From 5c400cdf799642327b6795edabb90a29986de563 Mon Sep 17 00:00:00 2001
From: Matthew Jones <bsdmatburt@gmail.com>
Date: Tue, 12 Jun 2018 15:08:57 -0400
Subject: [PATCH 1/3] Add local minishift development tooling

Based on mapping the local development tree through minishift
hostfolder interface.
---
 tools/clusterdevel/bootstrap_minishift.sh     |  36 +++++++
 .../roles/minishift/tasks/main.yml            |  85 +++++++++++++++
 .../minishift/templates/configmap.yml.j2      | 102 ++++++++++++++++++
 .../roles/minishift/templates/hostdev.yml.j2  |  78 ++++++++++++++
 .../minishift/templates/hostfolderpvc.yml.j2  |  15 +++
 .../minishift/templates/serviceacct.yml.j2    |   6 ++
 .../minishift/templates/volumeclaim.yml.j2    |  15 +++
 tools/clusterdevel/start_minishift_dev.yml    |  11 ++
 tools/docker-compose.yml                      |   2 +-
 9 files changed, 349 insertions(+), 1 deletion(-)
 create mode 100755 tools/clusterdevel/bootstrap_minishift.sh
 create mode 100644 tools/clusterdevel/roles/minishift/tasks/main.yml
 create mode 100644 tools/clusterdevel/roles/minishift/templates/configmap.yml.j2
 create mode 100644 tools/clusterdevel/roles/minishift/templates/hostdev.yml.j2
 create mode 100644 tools/clusterdevel/roles/minishift/templates/hostfolderpvc.yml.j2
 create mode 100644 tools/clusterdevel/roles/minishift/templates/serviceacct.yml.j2
 create mode 100644 tools/clusterdevel/roles/minishift/templates/volumeclaim.yml.j2
 create mode 100644 tools/clusterdevel/start_minishift_dev.yml

diff --git a/tools/clusterdevel/bootstrap_minishift.sh b/tools/clusterdevel/bootstrap_minishift.sh
new file mode 100755
index 0000000000..4b7265d852
--- /dev/null
+++ b/tools/clusterdevel/bootstrap_minishift.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+set +x
+
+# Wait for the databases to come up
+ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=postgresql port=5432" all
+ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=localhost port=11211" all
+ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=localhost port=5672" all
+ansible -i "127.0.0.1," -c local -v -m postgresql_db -U postgres -a "name=awx owner=awx login_user=awx login_password=awx login_host=postgresql" all
+
+# Move to the source directory so we can bootstrap
+if [ -f "/awx_devel/manage.py" ]; then
+    cd /awx_devel
+else
+    echo "Failed to find awx source tree, map your development tree volume"
+fi
+
+#make awx-link
+python setup.py develop
+ln -s /awx_devel/tools/rdb.py /venv/awx/lib/python2.7/site-packages/rdb.py || true
+yes | cp -rf /awx_devel/tools/docker-compose/supervisor.conf /supervisor.conf
+
+# AWX bootstrapping
+make version_file
+make migrate
+make init
+
+mkdir -p /awx_devel/awx/public/static
+mkdir -p /awx_devel/awx/ui/static
+
+cd /awx_devel
+# Start the services
+if [ -f "/awx_devel/tools/docker-compose/use_dev_supervisor.txt" ]; then
+    make supervisor
+else
+    honcho start -f "tools/docker-compose/Procfile"
+fi
diff --git a/tools/clusterdevel/roles/minishift/tasks/main.yml b/tools/clusterdevel/roles/minishift/tasks/main.yml
new file mode 100644
index 0000000000..70bca9b3c5
--- /dev/null
+++ b/tools/clusterdevel/roles/minishift/tasks/main.yml
@@ -0,0 +1,85 @@
+---
+- name: Apply admin user addon
+  shell: minishift addon apply admin-user
+
+- name: Attach AWX dev tree volume locally
+  shell:  "minishift hostfolder add -t sshfs --source {{ devtree_directory }} --target /mnt/sda1/awx awx"
+  register: hostfolderadd
+  ignore_errors: yes
+
+- name: Fail if hostfolder add issue was something other than already attached
+  fail: msg="There was an issue attaching hostfolder '{{ hostfolderadd.stdout }}' '{{ hostfolderadd.stderr }}'"
+  when: hostfolderadd.rc != 0 and "there is already a host folder" not in hostfolderadd.stderr
+
+- name: Mount AWX dev volume
+  shell: minishift hostfolder mount awx
+
+- name: Authenticate with OpenShift via token
+  shell: "oc login -u admin -p admin"
+
+- name: Get Project Detail
+  shell: "oc get project {{ awx_dev_project }}"
+  register: project_details
+  ignore_errors: yes
+
+- name: Get Postgres Service Detail
+  shell: "oc describe svc postgresql -n {{ awx_dev_project }}"
+  register: postgres_svc_details
+  ignore_errors: yes
+
+- name: Create AWX Openshift Project
+  shell: "oc new-project {{ awx_dev_project }}"
+  when: project_details.rc != 0
+
+- name: Stage serviceacct.yml
+  template:
+    src: serviceacct.yml.j2
+    dest: /tmp/serviceacct.yml
+
+- name: Apply svc account
+  shell: "oc apply -f /tmp/serviceacct.yml ; rm -rf /tmp/serviceaccount.yml"
+
+- name: Stage hostfolderpvc.yml
+  template:
+    src: hostfolderpvc.yml.j2
+    dest: /tmp/hostfolderpvc.yml
+
+- name: Create PV for host folder
+  shell: "oc apply -f /tmp/hostfolderpvc.yml ; rm -rf /tmp/hostfolderpvc.yml"
+
+- name: Stage volumeclaim.yml
+  template:
+    src: volumeclaim.yml.j2
+    dest: /tmp/volumeclaim.yml
+
+- name: Create PV for host folder
+  shell: "oc apply -f /tmp/volumeclaim.yml ; rm -rf /tmp/volumeclaim.yml"
+
+- name: Create privileged user service account awx
+  shell: "oc adm policy add-scc-to-user privileged system:serviceaccount:{{ awx_dev_project }}:awx"
+
+- name: Deploy and Activate Postgres
+  shell: "oc new-app --template=postgresql-persistent -e MEMORY_LIMIT={{ pg_memory_limit|default('512') }}Mi -e NAMESPACE=openshift -e DATABASE_SERVICE_NAME=postgresql  -e POSTGRESQL_USER={{ pg_username|default('awx') }} -e POSTGRESQL_PASSWORD={{ pg_password|default('awx') }} -e POSTGRESQL_DATABASE={{ pg_database|default('awx') }} -e VOLUME_CAPACITY={{ pg_volume_capacity|default('5')}}Gi -e POSTGRESQL_VERSION=9.5 -n {{ awx_dev_project }}"
+  when: postgres_svc_details is defined and postgres_svc_details.rc != 0
+  register: openshift_pg_activate
+
+- name: Wait for Postgres to activate
+  pause:
+    seconds: 15
+  when: openshift_pg_activate|changed
+
+- name: Template configmap
+  template:
+    src: configmap.yml.j2
+    dest: "/tmp/configmap.yml"
+
+- name: Create configmap
+  shell: "oc apply -f /tmp/configmap.yml ; rm -rf /tmp/configmap.yml"
+
+- name: Template deployment
+  template:
+    src: hostdev.yml.j2
+    dest: "/tmp/hostdev.yml"
+
+- name: Create deployment
+  shell: "oc apply -f /tmp/hostdev.yml ; rm -rf /tmp/hostdev.yml"
diff --git a/tools/clusterdevel/roles/minishift/templates/configmap.yml.j2 b/tools/clusterdevel/roles/minishift/templates/configmap.yml.j2
new file mode 100644
index 0000000000..ce0c3c3866
--- /dev/null
+++ b/tools/clusterdevel/roles/minishift/templates/configmap.yml.j2
@@ -0,0 +1,102 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: awx-dev-config
+  namespace: {{ awx_dev_project }}
+data:
+  secret_key: isasekrit
+  awx_settings: |
+    import os
+    import socket
+    ADMINS = ()
+    
+    # Container environments don't like chroots
+    AWX_PROOT_ENABLED = False
+
+    # Automatically deprovision pods that go offline
+    AWX_AUTO_DEPROVISION_INSTANCES = True
+
+    SYSTEM_TASK_ABS_CPU = {{ ((awx_task_cpu_request|int / 1000) * 4)|int }}
+    SYSTEM_TASK_ABS_MEM = {{ ((awx_task_mem_request|int * 1024) / 100)|int }}
+
+    #Autoprovisioning should replace this
+    CLUSTER_HOST_ID = socket.gethostname()
+    SYSTEM_UUID = '00000000-0000-0000-0000-000000000000'
+    
+    SESSION_COOKIE_SECURE = False
+    CSRF_COOKIE_SECURE = False
+    
+    REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR']
+
+    STATIC_ROOT = '/var/lib/awx/public/static'
+    PROJECTS_ROOT = '/var/lib/awx/projects'
+    JOBOUTPUT_ROOT = '/var/lib/awx/job_status'
+    SECRET_KEY = file('/etc/tower/SECRET_KEY', 'rb').read().strip()
+    ALLOWED_HOSTS = ['*']
+    INTERNAL_API_URL = 'http://127.0.0.1:8052'
+    SERVER_EMAIL = 'root@localhost'
+    DEFAULT_FROM_EMAIL = 'webmaster@localhost'
+    EMAIL_SUBJECT_PREFIX = '[AWX] '
+    EMAIL_HOST = 'localhost'
+    EMAIL_PORT = 25
+    EMAIL_HOST_USER = ''
+    EMAIL_HOST_PASSWORD = ''
+    EMAIL_USE_TLS = False
+    
+    LOGGING['handlers']['console'] = {
+        '()': 'logging.StreamHandler',
+        'level': 'DEBUG',
+        'formatter': 'simple',
+    }
+    
+    LOGGING['loggers']['django.request']['handlers'] = ['console']
+    LOGGING['loggers']['rest_framework.request']['handlers'] = ['console']
+    LOGGING['loggers']['awx']['handlers'] = ['console']
+    LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console']
+    LOGGING['loggers']['awx.main.commands.inventory_import']['handlers'] = ['console']
+    LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console']
+    LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console']
+    LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console']
+    LOGGING['loggers']['social']['handlers'] = ['console']
+    LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console']
+    LOGGING['loggers']['rbac_migrations']['handlers'] = ['console']
+    LOGGING['loggers']['awx.isolated.manager.playbooks']['handlers'] = ['console']
+    LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'}
+    LOGGING['handlers']['fact_receiver'] = {'class': 'logging.NullHandler'}
+    LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'}
+    LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'}
+    LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'}
+    LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'}
+    LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'}
+    
+    DATABASES = {
+        'default': {
+            'ATOMIC_REQUESTS': True,
+            'ENGINE': 'django.db.backends.postgresql',
+            'NAME': "awx",
+            'USER': "awx",
+            'PASSWORD': "awx",
+            'HOST': "postgresql",
+            'PORT': "5432",
+        }
+    }
+    BROKER_URL = 'amqp://{}:{}@{}:{}/{}'.format(
+        "awx",
+        "abcdefg",
+        "localhost",
+        "5672",
+        "awx")
+    CHANNEL_LAYERS = {
+        'default': {'BACKEND': 'asgi_amqp.AMQPChannelLayer',
+                    'ROUTING': 'awx.main.routing.channel_routing',
+                    'CONFIG': {'url': BROKER_URL}}
+    }
+    CACHES = {
+        'default': {
+            'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
+            'LOCATION': '{}:{}'.format("localhost", "11211")
+        },
+        'ephemeral': {
+            'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
+        },
+    }
diff --git a/tools/clusterdevel/roles/minishift/templates/hostdev.yml.j2 b/tools/clusterdevel/roles/minishift/templates/hostdev.yml.j2
new file mode 100644
index 0000000000..fdd4be936b
--- /dev/null
+++ b/tools/clusterdevel/roles/minishift/templates/hostdev.yml.j2
@@ -0,0 +1,78 @@
+---
+apiVersion: apps/v1beta1 # for versions before 1.9.0 use apps/v1beta2
