kcli 99.0.202507120954__py3-none-any.whl → 99.0.202601080644__py3-none-any.whl

kvirt/cluster/hypershift/__init__.py

@@ -68,7 +68,7 @@ def get_info(url, user, password):
         model = 'virtual'
         user = user or 'fake'
         password = password or 'fake'
-        url = url.replace('http', 'redfish-virtualmedia+http')
+        url = url.replace('https', 'redfish-virtualmedia')
         return url, user, password
     oem_url = f"https://{url}" if '://' not in url else url
     p = urlparse(oem_url)
@@ -190,26 +190,18 @@ def process_nodepools(config, plandir, namespace, cluster, platform, nodepools,
         return
     for entry in nodepools:
         nodepool = entry['name']
+        note = r"{.metadata.annotations.hypershift\.openshift\.io/nodePoolCurrentConfigVersion}"
+        cmd = f"until oc get nodepool ci-hypershift -n clusters -o jsonpath='{note}' | grep -q . ; do sleep 2; done"
+        call(cmd, shell=True)
+        cmd = f"oc get nodepool ci-hypershift -n clusters -o jsonpath='{note}'"
+        version = os.popen(cmd).read()
         pprint(f"Waiting before ignition data for nodepool {nodepool} is available")
-        user_data = f"user-data-{cluster}"
-        cmd = f"until oc -n {namespace}-{cluster} get secret | grep {user_data} >/dev/null 2>&1 ; do sleep 1 ; done"
+        cmd = f"until oc -n {namespace}-{cluster} get secret user-data-{cluster}-{version} ; do sleep 2 ; done"
         call(cmd, shell=True)
-        ignition_data = {'namespace': namespace, 'cluster': cluster, 'nodepool': nodepool}
-        ignitionscript = config.process_inputfile(cluster, f"{plandir}/ignition.sh", overrides=ignition_data)
-        with open(f"{clusterdir}/ignition_{nodepool}.sh", 'w') as f:
-            f.write(ignitionscript)
-        ignition_worker = f"{clusterdir}/nodepool_{nodepool}.ign"
-        timeout = 0
-        while True:
-            if os.path.exists(ignition_worker):
-                break
-            else:
-                sleep(30)
-                timeout += 30
-                if timeout > 300:
-                    msg = "Timeout trying to retrieve worker ignition"
-                    return {'result': 'failure', 'reason': msg}
-            call(f'bash {clusterdir}/ignition_{nodepool}.sh', shell=True)
+        cmd = f"oc extract -n {namespace}-{cluster} secret/user-data-{cluster}-{version} --keys=value --to=-"
+        ignition = os.popen(cmd).read()
+        with open(f"{clusterdir}/nodepool_{nodepool}.ign", 'w') as f:
+            f.write(ignition)
 
 
 def scale(config, plandir, cluster, overrides):
@@ -286,7 +278,7 @@ def scale(config, plandir, cluster, overrides):
     new_baremetal_hosts = overrides.get('baremetal_hosts', [])
     if assisted:
         ksushy_ip = data['assisted_vms_ksushy_ip']
-        ksushy_url = f'http://{ksushy_ip}:9000/redfish/v1/Systems/{config.client}'
+        ksushy_url = f'https://{ksushy_ip}:9000/redfish/v1/Systems/{config.client}'
         old_physical_baremetal_hosts = [h for h in old_baremetal_hosts if ksushy_ip not in h['url']]
         assisted_vms_number = workers - len(old_physical_baremetal_hosts + new_baremetal_hosts)
         if assisted_vms_number > 0:
@@ -388,8 +380,8 @@ def create(config, plandir, cluster, overrides):
         version = 'stable'
     coredns = data.get('coredns')
     tag = data.get('tag')
-    if str(tag) == '4.1':
-        tag = '4.10'
+    if isinstance(tag, float) and str(tag).count('.') == 1 and len(str(tag).split('.')[1]) == 1:
+        tag = f'{tag}0'
         data['tag'] = tag
     pull_secret = os.path.expanduser(pwd_path(data.get('pull_secret')))
     if not os.path.exists(pull_secret):
@@ -787,7 +779,7 @@ def create(config, plandir, cluster, overrides):
                 return result
             vms = result['newvms']
             ksushy_ip = data['assisted_vms_ksushy_ip']
-            ksushy_url = f'http://{ksushy_ip}:9000/redfish/v1/Systems/{config.client}'
+            ksushy_url = f'https://{ksushy_ip}:9000/redfish/v1/Systems/{config.client}'
             virtual_hosts = []
             for vm in vms:
                 new_mac = config.k.info(vm)['nets'][0]['mac']

kvirt/cluster/kubeadm/__init__.py

@@ -204,7 +204,7 @@ def create(config, plandir, cluster, overrides):
         engine_version = data['engine_version'] or kube_version
         if not engine_version.startswith('v'):
             engine_version = f'v{engine_version}'
-        engine_url = f"https://pkgs.k8s.io/addons:/cri-o:/stable:/{engine_version}/rpm/repodata/repomd.xml"
+        engine_url = f"https://download.opensuse.org/repositories/isv:/cri-o:/stable:/{engine_version}/rpm/repodata/repomd.xml"
         try:
             urlopen(engine_url)
         except:

kvirt/cluster/kubeadm/crio-d.sh

@@ -4,18 +4,18 @@ VERSION=$(echo "v${VERSION#v}" | cut -d. -f1,2)
 
 {% if ubuntu|default(False) %}
 PROJECT_PATH={{ engine_version or 'stable:/$VERSION' }}
-curl -fsSL https://pkgs.k8s.io/addons:/cri-o:/$PROJECT_PATH/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/cri-o-apt-keyring.gpg
-echo "deb [signed-by=/etc/apt/keyrings/cri-o-apt-keyring.gpg] https://pkgs.k8s.io/addons:/cri-o:/$PROJECT_PATH/deb/ /" > /etc/apt/sources.list.d/cri-o.list
+curl -fsSL https://download.opensuse.org/repositories/isv:/cri-o:/$PROJECT_PATH/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/cri-o-apt-keyring.gpg
+echo "deb [signed-by=/etc/apt/keyrings/cri-o-apt-keyring.gpg] https://download.opensuse.org/repositories/isv:/cri-o:/$PROJECT_PATH/deb/ /" > /etc/apt/sources.list.d/cri-o.list
 apt-get update
 apt-get -y install cri-o runc software-properties-common
 {% else %}
 PROJECT_PATH={{ engine_version or 'stable:/$VERSION' }}
 echo """[cri-o]
 name=CRI-O
-baseurl=https://pkgs.k8s.io/addons:/cri-o:/$PROJECT_PATH/rpm
+baseurl=https://download.opensuse.org/repositories/isv:/cri-o:/$PROJECT_PATH/rpm
 enabled=1
 gpgcheck=1
-gpgkey=https://pkgs.k8s.io/addons:/cri-o:/$PROJECT_PATH/rpm/repodata/repomd.xml.key""" >/etc/yum.repos.d/cri-o.repo
+gpgkey=https://download.opensuse.org/repositories/isv:/cri-o:/$PROJECT_PATH/rpm/repodata/repomd.xml.key""" >/etc/yum.repos.d/cri-o.repo
 dnf -y install container-selinux cri-o conntrack
 {% endif %}
 

kvirt/cluster/kubeadm/keepalived.sh

@@ -2,7 +2,7 @@ PKGMGR="{{ 'apt-get' if ubuntu else 'dnf' }}"
 $PKGMGR -y install keepalived
 NETMASK=$(ip -o -f inet addr show | awk '/scope global/ {print $4}' | head -1 | cut -d'/' -f2)
 sed -i "s/NETMASK/$NETMASK/" /root/keepalived.conf
-NIC=$(find /sys/class/net -type l -not -lname '*virtual*' -printf '%f\n' | head -1)
+NIC=$(awk '/default/ {for(i=1;i<=NF;i++) if($i=="dev") {print $(i+1); exit}}' <(ip route show default; ip -6 route show default))
 sed -i "s/NIC/$NIC/" /root/keepalived.conf
 cp /root/keepalived.conf /etc/keepalived
 systemctl enable --now keepalived

kvirt/cluster/microshift/kcli_default.yml

@@ -5,7 +5,7 @@ info: |
 cluster: mymicroshift
 domain: karmalabs.corp
 version: stable
-tag: '4.16'
+tag: '4.20'
 image: rhel9
 network: default
 memory: 4096

kvirt/cluster/microshift/scripts/01_clients.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-MAJOR={{ 8 if 'rhel8' in image else 9 }}
+MAJOR=$(awk '{print $6}' /etc/redhat-release | cut -d'.' -f1)
 {% set tag_str = tag|string %}
 
 {% if version in ['candidate', 'nightly'] %}

kvirt/cluster/openshift/99-kcli-forcedns

@@ -1,21 +1,18 @@
 #!/bin/bash
 
-which crictl >/dev/null 2>&1
+CLUSTER={{ cluster }}
+DOMAIN={{ domain }}
+
+[ "$(hostname -s)" == "{{ cluster }}-bootstrap" ] || which crictl >/dev/null 2>&1
 if [ "$?" != "0" ] ; then
   exit 0
 fi
 
-if [ "$2" = "dhcp4-change" ] || [ "$2" = "dhcp6-change" ] || [ "$2" = "up" ] || [ "$2" = "connectivity-change" ]; then
+if [ "$(grep '# kcli' /etc/resolv.conf)" == "" ] ; then
   sleep 2
   NIC={{ "$(ip -6 r | grep -v lo | head -1 | grep -oP '(?<=dev )[^ ]*')" if ipv6 else "$(ip r | grep default | head -1 | grep -oP '(?<=dev )[^ ]*')" }}
   IP={{ "$(ip -o -f inet6 addr show $NIC | head -1 | grep -oP '(?<=inet6 )[^ ]*' | cut -d '/' -f 1)" if ipv6 else "$(ip -o -f inet addr show $NIC | head -1 | grep -oP '(?<=inet )[^ ]*' | cut -d '/' -f 1)" }}
-  if [ "$IP" != "" ] ; then
-    grep -q $IP /etc/resolv.conf
-    if [ "$?" != "0" ] ; then
-      sed -i 's/{{ cluster }}.{{ domain }}//' /etc/resolv.conf
-      sed -i 's/search /search {{ cluster }}.{{ domain }} /' /etc/resolv.conf
-      sed -i "/nameserver.* #coredns/d" /etc/resolv.conf
-      sed -i "0,/nameserver/s/nameserver/nameserver $IP #coredns\n&/" /etc/resolv.conf
-    fi
-  fi
+  sed -i "s/$CLUSTER.$DOMAIN//" /etc/resolv.conf
+  sed -i "s/search /search $CLUSTER.$DOMAIN /" /etc/resolv.conf
+  sed -i "0,/nameserver/s/nameserver/nameserver $IP # kcli\n&/" /etc/resolv.conf
 fi

kvirt/cluster/openshift/__init__.py

@@ -11,6 +11,7 @@ from kvirt.common import ssh, scp, _ssh_credentials, get_ssh_pub_key
 from kvirt.common import start_baremetal_hosts_with_iso, update_baremetal_hosts, get_new_vip, process_postscripts
 from kvirt.defaults import LOCAL_OPENSHIFT_APPS, OPENSHIFT_TAG
 import os
+import platform
 import re
 from random import choice
 from shutil import copy2, move, rmtree, which
@@ -336,16 +337,18 @@ def get_downstream_installer(version='stable', macosx=False, tag=None, debug=Fal
 
 
 def get_okd_installer(tag, version='stable', debug=False):
-    if version == 'stable' and str(tag).count('.') == 1:
-        tag = f'quay.io/okd/scos-release:{tag}.0-okd-scos.1'
-    elif 'quay.io' not in str(tag) and 'registry.ci.openshift.org' not in str(tag):
-        if version == 'candidate':
-            url = "https://amd64.origin.releases.ci.openshift.org/api/v1/releasestream/4-scos-next/latest"
-        elif version in ['ci', 'nightly']:
-            url = f"https://amd64.origin.releases.ci.openshift.org/api/v1/releasestream/{tag}.0-0.okd-scos/latest"
-        else:
-            url = "https://amd64.origin.releases.ci.openshift.org/api/v1/releasestream/4-scos-stable/latest"
+    if version == 'candidate':
+        url = "https://amd64.origin.releases.ci.openshift.org/api/v1/releasestream/4-scos-next/latest"
+        tag = json.loads(urlopen(url).read())['pullSpec']
+    elif version in ['ci', 'nightly']:
+        url = f"https://amd64.origin.releases.ci.openshift.org/api/v1/releasestream/{tag}.0-0.okd-scos/latest"
         tag = json.loads(urlopen(url).read())['pullSpec']
+    else:
+        url = 'https://quay.io/api/v1/repository/okd/scos-release/tag'
+        for t in json.loads(urlopen(url).read())["tags"]:
+            if tag in t["name"] and ".ec." not in t["name"]:
+                tag = f'quay.io/okd/scos-release:{t["name"]}'
+                break
     cmd = f"oc adm release extract --command=openshift-install --to . {tag}"
     cmd += "; chmod 700 openshift-install"
     pprint(f'Downloading openshift-install {tag} in current directory')
@@ -663,14 +666,14 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
         warning("Forcing dualstack")
         data['dualstack'] = True
     http_proxy = os.environ.get('HTTP_PROXY') or os.environ.get('http_proxy')
-    if 'http_proxy' not in data and http_proxy is not None:
+    if data['http_proxy'] is None and http_proxy is not None:
         pprint("Using proxy settings from environment")
         data['http_proxy'] = http_proxy
         https_proxy = os.environ.get('HTTPS_PROXY') or os.environ.get('https_proxy')
-        if 'https_proxy' not in data and https_proxy is not None:
+        if data['https_proxy'] is None and https_proxy is not None:
             data['https_proxy'] = https_proxy
         no_proxy = os.environ.get('NO_PROXY') or os.environ.get('no_proxy')
-        if 'no_proxy' not in data and no_proxy is not None:
+        if data['no_proxy'] is None and no_proxy is not None:
             data['no_proxy'] = no_proxy
     if data['ctlplanes'] == 1 and data['workers'] == 0\
        and 'ctlplane_memory' not in overrides and 'memory' not in overrides:
@@ -710,8 +713,11 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
     data['sno'] = sno
     sno_wait = overrides.get('sno_wait') or baremetal_sno or data['api_ip'] is not None or sno_vm
     sno_disk = data['sno_disk']
+    if sno_disk is not None and not sno_disk.startswith('/dev/'):
+        sno_disk = f'/dev/{sno_disk}'
     sno_ctlplanes = data['sno_ctlplanes'] or baremetal_ctlplane
     sno_workers = data['sno_workers']
+    sno_telco = data['sno_telco']
     ignore_hosts = data['ignore_hosts'] or sslip
     if sno:
         if sno_disk is None:
@@ -756,7 +762,13 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
     if not data['coredns']:
         warning("You will need to provide DNS records for api and ingress on your own")
     keepalived = data['keepalived']
-    if not keepalived:
+    bgp = data['bgp']
+    if bgp:
+        data['keepalived'] = False
+        keepalived = False
+        if not data['bgp_peers']:
+            return {'result': 'failure', 'reason': 'bgp_peers needs to be set'}
+    elif not keepalived:
         warning("You will need to provide LB for api and ingress on your own")
     mdns = data['mdns']
     localhost_fix = data['localhost_fix']
@@ -769,12 +781,15 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
     virtualization_nightly = data['virtualization_nightly']
     version = data['version']
     tag = data['tag']
+    if isinstance(tag, float) and str(tag).count('.') == 1 and len(str(tag).split('.')[1]) == 1:
+        tag = f'{tag}0'
+        data['tag'] = tag
     version = overrides.get('version') or detect_openshift_version(tag, OPENSHIFT_TAG)
     data['version'] = version
     if os.path.exists('coreos-installer'):
         pprint("Removing old coreos-installer")
         os.remove('coreos-installer')
-    if version not in ['ci', 'candidate', 'nightly', 'stable']:
+    if version not in ['ci', 'candidate', 'latest', 'nightly', 'stable']:
         return {'result': 'failure', 'reason': f"Incorrect version {version}"}
     else:
         pprint(f"Using {version} version")
@@ -782,7 +797,7 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
     image = data['image']
     api_ip = data['api_ip']
     cidr = None
-    if provider in virt_providers and keepalived and not sno and api_ip is None:
+    if provider in virt_providers and (keepalived or bgp) and not sno and api_ip is None:
         network = data['network']
         networkinfo = k.info_network(network)
         if not networkinfo:
@@ -838,7 +853,7 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
         data['ipv6'] = True
         overrides['ipv6'] = True
         data['disconnected_ipv6_network'] = True
-        if not disconnected_vm and disconnected_url is None:
+        if not disconnected_vm and disconnected_url is None and data['http_proxy'] is None:
             warning("Forcing disconnected_vm to True as no disconnected_url was provided")
             data['disconnected_vm'] = True
             disconnected_vm = True
@@ -926,13 +941,19 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
                 tag = f'registry.ci.openshift.org/{basetag}/release:{tag}'
     which_openshift = which('openshift-install')
     openshift_dir = os.path.dirname(which_openshift) if which_openshift is not None else '.'
-    if which_openshift is not None and not has_internet():
-        pprint("Using existing openshift-install found in your PATH")
-        warning("Not checking version")
-    elif okd:
-        run = get_okd_installer(tag, version=version)
-    elif not same_release_images(version=version, tag=tag, pull_secret=pull_secret, path=openshift_dir):
-        if version in ['ci', 'nightly'] or '/' in str(tag):
+    if which_openshift is None:
+        download = True
+    elif not has_internet:
+        pprint("Using existing openshift-install found in your PATH and skipping version check")
+        download = False
+    else:
+        download = not same_release_images(version=version, tag=tag, pull_secret=pull_secret, path=openshift_dir)
+        if download:
+            pprint("Redownloading openshift-install as found version doesn't match requirements")
+    if download:
+        if okd:
+            run = get_okd_installer(tag, version=version)
+        elif version in ['ci', 'nightly'] or '/' in str(tag):
             nightly = version == 'nightly'
             run = get_ci_installer(pull_secret, tag=tag, nightly=nightly)
         elif version in ['candidate', 'stable', 'latest']:
@@ -942,10 +963,6 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
         if run != 0:
             return {'result': 'failure', 'reason': "Couldn't download openshift-install"}
         pprint("Move downloaded openshift-install somewhere in your PATH if you want to reuse it")
-    elif which_openshift is not None:
-        pprint("Using existing openshift-install found in your PATH")
-    else:
-        pprint("Reusing matching openshift-install")
     os.environ["PATH"] = f'{os.getcwd()}:{os.environ["PATH"]}'
     INSTALLER_VERSION = get_installer_version()
     pprint(f"Using installer version {INSTALLER_VERSION}")
@@ -968,6 +985,10 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
             cacmd = f"openssl s_client -showcerts -connect {disconnected_url} </dev/null 2>/dev/null|"
             cacmd += "openssl x509 -outform PEM"
             data['ca'] = os.popen(cacmd).read()
+        kcli_images = ["curl:multi", "origin-coredns:multi", "haproxy:multi", "origin-keepalived-ipfailover:multi",
+                       "mdns-publisher:multi", "kubectl:multi"]
+        kcli_images = '\n'.join([f'quay.io/karmab/{image}' for image in kcli_images])
+        warning(f"Make sure to push the following images in your registry: {kcli_images}")
     if sno:
         pass
     elif image is None:
@@ -1008,6 +1029,10 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
         if not images:
             msg = f"Missing {image}. Indicate correct image in your parameters file..."
             return {'result': 'failure', 'reason': msg}
+    if provider in virt_providers and platform.machine() != arch:
+        pprint(f"Forcing release image to {arch}")
+        base_url = 'quay.io/okd/scos-release' if okd else 'quay.io/openshift-release-dev'
+        os.environ['OPENSHIFT_INSTALL_RELEASE_IMAGE_OVERRIDE'] = f'{base_url}:{INSTALLER_VERSION}-{arch}'
     overrides['image'] = image
     static_networking_ctlplane, static_networking_worker = False, False
     macentries = []
@@ -1046,7 +1071,7 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
         disconnected_overrides['OPENSHIFT_TAG'] = OPENSHIFT_TAG
         disconnected_overrides['kube'] = f"{cluster}-reuse" if disconnected_reuse else cluster
         disconnected_overrides['openshift_version'] = INSTALLER_VERSION
-        disconnected_overrides['disconnected_operators_version'] = f"4.{INSTALLER_VERSION.split('.')[1]}"
+        disconnected_overrides['disconnected_operators_version'] = f"v4.{INSTALLER_VERSION.split('.')[1]}"
         x_apps = ['users', 'autolabeller', 'metal3', 'nfs']
         disconnected_operators_2 = [o['name'] for o in disconnected_operators if isinstance(o, dict) and 'name' in o]
         for app in apps:
@@ -1150,21 +1175,31 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
                                             overrides={'role': role, 'node_ip_hint': node_ip_hint})
             with open(f"{clusterdir}/manifests/99-chrony-{role}.yaml", 'w') as f:
                 f.write(hint)
-    manifestsdir = data.get('manifests')
-    manifestsdir = pwd_path(manifestsdir)
-    if os.path.exists(manifestsdir) and os.path.isdir(manifestsdir):
-        for f in glob(f"{manifestsdir}/*.y*ml"):
-            pprint(f"Injecting manifest {f}")
-            copy2(f, f"{clusterdir}/openshift")
-    elif isinstance(manifestsdir, list):
+    if sno_telco:
+        manifestsdir = safe_load(open(f"{plandir}/telco_manifests.yml"))
+    else:
+        manifestsdir = data.get('manifests')
+        manifestsdir = pwd_path(manifestsdir)
+    if isinstance(manifestsdir, list):
         for manifest in manifestsdir:
             f, content = list(manifest.keys())[0], list(manifest.values())[0]
             if not f.endswith('.yml') and not f.endswith('.yaml'):
                 warning(f"Skipping manifest {f}")
                 continue
+            if f == '99-openshift-disconnected-catalog.yaml':
+                if disconnected_url is not None:
+                    content = content.replace('REGISTRY', disconnected_url).replace('TAG', OPENSHIFT_TAG)
+                else:
+                    continue
+            if f == '98-var-lib-containers-partitioned.yaml':
+                content = content.replace('SNO_DISK', sno_disk or '/dev/sda')
             pprint(f"Injecting manifest {f}")
             with open(f'{clusterdir}/openshift/{f}', 'w') as f:
                 f.write(content)
+    elif os.path.exists(manifestsdir) and os.path.isdir(manifestsdir):
+        for f in glob(f"{manifestsdir}/*.y*ml"):
+            pprint(f"Injecting manifest {f}")
+            copy2(f, f"{clusterdir}/openshift")
     for manifest in glob(f"{clusterdir}/*.yaml"):
         if os.stat(manifest).st_size == 0:
             warning(f"Skipping empty manifest {manifest}")
@@ -1244,10 +1279,11 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
                 _f.write(crondata)
             continue
         if '99-monitoring.yaml' in f:
-            monitoring_retention = data['monitoring_retention']
-            monitoringfile = config.process_inputfile(cluster, f, overrides={'retention': monitoring_retention})
-            with open(f"{clusterdir}/openshift/99-monitoring.yaml", 'w') as _f:
-                _f.write(monitoringfile)
+            if not sno_telco:
+                monitoring_retention = data['monitoring_retention']
+                monitoringfile = config.process_inputfile(cluster, f, overrides={'retention': monitoring_retention})
+                with open(f"{clusterdir}/openshift/99-monitoring.yaml", 'w') as _f:
+                    _f.write(monitoringfile)
             continue
         copy2(f, f"{clusterdir}/openshift")
     if virtualization_nightly:
@@ -1341,12 +1377,14 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
         with open(f"{clusterdir}/openshift/99-kubevirt-fix-worker.yaml", 'w') as _f:
             _f.write(kubevirtworker)
     if sno:
-        sno_name = f"{cluster}-sno"
         sno_files = []
         sno_disable_nics = data['sno_disable_nics']
         if ipv6 or sno_disable_nics:
             nm_data = config.process_inputfile(cluster, f"{plandir}/kcli-ipv6.conf.j2", overrides=data)
             sno_files.append({'path': "/etc/NetworkManager/conf.d/kcli-ipv6.conf", 'data': nm_data})
+        sno_hostname = data['sno_hostname']
+        if sno_hostname is not None:
+            sno_files.append({'path': "/etc/hostname", 'data': sno_hostname})
         sno_dns = data['sno_dns']
         if sno_dns is None:
             sno_dns = False
@@ -1403,7 +1441,7 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
         disable_ipv6 = 'ipv6' in overrides and not overrides['ipv6']
         data['disable_ipv6'] = disable_ipv6
         overrides['disable_ipv6'] = disable_ipv6
-        move(f"{clusterdir}/bootstrap-in-place-for-live-iso.ign", f"./{sno_name}.ign")
+        move(f"{clusterdir}/bootstrap-in-place-for-live-iso.ign", f"{cluster}-sno.ign")
         with open("iso.ign", 'w') as f:
             iso_overrides = data.copy()
             iso_overrides['image'] = 'rhcos4000'
@@ -1426,7 +1464,7 @@ def create(config, plandir, cluster, overrides, dnsconfig=None):
                 else:
                     sno_extra_args = bootstrap_data
                 iso_overrides['sno_extra_args'] = sno_extra_args
-            result = config.create_vm(sno_name, overrides=iso_overrides, onlyassets=True)
+            result = config.create_vm(f"{cluster}-sno", overrides=iso_overrides, onlyassets=True)
             pprint("Writing iso.ign to current dir")
             f.write(result['userdata'])
         live_url = os.environ.get('LIVEISO_URL') or overrides.get('liveiso_url')

kvirt/cluster/openshift/apps/advanced-cluster-management/assisted-service.sh

@@ -11,7 +11,7 @@ until oc get crd/clusterimagesets.hive.openshift.io >/dev/null 2>&1 ; do sleep 1
 
 if [ "$(which openshift-install)" == "" ] ; then 
   VERSION={{ version|default('stable') }}
-  TAG={{ tag|default('4.19') }}
+  TAG={{ tag|default('4.20') }}
   kcli download openshift-install -P version=$VERSION -P tag=$TAG
   export PATH=.:$PATH
 fi

kvirt/cluster/openshift/apps/advanced-cluster-management/kcli_default.yml

@@ -1,6 +1,7 @@
 acm_deploy_baremetal_console: false
 acm_disable_hub: false
 pull_secret: openshift_pull.json
+acm_ibi: false
 acm_hypershift: true
 acm_mce_catalog:
 acm_siteconfig: true

kvirt/cluster/openshift/apps/advanced-cluster-management/post.sh

@@ -23,3 +23,7 @@ oc -n open-cluster-management patch multiclusterhub multiclusterhub --type=merge
 {% if acm_siteconfig %}
 oc -n open-cluster-management patch multiclusterhub multiclusterhub --type=merge -p '{"spec":{"overrides":{"components":[{"name":"siteconfig","enabled": true}]}}}'
 {% endif %}
+
+{% if acm_ibi %}
+oc patch mce multiclusterengine --type=merge -p '{"spec":{"overrides":{"components":[{"name":"image-based-install-operator","enabled": true}]}}}'
+{% endif %}

kvirt/cluster/openshift/apps/multicluster-engine/assisted-service.sh

@@ -11,7 +11,7 @@ until oc get crd/clusterimagesets.hive.openshift.io >/dev/null 2>&1 ; do sleep 1
 
 if [ "$(which openshift-install)" == "" ] ; then 
   VERSION={{ version|default('stable') }}
-  TAG={{ tag|default('4.19') }}
+  TAG={{ tag|default('4.20') }}
   kcli download openshift-install -P version=$VERSION -P tag=$TAG
   export PATH=.:$PATH
 fi

kvirt/cluster/openshift/apps/odf-operator/cr.yml

@@ -4,6 +4,11 @@ metadata:
   name: odf-storagecluster
   namespace: {{ namespace }}
 spec:
+{% if odf_encryption %}
+  encryption:
+    clusterWide: true
+    enable: true
+{% endif %}
 {% if odf_public_network != None %}
   network:
     ipFamily: IPv4

kvirt/cluster/openshift/apps/odf-operator/kcli_default.yml

@@ -1,6 +1,7 @@
 odf_disksize: 60
 odf_nodes: []
 odf_devicesets: 1
+odf_encryption: false
 odf_storageclass: localstorage-sc
 odf_replicas: 3
 odf_accessmode: ReadWriteOnce

