ConfigMap supervisor configs and launch scripts for k8s

2026-01-15 20:00:43 -03:30 · 2020-03-11 16:42:51 -04:00 · 2020-03-11 16:42:51 -04:00 · 346b9b9e3e
commit 346b9b9e3e
parent 99384b1db9
4 changed files with 264 additions and 0 deletions
--- a/installer/roles/kubernetes/tasks/main.yml
+++ b/installer/roles/kubernetes/tasks/main.yml
@ -212,6 +212,8 @@
    - 'configmap'
    - 'secret'
    - 'deployment'
+    - 'supervisor'
+    - 'launch_awx'
  no_log: true

 - name: Apply Deployment
@ -221,6 +223,8 @@
    - "{{ configmap }}"
    - "{{ secret }}"
    - "{{ deployment }}"
+    - "{{ supervisor }}"
+    - "{{ launch_awx }}"
  no_log: true

 - name: Delete any existing management pod
--- a/installer/roles/kubernetes/templates/deployment.yml.j2
+++ b/installer/roles/kubernetes/templates/deployment.yml.j2
@ -121,6 +121,26 @@ spec:
            - name: "{{ kubernetes_deployment_name }}-application-credentials"
              mountPath: "/etc/tower/conf.d/"
              readOnly: true
+              
+            - name: {{ kubernetes_deployment_name }}-launch-awx-web
+              mountPath: "/usr/bin/launch_awx.sh"
+              subPath: "launch_awx.sh"
+              readOnly: true
+
+            - name: {{ kubernetes_deployment_name }}-launch-awx-task
+              mountPath: "/usr/bin/launch_awx_task.sh"
+              subPath: "launch_awx_task.sh"
+              readOnly: true  
+
+            - name: {{ kubernetes_deployment_name }}-supervisor-web-config
+              mountPath: "/supervisor.conf"
+              subPath: supervisor.conf
+              readOnly: true
+
+            - name: {{ kubernetes_deployment_name }}-supervisor-task-config
+              mountPath: "/supervisor_task.conf"
+              subPath: supervisor_task.conf
+              readOnly: true

            - name: {{ kubernetes_deployment_name }}-secret-key
              mountPath: "/etc/tower/SECRET_KEY"
@ -168,6 +188,26 @@ spec:
            - name: "{{ kubernetes_deployment_name }}-application-credentials"
              mountPath: "/etc/tower/conf.d/"
              readOnly: true
+              
+            - name: {{ kubernetes_deployment_name }}-launch-awx-web
+              mountPath: "/usr/bin/launch_awx.sh"
+              subPath: "launch_awx.sh"
+              readOnly: true
+
+            - name: {{ kubernetes_deployment_name }}-launch-awx-task
+              mountPath: "/usr/bin/launch_awx_task.sh"
+              subPath: "launch_awx_task.sh"
+              readOnly: true  
+
+            - name: {{ kubernetes_deployment_name }}-supervisor-web-config
+              mountPath: "/supervisor.conf"
+              subPath: supervisor.conf
+              readOnly: true
+
+            - name: {{ kubernetes_deployment_name }}-supervisor-task-config
+              mountPath: "/supervisor_task.conf"
+              subPath: supervisor_task.conf
+              readOnly: true

            - name: {{ kubernetes_deployment_name }}-secret-key
              mountPath: "/etc/tower/SECRET_KEY"
@ -303,6 +343,37 @@ spec:
                path: 'credentials.py'
              - key: environment_sh
                path: 'environment.sh'
+                
+        - name: {{ kubernetes_deployment_name }}-launch-awx-web
+          configMap:
+            name: {{ kubernetes_deployment_name }}-launch-awx
+            items:
+              - key: launch-awx-web
+                path: 'launch_awx.sh'
+            defaultMode: 0755
+
+        - name: {{ kubernetes_deployment_name }}-launch-awx-task
+          configMap:
+            name: {{ kubernetes_deployment_name }}-launch-awx
+            items:
+              - key: launch-awx-task
+                path: 'launch_awx_task.sh'
+            defaultMode: 0755
+
+        - name: {{ kubernetes_deployment_name }}-supervisor-web-config
+          configMap:
+            name: {{ kubernetes_deployment_name }}-supervisor-config
+            items:
+              - key: supervisor-web-config
+                path: 'supervisor.conf'
+
+        - name: {{ kubernetes_deployment_name }}-supervisor-task-config
+          configMap:
+            name: {{ kubernetes_deployment_name }}-supervisor-config
+            items:
+              - key: supervisor-task-config
+                path: 'supervisor_task.conf'
+

        - name: {{ kubernetes_deployment_name }}-secret-key
          secret:
--- a/installer/roles/kubernetes/templates/launch_awx.yml.j2
+++ b/installer/roles/kubernetes/templates/launch_awx.yml.j2
@ -0,0 +1,59 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ kubernetes_deployment_name }}-launch-awx
+  namespace: {{ kubernetes_namespace }}
+data:
+  launch-awx-task: |
+    #!/usr/bin/env bash
+    if [ `id -u` -ge 500 ]; then
+        echo "awx:x:`id -u`:`id -g`:,,,:/var/lib/awx:/bin/bash" >> /tmp/passwd
+        cat /tmp/passwd > /etc/passwd
+        rm /tmp/passwd
+    fi
+
+    source /etc/tower/conf.d/environment.sh
+
+    ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$DATABASE_HOST port=$DATABASE_PORT" all
+    ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$MEMCACHED_HOST port=11211" all
+    ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$RABBITMQ_HOST port=5672" all
+
+
+    if [ -z "$AWX_SKIP_MIGRATIONS" ]; then
+        awx-manage migrate --noinput
+    fi
+
+    if [ ! -z "$AWX_ADMIN_USER" ]&&[ ! -z "$AWX_ADMIN_PASSWORD" ]; then
+        echo "from django.contrib.auth.models import User; User.objects.create_superuser('$AWX_ADMIN_USER', 'root@localhost', '$AWX_ADMIN_PASSWORD')" | awx-manage shell
+        awx-manage create_preload_data
+    else
+        echo "from django.contrib.auth.models import User; User.objects.create_superuser('admin', 'root@localhost', 'password')" | awx-manage shell
+        awx-manage create_preload_data
+    fi
+    echo 'from django.conf import settings; x = settings.AWX_TASK_ENV; x["HOME"] = "/var/lib/awx"; settings.AWX_TASK_ENV = x' | awx-manage shell
+    awx-manage provision_instance --hostname=$(hostname)
+    awx-manage register_queue --queuename=tower --instance_percent=100
+
+    unset $(cut -d = -f -1 /etc/tower/conf.d/environment.sh)
+
+    supervisord -c /supervisor_task.conf
+
+  launch-awx-web: |
+    #!/usr/bin/env bash
+    if [ `id -u` -ge 500 ]; then
+        echo "awx:x:`id -u`:`id -g`:,,,:/var/lib/awx:/bin/bash" >> /tmp/passwd
+        cat /tmp/passwd > /etc/passwd
+        rm /tmp/passwd
+    fi
+
+    source /etc/tower/conf.d/environment.sh
+
+    ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$DATABASE_HOST port=$DATABASE_PORT" all
+    ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$MEMCACHED_HOST port=11211" all
+    ANSIBLE_REMOTE_TEMP=/tmp ANSIBLE_LOCAL_TEMP=/tmp ansible -i "127.0.0.1," -c local -v -m wait_for -a "host=$RABBITMQ_HOST port=5672" all
+
+    awx-manage collectstatic --noinput --clear
+
+    unset $(cut -d = -f -1 /etc/tower/conf.d/environment.sh)
+
+    supervisord -c /supervisor.conf
--- a/installer/roles/kubernetes/templates/supervisor.yml.j2
+++ b/installer/roles/kubernetes/templates/supervisor.yml.j2
@ -0,0 +1,130 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ kubernetes_deployment_name }}-supervisor-config
+  namespace: {{ kubernetes_namespace }}
+data:
+  supervisor-web-config: |
+    [supervisord]
+    nodaemon = True
+    umask = 022
+
+    [program:nginx]
+    command = nginx -g "daemon off;"
+    autostart = true
+    autorestart = true
+    stopwaitsecs = 5
+    stdout_logfile=/dev/stdout
+    stdout_logfile_maxbytes=0
+    stderr_logfile=/dev/stderr
