Consolidate OpenShift and Kubernetes roles

Signed-off-by: Shane McDonald <me@shanemcd.com>
2026-05-07 01:17:37 -02:30 · 2018-03-27 19:45:59 -04:00
parent 7002c6f1b1
commit 98f5dc3fcc
11 changed files with 144 additions and 521 deletions
--- a/installer/roles/kubernetes/tasks/kubernetes.yml
+++ b/installer/roles/kubernetes/tasks/kubernetes.yml
@@ -0,0 +1,16 @@
+- name: Set the Kubernetes Context
+  shell: "kubectl config set-context {{ kubernetes_context }}"
+
+- name: Get Namespace Detail
+  shell: "kubectl get namespace {{ awx_kubernetes_namespace }}"
+  register: namespace_details
+  ignore_errors: yes
+
+- name: Create AWX Kubernetes Project
+  shell: "kubectl create namespace {{ awx_kubernetes_namespace }}"
+  when: namespace_details.rc != 0
+
+- name: Set postgresql service name
+  set_fact:
+    postgresql_service_name: "{{ awx_kubernetes_namespace }}-postgresql"
+  when: "pg_hostname is not defined or pg_hostname == ''"
--- a/installer/roles/kubernetes/tasks/main.yml
+++ b/installer/roles/kubernetes/tasks/main.yml
@@ -1,59 +1,38 @@
 ---
- name: Set the Kubernetes Context
-  shell: "kubectl config set-context {{ kubernetes_context }}"
+- fail:
+    msg: "Only set one of kubernetes_context or openshift_host"
+  when: openshift_host is defined and kubernetes_context is defined

- name: Get Namespace Detail
-  shell: "kubectl get namespace {{ awx_kubernetes_namespace }}"
-  register: namespace_details
-  ignore_errors: yes
+- name: Set kubernetes base path
+  set_fact:
+    kubernetes_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/awx-config"
+
+- include_tasks: openshift.yml
+  when: openshift_host is defined
+
+- include_tasks: kubernetes.yml
+  when: kubernetes_context is defined
+
+- name: Use kubectl or oc
+  set_fact:
+    kubectl_or_oc: "{{ openshift_oc_bin if openshift_oc_bin is defined else 'kubectl' }}"

 - name: Get Postgres Service Detail
-  shell: "kubectl describe svc awx-postgresql -n {{ awx_kubernetes_namespace }}"
+  shell: "{{ kubectl_or_oc }} describe svc {{ postgresql_service_name }} -n {{ awx_kubernetes_namespace }}"
  register: postgres_svc_details
  ignore_errors: yes
  when: "pg_hostname is not defined or pg_hostname == ''"

- name: Create AWX Kubernetes Project
-  shell: "kubectl create namespace {{ awx_kubernetes_namespace }}"
-  when: namespace_details.rc != 0
-
-# TODO: This is duplicated in the openshift role, probably needs to be moved to the image_build role
 - name: Manage AWX Container Images
+  include_role:
+    name: image_push
+  when: dockerhub_base is not defined
+
+- name: Set image names
  block:
-    - name: Authenticate with Docker registry
-      docker_login:
-        registry: "{{ docker_registry }}"
-        username: "{{ docker_registry_username }}"
-        password: "{{ docker_registry_password }}"
-        reauthorize: yes
-      when: docker_registry is defined and docker_registry_password is defined
-      delegate_to: localhost
-
-    - name: Wait for Openshift
-      pause:
-        seconds: 30
-
-    - name: Tag and push web image to registry
-      docker_image:
-        name: "{{ awx_web_image }}"
-        repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}"
-        tag: "{{ awx_version }}"
-        push: yes
-      when: docker_registry is defined
-      delegate_to: localhost
-
-    - name: Wait for the registry to settle
-      pause:
-        seconds: 10
-
-    - name: Tag and push task image to registry
-      docker_image:
-        name: "{{ awx_task_image }}"
-        repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}"
-        tag: "{{ awx_version }}"
-        push: yes
-      when: docker_registry is defined
-      delegate_to: localhost
+    - name: Enable image stream lookups for awx images
+      shell: "{{ openshift_oc_bin }} set image-lookup --all -n {{ awx_kubernetes_namespace }}"
+      when: openshift_host is defined

    - name: Set full web image path
      set_fact:
@@ -72,25 +51,32 @@
    awx_task_kubernetes_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}"
  when: dockerhub_base is defined

- name: Deploy and Activate Postgres
+- name: Deploy and Activate Postgres (Kubernetes)
  shell: "helm install --name awx --namespace {{ awx_kubernetes_namespace }} --set postgresUser={{ pg_username }},postgresPassword={{ pg_password }},postgresDatabase={{ pg_database }},persistence.size={{ pg_volume_capacity|default('5')}}Gi stable/postgresql"
-  when: (pg_hostname is not defined or pg_hostname == '') and (postgres_svc_details is defined and postgres_svc_details.rc != 0)
+  when:
+    - (pg_hostname is not defined or pg_hostname == '') and (postgres_svc_details is defined and postgres_svc_details.rc != 0)
+    - kubernetes_context is defined
  register: kubernetes_pg_activate

+- name: Deploy and Activate Postgres (OpenShift)
+  shell: "{{ openshift_oc_bin }} new-app --template=postgresql-persistent -e MEMORY_LIMIT={{ pg_memory_limit|default('512') }}Mi -e NAMESPACE=openshift -e DATABASE_SERVICE_NAME=postgresql  -e POSTGRESQL_USER={{ pg_username }} -e POSTGRESQL_PASSWORD={{ pg_password }} -e POSTGRESQL_DATABASE={{ pg_database }} -e VOLUME_CAPACITY={{ pg_volume_capacity|default('5')}}Gi -e POSTGRESQL_VERSION=9.5 -n {{ awx_openshift_project }}"
+  when:
+    - (pg_hostname is not defined or pg_hostname == '') and (postgres_svc_details is defined and postgres_svc_details.rc != 0)
+    - openshift_host is defined
+  register: openshift_pg_activate
+
 - name: Set postgresql hostname to helm package service
  set_fact:
    pg_hostname: awx-postgresql
-  when: pg_hostname is not defined or pg_hostname == ''
+  when:
+    - pg_hostname is not defined or pg_hostname == ''
+    - kubernetes_context is defined

 - name: Wait for Postgres to activate
  pause:
    seconds: 60
  when: kubernetes_pg_activate|changed

- name: Set kubernetes base path
-  set_fact:
-    kubernetes_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/awx-config"
-
 - name: Ensure directory exists
  file:
    path: "{{ kubernetes_base_path }}"
@@ -115,10 +101,10 @@
    mode: '0600'

 - name: Apply etcd deployment
-  shell: "kubectl apply -f {{ kubernetes_base_path }}/etcd.yml"
-  
+  shell: "{{ kubectl_or_oc }} apply -f {{ kubernetes_base_path }}/etcd.yml"
+
 - name: Apply Configmap
-  shell: "kubectl apply -f {{ kubernetes_base_path }}/configmap.yml"
+  shell: "{{ kubectl_or_oc }} apply -f {{ kubernetes_base_path }}/configmap.yml"

 - name: Apply Deployment
-  shell: "kubectl apply -f {{ kubernetes_base_path }}/deployment.yml"
+  shell: "{{ kubectl_or_oc }} apply -f {{ kubernetes_base_path }}/deployment.yml"
--- a/installer/roles/kubernetes/tasks/openshift.yml
+++ b/installer/roles/kubernetes/tasks/openshift.yml
@@ -0,0 +1,44 @@
+---
+- include_vars: openshift.yml
+
+- name: Ensure workspace directories exist
+  file:
+    path: "{{ item  }}"
+    state: directory
+  with_items:
+    - "{{ kubernetes_base_path }}"
+    - "{{ openshift_oc_config_file | dirname }}"
+
+- name: Authenticate with OpenShift via user and password
+  shell: |
+    {{ openshift_oc_bin }} login {{ openshift_host }} \
+      -u {{ openshift_user }} \
+      -p {{ openshift_password }} \
+      --insecure-skip-tls-verify={{ openshift_skip_tls_verify | default(false) | bool }}
+  when:
+    - openshift_user is defined
+    - openshift_password is defined
+    - openshift_token is not defined
+  no_log: true
+
+- name: Authenticate with OpenShift via token
+  shell: |
+    {{ openshift_oc_bin }} login {{ openshift_host }} \
+      --token {{ openshift_token }} \
+      --insecure-skip-tls-verify={{ openshift_skip_tls_verify | default(false) | bool }}
+  when: openshift_token is defined
+  no_log: true
+
+- name: Set postgresql service name
+  set_fact:
+    postgresql_service_name: "postgresql"
+  when: "pg_hostname is not defined or pg_hostname == ''"
+
+- name: Get Project Detail
+  shell: "{{ openshift_oc_bin }} get project {{ awx_openshift_project }}"
+  register: project_details
+  ignore_errors: yes
+
+- name: Create AWX Openshift Project
+  shell: "{{ openshift_oc_bin }} new-project {{ awx_openshift_project }}"
+  when: project_details.rc != 0
--- a/installer/roles/kubernetes/templates/deployment.yml.j2
+++ b/installer/roles/kubernetes/templates/deployment.yml.j2
@@ -127,6 +127,23 @@ spec:
  selector:
    name: awx-web-deploy
 ---
+apiVersion: v1
+kind: Service
+metadata:
+  name: awx-rmq-mgmt
+  namespace: {{ awx_kubernetes_namespace }}
+  labels:
+    name: awx-rmq-mgmt
+spec:
+  type: ClusterIP
+  ports:
+    - name: rmqmgmt
+      port: 15672
+      targetPort: 15672
+  selector:
+    name: awx-web-deploy
+{% if kubernetes_context is defined %}
+---
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
@@ -136,3 +153,23 @@ spec:
  backend:
    serviceName: awx-web-svc
    servicePort: 80
+{% endif %}
+{% if openshift_host is defined %}
+---
+apiVersion: v1
+kind: Route
+metadata:
+  name: awx-web-svc
+  namespace: {{ awx_kubernetes_namespace }}
+spec:
+  port:
+    targetPort: http
+  tls:
+    insecureEdgeTerminationPolicy: Allow
+    termination: edge
+  to:
+    kind: Service
+    name: awx-web-svc
+    weight: 100
+  wildcardPolicy: None
+{% endif %}
--- a/installer/roles/kubernetes/vars/openshift.yml
+++ b/installer/roles/kubernetes/vars/openshift.yml
@@ -0,0 +1,3 @@
+---
+openshift_oc_config_file: "{{ kubernetes_base_path }}/.kube/config"
+openshift_oc_bin: "oc --config={{ openshift_oc_config_file }}"