+kind: Deployment
+metadata:
+  name: awx
+  namespace: {{ awx_dev_project }}
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        name: awx
+    spec:
+      serviceAccountName: awx
+      containers:
+        - image: ansible/awx-dev:latest
+          name: awx
+          command: ["/awx_devel/tools/clusterdevel/bootstrap_minishift.sh"]
+          securityContext:
+            privileged: true
+          volumeMounts:
+            - name: localdev
+              mountPath: /awx_devel
+            - name: awx-application-config
+              mountPath: /etc/tower
+        - name: awx-rabbit
+          image: ansible/awx_rabbitmq:latest
+          imagePullPolicy: Always
+          env:
+            # For consupmption by rabbitmq-env.conf
+            - name: MY_POD_IP
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
+            - name: RABBITMQ_USE_LONGNAME
+              value: "true"
+            - name: ERLANG_COOKIE
+              value: "test"
+            - name: RABBITMQ_ERLANG_COOKIE
+              value: "cookiemonster"
+            - name: RABBITMQ_NODENAME
+              value: "rabbit@$(MY_POD_IP)"
+            - name: AUTOCLUSTER_TYPE
+              value: "etcd"
+            - name: AUTOCLUSTER_DELAY
+              value: "60"
+            - name: ETCD_HOST
+              value: "etcd"
+            - name: AUTOCLUSTER_CLEANUP
+              value: "true"
+            - name: CLEANUP_WARN_ONLY
+              value: "false"
+            - name: CLEANUP_INTERVAL
+              value: "30"
+            - name: RABBITMQ_DEFAULT_USER
+              value: "awx"
+            - name: RABBITMQ_DEFAULT_PASS
+              value: "abcdefg"
+            - name: RABBITMQ_DEFAULT_VHOST
+              value: "awx"
+            - name: RABBITMQ_CONFIG_FILE
+              value: "/etc/rabbitmq/rabbitmq"
+        - name: awx-memcached
+          image: memcached
+        - name: postgres
+          image: postgres:9.6
+      volumes:
+        - name: localdev
+          persistentVolumeClaim:
+            claimName: devtest
+        - name: awx-application-config
+          configMap:
+            name: awx-dev-config
+            items:
+              - key: awx_settings
+                path: settings.py
+              - key: secret_key
+                path: SECRET_KEY
diff --git a/tools/clusterdevel/roles/minishift/templates/hostfolderpvc.yml.j2 b/tools/clusterdevel/roles/minishift/templates/hostfolderpvc.yml.j2
new file mode 100644
index 0000000000..2a04793717
--- /dev/null
+++ b/tools/clusterdevel/roles/minishift/templates/hostfolderpvc.yml.j2
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: projdata
+  namespace: {{ awx_dev_project }}
+  labels:
+    project: awx
+spec:
+  capacity:
+    storage: 10Gi 
+  accessModes:
+    - ReadWriteMany 
+  persistentVolumeReclaimPolicy: Retain 
+  hostPath:
+    path: /mnt/sda1/awx
diff --git a/tools/clusterdevel/roles/minishift/templates/serviceacct.yml.j2 b/tools/clusterdevel/roles/minishift/templates/serviceacct.yml.j2
new file mode 100644
index 0000000000..7e335dd788
--- /dev/null
+++ b/tools/clusterdevel/roles/minishift/templates/serviceacct.yml.j2
@@ -0,0 +1,6 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: awx
+  namespace: {{ awx_dev_project }}
diff --git a/tools/clusterdevel/roles/minishift/templates/volumeclaim.yml.j2 b/tools/clusterdevel/roles/minishift/templates/volumeclaim.yml.j2
new file mode 100644
index 0000000000..a2fe3634f6
--- /dev/null
+++ b/tools/clusterdevel/roles/minishift/templates/volumeclaim.yml.j2
@@ -0,0 +1,15 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: devtest
+  namespace: {{ awx_dev_project }}
+spec:
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 10Gi
+  selector:
+    matchLabels:
+      project: awx
diff --git a/tools/clusterdevel/start_minishift_dev.yml b/tools/clusterdevel/start_minishift_dev.yml
new file mode 100644
index 0000000000..ae308a288e
--- /dev/null
+++ b/tools/clusterdevel/start_minishift_dev.yml
@@ -0,0 +1,11 @@
+---
+- name: Setup minishift dev environment
+  hosts: localhost
+  gather_facts: false
+  vars:
+    - ansible_connection: local
+    - awx_dev_project: awx
+    - awx_task_cpu_request: 500
+    - awx_task_mem_request: 512
+  roles:
+    - { role: minishift }
diff --git a/tools/docker-compose.yml b/tools/docker-compose.yml
index 086507ce05..59adf5f0c6 100644
--- a/tools/docker-compose.yml
+++ b/tools/docker-compose.yml
@@ -1,4 +1,4 @@
-version: '3'
+version: '2'
 services:
   # Primary AWX Development Container
   awx:

From 190525e83580382fb8dac90e932fb4fc211eb263 Mon Sep 17 00:00:00 2001
From: Matthew Jones <bsdmatburt@gmail.com>
Date: Wed, 13 Jun 2018 10:25:44 -0400
Subject: [PATCH 2/3] Adding cluster development service definitions

---
 Makefile                                      |   6 +
 .../minishift/templates/configmap.yml.j2      |  26 +++
 .../roles/minishift/templates/hostdev.yml.j2  | 148 +++++++++++++++---
 .../minishift/templates/serviceacct.yml.j2    |  25 +++
 4 files changed, 181 insertions(+), 24 deletions(-)

diff --git a/Makefile b/Makefile
index 6be593cc63..5151046635 100644
--- a/Makefile
+++ b/Makefile
@@ -30,6 +30,8 @@ DEV_DOCKER_TAG_BASE ?= gcr.io/ansible-tower-engineering
 # Comma separated list
 SRC_ONLY_PKGS ?= cffi,pycparser,psycopg2,twilio
 
+CURWD = $(shell pwd)
+
 # Determine appropriate shasum command
 UNAME_S := $(shell uname -s)
 ifeq ($(UNAME_S),Linux)
@@ -607,6 +609,10 @@ docker-compose-elk: docker-auth
 docker-compose-cluster-elk: docker-auth
 	TAG=$(COMPOSE_TAG) DEV_DOCKER_TAG_BASE=$(DEV_DOCKER_TAG_BASE) docker-compose -f tools/docker-compose-cluster.yml -f tools/elastic/docker-compose.logstash-link-cluster.yml -f tools/elastic/docker-compose.elastic-override.yml up --no-recreate
 
+minishift-dev:
+	ansible-playbook -i localhost, -e devtree_directory=$(CURWD) tools/clusterdevel/start_minishift_dev.yml
+
+
 clean-elk:
 	docker stop tools_kibana_1
 	docker stop tools_logstash_1
diff --git a/tools/clusterdevel/roles/minishift/templates/configmap.yml.j2 b/tools/clusterdevel/roles/minishift/templates/configmap.yml.j2
index ce0c3c3866..9d0627ae9f 100644
--- a/tools/clusterdevel/roles/minishift/templates/configmap.yml.j2
+++ b/tools/clusterdevel/roles/minishift/templates/configmap.yml.j2
@@ -1,3 +1,4 @@
+---
 apiVersion: v1
 kind: ConfigMap
 metadata:
@@ -100,3 +101,28 @@ data:
             'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
         },
     }
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: rabbitmq-config
+  namespace: {{ awx_dev_project }}
+data:
+  enabled_plugins: |
+      [rabbitmq_management,rabbitmq_peer_discovery_k8s].
+  rabbitmq.conf: |
+      default_user = awx
+      default_pass = abcdefg
+      default_vhost = awx
+
+      ## Clustering
+      cluster_formation.peer_discovery_backend  = rabbit_peer_discovery_k8s
+      cluster_formation.k8s.host = kubernetes.default.svc.cluster.local
+      cluster_formation.k8s.address_type = ip
+      cluster_formation.node_cleanup.interval = 10
+      cluster_formation.node_cleanup.only_log_warning = false
+      cluster_partition_handling = autoheal
+      ## queue master locator
+      queue_master_locator=min-masters
+      ## enable guest user
+      loopback_users.guest = false
diff --git a/tools/clusterdevel/roles/minishift/templates/hostdev.yml.j2 b/tools/clusterdevel/roles/minishift/templates/hostdev.yml.j2
index fdd4be936b..3c7c0e24ec 100644
--- a/tools/clusterdevel/roles/minishift/templates/hostdev.yml.j2
+++ b/tools/clusterdevel/roles/minishift/templates/hostdev.yml.j2
@@ -10,6 +10,7 @@ spec:
     metadata:
       labels:
         name: awx
+        app: rabbitmq
     spec:
       serviceAccountName: awx
       containers:
@@ -26,6 +27,23 @@ spec:
         - name: awx-rabbit
           image: ansible/awx_rabbitmq:latest
           imagePullPolicy: Always
+          ports:
+            - name: http
+              protocol: TCP
+              containerPort: 15672
+            - name: amqp
+              protocol: TCP
+              containerPort: 5672
+          livenessProbe:
+            exec:
+              command: ["rabbitmqctl", "status"]
+            initialDelaySeconds: 30
+            timeoutSeconds: 10
+          readinessProbe:
+            exec:
+              command: ["rabbitmqctl", "status"]
+            initialDelaySeconds: 10
+            timeoutSeconds: 10
           env:
             # For consupmption by rabbitmq-env.conf
             - name: MY_POD_IP
@@ -34,32 +52,15 @@ spec:
                   fieldPath: status.podIP
             - name: RABBITMQ_USE_LONGNAME
               value: "true"
-            - name: ERLANG_COOKIE
-              value: "test"
-            - name: RABBITMQ_ERLANG_COOKIE
-              value: "cookiemonster"
             - name: RABBITMQ_NODENAME
               value: "rabbit@$(MY_POD_IP)"
-            - name: AUTOCLUSTER_TYPE
-              value: "etcd"
-            - name: AUTOCLUSTER_DELAY
-              value: "60"
-            - name: ETCD_HOST
-              value: "etcd"
-            - name: AUTOCLUSTER_CLEANUP
-              value: "true"
-            - name: CLEANUP_WARN_ONLY
-              value: "false"
-            - name: CLEANUP_INTERVAL
-              value: "30"
-            - name: RABBITMQ_DEFAULT_USER
-              value: "awx"
-            - name: RABBITMQ_DEFAULT_PASS
-              value: "abcdefg"
-            - name: RABBITMQ_DEFAULT_VHOST
-              value: "awx"
-            - name: RABBITMQ_CONFIG_FILE
-              value: "/etc/rabbitmq/rabbitmq"
+            - name: K8S_SERVICE_NAME
+              value: "rabbitmq"
+            - name: RABBITMQ_ERLANG_COOKIE
+              value: "cookiemonster"
+          volumeMounts:
+            - name: rabbitmq-config
+              mountPath: /etc/rabbitmq
         - name: awx-memcached
           image: memcached
         - name: postgres
@@ -76,3 +77,102 @@ spec:
                 path: settings.py
               - key: secret_key
                 path: SECRET_KEY
+        - name: rabbitmq-config
+          configMap:
+            name: rabbitmq-config
+            items:
+            - key: rabbitmq.conf
+              path: rabbitmq.conf
+            - key: enabled_plugins
+              path: enabled_plugins
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: awx-web-svc
+  namespace: {{ awx_dev_project }}
+  labels:
+    name: awx-web-svc
+spec:
+  type: "NodePort"
+  ports:
+    - name: https
+      port: 8043
+    - name: http
+      port: 8013
+    - name: notsure
+      port: 8080
+  selector:
+    name: awx
+---
+kind: Service
+apiVersion: v1
+metadata:
+  namespace: {{ awx_dev_project }}
+  name: rabbitmq
+  labels:
+    app: rabbitmq
+    type: LoadBalancer
+spec:
+  type: NodePort
+  ports:
+   - name: http
+     protocol: TCP
+     port: 15672
+     targetPort: 15672
+   - name: amqp
+     protocol: TCP
+     port: 5672
+     targetPort: 5672
+  selector:
+    app: rabbitmq
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: awx-rmq-mgmt
+  namespace: {{ awx_dev_project }}
+  labels:
+    name: awx-rmq-mgmt
+spec:
+  type: ClusterIP
+  ports:
+    - name: rmqmgmt
+      port: 15672
+      targetPort: 15672
+  selector:
+    name: awx
+---
+apiVersion: v1
+kind: Route
+metadata:
+  name: awx-web-svc
+  namespace: {{ awx_dev_project }}
+spec:
+  port:
+    targetPort: http
+  tls:
+    insecureEdgeTerminationPolicy: Allow
+    termination: edge
+  to:
+    kind: Service
+    name: awx-web-svc
+    weight: 100
+  wildcardPolicy: None
+---
+apiVersion: v1
+kind: Route
+metadata:
+  name: awx-rmq-mgmt
+  namespace: {{ awx_dev_project }}
+spec:
+  port:
+    targetPort: rmqmgmt
+  tls:
+    insecureEdgeTerminationPolicy: Allow
+    termination: edge
+  to:
+    kind: Service
+    name: rabbitmq
+    weight: 100
+  wildcardPolicy: None
diff --git a/tools/clusterdevel/roles/minishift/templates/serviceacct.yml.j2 b/tools/clusterdevel/roles/minishift/templates/serviceacct.yml.j2
index 7e335dd788..fd6fe9c9c0 100644
--- a/tools/clusterdevel/roles/minishift/templates/serviceacct.yml.j2
+++ b/tools/clusterdevel/roles/minishift/templates/serviceacct.yml.j2
@@ -4,3 +4,28 @@ kind: ServiceAccount
 metadata:
   name: awx
   namespace: {{ awx_dev_project }}
+---
+kind: Role
+apiVersion: v1
+metadata:
+  name: endpoint-reader
+  namespace: {{ awx_dev_project }}
+rules:
+  - apiGroups: [""]
+    resources: ["endpoints"]
+    verbs: ["get"]
+---
+kind: RoleBinding
+apiVersion: v1
+metadata:
+  name: endpoint-reader
+  namespace: {{ awx_dev_project }}
+roleRef:
+  name: endpoint-reader
+  namespace: {{ awx_dev_project }}
+subjects:
+  - kind: ServiceAccount
+    name: awx
+    namespace: {{ awx_dev_project }}
+userNames:
+  - system:serviceaccount:{{ awx_dev_project }}:awx

