chore(ha cluster): minor refactoring and fixes in okd hacluster

Cargo.lock

@@ -1754,6 +1754,24 @@ dependencies = [
  "url",
 ]
 
+[[package]]
+name = "example-ha-cluster"
+version = "0.1.0"
+dependencies = [
+ "brocade",
+ "cidr",
+ "env_logger",
+ "harmony",
+ "harmony_macros",
+ "harmony_secret",
+ "harmony_tui",
+ "harmony_types",
+ "log",
+ "serde",
+ "tokio",
+ "url",
+]
+
 [[package]]
 name = "example-kube-rs"
 version = "0.1.0"
@@ -1942,9 +1960,9 @@ dependencies = [
  "cidr",
  "env_logger",
  "harmony",
+ "harmony_cli",
  "harmony_macros",
  "harmony_secret",
- "harmony_tui",
  "harmony_types",
  "log",
  "serde",

examples/cert_manager/Cargo.toml

@@ -1,19 +0,0 @@
-[package]
-name = "cert_manager"
-edition = "2024"
-version.workspace = true
-readme.workspace = true
-license.workspace = true
-publish = false
-
-[dependencies]
-harmony = { path = "../../harmony" }
-harmony_cli = { path = "../../harmony_cli" }
-harmony_types = { path = "../../harmony_types" }
-cidr = { workspace = true }
-tokio = { workspace = true }
-harmony_macros = { path = "../../harmony_macros" }
-log = { workspace = true }
-env_logger = { workspace = true }
-url = { workspace = true }
-assert_cmd = "2.0.16"

examples/cert_manager/src/main.rs

@@ -1,26 +0,0 @@
-use harmony::{
-    inventory::Inventory,
-    modules::{
-        cert_manager::{
-            capability::CertificateManagementConfig, score_k8s::CertificateManagementScore,
-        },
-        postgresql::{PostgreSQLScore, capability::PostgreSQLConfig},
-    },
-    topology::K8sAnywhereTopology,
-};
-
-#[tokio::main]
-async fn main() {
-    let cert_manager = CertificateManagementScore {
-        config: CertificateManagementConfig {},
-    };
-
-    harmony_cli::run(
-        Inventory::autoload(),
-        K8sAnywhereTopology::from_env(),
-        vec![Box::new(cert_manager)],
-        None,
-    )
-    .await
-    .unwrap();
-}

examples/nanodc/src/main.rs

@@ -3,13 +3,12 @@ use std::{
     sync::{Arc, OnceLock},
 };
 
-use brocade::BrocadeOptions;
 use cidr::Ipv4Cidr;
 use harmony::{
     config::secret::SshKeyPair,
     data::{FileContent, FilePath},
     hardware::{HostCategory, Location, PhysicalHost, SwitchGroup},
-    infra::{brocade::BrocadeSwitchClient, opnsense::OPNSenseManagementInterface},
+    infra::{brocade::UnmanagedSwitch, opnsense::OPNSenseManagementInterface},
     inventory::Inventory,
     modules::{
         http::StaticFilesHttpScore,
@@ -23,10 +22,11 @@ use harmony::{
     topology::{LogicalHost, UnmanagedRouter},
 };
 use harmony_macros::{ip, mac_address};
-use harmony_secret::{Secret, SecretManager};
+use harmony_secret::SecretManager;
 use harmony_types::net::Url;
-use serde::{Deserialize, Serialize};
 
+/// This example can be run this way
+/// KUBECONFIG=~/path/to/ncd/kubeconfig HARMONY_USE_LOCAL_K3D=false HARMONY_SECRET_STORE=file HARMONY_SECRET_NAMESPACE=ncd0 cargo run
 #[tokio::main]
 async fn main() {
     let firewall = harmony::topology::LogicalHost {
@@ -34,24 +34,7 @@ async fn main() {
         name: String::from("fw0"),
     };
 
-    let switch_auth = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
+    let switch_client = UnmanagedSwitch {};
-        .await
-        .expect("Failed to get credentials");
-
-    let switches: Vec<IpAddr> = vec![ip!("192.168.33.101")];
-    let brocade_options = BrocadeOptions {
-        dry_run: *harmony::config::DRY_RUN,
-        ..Default::default()
-    };
-    let switch_client = BrocadeSwitchClient::init(
-        &switches,
-        &switch_auth.username,
-        &switch_auth.password,
-        brocade_options,
-    )
-    .await
-    .expect("Failed to connect to switch");
-
     let switch_client = Arc::new(switch_client);
 
     let opnsense = Arc::new(
@@ -191,9 +174,3 @@ async fn main() {
     .await
     .unwrap();
 }
-
-#[derive(Secret, Serialize, Deserialize, Debug)]
-pub struct BrocadeSwitchAuth {
-    pub username: String,
-    pub password: String,
-}

harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs

@@ -17,10 +17,6 @@ use crate::{
     interpret::InterpretStatus,
     inventory::Inventory,
     modules::{
-        cert_manager::{
-            capability::{CertificateManagement, CertificateManagementConfig},
-            operator::CertManagerOperatorScore,
-        },
         k3d::K3DInstallationScore,
         k8s::ingress::{K8sIngressScore, PathType},
         monitoring::{
@@ -363,27 +359,6 @@ impl Serialize for K8sAnywhereTopology {
     }
 }
 
