# Ignition config touches 4 components when it bootstraps
# 1. Ignition version
$cat bootstrap.ign |jq '.ignition'
{
"config": {},
"security": {
"tls": {}
},
"timeouts": {},
"version": "2.2.0"
}
# 2. Users created by Ignition
$ cat bootstrap.ign |jq '.passwd'
{
"users": [
{
"name": "core",
"sshAuthorizedKeys": [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABA....user@host\n",
]
}
]
}
# 3. files managed by Ignition
$ cat bootstrap.ign |jq '.storage[][].path'
"/etc/motd"
"/root/.docker/config.json"
"/usr/local/bin/bootkube.sh"
"/usr/local/bin/openshift.sh"
"/usr/local/bin/report-progress.sh"
"/opt/openshift/manifests/04-openshift-machine-config-operator.yaml"
"/opt/openshift/manifests/cluster-config.yaml"
"/opt/openshift/manifests/cluster-dns-02-config.yml"
"/opt/openshift/manifests/cluster-infrastructure-02-config.yml"
"/opt/openshift/manifests/cluster-ingress-02-config.yml"
"/opt/openshift/manifests/cluster-network-01-crd.yml"
"/opt/openshift/manifests/cluster-network-02-config.yml"
"/opt/openshift/manifests/cvo-overrides.yaml"
"/opt/openshift/manifests/etcd-service.yaml"
"/opt/openshift/manifests/host-etcd-service-endpoints.yaml"
"/opt/openshift/manifests/host-etcd-service.yaml"
"/opt/openshift/manifests/kube-cloud-config.yaml"
"/opt/openshift/manifests/kube-system-configmap-etcd-ca-bundle.yaml"
"/opt/openshift/manifests/kube-system-configmap-etcd-serving-ca.yaml"
"/opt/openshift/manifests/kube-system-configmap-root-ca.yaml"
"/opt/openshift/manifests/kube-system-secret-etcd-client-ca-deprecated.yaml"
"/opt/openshift/manifests/kube-system-secret-etcd-client.yaml"
"/opt/openshift/manifests/kube-system-secret-etcd-signer-client.yaml"
"/opt/openshift/manifests/kube-system-secret-etcd-signer.yaml"
"/opt/openshift/manifests/machine-config-server-tls-secret.yaml"
"/opt/openshift/manifests/openshift-config-configmap-etcd-metric-serving-ca.yaml"
"/opt/openshift/manifests/openshift-config-secret-etcd-metric-client.yaml"
"/opt/openshift/manifests/pull.json"
"/opt/openshift/openshift/99_binding-discovery.yaml"
"/opt/openshift/openshift/99_cloud-creds-secret.yaml"
"/opt/openshift/openshift/99_kubeadmin-password-secret.yaml"
"/opt/openshift/openshift/99_role-cloud-creds-secret-reader.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_master-user-data-secret.yaml"
"/opt/openshift/openshift/99_openshift-machineconfig_master.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_master-machines-0.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_master-machines-1.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_master-machines-2.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_worker-user-data-secret.yaml"
"/opt/openshift/openshift/99_openshift-machineconfig_worker.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_worker-machineset-0.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_worker-machineset-1.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_worker-machineset-2.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_worker-machineset-3.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_worker-machineset-4.yaml"
"/opt/openshift/openshift/99_openshift-cluster-api_worker-machineset-5.yaml"
"/opt/openshift/auth/kubeconfig"
"/opt/openshift/auth/kubeconfig-kubelet"
"/opt/openshift/tls/admin-kubeconfig-ca-bundle.crt"
"/opt/openshift/tls/aggregator-ca.key"
"/opt/openshift/tls/aggregator-ca.crt"
"/opt/openshift/tls/aggregator-ca-bundle.crt"
"/opt/openshift/tls/apiserver-proxy.key"
"/opt/openshift/tls/apiserver-proxy.crt"
"/opt/openshift/tls/aggregator-signer.key"
"/opt/openshift/tls/aggregator-signer.crt"
"/opt/openshift/tls/apiserver.key"
"/opt/openshift/tls/apiserver.crt"
"/opt/openshift/tls/apiserver-proxy.key"
"/opt/openshift/tls/apiserver-proxy.crt"
"/opt/openshift/tls/etcd-client-ca.key"
"/opt/openshift/tls/etcd-client-ca.crt"
"/opt/openshift/tls/etcd-ca-bundle.crt"
"/opt/openshift/tls/etcd-client.key"
"/opt/openshift/tls/etcd-client.crt"
"/opt/openshift/tls/etcd-metric-ca-bundle.crt"
"/opt/openshift/tls/etcd-metric-signer.key"
"/opt/openshift/tls/etcd-metric-signer.crt"
"/opt/openshift/tls/etcd-metric-signer-client.key"
"/opt/openshift/tls/etcd-metric-signer-client.crt"
"/opt/openshift/tls/etcd-signer.key"
"/opt/openshift/tls/etcd-signer.crt"
"/opt/openshift/tls/etcd-signer-client.key"
"/opt/openshift/tls/etcd-signer-client.crt"
"/opt/openshift/tls/kube-apiserver-lb-ca-bundle.crt"
"/opt/openshift/tls/kube-apiserver-lb-server.key"
"/opt/openshift/tls/kube-apiserver-lb-server.crt"
"/opt/openshift/tls/kube-apiserver-lb-signer.key"
"/opt/openshift/tls/kube-apiserver-lb-signer.crt"
"/opt/openshift/tls/kube-apiserver-localhost-ca-bundle.crt"
"/opt/openshift/tls/kube-apiserver-localhost-server.key"
"/opt/openshift/tls/kube-apiserver-localhost-server.crt"
"/opt/openshift/tls/kube-apiserver-localhost-signer.key"
"/opt/openshift/tls/kube-apiserver-localhost-signer.crt"
"/opt/openshift/tls/kube-apiserver-service-network-ca-bundle.crt"
"/opt/openshift/tls/kube-apiserver-service-network-server.key"
"/opt/openshift/tls/kube-apiserver-service-network-server.crt"
"/opt/openshift/tls/kube-apiserver-service-network-signer.key"
"/opt/openshift/tls/kube-apiserver-service-network-signer.crt"
"/opt/openshift/tls/kube-apiserver-complete-server-ca-bundle.crt"
"/opt/openshift/tls/kube-apiserver-complete-client-ca-bundle.crt"
"/opt/openshift/tls/kube-apiserver-to-kubelet-ca-bundle.crt"
"/opt/openshift/tls/kube-apiserver-to-kubelet-client.key"
"/opt/openshift/tls/kube-apiserver-to-kubelet-client.crt"
"/opt/openshift/tls/kube-apiserver-to-kubelet-signer.key"
"/opt/openshift/tls/kube-apiserver-to-kubelet-signer.crt"
"/opt/openshift/tls/kube-ca.key"
"/opt/openshift/tls/kube-ca.crt"
"/opt/openshift/tls/kube-control-plane-ca-bundle.crt"
"/opt/openshift/tls/kube-control-plane-kube-controller-manager-client.key"
"/opt/openshift/tls/kube-control-plane-kube-controller-manager-client.crt"
"/opt/openshift/tls/kube-control-plane-kube-scheduler-client.key"
"/opt/openshift/tls/kube-control-plane-kube-scheduler-client.crt"
"/opt/openshift/tls/kube-control-plane-signer.key"
"/opt/openshift/tls/kube-control-plane-signer.crt"
"/opt/openshift/tls/kubelet-bootstrap-kubeconfig-ca-bundle.crt"
"/opt/openshift/tls/kubelet-client-ca-bundle.crt"
"/opt/openshift/tls/kubelet-client.key"
"/opt/openshift/tls/kubelet-client.crt"
"/opt/openshift/tls/kubelet-signer.key"
"/opt/openshift/tls/kubelet-signer.crt"
"/opt/openshift/tls/kubelet-serving-ca-bundle.crt"
"/opt/openshift/tls/machine-config-server.key"
"/opt/openshift/tls/machine-config-server.crt"
"/opt/openshift/tls/service-account.key"
"/opt/openshift/tls/service-account.pub"
"/opt/openshift/tls/journal-gatewayd.key"
"/opt/openshift/tls/journal-gatewayd.crt"
"/opt/openshift/tls/root-ca.crt"
# 4. systemd units managed by ignition
$ cat bootstrap.ign |jq '.systemd[][].name'
"bootkube.service"
"chown-gatewayd-key.service"
"kubelet.service"
"openshift.service"
"progress.service"
"systemd-journal-gatewayd.service"
"systemd-journal-gatewayd.socket"
Last active
May 7, 2019 14:24
-
-
Save tuxfight3r/b3acf05367ba0438b888c913ce408e3e to your computer and use it in GitHub Desktop.
openshift4 boot strap ignition configs
{
"ignition": {
"config": {
"append": [
{
"source": "https://api.ocp4-cluster32.cluster3.local:22623/config/master",
"verification": {}
}
]
},
"security": {
"tls": {
"certificateAuthorities": [
{
"source": "data:text/plain;charset=utf-8;base64,LS0tLS1C....",
"verification": {}
}
]
}
},
"timeouts": {},
"version": "2.2.0"
},
"networkd": {},
"passwd": {},
"storage": {},
"systemd": {}
}
{
"ignition": {
"config": {
"append": [
{
"source": "https://api.ocp4-cluster32.cluster3.local:22623/config/worker",
"verification": {}
}
]
},
"security": {
"tls": {
"certificateAuthorities": [
{
"source": "data:text/plain;charset=utf-8;base64,LS0tLS1......",
"verification": {}
}
]
}
},
"timeouts": {},
"version": "2.2.0"
},
"networkd": {},
"passwd": {},
"storage": {},
"systemd": {}
}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment