From 98f5dc3fccc70d226e6229b3f6efa22c908db14d Mon Sep 17 00:00:00 2001 From: Shane McDonald Date: Tue, 27 Mar 2018 19:45:59 -0400 Subject: [PATCH] Consolidate OpenShift and Kubernetes roles Signed-off-by: Shane McDonald --- installer/install.yml | 3 +- .../roles/kubernetes/tasks/kubernetes.yml | 16 ++ installer/roles/kubernetes/tasks/main.yml | 100 +++++------ .../roles/kubernetes/tasks/openshift.yml | 44 +++++ .../kubernetes/templates/deployment.yml.j2 | 37 ++++ installer/roles/kubernetes/vars/openshift.yml | 3 + installer/roles/openshift/defaults/main.yml | 12 -- installer/roles/openshift/tasks/main.yml | 145 ---------------- .../openshift/templates/configmap.yml.j2 | 102 ----------- .../openshift/templates/deployment.yml.j2 | 159 ------------------ .../roles/openshift/templates/etcd.yml.j2 | 44 ----- 11 files changed, 144 insertions(+), 521 deletions(-) create mode 100644 installer/roles/kubernetes/tasks/kubernetes.yml create mode 100644 installer/roles/kubernetes/tasks/openshift.yml create mode 100644 installer/roles/kubernetes/vars/openshift.yml delete mode 100644 installer/roles/openshift/defaults/main.yml delete mode 100644 installer/roles/openshift/tasks/main.yml delete mode 100644 installer/roles/openshift/templates/configmap.yml.j2 delete mode 100644 installer/roles/openshift/templates/deployment.yml.j2 delete mode 100644 installer/roles/openshift/templates/etcd.yml.j2 diff --git a/installer/install.yml b/installer/install.yml index 082a1b24c6..88c5734dde 100644 --- a/installer/install.yml +++ b/installer/install.yml @@ -5,6 +5,5 @@ roles: - { role: check_vars } - { role: image_build, when: "dockerhub_base is not defined" } - - { role: openshift, when: "openshift_host is defined" } - - { role: kubernetes, when: "kubernetes_context is defined" } + - { role: kubernetes, when: "openshift_host is defined or kubernetes_context is defined" } - { role: local_docker, when: "openshift_host is not defined and kubernetes_context is not defined" } diff --git a/installer/roles/kubernetes/tasks/kubernetes.yml b/installer/roles/kubernetes/tasks/kubernetes.yml new file mode 100644 index 0000000000..d6fa4f1142 --- /dev/null +++ b/installer/roles/kubernetes/tasks/kubernetes.yml @@ -0,0 +1,16 @@ +- name: Set the Kubernetes Context + shell: "kubectl config set-context {{ kubernetes_context }}" + +- name: Get Namespace Detail + shell: "kubectl get namespace {{ awx_kubernetes_namespace }}" + register: namespace_details + ignore_errors: yes + +- name: Create AWX Kubernetes Project + shell: "kubectl create namespace {{ awx_kubernetes_namespace }}" + when: namespace_details.rc != 0 + +- name: Set postgresql service name + set_fact: + postgresql_service_name: "{{ awx_kubernetes_namespace }}-postgresql" + when: "pg_hostname is not defined or pg_hostname == ''" diff --git a/installer/roles/kubernetes/tasks/main.yml b/installer/roles/kubernetes/tasks/main.yml index 53916f56ba..fbe7362f4c 100644 --- a/installer/roles/kubernetes/tasks/main.yml +++ b/installer/roles/kubernetes/tasks/main.yml @@ -1,59 +1,38 @@ --- -- name: Set the Kubernetes Context - shell: "kubectl config set-context {{ kubernetes_context }}" +- fail: + msg: "Only set one of kubernetes_context or openshift_host" + when: openshift_host is defined and kubernetes_context is defined -- name: Get Namespace Detail - shell: "kubectl get namespace {{ awx_kubernetes_namespace }}" - register: namespace_details - ignore_errors: yes +- name: Set kubernetes base path + set_fact: + kubernetes_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/awx-config" + +- include_tasks: openshift.yml + when: openshift_host is defined + +- include_tasks: kubernetes.yml + when: kubernetes_context is defined + +- name: Use kubectl or oc + set_fact: + kubectl_or_oc: "{{ openshift_oc_bin if openshift_oc_bin is defined else 'kubectl' }}" - name: Get Postgres Service Detail - shell: "kubectl describe svc awx-postgresql -n {{ awx_kubernetes_namespace }}" + shell: "{{ kubectl_or_oc }} describe svc {{ postgresql_service_name }} -n {{ awx_kubernetes_namespace }}" register: postgres_svc_details ignore_errors: yes when: "pg_hostname is not defined or pg_hostname == ''" -- name: Create AWX Kubernetes Project - shell: "kubectl create namespace {{ awx_kubernetes_namespace }}" - when: namespace_details.rc != 0 - -# TODO: This is duplicated in the openshift role, probably needs to be moved to the image_build role - name: Manage AWX Container Images + include_role: + name: image_push + when: dockerhub_base is not defined + +- name: Set image names block: - - name: Authenticate with Docker registry - docker_login: - registry: "{{ docker_registry }}" - username: "{{ docker_registry_username }}" - password: "{{ docker_registry_password }}" - reauthorize: yes - when: docker_registry is defined and docker_registry_password is defined - delegate_to: localhost - - - name: Wait for Openshift - pause: - seconds: 30 - - - name: Tag and push web image to registry - docker_image: - name: "{{ awx_web_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" - tag: "{{ awx_version }}" - push: yes - when: docker_registry is defined - delegate_to: localhost - - - name: Wait for the registry to settle - pause: - seconds: 10 - - - name: Tag and push task image to registry - docker_image: - name: "{{ awx_task_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" - tag: "{{ awx_version }}" - push: yes - when: docker_registry is defined - delegate_to: localhost + - name: Enable image stream lookups for awx images + shell: "{{ openshift_oc_bin }} set image-lookup --all -n {{ awx_kubernetes_namespace }}" + when: openshift_host is defined - name: Set full web image path set_fact: @@ -72,25 +51,32 @@ awx_task_kubernetes_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}" when: dockerhub_base is defined -- name: Deploy and Activate Postgres +- name: Deploy and Activate Postgres (Kubernetes) shell: "helm install --name awx --namespace {{ awx_kubernetes_namespace }} --set postgresUser={{ pg_username }},postgresPassword={{ pg_password }},postgresDatabase={{ pg_database }},persistence.size={{ pg_volume_capacity|default('5')}}Gi stable/postgresql" - when: (pg_hostname is not defined or pg_hostname == '') and (postgres_svc_details is defined and postgres_svc_details.rc != 0) + when: + - (pg_hostname is not defined or pg_hostname == '') and (postgres_svc_details is defined and postgres_svc_details.rc != 0) + - kubernetes_context is defined register: kubernetes_pg_activate +- name: Deploy and Activate Postgres (OpenShift) + shell: "{{ openshift_oc_bin }} new-app --template=postgresql-persistent -e MEMORY_LIMIT={{ pg_memory_limit|default('512') }}Mi -e NAMESPACE=openshift -e DATABASE_SERVICE_NAME=postgresql -e POSTGRESQL_USER={{ pg_username }} -e POSTGRESQL_PASSWORD={{ pg_password }} -e POSTGRESQL_DATABASE={{ pg_database }} -e VOLUME_CAPACITY={{ pg_volume_capacity|default('5')}}Gi -e POSTGRESQL_VERSION=9.5 -n {{ awx_openshift_project }}" + when: + - (pg_hostname is not defined or pg_hostname == '') and (postgres_svc_details is defined and postgres_svc_details.rc != 0) + - openshift_host is defined + register: openshift_pg_activate + - name: Set postgresql hostname to helm package service set_fact: pg_hostname: awx-postgresql - when: pg_hostname is not defined or pg_hostname == '' + when: + - pg_hostname is not defined or pg_hostname == '' + - kubernetes_context is defined - name: Wait for Postgres to activate pause: seconds: 60 when: kubernetes_pg_activate|changed -- name: Set kubernetes base path - set_fact: - kubernetes_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/awx-config" - - name: Ensure directory exists file: path: "{{ kubernetes_base_path }}" @@ -115,10 +101,10 @@ mode: '0600' - name: Apply etcd deployment - shell: "kubectl apply -f {{ kubernetes_base_path }}/etcd.yml" - + shell: "{{ kubectl_or_oc }} apply -f {{ kubernetes_base_path }}/etcd.yml" + - name: Apply Configmap - shell: "kubectl apply -f {{ kubernetes_base_path }}/configmap.yml" + shell: "{{ kubectl_or_oc }} apply -f {{ kubernetes_base_path }}/configmap.yml" - name: Apply Deployment - shell: "kubectl apply -f {{ kubernetes_base_path }}/deployment.yml" + shell: "{{ kubectl_or_oc }} apply -f {{ kubernetes_base_path }}/deployment.yml" diff --git a/installer/roles/kubernetes/tasks/openshift.yml b/installer/roles/kubernetes/tasks/openshift.yml new file mode 100644 index 0000000000..d9c5627886 --- /dev/null +++ b/installer/roles/kubernetes/tasks/openshift.yml @@ -0,0 +1,44 @@ +--- +- include_vars: openshift.yml + +- name: Ensure workspace directories exist + file: + path: "{{ item }}" + state: directory + with_items: + - "{{ kubernetes_base_path }}" + - "{{ openshift_oc_config_file | dirname }}" + +- name: Authenticate with OpenShift via user and password + shell: | + {{ openshift_oc_bin }} login {{ openshift_host }} \ + -u {{ openshift_user }} \ + -p {{ openshift_password }} \ + --insecure-skip-tls-verify={{ openshift_skip_tls_verify | default(false) | bool }} + when: + - openshift_user is defined + - openshift_password is defined + - openshift_token is not defined + no_log: true + +- name: Authenticate with OpenShift via token + shell: | + {{ openshift_oc_bin }} login {{ openshift_host }} \ + --token {{ openshift_token }} \ + --insecure-skip-tls-verify={{ openshift_skip_tls_verify | default(false) | bool }} + when: openshift_token is defined + no_log: true + +- name: Set postgresql service name + set_fact: + postgresql_service_name: "postgresql" + when: "pg_hostname is not defined or pg_hostname == ''" + +- name: Get Project Detail + shell: "{{ openshift_oc_bin }} get project {{ awx_openshift_project }}" + register: project_details + ignore_errors: yes + +- name: Create AWX Openshift Project + shell: "{{ openshift_oc_bin }} new-project {{ awx_openshift_project }}" + when: project_details.rc != 0 diff --git a/installer/roles/kubernetes/templates/deployment.yml.j2 b/installer/roles/kubernetes/templates/deployment.yml.j2 index 503bfd2e43..c58b3f415a 100644 --- a/installer/roles/kubernetes/templates/deployment.yml.j2 +++ b/installer/roles/kubernetes/templates/deployment.yml.j2 @@ -127,6 +127,23 @@ spec: selector: name: awx-web-deploy --- +apiVersion: v1 +kind: Service +metadata: + name: awx-rmq-mgmt + namespace: {{ awx_kubernetes_namespace }} + labels: + name: awx-rmq-mgmt +spec: + type: ClusterIP + ports: + - name: rmqmgmt + port: 15672 + targetPort: 15672 + selector: + name: awx-web-deploy +{% if kubernetes_context is defined %} +--- apiVersion: extensions/v1beta1 kind: Ingress metadata: @@ -136,3 +153,23 @@ spec: backend: serviceName: awx-web-svc servicePort: 80 +{% endif %} +{% if openshift_host is defined %} +--- +apiVersion: v1 +kind: Route +metadata: + name: awx-web-svc + namespace: {{ awx_kubernetes_namespace }} +spec: + port: + targetPort: http + tls: + insecureEdgeTerminationPolicy: Allow + termination: edge + to: + kind: Service + name: awx-web-svc + weight: 100 + wildcardPolicy: None +{% endif %} diff --git a/installer/roles/kubernetes/vars/openshift.yml b/installer/roles/kubernetes/vars/openshift.yml new file mode 100644 index 0000000000..95f3d01eb8 --- /dev/null +++ b/installer/roles/kubernetes/vars/openshift.yml @@ -0,0 +1,3 @@ +--- +openshift_oc_config_file: "{{ kubernetes_base_path }}/.kube/config" +openshift_oc_bin: "oc --config={{ openshift_oc_config_file }}" diff --git a/installer/roles/openshift/defaults/main.yml b/installer/roles/openshift/defaults/main.yml deleted file mode 100644 index 0cd687fb96..0000000000 --- a/installer/roles/openshift/defaults/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -awx_web_mem_request: 1 -awx_web_cpu_request: 500 - -awx_task_mem_request: 2 -awx_task_cpu_request: 1500 - -awx_rabbitmq_mem_request: 2 -awx_rabbitmq_cpu_request: 500 - -awx_memcached_mem_request: 1 -awx_memcached_cpu_request: 500 diff --git a/installer/roles/openshift/tasks/main.yml b/installer/roles/openshift/tasks/main.yml deleted file mode 100644 index bb70b9a6e5..0000000000 --- a/installer/roles/openshift/tasks/main.yml +++ /dev/null @@ -1,145 +0,0 @@ ---- -- name: Authenticate with OpenShift via user and password - shell: "oc login {{ openshift_host }} -u {{ openshift_user }} -p {{ openshift_password }}" - when: - - openshift_user is defined - - openshift_password is defined - - openshift_token is not defined - -- name: Authenticate with OpenShift via token - shell: "oc login {{ openshift_host }} --token {{ openshift_token }}" - when: openshift_token is defined - -- name: Get Project Detail - shell: "oc get project {{ awx_openshift_project }}" - register: project_details - ignore_errors: yes - -- name: Get Postgres Service Detail - shell: "oc describe svc postgresql -n {{ awx_openshift_project }}" - register: postgres_svc_details - ignore_errors: yes - when: "pg_hostname is not defined or pg_hostname == ''" - -- name: Create AWX Openshift Project - shell: "oc new-project {{ awx_openshift_project }}" - when: project_details.rc != 0 - -# This might could/should be optional based on certain circumstances -- name: Mark Openshift User as Admin - shell: "oc adm policy add-role-to-user admin {{ openshift_user }} -n {{ awx_openshift_project }}" - -# TODO: This is duplicated in the kubernetes role, probably needs to be moved to the image_build role -- name: Manage AWX Container Images - block: - - name: Get docker registry password from oc if needed - block: - - name: Set docker registry password - shell: oc whoami -t - register: docker_registry_password_shell - - name: Set docker registry password - set_fact: - docker_registry_password: "{{ docker_registry_password_shell.stdout }}" - when: docker_registry_password is not defined - - - name: Authenticate with Docker registry - docker_login: - registry: "{{ docker_registry }}" - username: "{{ docker_registry_username }}" - password: "{{ docker_registry_password }}" - reauthorize: yes - when: docker_registry is defined and docker_registry_password is defined - delegate_to: localhost - - - name: Wait for Openshift - pause: - seconds: 30 - - - name: Tag and push web image to registry - docker_image: - name: "{{ awx_web_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" - tag: "{{ awx_version }}" - push: yes - when: docker_registry is defined - delegate_to: localhost - - - name: Wait for the registry to settle - pause: - seconds: 10 - - - name: Tag and push task image to registry - docker_image: - name: "{{ awx_task_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" - tag: "{{ awx_version }}" - push: yes - when: docker_registry is defined - delegate_to: localhost - - # Note this is the one bit that is Openshift specific - - name: Enable image stream lookups for awx images - shell: "oc set image-lookup --all -n {{ awx_openshift_project }}" - - - name: Set full web image path - set_fact: - awx_web_openshift_image: "{{ awx_web_image }}:{{ awx_version }}" - when: awx_web_openshift_image is not defined - - - name: Set full task image path - set_fact: - awx_task_openshift_image: "{{ awx_task_image }}:{{ awx_version }}" - when: awx_task_openshift_image is not defined - when: dockerhub_base is not defined - -- name: Set DockerHub Image Paths - set_fact: - awx_web_openshift_image: "{{ dockerhub_base }}/awx_web:{{ dockerhub_version }}" - awx_task_openshift_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}" - when: dockerhub_base is defined - -- name: Deploy and Activate Postgres - shell: "oc new-app --template=postgresql-persistent -e MEMORY_LIMIT={{ pg_memory_limit|default('512') }}Mi -e NAMESPACE=openshift -e DATABASE_SERVICE_NAME=postgresql -e POSTGRESQL_USER={{ pg_username }} -e POSTGRESQL_PASSWORD={{ pg_password }} -e POSTGRESQL_DATABASE={{ pg_database }} -e VOLUME_CAPACITY={{ pg_volume_capacity|default('5')}}Gi -e POSTGRESQL_VERSION=9.5 -n {{ awx_openshift_project }}" - when: (pg_hostname is not defined or pg_hostname == '') and (postgres_svc_details is defined and postgres_svc_details.rc != 0) - register: openshift_pg_activate - -- name: Wait for Postgres to activate - pause: - seconds: 15 - when: openshift_pg_activate|changed - -- name: Set openshift base path - set_fact: - openshift_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/awx-config" - -- name: Ensure directory exists - file: - path: "{{ openshift_base_path }}" - state: directory - -- name: Template Openshift AWX Config - template: - src: configmap.yml.j2 - dest: "{{ openshift_base_path }}/configmap.yml" - mode: '0600' - -- name: Template Openshift AWX Deployment - template: - src: deployment.yml.j2 - dest: "{{ openshift_base_path }}/deployment.yml" - mode: '0600' - -- name: Template Openshift AWX etcd2 - template: - src: etcd.yml.j2 - dest: "{{ openshift_base_path }}/etcd.yml" - mode: '0600' - -- name: Apply etcd deployment - shell: "oc apply -f {{ openshift_base_path }}/etcd.yml" - -- name: Apply Configmap - shell: "oc apply -f {{ openshift_base_path }}/configmap.yml" - -- name: Apply Deployment - shell: "oc apply -f {{ openshift_base_path }}/deployment.yml" diff --git a/installer/roles/openshift/templates/configmap.yml.j2 b/installer/roles/openshift/templates/configmap.yml.j2 deleted file mode 100644 index dd3a14d103..0000000000 --- a/installer/roles/openshift/templates/configmap.yml.j2 +++ /dev/null @@ -1,102 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: awx-config - namespace: {{ awx_openshift_project }} -data: - secret_key: {{ awx_secret_key }} - awx_settings: | - import os - import socket - ADMINS = () - - # Container environments don't like chroots - AWX_PROOT_ENABLED = False - - # Automatically deprovision pods that go offline - AWX_AUTO_DEPROVISION_INSTANCES = True - - SYSTEM_TASK_ABS_CPU = {{ ((awx_task_cpu_request|int / 1000) * 4)|int }} - SYSTEM_TASK_ABS_MEM = {{ ((awx_task_mem_request|int * 1024) / 100)|int }} - - #Autoprovisioning should replace this - CLUSTER_HOST_ID = socket.gethostname() - SYSTEM_UUID = '00000000-0000-0000-0000-000000000000' - - SESSION_COOKIE_SECURE = False - CSRF_COOKIE_SECURE = False - - REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR'] - - STATIC_ROOT = '/var/lib/awx/public/static' - PROJECTS_ROOT = '/var/lib/awx/projects' - JOBOUTPUT_ROOT = '/var/lib/awx/job_status' - SECRET_KEY = file('/etc/tower/SECRET_KEY', 'rb').read().strip() - ALLOWED_HOSTS = ['*'] - INTERNAL_API_URL = 'http://127.0.0.1:8052' - SERVER_EMAIL = 'root@localhost' - DEFAULT_FROM_EMAIL = 'webmaster@localhost' - EMAIL_SUBJECT_PREFIX = '[AWX] ' - EMAIL_HOST = 'localhost' - EMAIL_PORT = 25 - EMAIL_HOST_USER = '' - EMAIL_HOST_PASSWORD = '' - EMAIL_USE_TLS = False - - LOGGING['handlers']['console'] = { - '()': 'logging.StreamHandler', - 'level': 'DEBUG', - 'formatter': 'simple', - } - - LOGGING['loggers']['django.request']['handlers'] = ['console'] - LOGGING['loggers']['rest_framework.request']['handlers'] = ['console'] - LOGGING['loggers']['awx']['handlers'] = ['console'] - LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console'] - LOGGING['loggers']['awx.main.commands.inventory_import']['handlers'] = ['console'] - LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console'] - LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console'] - LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console'] - LOGGING['loggers']['social']['handlers'] = ['console'] - LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console'] - LOGGING['loggers']['rbac_migrations']['handlers'] = ['console'] - LOGGING['loggers']['awx.isolated.manager.playbooks']['handlers'] = ['console'] - LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['fact_receiver'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'} - - DATABASES = { - 'default': { - 'ATOMIC_REQUESTS': True, - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': "{{ pg_database }}", - 'USER': "{{ pg_username }}", - 'PASSWORD': "{{ pg_password }}", - 'HOST': "{{ pg_hostname|default('postgresql') }}", - 'PORT': "{{ pg_port }}", - } - } - BROKER_URL = 'amqp://{}:{}@{}:{}/{}'.format( - "awx", - "abcdefg", - "localhost", - "5672", - "awx") - CHANNEL_LAYERS = { - 'default': {'BACKEND': 'asgi_amqp.AMQPChannelLayer', - 'ROUTING': 'awx.main.routing.channel_routing', - 'CONFIG': {'url': BROKER_URL}} - } - CACHES = { - 'default': { - 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', - 'LOCATION': '{}:{}'.format("localhost", "11211") - }, - 'ephemeral': { - 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache', - }, - } diff --git a/installer/roles/openshift/templates/deployment.yml.j2 b/installer/roles/openshift/templates/deployment.yml.j2 deleted file mode 100644 index d46044aa0b..0000000000 --- a/installer/roles/openshift/templates/deployment.yml.j2 +++ /dev/null @@ -1,159 +0,0 @@ ---- -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: awx - namespace: {{ awx_openshift_project }} -spec: - replicas: 1 - template: - metadata: - labels: - name: awx-web-deploy - service: django - spec: - containers: - - name: awx-web - image: {{ awx_web_openshift_image }} - imagePullPolicy: Always - ports: - - containerPort: 8052 - volumeMounts: - - mountPath: /etc/tower - name: awx-application-config - resources: - requests: - memory: "{{ awx_web_mem_request }}Gi" - cpu: "{{ awx_web_cpu_request }}m" - - name: awx-celery - image: {{ awx_task_openshift_image }} - imagePullPolicy: Always - volumeMounts: - - mountPath: /etc/tower - name: awx-application-config - env: - - name: DATABASE_USER - value: {{ pg_username }} - - name: DATABASE_NAME - value: {{ pg_database }} - - name: DATABASE_HOST - value: {{ pg_hostname|default('postgresql') }} - - name: DATABASE_PORT - value: "{{ pg_port|default('5432') }}" - - name: DATABASE_PASSWORD - value: {{ pg_password }} - - name: MEMCACHED_HOST - value: {{ memcached_hostname|default('localhost') }} - - name: RABBITMQ_HOST - value: {{ rabbitmq_hostname|default('localhost') }} - - name: AWX_ADMIN_USER - value: {{ default_admin_user|default('admin') }} - - name: AWX_ADMIN_PASSWORD - value: {{ default_admin_password|default('password') }} - resources: - requests: - memory: "{{ awx_task_mem_request }}Gi" - cpu: "{{ awx_task_cpu_request }}m" - - name: awx-rabbit - image: ansible/awx_rabbitmq:{{ rabbitmq_version }} - imagePullPolicy: Always - env: - # For consupmption by rabbitmq-env.conf - - name: MY_POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: RABBITMQ_USE_LONGNAME - value: "true" - - name: RABBITMQ_ERLANG_COOKIE - value: "cookiemonster" - - name: RABBITMQ_NODENAME - value: "rabbit@$(MY_POD_IP)" - - name: AUTOCLUSTER_TYPE - value: "etcd" - - name: AUTOCLUSTER_DELAY - value: "60" - - name: ETCD_HOST - value: "etcd" - - name: AUTOCLUSTER_CLEANUP - value: "true" - - name: CLEANUP_WARN_ONLY - value: "false" - - name: CLEANUP_INTERVAL - value: "30" - - name: RABBITMQ_DEFAULT_USER - value: "awx" - - name: RABBITMQ_DEFAULT_PASS - value: "abcdefg" - - name: RABBITMQ_DEFAULT_VHOST - value: "awx" - - name: RABBITMQ_CONFIG_FILE - value: "/etc/rabbitmq/rabbitmq" - resources: - requests: - memory: "{{ awx_rabbitmq_mem_request }}Gi" - cpu: "{{ awx_rabbitmq_cpu_request }}m" - - name: awx-memcached - image: memcached - resources: - requests: - memory: "{{ awx_memcached_mem_request }}Gi" - cpu: "{{ awx_memcached_cpu_request }}m" - volumes: - - name: awx-application-config - configMap: - name: awx-config - items: - - key: awx_settings - path: settings.py - - key: secret_key - path: SECRET_KEY ---- -apiVersion: v1 -kind: Service -metadata: - name: awx-web-svc - namespace: {{ awx_openshift_project }} - labels: - name: awx-web-svc -spec: - type: "NodePort" - ports: - - name: http - port: 8052 - selector: - name: awx-web-deploy ---- ---- -apiVersion: v1 -kind: Service -metadata: - name: awx-rmq-mgmt - namespace: {{ awx_openshift_project }} - labels: - name: awx-rmq-mgmt -spec: - type: ClusterIP - ports: - - name: rmqmgmt - port: 15672 - targetPort: 15672 - selector: - name: awx-web-deploy ---- -apiVersion: v1 -kind: Route -metadata: - name: awx-web-svc - namespace: {{ awx_openshift_project }} -spec: - port: - targetPort: http - tls: - insecureEdgeTerminationPolicy: Allow - termination: edge - to: - kind: Service - name: awx-web-svc - weight: 100 - wildcardPolicy: None diff --git a/installer/roles/openshift/templates/etcd.yml.j2 b/installer/roles/openshift/templates/etcd.yml.j2 deleted file mode 100644 index abbfe13185..0000000000 --- a/installer/roles/openshift/templates/etcd.yml.j2 +++ /dev/null @@ -1,44 +0,0 @@ ---- -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: etcd - namespace: {{ awx_openshift_project }} -spec: - replicas: 1 - template: - metadata: - labels: - name: awx-etcd2 - service: etcd - spec: - containers: - - name: etcd - image: elcolio/etcd:latest - ports: - - containerPort: 4001 - volumeMounts: - - mountPath: /data - name: datadir - volumes: - - name: datadir - emptyDir: {} ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - labels: - name: awx-etcd - name: etcd - namespace: {{ awx_openshift_project }} -spec: - ports: - - name: etcd - port: 4001 - protocol: TCP - targetPort: 4001 - selector: - name: awx-etcd2 - sessionAffinity: None - type: ClusterIP