. +#[async_trait] +impl PostgreSQL for FailoverTopology { + async fn deploy(&self, config: &PostgreSQLConfig) -> Result { + // Deploy primary; extract certs/endpoint; + // deploy replica with pg_basebackup + TLS passthrough. + // (Full impl logged/elaborated.) + } + + // Delegate queries to primary. + async fn get_replication_certs(&self, cluster_name: &str) -> Result { + self.primary.get_replication_certs(cluster_name).await + } + // ... +} + +/// Similarly for other capabilities. +#[async_trait] +impl Docker for FailoverTopology { + // Failover Docker orchestration. +} +```` + +**Key properties:** +- **Auto-derivation**: `Failover` gets `PostgreSQL` iff `K8sAnywhere: PostgreSQL`. +- **No boilerplate**: One blanket impl per capability *per higher-order type*. + +## Rationale + +- **Composition via generics**: Rust trait solver auto-selects impls; zero runtime cost. +- **Compile-time safety**: Missing `T: Capability` → compile error (no panics). +- **Scalable**: O(capabilities) impls per higher-order; new `T` auto-works. +- **ISP-respecting**: Capabilities only surface if sub-topology provides. +- **Centralized logic**: Orchestration (e.g., cert propagation) in one place. + +**Example usage:** +````rust +// ✅ Works: K8sAnywhere: PostgreSQL → Failover provides failover PG +let pg_failover: FailoverTopology = ...; +pg_failover.deploy_pg(config).await; + +// ✅ Works: LinuxHost: Docker → Failover provides failover Docker +let docker_failover: FailoverTopology = ...; +docker_failover.deploy_docker(...).await; + +// ❌ Compile fail: K8sAnywhere !: Docker +let invalid: FailoverTopology; +invalid.deploy_docker(...); // `T: Docker` bound unsatisfied +```` + +## Consequences + +**Pros:** +- **Extensible**: New topology `AWSTopology: PostgreSQL` → instant `Failover: PostgreSQL`. +- **Lean**: No useless impls (e.g., no `K8sAnywhere: Docker`). +- **Observable**: Logs trace every step. + +**Cons:** +- **Monomorphization**: Generics generate code per T (mitigated: few Ts). +- **Delegation opacity**: Relies on rustdoc/logs for internals. + +## Alternatives considered + +| Approach | Pros | Cons | +|----------|------|------| +| **Manual per-T impls**
`impl PG for Failover {..}`
`impl PG for Failover {..}` | Explicit control | N×M explosion; violates ISP; hard to extend. | +| **Dynamic trait objects**
`Box` | Runtime flex | Perf hit; type erasure; error-prone dispatch. | +| **Mega-topology trait**
All-in-one `OrchestratedTopology` | Simple wiring | Monolithic; poor composition. | +| **Registry dispatch**
Runtime capability lookup | Decoupled | Complex; no compile safety; perf/debug overhead. | + +**Selected**: Blanket impls leverage Rust generics for safe, zero-cost composition. + +## Additional Notes + +- Applies to `MultisiteTopology`, `ShardedTopology`, etc. +- `FailoverTopology` in `failover.rs` is first implementation. diff --git a/adr/015-higher-order-topologies/example.rs b/adr/015-higher-order-topologies/example.rs new file mode 100644 index 0000000..8c8911d --- /dev/null +++ b/adr/015-higher-order-topologies/example.rs @@ -0,0 +1,153 @@ +//! Example of Higher-Order Topologies in Harmony. +//! Demonstrates how `FailoverTopology` automatically provides failover for *any* capability +//! supported by a sub-topology `T` via blanket trait impls. +//! +//! Key insight: No manual impls per T or capability -- scales effortlessly. +//! Users can: +//! - Write new `Topology` (impl capabilities on a struct). +//! - Compose with `FailoverTopology` (gets capabilities if T has them). +//! - Compile fails if capability missing (safety). + +use async_trait::async_trait; +use tokio; + +/// Capability trait: Deploy and manage PostgreSQL. +#[async_trait] +pub trait PostgreSQL { + async fn deploy(&self, config: &PostgreSQLConfig) -> Result; + async fn get_replication_certs(&self, cluster_name: &str) -> Result; +} + +/// Capability trait: Deploy Docker. +#[async_trait] +pub trait Docker { + async fn deploy_docker(&self) -> Result; +} + +/// Configuration for PostgreSQL deployments. +#[derive(Clone)] +pub struct PostgreSQLConfig; + +/// Replication certificates. +#[derive(Clone)] +pub struct ReplicationCerts; + +/// Concrete topology: Kubernetes Anywhere (supports PostgreSQL). +#[derive(Clone)] +pub struct K8sAnywhereTopology; + +#[async_trait] +impl PostgreSQL for K8sAnywhereTopology { + async fn deploy(&self, _config: &PostgreSQLConfig) -> Result { + // Real impl: Use k8s helm chart, operator, etc. + Ok("K8sAnywhere PostgreSQL deployed".to_string()) + } + + async fn get_replication_certs(&self, _cluster_name: &str) -> Result { + Ok(ReplicationCerts) + } +} + +/// Concrete topology: Linux Host (supports Docker). +#[derive(Clone)] +pub struct LinuxHostTopology; + +#[async_trait] +impl Docker for LinuxHostTopology { + async fn deploy_docker(&self) -> Result { + // Real impl: Install/configure Docker on host. + Ok("LinuxHost Docker deployed".to_string()) + } +} + +/// Higher-Order Topology: Composes multiple sub-topologies (primary + replica). +/// Automatically derives *all* capabilities of `T` with failover orchestration. +/// +/// - If `T: PostgreSQL`, then `FailoverTopology: PostgreSQL` (blanket impl). +/// - Same for `Docker`, etc. No boilerplate! +/// - Compile-time safe: Missing `T: Capability` → error. +#[derive(Clone)] +pub struct FailoverTopology { + /// Primary sub-topology. + pub primary: T, + /// Replica sub-topology. + pub replica: T, +} + +/// Blanket impl: Failover PostgreSQL if T provides PostgreSQL. +/// Delegates reads to primary; deploys to both. +#[async_trait] +impl PostgreSQL for FailoverTopology { + async fn deploy(&self, config: &PostgreSQLConfig) -> Result { + // Orchestrate: Deploy primary first, then replica (e.g., via pg_basebackup). + let primary_result = self.primary.deploy(config).await?; + let replica_result = self.replica.deploy(config).await?; + Ok(format!