mirror of
https://github.com/ansible/awx.git
synced 2026-02-16 10:40:01 -03:30
297 lines
7.3 KiB
Django/Jinja
297 lines
7.3 KiB
Django/Jinja
---
|
|
kind: Service
|
|
apiVersion: v1
|
|
metadata:
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
name: rabbitmq
|
|
labels:
|
|
app: rabbitmq
|
|
type: LoadBalancer
|
|
spec:
|
|
type: NodePort
|
|
ports:
|
|
- name: http
|
|
protocol: TCP
|
|
port: 15672
|
|
targetPort: 15672
|
|
nodePort: 31672
|
|
- name: amqp
|
|
protocol: TCP
|
|
port: 5672
|
|
targetPort: 5672
|
|
nodePort: 30672
|
|
selector:
|
|
app: rabbitmq
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: rabbitmq-config
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
data:
|
|
enabled_plugins: |
|
|
[rabbitmq_management,rabbitmq_peer_discovery_k8s].
|
|
rabbitmq.conf: |
|
|
default_user = awx
|
|
default_pass = abcdefg
|
|
default_vhost = awx
|
|
|
|
## Clustering
|
|
cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s
|
|
cluster_formation.k8s.host = kubernetes.default.svc.cluster.local
|
|
cluster_formation.k8s.address_type = ip
|
|
cluster_formation.node_cleanup.interval = 10
|
|
cluster_formation.node_cleanup.only_log_warning = false
|
|
cluster_partition_handling = autoheal
|
|
## queue master locator
|
|
queue_master_locator=min-masters
|
|
## enable guest user
|
|
loopback_users.guest = false
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: rabbitmq
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
|
|
{% if kubernetes_context is defined %}
|
|
---
|
|
kind: Role
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
metadata:
|
|
name: endpoint-reader
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["endpoints"]
|
|
verbs: ["get"]
|
|
---
|
|
kind: RoleBinding
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
metadata:
|
|
name: endpoint-reader
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: rabbitmq
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: endpoint-reader
|
|
{% endif %}
|
|
|
|
{% if openshift_host is defined %}
|
|
---
|
|
kind: Role
|
|
apiVersion: v1
|
|
metadata:
|
|
name: endpoint-reader
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["endpoints"]
|
|
verbs: ["get"]
|
|
---
|
|
kind: RoleBinding
|
|
apiVersion: v1
|
|
metadata:
|
|
name: endpoint-reader
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
roleRef:
|
|
name: endpoint-reader
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: rabbitmq
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
userNames:
|
|
- system:serviceaccount:{{ awx_kubernetes_namespace }}:rabbitmq
|
|
{% endif %}
|
|
|
|
---
|
|
apiVersion: extensions/v1beta1
|
|
kind: Deployment
|
|
metadata:
|
|
name: awx
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
spec:
|
|
replicas: 1
|
|
template:
|
|
metadata:
|
|
labels:
|
|
name: awx-web-deploy
|
|
service: django
|
|
app: rabbitmq
|
|
spec:
|
|
serviceAccountName: rabbitmq
|
|
containers:
|
|
- name: awx-web
|
|
image: {{ awx_web_kubernetes_image }}
|
|
imagePullPolicy: Always
|
|
ports:
|
|
- containerPort: 8052
|
|
volumeMounts:
|
|
- mountPath: /etc/tower
|
|
name: awx-application-config
|
|
resources:
|
|
requests:
|
|
memory: "{{ awx_web_mem_request }}Gi"
|
|
cpu: "{{ awx_web_cpu_request }}m"
|
|
- name: awx-celery
|
|
image: {{ awx_task_kubernetes_image }}
|
|
imagePullPolicy: Always
|
|
volumeMounts:
|
|
- mountPath: /etc/tower
|
|
name: awx-application-config
|
|
env:
|
|
- name: DATABASE_USER
|
|
value: {{ pg_username }}
|
|
- name: DATABASE_NAME
|
|
value: {{ pg_database }}
|
|
- name: DATABASE_HOST
|
|
value: {{ pg_hostname|default('postgresql') }}
|
|
- name: DATABASE_PORT
|
|
value: "{{ pg_port|default('5432') }}"
|
|
- name: DATABASE_PASSWORD
|
|
value: {{ pg_password }}
|
|
- name: MEMCACHED_HOST
|
|
value: {{ memcached_hostname|default('localhost') }}
|
|
- name: RABBITMQ_HOST
|
|
value: {{ rabbitmq_hostname|default('localhost') }}
|
|
- name: AWX_ADMIN_USER
|
|
value: {{ default_admin_user|default('admin') }}
|
|
- name: AWX_ADMIN_PASSWORD
|
|
value: {{ default_admin_password|default('password') }}
|
|
resources:
|
|
requests:
|
|
memory: "{{ awx_task_mem_request }}Gi"
|
|
cpu: "{{ awx_task_cpu_request }}m"
|
|
- name: awx-rabbit
|
|
image: ansible/awx_rabbitmq:{{ rabbitmq_version }}
|
|
imagePullPolicy: Always
|
|
ports:
|
|
- name: http
|
|
protocol: TCP
|
|
containerPort: 15672
|
|
- name: amqp
|
|
protocol: TCP
|
|
containerPort: 5672
|
|
livenessProbe:
|
|
exec:
|
|
command: ["rabbitmqctl", "status"]
|
|
initialDelaySeconds: 30
|
|
timeoutSeconds: 10
|
|
readinessProbe:
|
|
exec:
|
|
command: ["rabbitmqctl", "status"]
|
|
initialDelaySeconds: 10
|
|
timeoutSeconds: 10
|
|
env:
|
|
- name: MY_POD_IP
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: status.podIP
|
|
- name: RABBITMQ_USE_LONGNAME
|
|
value: "true"
|
|
- name: RABBITMQ_NODENAME
|
|
value: "rabbit@$(MY_POD_IP)"
|
|
- name: K8S_SERVICE_NAME
|
|
value: "rabbitmq"
|
|
- name: RABBITMQ_ERLANG_COOKIE
|
|
value: "cookiemonster"
|
|
volumeMounts:
|
|
- name: rabbitmq-config
|
|
mountPath: /etc/rabbitmq
|
|
resources:
|
|
requests:
|
|
memory: "{{ awx_rabbitmq_mem_request }}Gi"
|
|
cpu: "{{ awx_rabbitmq_cpu_request }}m"
|
|
- name: awx-memcached
|
|
image: memcached
|
|
resources:
|
|
requests:
|
|
memory: "{{ awx_memcached_mem_request }}Gi"
|
|
cpu: "{{ awx_memcached_cpu_request }}m"
|
|
volumes:
|
|
- name: awx-application-config
|
|
configMap:
|
|
name: awx-config
|
|
items:
|
|
- key: awx_settings
|
|
path: settings.py
|
|
- key: secret_key
|
|
path: SECRET_KEY
|
|
- name: rabbitmq-config
|
|
configMap:
|
|
name: rabbitmq-config
|
|
items:
|
|
- key: rabbitmq.conf
|
|
path: rabbitmq.conf
|
|
- key: enabled_plugins
|
|
path: enabled_plugins
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: awx-web-svc
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
labels:
|
|
name: awx-web-svc
|
|
spec:
|
|
type: "NodePort"
|
|
ports:
|
|
- name: http
|
|
port: 80
|
|
targetPort: 8052
|
|
selector:
|
|
name: awx-web-deploy
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: awx-rmq-mgmt
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
labels:
|
|
name: awx-rmq-mgmt
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- name: rmqmgmt
|
|
port: 15672
|
|
targetPort: 15672
|
|
selector:
|
|
name: awx-web-deploy
|
|
{% if kubernetes_context is defined %}
|
|
---
|
|
apiVersion: extensions/v1beta1
|
|
kind: Ingress
|
|
metadata:
|
|
name: awx-web-svc
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
spec:
|
|
backend:
|
|
serviceName: awx-web-svc
|
|
servicePort: 80
|
|
{% endif %}
|
|
{% if openshift_host is defined %}
|
|
---
|
|
apiVersion: v1
|
|
kind: Route
|
|
metadata:
|
|
name: awx-web-svc
|
|
namespace: {{ awx_kubernetes_namespace }}
|
|
spec:
|
|
port:
|
|
targetPort: http
|
|
tls:
|
|
insecureEdgeTerminationPolicy: Allow
|
|
termination: edge
|
|
to:
|
|
kind: Service
|
|
name: awx-web-svc
|
|
weight: 100
|
|
wildcardPolicy: None
|
|
{% endif %}
|