Uploaded image for project: 'OpenShift Over the Air'
  1. OpenShift Over the Air
  2. OTA-832

oc-mirror should pull the graph-data YAML tarball from OSUS (phase 1)

    XMLWordPrintable

Details

    • Epic
    • Resolution: Done
    • Critical
    • openshift-4.13
    • None
    • None
    • oc-mirror should pull the graph-data YAML tarball from OSUS (phase 1)
    • False
    • None
    • False
    • Not Selected
    • To Do
    • OCPSTRAT-65 - oc-mirror pulls update graph data from OSUS
    • OCPSTRAT-65oc-mirror pulls update graph data from OSUS
    • 100
    • 100% 100%

    Description

      Note:

      This epic is a follow up to https://issues.redhat.com/browse/OTA-226 . Initially we want to fix this in OTA-255 but later we pivoted to this epic as this is a cleaner solution and will need less maintenance from the team. Also it will complement the current oc-mirror workflow.

      Context:

      As an administrator, I would like to keep the graphs from the local instance OpenShift update service (OSUS) in the disconnected environment same as public instance of OSUS run by Red Hat.

      As part of the current method to deploy the OpenShift Update Service (OSUS) operator in disconnected/ restricted network environments customers need to build the graph data container image themselves [1] . We went with release of the OSUS without releasing the graph-data image because ACM needed OSUS. However asking customers to build an image to use with OSUS operator is not an acceptable solution for long term.

      Customers are waiting for OTA-255 epic to get fixed (it is kind of blocking a deal) as the current solution does not work for them. Mostly because the current workflow (using oc-mirror) involves (as described below) goes to cincinnati-graph-data github repository to get the content for the init graph-data container which the OpenShift update service needs to serve upgrade graphs in disconnected environments.

      • OC-mirror  has automated the workflow to mirror release payload to the disconnected environment. It also copies the content of cincinnati-graph-data then builds the cincinnati-graph-data container during the process.
      • However it needs files from https://github.com/openshift/cincinnati-graph-data to build the graph-data container image.

      This is not acceptable for the customer as they do not trust github content and only want content from Red Hat for the disconnected environment.

      We have discussed the topic with the technical account managers working with the US department of energy and  Daniel Messer as he is the product manager for oc-mirror. Here is the feedback from the discussions.

      • Customers like the oc-mirror workflow. As it has automated the hard part of running clusters in disconnected environments. However they do not like it when  it reaches out to public websites like github which they do not trust. 
      • They do not have any opinion about whether the graph data image needs to be built and signed by Red Hat or oc-mirror builts it.
      • As long as we get stuff from Red Hat it is fine with them.

       

      Goal:

      • oc-mirror downloading the graph-data tarball from OSUS  API endpoint.

      Attachments

        Issue Links

          is related to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. OTA-255 Release cincinnati-graph-data as a container image

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Closed
          relates to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. OTA-889 oc-mirror should pull the graph-data YAML tarball from OSUS (phase 2)

          • Undefined - Priority not specified.
          • New

          Feature Request - Feature requests from customers and/or users RFE-3482 Update server that can work internally to keep push button updates working for disconnected installs.

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Accepted

          Activity

            People

              lmohanty@redhat.com Lalatendu Mohanty
              lmohanty@redhat.com Lalatendu Mohanty
              Yang Yang Yang Yang
              Sebastian Kopacz Sebastian Kopacz
              Votes:
              2 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: