assisted-image-service

command module

v0.0.0-...-f822399 Latest Latest Go to latest Published: Apr 8, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/openshift/assisted-image-service

Links

Open Source Insights

README ¶

Assisted Image Service

This service customizes and serves RHCOS images for the Assisted Installer Service. It downloads a set of RHCOS images on startup based on config and responds to a single API endpoint to allow a user to download a customized image for use with assisted service.

Running the Image Service

Build the image and run it locally using podman

make build run

This will start the service running on port 8080 by default. It will also bind-mount the data and certs local directories into the container root.

Running tests

skipper make test

Configuration

ALLOWED_DOMAINS - When set, determines how the service responds to requests with Origin headers
ASSISTED_SERVICE_HOST - host or host:port to use to query assisted service for image information
ASSISTED_SERVICE_SCHEME - protocol to use to query assisted service for image information
DATA_DIR - Path at which to store downloaded RHCOS images.
HTTPS_CERT_FILE - tls cert file path
HTTPS_KEY_FILE - tls key file path
HTTP_LISTEN_PORT - When set, plain http listener is started on that port
IMAGE_SERVICE_BASE_URL - the base URL to use to query the image service
LISTEN_PORT - Image Service listen port
LOG_LEVEL - log level, such as "info" or "debug"; see logrus docs for a complete list
MAX_CONCURRENT_REQUESTS - caps the number of inflight image downloads to avoid things like open file limits
RHCOS_VERSIONS/OS_IMAGES - JSON string indicating the supported versions and their required urls. OS_IMAGES takes precedence.

Example OS_IMAGES:

[
	{
		"openshift_version": "4.6",
		"cpu_architecture":  "x86_64",
		"url":               "https://mirror.openshift.com/pub/openshift-v4/x86_64/dependencies/rhcos/4.6/4.6.8/rhcos-4.6.8-x86_64-live.x86_64.iso",
		"version":           "46.82.202012051820-0"
	},
	{
		"openshift_version": "4.7",
		"cpu_architecture":  "x86_64",
		"url":               "https://mirror.openshift.com/pub/openshift-v4/x86_64/dependencies/rhcos/4.7/4.7.33/rhcos-4.7.33-x86_64-live.x86_64.iso",
		"version":           "47.84.202109241831-0"
	},
	{
		"openshift_version": "4.8",
		"cpu_architecture":  "x86_64",
		"url":               "https://mirror.openshift.com/pub/openshift-v4/x86_64/dependencies/rhcos/4.8/4.8.14/rhcos-4.8.14-x86_64-live.x86_64.iso",
		"version":           "48.84.202109241901-0"
	}
]

API

None of these APIs should be considered stable for end-users of assisted installer. Users should never construct URLs that match these APIs; instead users should obtain an ISO URL from an InfraEnv resource, as provided by assisted installer. These APIs represent a contract between assisted-image-service and assisted installer only.

`GET /byid/{image_id}/{version}/{arch}/{filename}`

Downloads the RHCOS image for the specified image ID.

URL segments:

image_id: ID for the image, usually the InfraEnv ID
version: indicates the version of the RHCOS base image to use (must match an entry in RHCOS_VERSIONS)
arch: the base image cpu architecture (must match an entry in RHCOS_VERSIONS)
filename: full.iso to download the ISO including the rootfs, minimal.iso to download the ISO without the rootfs

`GET /bytoken/{token}/{version}/{arch}/{filename}`

Downloads the RHCOS image for the specified image ID.

URL segments:

token: JWT whose payload containes either a sub field or infra_env_id field
version: indicates the version of the RHCOS base image to use (must match an entry in RHCOS_VERSIONS)
arch: the base image cpu architecture (must match an entry in RHCOS_VERSIONS)
filename: full.iso to download the ISO including the rootfs, minimal.iso to download the ISO without the rootfs

`GET /byapikey/{api_key}/{version}/{arch}/{filename}`

Downloads the RHCOS image for the specified image ID.

URL segments:

api_key: JWT whose payload containes either a sub field or infra_env_id field
version: indicates the version of the RHCOS base image to use (must match an entry in RHCOS_VERSIONS)
arch: the base image cpu architecture (must match an entry in RHCOS_VERSIONS)
filename: full.iso to download the ISO including the rootfs, minimal.iso to download the ISO without the rootfs

Deprecated API

`GET /images/{image_id}`

Downloads the RHCOS image for the specified image ID.

Query parameters

version: indicates the version of the RHCOS base image to use (must match an entry in RHCOS_VERSIONS)
arch: the base image cpu architecture (must match an entry in RHCOS_VERSIONS)
type: full-iso to download the ISO including the rootfs, minimal-iso to download the ISO without the rootfs
api_key: the api token to pass through to the assisted service calls if local authentication is required
image_token: the token to pass through to the Image-Token assisted service header if image pre-signed authentication is required

Headers

Authorization: this header is passed directly through to assisted service requests to handle RHSSO authentication

`GET /images/{image_id}/pxe-initrd`

Downloads the RHCOS initrd with the ignition for the specified image appended.

Query parameters

version: indicates the version of the RHCOS base image to use (must match an entry in RHCOS_VERSIONS)
arch: the base image cpu architecture (must match an entry in RHCOS_VERSIONS)
api_key: the api token to pass through to the assisted service calls if local authentication is required
image_token: the token to pass through to the Image-Token assisted service header if image pre-signed authentication is required

Headers

Authorization: this header is passed directly through to assisted service requests to handle RHSSO authentication

`GET /boot-artifacts/{artifact}`

Downloads the artifact specified from the ISO.

Query parameters

version: indicates the version of the RHCOS base image to use (must match an entry in RHCOS_VERSIONS)
arch: the base image cpu architecture (must match an entry in RHCOS_VERSIONS)

`GET /health`

Returns 503 until the images are downloaded Returns 200 if the service is ready to respond to requests

`GET /live`

Returns 200 if the service is running

`GET /metrics`

Prometheus metrics scraping endpoint

Authentication

Authentication tokens are accepted in various ways to support different deployment models and assisted service authentication backends The following table shows how each authentication input is translated when making calls to assisted service

Image Service	Assisted Service
`api_key` query parameter	`api_key` query parameter
`image_token` query parameter	`Image-Token` header
`Authorization` header	`Authorization` header

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
internal
handlers
pkg
imagestore Package imagestore is a generated GoMock package.	Package imagestore is a generated GoMock package.
isoeditor Package isoeditor is a generated GoMock package.	Package isoeditor is a generated GoMock package.
overlay
servers

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL