ansible/roles/ocp-workload-fuse-ignite/defaults/main.yml | ●●●●● patch | view | raw | blame | history | |
ansible/roles/ocp-workload-fuse-ignite/ilt_provision.sh | ●●●●● patch | view | raw | blame | history | |
ansible/roles/ocp-workload-fuse-ignite/readme.adoc | ●●●●● patch | view | raw | blame | history | |
ansible/roles/ocp-workload-fuse-ignite/tasks/pre_workload.yml | ●●●●● patch | view | raw | blame | history | |
ansible/roles/ocp-workload-fuse-ignite/tasks/remove_workload.yml | ●●●●● patch | view | raw | blame | history | |
ansible/roles/ocp-workload-fuse-ignite/tasks/workload.yml | ●●●●● patch | view | raw | blame | history | |
ansible/roles/ocp-workload-fuse-ignite/templates/install_ocp.sh | ●●●●● patch | view | raw | blame | history |
ansible/roles/ocp-workload-fuse-ignite/defaults/main.yml
@@ -1,22 +1,22 @@ --- become_override: false ocp_username: hchin-redhat.com ocp_username: opentlc-mgr ocp_user_needs_quota: True ocp_user_groups: - OPENTLC-PROJECT-PROVISIONERS ocp_project: fuse-ignite-{{guid}} ocp_project: fuse-online-{{guid}} quota_requests_cpu: 12 quota_limits_cpu: 20 quota_requests_memory: '6Gi' quota_limits_memory: '20Gi' quota_requests_memory: '8Gi' quota_limits_memory: '30Gi' quota_configmaps: 20 quota_pods: 20 quota_pods: 30 quota_persistentvolumeclaims: 20 quota_services: 30 quota_secrets: 90 @@ -49,45 +49,17 @@ mq_username: amq mq_password: topSecret ########## community syndesis ################# #SYNDESIS_REGISTRY: docker.io #SYNDESIS_REGISTRY_WEB_SUBCONTEXT: syndesis #SYNDESIS_TAG: 1.3.10 #product_name: syndesis #ignite_template_name: "{{ product_name }}" # Corresponds to community syndesis master branch: #syndesisio_url: https://raw.githubusercontent.com/syndesisio/syndesis/master # Corresponds to GPTE fork of community syndesis master branch # This branch implements the following: # 1) DCs in a paused state #syndesisio_url: https://raw.githubusercontent.com/gpe-mw-training/syndesis/gpte-{{SYNDESIS_TAG}} #syndesisio_sa_yml: "{{syndesisio_url}}/install/support/serviceaccount-as-oauthclient-restricted.yml" #syndesisio_template_yml: "{{syndesisio_url}}/install/syndesis.yml" ################################################################# ########## supported fuse ignite ################# SYNDESIS_REGISTRY: registry.access.redhat.com SYNDESIS_REGISTRY_WEB_SUBCONTEXT: fuse7 product_name: fuse-online-72 # Corresponds to GPTE fork of community syndesis master branch # This branch implements the following: # 1) DCs in a paused state #ignite_template_name: "{{ product_name }}" #syndesisio_url: https://raw.githubusercontent.com/gpe-mw-training/fuse-online-install/1.4.8 #fuse_ignite_is_yaml: "{{syndesisio_url}}/resources/fuse-online-image-streams.yml" #syndesisio_sa_yml: "{{syndesisio_url}}/resources/serviceaccount-as-oauthclient-restricted.yml" #syndesisio_template_yml: "{{syndesisio_url}}/resources/fuse-online-template.yml" ################################################################# #amq_template_name: amq63-basic #amq_template_yml: "{{syndesisio_url}}/install/support/syndesis-amq.yml" pull_secret_name: imagestreamsecret product_ns_pull_secret_name: imagestreamsecret ns_prefix: '' eval_managed_fuse_namespace: "{{ns_prefix | default('')}}fuse" fuse_namespace: "{{ eval_managed_fuse_namespace }}" fuse_cr_name: fuse-managed fuse_backup_postgres_secret_name: fuse-postgres-auth fuse_pull_secret_name: "syndesis-pull-secret" fuse_online: true fuse_online_release_tag: '1.7.25' fuse_online_resources_base: 'https://raw.githubusercontent.com/syndesisio/fuse-online-install/{{fuse_online_release_tag}}/resources' fuse_online_operator_resources: '{{fuse_online_resources_base}}/fuse-online-operator.yml' fuse_online_imagestream_resources: '{{fuse_online_resources_base}}/fuse-online-image-streams.yml' fuse_online_crd_resources: '{{fuse_online_resources_base}}/syndesis-crd.yml' ansible/roles/ocp-workload-fuse-ignite/ilt_provision.sh
@@ -2,7 +2,7 @@ END_PROJECT_NUM=1 START_PROJECT_NUM=1 WORKLOAD="ocp-workload-fuse-ignite" WORKLOAD="ocp-workload-fuse-online" LOG_FILE=/tmp/$WORKLOAD POSTGRESQL_MEMORY_LIMIT=512Mi @@ -49,7 +49,7 @@ function login() { echo -en "\nHOST_GUID=$HOST_GUID\n" >> $LOG_FILE oc login https://master.$HOST_GUID.openshift.opentlc.com -u opentlc-mgr -p r3dh4t1! oc login https://master.$HOST_GUID.open.redhat.com -u opentlc-mgr -p r3dh4t1! } @@ -94,4 +94,3 @@ ensurePreReqs login executeLoop ansible/roles/ocp-workload-fuse-ignite/readme.adoc
@@ -1,4 +1,4 @@ = ocp-workload-fuse-ignite = ocp-workload-fuse-online Login into a target OCP environment as a cluster admin. @@ -10,7 +10,7 @@ OCP_USERNAME=`oc whoami` SUBDOMAIN_BASE=`oc whoami --show-server | cut -d'.' -f 2,3,4,5 | cut -d':' -f 1` WORKLOAD="ocp-workload-fuse-ignite" WORKLOAD="ocp-workload-fuse-online" ----- ansible/roles/ocp-workload-fuse-ignite/tasks/pre_workload.yml
@@ -11,21 +11,21 @@ # var: groupadd_register # verbosity: 2 - name: Create user Quota - clusterresourcequota shell: | oc create clusterquota clusterquota-"{{ocp_username}}-{{guid}}" \ --project-annotation-selector=openshift.io/requester="{{ocp_username}}" \ --hard requests.cpu="{{quota_requests_cpu}}" \ --hard limits.cpu="{{quota_limits_cpu}}" \ --hard requests.memory="{{quota_requests_memory}}" \ --hard limits.memory="{{quota_limits_memory}}" \ --hard configmaps="{{quota_configmaps}}" \ --hard pods="{{quota_pods}}" \ --hard persistentvolumeclaims="{{quota_persistentvolumeclaims}}" \ --hard services="{{quota_services}}" \ --hard secrets="{{quota_secrets}}" \ --hard requests.storage="{{quota_requests_storage}}" ignore_errors: true #- name: Create user Quota - clusterresourcequota # shell: | # oc create clusterquota clusterquota-"{{ocp_username}}-{{guid}}" \ # --project-annotation-selector=openshift.io/requester="{{ocp_username}}" \ # --hard requests.cpu="{{quota_requests_cpu}}" \ # --hard limits.cpu="{{quota_limits_cpu}}" \ # --hard requests.memory="{{quota_requests_memory}}" \ # --hard limits.memory="{{quota_limits_memory}}" \ # --hard configmaps="{{quota_configmaps}}" \ # --hard pods="{{quota_pods}}" \ # --hard persistentvolumeclaims="{{quota_persistentvolumeclaims}}" \ # --hard services="{{quota_services}}" \ # --hard secrets="{{quota_secrets}}" \ # --hard requests.storage="{{quota_requests_storage}}" # ignore_errors: true - name: pre_workload Tasks Complete debug: ansible/roles/ocp-workload-fuse-ignite/tasks/remove_workload.yml
@@ -3,9 +3,9 @@ debug: msg: "Pre-Software checks completed successfully - Removed" - name: Remove user Quota - oc delete clusterresourcequota "clusterquota-{{ocp_username}}-{{guid}}" shell: oc delete clusterresourcequota clusterquota-{{ocp_username}}-{{guid}} ignore_errors: true #- name: Remove user Quota - oc delete clusterresourcequota "clusterquota-{{ocp_username}}-{{guid}}" # shell: oc delete clusterresourcequota clusterquota-{{ocp_username}}-{{guid}} # ignore_errors: true - name: Remove user Project shell: "oc delete project {{ocp_project}}" ansible/roles/ocp-workload-fuse-ignite/tasks/workload.yml
@@ -21,16 +21,6 @@ - name: Make sure we go back do {{ocp_project}} project shell: "oc project {{ocp_project}}" # TO-DO: How does the syndesis.syndesis.io CRD get updated if/when needed ? - name: Register a new CRD for Fuse Online script: templates/install_ocp.sh --setup - name: Grant ocp user with ability to install operator in that users Fuse Online project script: templates/install_ocp.sh --grant {{ocp_username}} # ###### Coolstore Catalog Service ########## # - name: Ensure the following directory is refreshed in remote, /tmp/{{ocp_project}} @@ -41,7 +31,6 @@ path: "/tmp/{{ocp_project}}" state: directory - name: Add the view role to the default service account shell: "oc policy add-role-to-user view -z default -n {{ocp_project}}" @@ -51,7 +40,6 @@ dest: /tmp/{{ocp_project}}/app-config.yaml - name: Load catalog service configmap shell: "oc create configmap app-config --from-file=/tmp/{{ocp_project}}/app-config.yaml -n {{ocp_project}}" - name: Copy catalog service (with db) template to known path template: @@ -64,7 +52,6 @@ -p CATALOG_DB_USERNAME=mongo \ -p CATALOG_DB_PASSWORD=mongo \ -n {{ocp_project}} - name: resume catalog-service shell: oc rollout resume dc/catalog-service -n {{ocp_project}} - include_tasks: ./wait_for_deploy.yml @@ -74,25 +61,20 @@ - catalog-service # ######################################################## # ###### Fuse Online ########## - name: Install Fuse Online script: templates/install_ocp.sh #- name: Install Fuse Online # script: templates/install_ocp.sh - name: Scale up broker-amq shell: | oc scale dc/broker-amq --replicas=1 -n {{ocp_project}} - include_tasks: ./wait_for_deploy.yml static: no vars: pod_to_wait: - broker-amq #- name: Scale up broker-amq # shell: | # oc scale dc/broker-amq --replicas=1 -n {{ocp_project}} #- include_tasks: ./wait_for_deploy.yml # static: no # vars: # pod_to_wait: # - broker-amq # ######################################################## - name: Annotate the empty project as requested by user shell: "oc annotate namespace {{ocp_project}} openshift.io/requester={{ocp_username}} --overwrite" @@ -100,6 +82,97 @@ - name: Give ocp_username access to ocp_project; user = {{ocp_username}} shell: "oc policy add-role-to-user admin {{ocp_username}} -n {{ocp_project}}" #- include_role: # name: namespace # tasks_from: create # vars: # name: "{{ fuse_namespace }}" # display_name: "Shared Fuse Online" # monitor: true # is_service: true - name: Create shared fuse roles template template: src: templates/roles.yaml dest: /tmp/shared-fuse-roles.yaml - name: Apply shared fuse roles to cluster shell: "oc create -f /tmp/shared-fuse-roles.yaml -n {{ ocp_project }}" register: create_fuse_roles_cmd failed_when: create_fuse_roles_cmd.stderr != '' and 'AlreadyExists' not in create_fuse_roles_cmd.stderr #- name: "include rhsso vars" # include_vars: ../../rhsso/defaults/main.yml #- name: Give role-binder role to customer-admin # shell: "oc adm policy add-role-to-user role-binder {{ rhsso_evals_admin_username }} --role-namespace={{ fuse_namespace }} -n {{ fuse_namespace }}" #- include_role: # name: imagestream_pull_secret # vars: # namespace: "{{ fuse_namespace }}" # product_ns_pull_secret_name: "{{ fuse_pull_secret_name }}" - name: Create Syndesis CRD shell: oc apply -f {{ fuse_online_crd_resources }} - name: Create Fuse image streams shell: "oc replace --force -f {{ fuse_online_imagestream_resources }} -n openshift" register: fuse_create_imagestream failed_when: fuse_create_imagestream.stderr != '' and 'AlreadyExists' not in fuse_create_imagestream.stderr changed_when: fuse_create_imagestream.rc == 0 - name: Create fuse Operator resources in {{ ocp_project }} shell: oc apply -f {{ fuse_online_operator_resources }} -n {{ ocp_project }} - name: TODO-REMOVE-THIS-AFTER-FUSE-ONLINE-INCLUDES-THESE-ARGS Patch args on operator to include monitoring resources addon shell: oc patch dc/syndesis-operator -p='{"spec":{"template":{"spec":{"containers":[{"name":"syndesis-operator","args":["-a","/conf/addons"]}]}}}}}' -n {{ ocp_project }} - template: src: templates/syndesis-customresource.yml.j2 dest: /tmp/syndesis-customresource.yml - name: Create Syndesis custom resource in {{ ocp_project }} shell: oc apply -f /tmp/syndesis-customresource.yml -n {{ ocp_project }} #- name: Verify Fuse deployment succeeded # shell: oc get pods -n {{ ocp_project }} --selector="app=syndesis" -o jsonpath='{.items[*].status.containerStatuses[?(@.ready==true)].ready}' | wc -w # register: fuse_verify_result # until: fuse_verify_result.stdout.find("8") != -1 # retries: 50 # delay: 10 # changed_when: False # Allow any authenticated user to access fuse. Sleep 5 to allow time for the # new deployment to kick off. #- name: Remove OpenShift SAR configuration on Fuse Managed OAuth proxy # shell: oc get dc syndesis-oauthproxy -o yaml -n {{ ocp_project }} | sed '/--openshift-sar/d' | oc apply -f - -n {{ ocp_project }}; sleep 5 #- name: Verify Fuse deployment succeeded # shell: oc get pods -n {{ ocp_project }} --selector="app=syndesis" -o jsonpath='{.items[*].status.containerStatuses[?(@.ready==true)].ready}' | wc -w # register: fuse_verify_result # until: fuse_verify_result.stdout.find("8") != -1 # retries: 50 # delay: 10 # changed_when: False #- name: "Check Fuse readiness" # block: # - name: "Verify Fuse is running" # shell: oc get pods --selector="app=syndesis" -o jsonpath='{.items[*].status.containerStatuses[?(@.ready==true)].ready}' -n {{ ocp_project }} | wc -w # register: result # until: result.stdout == "8" # retries: 50 # delay: 10 # changed_when: False # - name: "Verify syndesis instance is provisioned" # shell: oc get syndesis {{ fuse_cr_name }} -o template --template \{\{.status.phase\}\} -n {{ ocp_project }} | grep 'Installed' # register: result # until: result.stdout # retries: 50 # delay: 10 # changed_when: False - name: workload Tasks Complete debug: ansible/roles/ocp-workload-fuse-ignite/templates/install_ocp.sh
File was deleted