Change _input -> _vars, _secret -> _secrets (#1335)

Wolfgang Kulhanek

2020-03-14 1d687af25e920f5913b05853ba6b4c8c330b5690

Change _input -> _vars, _secret -> _secrets (#1335)

 ansible/configs/ocp-workloads/destroy_env.yml

@@ -15,8 +15,8 @@
    set_fact:
      config_ocp_workloads: >-
        {{ config_ocp_workloads_defaults
        | combine( config_ocp_workloads_input  | default( {} ),
                   config_ocp_workloads_secret | default( {} ), recursive=true)
        | combine( config_ocp_workloads_vars    | default( {} ),
                   config_ocp_workloads_secrets | default( {} ), recursive=true)
        }}
  - name: Print combined role variables
    debug:

 ansible/configs/ocp-workloads/env_vars.yml

@@ -3,7 +3,7 @@

# Default variables
# Can't use 'ocp_workloads' because that's the other input to the role...
# Can be overridden via a dictionary called config_ocp_workloads_input
# Can be overridden via a dictionary called config_ocp_workloads_vars
config_ocp_workloads_defaults:
  virtualenv_path: /opt/virtualenvs/k8s


 ansible/configs/ocp-workloads/post_software.yml

@@ -10,8 +10,8 @@
    set_fact:
      config_ocp_workloads: >-
        {{ config_ocp_workloads_defaults
        | combine( config_ocp_workloads_input  | default( {} ),
                   config_ocp_workloads_secret | default( {} ), recursive=true)
        | combine( config_ocp_workloads_vars    | default( {} ),
                   config_ocp_workloads_secrets | default( {} ), recursive=true)
        }}
  - name: Print combined role variables
    debug:

 ansible/roles/host-virtualenv/defaults/main.yml

New file
@@ -0,0 +1,17 @@
---
become_override: False
ocp_username: "system:admin"
silent: False

host_virtualenv_defaults:
  virtualenv_path: /opt/virtualenvs/k8s
  install_virtualenv: false
  virtualenv_package:
  - python-virtualenv
# - python34-virtualenv
# - python36-virtualenv
  virtualenv_python: /usr/bin/python
  python_packages:
  - ansible==2.9.6
  - openshift=0.10.2
  - selinux==0.2.1

 ansible/roles/host-virtualenv/meta/main.yml

New file
@@ -0,0 +1,15 @@
---
galaxy_info:
  role_name: host-virtualenv
  author: Wolfgang Kulhanek
  description: |
    Set up a Python VirtualEnv on a Host
  license: MIT
  min_ansible_version: 2.8
  platforms: []
  galaxy_tags:
  - ocp
  - openshift
  - python
  - virtualenv
dependencies: []

 ansible/roles/host-virtualenv/readme.adoc

New file
@@ -0,0 +1,66 @@
= host-virtualenv - Set up a Python VirtualEnv on a host

== Role overview

* This role set up a Python virtual environment on a host. It consists of the following playbooks:
** Playbook: link:./tasks/pre_workload.yml[pre_workload.yml] - Sets up an
 environment for the workload deployment.
*** Debug task will print out: `pre_workload Tasks completed successfully.`

** Playbook: link:./tasks/workload.yml[workload.yml] - Used to configure authentication
*** Debug task will print out: `workload Tasks completed successfully.`

** Playbook: link:./tasks/post_workload.yml[post_workload.yml] - Used to
 configure the workload after deployment
*** This role doesn't do anything here
*** Debug task will print out: `post_workload Tasks completed successfully.`

** Playbook: link:./tasks/remove_workload.yml[remove_workload.yml] - Used to
 delete the workload
*** This role removes authentication from OCP 4. This role does *not* recreate the kubeadmin user - the only way to use OpenShift after removing the workload is via the `system:admin` user from the bastion VM.
*** Debug task will print out: `remove_workload Tasks completed successfully.`

== Review the defaults variable file

* This file link:./defaults/main.yml[./defaults/main.yml] contains all the variables you need to define to control the deployment of your workload.
* The variable *ocp_username* is mandatory to assign the workload to the correct OpenShift user.
* A variable *silent=True* can be passed to suppress debug messages.
* You can modify any of these default values by adding `-e "variable_name=variable_value"` to the command line

=== Deploy a Workload with the `ocp-workload` playbook [Mostly for testing]

