diff --git a/installer/install.yml b/installer/install.yml index 88c5734dde..90a8dc911c 100644 --- a/installer/install.yml +++ b/installer/install.yml @@ -5,5 +5,6 @@ roles: - { role: check_vars } - { role: image_build, when: "dockerhub_base is not defined" } + - { role: image_push, when: "docker_registry is defined and dockerhub_base is not defined" } - { role: kubernetes, when: "openshift_host is defined or kubernetes_context is defined" } - { role: local_docker, when: "openshift_host is not defined and kubernetes_context is not defined" } diff --git a/installer/inventory b/installer/inventory index 72b10f8326..44b20ccc71 100644 --- a/installer/inventory +++ b/installer/inventory @@ -12,13 +12,12 @@ dockerhub_version=latest # Openshift Install # Will need to set -e openshift_password=developer -e docker_registry_password=$(oc whoami -t) # openshift_host=127.0.0.1:8443 -# awx_openshift_project=awx +# openshift_project=awx # openshift_user=developer -# awx_node_port=30083 # Kubernetes Install # kubernetes_context=test-cluster -# awx_kubernetes_namespace=awx +# kubernetes_namespace=awx # Kubernetes and Openshift Install Resource Requests # This is the request value for a pod's "task" container, which is the container @@ -27,8 +26,8 @@ dockerhub_version=latest # in the pod # A cpu_request of 1500 is 1.5 cores for the task container # A mem_request of 2 is for 2 gigabytes of memory for the task container -# awx_task_cpu_request=1500 -# awx_task_mem_request=2 +# task_cpu_request=1500 +# task_mem_request=2 # Common Docker parameters postgres_data_dir=/tmp/pgdocker @@ -83,7 +82,7 @@ pg_port=5432 # AWX Secret key # It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt # your credentials -awx_secret_key=awxsecret +secret_key=awxsecret # Build AWX with official logos # Requires cloning awx-logos repo into the project root. diff --git a/installer/roles/check_vars/tasks/check_openshift.yml b/installer/roles/check_vars/tasks/check_openshift.yml index aa13ef5a70..38d66b352c 100644 --- a/installer/roles/check_vars/tasks/check_openshift.yml +++ b/installer/roles/check_vars/tasks/check_openshift.yml @@ -1,10 +1,10 @@ # check_openshift.yml --- -- name: awx_openshift_project should be defined +- name: openshift_project should be defined assert: that: - - awx_openshift_project is defined and awx_openshift_project != '' - msg: "Set the value of 'awx_openshift_project' in the inventory file." + - openshift_project is defined and openshift_project != '' + msg: "Set the value of 'openshift_project' in the inventory file." - name: openshift_user should be defined assert: diff --git a/installer/roles/image_build/tasks/main.yml b/installer/roles/image_build/tasks/main.yml index 182a3fe257..401281a877 100644 --- a/installer/roles/image_build/tasks/main.yml +++ b/installer/roles/image_build/tasks/main.yml @@ -89,11 +89,11 @@ - name: Set awx_web image name set_fact: - awx_web_image: "{{ awx_web_image|default('awx_web') }}" + web_image: "{{ web_image|default('awx_web') }}" - name: Set awx_task image name set_fact: - awx_task_image: "{{ awx_task_image|default('awx_task') }}" + task_image: "{{ task_image|default('awx_task') }}" - name: Ensure directory exists file: @@ -195,7 +195,7 @@ no_proxy: "{{ no_proxy | default('') }}" path: "{{ docker_base_path }}" dockerfile: Dockerfile - name: "{{ awx_web_image }}" + name: "{{ web_image }}" tag: "{{ awx_version }}" delegate_to: localhost @@ -207,11 +207,17 @@ no_proxy: "{{ no_proxy | default('') }}" path: "{{ docker_base_path }}" dockerfile: Dockerfile.task - name: "{{ awx_task_image }}" + name: "{{ task_image }}" tag: "{{ awx_version }}" pull: no delegate_to: localhost +- name: Tag task and web images as latest + command: "docker tag {{ item }}:{{ awx_version }} {{ item }}:latest" + with_items: + - "{{ task_image }}" + - "{{ web_image }}" + - name: Clean docker base directory file: path: "{{ docker_base_path }}" diff --git a/installer/roles/image_build/templates/Dockerfile.task.j2 b/installer/roles/image_build/templates/Dockerfile.task.j2 index b72160cb68..6e3bf4e3f0 100644 --- a/installer/roles/image_build/templates/Dockerfile.task.j2 +++ b/installer/roles/image_build/templates/Dockerfile.task.j2 @@ -1,4 +1,4 @@ -FROM {{ awx_web_image }}:{{ awx_version }} +FROM {{ web_image }}:{{ awx_version }} USER 0 RUN sudo yum -y remove nginx USER 1000 diff --git a/installer/roles/image_push/tasks/main.yml b/installer/roles/image_push/tasks/main.yml index a81bdf6644..9e3c76f0ca 100644 --- a/installer/roles/image_push/tasks/main.yml +++ b/installer/roles/image_push/tasks/main.yml @@ -1,4 +1,13 @@ --- +- name: Authenticate with Docker registry if registry password given + docker_login: + registry: "{{ docker_registry }}" + username: "{{ docker_registry_username }}" + password: "{{ docker_registry_password }}" + reauthorize: yes + when: docker_registry is defined and docker_registry_password is defined + delegate_to: localhost + - name: Remove local images to ensure proper push behavior # TODO: this code will not be necessary if and when docker_image can be configured to push if the image # Already exists locally @@ -6,13 +15,13 @@ block: - name: Remove web image docker_image: - name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" + name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}" tag: "{{ awx_version }}" state: absent - name: Remove task image docker_image: - name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" + name: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}" tag: "{{ awx_version }}" state: absent delegate_to: localhost @@ -22,22 +31,28 @@ block: - name: Tag and push web image to registry docker_image: - name: "{{ awx_web_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}" - tag: "{{ awx_version }}" + name: "{{ web_image }}" + repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}" + tag: "{{ item }}" push: yes + with_items: + - "latest" + - "{{ awx_version }}" - name: Tag and push task image to registry docker_image: - name: "{{ awx_task_image }}" - repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}" - tag: "{{ awx_version }}" + name: "{{ task_image }}" + repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}" + tag: "{{ item }}" push: yes + with_items: + - "latest" + - "{{ awx_version }}" delegate_to: localhost - name: Set full image path for Registry set_fact: awx_web_docker_actual_image: >- - {{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}:{{ awx_version }} + {{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}:{{ awx_version }} awx_task_docker_actual_image: >- - {{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}:{{ awx_version }} + {{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}:{{ awx_version }} diff --git a/installer/roles/kubernetes/defaults/main.yml b/installer/roles/kubernetes/defaults/main.yml index 18243f8afc..a5fd1d82bb 100644 --- a/installer/roles/kubernetes/defaults/main.yml +++ b/installer/roles/kubernetes/defaults/main.yml @@ -1,17 +1,26 @@ --- -awx_web_mem_request: 1 -awx_web_cpu_request: 500 +dockerhub_web_image: "{{ dockerhub_base | default('ansible') }}/awx_web:{{ dockerhub_version | default('latest') }}" +dockerhub_task_image: "{{ dockerhub_base | default('ansible') }}/awx_task:{{ dockerhub_version | default('latest') }}" -awx_task_mem_request: 2 -awx_task_cpu_request: 1500 +web_mem_request: 1 +web_cpu_request: 500 -awx_rabbitmq_mem_request: 2 -awx_rabbitmq_cpu_request: 500 +task_mem_request: 2 +task_cpu_request: 1500 -awx_memcached_mem_request: 1 -awx_memcached_cpu_request: 500 +rabbitmq_mem_request: 2 +rabbitmq_cpu_request: 500 -rabbitmq_version: "3.7.4" +memcached_mem_request: 1 +memcached_cpu_request: 500 + +kubernetes_rabbitmq_version: "3.7.4" +kubernetes_rabbitmq_image: "ansible/awx_rabbitmq" + +kubernetes_memcached_version: "latest" +kubernetes_memcached_image: "memcached" openshift_pg_emptydir: no openshift_pg_pvc_name: postgresql + +kubernetes_deployment_name: awx diff --git a/installer/roles/kubernetes/tasks/kubernetes.yml b/installer/roles/kubernetes/tasks/kubernetes.yml index d6fa4f1142..c2f222263a 100644 --- a/installer/roles/kubernetes/tasks/kubernetes.yml +++ b/installer/roles/kubernetes/tasks/kubernetes.yml @@ -2,15 +2,15 @@ shell: "kubectl config set-context {{ kubernetes_context }}" - name: Get Namespace Detail - shell: "kubectl get namespace {{ awx_kubernetes_namespace }}" + shell: "kubectl get namespace {{ kubernetes_namespace }}" register: namespace_details ignore_errors: yes - name: Create AWX Kubernetes Project - shell: "kubectl create namespace {{ awx_kubernetes_namespace }}" + shell: "kubectl create namespace {{ kubernetes_namespace }}" when: namespace_details.rc != 0 - name: Set postgresql service name set_fact: - postgresql_service_name: "{{ awx_kubernetes_namespace }}-postgresql" + postgresql_service_name: "{{ kubernetes_namespace }}-postgresql" when: "pg_hostname is not defined or pg_hostname == ''" diff --git a/installer/roles/kubernetes/tasks/main.yml b/installer/roles/kubernetes/tasks/main.yml index b5dbb43b43..09ffc7fad8 100644 --- a/installer/roles/kubernetes/tasks/main.yml +++ b/installer/roles/kubernetes/tasks/main.yml @@ -5,7 +5,7 @@ - name: Set kubernetes base path set_fact: - kubernetes_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/awx-config" + kubernetes_base_path: "{{ local_base_config_path|default('/tmp') }}/{{ kubernetes_deployment_name }}-config" - include_tasks: openshift.yml when: openshift_host is defined @@ -18,39 +18,11 @@ kubectl_or_oc: "{{ openshift_oc_bin if openshift_oc_bin is defined else 'kubectl' }}" - name: Get Postgres Service Detail - shell: "{{ kubectl_or_oc }} describe svc {{ postgresql_service_name }} -n {{ awx_kubernetes_namespace }}" + shell: "{{ kubectl_or_oc }} describe svc {{ postgresql_service_name }} -n {{ kubernetes_namespace }}" register: postgres_svc_details ignore_errors: yes when: "pg_hostname is not defined or pg_hostname == ''" -- name: Manage AWX Container Images - include_role: - name: image_push - when: dockerhub_base is not defined - -- name: Set image names - block: - - name: Enable image stream lookups for awx images - shell: "{{ openshift_oc_bin }} set image-lookup --all -n {{ awx_kubernetes_namespace }}" - when: openshift_host is defined - - - name: Set full web image path - set_fact: - awx_web_kubernetes_image: "{{ awx_web_image }}:{{ awx_version }}" - when: awx_web_kubernetes_image is not defined - - - name: Set full task image path - set_fact: - awx_task_kubernetes_image: "{{ awx_task_image }}:{{ awx_version }}" - when: awx_task_kubernetes_image is not defined - when: dockerhub_base is not defined - -- name: Set DockerHub Image Paths - set_fact: - awx_web_kubernetes_image: "{{ dockerhub_base }}/awx_web:{{ dockerhub_version }}" - awx_task_kubernetes_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}" - when: dockerhub_base is defined - - name: Deploy PostgreSQL (OpenShift) block: - name: Template PostgreSQL Deployment @@ -69,7 +41,7 @@ -e POSTGRESQL_PASSWORD={{ pg_password }} \ -e POSTGRESQL_DATABASE={{ pg_database }} \ -e POSTGRESQL_VERSION=9.5 \ - -n {{ awx_kubernetes_namespace }} + -n {{ kubernetes_namespace }} register: openshift_pg_activate when: - pg_hostname is not defined or pg_hostname == '' @@ -78,7 +50,7 @@ - name: Deploy and Activate Postgres (Kubernetes) shell: | - helm install --name awx --namespace {{ awx_kubernetes_namespace }} \ + helm install --name awx --namespace {{ kubernetes_namespace }} \ --set postgresUser={{ pg_username }} \ --set postgresPassword={{ pg_password }} \ --set postgresDatabase={{ pg_database }} \ @@ -92,7 +64,7 @@ - name: Set postgresql hostname to helm package service set_fact: - pg_hostname: awx-postgresql + pg_hostname: "{{ kubernetes_deployment_name }}-postgresql" when: - pg_hostname is not defined or pg_hostname == '' - kubernetes_context is defined @@ -107,13 +79,25 @@ path: "{{ kubernetes_base_path }}" state: directory - - name: Template Kubernetes AWX Config template: src: configmap.yml.j2 dest: "{{ kubernetes_base_path }}/configmap.yml" mode: '0600' +- name: Set image names if using custom registry + block: + - name: Set task image name + set_fact: + kubernetes_task_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}" + when: kubernetes_task_image is not defined + + - name: Set web image name + set_fact: + kubernetes_web_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}" + when: kubernetes_web_image is not defined + when: docker_registry is defined + - name: Template Kubernetes AWX Deployment template: src: deployment.yml.j2 diff --git a/installer/roles/kubernetes/tasks/openshift.yml b/installer/roles/kubernetes/tasks/openshift.yml index 6fee202458..6a93ca9b2c 100644 --- a/installer/roles/kubernetes/tasks/openshift.yml +++ b/installer/roles/kubernetes/tasks/openshift.yml @@ -1,6 +1,10 @@ --- - include_vars: openshift.yml +- name: Set kubernetes_namespace + set_fact: + kubernetes_namespace: "{{ openshift_project }}" + - name: Ensure workspace directories exist file: path: "{{ item }}" @@ -30,18 +34,18 @@ no_log: true - name: Get Project Detail - shell: "{{ openshift_oc_bin }} get project {{ awx_openshift_project }}" + shell: "{{ openshift_oc_bin }} get project {{ openshift_project }}" register: project_details ignore_errors: yes - name: Create AWX Openshift Project - shell: "{{ openshift_oc_bin }} new-project {{ awx_openshift_project }}" + shell: "{{ openshift_oc_bin }} new-project {{ openshift_project }}" when: project_details.rc != 0 - name: Ensure PostgreSQL PVC is available block: - name: Check PVC status - command: "{{ openshift_oc_bin }} get pvc {{ openshift_pg_pvc_name }} -n {{ awx_openshift_project }} -o=jsonpath='{.status.phase}'" + command: "{{ openshift_oc_bin }} get pvc {{ openshift_pg_pvc_name }} -n {{ openshift_project }} -o=jsonpath='{.status.phase}'" register: pg_pvc_status ignore_errors: yes @@ -49,10 +53,10 @@ assert: that: - pg_pvc_status.stdout == "Bound" - msg: "Ensure a PVC named '{{ openshift_pg_pvc_name }}' is created and bound in the '{{ awx_openshift_project }}' namespace." + msg: "Ensure a PVC named '{{ openshift_pg_pvc_name }}' is created and bound in the '{{ openshift_project }}' namespace." when: - pg_hostname is not defined or pg_hostname == '' - - openshift_pg_emptydir is defined and openshift_pg_emptydir != true + - openshift_pg_emptydir is defined and (openshift_pg_emptydir | bool) != true - name: Set postgresql service name set_fact: diff --git a/installer/roles/kubernetes/templates/configmap.yml.j2 b/installer/roles/kubernetes/templates/configmap.yml.j2 index 47eff32c89..871d7af5ab 100644 --- a/installer/roles/kubernetes/templates/configmap.yml.j2 +++ b/installer/roles/kubernetes/templates/configmap.yml.j2 @@ -1,33 +1,33 @@ apiVersion: v1 kind: ConfigMap metadata: - name: awx-config - namespace: {{ awx_kubernetes_namespace }} + name: {{ kubernetes_deployment_name }}-config + namespace: {{ kubernetes_namespace }} data: - secret_key: {{ awx_secret_key }} - awx_settings: | + secret_key: {{ secret_key }} + {{ kubernetes_deployment_name }}_settings: | import os import socket ADMINS = () - + # Container environments don't like chroots AWX_PROOT_ENABLED = False # Automatically deprovision pods that go offline AWX_AUTO_DEPROVISION_INSTANCES = True - SYSTEM_TASK_ABS_CPU = {{ ((awx_task_cpu_request|int / 1000) * 4)|int }} - SYSTEM_TASK_ABS_MEM = {{ ((awx_task_mem_request|int * 1024) / 100)|int }} + SYSTEM_TASK_ABS_CPU = {{ ((task_cpu_request|int / 1000) * 4)|int }} + SYSTEM_TASK_ABS_MEM = {{ ((task_mem_request|int * 1024) / 100)|int }} #Autoprovisioning should replace this CLUSTER_HOST_ID = socket.gethostname() SYSTEM_UUID = '00000000-0000-0000-0000-000000000000' SESSION_COOKIE_SECURE = False - CSRF_COOKIE_SECURE = False + CSRF_COOKIE_SECURE = False REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR'] - + STATIC_ROOT = '/var/lib/awx/public/static' PROJECTS_ROOT = '/var/lib/awx/projects' JOBOUTPUT_ROOT = '/var/lib/awx/job_status' @@ -42,13 +42,13 @@ data: EMAIL_HOST_USER = '' EMAIL_HOST_PASSWORD = '' EMAIL_USE_TLS = False - + LOGGING['handlers']['console'] = { '()': 'logging.StreamHandler', 'level': 'DEBUG', 'formatter': 'simple', } - + LOGGING['loggers']['django.request']['handlers'] = ['console'] LOGGING['loggers']['rest_framework.request']['handlers'] = ['console'] LOGGING['loggers']['awx']['handlers'] = ['console'] @@ -68,7 +68,7 @@ data: LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'} LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'} LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'} - + DATABASES = { 'default': { 'ATOMIC_REQUESTS': True, diff --git a/installer/roles/kubernetes/templates/deployment.yml.j2 b/installer/roles/kubernetes/templates/deployment.yml.j2 index 12e0149e1f..569f2cdc4b 100644 --- a/installer/roles/kubernetes/templates/deployment.yml.j2 +++ b/installer/roles/kubernetes/templates/deployment.yml.j2 @@ -2,7 +2,7 @@ kind: Service apiVersion: v1 metadata: - namespace: {{ awx_kubernetes_namespace }} + namespace: {{ kubernetes_namespace }} name: rabbitmq labels: app: rabbitmq @@ -14,12 +14,10 @@ spec: protocol: TCP port: 15672 targetPort: 15672 - nodePort: 31672 - name: amqp protocol: TCP port: 5672 targetPort: 5672 - nodePort: 30672 selector: app: rabbitmq @@ -28,7 +26,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: rabbitmq-config - namespace: {{ awx_kubernetes_namespace }} + namespace: {{ kubernetes_namespace }} data: enabled_plugins: | [rabbitmq_management,rabbitmq_peer_discovery_k8s]. @@ -54,7 +52,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: rabbitmq - namespace: {{ awx_kubernetes_namespace }} + namespace: {{ kubernetes_namespace }} {% if kubernetes_context is defined %} --- @@ -62,7 +60,7 @@ kind: Role apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: endpoint-reader - namespace: {{ awx_kubernetes_namespace }} + namespace: {{ kubernetes_namespace }} rules: - apiGroups: [""] resources: ["endpoints"] @@ -72,7 +70,7 @@ kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: endpoint-reader - namespace: {{ awx_kubernetes_namespace }} + namespace: {{ kubernetes_namespace }} subjects: - kind: ServiceAccount name: rabbitmq @@ -88,7 +86,7 @@ kind: Role apiVersion: v1 metadata: name: endpoint-reader - namespace: {{ awx_kubernetes_namespace }} + namespace: {{ kubernetes_namespace }} rules: - apiGroups: [""] resources: ["endpoints"] @@ -98,53 +96,58 @@ kind: RoleBinding apiVersion: v1 metadata: name: endpoint-reader - namespace: {{ awx_kubernetes_namespace }} + namespace: {{ kubernetes_namespace }} roleRef: name: endpoint-reader - namespace: {{ awx_kubernetes_namespace }} + namespace: {{ kubernetes_namespace }} subjects: - kind: ServiceAccount name: rabbitmq - namespace: {{ awx_kubernetes_namespace }} + namespace: {{ kubernetes_namespace }} userNames: - - system:serviceaccount:{{ awx_kubernetes_namespace }}:rabbitmq + - system:serviceaccount:{{ kubernetes_namespace }}:rabbitmq {% endif %} --- +{% if openshift_host is defined %} +apiVersion: v1 +kind: DeploymentConfig +{% else %} apiVersion: extensions/v1beta1 -kind: Deployment +kind: DeploymentConfig +{% endif %} metadata: - name: awx - namespace: {{ awx_kubernetes_namespace }} + name: {{ kubernetes_deployment_name }} + namespace: {{ kubernetes_namespace }} spec: replicas: 1 template: metadata: labels: - name: awx-web-deploy + name: {{ kubernetes_deployment_name }}-web-deploy service: django app: rabbitmq spec: serviceAccountName: rabbitmq containers: - - name: awx-web - image: {{ awx_web_kubernetes_image }} + - name: {{ kubernetes_deployment_name }}-web + image: {{ kubernetes_web_image | default(dockerhub_web_image) }} imagePullPolicy: Always ports: - containerPort: 8052 volumeMounts: - mountPath: /etc/tower - name: awx-application-config + name: {{ kubernetes_deployment_name }}-application-config resources: requests: - memory: "{{ awx_web_mem_request }}Gi" - cpu: "{{ awx_web_cpu_request }}m" - - name: awx-celery - image: {{ awx_task_kubernetes_image }} + memory: "{{ web_mem_request }}Gi" + cpu: "{{ web_cpu_request }}m" + - name: {{ kubernetes_deployment_name }}-celery + image: {{ kubernetes_task_image | default(dockerhub_task_image) }} imagePullPolicy: Always volumeMounts: - mountPath: /etc/tower - name: awx-application-config + name: {{ kubernetes_deployment_name }}-application-config env: - name: DATABASE_USER value: {{ pg_username }} @@ -166,10 +169,10 @@ spec: value: {{ default_admin_password|default('password') }} resources: requests: - memory: "{{ awx_task_mem_request }}Gi" - cpu: "{{ awx_task_cpu_request }}m" - - name: awx-rabbit - image: ansible/awx_rabbitmq:{{ rabbitmq_version }} + memory: "{{ task_mem_request }}Gi" + cpu: "{{ task_cpu_request }}m" + - name: {{ kubernetes_deployment_name }}-rabbit + image: "{{ kubernetes_rabbitmq_image }}:{{ kubernetes_rabbitmq_version }}" imagePullPolicy: Always ports: - name: http @@ -206,20 +209,20 @@ spec: mountPath: /etc/rabbitmq resources: requests: - memory: "{{ awx_rabbitmq_mem_request }}Gi" - cpu: "{{ awx_rabbitmq_cpu_request }}m" - - name: awx-memcached - image: memcached + memory: "{{ rabbitmq_mem_request }}Gi" + cpu: "{{ rabbitmq_cpu_request }}m" + - name: {{ kubernetes_deployment_name }}-memcached + image: "{{ kubernetes_memcached_image }}:{{ kubernetes_memcached_version }}" resources: requests: - memory: "{{ awx_memcached_mem_request }}Gi" - cpu: "{{ awx_memcached_cpu_request }}m" + memory: "{{ memcached_mem_request }}Gi" + cpu: "{{ memcached_cpu_request }}m" volumes: - - name: awx-application-config + - name: {{ kubernetes_deployment_name }}-application-config configMap: - name: awx-config + name: {{ kubernetes_deployment_name }}-config items: - - key: awx_settings + - key: {{ kubernetes_deployment_name }}_settings path: settings.py - key: secret_key path: SECRET_KEY @@ -235,10 +238,10 @@ spec: apiVersion: v1 kind: Service metadata: - name: awx-web-svc - namespace: {{ awx_kubernetes_namespace }} + name: {{ kubernetes_deployment_name }}-web-svc + namespace: {{ kubernetes_namespace }} labels: - name: awx-web-svc + name: {{ kubernetes_deployment_name }}-web-svc spec: type: "NodePort" ports: @@ -246,15 +249,15 @@ spec: port: 80 targetPort: 8052 selector: - name: awx-web-deploy + name: {{ kubernetes_deployment_name }}-web-deploy --- apiVersion: v1 kind: Service metadata: - name: awx-rmq-mgmt - namespace: {{ awx_kubernetes_namespace }} + name: {{ kubernetes_deployment_name }}-rmq-mgmt + namespace: {{ kubernetes_namespace }} labels: - name: awx-rmq-mgmt + name: {{ kubernetes_deployment_name }}-rmq-mgmt spec: type: ClusterIP ports: @@ -262,17 +265,17 @@ spec: port: 15672 targetPort: 15672 selector: - name: awx-web-deploy + name: {{ kubernetes_deployment_name }}-web-deploy {% if kubernetes_context is defined %} --- apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: awx-web-svc - namespace: {{ awx_kubernetes_namespace }} + name: {{ kubernetes_deployment_name }}-web-svc + namespace: {{ kubernetes_namespace }} spec: backend: - serviceName: awx-web-svc + serviceName: {{ kubernetes_deployment_name }}-web-svc servicePort: 80 {% endif %} {% if openshift_host is defined %} @@ -280,8 +283,8 @@ spec: apiVersion: v1 kind: Route metadata: - name: awx-web-svc - namespace: {{ awx_kubernetes_namespace }} + name: {{ kubernetes_deployment_name }}-web-svc + namespace: {{ kubernetes_namespace }} spec: port: targetPort: http @@ -290,7 +293,7 @@ spec: termination: edge to: kind: Service - name: awx-web-svc + name: {{ kubernetes_deployment_name }}-web-svc weight: 100 wildcardPolicy: None {% endif %} diff --git a/installer/roles/local_docker/tasks/set_image.yml b/installer/roles/local_docker/tasks/set_image.yml index ac1bc7a079..4442da1617 100644 --- a/installer/roles/local_docker/tasks/set_image.yml +++ b/installer/roles/local_docker/tasks/set_image.yml @@ -3,29 +3,20 @@ block: - name: Export Docker web image if it isnt local and there isnt a registry defined docker_image: - name: "{{ awx_web_image }}" + name: "{{ web_image }}" tag: "{{ awx_version }}" - archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" + archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ web_image }}_{{ awx_version }}.tar" when: inventory_hostname != "localhost" and docker_registry is not defined delegate_to: localhost - name: Export Docker task image if it isnt local and there isnt a registry defined docker_image: - name: "{{ awx_task_image }}" + name: "{{ task_image }}" tag: "{{ awx_version }}" - archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" + archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ task_image }}_{{ awx_version }}.tar" when: inventory_hostname != "localhost" and docker_registry is not defined delegate_to: localhost - - name: Authenticate with Docker registry if registry password given - docker_login: - registry: "{{ docker_registry }}" - username: "{{ docker_registry_username }}" - password: "{{ docker_registry_password }}" - reauthorize: yes - when: docker_registry is defined and docker_registry_password is defined - delegate_to: localhost - - name: Set docker base path set_fact: docker_deploy_base_path: "{{ awx_base_path|default('/tmp') }}/docker_deploy" @@ -39,40 +30,36 @@ - name: Copy web image to docker execution copy: - src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar" - dest: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" + src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ web_image }}_{{ awx_version }}.tar" + dest: "{{ docker_deploy_base_path }}/{{ web_image }}_{{ awx_version }}.tar" when: ansible_connection != "local" and docker_registry is not defined - name: Copy task image to docker execution copy: - src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar" + src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ task_image }}_{{ awx_version }}.tar" dest: "{{ docker_deploy_base_path }}" when: ansible_connection != "local" and docker_registry is not defined - name: Load web image docker_image: - name: "{{ awx_web_image }}" + name: "{{ web_image }}" tag: "{{ awx_version }}" - load_path: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar" + load_path: "{{ docker_deploy_base_path }}/{{ web_image }}_{{ awx_version }}.tar" timeout: 300 when: ansible_connection != "local" and docker_registry is not defined - name: Load task image docker_image: - name: "{{ awx_task_image }}" + name: "{{ task_image }}" tag: "{{ awx_version }}" - load_path: "{{ docker_deploy_base_path }}/{{ awx_task_image }}_{{ awx_version }}.tar" + load_path: "{{ docker_deploy_base_path }}/{{ task_image }}_{{ awx_version }}.tar" timeout: 300 when: ansible_connection != "local" and docker_registry is not defined - - include_role: - name: image_push - when: docker_registry is defined and dockerhub_base is not defined - - name: Set full image path for local install set_fact: - awx_web_docker_actual_image: "{{ awx_web_image }}:{{ awx_version }}" - awx_task_docker_actual_image: "{{ awx_task_image }}:{{ awx_version }}" + awx_web_docker_actual_image: "{{ web_image }}:{{ awx_version }}" + awx_task_docker_actual_image: "{{ task_image }}:{{ awx_version }}" when: docker_registry is not defined when: dockerhub_base is not defined diff --git a/installer/roles/local_docker/tasks/standalone.yml b/installer/roles/local_docker/tasks/standalone.yml index cba2379aa1..6bfefe9c49 100644 --- a/installer/roles/local_docker/tasks/standalone.yml +++ b/installer/roles/local_docker/tasks/standalone.yml @@ -96,7 +96,7 @@ http_proxy: "{{ http_proxy | default('') }}" https_proxy: "{{ https_proxy | default('') }}" no_proxy: "{{ no_proxy | default('') }}" - SECRET_KEY: "{{ awx_secret_key }}" + SECRET_KEY: "{{ secret_key }}" DATABASE_NAME: "{{ pg_database }}" DATABASE_USER: "{{ pg_username }}" DATABASE_PASSWORD: "{{ pg_password }}" @@ -132,7 +132,7 @@ http_proxy: "{{ http_proxy | default('') }}" https_proxy: "{{ https_proxy | default('') }}" no_proxy: "{{ no_proxy | default('') }}" - SECRET_KEY: "{{ awx_secret_key }}" + SECRET_KEY: "{{ secret_key }}" DATABASE_NAME: "{{ pg_database }}" DATABASE_USER: "{{ pg_username }}" DATABASE_PASSWORD: "{{ pg_password }}" diff --git a/installer/roles/local_docker/templates/docker-compose.yml.j2 b/installer/roles/local_docker/templates/docker-compose.yml.j2 index b3618fb706..4d6a4b5d2c 100644 --- a/installer/roles/local_docker/templates/docker-compose.yml.j2 +++ b/installer/roles/local_docker/templates/docker-compose.yml.j2 @@ -46,7 +46,7 @@ services: http_proxy: {{ http_proxy | default('') }} https_proxy: {{ https_proxy | default('') }} no_proxy: {{ no_proxy | default('') }} - SECRET_KEY: {{ awx_secret_key }} + SECRET_KEY: {{ secret_key }} DATABASE_NAME: {{ pg_database }} DATABASE_USER: {{ pg_username }} DATABASE_PASSWORD: {{ pg_password }} @@ -105,7 +105,7 @@ services: http_proxy: {{ http_proxy | default('') }} https_proxy: {{ https_proxy | default('') }} no_proxy: {{ no_proxy | default('') }} - SECRET_KEY: {{ awx_secret_key }} + SECRET_KEY: {{ secret_key }} DATABASE_NAME: {{ pg_database }} DATABASE_USER: {{ pg_username }} DATABASE_PASSWORD: {{ pg_password }}