From 40d7751fbdde7bcd68042d4528e6df1afe9cb3d2 Mon Sep 17 00:00:00 2001 From: Shane McDonald Date: Mon, 16 Apr 2018 17:56:06 -0400 Subject: [PATCH] Remove image push logic from installer roles MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I’m going to be reusing this code on the Tower side, and I’m trying to refactor some of the AWX specific bits out. There will probably be more to come, but this is a good start. --- installer/install.yml | 1 + installer/roles/image_build/tasks/main.yml | 14 +++++-- .../image_build/templates/Dockerfile.task.j2 | 2 +- installer/roles/image_push/tasks/main.yml | 35 +++++++++++----- installer/roles/kubernetes/defaults/main.yml | 11 +++-- installer/roles/kubernetes/tasks/main.yml | 41 ++++++------------- .../kubernetes/templates/deployment.yml.j2 | 8 ++-- .../roles/local_docker/tasks/set_image.yml | 39 ++++++------------ 8 files changed, 74 insertions(+), 77 deletions(-) diff --git a/installer/install.yml b/installer/install.yml index 88c5734dde..90a8dc911c 100644 --- a/installer/install.yml +++ b/installer/install.yml @@ -5,5 +5,6 @@ roles: - { role: check_vars } - { role: image_build, when: "dockerhub_base is not defined" } + - { role: image_push, when: "docker_registry is defined and dockerhub_base is not defined" } - { role: kubernetes, when: "openshift_host is defined or kubernetes_context is defined" } - { role: local_docker, when: "openshift_host is not defined and kubernetes_context is not defined" } diff --git a/installer/roles/image_build/tasks/main.yml b/installer/roles/image_build/tasks/main.yml index 182a3fe257..401281a877 100644 --- a/installer/roles/image_build/tasks/main.yml +++ b/installer/roles/image_build/tasks/main.yml @@ -89,11 +89,11 @@ - name: Set awx_web image name set_fact: - awx_web_image: "{{ awx_web_image|default('awx_web') }}" + web_image: "{{ web_image|default('awx_web') }}" - name: Set awx_task image name set_fact: - awx_task_image: "{{ awx_task_image|default('awx_task') }}" + task_image: "{{ task_image|default('awx_task') }}" - name: Ensure directory exists file: @@ -195,7 +195,7 @@ no_proxy: "{{ no_proxy | default('') }}" path: "{{ docker_base_path }}" dockerfile: Dockerfile - name: "{{ awx_web_image }}" + name: "{{ web_image }}" tag: "{{ awx_version }}" delegate_to: localhost @@ -207,11 +207,17 @@ no_proxy: "{{ no_proxy | default('') }}" path: "{{ docker_base_path }}" dockerfile: Dockerfile.task - name: "{{ awx_task_image }}" + name: "{{ task_image }}" tag: "{{ awx_version }}" pull: no delegate_to: localhost +- name: Tag task and web images as latest + command: "docker tag {{ item }}:{{ awx_version }} {{ item }}:latest" + with_items: + - "{{ task_image }}" + - "{{ web_image }}" + - name: Clean docker base directory file: path: "{{ docker_base_path }}" diff --git a/installer/roles/image_build/templates/Dockerfile.task.j2 b/installer/roles/image_build/templates/Dockerfile.task.j2 index b72160cb68..6e3bf4e3f0 100644 --- a/installer/roles/image_build/templates/Dockerfile.task.j2 +++ b/installer/roles/image_build/templates/Dockerfile.task.j2 @@ -1,4 +1,4 @@ -FROM {{ awx_web_image }}:{{ awx_version }} +FROM {{ web_image }}:{{ awx_version }} USER 0 RUN sudo yum -y remove nginx USER 1000 diff --git a/installer/roles/image_push/tasks/main.yml b/installer/roles/image_push/tasks/main.yml index a81bdf6644..9e3c76f0ca 100644 --- a/installer/roles/image_push/tasks/main.yml +++ b/installer/roles/image_push/tasks/main.yml @@ -1,4 +1,13 @@ --- +- name: Authenticate with Docker registry if registry password given + docker_login: + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + reauthorize: yes + when: docker_registry is defined and docker_registry_password is defined + delegate_to: localhost + - name: Remove local images to ensure proper push behavior # TODO: this code will not be necessary if and when docker_image can be configured to push if the image # Already exists locally @@ -6,13 +15,13 @@ block: - name: Remove web image docker_image: - name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" + name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}" tag: "{{ awx_version }}" state: absent - name: Remove task image docker_image: - name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" + name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}" tag: "{{ awx_version }}" state: absent delegate_to: localhost @@ -22,22 +31,28 @@ block: - name: Tag and push web image to registry docker_image: - name: "{{ awx_web_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" - tag: "{{ awx_version }}" + name: "{{ web_image }}" + repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}" + tag: "{{ item }}" push: yes + with_items: + - "latest" + - "{{ awx_version }}" - name: Tag and push task image to registry docker_image: - name: "{{ awx_task_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" - tag: "{{ awx_version }}" + name: "{{ task_image }}" + repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}" + tag: "{{ item }}" push: yes + with_items: + - "latest" + - "{{ awx_version }}" delegate_to: localhost - name: Set full image path for Registry set_fact: awx_web_docker_actual_image: >- - {{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}:{{ awx_version }} + {{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}:{{ awx_version }} awx_task_docker_actual_image: >- - {{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}:{{ awx_version }} + {{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}:{{ awx_version }} diff --git a/installer/roles/kubernetes/defaults/main.yml b/installer/roles/kubernetes/defaults/main.yml index 85dbcdaef6..a5fd1d82bb 100644 --- a/installer/roles/kubernetes/defaults/main.yml +++ b/installer/roles/kubernetes/defaults/main.yml @@ -1,4 +1,7 @@ --- +dockerhub_web_image: "{{ dockerhub_base | default('ansible') }}/awx_web:{{ dockerhub_version | default('latest') }}" +dockerhub_task_image: "{{ dockerhub_base | default('ansible') }}/awx_task:{{ dockerhub_version | default('latest') }}" + web_mem_request: 1 web_cpu_request: 500 @@ -11,11 +14,11 @@ rabbitmq_cpu_request: 500 memcached_mem_request: 1 memcached_cpu_request: 500 -rabbitmq_version: "3.7.4" -rabbitmq_image: "ansible/awx_rabbitmq:{{ rabbitmq_version }}" +kubernetes_rabbitmq_version: "3.7.4" +kubernetes_rabbitmq_image: "ansible/awx_rabbitmq" -memcached_version: "latest" -memcached_image: "memcached:{{ memcached_version }}" +kubernetes_memcached_version: "latest" +kubernetes_memcached_image: "memcached" openshift_pg_emptydir: no openshift_pg_pvc_name: postgresql diff --git a/installer/roles/kubernetes/tasks/main.yml b/installer/roles/kubernetes/tasks/main.yml index a362c092b5..09ffc7fad8 100644 --- a/installer/roles/kubernetes/tasks/main.yml +++ b/installer/roles/kubernetes/tasks/main.yml @@ -23,34 +23,6 @@ ignore_errors: yes when: "pg_hostname is not defined or pg_hostname == ''" -- name: Manage AWX Container Images - include_role: - name: image_push - when: dockerhub_base is not defined - -- name: Set image names - block: - - name: Enable image stream lookups for awx images - shell: "{{ openshift_oc_bin }} set image-lookup --all -n {{ kubernetes_namespace }}" - when: openshift_host is defined - - - name: Set full web image path - set_fact: - web_kubernetes_image: "{{ web_image }}:{{ version }}" - when: web_kubernetes_image is not defined - - - name: Set full task image path - set_fact: - task_kubernetes_image: "{{ task_image }}:{{ version }}" - when: task_kubernetes_image is not defined - when: dockerhub_base is not defined - -- name: Set DockerHub Image Paths - set_fact: - web_kubernetes_image: "{{ dockerhub_base }}/awx_web:{{ dockerhub_version }}" - task_kubernetes_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}" - when: dockerhub_base is defined - - name: Deploy PostgreSQL (OpenShift) block: - name: Template PostgreSQL Deployment @@ -113,6 +85,19 @@ dest: "{{ kubernetes_base_path }}/configmap.yml" mode: '0600' +- name: Set image names if using custom registry + block: + - name: Set task image name + set_fact: + kubernetes_task_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}" + when: kubernetes_task_image is not defined + + - name: Set web image name + set_fact: + kubernetes_web_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}" + when: kubernetes_web_image is not defined + when: docker_registry is defined + - name: Template Kubernetes AWX Deployment template: src: deployment.yml.j2 diff --git a/installer/roles/kubernetes/templates/deployment.yml.j2 b/installer/roles/kubernetes/templates/deployment.yml.j2 index b9c3f95101..569f2cdc4b 100644 --- a/installer/roles/kubernetes/templates/deployment.yml.j2 +++ b/installer/roles/kubernetes/templates/deployment.yml.j2 @@ -131,7 +131,7 @@ spec: serviceAccountName: rabbitmq containers: - name: {{ kubernetes_deployment_name }}-web - image: {{ web_kubernetes_image }} + image: {{ kubernetes_web_image | default(dockerhub_web_image) }} imagePullPolicy: Always ports: - containerPort: 8052 @@ -143,7 +143,7 @@ spec: memory: "{{ web_mem_request }}Gi" cpu: "{{ web_cpu_request }}m" - name: {{ kubernetes_deployment_name }}-celery - image: {{ task_kubernetes_image }} + image: {{ kubernetes_task_image | default(dockerhub_task_image) }} imagePullPolicy: Always volumeMounts: - mountPath: /etc/tower @@ -172,7 +172,7 @@ spec: memory: "{{ task_mem_request }}Gi" cpu: "{{ task_cpu_request }}m" - name: {{ kubernetes_deployment_name }}-rabbit - image: {{ rabbitmq_image }} + image: "{{ kubernetes_rabbitmq_image }}:{{ kubernetes_rabbitmq_version }}" imagePullPolicy: Always ports: - name: http @@ -212,7 +212,7 @@ spec: memory: "{{ rabbitmq_mem_request }}Gi" cpu: "{{ rabbitmq_cpu_request }}m" - name: {{ kubernetes_deployment_name }}-memcached - image: {{ memcached_image }} + image: "{{ kubernetes_memcached_image }}:{{ kubernetes_memcached_version }}" resources: requests: memory: "{{ memcached_mem_request }}Gi" diff --git a/installer/roles/local_docker/tasks/set_image.yml b/installer/roles/local_docker/tasks/set_image.yml index ac1bc7a079..4442da1617 100644 --- a/installer/roles/local_docker/tasks/set_image.yml +++ b/installer/roles/local_docker/tasks/set_image.yml @@ -3,29 +3,20 @@ block: - name: Export Docker web image if it isnt local and there isnt a registry defined docker_image: - name: "{{ awx_web_image }}" + name: "{{ web_image }}" tag: "{{ awx_version }}" - archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" + archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ web_image }}_{{ awx_version }}.tar" when: inventory_hostname != "localhost" and docker_registry is not defined delegate_to: localhost - name: Export Docker task image if it isnt local and there isnt a registry defined docker_image: - name: "{{ awx_task_image }}" + name: "{{ task_image }}" tag: "{{ awx_version }}" - archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" + archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ task_image }}_{{ awx_version }}.tar" when: inventory_hostname != "localhost" and docker_registry is not defined delegate_to: localhost - - name: Authenticate with Docker registry if registry password given - docker_login: - registry: "{{ docker_registry }}" - username: "{{ docker_registry_username }}" - password: "{{ docker_registry_password }}" - reauthorize: yes - when: docker_registry is defined and docker_registry_password is defined - delegate_to: localhost - - name: Set docker base path set_fact: docker_deploy_base_path: "{{ awx_base_path|default('/tmp') }}/docker_deploy" @@ -39,40 +30,36 @@ - name: Copy web image to docker execution copy: - src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" - dest: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" + src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ web_image }}_{{ awx_version }}.tar" + dest: "{{ docker_deploy_base_path }}/{{ web_image }}_{{ awx_version }}.tar" when: ansible_connection != "local" and docker_registry is not defined - name: Copy task image to docker execution copy: - src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" + src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ task_image }}_{{ awx_version }}.tar" dest: "{{ docker_deploy_base_path }}" when: ansible_connection != "local" and docker_registry is not defined - name: Load web image docker_image: - name: "{{ awx_web_image }}" + name: "{{ web_image }}" tag: "{{ awx_version }}" - load_path: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" + load_path: "{{ docker_deploy_base_path }}/{{ web_image }}_{{ awx_version }}.tar" timeout: 300 when: ansible_connection != "local" and docker_registry is not defined - name: Load task image docker_image: - name: "{{ awx_task_image }}" + name: "{{ task_image }}" tag: "{{ awx_version }}" - load_path: "{{ docker_deploy_base_path }}/{{ awx_task_image }}_{{ awx_version }}.tar" + load_path: "{{ docker_deploy_base_path }}/{{ task_image }}_{{ awx_version }}.tar" timeout: 300 when: ansible_connection != "local" and docker_registry is not defined - - include_role: - name: image_push - when: docker_registry is defined and dockerhub_base is not defined - - name: Set full image path for local install set_fact: - awx_web_docker_actual_image: "{{ awx_web_image }}:{{ awx_version }}" - awx_task_docker_actual_image: "{{ awx_task_image }}:{{ awx_version }}" + awx_web_docker_actual_image: "{{ web_image }}:{{ awx_version }}" + awx_task_docker_actual_image: "{{ task_image }}:{{ awx_version }}" when: docker_registry is not defined when: dockerhub_base is not defined