diff --git a/installer/install.yml b/installer/install.yml index 88c5734dde..90a8dc911c 100644 --- a/installer/install.yml +++ b/installer/install.yml @@ -5,5 +5,6 @@ roles: - { role: check_vars } - { role: image_build, when: "dockerhub_base is not defined" } + - { role: image_push, when: "docker_registry is defined and dockerhub_base is not defined" } - { role: kubernetes, when: "openshift_host is defined or kubernetes_context is defined" } - { role: local_docker, when: "openshift_host is not defined and kubernetes_context is not defined" } diff --git a/installer/roles/image_build/tasks/main.yml b/installer/roles/image_build/tasks/main.yml index 182a3fe257..401281a877 100644 --- a/installer/roles/image_build/tasks/main.yml +++ b/installer/roles/image_build/tasks/main.yml @@ -89,11 +89,11 @@ - name: Set awx_web image name set_fact: - awx_web_image: "{{ awx_web_image|default('awx_web') }}" + web_image: "{{ web_image|default('awx_web') }}" - name: Set awx_task image name set_fact: - awx_task_image: "{{ awx_task_image|default('awx_task') }}" + task_image: "{{ task_image|default('awx_task') }}" - name: Ensure directory exists file: @@ -195,7 +195,7 @@ no_proxy: "{{ no_proxy | default('') }}" path: "{{ docker_base_path }}" dockerfile: Dockerfile - name: "{{ awx_web_image }}" + name: "{{ web_image }}" tag: "{{ awx_version }}" delegate_to: localhost @@ -207,11 +207,17 @@ no_proxy: "{{ no_proxy | default('') }}" path: "{{ docker_base_path }}" dockerfile: Dockerfile.task - name: "{{ awx_task_image }}" + name: "{{ task_image }}" tag: "{{ awx_version }}" pull: no delegate_to: localhost +- name: Tag task and web images as latest + command: "docker tag {{ item }}:{{ awx_version }} {{ item }}:latest" + with_items: + - "{{ task_image }}" + - "{{ web_image }}" + - name: Clean docker base directory file: path: "{{ docker_base_path }}" diff --git a/installer/roles/image_build/templates/Dockerfile.task.j2 b/installer/roles/image_build/templates/Dockerfile.task.j2 index b72160cb68..6e3bf4e3f0 100644 --- a/installer/roles/image_build/templates/Dockerfile.task.j2 +++ b/installer/roles/image_build/templates/Dockerfile.task.j2 @@ -1,4 +1,4 @@ -FROM {{ awx_web_image }}:{{ awx_version }} +FROM {{ web_image }}:{{ awx_version }} USER 0 RUN sudo yum -y remove nginx USER 1000 diff --git a/installer/roles/image_push/tasks/main.yml b/installer/roles/image_push/tasks/main.yml index a81bdf6644..9e3c76f0ca 100644 --- a/installer/roles/image_push/tasks/main.yml +++ b/installer/roles/image_push/tasks/main.yml @@ -1,4 +1,13 @@ --- +- name: Authenticate with Docker registry if registry password given + docker_login: + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + reauthorize: yes + when: docker_registry is defined and docker_registry_password is defined + delegate_to: localhost + - name: Remove local images to ensure proper push behavior # TODO: this code will not be necessary if and when docker_image can be configured to push if the image # Already exists locally @@ -6,13 +15,13 @@ block: - name: Remove web image docker_image: - name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" + name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}" tag: "{{ awx_version }}" state: absent - name: Remove task image docker_image: - name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" + name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}" tag: "{{ awx_version }}" state: absent delegate_to: localhost @@ -22,22 +31,28 @@ block: - name: Tag and push web image to registry docker_image: - name: "{{ awx_web_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" - tag: "{{ awx_version }}" + name: "{{ web_image }}" + repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}" + tag: "{{ item }}" push: yes + with_items: + - "latest" + - "{{ awx_version }}" - name: Tag and push task image to registry docker_image: - name: "{{ awx_task_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" - tag: "{{ awx_version }}" + name: "{{ task_image }}" + repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}" + tag: "{{ item }}" push: yes + with_items: + - "latest" + - "{{ awx_version }}" delegate_to: localhost - name: Set full image path for Registry