+    stderr_logfile_maxbytes=0
+
+    [program:uwsgi]
+    command = /var/lib/awx/venv/awx/bin/uwsgi --socket 127.0.0.1:8050 --module=awx.wsgi:application --vacuum --processes=5 --harakiri=120 --no-orphans --master --max-requests=1000 --master-fifo=/var/lib/awx/awxfifo --lazy-apps -b 32768
+    directory = /var/lib/awx
+    autostart = true
+    autorestart = true
+    stopwaitsecs = 15
+    stopsignal = INT
+    stdout_logfile=/dev/stdout
+    stdout_logfile_maxbytes=0
+    stderr_logfile=/dev/stderr
+    stderr_logfile_maxbytes=0
+
+    [program:daphne]
+    command = /var/lib/awx/venv/awx/bin/daphne -b 127.0.0.1 -p 8051 --websocket_timeout -1 awx.asgi:channel_layer
+    directory = /var/lib/awx
+    autostart = true
+    autorestart = true
+    stopwaitsecs = 5
+    stdout_logfile=/dev/stdout
+    stdout_logfile_maxbytes=0
+    stderr_logfile=/dev/stderr
+    stderr_logfile_maxbytes=0
+
+    [group:tower-processes]
+    programs=nginx,uwsgi,daphne
+    priority=5
+
+    # TODO: Exit Handler
+
+    [eventlistener:awx-config-watcher]
+    command=/usr/bin/config-watcher
+    stderr_logfile=/dev/stdout
+    stderr_logfile_maxbytes=0
+    stdout_logfile=/dev/stdout
+    stdout_logfile_maxbytes=0
+    events=TICK_60
+    priority=0
+
+    [unix_http_server]
+    file=/tmp/supervisor.sock
+
+    [supervisorctl]
+    serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL  for a unix socket
+
+    [rpcinterface:supervisor]
+    supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+  supervisor-task-config: |
+    [supervisord]
+    nodaemon = True
+    umask = 022
+
+    [program:dispatcher]
+    command = awx-manage run_dispatcher
+    directory = /var/lib/awx
+    environment = LANGUAGE="en_US.UTF-8",LANG="en_US.UTF-8",LC_ALL="en_US.UTF-8",LC_CTYPE="en_US.UTF-8"
+    autostart = true
+    autorestart = true
+    stopwaitsecs = 5
+    stdout_logfile=/dev/stdout
+    stdout_logfile_maxbytes=0
+    stderr_logfile=/dev/stderr
+    stderr_logfile_maxbytes=0
+
+    [program:callback-receiver]
+    command = awx-manage run_callback_receiver
+    directory = /var/lib/awx
+    autostart = true
+    autorestart = true
+    stopwaitsecs = 5
+    stdout_logfile=/dev/stdout
+    stdout_logfile_maxbytes=0
+    stderr_logfile=/dev/stderr
+    stderr_logfile_maxbytes=0
+
+    [program:channels-worker]
+    command = awx-manage runworker --only-channels websocket.*
+    directory = /var/lib/awx
+    autostart = true
+    autorestart = true
+    stopwaitsecs = 5
+    stdout_logfile=/dev/stdout
+    stdout_logfile_maxbytes=0
+    stderr_logfile=/dev/stderr
+    stderr_logfile_maxbytes=0
+
+    [group:tower-processes]
+    programs=dispatcher,callback-receiver,channels-worker
+    priority=5
+
+    # TODO: Exit Handler
+
+    [eventlistener:awx-config-watcher]
+    command=/usr/bin/config-watcher
+    stderr_logfile=/dev/stdout
+    stderr_logfile_maxbytes=0
+    stdout_logfile=/dev/stdout
+    stdout_logfile_maxbytes=0
+    events=TICK_60
+    priority=0
+
+    [unix_http_server]
+    file=/tmp/supervisor.sock
+
+    [supervisorctl]
+    serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL  for a unix socket
+
+    [rpcinterface:supervisor]
+    supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface