External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-12 18:40:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1771 from shanemcd/kubernetes-role-cleanup

Browse Source 
Kubernetes role cleanup
This commit is contained in:
Shane McDonald 2018-04-17 11:16:46 -04:00 committed by GitHub
commit ffc347bfd0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
15 changed files with 176 additions and 168 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
installer/install.yml
View File

@ -5,5 +5,6 @@
roles:
- { role: check_vars }
- { role: image_build, when: "dockerhub_base is not defined" }
- { role: image_push, when: "docker_registry is defined and dockerhub_base is not defined" }
- { role: kubernetes, when: "openshift_host is defined or kubernetes_context is defined" }
- { role: local_docker, when: "openshift_host is not defined and kubernetes_context is not defined" }

11
installer/inventory
View File

@ -12,13 +12,12 @@ dockerhub_version=latest
# Openshift Install
# Will need to set -e openshift_password=developer -e docker_registry_password=$(oc whoami -t)
# openshift_host=127.0.0.1:8443
# awx_openshift_project=awx
# openshift_project=awx
# openshift_user=developer
# awx_node_port=30083
# Kubernetes Install
# kubernetes_context=test-cluster
# awx_kubernetes_namespace=awx
# kubernetes_namespace=awx
# Kubernetes and Openshift Install Resource Requests
# This is the request value for a pod's "task" container, which is the container
@ -27,8 +26,8 @@ dockerhub_version=latest
# in the pod
# A cpu_request of 1500 is 1.5 cores for the task container
# A mem_request of 2 is for 2 gigabytes of memory for the task container
# awx_task_cpu_request=1500
# awx_task_mem_request=2
# task_cpu_request=1500
# task_mem_request=2
# Common Docker parameters
postgres_data_dir=/tmp/pgdocker
@ -83,7 +82,7 @@ pg_port=5432
# AWX Secret key
# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt
# your credentials
awx_secret_key=awxsecret
secret_key=awxsecret
# Build AWX with official logos
# Requires cloning awx-logos repo into the project root.

6
installer/roles/check_vars/tasks/check_openshift.yml
View File

@ -1,10 +1,10 @@
# check_openshift.yml
---
- name: awx_openshift_project should be defined
- name: openshift_project should be defined
assert:
that:
- awx_openshift_project is defined and awx_openshift_project != ''
msg: "Set the value of 'awx_openshift_project' in the inventory file."
- openshift_project is defined and openshift_project != ''
msg: "Set the value of 'openshift_project' in the inventory file."
- name: openshift_user should be defined
assert:

14
installer/roles/image_build/tasks/main.yml
View File

@ -89,11 +89,11 @@
- name: Set awx_web image name
set_fact:
awx_web_image: "{{ awx_web_image|default('awx_web') }}"
web_image: "{{ web_image|default('awx_web') }}"
- name: Set awx_task image name
set_fact:
awx_task_image: "{{ awx_task_image|default('awx_task') }}"
task_image: "{{ task_image|default('awx_task') }}"
- name: Ensure directory exists
file:
@ -195,7 +195,7 @@
no_proxy: "{{ no_proxy | default('') }}"
path: "{{ docker_base_path }}"
dockerfile: Dockerfile
name: "{{ awx_web_image }}"
name: "{{ web_image }}"
tag: "{{ awx_version }}"
delegate_to: localhost
@ -207,11 +207,17 @@
no_proxy: "{{ no_proxy | default('') }}"
path: "{{ docker_base_path }}"
dockerfile: Dockerfile.task
name: "{{ awx_task_image }}"
name: "{{ task_image }}"
tag: "{{ awx_version }}"
pull: no
delegate_to: localhost
- name: Tag task and web images as latest
command: "docker tag {{ item }}:{{ awx_version }} {{ item }}:latest"
with_items:
- "{{ task_image }}"
- "{{ web_image }}"
- name: Clean docker base directory
file:
path: "{{ docker_base_path }}"

2
installer/roles/image_build/templates/Dockerfile.task.j2
View File

@ -1,4 +1,4 @@
FROM {{ awx_web_image }}:{{ awx_version }}
FROM {{ web_image }}:{{ awx_version }}
USER 0
RUN sudo yum -y remove nginx
USER 1000

35
installer/roles/image_push/tasks/main.yml
View File

@ -1,4 +1,13 @@
---
- name: Authenticate with Docker registry if registry password given
docker_login:
registry: "{{ docker_registry }}"
username: "{{ docker_registry_username }}"
password: "{{ docker_registry_password }}"
reauthorize: yes
when: docker_registry is defined and docker_registry_password is defined
delegate_to: localhost
- name: Remove local images to ensure proper push behavior
# TODO: this code will not be necessary if and when docker_image can be configured to push if the image
# Already exists locally
@ -6,13 +15,13 @@
block:
- name: Remove web image
docker_image:
name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}"
name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}"
tag: "{{ awx_version }}"
state: absent
- name: Remove task image
docker_image:
name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}"
name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}"
tag: "{{ awx_version }}"
state: absent
delegate_to: localhost
@ -22,22 +31,28 @@
block:
- name: Tag and push web image to registry
docker_image:
name: "{{ awx_web_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}"
tag: "{{ awx_version }}"
name: "{{ web_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}"
tag: "{{ item }}"
push: yes
with_items:
- "latest"
- "{{ awx_version }}"
- name: Tag and push task image to registry
docker_image:
name: "{{ awx_task_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}"
tag: "{{ awx_version }}"
name: "{{ task_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}"
tag: "{{ item }}"
push: yes
with_items:
- "latest"
- "{{ awx_version }}"
delegate_to: localhost
- name: Set full image path for Registry
set_fact:
awx_web_docker_actual_image: >-
{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}:{{ awx_version }}
{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}:{{ awx_version }}
awx_task_docker_actual_image: >-
{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}:{{ awx_version }}
{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}:{{ awx_version }}

27
installer/roles/kubernetes/defaults/main.yml
View File

@ -1,17 +1,26 @@
---
awx_web_mem_request: 1
awx_web_cpu_request: 500
dockerhub_web_image: "{{ dockerhub_base | default('ansible') }}/awx_web:{{ dockerhub_version | default('latest') }}"
dockerhub_task_image: "{{ dockerhub_base | default('ansible') }}/awx_task:{{ dockerhub_version | default('latest') }}"
awx_task_mem_request: 2
awx_task_cpu_request: 1500
web_mem_request: 1
web_cpu_request: 500
awx_rabbitmq_mem_request: 2
awx_rabbitmq_cpu_request: 500
task_mem_request: 2
task_cpu_request: 1500
awx_memcached_mem_request: 1
awx_memcached_cpu_request: 500
rabbitmq_mem_request: 2
rabbitmq_cpu_request: 500
rabbitmq_version: "3.7.4"
memcached_mem_request: 1
memcached_cpu_request: 500
kubernetes_rabbitmq_version: "3.7.4"
kubernetes_rabbitmq_image: "ansible/awx_rabbitmq"
kubernetes_memcached_version: "latest"
kubernetes_memcached_image: "memcached"
openshift_pg_emptydir: no
openshift_pg_pvc_name: postgresql
kubernetes_deployment_name: awx

6
installer/roles/kubernetes/tasks/kubernetes.yml
View File

@ -2,15 +2,15 @@
shell: "kubectl config set-context {{ kubernetes_context }}"
- name: Get Namespace Detail
shell: "kubectl get namespace {{ awx_kubernetes_namespace }}"
shell: "kubectl get namespace {{ kubernetes_namespace }}"
register: namespace_details
ignore_errors: yes
- name: Create AWX Kubernetes Project
shell: "kubectl create namespace {{ awx_kubernetes_namespace }}"
shell: "kubectl create namespace {{ kubernetes_namespace }}"
when: namespace_details.rc != 0
- name: Set postgresql service name
set_fact:
postgresql_service_name: "{{ awx_kubernetes_namespace }}-postgresql"
postgresql_service_name: "{{ kubernetes_namespace }}-postgresql"
when: "pg_hostname is not defined or pg_hostname == ''"

52
installer/roles/kubernetes/tasks/main.yml
View File

@ -5,7 +5,7 @@
- name: Set kubernetes base path
set_fact:
kubernetes_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/awx-config"
kubernetes_base_path: "{{ local_base_config_path|default('/tmp') }}/{{ kubernetes_deployment_name }}-config"
- include_tasks: openshift.yml
when: openshift_host is defined
@ -18,39 +18,11 @@
kubectl_or_oc: "{{ openshift_oc_bin if openshift_oc_bin is defined else 'kubectl' }}"
- name: Get Postgres Service Detail
shell: "{{ kubectl_or_oc }} describe svc {{ postgresql_service_name }} -n {{ awx_kubernetes_namespace }}"
shell: "{{ kubectl_or_oc }} describe svc {{ postgresql_service_name }} -n {{ kubernetes_namespace }}"
register: postgres_svc_details
ignore_errors: yes
when: "pg_hostname is not defined or pg_hostname == ''"
- name: Manage AWX Container Images
include_role:
name: image_push
when: dockerhub_base is not defined
- name: Set image names
block:
- name: Enable image stream lookups for awx images
shell: "{{ openshift_oc_bin }} set image-lookup --all -n {{ awx_kubernetes_namespace }}"
when: openshift_host is defined
- name: Set full web image path
set_fact:
awx_web_kubernetes_image: "{{ awx_web_image }}:{{ awx_version }}"
when: awx_web_kubernetes_image is not defined
- name: Set full task image path
set_fact:
awx_task_kubernetes_image: "{{ awx_task_image }}:{{ awx_version }}"
when: awx_task_kubernetes_image is not defined
when: dockerhub_base is not defined
- name: Set DockerHub Image Paths
set_fact:
awx_web_kubernetes_image: "{{ dockerhub_base }}/awx_web:{{ dockerhub_version }}"
awx_task_kubernetes_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}"
when: dockerhub_base is defined
- name: Deploy PostgreSQL (OpenShift)
block:
- name: Template PostgreSQL Deployment
@ -69,7 +41,7 @@
-e POSTGRESQL_PASSWORD={{ pg_password }} \
-e POSTGRESQL_DATABASE={{ pg_database }} \
-e POSTGRESQL_VERSION=9.5 \
-n {{ awx_kubernetes_namespace }}
-n {{ kubernetes_namespace }}
register: openshift_pg_activate
when:
- pg_hostname is not defined or pg_hostname == ''
@ -78,7 +50,7 @@
- name: Deploy and Activate Postgres (Kubernetes)
shell: |
helm install --name awx --namespace {{ awx_kubernetes_namespace }} \
helm install --name awx --namespace {{ kubernetes_namespace }} \
--set postgresUser={{ pg_username }} \
--set postgresPassword={{ pg_password }} \
--set postgresDatabase={{ pg_database }} \
@ -92,7 +64,7 @@
- name: Set postgresql hostname to helm package service
set_fact:
pg_hostname: awx-postgresql
pg_hostname: "{{ kubernetes_deployment_name }}-postgresql"
when:
- pg_hostname is not defined or pg_hostname == ''
- kubernetes_context is defined
@ -107,13 +79,25 @@
path: "{{ kubernetes_base_path }}"
state: directory
- name: Template Kubernetes AWX Config
template:
src: configmap.yml.j2
dest: "{{ kubernetes_base_path }}/configmap.yml"
mode: '0600'
- name: Set image names if using custom registry
block:
- name: Set task image name
set_fact:
kubernetes_task_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}"
when: kubernetes_task_image is not defined
- name: Set web image name
set_fact:
kubernetes_web_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}"
when: kubernetes_web_image is not defined
when: docker_registry is defined
- name: Template Kubernetes AWX Deployment
template:
src: deployment.yml.j2

14
installer/roles/kubernetes/tasks/openshift.yml
View File

@ -1,6 +1,10 @@
---
- include_vars: openshift.yml
- name: Set kubernetes_namespace
set_fact:
kubernetes_namespace: "{{ openshift_project }}"
- name: Ensure workspace directories exist
file:
path: "{{ item }}"
@ -30,18 +34,18 @@
no_log: true
- name: Get Project Detail
shell: "{{ openshift_oc_bin }} get project {{ awx_openshift_project }}"
shell: "{{ openshift_oc_bin }} get project {{ openshift_project }}"
register: project_details
ignore_errors: yes
- name: Create AWX Openshift Project
shell: "{{ openshift_oc_bin }} new-project {{ awx_openshift_project }}"
shell: "{{ openshift_oc_bin }} new-project {{ openshift_project }}"
when: project_details.rc != 0
- name: Ensure PostgreSQL PVC is available
block:
- name: Check PVC status
command: "{{ openshift_oc_bin }} get pvc {{ openshift_pg_pvc_name }} -n {{ awx_openshift_project }} -o=jsonpath='{.status.phase}'"
command: "{{ openshift_oc_bin }} get pvc {{ openshift_pg_pvc_name }} -n {{ openshift_project }} -o=jsonpath='{.status.phase}'"
register: pg_pvc_status
ignore_errors: yes
@ -49,10 +53,10 @@
assert:
that:
- pg_pvc_status.stdout == "Bound"
msg: "Ensure a PVC named '{{ openshift_pg_pvc_name }}' is created and bound in the '{{ awx_openshift_project }}' namespace."
msg: "Ensure a PVC named '{{ openshift_pg_pvc_name }}' is created and bound in the '{{ openshift_project }}' namespace."
when:
- pg_hostname is not defined or pg_hostname == ''
- openshift_pg_emptydir is defined and openshift_pg_emptydir != true
- openshift_pg_emptydir is defined and (openshift_pg_emptydir | bool) != true
- name: Set postgresql service name
set_fact:

24
installer/roles/kubernetes/templates/configmap.yml.j2
View File

@ -1,33 +1,33 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: awx-config
namespace: {{ awx_kubernetes_namespace }}
name: {{ kubernetes_deployment_name }}-config
namespace: {{ kubernetes_namespace }}
data:
secret_key: {{ awx_secret_key }}
awx_settings: |
secret_key: {{ secret_key }}
{{ kubernetes_deployment_name }}_settings: |
import os
import socket
ADMINS = ()
# Container environments don't like chroots
AWX_PROOT_ENABLED = False
# Automatically deprovision pods that go offline
AWX_AUTO_DEPROVISION_INSTANCES = True
SYSTEM_TASK_ABS_CPU = {{ ((awx_task_cpu_request|int / 1000) * 4)|int }}
SYSTEM_TASK_ABS_MEM = {{ ((awx_task_mem_request|int * 1024) / 100)|int }}
SYSTEM_TASK_ABS_CPU = {{ ((task_cpu_request|int / 1000) * 4)|int }}
SYSTEM_TASK_ABS_MEM = {{ ((task_mem_request|int * 1024) / 100)|int }}
#Autoprovisioning should replace this
CLUSTER_HOST_ID = socket.gethostname()
SYSTEM_UUID = '00000000-0000-0000-0000-000000000000'
SESSION_COOKIE_SECURE = False
CSRF_COOKIE_SECURE = False
CSRF_COOKIE_SECURE = False
REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR']
STATIC_ROOT = '/var/lib/awx/public/static'
PROJECTS_ROOT = '/var/lib/awx/projects'
JOBOUTPUT_ROOT = '/var/lib/awx/job_status'
@ -42,13 +42,13 @@ data:
EMAIL_HOST_USER = ''
EMAIL_HOST_PASSWORD = ''
EMAIL_USE_TLS = False
LOGGING['handlers']['console'] = {
'()': 'logging.StreamHandler',
'level': 'DEBUG',
'formatter': 'simple',
}
LOGGING['loggers']['django.request']['handlers'] = ['console']
LOGGING['loggers']['rest_framework.request']['handlers'] = ['console']
LOGGING['loggers']['awx']['handlers'] = ['console']
@ -68,7 +68,7 @@ data:
LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'}
LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'}
LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'}
DATABASES = {
'default': {
'ATOMIC_REQUESTS': True,

105
installer/roles/kubernetes/templates/deployment.yml.j2
View File

@ -2,7 +2,7 @@
kind: Service
apiVersion: v1
metadata:
namespace: {{ awx_kubernetes_namespace }}
namespace: {{ kubernetes_namespace }}
name: rabbitmq
labels:
app: rabbitmq
@ -14,12 +14,10 @@ spec:
protocol: TCP
port: 15672
targetPort: 15672
nodePort: 31672
- name: amqp
protocol: TCP
port: 5672
targetPort: 5672
nodePort: 30672
selector:
app: rabbitmq
@ -28,7 +26,7 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: rabbitmq-config
namespace: {{ awx_kubernetes_namespace }}
namespace: {{ kubernetes_namespace }}
data:
enabled_plugins: |
[rabbitmq_management,rabbitmq_peer_discovery_k8s].
@ -54,7 +52,7 @@ apiVersion: v1
kind: ServiceAccount
metadata:
name: rabbitmq
namespace: {{ awx_kubernetes_namespace }}
namespace: {{ kubernetes_namespace }}
{% if kubernetes_context is defined %}
---
@ -62,7 +60,7 @@ kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: endpoint-reader
namespace: {{ awx_kubernetes_namespace }}
namespace: {{ kubernetes_namespace }}
rules:
- apiGroups: [""]
resources: ["endpoints"]
@ -72,7 +70,7 @@ kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: endpoint-reader
namespace: {{ awx_kubernetes_namespace }}
namespace: {{ kubernetes_namespace }}
subjects:
- kind: ServiceAccount
name: rabbitmq
@ -88,7 +86,7 @@ kind: Role
apiVersion: v1
metadata:
name: endpoint-reader
namespace: {{ awx_kubernetes_namespace }}
namespace: {{ kubernetes_namespace }}
rules:
- apiGroups: [""]
resources: ["endpoints"]
@ -98,53 +96,58 @@ kind: RoleBinding
apiVersion: v1
metadata:
name: endpoint-reader
namespace: {{ awx_kubernetes_namespace }}
namespace: {{ kubernetes_namespace }}
roleRef:
name: endpoint-reader
namespace: {{ awx_kubernetes_namespace }}
namespace: {{ kubernetes_namespace }}
subjects:
- kind: ServiceAccount
name: rabbitmq
namespace: {{ awx_kubernetes_namespace }}
namespace: {{ kubernetes_namespace }}
userNames:
- system:serviceaccount:{{ awx_kubernetes_namespace }}:rabbitmq
- system:serviceaccount:{{ kubernetes_namespace }}:rabbitmq
{% endif %}
---
{% if openshift_host is defined %}
apiVersion: v1
kind: DeploymentConfig
{% else %}
apiVersion: extensions/v1beta1
kind: Deployment
kind: DeploymentConfig
{% endif %}
metadata:
name: awx
namespace: {{ awx_kubernetes_namespace }}
name: {{ kubernetes_deployment_name }}
namespace: {{ kubernetes_namespace }}
spec:
replicas: 1
template:
metadata:
labels:
name: awx-web-deploy
name: {{ kubernetes_deployment_name }}-web-deploy
service: django
app: rabbitmq
spec:
serviceAccountName: rabbitmq
containers:
- name: awx-web
image: {{ awx_web_kubernetes_image }}
- name: {{ kubernetes_deployment_name }}-web
image: {{ kubernetes_web_image | default(dockerhub_web_image) }}
imagePullPolicy: Always
ports:
- containerPort: 8052
volumeMounts:
- mountPath: /etc/tower
name: awx-application-config
name: {{ kubernetes_deployment_name }}-application-config
resources:
requests:
memory: "{{ awx_web_mem_request }}Gi"
cpu: "{{ awx_web_cpu_request }}m"
- name: awx-celery
image: {{ awx_task_kubernetes_image }}
memory: "{{ web_mem_request }}Gi"
cpu: "{{ web_cpu_request }}m"
- name: {{ kubernetes_deployment_name }}-celery
image: {{ kubernetes_task_image | default(dockerhub_task_image) }}
imagePullPolicy: Always
volumeMounts:
- mountPath: /etc/tower
name: awx-application-config
name: {{ kubernetes_deployment_name }}-application-config
env:
- name: DATABASE_USER
value: {{ pg_username }}
@ -166,10 +169,10 @@ spec:
value: {{ default_admin_password|default('password') }}
resources:
requests:
memory: "{{ awx_task_mem_request }}Gi"
cpu: "{{ awx_task_cpu_request }}m"
- name: awx-rabbit
image: ansible/awx_rabbitmq:{{ rabbitmq_version }}
memory: "{{ task_mem_request }}Gi"
cpu: "{{ task_cpu_request }}m"
- name: {{ kubernetes_deployment_name }}-rabbit
image: "{{ kubernetes_rabbitmq_image }}:{{ kubernetes_rabbitmq_version }}"
imagePullPolicy: Always
ports:
- name: http
@ -206,20 +209,20 @@ spec:
mountPath: /etc/rabbitmq
resources:
requests:
memory: "{{ awx_rabbitmq_mem_request }}Gi"
cpu: "{{ awx_rabbitmq_cpu_request }}m"
- name: awx-memcached
image: memcached
memory: "{{ rabbitmq_mem_request }}Gi"
cpu: "{{ rabbitmq_cpu_request }}m"
- name: {{ kubernetes_deployment_name }}-memcached
image: "{{ kubernetes_memcached_image }}:{{ kubernetes_memcached_version }}"
resources:
requests:
memory: "{{ awx_memcached_mem_request }}Gi"
cpu: "{{ awx_memcached_cpu_request }}m"
memory: "{{ memcached_mem_request }}Gi"
cpu: "{{ memcached_cpu_request }}m"
volumes:
- name: awx-application-config
- name: {{ kubernetes_deployment_name }}-application-config
configMap:
name: awx-config
name: {{ kubernetes_deployment_name }}-config
items:
- key: awx_settings
- key: {{ kubernetes_deployment_name }}_settings
path: settings.py
- key: secret_key
path: SECRET_KEY
@ -235,10 +238,10 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: awx-web-svc
namespace: {{ awx_kubernetes_namespace }}
name: {{ kubernetes_deployment_name }}-web-svc
namespace: {{ kubernetes_namespace }}
labels:
name: awx-web-svc
name: {{ kubernetes_deployment_name }}-web-svc
spec:
type: "NodePort"
ports:
@ -246,15 +249,15 @@ spec:
port: 80
targetPort: 8052
selector:
name: awx-web-deploy
name: {{ kubernetes_deployment_name }}-web-deploy
---
apiVersion: v1
kind: Service
metadata:
name: awx-rmq-mgmt
namespace: {{ awx_kubernetes_namespace }}
name: {{ kubernetes_deployment_name }}-rmq-mgmt
namespace: {{ kubernetes_namespace }}
labels:
name: awx-rmq-mgmt
name: {{ kubernetes_deployment_name }}-rmq-mgmt
spec:
type: ClusterIP
ports:
@ -262,17 +265,17 @@ spec:
port: 15672
targetPort: 15672
selector:
name: awx-web-deploy
name: {{ kubernetes_deployment_name }}-web-deploy
{% if kubernetes_context is defined %}
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: awx-web-svc
namespace: {{ awx_kubernetes_namespace }}
name: {{ kubernetes_deployment_name }}-web-svc
namespace: {{ kubernetes_namespace }}
spec:
backend:
serviceName: awx-web-svc
serviceName: {{ kubernetes_deployment_name }}-web-svc
servicePort: 80
{% endif %}
{% if openshift_host is defined %}
@ -280,8 +283,8 @@ spec:
apiVersion: v1
kind: Route
metadata:
name: awx-web-svc
namespace: {{ awx_kubernetes_namespace }}
name: {{ kubernetes_deployment_name }}-web-svc
namespace: {{ kubernetes_namespace }}
spec:
port:
targetPort: http
@ -290,7 +293,7 @@ spec:
termination: edge
to:
kind: Service
name: awx-web-svc
name: {{ kubernetes_deployment_name }}-web-svc
weight: 100
wildcardPolicy: None
{% endif %}

39
installer/roles/local_docker/tasks/set_image.yml
View File

@ -3,29 +3,20 @@
block:
- name: Export Docker web image if it isnt local and there isnt a registry defined
docker_image:
name: "{{ awx_web_image }}"
name: "{{ web_image }}"
tag: "{{ awx_version }}"
archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar"
archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ web_image }}_{{ awx_version }}.tar"
when: inventory_hostname != "localhost" and docker_registry is not defined
delegate_to: localhost
- name: Export Docker task image if it isnt local and there isnt a registry defined
docker_image:
name: "{{ awx_task_image }}"
name: "{{ task_image }}"
tag: "{{ awx_version }}"
archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar"
archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ task_image }}_{{ awx_version }}.tar"
when: inventory_hostname != "localhost" and docker_registry is not defined
delegate_to: localhost
- name: Authenticate with Docker registry if registry password given
docker_login:
registry: "{{ docker_registry }}"
username: "{{ docker_registry_username }}"
password: "{{ docker_registry_password }}"
reauthorize: yes
when: docker_registry is defined and docker_registry_password is defined
delegate_to: localhost
- name: Set docker base path
set_fact:
docker_deploy_base_path: "{{ awx_base_path|default('/tmp') }}/docker_deploy"
@ -39,40 +30,36 @@
- name: Copy web image to docker execution
copy:
src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar"
dest: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar"
src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ web_image }}_{{ awx_version }}.tar"
dest: "{{ docker_deploy_base_path }}/{{ web_image }}_{{ awx_version }}.tar"
when: ansible_connection != "local" and docker_registry is not defined
- name: Copy task image to docker execution
copy:
src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar"
src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ task_image }}_{{ awx_version }}.tar"
dest: "{{ docker_deploy_base_path }}"
when: ansible_connection != "local" and docker_registry is not defined
- name: Load web image
docker_image:
name: "{{ awx_web_image }}"
name: "{{ web_image }}"
tag: "{{ awx_version }}"
load_path: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar"
load_path: "{{ docker_deploy_base_path }}/{{ web_image }}_{{ awx_version }}.tar"
timeout: 300
when: ansible_connection != "local" and docker_registry is not defined
- name: Load task image
docker_image:
name: "{{ awx_task_image }}"
name: "{{ task_image }}"
tag: "{{ awx_version }}"
load_path: "{{ docker_deploy_base_path }}/{{ awx_task_image }}_{{ awx_version }}.tar"
load_path: "{{ docker_deploy_base_path }}/{{ task_image }}_{{ awx_version }}.tar"
timeout: 300
when: ansible_connection != "local" and docker_registry is not defined
- include_role:
name: image_push
when: docker_registry is defined and dockerhub_base is not defined
- name: Set full image path for local install
set_fact:
awx_web_docker_actual_image: "{{ awx_web_image }}:{{ awx_version }}"
awx_task_docker_actual_image: "{{ awx_task_image }}:{{ awx_version }}"
awx_web_docker_actual_image: "{{ web_image }}:{{ awx_version }}"
awx_task_docker_actual_image: "{{ task_image }}:{{ awx_version }}"
when: docker_registry is not defined
when: dockerhub_base is not defined

4
installer/roles/local_docker/tasks/standalone.yml
View File

@ -96,7 +96,7 @@
http_proxy: "{{ http_proxy | default('') }}"
https_proxy: "{{ https_proxy | default('') }}"
no_proxy: "{{ no_proxy | default('') }}"
SECRET_KEY: "{{ awx_secret_key }}"
SECRET_KEY: "{{ secret_key }}"
DATABASE_NAME: "{{ pg_database }}"
DATABASE_USER: "{{ pg_username }}"
DATABASE_PASSWORD: "{{ pg_password }}"
@ -132,7 +132,7 @@
http_proxy: "{{ http_proxy | default('') }}"
https_proxy: "{{ https_proxy | default('') }}"
no_proxy: "{{ no_proxy | default('') }}"
SECRET_KEY: "{{ awx_secret_key }}"
SECRET_KEY: "{{ secret_key }}"
DATABASE_NAME: "{{ pg_database }}"
DATABASE_USER: "{{ pg_username }}"
DATABASE_PASSWORD: "{{ pg_password }}"

4
installer/roles/local_docker/templates/docker-compose.yml.j2
View File

@ -46,7 +46,7 @@ services:
http_proxy: {{ http_proxy | default('') }}
https_proxy: {{ https_proxy | default('') }}
no_proxy: {{ no_proxy | default('') }}
SECRET_KEY: {{ awx_secret_key }}
SECRET_KEY: {{ secret_key }}
DATABASE_NAME: {{ pg_database }}
DATABASE_USER: {{ pg_username }}
DATABASE_PASSWORD: {{ pg_password }}
@ -105,7 +105,7 @@ services:
http_proxy: {{ http_proxy | default('') }}
https_proxy: {{ https_proxy | default('') }}
no_proxy: {{ no_proxy | default('') }}
SECRET_KEY: {{ awx_secret_key }}
SECRET_KEY: {{ secret_key }}
DATABASE_NAME: {{ pg_database }}
DATABASE_USER: {{ pg_username }}
DATABASE_PASSWORD: {{ pg_password }}