set_fact: awx_web_docker_actual_image: >- - {{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}:{{ awx_version }} + {{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}:{{ awx_version }} awx_task_docker_actual_image: >- - {{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}:{{ awx_version }} + {{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}:{{ awx_version }} diff --git a/installer/roles/kubernetes/defaults/main.yml b/installer/roles/kubernetes/defaults/main.yml index 85dbcdaef6..a5fd1d82bb 100644 --- a/installer/roles/kubernetes/defaults/main.yml +++ b/installer/roles/kubernetes/defaults/main.yml @@ -1,4 +1,7 @@ --- +dockerhub_web_image: "{{ dockerhub_base | default('ansible') }}/awx_web:{{ dockerhub_version | default('latest') }}" +dockerhub_task_image: "{{ dockerhub_base | default('ansible') }}/awx_task:{{ dockerhub_version | default('latest') }}" + web_mem_request: 1 web_cpu_request: 500 @@ -11,11 +14,11 @@ rabbitmq_cpu_request: 500 memcached_mem_request: 1 memcached_cpu_request: 500 -rabbitmq_version: "3.7.4" -rabbitmq_image: "ansible/awx_rabbitmq:{{ rabbitmq_version }}" +kubernetes_rabbitmq_version: "3.7.4" +kubernetes_rabbitmq_image: "ansible/awx_rabbitmq" -memcached_version: "latest" -memcached_image: "memcached:{{ memcached_version }}" +kubernetes_memcached_version: "latest" +kubernetes_memcached_image: "memcached" openshift_pg_emptydir: no openshift_pg_pvc_name: postgresql diff --git a/installer/roles/kubernetes/tasks/main.yml b/installer/roles/kubernetes/tasks/main.yml index a362c092b5..09ffc7fad8 100644 --- a/installer/roles/kubernetes/tasks/main.yml +++ b/installer/roles/kubernetes/tasks/main.yml @@ -23,34 +23,6 @@ ignore_errors: yes when: "pg_hostname is not defined or pg_hostname == ''" -- name: Manage AWX Container Images - include_role: - name: image_push - when: dockerhub_base is not defined - -- name: Set image names - block: - - name: Enable image stream lookups for awx images - shell: "{{ openshift_oc_bin }} set image-lookup --all -n {{ kubernetes_namespace }}" - when: openshift_host is defined - - - name: Set full web image path - set_fact: - web_kubernetes_image: "{{ web_image }}:{{ version }}" - when: web_kubernetes_image is not defined - - - name: Set full task image path - set_fact: - task_kubernetes_image: "{{ task_image }}:{{ version }}" - when: task_kubernetes_image is not defined - when: dockerhub_base is not defined - -- name: Set DockerHub Image Paths - set_fact: - web_kubernetes_image: "{{ dockerhub_base }}/awx_web:{{ dockerhub_version }}" - task_kubernetes_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}" - when: dockerhub_base is defined - - name: Deploy PostgreSQL (OpenShift) block: - name: Template PostgreSQL Deployment @@ -113,6 +85,19 @@ dest: "{{ kubernetes_base_path }}/configmap.yml" mode: '0600' +- name: Set image names if using custom registry + block: + - name: Set task image name + set_fact: + kubernetes_task_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}" + when: kubernetes_task_image is not defined + + - name: Set web image name + set_fact: + kubernetes_web_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}" + when: kubernetes_web_image is not defined + when: docker_registry is defined + - name: Template Kubernetes AWX Deployment template: src: deployment.yml.j2 diff --git a/installer/roles/kubernetes/templates/deployment.yml.j2 b/installer/roles/kubernetes/templates/deployment.yml.j2 index b9c3f95101..569f2cdc4b 100644 --- a/installer/roles/kubernetes/templates/deployment.yml.j2 +++ b/installer/roles/kubernetes/templates/deployment.yml.j2 @@ -131,7 +131,7 @@ spec: serviceAccountName: rabbitmq containers: - name: {{ kubernetes_deployment_name }}-web - image: {{ web_kubernetes_image }} + image: {{ kubernetes_web_image | default(dockerhub_web_image) }} imagePullPolicy: Always ports: - containerPort: 8052 @@ -143,7 +143,7 @@ spec: memory: "{{ web_mem_request }}Gi" cpu: "{{ web_cpu_request }}m" - name: {{ kubernetes_deployment_name }}-celery - image: {{ task_kubernetes_image }} + image: {{ kubernetes_task_image | default(dockerhub_task_image) }} imagePullPolicy: Always volumeMounts: - mountPath: /etc/tower @@ -172,7 +172,7 @@ spec: memory: "{{ task_mem_request }}Gi" cpu: "{{ task_cpu_request }}m" - name: {{ kubernetes_deployment_name }}-rabbit - image: {{ rabbitmq_image }} + image: "{{ kubernetes_rabbitmq_image }}:{{ kubernetes_rabbitmq_version }}" imagePullPolicy: Always ports: - name: http @@ -212,7 +212,7 @@ spec: memory: "{{ rabbitmq_mem_request }}Gi" cpu: "{{ rabbitmq_cpu_request }}m" - name: {{ kubernetes_deployment_name }}-memcached - image: {{ memcached_image }} + image: "{{ kubernetes_memcached_image }}:{{ kubernetes_memcached_version }}" resources: requests: memory: "{{ memcached_mem_request }}Gi" diff --git a/installer/roles/local_docker/tasks/set_image.yml b/installer/roles/local_docker/tasks/set_image.yml index ac1bc7a079..4442da1617 100644 --- a/installer/roles/local_docker/tasks/set_image.yml +++ b/installer/roles/local_docker/tasks/set_image.yml @@ -3,29 +3,20 @@ block: - name: Export Docker web image if it isnt local and there isnt a registry defined docker_image: - name: "{{ awx_web_image }}" + name: "{{ web_image }}" tag: "{{ awx_version }}" - archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" + archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ web_image }}_{{ awx_version }}.tar" when: inventory_hostname != "localhost" and docker_registry is not defined delegate_to: localhost - name: Export Docker task image if it isnt local and there isnt a registry defined docker_image: - name: "{{ awx_task_image }}" + name: "{{ task_image }}" tag: "{{ awx_version }}" - archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" + archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ task_image }}_{{ awx_version }}.tar" when: inventory_hostname != "localhost" and docker_registry is not defined delegate_to: localhost - - name: Authenticate with Docker registry if registry password given - docker_login: - registry: "{{ docker_registry }}" - username: "{{ docker_registry_username }}" - password: "{{ docker_registry_password }}" - reauthorize: yes - when: docker_registry is defined and docker_registry_password is defined - delegate_to: localhost - - name: Set docker base path set_fact: docker_deploy_base_path: "{{ awx_base_path|default('/tmp') }}/docker_deploy" @@ -39,40 +30,36 @@ - name: Copy web image to docker execution copy: - src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" - dest: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" + src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ web_image }}_{{ awx_version }}.tar" + dest: "{{ docker_deploy_base_path }}/{{ web_image }}_{{ awx_version }}.tar" when: ansible_connection != "local" and docker_registry is not defined - name: Copy task image to docker execution copy: - src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" + src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ task_image }}_{{ awx_version }}.tar" dest: "{{ docker_deploy_base_path }}" when: ansible_connection != "local" and docker_registry is not defined - name: Load web image docker_image: - name: "{{ awx_web_image }}" + name: "{{ web_image }}" tag: "{{ awx_version }}" - load_path: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" + load_path: "{{ docker_deploy_base_path }}/{{ web_image }}_{{ awx_version }}.tar" timeout: 300 when: ansible_connection != "local" and docker_registry is not defined - name: Load task image docker_image: - name: "{{ awx_task_image }}" + name: "{{ task_image }}" tag: "{{ awx_version }}" - load_path: "{{ docker_deploy_base_path }}/{{ awx_task_image }}_{{ awx_version }}.tar" + load_path: "{{ docker_deploy_base_path }}/{{ task_image }}_{{ awx_version }}.tar" timeout: 300 when: ansible_connection != "local" and docker_registry is not defined - - include_role: - name: image_push - when: docker_registry is defined and dockerhub_base is not defined - - name: Set full image path for local install set_fact: - awx_web_docker_actual_image: "{{ awx_web_image }}:{{ awx_version }}" - awx_task_docker_actual_image: "{{ awx_task_image }}:{{ awx_version }}" + awx_web_docker_actual_image: "{{ web_image }}:{{ awx_version }}" + awx_task_docker_actual_image: "{{ task_image }}:{{ awx_version }}" when: docker_registry is not defined when: dockerhub_base is not defined