ansible/roles/ocp4-workload-kube-federation/defaults/main.yml
New file @@ -0,0 +1,8 @@ --- become_override: False ocp_username: opentlc-mgr silent: False _federation_project: openshift-federation _federation_project_display: "OpenShift Federation" _federation_subscription_csv: "kubefed-operator.v0.1.0" ansible/roles/ocp4-workload-kube-federation/readme.adoc
New file @@ -0,0 +1,120 @@ = ocp4-workload-kube-federation - Deploy Kube Federation to OpenShift == Role overview * This role installs Kube Federation into an OpenShift Cluster. It consists of the following playbooks: ** Playbook: link:./tasks/pre_workload.yml[pre_workload.yml] - Sets up an environment for the workload deployment. *** Debug task will print out: `pre_workload Tasks completed successfully.` ** Playbook: link:./tasks/workload.yml[workload.yml] - Used to deploy Kube Federation *** This role creates a namespace (project) and deploys the operator *** Debug task will print out: `workload Tasks completed successfully.` ** Playbook: link:./tasks/post_workload.yml[post_workload.yml] - Used to configure the workload after deployment *** This role doesn't do anything here *** Debug task will print out: `post_workload Tasks completed successfully.` ** Playbook: link:./tasks/remove_workload.yml[remove_workload.yml] - Used to delete the workload *** This role removes Kube Federation *** Debug task will print out: `remove_workload Tasks completed successfully.` == Review the defaults variable file * This file link:./defaults/main.yml[./defaults/main.yml] contains all the variables you need to define to control the deployment of your workload. * The variable *ocp_username* is mandatory to assign the workload to the correct OpenShift user. * A variable *silent=True* can be passed to suppress debug messages. * Other variables: ** *_federation_project*: The name of the project to create and install Kube Federation to. Default: `openshift-federation` ** *_federation_project_display*: The display name of the project. Default: `OpenShift Federation` ** *_federation_subscription_csv*: The ClusterServiceVersion to be deployed. Default: `kubefed-operator.v0.1.0` * You can modify any of these default values by adding `-e "variable_name=variable_value"` to the command line === Deploy a Workload with the `ocp-workload` playbook [Mostly for testing] ---- TARGET_HOST="bastion.na311.openshift.opentlc.com" OCP_USERNAME="shacharb-redhat.com" WORKLOAD="ocp4-workload-kube-federation" GUID=1001 # a TARGET_HOST is specified in the command line, without using an inventory file ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ -e"ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem" \ -e"ansible_user=ec2-user" \ -e"ocp_username=${OCP_USERNAME}" \ -e"ocp_workload=${WORKLOAD}" \ -e"silent=False" \ -e"guid=${GUID}" \ -e"ACTION=create" ---- === To Delete an environment ---- TARGET_HOST="bastion.na311.openshift.opentlc.com" OCP_USERNAME="ankay-redhat.com" WORKLOAD="ocp4-workload-kube-federation" GUID=1002 # a TARGET_HOST is specified in the command line, without using an inventory file ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ -e"ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem" \ -e"ansible_user=ec2-user" \ -e"ocp_username=${OCP_USERNAME}" \ -e"ocp_workload=${WORKLOAD}" \ -e"guid=${GUID}" \ -e"ACTION=remove" ---- == Other related information: === Deploy Workload on OpenShift Cluster from an existing playbook: [source,yaml] ---- - name: Deploy a workload role on a master host hosts: all become: true gather_facts: False tags: - step007 roles: - { role: "{{ocp_workload}}", when: 'ocp_workload is defined' } ---- NOTE: You might want to change `hosts: all` to fit your requirements === Set up your Ansible inventory file * You can create an Ansible inventory file to define your connection method to your host (Master/Bastion with `oc` command) * You can also use the command line to define the hosts directly if your `ssh` configuration is set to connect to the host correctly * You can also use the command line to use localhost or if your cluster is already authenticated and configured in your `oc` configuration .Example inventory file [source, ini] ---- [gptehosts:vars] ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem ansible_user=ec2-user [gptehosts:children] openshift [openshift] bastion.cluster1.openshift.opentlc.com bastion.cluster2.openshift.opentlc.com bastion.cluster3.openshift.opentlc.com bastion.cluster4.openshift.opentlc.com [dev] bastion.cluster1.openshift.opentlc.com bastion.cluster2.openshift.opentlc.com [prod] bastion.cluster3.openshift.opentlc.com bastion.cluster4.openshift.opentlc.com ---- ansible/roles/ocp4-workload-kube-federation/tasks/main.yml
New file @@ -0,0 +1,31 @@ --- # Do not modify this file - name: Running Pre Workload Tasks include_tasks: file: ./pre_workload.yml apply: become: "{{ become_override | bool }}" when: ACTION == "create" or ACTION == "provision" - name: Running Workload Tasks include_tasks: file: ./workload.yml apply: become: "{{ become_override | bool }}" when: ACTION == "create" or ACTION == "provision" - name: Running Post Workload Tasks include_tasks: file: ./post_workload.yml apply: become: "{{ become_override | bool }}" when: ACTION == "create" or ACTION == "provision" - name: Running Workload removal Tasks include_tasks: file: ./remove_workload.yml apply: become: "{{ become_override | bool }}" when: ACTION == "destroy" or ACTION == "remove" ansible/roles/ocp4-workload-kube-federation/tasks/post_workload.yml
New file @@ -0,0 +1,9 @@ --- # Implement your Post Workload deployment tasks here # Leave this as the last task in the playbook. - name: post_workload tasks complete debug: msg: "Post-Workload Tasks completed successfully." when: not silent|bool ansible/roles/ocp4-workload-kube-federation/tasks/pre_workload.yml
New file @@ -0,0 +1,8 @@ --- # Implement your Pre Workload deployment tasks here # Leave this as the last task in the playbook. - name: pre_workload tasks complete debug: msg: "Pre-Workload tasks completed successfully." when: not silent|bool ansible/roles/ocp4-workload-kube-federation/tasks/remove_workload.yml
New file @@ -0,0 +1,31 @@ --- # Implement your Workload removal tasks here # - name: Remove KubeFed # k8s: # state: absent # definition: "{{ lookup('template', item ) | from_yaml }}" # loop: # - ./templates/kubefed.j2 - name: Remove Kube Federation Operator k8s: state: absent definition: "{{ lookup('template', item ) | from_yaml }}" loop: - ./templates/subscription.j2 - ./templates/catalog_source_config.j2 - ./templates/operator_group.j2 - name: Remove Kube Federation Project k8s: name: "{{ _federation_project }}" api_version: v1 kind: Namespace state: absent # Leave this as the last task in the playbook. - name: remove_workload tasks complete debug: msg: "Remove Workload tasks completed successfully." when: not silent|bool ansible/roles/ocp4-workload-kube-federation/tasks/workload.yml
New file @@ -0,0 +1,42 @@ --- # Implement your Workload deployment tasks here - name: Setting up workload for user debug: msg: "Setting up workload for user ocp_username = {{ ocp_username }}" - name: Create OpenShift Objects for Kube Federation k8s: state: present merge_type: - strategic-merge - merge definition: "{{ lookup('template', item ) | from_yaml }}" loop: - ./templates/project.j2 - ./templates/operator_group.j2 - ./templates/catalog_source_config.j2 - ./templates/subscription.j2 - name: Wait until CSV is Installed command: oc get csv -o jsonpath --template='{$.items[:1].status.phase}' -n "{{ _federation_project }}" register: csv retries: 30 delay: 10 until: csv.stdout == "Succeeded" # - name: Create KubeFed # k8s: # state: present # merge_type: # - strategic-merge # - merge # definition: "{{ lookup('template', item ) | from_yaml }}" # loop: # - ./templates/kubefed.j2 # Leave this as the last task in the playbook. - name: workload tasks complete debug: msg: "Workload Tasks completed successfully." when: not silent|bool ansible/roles/ocp4-workload-kube-federation/templates/catalog_source_config.j2
New file @@ -0,0 +1,10 @@ apiVersion: operators.coreos.com/v1 kind: CatalogSourceConfig metadata: name: "installed-kubefed-{{ _federation_project }}" namespace: openshift-marketplace spec: csDisplayName: Community Operators csPublisher: Community targetNamespace: "{{ _federation_project }}" packages: kubefed-operator ansible/roles/ocp4-workload-kube-federation/templates/kubefed.j2
New file @@ -0,0 +1,7 @@ apiVersion: operator.kubefed.io/v1alpha1 kind: KubeFed metadata: name: kubefed-resource namespace: "{{ _federation_project }}" spec: scope: Namespaced ansible/roles/ocp4-workload-kube-federation/templates/operator_group.j2
New file @@ -0,0 +1,8 @@ apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: kubefed namespace: "{{ _federation_project }}" spec: targetNamespaces: - "{{ _federation_project }}" ansible/roles/ocp4-workload-kube-federation/templates/project.j2
New file @@ -0,0 +1,10 @@ apiVersion: project.openshift.io/v1 kind: Project metadata: annotations: openshift.io/description: "" openshift.io/display-name: "{{ _federation_project_display }}" name: "{{ _federation_project }}" spec: finalizers: - kubernetes ansible/roles/ocp4-workload-kube-federation/templates/subscription.j2
New file @@ -0,0 +1,12 @@ apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: federation namespace: "{{ _federation_project }}" spec: channel: alpha installPlanApproval: Automatic name: kubefed-operator startingCSV: kubefed-operator.v0.1.0 source: "installed-kubefed-{{ _federation_project }}" sourceNamespace: "{{ _federation_project }}"