From 7d245661200e96b211a931651f2c460981df045e Mon Sep 17 00:00:00 2001
From: chris meyers <chris.meyers.fsu@gmail.com>
Date: Fri, 20 Jul 2018 11:47:38 -0400
Subject: [PATCH 3/3] more robustness

---
 .../roles/minishift/tasks/main.yml            | 77 ++++++++++++++-----
 1 file changed, 57 insertions(+), 20 deletions(-)

diff --git a/tools/clusterdevel/roles/minishift/tasks/main.yml b/tools/clusterdevel/roles/minishift/tasks/main.yml
index 70bca9b3c5..0ad4d33ef2 100644
--- a/tools/clusterdevel/roles/minishift/tasks/main.yml
+++ b/tools/clusterdevel/roles/minishift/tasks/main.yml
@@ -1,34 +1,70 @@
 ---
-- name: Apply admin user addon
-  shell: minishift addon apply admin-user
+- name: Get status of minishift
+  shell: minishift status
+  register: minishift_status
+
+- name: Echo minishift status so if verification fails we can see the results
+  debug:
+    var: minishift_status.stdout
+
+- name: Verify status of minishift
+  assert:
+    that:
+      - "'Minishift:  Running' == minishift_status.stdout_lines[0]"
+      - "'OpenShift:  Running' in minishift_status.stdout_lines[2]"
+
+- name: Get minishift ip
+  shell: minishift ip
+  register: minishift_ip
+
+- name: Get minishift oc location
+  shell: minishift oc-env
+  register: minishift_oc_env
+
+- name: Extract minishift binary path
+  set_fact:
+    minishift_oc_bin: "{{ minishift_oc_env.stdout_lines[0] | regex_replace('export PATH=\\\"(.*):\\$PATH\\\"', '\\1') }}/oc"
+
+- name: Dynamically found oc binary to be at
+  debug:
+    msg: "oc path: {{ minishift_oc_bin }}"
+
+- name: Login as admin
+  shell: "{{ minishift_oc_bin }} login {{ minishift_ip.stdout }}:8443 -u system:admin"
+
+- name: Create privileged user service account awx
+  shell: "{{ minishift_oc_bin }} adm policy add-scc-to-user privileged system:serviceaccount:{{ awx_dev_project }}:awx"
+
+- name: Authenticate with OpenShift via token
+  shell: "{{ minishift_oc_bin }} login {{ minishift_ip.stdout }}:8443 -u admin -p admin"
+
+- name: Unattach AWX dev tree volume locally
+  shell: "minishift hostfolder remove awx || true"
 
 - name: Attach AWX dev tree volume locally
-  shell:  "minishift hostfolder add -t sshfs --source {{ devtree_directory }} --target /mnt/sda1/awx awx"
-  register: hostfolderadd
-  ignore_errors: yes
+  shell: "minishift hostfolder add -t sshfs --source {{ devtree_directory }} --target /mnt/sda1/awx awx"
 
-- name: Fail if hostfolder add issue was something other than already attached
-  fail: msg="There was an issue attaching hostfolder '{{ hostfolderadd.stdout }}' '{{ hostfolderadd.stderr }}'"
-  when: hostfolderadd.rc != 0 and "there is already a host folder" not in hostfolderadd.stderr
+- name: Unmount AWX dev volume
+  shell: "minishift hostfolder umount awx || true"
 
 - name: Mount AWX dev volume
   shell: minishift hostfolder mount awx
 
 - name: Authenticate with OpenShift via token
-  shell: "oc login -u admin -p admin"
+  shell: "{{ minishift_oc_bin }} login -u admin -p admin"
 
 - name: Get Project Detail
-  shell: "oc get project {{ awx_dev_project }}"
+  shell: "{{ minishift_oc_bin }} get project {{ awx_dev_project }}"
   register: project_details
   ignore_errors: yes
 
 - name: Get Postgres Service Detail
-  shell: "oc describe svc postgresql -n {{ awx_dev_project }}"
+  shell: "{{ minishift_oc_bin }} describe svc postgresql -n {{ awx_dev_project }}"
   register: postgres_svc_details
   ignore_errors: yes
 
 - name: Create AWX Openshift Project
-  shell: "oc new-project {{ awx_dev_project }}"
+  shell: "{{ minishift_oc_bin }} new-project {{ awx_dev_project }}"
   when: project_details.rc != 0
 
 - name: Stage serviceacct.yml
@@ -37,7 +73,7 @@
     dest: /tmp/serviceacct.yml
 
 - name: Apply svc account
-  shell: "oc apply -f /tmp/serviceacct.yml ; rm -rf /tmp/serviceaccount.yml"
+  shell: "{{ minishift_oc_bin }} apply -f /tmp/serviceacct.yml ; rm -rf /tmp/serviceaccount.yml"
 
 - name: Stage hostfolderpvc.yml
   template:
@@ -45,7 +81,7 @@
     dest: /tmp/hostfolderpvc.yml
 
 - name: Create PV for host folder
-  shell: "oc apply -f /tmp/hostfolderpvc.yml ; rm -rf /tmp/hostfolderpvc.yml"
+  shell: "{{ minishift_oc_bin }} apply -f /tmp/hostfolderpvc.yml ; rm -rf /tmp/hostfolderpvc.yml"
 
 - name: Stage volumeclaim.yml
   template:
@@ -55,11 +91,8 @@
 - name: Create PV for host folder
   shell: "oc apply -f /tmp/volumeclaim.yml ; rm -rf /tmp/volumeclaim.yml"
 
-- name: Create privileged user service account awx
-  shell: "oc adm policy add-scc-to-user privileged system:serviceaccount:{{ awx_dev_project }}:awx"
-
 - name: Deploy and Activate Postgres
-  shell: "oc new-app --template=postgresql-persistent -e MEMORY_LIMIT={{ pg_memory_limit|default('512') }}Mi -e NAMESPACE=openshift -e DATABASE_SERVICE_NAME=postgresql  -e POSTGRESQL_USER={{ pg_username|default('awx') }} -e POSTGRESQL_PASSWORD={{ pg_password|default('awx') }} -e POSTGRESQL_DATABASE={{ pg_database|default('awx') }} -e VOLUME_CAPACITY={{ pg_volume_capacity|default('5')}}Gi -e POSTGRESQL_VERSION=9.5 -n {{ awx_dev_project }}"
+  shell: "{{ minishift_oc_bin }} new-app --template=postgresql-persistent -e MEMORY_LIMIT={{ pg_memory_limit|default('512') }}Mi -e NAMESPACE=openshift -e DATABASE_SERVICE_NAME=postgresql  -e POSTGRESQL_USER={{ pg_username|default('awx') }} -e POSTGRESQL_PASSWORD={{ pg_password|default('awx') }} -e POSTGRESQL_DATABASE={{ pg_database|default('awx') }} -e VOLUME_CAPACITY={{ pg_volume_capacity|default('5')}}Gi -e POSTGRESQL_VERSION=9.5 -n {{ awx_dev_project }}"
   when: postgres_svc_details is defined and postgres_svc_details.rc != 0
   register: openshift_pg_activate
 
@@ -74,7 +107,7 @@
     dest: "/tmp/configmap.yml"
 
 - name: Create configmap
-  shell: "oc apply -f /tmp/configmap.yml ; rm -rf /tmp/configmap.yml"
+  shell: "{{ minishift_oc_bin }} apply -f /tmp/configmap.yml ; rm -rf /tmp/configmap.yml"
 
 - name: Template deployment
   template:
@@ -82,4 +115,8 @@
     dest: "/tmp/hostdev.yml"
 
 - name: Create deployment
-  shell: "oc apply -f /tmp/hostdev.yml ; rm -rf /tmp/hostdev.yml"
+  shell: "{{ minishift_oc_bin }} apply -f /tmp/hostdev.yml ; rm -rf /tmp/hostdev.yml"
+
+- name: Please login
+  debug:
+    msg: "Login at https://{{ minishift_ip.stdout }}:8443 with admin / admin"