kvirt/cluster/openshift/apps/odf-operator/pre.sh

@@ -1,3 +1,4 @@
+{{ "storagecluster" | wait_crd }}
 {% if odf_nodes %}
 {% set nodes = odf_nodes %}
 {% elif localstorage_nodes is defined %}

kvirt/cluster/openshift/bgp-vip.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+VIP="{{ api_ip }}/32"
+
+if [ "$(curl -sLk https://127.0.0.1:6443/readyz)" == "ok" ] ; then
+  if ! ip addr show dev lo | grep -q "$VIP"; then
+    ip addr add $VIP dev lo
+    echo "$(date): VIP added" >> /var/log/vip-monitor.log
+  fi
+else
+  [ "$(hostname -s)" == "{{ cluster }}-bootstrap" ] &&  sleep 120
+  if ip addr show dev lo | grep -q "$VIP"; then
+    ip addr del $VIP dev lo
+    echo "$(date): VIP removed" >> /var/log/vip-monitor.log
+  fi
+fi

kvirt/cluster/openshift/bootstrap.yml

@@ -20,9 +20,39 @@
 {% endif %}
  disks:
  - size: {{ disk_size }}
-{% if coredns or mdns or keepalived or ipv6 %}
+{% if coredns or mdns or keepalived or ipv6 or bgp %}
  files:
 {% endif %}
+{% if bgp %}
+ - path: /etc/kubernetes/manifests/bgp.yml
+   origin: staticpods/bgp.yml
+ - path: /etc/kubernetes/daemons
+   origin: frr_daemons
+ - path: /etc/kubernetes/frr.conf
+   origin: frr.conf
+   peers: {{ bgp_peers|filter_bgp_peers(0) }}
+ - path: /usr/local/bin/bgp-vip.sh
+   origin: bgp-vip.sh
+   mode: 700
+ - path: /etc/systemd/system/bgp-vip.service
+   content: |
+      [Unit]
+      Description=Manage BGP VIP
+      [Service]
+      Type=oneshot
+      ExecStart=/usr/local/bin/bgp-vip.sh
+ - path: /etc/systemd/system/bgp-vip.timer
+   content: |
+      [Unit]
+      Description=Run BGP VIP periodically
+      [Timer]
+      OnBootSec=5
+      OnUnitActiveSec=5
+      [Install]
+      WantedBy=timers.target
+ - path: /etc/systemd/system/timers.target.wants/bgp-vip.timer
+   target: /etc/systemd/system/bgp-vip.timer
+{% endif %}
 {% if coredns %}
  - path: /etc/NetworkManager/dispatcher.d/99-kcli-forcedns
    origin: 99-kcli-forcedns

kvirt/cluster/openshift/ctlplanes.yml

@@ -28,9 +28,39 @@
 {% endif %}
  nets: {{ [network] + extra_networks }}
  disks: {{ [disk_size] + extra_disks }}
-{% if coredns or mdns or keepalived %}
+{% if coredns or mdns or keepalived or bgp %}
  files:
 {% endif %}
+{% if bgp %}
+ - path: /etc/kubernetes/manifests/bgp.yml
+   origin: staticpods/bgp.yml
+ - path: /etc/kubernetes/daemons
+   origin: frr_daemons
+ - path: /etc/kubernetes/frr.conf
+   origin: frr.conf
+   peers: {{ bgp_peers|filter_bgp_peers(loop.index0) }}
+ - path: /usr/local/bin/bgp-vip.sh
+   origin: bgp-vip.sh
+   mode: 700
+ - path: /etc/systemd/system/bgp-vip.service
+   content: |
+      [Unit]
+      Description=manage VIP
+      [Service]
+      Type=oneshot
+      ExecStart=/usr/local/bin/bgp-vip.sh
+ - path: /etc/systemd/system/bgp-vip.timer
+   content: |
+      [Unit]
+      Description=Run BGP VIP periodically
+      [Timer]
+      OnBootSec=5
+      OnUnitActiveSec=5
+      [Install]
+      WantedBy=timers.target
+ - path: /etc/systemd/system/timers.target.wants/bgp-vip.timer
+   target: /etc/systemd/system/bgp-vip.timer
+{% endif %}
 {% if coredns %}
  - path: /etc/NetworkManager/dispatcher.d/99-kcli-forcedns
    origin: 99-kcli-forcedns