("Failover PG deployed: {} | {}", primary_result, replica_result)) + } + + async fn get_replication_certs(&self, cluster_name: &str) -> Result { + // Delegate to primary (replica follows). + self.primary.get_replication_certs(cluster_name).await + } +} + +/// Blanket impl: Failover Docker if T provides Docker. +#[async_trait] +impl Docker for FailoverTopology { + async fn deploy_docker(&self) -> Result { + // Orchestrate across primary + replica. + let primary_result = self.primary.deploy_docker().await?; + let replica_result = self.replica.deploy_docker().await?; + Ok(format!("Failover Docker deployed: {} | {}", primary_result, replica_result)) + } +} + +#[tokio::main] +async fn main() { + let config = PostgreSQLConfig; + + println!("=== ✅ PostgreSQL Failover (K8sAnywhere supports PG) ==="); + let pg_failover = FailoverTopology { + primary: K8sAnywhereTopology, + replica: K8sAnywhereTopology, + }; + let result = pg_failover.deploy(&config).await.unwrap(); + println!("Result: {}", result); + + println!("\n=== ✅ Docker Failover (LinuxHost supports Docker) ==="); + let docker_failover = FailoverTopology { + primary: LinuxHostTopology, + replica: LinuxHostTopology, + }; + let result = docker_failover.deploy_docker().await.unwrap(); + println!("Result: {}", result); + + println!("\n=== ❌ Would fail to compile (K8sAnywhere !: Docker) ==="); + // let invalid = FailoverTopology { + // primary: K8sAnywhereTopology, + // replica: K8sAnywhereTopology, + // }; + // invalid.deploy_docker().await.unwrap(); // Error: `K8sAnywhereTopology: Docker` not satisfied! + // Very clear error message : + // error[E0599]: the method `deploy_docker` exists for struct `FailoverTopology`, but its trait bounds were not satisfied + // --> src/main.rs:90:9 + // | + // 4 | pub struct FailoverTopology { + // | ------------------------------ method `deploy_docker` not found for this struct because it doesn't satisfy `FailoverTopology: Docker` + // ... + // 37 | struct K8sAnywhereTopology; + // | -------------------------- doesn't satisfy `K8sAnywhereTopology: Docker` + // ... + // 90 | invalid.deploy_docker(); // `T: Docker` bound unsatisfied + // | ^^^^^^^^^^^^^ method cannot be called on `FailoverTopology` due to unsatisfied trait bounds + // | + // note: trait bound `K8sAnywhereTopology: Docker` was not satisfied + // --> src/main.rs:61:9 + // | + // 61 | impl Docker for FailoverTopology { + // | ^^^^^^ ------ ------------------- + // | | + // | unsatisfied trait bound introduced here + // note: the trait `Docker` must be implemented +} + From a953284386e7416617a0038c0ede55db57741d48 Mon Sep 17 00:00:00 2001 From: Jean-Gabriel Gill-Couture Date: Tue, 9 Dec 2025 23:04:15 -0500 Subject: [PATCH 5/9] doc: Add note about counter-intuitive behavior of nmstate --- harmony/src/infra/network_manager.rs | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/harmony/src/infra/network_manager.rs b/harmony/src/infra/network_manager.rs index e5dbd24..a5a2f77 100644 --- a/harmony/src/infra/network_manager.rs +++ b/harmony/src/infra/network_manager.rs @@ -17,6 +17,12 @@ use crate::{ topology::{HostNetworkConfig, NetworkError, NetworkManager, k8s::K8sClient}, }; +/// TODO document properly the non-intuitive behavior or "roll forward only" of nmstate in general +/// It is documented in nmstate official doc, but worth mentionning here : +/// +/// - You create a bond, nmstate will apply it +/// - You delete de bond from nmstate, it will NOT delete it +/// - To delete it you have to update it with configuration set to null pub struct OpenShiftNmStateNetworkManager { k8s_client: Arc, } @@ -31,6 +37,7 @@ impl std::fmt::Debug for OpenShiftNmStateNetworkManager { impl NetworkManager for OpenShiftNmStateNetworkManager { async fn ensure_network_manager_installed(&self) -> Result<(), NetworkError> { debug!("Installing NMState controller..."); + // TODO use operatorhub maybe? self.k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/nmstate.io_nmstates.yaml ").unwrap(), Some("nmstate")) .await?; From 50bd5c5bbaa9daeb677ffec5023722e87fa92930 Mon Sep 17 00:00:00 2001 From: Willem Date: Wed, 10 Dec 2025 12:15:07 -0500 Subject: [PATCH 6/9] feat(OKDInstallation): Implemented bootstrap of okd worker node, added features to allow both control plane and worker node to use the same bootstrap_okd_node score --- Cargo.lock | 15 + harmony/src/domain/inventory/mod.rs | 13 + .../modules/okd/bootstrap_03_control_plane.rs | 172 +--------- .../src/modules/okd/bootstrap_04_workers.rs | 23 +- harmony/src/modules/okd/bootstrap_okd_node.rs | 296 ++++++++++++++++++ harmony/src/modules/okd/mod.rs | 2 + harmony/src/modules/okd/okd_node.rs | 69 ++++ 7 files changed, 410 insertions(+), 180 deletions(-) create mode 100644 harmony/src/modules/okd/bootstrap_okd_node.rs create mode 100644 harmony/src/modules/okd/okd_node.rs diff --git a/Cargo.lock b/Cargo.lock index 7d9cdcf..ab3b102 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -6049,6 +6049,21 @@ version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8f50febec83f5ee1df3015341d8bd429f2d1cc62bcba7ea2076759d315084683" +[[package]] +name = "test-score" +version = "0.1.0" +dependencies = [ + "base64 0.22.1", + "env_logger", + "harmony", + "harmony_cli", + "harmony_macros", + "harmony_types", + "log", + "tokio", + "url", +] + [[package]] name = "thiserror" version = "1.0.69" diff --git a/harmony/src/domain/inventory/mod.rs b/harmony/src/domain/inventory/mod.rs index 7d160d7..f7cc1ef 100644 --- a/harmony/src/domain/inventory/mod.rs +++ b/harmony/src/domain/inventory/mod.rs @@ -1,4 +1,6 @@ mod repository; +use std::fmt; + pub use repository::*; #[derive(Debug, new, Clone)] @@ -71,3 +73,14 @@ pub enum HostRole { Worker, Storage, } + +impl fmt::Display for HostRole { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + match self { + HostRole::Bootstrap => write!(f, "Bootstrap"), + HostRole::ControlPlane => write!(f, "ControlPlane"), + HostRole::Worker => write!(f, "Worker"), + HostRole::Storage => write!(f, "Storage"), + } + } +} diff --git a/harmony/src/modules/okd/bootstrap_03_control_plane.rs b/harmony/src/modules/okd/bootstrap_03_control_plane.rs index 5abe848..7e882ab 100644 --- a/harmony/src/modules/okd/bootstrap_03_control_plane.rs +++ b/harmony/src/modules/okd/bootstrap_03_control_plane.rs @@ -5,8 +5,10 @@ use crate::{ interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome}, inventory::{HostRole, Inventory}, modules::{ - dhcp::DhcpHostBindingScore, http::IPxeMacBootFileScore, - inventory::DiscoverHostForRoleScore, okd::templates::BootstrapIpxeTpl, + dhcp::DhcpHostBindingScore, + http::IPxeMacBootFileScore, + inventory::DiscoverHostForRoleScore, + okd::{bootstrap_okd_node::OKDNodeInterpret, templates::BootstrapIpxeTpl}, }, score::Score, topology::{HAClusterTopology, HostBinding}, @@ -50,159 +52,6 @@ impl OKDSetup03ControlPlaneInterpret { status: InterpretStatus::QUEUED, } } - - /// Ensures that three physical hosts are discovered and available for the ControlPlane role. - /// It will trigger discovery if not enough hosts are found. - async fn get_nodes( - &self, - inventory: &Inventory, - topology: &HAClusterTopology, - ) -> Result, InterpretError> { - const REQUIRED_HOSTS: usize = 3; - let repo = InventoryRepositoryFactory::build().await?; - let mut control_plane_hosts = repo.get_host_for_role(&HostRole::ControlPlane).await?; - - while control_plane_hosts.len() < REQUIRED_HOSTS { - info!( - "Discovery of {} control plane hosts in progress, current number {}", - REQUIRED_HOSTS, - control_plane_hosts.len() - ); - // This score triggers the discovery agent for a specific role. - DiscoverHostForRoleScore { - role: HostRole::ControlPlane, - } - .interpret(inventory, topology) - .await?; - control_plane_hosts = repo.get_host_for_role(&HostRole::ControlPlane).await?; - } - - if control_plane_hosts.len() < REQUIRED_HOSTS { - Err(InterpretError::new(format!( - "OKD Requires at least {} control plane hosts, but only found {}. Cannot proceed.", - REQUIRED_HOSTS, - control_plane_hosts.len() - ))) - } else { - // Take exactly the number of required hosts to ensure consistency. - Ok(control_plane_hosts - .into_iter() - .take(REQUIRED_HOSTS) - .collect()) - } - } - - /// Configures DHCP host bindings for all control plane nodes. - async fn configure_host_binding( - &self, - inventory: &Inventory, - topology: &HAClusterTopology, - nodes: &Vec, - ) -> Result<(), InterpretError> { - info!("[ControlPlane] Configuring host bindings for control plane nodes."); - - // Ensure the topology definition matches the number of physical nodes found. - if topology.control_plane.len() != nodes.len() { - return Err(InterpretError::new(format!( - "Mismatch between logical control plane hosts defined in topology ({}) and physical nodes found ({}).", - topology.control_plane.len(), - nodes.len() - ))); - } - - // Create a binding for each physical host to its corresponding logical host. - let bindings: Vec = topology - .control_plane - .iter() - .zip(nodes.iter()) - .map(|(logical_host, physical_host)| { - info!( - "Creating binding: Logical Host '{}' -> Physical Host ID '{}'", - logical_host.name, physical_host.id - ); - HostBinding { - logical_host: logical_host.clone(), - physical_host: physical_host.clone(), - } - }) - .collect(); - - DhcpHostBindingScore { - host_binding: bindings, - domain: Some(topology.domain_name.clone()), - } - .interpret(inventory, topology) - .await?; - - Ok(()) - } - - /// Renders and deploys a per-MAC iPXE boot file for each control plane node. - async fn configure_ipxe( - &self, - inventory: &Inventory, - topology: &HAClusterTopology, - nodes: &Vec, - ) -> Result<(), InterpretError> { - info!("[ControlPlane] Rendering per-MAC iPXE configurations."); - - // The iPXE script content is the same for all control plane nodes, - // pointing to the 'master.ign' ignition file. - let content = BootstrapIpxeTpl { - http_ip: &topology.http_server.get_ip().to_string(), - scos_path: "scos", - ignition_http_path: "okd_ignition_files", - installation_device: "/dev/sda", // This might need to be configurable per-host in the future - ignition_file_name: "master.ign", // Control plane nodes use the master ignition file - } - .to_string(); - - debug!("[ControlPlane] iPXE content template:\n{content}"); - - // Create and apply an iPXE boot file for each node. - for node in nodes { - let mac_address = node.get_mac_address(); - if mac_address.is_empty() { - return Err(InterpretError::new(format!( - "Physical host with ID '{}' has no MAC addresses defined.", - node.id - ))); - } - info!( - "[ControlPlane] Applying iPXE config for node ID '{}' with MACs: {:?}", - node.id, mac_address - ); - - IPxeMacBootFileScore { - mac_address, - content: content.clone(), - } - .interpret(inventory, topology) - .await?; - } - - Ok(()) - } - - /// Prompts the user to reboot the target control plane nodes. - async fn reboot_targets(&self, nodes: &Vec) -> Result<(), InterpretError> { - let node_ids: Vec = nodes.iter().map(|n| n.id.to_string()).collect(); - info!("[ControlPlane] Requesting reboot for control plane nodes: {node_ids:?}",); - - let confirmation = inquire::Confirm::new( - &format!("Please reboot the {} control plane nodes ({}) to apply their PXE configuration. Press enter when ready.", nodes.len(), node_ids.join(", ")), - ) - .prompt() - .map_err(|e| InterpretError::new(format!("User prompt failed: {e}")))?; - - if !confirmation { - return Err(InterpretError::new( - "User aborted the operation.".to_string(), - )); - } - - Ok(()) - } } #[async_trait] @@ -228,19 +77,10 @@ impl Interpret for OKDSetup03ControlPlaneInterpret { inventory: &Inventory, topology: &HAClusterTopology, ) -> Result { - // 1. Ensure we have 3 physical hosts for the control plane. - let nodes = self.get_nodes(inventory, topology).await?; - - // 2. Create DHCP reservations for the control plane nodes. - self.configure_host_binding(inventory, topology, &nodes) + OKDNodeInterpret::new(HostRole::ControlPlane) + .execute(inventory, topology) .await?; - // 3. Create iPXE files for each control plane node to boot from the master ignition. - self.configure_ipxe(inventory, topology, &nodes).await?; - - // 4. Reboot the nodes to start the OS installation. - self.reboot_targets(&nodes).await?; - // TODO: Implement a step to wait for the control plane nodes to join the cluster // and for the cluster operators to become available. This would be similar to // the `wait-for bootstrap-complete` command. diff --git a/harmony/src/modules/okd/bootstrap_04_workers.rs b/harmony/src/modules/okd/bootstrap_04_workers.rs index 461cab9..62bf2ad 100644 --- a/harmony/src/modules/okd/bootstrap_04_workers.rs +++ b/harmony/src/modules/okd/bootstrap_04_workers.rs @@ -1,13 +1,13 @@ use async_trait::async_trait; use derive_new::new; use harmony_types::id::Id; -use log::info; use serde::Serialize; use crate::{ data::Version, interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome}, - inventory::Inventory, + inventory::{HostRole, Inventory}, + modules::okd::bootstrap_okd_node::OKDNodeInterpret, score::Score, topology::HAClusterTopology, }; @@ -23,7 +23,7 @@ pub struct OKDSetup04WorkersScore {} impl Score for OKDSetup04WorkersScore { fn create_interpret(&self) -> Box> { - Box::new(OKDSetup04WorkersInterpret::new(self.clone())) + Box::new(OKDSetup04WorkersInterpret::new()) } fn name(&self) -> String { @@ -33,25 +33,18 @@ impl Score for OKDSetup04WorkersScore { #[derive(Debug, Clone)] pub struct OKDSetup04WorkersInterpret { - score: OKDSetup04WorkersScore, version: Version, status: InterpretStatus, } impl OKDSetup04WorkersInterpret { - pub fn new(score: OKDSetup04WorkersScore) -> Self { + pub fn new() -> Self { let version = Version::from("1.0.0").unwrap(); Self { version, - score, status: InterpretStatus::QUEUED, } } - - async fn render_and_reboot(&self) -> Result<(), InterpretError> { - info!("[Workers] Rendering per-MAC PXE for workers and rebooting"); - Ok(()) - } } #[async_trait] @@ -74,10 +67,12 @@ impl Interpret for OKDSetup04WorkersInterpret { async fn execute( &self, - _inventory: &Inventory, - _topology: &HAClusterTopology, + inventory: &Inventory, + topology: &HAClusterTopology, ) -> Result { - self.render_and_reboot().await?; + OKDNodeInterpret::new(HostRole::Worker) + .execute(inventory, topology) + .await?; Ok(Outcome::success("Workers provisioned".into())) } } diff --git a/harmony/src/modules/okd/bootstrap_okd_node.rs b/harmony/src/modules/okd/bootstrap_okd_node.rs new file mode 100644 index 0000000..a5eb7c2 --- /dev/null +++ b/harmony/src/modules/okd/bootstrap_okd_node.rs @@ -0,0 +1,296 @@ +use async_trait::async_trait; +use derive_new::new; +use harmony_types::id::Id; +use log::{debug, info}; +use serde::Serialize; + +use crate::{ + data::Version, + hardware::PhysicalHost, + infra::inventory::InventoryRepositoryFactory, + interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome}, + inventory::{HostRole, Inventory}, + modules::{ + dhcp::DhcpHostBindingScore, + http::IPxeMacBootFileScore, + inventory::DiscoverHostForRoleScore, + okd::{ + okd_node::{ + BootstrapRole, ControlPlaneRole, OKDRoleProperties, StorageRole, WorkerRole, + }, + templates::BootstrapIpxeTpl, + }, + }, + score::Score, + topology::{HAClusterTopology, HostBinding, LogicalHost}, +}; + +#[derive(Debug, Clone, Serialize, new)] +pub struct OKDNodeScore { + host_role: HostRole, +} + +impl Score for OKDNodeScore { + fn name(&self) -> String { + "OKDNodeScore".to_string() + } + + fn create_interpret(&self) -> Box> { + Box::new(OKDNodeInterpret::new(self.host_role.clone())) + } +} + +#[derive(Debug, Clone)] +pub struct OKDNodeInterpret { + host_role: HostRole, +} + +impl OKDNodeInterpret { + pub fn new(host_role: HostRole) -> Self { + Self { host_role } + } + + fn okd_role_properties(&self, role: &HostRole) -> &'static dyn OKDRoleProperties { + match role { + HostRole::Bootstrap => &BootstrapRole, + HostRole::ControlPlane => &ControlPlaneRole, + HostRole::Worker => &WorkerRole, + HostRole::Storage => &StorageRole, + } + } + + async fn get_nodes( + &self, + inventory: &Inventory, + topology: &HAClusterTopology, + ) -> Result, InterpretError> { + let repo = InventoryRepositoryFactory::build().await?; + + let mut hosts = repo.get_host_for_role(&self.host_role).await?; + + let okd_host_properties = self.okd_role_properties(&self.host_role); + + let required_hosts: usize = okd_host_properties.required_hosts(); + + while hosts.len() < required_hosts { + info!( + "Discovery of {} {} hosts in progress, current number {}", + required_hosts, + self.host_role, + hosts.len() + ); + // This score triggers the discovery agent for a specific role. + DiscoverHostForRoleScore { + role: self.host_role.clone(), + } + .interpret(inventory, topology) + .await?; + hosts = repo.get_host_for_role(&self.host_role).await?; + } + + if hosts.len() < required_hosts { + Err(InterpretError::new(format!( + "OKD Requires at least {} {} hosts, but only found {}. Cannot proceed.", + required_hosts, + self.host_role, + hosts.len() + ))) + } else { + // Take exactly the number of required hosts to ensure consistency. + Ok(hosts.into_iter().take(required_hosts).collect()) + } + } + + /// Configures DHCP host bindings for all nodes. + async fn configure_host_binding( + &self, + inventory: &Inventory, + topology: &HAClusterTopology, + nodes: &Vec, + ) -> Result<(), InterpretError> { + info!( + "[{}] Configuring host bindings for {} plane nodes.", + self.host_role, self.host_role, + ); + + let host_properties = self.okd_role_properties(&self.host_role); + + self.validate_host_node_match(nodes, host_properties.logical_hosts(topology))?; + + let bindings: Vec = + self.host_bindings(nodes, host_properties.logical_hosts(topology)); + + DhcpHostBindingScore { + host_binding: bindings, + domain: Some(topology.domain_name.clone()), + } + .interpret(inventory, topology) + .await?; + + Ok(()) + } + + // Ensure the topology definition matches the number of physical nodes found. + fn validate_host_node_match( + &self, + nodes: &Vec, + hosts: &Vec, + ) -> Result<(), InterpretError> { + if hosts.len() != nodes.len() { + return Err(InterpretError::new(format!( + "Mismatch between logical hosts defined in topology ({}) and physical nodes found ({}).", + hosts.len(), + nodes.len() + ))); + } + Ok(()) + } + + // Create a binding for each physical host to its corresponding logical host. + fn host_bindings( + &self, + nodes: &Vec, + hosts: &Vec, + ) -> Vec { + hosts + .iter() + .zip(nodes.iter()) + .map(|(logical_host, physical_host)| { + info!( + "Creating binding: Logical Host '{}' -> Physical Host ID '{}'", + logical_host.name, physical_host.id + ); + HostBinding { + logical_host: logical_host.clone(), + physical_host: physical_host.clone(), + } + }) + .collect() + } + + /// Renders and deploys a per-MAC iPXE boot file for each node. + async fn configure_ipxe( + &self, + inventory: &Inventory, + topology: &HAClusterTopology, + nodes: &Vec, + ) -> Result<(), InterpretError> { + info!( + "[{}] Rendering per-MAC iPXE configurations.", + self.host_role + ); + + let okd_role_properties = self.okd_role_properties(&self.host_role); + // The iPXE script content is the same for all control plane nodes, + // pointing to the 'master.ign' ignition file. + let content = BootstrapIpxeTpl { + http_ip: &topology.http_server.get_ip().to_string(), + scos_path: "scos", + ignition_http_path: "okd_ignition_files", + //TODO must be refactored to not only use /dev/sda + installation_device: "/dev/sda", // This might need to be configurable per-host in the future + ignition_file_name: okd_role_properties.ignition_file(), + } + .to_string(); + + debug!("[{}] iPXE content template:\n{content}", self.host_role); + + // Create and apply an iPXE boot file for each node. + for node in nodes { + let mac_address = node.get_mac_address(); + if mac_address.is_empty() { + return Err(InterpretError::new(format!( + "Physical host with ID '{}' has no MAC addresses defined.", + node.id + ))); + } + info!( + "[{}] Applying iPXE config for node ID '{}' with MACs: {:?}", + self.host_role, node.id, mac_address + ); + + IPxeMacBootFileScore { + mac_address, + content: content.clone(), + } + .interpret(inventory, topology) + .await?; + } + + Ok(()) + } + + /// Prompts the user to reboot the target control plane nodes. + async fn reboot_targets(&self, nodes: &Vec) -> Result<(), InterpretError> { + let node_ids: Vec = nodes.iter().map(|n| n.id.to_string()).collect(); + info!( + "[{}] Requesting reboot for control plane nodes: {node_ids:?}", + self.host_role + ); + + let confirmation = inquire::Confirm::new( + &format!("Please reboot the {} {} nodes ({}) to apply their PXE configuration. Press enter when ready.", nodes.len(), self.host_role, node_ids.join(", ")), + ) + .prompt() + .map_err(|e| InterpretError::new(format!("User prompt failed: {e}")))?; + + if !confirmation { + return Err(InterpretError::new( + "User aborted the operation.".to_string(), + )); + } + + Ok(()) + } +} + +#[async_trait] +impl Interpret for OKDNodeInterpret { + async fn execute( + &self, + inventory: &Inventory, + topology: &HAClusterTopology, + ) -> Result { + // 1. Ensure we have the specfied number of physical hosts. + let nodes = self.get_nodes(inventory, topology).await?; + + // 2. Create DHCP reservations for the nodes. + self.configure_host_binding(inventory, topology, &nodes) + .await?; + + // 3. Create iPXE files for each node to boot from the ignition. + self.configure_ipxe(inventory, topology, &nodes).await?; + + // 4. Reboot the nodes to start the OS installation. + self.reboot_targets(&nodes).await?; + + // TODO: Implement a step to wait for the control plane nodes to join the cluster + // and for the cluster operators to become available. This would be similar to + // the `wait-for bootstrap-complete` command. + info!( + "[{}] Provisioning initiated. Monitor the cluster convergence manually.", + self.host_role + ); + + Ok(Outcome::success(format!( + "{} provisioning has been successfully initiated.", + self.host_role + ))) + } + + fn get_name(&self) -> InterpretName { + InterpretName::Custom("OKDNodeSetup".into()) + } + + fn get_version(&self) -> Version { + todo!() + } + + fn get_status(&self) -> InterpretStatus { + todo!() + } + + fn get_children(&self) -> Vec { + todo!() + } +} diff --git a/harmony/src/modules/okd/mod.rs b/harmony/src/modules/okd/mod.rs index 8bb85ef..1cf66bc 100644 --- a/harmony/src/modules/okd/mod.rs +++ b/harmony/src/modules/okd/mod.rs @@ -6,12 +6,14 @@ mod bootstrap_05_sanity_check; mod bootstrap_06_installation_report; pub mod bootstrap_dhcp; pub mod bootstrap_load_balancer; +pub mod bootstrap_okd_node; mod bootstrap_persist_network_bond; pub mod dhcp; pub mod dns; pub mod installation; pub mod ipxe; pub mod load_balancer; +pub mod okd_node; pub mod templates; pub mod upgrade; pub use bootstrap_01_prepare::*; diff --git a/harmony/src/modules/okd/okd_node.rs b/harmony/src/modules/okd/okd_node.rs new file mode 100644 index 0000000..687ae5a --- /dev/null +++ b/harmony/src/modules/okd/okd_node.rs @@ -0,0 +1,69 @@ +use crate::topology::{HAClusterTopology, LogicalHost}; + +pub trait OKDRoleProperties { + fn ignition_file(&self) -> &'static str; + fn required_hosts(&self) -> usize; + fn logical_hosts<'a>(&self, t: &'a HAClusterTopology) -> &'a Vec; +} + +pub struct BootstrapRole; +pub struct ControlPlaneRole; +pub struct WorkerRole; +pub struct StorageRole; + +impl OKDRoleProperties for BootstrapRole { + fn ignition_file(&self) -> &'static str { + "bootstrap.ign" + } + + fn required_hosts(&self) -> usize { + 1 + } + + fn logical_hosts<'a>(&self, t: &'a HAClusterTopology) -> &'a Vec { + todo!() + } +} + +impl OKDRoleProperties for ControlPlaneRole { + fn ignition_file(&self) -> &'static str { + "master.ign" + } + + fn required_hosts(&self) -> usize { + 3 + } + + fn logical_hosts<'a>(&self, t: &'a HAClusterTopology) -> &'a Vec { + &t.control_plane + } +} + +impl OKDRoleProperties for WorkerRole { + fn ignition_file(&self) -> &'static str { + "worker.ign" + } + + fn required_hosts(&self) -> usize { + 2 + } + + fn logical_hosts<'a>(&self, t: &'a HAClusterTopology) -> &'a Vec { + &t.workers + } +} + +//TODO unsure if this is to be implemented here or not +impl OKDRoleProperties for StorageRole { + fn ignition_file(&self) -> &'static str { + todo!() + } + + fn required_hosts(&self) -> usize { + todo!() + } + + fn logical_hosts<'a>(&self, t: &'a HAClusterTopology) -> &'a Vec { + todo!() + } +} From d5fadf4f4454a2b32e11ee3bf5486cfd2551e22a Mon Sep 17 00:00:00 2001 From: Willem Date: Wed, 10 Dec 2025 14:20:24 -0500 Subject: [PATCH 7/9] fix: deleted storage node role, fixed erroneous comment, modified score name to be in line with clean code naming conventions, fixed how the OKDNodeInstallationScore is called via OKDSetup03ControlPlaneScore and OKDSetup04WorkersScore --- harmony/src/domain/inventory/mod.rs | 2 - .../modules/okd/bootstrap_03_control_plane.rs | 77 ++----------------- .../src/modules/okd/bootstrap_04_workers.rs | 58 +------------- harmony/src/modules/okd/bootstrap_okd_node.rs | 21 +++-- harmony/src/modules/okd/okd_node.rs | 15 ---- 5 files changed, 23 insertions(+), 150 deletions(-) diff --git a/harmony/src/domain/inventory/mod.rs b/harmony/src/domain/inventory/mod.rs index f7cc1ef..10fabda 100644 --- a/harmony/src/domain/inventory/mod.rs +++ b/harmony/src/domain/inventory/mod.rs @@ -71,7 +71,6 @@ pub enum HostRole { Bootstrap, ControlPlane, Worker, - Storage, } impl fmt::Display for HostRole { @@ -80,7 +79,6 @@ impl fmt::Display for HostRole { HostRole::Bootstrap => write!(f, "Bootstrap"), HostRole::ControlPlane => write!(f, "ControlPlane"), HostRole::Worker => write!(f, "Worker"), - HostRole::Storage => write!(f, "Storage"), } } } diff --git a/harmony/src/modules/okd/bootstrap_03_control_plane.rs b/harmony/src/modules/okd/bootstrap_03_control_plane.rs index 7e882ab..87b90f6 100644 --- a/harmony/src/modules/okd/bootstrap_03_control_plane.rs +++ b/harmony/src/modules/okd/bootstrap_03_control_plane.rs @@ -1,22 +1,8 @@ use crate::{ - data::Version, - hardware::PhysicalHost, - infra::inventory::InventoryRepositoryFactory, - interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome}, - inventory::{HostRole, Inventory}, - modules::{ - dhcp::DhcpHostBindingScore, - http::IPxeMacBootFileScore, - inventory::DiscoverHostForRoleScore, - okd::{bootstrap_okd_node::OKDNodeInterpret, templates::BootstrapIpxeTpl}, - }, - score::Score, - topology::{HAClusterTopology, HostBinding}, + interpret::Interpret, inventory::HostRole, modules::okd::bootstrap_okd_node::OKDNodeInterpret, + score::Score, topology::HAClusterTopology, }; -use async_trait::async_trait; use derive_new::new; -use harmony_types::id::Id; -use log::{debug, info}; use serde::Serialize; // ------------------------------------------------------------------------------------------------- @@ -30,64 +16,13 @@ pub struct OKDSetup03ControlPlaneScore {} impl Score for OKDSetup03ControlPlaneScore { fn create_interpret(&self) -> Box> { - Box::new(OKDSetup03ControlPlaneInterpret::new()) + // TODO: Implement a step to wait for the control plane nodes to join the cluster + // and for the cluster operators to become available. This would be similar to + // the `wait-for bootstrap-complete` command. + Box::new(OKDNodeInterpret::new(HostRole::ControlPlane)) } fn name(&self) -> String { "OKDSetup03ControlPlaneScore".to_string() } } - -#[derive(Debug, Clone)] -pub struct OKDSetup03ControlPlaneInterpret { - version: Version, - status: InterpretStatus, -} - -impl OKDSetup03ControlPlaneInterpret { - pub fn new() -> Self { - let version = Version::from("1.0.0").unwrap(); - Self { - version, - status: InterpretStatus::QUEUED, - } - } -} - -#[async_trait] -impl Interpret for OKDSetup03ControlPlaneInterpret { - fn get_name(&self) -> InterpretName { - InterpretName::Custom("OKDSetup03ControlPlane") - } - - fn get_version(&self) -> Version { - self.version.clone() - } - - fn get_status(&self) -> InterpretStatus { - self.status.clone() - } - - fn get_children(&self) -> Vec { - vec![] - } - - async fn execute( - &self, - inventory: &Inventory, - topology: &HAClusterTopology, - ) -> Result { - OKDNodeInterpret::new(HostRole::ControlPlane) - .execute(inventory, topology) - .await?; - - // TODO: Implement a step to wait for the control plane nodes to join the cluster - // and for the cluster operators to become available. This would be similar to - // the `wait-for bootstrap-complete` command. - info!("[ControlPlane] Provisioning initiated. Monitor the cluster convergence manually."); - - Ok(Outcome::success( - "Control plane provisioning has been successfully initiated.".into(), - )) - } -} diff --git a/harmony/src/modules/okd/bootstrap_04_workers.rs b/harmony/src/modules/okd/bootstrap_04_workers.rs index 62bf2ad..c73dce1 100644 --- a/harmony/src/modules/okd/bootstrap_04_workers.rs +++ b/harmony/src/modules/okd/bootstrap_04_workers.rs @@ -1,15 +1,9 @@ -use async_trait::async_trait; use derive_new::new; -use harmony_types::id::Id; use serde::Serialize; use crate::{ - data::Version, - interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome}, - inventory::{HostRole, Inventory}, - modules::okd::bootstrap_okd_node::OKDNodeInterpret, - score::Score, - topology::HAClusterTopology, + interpret::Interpret, inventory::HostRole, modules::okd::bootstrap_okd_node::OKDNodeInterpret, + score::Score, topology::HAClusterTopology, }; // ------------------------------------------------------------------------------------------------- @@ -23,56 +17,10 @@ pub struct OKDSetup04WorkersScore {} impl Score for OKDSetup04WorkersScore { fn create_interpret(&self) -> Box> { - Box::new(OKDSetup04WorkersInterpret::new()) + Box::new(OKDNodeInterpret::new(HostRole::Worker)) } fn name(&self) -> String { "OKDSetup04WorkersScore".to_string() } } - -#[derive(Debug, Clone)] -pub struct OKDSetup04WorkersInterpret { - version: Version, - status: InterpretStatus, -} - -impl OKDSetup04WorkersInterpret { - pub fn new() -> Self { - let version = Version::from("1.0.0").unwrap(); - Self { - version, - status: InterpretStatus::QUEUED, - } - } -} - -#[async_trait] -impl Interpret for OKDSetup04WorkersInterpret { - fn get_name(&self) -> InterpretName { - InterpretName::Custom("OKDSetup04Workers") - } - - fn get_version(&self) -> Version { - self.version.clone() - } - - fn get_status(&self) -> InterpretStatus { - self.status.clone() - } - - fn get_children(&self) -> Vec { - vec![] - } - - async fn execute( - &self, - inventory: &Inventory, - topology: &HAClusterTopology, - ) -> Result { - OKDNodeInterpret::new(HostRole::Worker) - .execute(inventory, topology) - .await?; - Ok(Outcome::success("Workers provisioned".into())) - } -} diff --git a/harmony/src/modules/okd/bootstrap_okd_node.rs b/harmony/src/modules/okd/bootstrap_okd_node.rs index a5eb7c2..d5b1d94 100644 --- a/harmony/src/modules/okd/bootstrap_okd_node.rs +++ b/harmony/src/modules/okd/bootstrap_okd_node.rs @@ -26,11 +26,11 @@ use crate::{ }; #[derive(Debug, Clone, Serialize, new)] -pub struct OKDNodeScore { +pub struct OKDNodeInstallationScore { host_role: HostRole, } -impl Score for OKDNodeScore { +impl Score for OKDNodeInstallationScore { fn name(&self) -> String { "OKDNodeScore".to_string() } @@ -55,7 +55,6 @@ impl OKDNodeInterpret { HostRole::Bootstrap => &BootstrapRole, HostRole::ControlPlane => &ControlPlaneRole, HostRole::Worker => &WorkerRole, - HostRole::Storage => &StorageRole, } } @@ -263,10 +262,18 @@ impl Interpret for OKDNodeInterpret { // 4. Reboot the nodes to start the OS installation. self.reboot_targets(&nodes).await?; - - // TODO: Implement a step to wait for the control plane nodes to join the cluster - // and for the cluster operators to become available. This would be similar to - // the `wait-for bootstrap-complete` command. + // TODO: Implement a step to validate that the installation of the nodes is + // complete and for the cluster operators to become available. + // + // The OpenShift installer only provides two wait commands which currently need to be + // run manually: + // - `openshift-install wait-for bootstrap-complete` + // - `openshift-install wait-for install-complete` + // + // There is no installer command that waits specifically for worker node + // provisioning. Worker nodes join asynchronously (via ignition + CSR approval), + // and the cluster becomes fully functional only once all nodes are Ready and the + // cluster operators report Available=True. info!( "[{}] Provisioning initiated. Monitor the cluster convergence manually.", self.host_role diff --git a/harmony/src/modules/okd/okd_node.rs b/harmony/src/modules/okd/okd_node.rs index 687ae5a..39ca53b 100644 --- a/harmony/src/modules/okd/okd_node.rs +++ b/harmony/src/modules/okd/okd_node.rs @@ -52,18 +52,3 @@ impl OKDRoleProperties for WorkerRole { &t.workers } } - -//TODO unsure if this is to be implemented here or not -impl OKDRoleProperties for StorageRole { - fn ignition_file(&self) -> &'static str { - todo!() - } - - fn required_hosts(&self) -> usize { - todo!() - } - - fn logical_hosts<'a>(&self, t: &'a HAClusterTopology) -> &'a Vec { - todo!() - } -} From c6f859f97332edd5bcff64110ceaafeefcab86ad Mon Sep 17 00:00:00 2001 From: Willem Date: Tue, 16 Dec 2025 15:30:49 -0500 Subject: [PATCH 8/9] fix(OPNSense): update fields for haproxyy and opnsense following most recent update and upgrade to opnsense --- opnsense-config-xml/src/data/haproxy.rs | 2 +- opnsense-config-xml/src/data/opnsense.rs | 20 ++++++++++++-------- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/opnsense-config-xml/src/data/haproxy.rs b/opnsense-config-xml/src/data/haproxy.rs index e82cb33..1114038 100644 --- a/opnsense-config-xml/src/data/haproxy.rs +++ b/opnsense-config-xml/src/data/haproxy.rs @@ -114,7 +114,7 @@ pub struct HAProxy { #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] pub struct HAProxyResolvers { #[yaserde(rename = "resolver")] - pub resolver: Resolver, + pub resolver: Option, } #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] diff --git a/opnsense-config-xml/src/data/opnsense.rs b/opnsense-config-xml/src/data/opnsense.rs index debbfbf..ad743cd 100644 --- a/opnsense-config-xml/src/data/opnsense.rs +++ b/opnsense-config-xml/src/data/opnsense.rs @@ -136,6 +136,7 @@ pub struct Rule { pub updated: Option, pub created: Option, pub disabled: Option, + pub log: Option, } #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] @@ -1140,6 +1141,7 @@ pub struct UnboundGeneral { pub local_zone_type: String, pub outgoing_interface: MaybeString, pub enable_wpad: MaybeString, + pub safesearch: MaybeString, } #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] @@ -1193,15 +1195,15 @@ pub struct Acls { #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)] pub struct Dnsbl { - pub enabled: i32, - pub safesearch: MaybeString, + pub enabled: Option, + pub safesearch: Option, #[yaserde(rename = "type")] - pub r#type: MaybeString, - pub lists: MaybeString, - pub whitelists: MaybeString, - pub blocklists: MaybeString, - pub wildcards: MaybeString, - pub address: MaybeString, + pub r#type: Option, + pub lists: Option, + pub whitelists: Option, + pub blocklists: Option, + pub wildcards: Option, + pub address: Option, pub nxdomain: Option, } @@ -1229,6 +1231,7 @@ pub struct Host { pub ttl: Option, pub server: String, pub description: Option, + pub txtdata: MaybeString, } impl Host { @@ -1244,6 +1247,7 @@ impl Host { ttl: Some(MaybeString::default()), mx: MaybeString::default(), description: None, + txtdata: MaybeString::default(), } } } From 22875fe8f310f894e977ecbd710481c8be01dba5 Mon Sep 17 00:00:00 2001 From: Willem Date: Wed, 17 Dec 2025 15:00:48 -0500 Subject: [PATCH 9/9] fix: updated test xml structures to match with new fields added to opnsense --- .../src/tests/data/config-25.7-dnsmasq-static-host.xml | 1 + opnsense-config/src/tests/data/config-full-1.xml | 5 +++++ .../src/tests/data/config-full-25.7-dnsmasq-options.xml | 1 + .../tests/data/config-full-25.7-dummy-dnsmasq-options.xml | 1 + opnsense-config/src/tests/data/config-full-25.7.xml | 1 + opnsense-config/src/tests/data/config-full-ncd0.xml | 1 + opnsense-config/src/tests/data/config-opnsense-25.1.xml | 1 + .../data/config-structure-with-dhcp-staticmap-entry.xml | 5 +++++ opnsense-config/src/tests/data/config-structure.xml | 5 +++++ opnsense-config/src/tests/data/config-vm-test.xml | 1 + .../src/tests/data/config-vm-test_cheat_descr.xml | 1 + opnsense-config/src/tests/data/config-vm-test_linted.xml | 1 + 12 files changed, 24 insertions(+) diff --git a/opnsense-config/src/tests/data/config-25.7-dnsmasq-static-host.xml b/opnsense-config/src/tests/data/config-25.7-dnsmasq-static-host.xml index f36e4f7..737766c 100644 --- a/opnsense-config/src/tests/data/config-25.7-dnsmasq-static-host.xml +++ b/opnsense-config/src/tests/data/config-25.7-dnsmasq-static-host.xml @@ -612,6 +612,7 @@ transparent 0 + 0 diff --git a/opnsense-config/src/tests/data/config-full-1.xml b/opnsense-config/src/tests/data/config-full-1.xml index 378d577..9b417f2 100644 --- a/opnsense-config/src/tests/data/config-full-1.xml +++ b/opnsense-config/src/tests/data/config-full-1.xml @@ -2003,6 +2003,7 @@ transparent + @@ -2071,6 +2072,7 @@ 192.168.20.161 Some app local + 1 @@ -2081,6 +2083,7 @@ 192.168.20.161 Some app local + 1 @@ -2091,6 +2094,7 @@ 192.168.20.161 Some app local + @@ -2117,6 +2121,7 @@ + 03031aec-2e84-462e-9eab-57762dde667a,98e6ca3d-1de9-449b-be80-77022221b509,67c0ace5-e802-4d2b-a536-f8b7a2db6f99,74b60fff-7844-4097-9966-f1c2b1ad29ff,3de82ad5-bc1b-4b91-9598-f906e58ac937,a95e6b5e-24a4-40b5-bb41-b79e784f6f1c,6c9a12c6-c1ca-4c14-866b-975406a30590,c33b308b-7125-4688-9561-989ace8787b5,e43f004a-23bf-4027-8fb0-953fbb40479f diff --git a/opnsense-config/src/tests/data/config-full-25.7-dnsmasq-options.xml b/opnsense-config/src/tests/data/config-full-25.7-dnsmasq-options.xml index 879d8d6..d2303a9 100644 --- a/opnsense-config/src/tests/data/config-full-25.7-dnsmasq-options.xml +++ b/opnsense-config/src/tests/data/config-full-25.7-dnsmasq-options.xml @@ -614,6 +614,7 @@ transparent 0 + 0 diff --git a/opnsense-config/src/tests/data/config-full-25.7-dummy-dnsmasq-options.xml b/opnsense-config/src/tests/data/config-full-25.7-dummy-dnsmasq-options.xml index 5e22137..f7d7739 100644 --- a/opnsense-config/src/tests/data/config-full-25.7-dummy-dnsmasq-options.xml +++ b/opnsense-config/src/tests/data/config-full-25.7-dummy-dnsmasq-options.xml @@ -750,6 +750,7 @@ transparent 0 + 0 diff --git a/opnsense-config/src/tests/data/config-full-25.7.xml b/opnsense-config/src/tests/data/config-full-25.7.xml index 1cd4909..eccdee3 100644 --- a/opnsense-config/src/tests/data/config-full-25.7.xml +++ b/opnsense-config/src/tests/data/config-full-25.7.xml @@ -709,6 +709,7 @@ transparent 0 + 0 diff --git a/opnsense-config/src/tests/data/config-full-ncd0.xml b/opnsense-config/src/tests/data/config-full-ncd0.xml index 9243cf2..6cb6186 100644 --- a/opnsense-config/src/tests/data/config-full-ncd0.xml +++ b/opnsense-config/src/tests/data/config-full-ncd0.xml @@ -951,6 +951,7 @@ transparent + 0 diff --git a/opnsense-config/src/tests/data/config-opnsense-25.1.xml b/opnsense-config/src/tests/data/config-opnsense-25.1.xml index c6bc1a8..0c9a6f1 100644 --- a/opnsense-config/src/tests/data/config-opnsense-25.1.xml +++ b/opnsense-config/src/tests/data/config-opnsense-25.1.xml @@ -808,6 +808,7 @@ transparent + diff --git a/opnsense-config/src/tests/data/config-structure-with-dhcp-staticmap-entry.xml b/opnsense-config/src/tests/data/config-structure-with-dhcp-staticmap-entry.xml index f41b055..2266fb0 100644 --- a/opnsense-config/src/tests/data/config-structure-with-dhcp-staticmap-entry.xml +++ b/opnsense-config/src/tests/data/config-structure-with-dhcp-staticmap-entry.xml @@ -726,6 +726,7 @@ transparent + 0 @@ -793,6 +794,7 @@ 192.168.20.161 Some app local + 1 @@ -803,6 +805,7 @@ 192.168.20.161 Some app local + 1 @@ -813,6 +816,7 @@ 192.168.20.161 Some app local + @@ -838,6 +842,7 @@ 03031aec-2e84-462e-9eab-57762dde667a,98e6ca3d-1de9-449b-be80-77022221b509,67c0ace5-e802-4d2b-a536-f8b7a2db6f99,74b60fff-7844-4097-9966-f1c2b1ad29ff,3de82ad5-bc1b-4b91-9598-f906e58ac937,a95e6b5e-24a4-40b5-bb41-b79e784f6f1c,6c9a12c6-c1ca-4c14-866b-975406a30590,c33b308b-7125-4688-9561-989ace8787b5,e43f004a-23bf-4027-8fb0-953fbb40479f + diff --git a/opnsense-config/src/tests/data/config-structure.xml b/opnsense-config/src/tests/data/config-structure.xml index 32c9317..ae26f76 100644 --- a/opnsense-config/src/tests/data/config-structure.xml +++ b/opnsense-config/src/tests/data/config-structure.xml @@ -718,6 +718,7 @@ transparent + 0 @@ -785,6 +786,7 @@ 192.168.20.161 Some app local + 1 @@ -795,6 +797,7 @@ 192.168.20.161 Some app local + 1 @@ -805,6 +808,7 @@ 192.168.20.161 Some app local + @@ -832,6 +836,7 @@ 03031aec-2e84-462e-9eab-57762dde667a,98e6ca3d-1de9-449b-be80-77022221b509,67c0ace5-e802-4d2b-a536-f8b7a2db6f99,74b60fff-7844-4097-9966-f1c2b1ad29ff,3de82ad5-bc1b-4b91-9598-f906e58ac937,a95e6b5e-24a4-40b5-bb41-b79e784f6f1c,6c9a12c6-c1ca-4c14-866b-975406a30590,c33b308b-7125-4688-9561-989ace8787b5,e43f004a-23bf-4027-8fb0-953fbb40479f + diff --git a/opnsense-config/src/tests/data/config-vm-test.xml b/opnsense-config/src/tests/data/config-vm-test.xml index 1d176b4..06429df 100644 --- a/opnsense-config/src/tests/data/config-vm-test.xml +++ b/opnsense-config/src/tests/data/config-vm-test.xml @@ -869,6 +869,7 @@ transparent + diff --git a/opnsense-config/src/tests/data/config-vm-test_cheat_descr.xml b/opnsense-config/src/tests/data/config-vm-test_cheat_descr.xml index 4f1442a..a38a712 100644 --- a/opnsense-config/src/tests/data/config-vm-test_cheat_descr.xml +++ b/opnsense-config/src/tests/data/config-vm-test_cheat_descr.xml @@ -862,6 +862,7 @@ transparent + diff --git a/opnsense-config/src/tests/data/config-vm-test_linted.xml b/opnsense-config/src/tests/data/config-vm-test_linted.xml index 1d176b4..06429df 100644 --- a/opnsense-config/src/tests/data/config-vm-test_linted.xml +++ b/opnsense-config/src/tests/data/config-vm-test_linted.xml @@ -869,6 +869,7 @@ transparent +