----
TARGET_HOST="bastion.wk.red.osp.opentlc.com"
OCP_USERNAME="wkulhane"
WORKLOAD="ocp4-workload-authentication"
GUID=wk

# a TARGET_HOST is specified in the command line, without using an inventory file
ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \
    -e"ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem" \
    -e"ansible_user=cloud-user" \
    -e"ocp_username=${OCP_USERNAME}" \
    -e"ocp_workload=${WORKLOAD}" \
    -e"silent=False" \
    -e"guid=${GUID}" \
    -e"ACTION=create"
----

=== To Delete an environment

----
TARGET_HOST="bastion.wk.red.osp.opentlc.com"
OCP_USERNAME="wkulhane"
WORKLOAD="ocp4-workload-authentication"
GUID=wk

# a TARGET_HOST is specified in the command line, without using an inventory file
ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \
    -e"ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem" \
    -e"ansible_user=ec2-user" \
    -e"ocp_username=${OCP_USERNAME}" \
    -e"ocp_workload=${WORKLOAD}" \
    -e"guid=${GUID}" \
    -e"ACTION=remove"
----


 ansible/roles/host-virtualenv/tasks/main.yml

New file
@@ -0,0 +1,32 @@
---
- name: Set up combined host_virtualenv dictionary
  set_fact:
    host_virtualenv: >-
      {{ host_virtualenv_defaults
       | combine(host_virtualenv_vars    | default( {} ),
                 host_virtualenv_secrets | default( {} ), recursive=true)
      }}
- name: Print combined role variables
  debug:
    var: host_virtualenv
    verbosity: 2

- name: Check if desired virtualenv is available on the host
  stat:
    path: "{{ host_virtualenv.virtualenv_path}}/bin/python"
  register: r_virtualenv

- name: Install Virtualenv if it doesn't exist yet
  when:
  - not r_virtualenv.exists
  block:
  - name: Ensure Virtualenv package is installed
    package:
      state: present
      name: "{{ host_virtualenv.virtualenv_package }}"
  - name: Set up Virtualenv
    pip:
      state: present
      name: "{{ host_virtualenv.python_packages }}"
      virtualenv: "{{ host_virtualenv.virtualenv_path }}"
      virtualenv_python: "{{ host_virtualenv.virtualenv_python }}"

 ansible/roles/ocp4-workload-authentication/defaults/main.yml

@@ -31,13 +31,13 @@
  remove_kubeadmin: true

# Override the defaults by setting the overrides in
# ocp4_workload_logging_input: {}
# ocp4_workload_logging_vars: {}
#
# For example to set up LDAP:
# ocp4_workload_authentication_input:
# ocp4_workload_authentication_vars:
#   idm_type: ldap
#   admin_user: wkulhane-redhat.com

# Secret Variables should come from secrets file
# ocp4_workload_authentication_secret:
# ocp4_workload_authentication_secrets:
#   ldap_bind_password: <should come from secrets>

 ansible/roles/ocp4-workload-authentication/tasks/workload.yml

@@ -3,8 +3,8 @@
  set_fact:
    ocp4_workload_authentication: >-
      {{ ocp4_workload_authentication_defaults
       | combine(ocp4_workload_authentication_input  | default( {} ),
                 ocp4_workload_authentication_secret | default( {} ), recursive=true)
       | combine(ocp4_workload_authentication_vars    | default( {} ),
                 ocp4_workload_authentication_secrets | default( {} ), recursive=true)
      }}
- name: Print combined role variables
  debug:

 ansible/roles/ocp4-workload-logging/defaults/main.yml

@@ -11,7 +11,7 @@
  elasticsearch_storage_request: "50Gi"

# Override the defaults by setting the overrides in
# ocp4_workload_logging_input: {}
# ocp4_workload_logging_vars: {}
#
# Example: Set up Cluster Logging on dedicated nodes
# In this example `elasticsearch` nodes.
@@ -29,7 +29,7 @@
#    value: reserved
#    effect: NoExecute

# ocp4_workload_logging_inputs:
# ocp4_workload_logging_vars:
#   node_role: "elasticsearch"
#   elasticsearch_replicas: 1
#   elasticsearch_memory_request: "8Gi"

 ansible/roles/ocp4-workload-logging/tasks/workload.yml

@@ -3,8 +3,8 @@
  set_fact:
    ocp4_workload_logging: >-
      {{ ocp4_workload_logging_defaults
       | combine(ocp4_workload_logging_input  | default( {} ),
                 ocp4_workload_logging_secret | default( {}), recursive=true )
       | combine(ocp4_workload_logging_vars    | default( {} ),
                 ocp4_workload_logging_secrets | default( {}), recursive=true )
      }}
- name: Print combined role variables
  debug:

 ansible/roles/ocp4-workload-machinesets/defaults/main.yml

@@ -9,8 +9,7 @@
#      more descriptive names.
ocp4_workload_machinesets_defaults:
  machineset_groups:
  # Infranodes: Must be named "infra" if
  # desired
  # Infranodes: Must be named "infra"
  - name: infra
    autoscale: false
    total_replicas: 1
@@ -30,13 +29,10 @@
# instance_type for OpenStack
#   instance_type: "4c16g30d"

# Override the defaults by setting the overrides in
# ocp4_workload_logging_input: {}

# To add Elasticsearch nodes (for Cluster Logging) add the following to
# the ocp4_workload_machinesets_group:
#
# ocp4_workload_machinesets_input:
# ocp4_workload_machinesets_vars:
# - name: elasticsearch
#   autoscale: false
#   total_replicas: 1
@@ -56,7 +52,7 @@
# To add another group of worker nodes - with autoscaling enabled add
# the following:
#
# ocp4_workload_machinesets_input:
# ocp4_workload_machinesets_vars:
# - name: worker-scaled
#   autoscale: true
#   total_replicas: 1
@@ -70,7 +66,7 @@
# following to the ocp4_workloads_machineset_group.
# Make sure you have enough disk space (and quota):
#
# ocp4_workload_machinesets_input:
# ocp4_workload_machinesets_vars:
# - name: ocs
#   autoscale: false
#   total_replicas: 3

 ansible/roles/ocp4-workload-machinesets/tasks/workload.yml

@@ -3,8 +3,8 @@
  set_fact:
    ocp4_workload_machinesets: >-
      {{ ocp4_workload_machinesets_defaults
       | combine(ocp4_workload_machinesets_input  | default( {} ),
                 ocp4_workload_machinesets_secret | default( {} ), recursive=true )
       | combine(ocp4_workload_machinesets_vars    | default( {} ),
                 ocp4_workload_machinesets_secrets | default( {} ), recursive=true )
      }}
- name: Print combined role variables
  debug:

 ansible/roles/ocp4-workload-quay-operator/defaults/main.yml

@@ -4,7 +4,7 @@
silent: False

# Default variables. Overwrite with a dictionary
# ocp4_workload_quay_operator_input
# ocp4_workload_quay_operator_vars

ocp4_workload_quay_operator_defaults:
  project: quay-enterprise
@@ -87,7 +87,7 @@
# Access Credentials for Quay.io to pull Red Hat Quay
# Should be overwritten via base64 encoded Global Variables !!!
# reference https://access.redhat.com/solutions/3533201
# ocp4_workload_quay_operator_secret:
# ocp4_workload_quay_operator_secrets:
#   quay_dockerconfigjson: 'pull_secret'

# Internal variables. Don't set or change

 ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml

@@ -3,8 +3,8 @@
  set_fact:
    ocp4_workload_quay_operator: >-
      {{ ocp4_workload_quay_operator_defaults
       | combine(ocp4_workload_quay_operator_input  | default( {} ),
                 ocp4_workload_quay_operator_secret | default( {} ), recursive=true)
       | combine(ocp4_workload_quay_operator_vars    | default( {} ),
                 ocp4_workload_quay_operator_secrets | default( {} ), recursive=true)
      }}

- name: Remove Red Hat Quay Operator

 ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml

@@ -3,8 +3,8 @@
  set_fact:
    ocp4_workload_quay_operator: >-
      {{ ocp4_workload_quay_operator_defaults
       | combine(ocp4_workload_quay_operator_input  | default( {} ),
                 ocp4_workload_quay_operator_secret | default( {} ), recursive=true)
       | combine(ocp4_workload_quay_operator_vars    | default( {} ),
                 ocp4_workload_quay_operator_secrets | default( {} ), recursive=true)
      }}
- name: Print combined role variables
  debug: