(OSD-24920) Update verifier docs to include new flags and probe behav…

…ior (#263) Updated the docs to include the following new flags: cpu-arch egress-list-location probe Also udpated the docs to reflect how egress lists are maintained Co-authored-by: Dakota Long <dalong@dalong-thinkpadp1gen3.remote.csb>
openshift · Aug 15, 2024 · a08f94c · a08f94c
1 parent 42ab248
commit a08f94c
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -44,16 +44,17 @@ See the Terraform `README.md` for detailed instructions.
 ## Contributing and Maintenance
 If interested, please fork this repo and create pull requests to the `main` branch.
 
-### Golden AMI
-osd-network-verifier depends on these publicly available [AMIs](pkg/verifier/aws/aws_verifier.go#L24-L45) built from the [osd-network-verifier-golden-ami](https://gitlab.cee.redhat.com/service/osd-network-verifier-golden-ami) repo.
+### Egress Lists
 
-Golden AMI provides the following:
-- runtime environment setup (such as container engine, configurations, etc.)
-- building and embedding the validator binary which performs the individual checks to the endpoints
+This lists of essential domains for egress verification should be maintained in [pkg/data/egress_lists](https://github.com/openshift/osd-network-verifier/tree/main/pkg/data/egress_lists). The network verifier will dynamically pull down the list of endpoints from the most recent commit. This means that egress lists can be updated quickly without the need of a new osd-network-verifier release.
 
-### Egress Lists
+It is also possible to pass in a custom list of egress endpoints by using the `--egress-list-location` flag.
+
+Newly-added lists should be registered as "platform types" in [`helpers.go`](pkg/helpers/helpers.go#L94) using the list file's extensionless name as the value (e.g., abc.yaml should be registered as `PlatformABC     string = "abc"`). Finally, the `--platform` help message and value handling logic in [`cmd.go`](cmd/egress/cmd.go) should also be updated.
+
+### Image Selection
 
-This lists of essential domains for egress verification should be maintained in the [GitLab repo](https://gitlab.cee.redhat.com/service/osd-network-verifier-golden-ami/-/blob/master/build/config/). Newly-added lists should be registered as "platform types" in [`helpers.go`](pkg/helpers/helpers.go#L94) using the list file's extensionless name as the value (e.g., abc.yaml should be registered as `PlatformABC     string = "abc"`). Finally, the `--platform` help message and value handling logic in [`cmd.go`](cmd/egress/cmd.go) should also be updated.
+The list of images (RHEL base images) that osd-network-verifier selects from to run in is maintained in [pkg/probes/curl/machine_images.go](https://github.com/openshift/osd-network-verifier/tree/main/pkg/probes/curl/machine_images.go). Which image is selected is based on the platform, region and cpu architecture type. By default, "X86" is used unless manually overriden by the `--cpu-arch` flag.
 
 ### IAM Permission Requirement List
 

diff --git a/docs/aws/aws.md b/docs/aws/aws.md
@@ -145,7 +145,9 @@ repeat the verification process for each subnet ID.
         ```shell
         --cacert string               (optional) path to cacert file to be used upon https requests being made by verifier
         --cloud-tags stringToString   (optional) comma-seperated list of tags to assign to cloud resources e.g. --cloud-tags key1=value1,key2=value2 (default [])
+        --cpu-arch string             (optional) compute instance CPU architecture. Ignored if valid instance-type specified
         --debug                       (optional) if true, enable additional debug-level logging
+        --egress-list-location string (optional) the location of the egress URL list to use. Can either be a local file path or an external URL starting with http(s). This value is ignored for the legacy probe.
         --force-temp-security-group   (optional) Enforces creation of Temporary SG creation even if --security-group-ids flag is used
         --http-proxy string           (optional) http-proxy to be used upon http requests being made by verifier, format: http://user:pass@x.x.x.x:8978
         --https-proxy string          (optional) https-proxy to be used upon https requests being made by verifier, format: https://user:pass@x.x.x.x:8978
@@ -154,7 +156,8 @@ repeat the verification process for each subnet ID.
         --instance-type string        (optional) compute instance type
         --kms-key-id string           (optional) ID of KMS key used to encrypt root volumes of compute instances. Defaults to cloud account default key
         --no-tls                      (optional) if true, skip client-side SSL certificate validation
-        --platform string              (optional) infra platform type, which determines which endpoints to test. Either 'aws-classic', 'gcp-classic', or 'hosted-cp' (hypershift) (default "aws-hcp")
+        --platform string             (optional) infra platform type, which determines which endpoints to test. Either 'aws-classic', 'gcp-classic', or 'hosted-cp' (hypershift) (default "aws-hcp")
+        --probe string                (optional) select the probe to be used for egress testing. Either 'Curl' (default) or 'Legacy' (default "Curl")
         --profile string              (optional) AWS profile. If present, any credentials passed with CLI will be ignored
         --region string               (optional) compute instance region. If absent, environment var AWS_REGION = us-east-2 and GCP_REGION = us-east1 will be used
         --security-group-ids strings  (optional) comma-separated list of sec. group IDs to attach to the created EC2 instance. If absent, one will be created