From 2e7b4529f8b4ca111a2685b2dd3220501865d77f Mon Sep 17 00:00:00 2001 From: Matthew Jones Date: Mon, 25 Sep 2017 21:52:23 -0400 Subject: [PATCH 1/3] Add support for installing AWX from official images * New options in the inventory file * Add defaults to some variables --- installer/image_build/tasks/main.yml | 10 +- installer/install.yml | 2 +- installer/inventory | 49 ++++--- installer/local_docker/tasks/main.yml | 193 +++++++++++++------------- 4 files changed, 134 insertions(+), 120 deletions(-) diff --git a/installer/image_build/tasks/main.yml b/installer/image_build/tasks/main.yml index 5aae5da098..3b7724a475 100644 --- a/installer/image_build/tasks/main.yml +++ b/installer/image_build/tasks/main.yml @@ -16,14 +16,14 @@ delegate_to: localhost register: logosdir failed_when: logosdir.stat.isdir is not defined or not logosdir.stat.isdir - when: awx_official + when: awx_official|default(false)|bool - name: Copy logos for inclusion in sdist copy: src: "../../awx-logos/awx/ui/client/assets" dest: "../awx/ui/client/" delegate_to: localhost - when: awx_official + when: awx_official|default(false)|bool - name: Set sdist file name set_fact: @@ -59,7 +59,7 @@ tag: "{{ awx_version }}" force: true delegate_to: localhost - when: use_container_for_build|bool + when: use_container_for_build|default(true)|bool - name: Build AWX distribution using container docker_container: @@ -74,14 +74,14 @@ volumes: - ../:/awx:Z delegate_to: localhost - when: use_container_for_build|bool + when: use_container_for_build|default(true)|bool - name: Build AWX distribution locally shell: make sdist args: chdir: .. delegate_to: localhost - when: not use_container_for_build|bool + when: not use_container_for_build|default(true)|bool - name: Set docker build base path set_fact: diff --git a/installer/install.yml b/installer/install.yml index ee205018ef..01360e9ad3 100644 --- a/installer/install.yml +++ b/installer/install.yml @@ -4,7 +4,7 @@ gather_facts: false roles: - { role: check_vars } - - { role: image_build } + - { role: image_build, when: "dockerhub_base is not defined" } - { role: openshift, when: "openshift_host is defined" } - { role: local_docker, when: "openshift_host is not defined" } diff --git a/installer/inventory b/installer/inventory index ed458a8660..305d93119e 100644 --- a/installer/inventory +++ b/installer/inventory @@ -2,26 +2,22 @@ localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env pyth [all:vars] +# Remove these lines if you want to run a local image build +# Otherwise the setup playbook will install the official Ansible images. Versions may +# be selected based on: latest, 1, 1.0, 1.0.0, 1.0.0.123 +# by default the base will be used to search for ansible/awx_web and ansible/awx_task +dockerhub_base=ansible +dockerhub_version=latest + # This will create or update a default admin (superuser) account in AWX, if not provided # then these default values are used # default_admin_user=admin # default_admin_password=password -# Use a local distribution build container image for building the AWX package -# This is helpful if you don't want to bother installing the build-time dependencies as -# it is taken care of already. -# NOTE: IMPORTANT: If you are running a mininshift install, using this container might not work -# if you are using certain drivers like KVM where the source tree can't be mapped -# into the build container. -# Thus this setting must be set to False which will trigger a local build. To view the -# typical dependencies that you might need to install see: -# installer/image_build/files/Dockerfile.sdist -use_container_for_build=true - -# Build AWX with official logos -# Requires cloning awx-logos repo into the project root. -# Review the trademark guidelines at https://github.com/ansible/awx-logos/blob/master/TRADEMARKS.md -awx_official=false +# AWX Secret key +# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt +# your credentials +awx_secret_key=awxsecret # Openshift Install # Will need to set -e openshift_password=developer -e docker_registry_password=$(oc whoami -t) @@ -34,7 +30,7 @@ awx_official=false postgres_data_dir=/tmp/pgdocker host_port=80 -# Required for Openshift (unless you use an external registry), Optional for Standalone Docker install +# Required for Openshift (unless you use an external registry or DockerHub), Optional for Standalone Docker install # Define if you want the image pushed to a registry. The container definition # will also use these images # docker_registry=172.30.1.1:5000 @@ -42,17 +38,28 @@ host_port=80 # docker_registry_username=developer # Set pg_hostname if you have an external postgres server, otherwise -# a new ephemeral postgres service will be created +# a new postgres service will be created # pg_hostname=postgresql pg_username=awx pg_password=awxpass pg_database=awx pg_port=5432 -# AWX Secret key -# It's *very* important that this stay the same between upgrades or you will use the ability to decrypt -# your credentials -awx_secret_key=awxsecret +# Use a local distribution build container image for building the AWX package +# This is helpful if you don't want to bother installing the build-time dependencies as +# it is taken care of already. +# NOTE: IMPORTANT: If you are running a mininshift install, using this container might not work +# if you are using certain drivers like KVM where the source tree can't be mapped +# into the build container. +# Thus this setting must be set to False which will trigger a local build. To view the +# typical dependencies that you might need to install see: +# installer/image_build/files/Dockerfile.sdist +# use_container_for_build=true + +# Build AWX with official logos +# Requires cloning awx-logos repo into the project root. +# Review the trademark guidelines at https://github.com/ansible/awx-logos/blob/master/TRADEMARKS.md +# awx_official=false # Proxy #http_proxy=http://proxy:3128 diff --git a/installer/local_docker/tasks/main.yml b/installer/local_docker/tasks/main.yml index c422b97b58..73f9051687 100644 --- a/installer/local_docker/tasks/main.yml +++ b/installer/local_docker/tasks/main.yml @@ -1,99 +1,106 @@ --- -- name: Export Docker web image if it isnt local and there isnt a registry defined - docker_image: - name: "{{ awx_web_image }}" - tag: "{{ awx_version }}" - archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" - when: inventory_hostname != "localhost" and docker_registry is not defined - delegate_to: localhost +- name: Manage AWX Container Images + block: + - name: Export Docker web image if it isnt local and there isnt a registry defined + docker_image: + name: "{{ awx_web_image }}" + tag: "{{ awx_version }}" + archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" + when: inventory_hostname != "localhost" and docker_registry is not defined + delegate_to: localhost -- name: Export Docker task image if it isnt local and there isnt a registry defined - docker_image: - name: "{{ awx_task_image }}" - tag: "{{ awx_version }}" - archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" - when: inventory_hostname != "localhost" and docker_registry is not defined - delegate_to: localhost + - name: Export Docker task image if it isnt local and there isnt a registry defined + docker_image: + name: "{{ awx_task_image }}" + tag: "{{ awx_version }}" + archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" + when: inventory_hostname != "localhost" and docker_registry is not defined + delegate_to: localhost -- name: Authenticate with Docker registry if registry password given - docker_login: - registry: "{{ docker_registry }}" - username: "{{ docker_registry_username }}" - password: "{{ docker_registry_password }}" - reauthorize: yes - when: docker_registry is defined and docker_registry_password is defined - delegate_to: localhost + - name: Authenticate with Docker registry if registry password given + docker_login: + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + reauthorize: yes + when: docker_registry is defined and docker_registry_password is defined + delegate_to: localhost -- name: Set docker base path + - name: Set docker base path + set_fact: + docker_deploy_base_path: "{{ awx_base_path|default('/tmp') }}/docker_deploy" + when: ansible_connection != "local" and docker_registry is not defined + + - name: Ensure directory exists + file: + path: "{{ docker_deploy_base_path }}" + state: directory + when: ansible_connection != "local" and docker_registry is not defined + + - name: Copy web image to docker execution + copy: + src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" + dest: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" + when: ansible_connection != "local" and docker_registry is not defined + + - name: Copy task image to docker execution + copy: + src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" + dest: "{{ docker_deploy_base_path }}" + when: ansible_connection != "local" and docker_registry is not defined + + - name: Load web image + docker_image: + name: "{{ awx_web_image }}" + tag: "{{ awx_version }}" + load_path: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" + timeout: 300 + when: ansible_connection != "local" and docker_registry is not defined + + - name: Load task image + docker_image: + name: "{{ awx_task_image }}" + tag: "{{ awx_version }}" + load_path: "{{ docker_deploy_base_path }}/{{ awx_task_image }}_{{ awx_version }}.tar" + timeout: 300 + when: ansible_connection != "local" and docker_registry is not defined + + - name: Tag and push web image to registry + docker_image: + name: "{{ awx_web_image }}" + repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" + tag: "{{ awx_version }}" + push: yes + when: docker_registry is defined + delegate_to: localhost + + - name: Tag and push task image to registry + docker_image: + name: "{{ awx_task_image }}" + repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" + tag: "{{ awx_version }}" + push: yes + when: docker_registry is defined + delegate_to: localhost + + - name: Set full image path for Registry + set_fact: + awx_web_docker_actual_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" + awx_task_docker_actual_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" + when: docker_registry is defined + + - name: Set full image path for local install + set_fact: + awx_web_docker_actual_image: "{{ awx_web_image }}:{{ awx_version }}" + awx_task_docker_actual_image: "{{ awx_task_image }}:{{ awx_version }}" + when: docker_registry is not defined + when: dockerhub_base is not defined + +- name: Set DockerHub Image Paths set_fact: - docker_deploy_base_path: "{{ awx_base_path|default('/tmp') }}/docker_deploy" - when: ansible_connection != "local" and docker_registry is not defined - -- name: Ensure directory exists - file: - path: "{{ docker_deploy_base_path }}" - state: directory - when: ansible_connection != "local" and docker_registry is not defined - -- name: Copy web image to docker execution - copy: - src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" - dest: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" - when: ansible_connection != "local" and docker_registry is not defined - -- name: Copy task image to docker execution - copy: - src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" - dest: "{{ docker_deploy_base_path }}" - when: ansible_connection != "local" and docker_registry is not defined - -- name: Load web image - docker_image: - name: "{{ awx_web_image }}" - tag: "{{ awx_version }}" - load_path: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" - timeout: 300 - when: ansible_connection != "local" and docker_registry is not defined - -- name: Load task image - docker_image: - name: "{{ awx_task_image }}" - tag: "{{ awx_version }}" - load_path: "{{ docker_deploy_base_path }}/{{ awx_task_image }}_{{ awx_version }}.tar" - timeout: 300 - when: ansible_connection != "local" and docker_registry is not defined - -- name: Tag and push web image to registry - docker_image: - name: "{{ awx_web_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" - tag: "{{ awx_version }}" - push: yes - when: docker_registry is defined - delegate_to: localhost - -- name: Tag and push task image to registry - docker_image: - name: "{{ awx_task_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" - tag: "{{ awx_version }}" - push: yes - when: docker_registry is defined - delegate_to: localhost - -- name: Set full image path for Registry - set_fact: - awx_web_docker_actual_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" - awx_task_docker_actual_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" - when: docker_registry is defined - -- name: Set full image path for local install - set_fact: - awx_web_docker_actual_image: "{{ awx_web_image }}" - awx_task_docker_actual_image: "{{ awx_task_image }}" - when: docker_registry is not defined - -## Docker-compose instead? + awx_web_docker_actual_image: "{{ dockerhub_base }}/awx_web:{{ dockerhub_version }}" + awx_task_docker_actual_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}" + when: dockerhub_base is defined - name: Activate postgres container docker_container: @@ -173,7 +180,7 @@ name: awx_web state: started restart_policy: unless-stopped - image: "{{ awx_web_docker_actual_image }}:{{ awx_version }}" + image: "{{ awx_web_docker_actual_image }}" user: root ports: - "{{ host_port }}:8052" @@ -201,7 +208,7 @@ name: awx_task state: started restart_policy: unless-stopped - image: "{{ awx_task_docker_actual_image }}:{{ awx_version }}" + image: "{{ awx_task_docker_actual_image }}" links: "{{ awx_task_container_links|list }}" user: root hostname: awx From b89d1781a28ce346be9bd4ebc92719e0cbbc4d91 Mon Sep 17 00:00:00 2001 From: Matthew Jones Date: Tue, 26 Sep 2017 09:58:07 -0400 Subject: [PATCH 2/3] Modify openshift roles to support official AWX images --- .../check_vars/tasks/check_openshift.yml | 10 +- installer/inventory | 8 +- installer/openshift/tasks/main.yml | 109 ++++++++++-------- 3 files changed, 71 insertions(+), 56 deletions(-) diff --git a/installer/check_vars/tasks/check_openshift.yml b/installer/check_vars/tasks/check_openshift.yml index ccb0a6681b..00017167be 100644 --- a/installer/check_vars/tasks/check_openshift.yml +++ b/installer/check_vars/tasks/check_openshift.yml @@ -24,26 +24,30 @@ - awx_node_port is defined and awx_node_port != '' msg: "Set the value of 'awx_node_port' in the inventory file." -- name: docker_registry should be defined +- name: docker_registry should be defined if not using dockerhub assert: that: - docker_registry is defined and docker_registry != '' msg: "Set the value of 'docker_registry' in the inventory file." + when: dockerhub_base is not defined -- name: docker_registry_repository should be defined +- name: docker_registry_repository should be defined if not using dockerhub assert: that: - docker_registry_repository is defined and docker_registry_repository != '' msg: "Set the value of 'docker_registry_repository' in the inventory file." + when: dockerhub_base is not defined -- name: docker_registry_username should be defined +- name: docker_registry_username should be defined if not using dockerhub assert: that: - docker_registry_username is defined and docker_registry_username != '' msg: "Set the value of 'docker_registry_username' in the inventory file." + when: dockerhub_base is not defined - name: docker_registry_password should be defined assert: that: - docker_registry_password is defined and docker_registry_password != '' msg: "Set the value of 'docker_registry_password' in the inventory file." + when: dockerhub_base is not defined diff --git a/installer/inventory b/installer/inventory index 305d93119e..1cccc1271a 100644 --- a/installer/inventory +++ b/installer/inventory @@ -30,9 +30,11 @@ awx_secret_key=awxsecret postgres_data_dir=/tmp/pgdocker host_port=80 -# Required for Openshift (unless you use an external registry or DockerHub), Optional for Standalone Docker install -# Define if you want the image pushed to a registry. The container definition -# will also use these images +# Required for Openshift when building the image on your own +# Optional for Openshift if using Dockerhub or another prebuilt registry +# Required for Standalone Docker Install if building the image on your own +# Optional for Standalone Docker Install if using Dockerhub or another prebuilt registry +# Define if you want the image pushed to a registry. The container definition will also use these images # docker_registry=172.30.1.1:5000 # docker_registry_repository=awx # docker_registry_username=developer diff --git a/installer/openshift/tasks/main.yml b/installer/openshift/tasks/main.yml index 7d59d6a949..817e3a6ed4 100644 --- a/installer/openshift/tasks/main.yml +++ b/installer/openshift/tasks/main.yml @@ -21,50 +21,69 @@ - name: Mark Openshift User as Admin shell: "oc adm policy add-role-to-user admin {{ openshift_user }} -n {{ awx_openshift_project }}" -- name: Get docker registry password from oc if needed +- name: Manage AWX Container Images block: - - name: Set docker registry password - shell: oc whoami -t - register: docker_registry_password_shell - - name: Set docker registry password + - name: Get docker registry password from oc if needed + block: + - name: Set docker registry password + shell: oc whoami -t + register: docker_registry_password_shell + - name: Set docker registry password + set_fact: + docker_registry_password: "{{ docker_registry_password_shell.stdout }}" + when: docker_registry_password is not defined + + - name: Authenticate with Docker registry + docker_login: + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + reauthorize: yes + when: docker_registry is defined and docker_registry_password is defined + delegate_to: localhost + + - name: Wait for Openshift + pause: + seconds: 30 + + - name: Tag and push web image to registry + docker_image: + name: "{{ awx_web_image }}" + repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" + tag: "{{ awx_version }}" + push: yes + when: docker_registry is defined + delegate_to: localhost + + - name: Wait for openshift + pause: + seconds: 10 + + - name: Tag and push task image to registry + docker_image: + name: "{{ awx_task_image }}" + repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" + tag: "{{ awx_version }}" + push: yes + when: docker_registry is defined + delegate_to: localhost + + - name: Set full web image path set_fact: - docker_registry_password: "{{ docker_registry_password_shell.stdout }}" - when: docker_registry_password is not defined + awx_web_openshift_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}:{{ awx_version }}" + when: awx_web_openshift_image is not defined -- name: Authenticate with Docker registry - docker_login: - registry: "{{ docker_registry }}" - username: "{{ docker_registry_username }}" - password: "{{ docker_registry_password }}" - reauthorize: yes - when: docker_registry is defined and docker_registry_password is defined - delegate_to: localhost + - name: Set full task image path + set_fact: + awx_task_openshift_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}:{{ awx_version }}" + when: awx_task_openshift_image is not defined + when: dockerhub_base is not defined -- name: Wait for Openshift - pause: - seconds: 30 - -- name: Tag and push web image to registry - docker_image: - name: "{{ awx_web_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" - tag: "{{ awx_version }}" - push: yes - when: docker_registry is defined - delegate_to: localhost - -- name: Wait for openshift - pause: - seconds: 10 - -- name: Tag and push task image to registry - docker_image: - name: "{{ awx_task_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" - tag: "{{ awx_version }}" - push: yes - when: docker_registry is defined - delegate_to: localhost +- name: Set DockerHub Image Paths + set_fact: + awx_web_openshift_image: "{{ dockerhub_base }}/awx_web:{{ dockerhub_version }}" + awx_task_openshift_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}" + when: dockerhub_base is defined - name: Deploy and Activate Postgres shell: "oc new-app --template=postgresql-persistent -e MEMORY_LIMIT={{ pg_memory_limit|default('512') }}Mi -e NAMESPACE=openshift -e DATABASE_SERVICE_NAME=postgresql -e POSTGRESQL_USER={{ pg_username }} -e POSTGRESQL_PASSWORD={{ pg_password }} -e POSTGRESQL_DATABASE={{ pg_database }} -e VOLUME_CAPACITY={{ pg_volume_capacity|default('5')}}Gi -e POSTGRESQL_VERSION=9.5 -n {{ awx_openshift_project }}" @@ -76,16 +95,6 @@ seconds: 15 when: openshift_pg_activate|changed -- name: Set full web image path - set_fact: - awx_web_openshift_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}:{{ awx_version }}" - when: awx_web_openshift_image is not defined - -- name: Set full task image path - set_fact: - awx_task_openshift_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}:{{ awx_version }}" - when: awx_task_openshift_image is not defined - - name: Set openshift base path set_fact: openshift_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/awx-config" From 4d24318f704c8c10951c15aa991bbc7ff366c503 Mon Sep 17 00:00:00 2001 From: Matthew Jones Date: Tue, 26 Sep 2017 14:56:46 -0400 Subject: [PATCH 3/3] Update install documentation with official image information --- INSTALL.md | 40 ++++++++++++++++++++++++++++++++++------ 1 file changed, 34 insertions(+), 6 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index 12621d0666..c4734d9414 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -10,6 +10,7 @@ This document provides a guide for installing AWX. - [Prerequisites](#prerequisites) - [AWX Tunables](#awx-tunables) - [Choose a deployment platform](#choose-a-deployment-platform) + - [Official vs Building Images](#official-vs-building-images) - [OpenShift](#openshift) - [Prerequisites](#prerequisites) - [Deploying to Minishift](#deploying-to-minishift) @@ -66,6 +67,27 @@ The [installer](./installer) directory contains an [inventory](./installer/inven In the sections below, you'll find deployment details and instructions for each platform. To deploy to Docker, view the [Docker section](#docker), and for OpenShift, view the [OpenShift section](#openshift). +### Official vs Building Images + +When installing AWX you have the option of building your own images or using the images provided on DockerHub (see [awx_web](https://hub.docker.com/r/ansible/awx_web/) and [awx_task](https://hub.docker.com/r/ansible/awx_task/)) + +This is controlled by the following variables in the `inventory` file + +``` +dockerhub_base=ansible +dockerhub_version=latest +``` + +If these variables are present then all deployments will use these hosted images. If the variables are not present then the images will be built during the install. + +*dockerhub_base* + +> The base location on DockerHub where the images are hosted (by default this pulls container images named `ansible/awx_web:tag` and `ansible/awx_task:tag`) + +*dockerhub_version* + +> Multiple versions are provided. `latest` always pulls the most recent. You may also select version numbers at different granularities: 1, 1.0, 1.0.1, 1.0.0.123 + ## OpenShift ### Prerequisites @@ -111,15 +133,15 @@ Before starting the build process, review the [inventory](./installer/inventory) *docker_registry* -> IP address and port, or URL, for accessing a registry that the OpenShift cluster can access. Defaults to *172.30.1.1:5000*, the internal registry delivered with Minishift. - +> IP address and port, or URL, for accessing a registry that the OpenShift cluster can access. Defaults to *172.30.1.1:5000*, the internal registry delivered with Minishift. This is not needed if you are using official hosted images. +n *docker_registry_repository* -> Namespace to use when pushing and pulling images to and from the registry. Generally this will match the project name. It defaults to *awx*. +> Namespace to use when pushing and pulling images to and from the registry. Generally this will match the project name. It defaults to *awx*. This is not needed if you are using official hosted images. *docker_registry_username* -> Username of the user that will push images to the registry. Will generally match the *openshift_user* value. Defaults to *developer*. +> Username of the user that will push images to the registry. Will generally match the *openshift_user* value. Defaults to *developer*. This is not needed if you are using official hosted images. #### PostgreSQL @@ -135,7 +157,7 @@ To start the build, you will pass two *extra* variables on the command line. The If you're using the OpenShift internal registry, then you'll pass an access token for the *docker_registry_password* value, rather than a password. The `oc whoami -t` command will generate the required token, as long as you're logged into the cluster via `oc cluster login`. -To start the build and deployment, run the following: +To start the build and deployment, run the following (docker_registry_password is optional if using official images): ```bash # Start the build and deployment @@ -266,6 +288,8 @@ awx-server In the above example, image build tasks will be delegated to `localhost`, which is typically where the clone of the AWX project exists. Built images will be archived, copied to remote host, and imported into the remote Docker image cache. Tasks to start the AWX containers will then execute on the remote host. +If you choose to use the official images then the remote host will be the one to pull those images. + **Note** > You may also want to set additional variables to control how Ansible connects to the host. For more information about this, view [Behavioral Inventory Parameters](http://docs.ansible.com/ansible/latest/intro_inventory.html#id12). @@ -304,6 +328,10 @@ If you wish to tag and push built images to a Docker registry, set the following > Username of the user that will push images to the registry. Defaults to *developer*. +**Note** + +> These settings are ignored if using official images + #### Proxy settings @@ -337,7 +365,7 @@ $ cd installer $ ansible-playbook -i inventory install.yml ``` -If you're pushing built images to a repository, then use the `-e` option to pass the registry password as follows, replacing *password* with the password of the username assigned to `docker_registry_username`: +If you're pushing built images to a repository, then use the `-e` option to pass the registry password as follows, replacing *password* with the password of the username assigned to `docker_registry_username` (note that you will also need to remove `dockerhub_base` and `dockerhub_version` from the inventory file): ```bash # Set the working directory to installer