parent: 2705314c | patch | commit | ignore whitespace
Hong
2019-09-11 8cb425b2859a31f3aae49da4eadade2bc2f58f24 
https://github.com/redhat-gpe/fuse_7_foundations_part_1/issues/205 (#701)

1 files deleted
6 files modified
851 ■■■■ changed files
ansible/roles/ocp-workload-fuse-ignite/defaults/main.yml 66 ●●●● patch | view | raw | blame | history
ansible/roles/ocp-workload-fuse-ignite/ilt_provision.sh 5 ●●●●● patch | view | raw | blame | history
ansible/roles/ocp-workload-fuse-ignite/readme.adoc 4 ●●●● patch | view | raw | blame | history
ansible/roles/ocp-workload-fuse-ignite/tasks/pre_workload.yml 30 ●●●● patch | view | raw | blame | history
ansible/roles/ocp-workload-fuse-ignite/tasks/remove_workload.yml 6 ●●●● patch | view | raw | blame | history
ansible/roles/ocp-workload-fuse-ignite/tasks/workload.yml 129 ●●●● patch | view | raw | blame | history
ansible/roles/ocp-workload-fuse-ignite/templates/install_ocp.sh 611 ●●●●● patch | view | raw | blame | history 
 ansible/roles/ocp-workload-fuse-ignite/defaults/main.yml


@@ -1,22 +1,22 @@


---


become_override: false


ocp_username: hchin-redhat.com


ocp_username: opentlc-mgr




ocp_user_needs_quota: True




ocp_user_groups:


  - OPENTLC-PROJECT-PROVISIONERS




ocp_project: fuse-ignite-{{guid}}


ocp_project: fuse-online-{{guid}}




quota_requests_cpu: 12


quota_limits_cpu: 20




quota_requests_memory: '6Gi'


quota_limits_memory: '20Gi'


quota_requests_memory: '8Gi'


quota_limits_memory: '30Gi'




quota_configmaps: 20


quota_pods: 20


quota_pods: 30


quota_persistentvolumeclaims: 20


quota_services: 30


quota_secrets: 90


@@ -49,45 +49,17 @@


mq_username: amq


mq_password: topSecret








##########          community syndesis          #################


#SYNDESIS_REGISTRY: docker.io


#SYNDESIS_REGISTRY_WEB_SUBCONTEXT: syndesis


#SYNDESIS_TAG: 1.3.10


#product_name: syndesis


#ignite_template_name: "{{ product_name }}"




# Corresponds to community syndesis master branch:


#syndesisio_url: https://raw.githubusercontent.com/syndesisio/syndesis/master




# Corresponds to GPTE fork of community syndesis master branch


#   This branch implements the following:


#       1)  DCs in a paused state


#syndesisio_url: https://raw.githubusercontent.com/gpe-mw-training/syndesis/gpte-{{SYNDESIS_TAG}}


#syndesisio_sa_yml:  "{{syndesisio_url}}/install/support/serviceaccount-as-oauthclient-restricted.yml"


#syndesisio_template_yml: "{{syndesisio_url}}/install/syndesis.yml"


#################################################################








##########          supported fuse ignite       #################


SYNDESIS_REGISTRY: registry.access.redhat.com


SYNDESIS_REGISTRY_WEB_SUBCONTEXT: fuse7


product_name: fuse-online-72




# Corresponds to GPTE fork of community syndesis master branch


#   This branch implements the following:


#       1)  DCs in a paused state


#ignite_template_name: "{{ product_name }}"


#syndesisio_url: https://raw.githubusercontent.com/gpe-mw-training/fuse-online-install/1.4.8




#fuse_ignite_is_yaml: "{{syndesisio_url}}/resources/fuse-online-image-streams.yml"


#syndesisio_sa_yml:  "{{syndesisio_url}}/resources/serviceaccount-as-oauthclient-restricted.yml"


#syndesisio_template_yml: "{{syndesisio_url}}/resources/fuse-online-template.yml"