-#[async_trait]
-impl CertificateManagement for K8sAnywhereTopology {
-    async fn install(
-        &self,
-        config: &CertificateManagementConfig,
-    ) -> Result<PreparationOutcome, PreparationError> {
-        let cert_management_operator = CertManagerOperatorScore::default();
-
-        cert_management_operator
-            .interpret(&Inventory::empty(), self)
-            .await
-            .map_err(|e| PreparationError { msg: e.to_string() })?;
-        Ok(PreparationOutcome::Success {
-            details: format!(
-                "Installed cert-manager into ns: {}",
-                cert_management_operator.namespace
-            ),
-        })
-    }
-}
-
 impl K8sAnywhereTopology {
     pub fn from_env() -> Self {
         Self {

harmony/src/modules/cert_manager/capability.rs

@@ -1,18 +0,0 @@
-use async_trait::async_trait;
-use serde::Serialize;
-
-use crate::{
-    interpret::Outcome,
-    topology::{PreparationError, PreparationOutcome},
-};
-
-#[async_trait]
-pub trait CertificateManagement: Send + Sync {
-    async fn install(
-        &self,
-        config: &CertificateManagementConfig,
-    ) -> Result<PreparationOutcome, PreparationError>;
-}
-
-#[derive(Debug, Clone, Serialize)]
-pub struct CertificateManagementConfig {}

harmony/src/modules/cert_manager/mod.rs

@@ -1,6 +1,3 @@
-pub mod capability;
 pub mod cluster_issuer;
 mod helm;
-pub mod operator;
-pub mod score_k8s;
 pub use helm::*;

harmony/src/modules/cert_manager/operator.rs

@@ -1,64 +0,0 @@
-use kube::api::ObjectMeta;
-use serde::Serialize;
-
-use crate::{
-    interpret::Interpret,
-    modules::k8s::{
-        apps::crd::{Subscription, SubscriptionSpec},
-        resource::K8sResourceScore,
-    },
-    score::Score,
-    topology::{K8sclient, Topology, k8s::K8sClient},
-};
-
-/// Install the Cert-Manager Operator via RedHat Community Operators registry.redhat.io/redhat/community-operator-index:v4.19
-/// This Score creates a Subscription CR in the specified namespace
-
-#[derive(Debug, Clone, Serialize)]
-pub struct CertManagerOperatorScore {
-    pub namespace: String,
-    pub channel: String,
-    pub install_plan_approval: String,
-    pub source: String,
-    pub source_namespace: String,
-}
-
-impl Default for CertManagerOperatorScore {
-    fn default() -> Self {
-        Self {
-            namespace: "openshift-operators".to_string(),
-            channel: "stable".to_string(),
-            install_plan_approval: "Automatic".to_string(),
-            source: "community-operators".to_string(),
-            source_namespace: "openshift-marketplace".to_string(),
-        }
-    }
-}
-
-impl<T: Topology + K8sclient> Score<T> for CertManagerOperatorScore {
-    fn name(&self) -> String {
-        "CertManagerOperatorScore".to_string()
-    }
-
-    fn create_interpret(&self) -> Box<dyn Interpret<T>> {
-        let metadata = ObjectMeta {
-            name: Some("cert-manager".to_string()),
-            namespace: Some(self.namespace.clone()),
-            ..ObjectMeta::default()
-        };
-
-        let spec = SubscriptionSpec {
-            channel: Some(self.channel.clone()),
-            config: None,
-            install_plan_approval: Some(self.install_plan_approval.clone()),
-            name: "cert-manager".to_string(),
-            source: self.source.clone(),
-            source_namespace: self.source_namespace.clone(),
-            starting_csv: None,
-        };
-
-        let subscription = Subscription { metadata, spec };
-
-        K8sResourceScore::single(subscription, Some(self.namespace.clone())).create_interpret()
-    }
-}

harmony/src/modules/cert_manager/score_k8s.rs

@@ -1,66 +0,0 @@
-use async_trait::async_trait;
-use harmony_types::id::Id;
-use serde::Serialize;
-
-use crate::{
-    data::Version,
-    interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome},
-    inventory::Inventory,
-    modules::cert_manager::capability::{CertificateManagement, CertificateManagementConfig},
-    score::Score,
-    topology::Topology,
-};
-
-#[derive(Debug, Clone, Serialize)]
-pub struct CertificateManagementScore {
-    pub config: CertificateManagementConfig,
-}
-
-impl<T: Topology + CertificateManagement> Score<T> for CertificateManagementScore {
-    fn name(&self) -> String {
-        "CertificateManagementScore".to_string()
-    }
-
-    fn create_interpret(&self) -> Box<dyn Interpret<T>> {
-        Box::new(CertificateManagementInterpret {
-            config: self.config.clone(),
-        })
-    }
-}
-
-#[derive(Debug)]
-struct CertificateManagementInterpret {
-    config: CertificateManagementConfig,
-}
-
-#[async_trait]
-impl<T: Topology + CertificateManagement> Interpret<T> for CertificateManagementInterpret {
-    async fn execute(
-        &self,
-        inventory: &Inventory,
-        topology: &T,
-    ) -> Result<Outcome, InterpretError> {
-        let cert_management = topology
-            .install(&self.config)
-            .await
-            .map_err(|e| InterpretError::new(e.to_string()))?;
-
-        Ok(Outcome::success(format!("Installed CertificateManagement")))
-    }
-
-    fn get_name(&self) -> InterpretName {
-        InterpretName::Custom("CertificateManagementInterpret")
-    }
-
-    fn get_version(&self) -> Version {
-        todo!()
-    }
-
-    fn get_status(&self) -> InterpretStatus {
-        todo!()
-    }
-
-    fn get_children(&self) -> Vec<Id> {
-        todo!()
-    }
-}

harmony/src/modules/okd/bootstrap_01_prepare.rs

@@ -21,7 +21,9 @@ use serde::Serialize;
 // -------------------------------------------------------------------------------------------------
 
 #[derive(Debug, Clone, Serialize, new)]
-pub struct OKDSetup01InventoryScore {}
+pub struct OKDSetup01InventoryScore {
+    discovery_strategy: HarmonyDiscoveryStrategy,
+}
 
 impl Score<HAClusterTopology> for OKDSetup01InventoryScore {
     fn create_interpret(&self) -> Box<dyn Interpret<HAClusterTopology>> {
@@ -77,6 +79,8 @@ impl Interpret<HAClusterTopology> for OKDSetup01InventoryInterpret {
         info!("Setting up base DNS config for OKD");
         let cluster_domain = &topology.domain_name;
         let load_balancer_ip = &topology.load_balancer.get_ip();
+        // TODO reactivate automatic dns config when migration from unbound to dnsmasq is done
+        // For now we output the instruction for the user to do it manually
         inquire::Confirm::new(&format!(
             "Set hostnames manually in your opnsense dnsmasq config :
 *.apps.{cluster_domain} -> {load_balancer_ip}
@@ -88,7 +92,6 @@ When you can dig them, confirm to continue.
         ))
         .prompt()
         .expect("Prompt error");
-        // TODO reactivate automatic dns config when migration from unbound to dnsmasq is done
         // OKDDnsScore::new(topology)
         //     .interpret(inventory, topology)
         //     .await?;
@@ -105,7 +108,7 @@ When you can dig them, confirm to continue.
             DiscoverHostForRoleScore {
                 role: HostRole::Bootstrap,
                 number_desired_hosts: 1,
-                discovery_strategy: HarmonyDiscoveryStrategy::MDNS,
+                discovery_strategy: self.score.discovery_strategy.clone(),
             }
             .interpret(inventory, topology)
             .await?;

harmony/src/modules/okd/bootstrap_02_bootstrap.rs

@@ -76,6 +76,8 @@ impl OKDSetup02BootstrapInterpret {
         }
     }
 
+    /// Runs the openshift-install commands locally to prepare ignition files
+    /// Uploads the ignition files to the statis http server
     async fn prepare_ignition_files(
         &self,
         inventory: &Inventory,

harmony/src/modules/okd/installation.rs

@@ -67,7 +67,7 @@ impl OKDInstallationPipeline {
         discovery_strategy: HarmonyDiscoveryStrategy,
     ) -> Vec<Box<dyn Score<HAClusterTopology>>> {
         vec![
-            Box::new(OKDSetup01InventoryScore::new()),
+            Box::new(OKDSetup01InventoryScore::new(discovery_strategy.clone())),
             Box::new(OKDSetup02BootstrapScore::new()),
             Box::new(OKDSetup03ControlPlaneScore {
                 discovery_strategy: discovery_strategy.clone(),