OSDOCS#9001: Adding vSphere credentials to Agent

[skopacz1]

OSDOCS-9001

Versions: 4.15+

This PR adds existing vSphere credential parameters for the install-config that are now available for the Agent-based Installer

QE review:

• QE has approved this change.

Preview:

• vSphere parameters on the Agent page
• Creating the preferred configuration inputs (Additional resources section at end of procedure)
• vSphere parameters on the vSphere page (should be unchanged)

Existing docs:

• Agent config parameters
• vSphere config parameters

[openshift-ci-robot]

@skopacz1: This pull request references OSDOCS-9001 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.16.0" version, but no target version was set.

In response to this:

OSDOCS-9001

Versions: 4.15+

This PR adds existing vSphere credential parameters for the install-config that are now available for the Agent-based Installer

QE review:

• QE has approved this change.

Preview:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[ocpdocs-previewbot]

🤖 Thu Feb 15 17:16:45 - Prow CI generated the docs preview: https://70551--ocpdocs-pr.netlify.app

[openshift-ci-robot]

@skopacz1: No Jira issue is referenced in the title of this pull request.
To reference a jira issue, add 'XYZ-NNN:' to the title of this pull request and request another refresh with /jira refresh.

In response to this:

OSDOCS-9001

Versions: 4.15+

This PR adds existing vSphere credential parameters for the install-config that are now available for the Agent-based Installer

QE review:

• QE has approved this change.

Preview:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[skopacz1]

I used the following logic to selectively include existing vSphere config parameters in the Agent docs:

• The entire vSphere section, which previously was included only in the vSphere configuration page, has been modified to be included in both the vSphere and Agent configuration pages
• Within that section of vSphere content, I used vSphere-only conditionals to exclude parameters that only belong in the vSphere page and not the Agent page.
• Within that section of vSphere content, I used Agent-only conditionals to exclude parameters that only belong in the Agent page and cannot yet be put in the vSphere page (due to time constraints for reviewing before the 4.15 GA deadline).

[rwsu]

Hi @skopacz1. I think the existing vsphere config parameters are missing details. Under platform.vsphere.vcenters, there are additional parameters like server, user, password, port, and datacenters. Under platform.vsphere.failureDomains.topology, there are additional parameters like computeCluster, datacenter, datastore, resourcePool, and folder that should be described in greater detail.

Screenshot from this page: https://docs.openshift.com/container-platform/4.14/installing/installing_vsphere/installing-vsphere.html#installation-vsphere-config-yaml_installing-vsphere

[rvanderp3]

each vCenter is a separate entry in the vcenters slice. this allows multiple vCenters to be defined potentially(though its not supported at the moment).

Suggested change

	password:
	- password: <pw>
	port: 443
	server: <vcenter fqdn>

[skopacz1]

That makes total sense. Each param is depicted this way because the install writers changed the old config format in the reference tables (e.g. platform.vsphere.vcenters.password) to this newer one that saves horizontal space. We're relying on the description/values column to convey things like what's optional and what needs to go together as a set.

For example, for the compute section of the install-config, instead of documenting architecture, name, platform, etc like this, we rely on the value field of compute.architecture to describe the structure: "Array of MachinePool objects"

[rvanderp3]

see https://docs.openshift.com/container-platform/4.14/installing/installing_vsphere/installing-vsphere-installer-provisioned-customizations.html#configuring-vsphere-regions-zones_installing-vsphere-installer-provisioned-customizations for the schema to use for these fields.

[rwsu]

/lgtm

[skopacz1]

@mhanss could you PTAL when you have a chance?

[mhanss]

I think it should be 'failure domain name' instead of 'vCenter server'.

[mhanss]

For agent-based installations, users must specify the resource pool where the VMs are created because the installer does not create the VMs in this scenario.

[skopacz1]

If I'm interpreting this correctly, I'll get rid of the last line about "not specifying a value". I'm assuming it's still technically an Optional parameter for ABI, but let me know if that's not the case.

[mhanss]

For agent-based installations, users must specify the folder where the VMs are created because the installer does not create the VMs in this scenario.

[skopacz1]

If I'm interpreting this right, I'll get rid of line 2726 about "not providing the value". I'm assuming the line below it can stay and that this parameter is still Optional for ABI, but let me know if that's not the case.

[openshift-ci]

New changes are detected. LGTM label has been removed.

[mhanss]

In case of ABI, the user creates the machines, not the installer program.

Suggested change

	|Optional. The absolute path of an existing resource pool where the installation program creates the virtual machines, for example, `/<datacenter_name>/host/<cluster_name>/Resources/<resource_pool_name>/<optional_nested_resource_pool_name>`.
	|Optional. The absolute path of an existing resource pool where the user has created the virtual machines, for example, `/<datacenter_name>/host/<cluster_name>/Resources/<resource_pool_name>/<optional_nested_resource_pool_name>`.

[mhanss]

In case of ABI, the user creates the machines, not the installer program. Also, I am unable to create an ISO without providing the folder, so it is a required field. Since it is a required field for ABI, we also need to modify this line "you can omit the folder parameter from the install-config.yaml file."
cc: @rwsu

[skopacz1]

Sounds good, I modified the first line to say "folder where the user has created the virtual machines".

Since the last sentence is based on omitting a required parameter, which we can't do, should I get rid of the sentence entirely, or is there a different way to perform the functionality described there?

[skopacz1]

Per conversation on Slack, I'll remove that last sentence entirely and double check with Richard once it's removed.

[rwsu]

Manoj is correct. folder is not optional and is a required parameter. I think line 2729 should be commented out.

[michaelryanpeter]

I left a couple of things to consider. Please reach out if you want to discuss anything. Great work!

/label peer-review-done
/remove-label peer-review-needed
/remove-label peer-review-in-progress

[michaelryanpeter]

See the ISG re: optional vs. conditional.

So, I wonder if the following would be more accurate:

Suggested change

	| Describes your account on the cloud platform that hosts your cluster. You can use the parameter to customize the platform. When providing additional configuration settings for compute and control plane machines in the machine pool, the parameter is optional. You can only specify one vCenter server for your {product-title} cluster.
	| Describes your account on the cloud platform that hosts your cluster. You can use the parameter to customize the platform. If you provide additional configuration settings for compute and control plane machines in the machine pool, the parameter is not required. You can only specify one vCenter server for your {product-title} cluster.

[michaelryanpeter]

Suggested change

	|Optional. The absolute path of an existing resource pool where the user creates the virtual machines, for example, `/<datacenter_name>/host/<cluster_name>/Resources/<resource_pool_name>/<optional_nested_resource_pool_name>`.
	|Optional: The absolute path of an existing resource pool where the user creates the virtual machines, for example, `/<datacenter_name>/host/<cluster_name>/Resources/<resource_pool_name>/<optional_nested_resource_pool_name>`.

[michaelryanpeter]

Suggested change

	Currently only a single vCenter is supported.
	Currently, only a single vCenter is supported.

[michaelryanpeter]

Suggested change

	|Configures the connection details for services to communicate with vCenter.
	|Configures the connection details for services that communicate with vCenter.

Just a nit, and I am not sure I am right. to just feels off to my ear, but maybe that changes the meaning too much. Feel free to ignore if this isn't helpful.

[michaelryanpeter]

Maybe "Configures the connection details so that services can communicate with vCenter"?

[skopacz1]

I think either of your suggestions work, although I'm not familiar enough with the content to know if the first one is still totally accurate. I think I prefer your second suggestion and will go with that one.

[openshift-ci]

@skopacz1: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[skopacz1]

/label merge-review-needed

[JoeAldinger]

One quick question just to make sure things are good.

[JoeAldinger]

I'm not sure I understand why you opened this ifdef here and then also on line 2616. I think my question is do you need line 2616? Just checking/learning: is it because you close this opening one down on line 2958?

[skopacz1]

So technically this ifdef and the one on line 2616 are different because they check for slightly different conditions. This ifdef, which is closed on line 2958, basically says "Rule # 1: all of the content within these lines can be included if agent OR vsphere is true, unless there's an exception".

The ifdef on line 2616 (which closes on line 2622) is basically treated like an exception to that agent OR vsphere condition, because it ONLY includes content for agent. It's basically saying "here's an exception to rule # 1, the content from lines 2616 to 2622 can be included ONLY if agent is true, but can't be included in vsphere". Let me know if that makes sense, or if you'd like me to explain further.

TLDR the ifdef on line 2606 makes a general rule and the ifdefs like the ones on lines 2616 and 2623 make exceptions to that rule in order to be more specific

[JoeAldinger]

I'm picking it up now. There just may be hope for me yet 😄 . Merging

[JoeAldinger]

/cherrypick enterprise-4.15

[openshift-cherrypick-robot]

@JoeAldinger: new pull request created: #71709

In response to this:

/cherrypick enterprise-4.15

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.