#################################################################








#amq_template_name: amq63-basic


#amq_template_yml: "{{syndesisio_url}}/install/support/syndesis-amq.yml"


pull_secret_name: imagestreamsecret


product_ns_pull_secret_name: imagestreamsecret


ns_prefix: ''


eval_managed_fuse_namespace: "{{ns_prefix | default('')}}fuse"


fuse_namespace: "{{ eval_managed_fuse_namespace }}"


fuse_cr_name: fuse-managed


fuse_backup_postgres_secret_name: fuse-postgres-auth


fuse_pull_secret_name: "syndesis-pull-secret"


fuse_online: true


fuse_online_release_tag: '1.7.25'


fuse_online_resources_base: 'https://raw.githubusercontent.com/syndesisio/fuse-online-install/{{fuse_online_release_tag}}/resources'


fuse_online_operator_resources: '{{fuse_online_resources_base}}/fuse-online-operator.yml'


fuse_online_imagestream_resources: '{{fuse_online_resources_base}}/fuse-online-image-streams.yml'


fuse_online_crd_resources: '{{fuse_online_resources_base}}/syndesis-crd.yml'




 ansible/roles/ocp-workload-fuse-ignite/ilt_provision.sh


@@ -2,7 +2,7 @@




END_PROJECT_NUM=1


START_PROJECT_NUM=1


WORKLOAD="ocp-workload-fuse-ignite"


WORKLOAD="ocp-workload-fuse-online"


LOG_FILE=/tmp/$WORKLOAD




POSTGRESQL_MEMORY_LIMIT=512Mi


@@ -49,7 +49,7 @@


function login() {




    echo -en "\nHOST_GUID=$HOST_GUID\n" >> $LOG_FILE


    oc login https://master.$HOST_GUID.openshift.opentlc.com -u opentlc-mgr -p r3dh4t1!


    oc login https://master.$HOST_GUID.open.redhat.com -u opentlc-mgr -p r3dh4t1!


}






@@ -94,4 +94,3 @@


ensurePreReqs


login


executeLoop






 ansible/roles/ocp-workload-fuse-ignite/readme.adoc


@@ -1,4 +1,4 @@


= ocp-workload-fuse-ignite


= ocp-workload-fuse-online




Login into a target OCP environment as a cluster admin.




@@ -10,7 +10,7 @@




OCP_USERNAME=`oc whoami`


SUBDOMAIN_BASE=`oc whoami --show-server | cut -d'.' -f 2,3,4,5 | cut -d':' -f 1`


WORKLOAD="ocp-workload-fuse-ignite"


WORKLOAD="ocp-workload-fuse-online"




-----






 ansible/roles/ocp-workload-fuse-ignite/tasks/pre_workload.yml


@@ -11,21 +11,21 @@


#     var: groupadd_register


#     verbosity: 2




- name: Create user Quota - clusterresourcequota


  shell: |


        oc create clusterquota clusterquota-"{{ocp_username}}-{{guid}}" \


        --project-annotation-selector=openshift.io/requester="{{ocp_username}}" \


        --hard requests.cpu="{{quota_requests_cpu}}" \


        --hard limits.cpu="{{quota_limits_cpu}}"  \


        --hard requests.memory="{{quota_requests_memory}}" \


        --hard limits.memory="{{quota_limits_memory}}" \


        --hard configmaps="{{quota_configmaps}}" \


        --hard pods="{{quota_pods}}" \


        --hard persistentvolumeclaims="{{quota_persistentvolumeclaims}}"  \


        --hard services="{{quota_services}}" \


        --hard secrets="{{quota_secrets}}" \


        --hard requests.storage="{{quota_requests_storage}}"


  ignore_errors: true


#- name: Create user Quota - clusterresourcequota


#  shell: |


#        oc create clusterquota clusterquota-"{{ocp_username}}-{{guid}}" \


#        --project-annotation-selector=openshift.io/requester="{{ocp_username}}" \


#        --hard requests.cpu="{{quota_requests_cpu}}" \


#        --hard limits.cpu="{{quota_limits_cpu}}"  \


#        --hard requests.memory="{{quota_requests_memory}}" \


#        --hard limits.memory="{{quota_limits_memory}}" \


#        --hard configmaps="{{quota_configmaps}}" \


#        --hard pods="{{quota_pods}}" \


#        --hard persistentvolumeclaims="{{quota_persistentvolumeclaims}}"  \


#        --hard services="{{quota_services}}" \


#        --hard secrets="{{quota_secrets}}" \


#        --hard requests.storage="{{quota_requests_storage}}"


#  ignore_errors: true




- name: pre_workload Tasks Complete


  debug:




 ansible/roles/ocp-workload-fuse-ignite/tasks/remove_workload.yml


@@ -3,9 +3,9 @@


  debug:


    msg: "Pre-Software checks completed successfully - Removed"




- name: Remove user Quota - oc delete clusterresourcequota  "clusterquota-{{ocp_username}}-{{guid}}"


  shell: oc delete clusterresourcequota clusterquota-{{ocp_username}}-{{guid}}


  ignore_errors: true


#- name: Remove user Quota - oc delete clusterresourcequota  "clusterquota-{{ocp_username}}-{{guid}}"


#  shell: oc delete clusterresourcequota clusterquota-{{ocp_username}}-{{guid}}


#  ignore_errors: true




- name: Remove user Project


  shell: "oc delete project {{ocp_project}}"




 ansible/roles/ocp-workload-fuse-ignite/tasks/workload.yml


@@ -21,16 +21,6 @@


- name: Make sure we go back do {{ocp_project}} project


  shell: "oc project {{ocp_project}}"






# TO-DO:  How does the syndesis.syndesis.io CRD get updated if/when needed ?


- name: Register a new CRD for Fuse Online


  script: templates/install_ocp.sh --setup




- name: Grant ocp user with ability to install operator in that users Fuse Online project 


  script: templates/install_ocp.sh --grant {{ocp_username}}








# ######        Coolstore Catalog Service       ##########


#


- name: Ensure the following directory is refreshed in remote, /tmp/{{ocp_project}}


@@ -41,7 +31,6 @@


    path: "/tmp/{{ocp_project}}"


    state: directory






- name: Add the view role to the default service account


  shell: "oc policy add-role-to-user view -z default -n {{ocp_project}}"




@@ -51,7 +40,6 @@


    dest: /tmp/{{ocp_project}}/app-config.yaml


- name: Load catalog service configmap


  shell: "oc create configmap app-config --from-file=/tmp/{{ocp_project}}/app-config.yaml -n {{ocp_project}}"






- name: Copy catalog service (with db) template to known path


  template:


@@ -64,7 +52,6 @@


      -p CATALOG_DB_USERNAME=mongo \


      -p CATALOG_DB_PASSWORD=mongo \


      -n {{ocp_project}}




- name: resume catalog-service


  shell: oc rollout resume dc/catalog-service -n {{ocp_project}}


- include_tasks: ./wait_for_deploy.yml


@@ -74,25 +61,20 @@


      - catalog-service




# ########################################################


 


# ######                 Fuse Online            ##########




- name: Install Fuse Online


  script: templates/install_ocp.sh


#- name: Install Fuse Online


#  script: templates/install_ocp.sh






- name: Scale up broker-amq


  shell: |


      oc scale dc/broker-amq --replicas=1 -n {{ocp_project}}




- include_tasks: ./wait_for_deploy.yml


  static: no


  vars:


    pod_to_wait:


      - broker-amq




#- name: Scale up broker-amq


#  shell: |


#      oc scale dc/broker-amq --replicas=1 -n {{ocp_project}}


#- include_tasks: ./wait_for_deploy.yml


#  static: no


#  vars:


#    pod_to_wait:


#      - broker-amq


# ########################################################






- name: Annotate the empty project as requested by user


  shell: "oc annotate namespace {{ocp_project}} openshift.io/requester={{ocp_username}} --overwrite"


@@ -100,6 +82,97 @@


- name: Give ocp_username access to ocp_project; user = {{ocp_username}}


  shell: "oc policy add-role-to-user admin {{ocp_username}} -n {{ocp_project}}"




#- include_role:


#    name: namespace


#    tasks_from: create


#  vars:


#    name: "{{ fuse_namespace }}"


#    display_name: "Shared Fuse Online"


#    monitor: true


#    is_service: true




- name: Create shared fuse roles template


  template:


    src: templates/roles.yaml


    dest: /tmp/shared-fuse-roles.yaml




- name: Apply shared fuse roles to cluster


  shell: "oc create -f /tmp/shared-fuse-roles.yaml -n {{ ocp_project }}"


  register: create_fuse_roles_cmd


  failed_when: create_fuse_roles_cmd.stderr != '' and 'AlreadyExists' not in create_fuse_roles_cmd.stderr




#- name: "include rhsso vars"


#  include_vars: ../../rhsso/defaults/main.yml




#- name: Give role-binder role to customer-admin


#  shell: "oc adm policy add-role-to-user role-binder {{ rhsso_evals_admin_username }} --role-namespace={{ fuse_namespace }} -n {{ fuse_namespace }}"




#- include_role:


#    name: imagestream_pull_secret


#  vars:


#    namespace: "{{ fuse_namespace }}"


#    product_ns_pull_secret_name: "{{ fuse_pull_secret_name }}"




- name: Create Syndesis CRD


  shell: oc apply -f {{ fuse_online_crd_resources }}




- name: Create Fuse image streams


  shell: "oc replace --force -f {{ fuse_online_imagestream_resources }} -n openshift"


  register: fuse_create_imagestream


  failed_when: fuse_create_imagestream.stderr != '' and 'AlreadyExists' not in fuse_create_imagestream.stderr


  changed_when: fuse_create_imagestream.rc == 0




- name: Create fuse Operator resources in {{ ocp_project }}


  shell: oc apply -f {{ fuse_online_operator_resources }} -n {{ ocp_project }}




- name: TODO-REMOVE-THIS-AFTER-FUSE-ONLINE-INCLUDES-THESE-ARGS Patch args on operator to include monitoring resources addon


  shell: oc patch dc/syndesis-operator -p='{"spec":{"template":{"spec":{"containers":[{"name":"syndesis-operator","args":["-a","/conf/addons"]}]}}}}}' -n {{ ocp_project }}




- template:


    src: templates/syndesis-customresource.yml.j2


    dest: /tmp/syndesis-customresource.yml




- name: Create Syndesis custom resource in {{ ocp_project }}


  shell: oc apply -f /tmp/syndesis-customresource.yml -n {{ ocp_project }}




#- name: Verify Fuse deployment succeeded


#  shell: oc get pods -n {{ ocp_project }} --selector="app=syndesis" -o jsonpath='{.items[*].status.containerStatuses[?(@.ready==true)].ready}' | wc -w


#  register: fuse_verify_result


#  until: fuse_verify_result.stdout.find("8") != -1


#  retries: 50


#  delay: 10


#  changed_when: False




# Allow any authenticated user to access fuse. Sleep 5 to allow time for the


# new deployment to kick off.


#- name: Remove OpenShift SAR configuration on Fuse Managed OAuth proxy


#  shell: oc get dc syndesis-oauthproxy -o yaml -n {{ ocp_project }} | sed '/--openshift-sar/d' | oc apply -f - -n {{ ocp_project }}; sleep 5




#- name: Verify Fuse deployment succeeded


#  shell: oc get pods -n {{ ocp_project }} --selector="app=syndesis" -o jsonpath='{.items[*].status.containerStatuses[?(@.ready==true)].ready}' | wc -w


#  register: fuse_verify_result


#  until: fuse_verify_result.stdout.find("8") != -1


#  retries: 50


#  delay: 10


#  changed_when: False




#- name: "Check Fuse readiness"


#  block:


#    - name: "Verify Fuse is running"


#      shell: oc get pods --selector="app=syndesis" -o jsonpath='{.items[*].status.containerStatuses[?(@.ready==true)].ready}' -n {{ ocp_project }} | wc -w


#      register: result


#      until: result.stdout == "8"


#      retries: 50


#      delay: 10


#      changed_when: False




#    - name: "Verify syndesis instance is provisioned"


#      shell: oc get syndesis {{ fuse_cr_name }} -o template --template \{\{.status.phase\}\}  -n {{ ocp_project }}  |  grep  'Installed'


#      register: result


#      until: result.stdout


#      retries: 50


#      delay: 10


#      changed_when: False




- name: workload Tasks Complete


  debug:




 ansible/roles/ocp-workload-fuse-ignite/templates/install_ocp.sh


File was deleted