ansible/roles/ocp-workload-migration/defaults/main.yml
@@ -1,8 +1,13 @@ mig_operator_repo: https://github.com/fusor/mig-operator mig_operator_repo_branch: master mig_operator_version: latest mig_ocp_version: 3 mig_ocp_version: 4 # workload vars migration_workload_destroy: "{{ False if (ACTION=='create' or ACTION=='provision') else True }}" migration_workload_title: "{{ 'Creating' if not migration_workload_destroy else 'Removing' }}" migration_workload_state: "{{ 'present' if not migration_workload_destroy else 'absent' }}" # state of k8s resources silent: false # undefined variables # mig_operator_ui_cluster_api_endpoint: ansible/roles/ocp-workload-migration/files/cors.yaml
File was deleted ansible/roles/ocp-workload-migration/files/lab8/deploy.sh
File was deleted ansible/roles/ocp-workload-migration/files/lab8/destroy.sh
File was deleted ansible/roles/ocp-workload-migration/files/lab8/probe.sh
File was deleted ansible/roles/ocp-workload-migration/tasks/post_workload.yml
@@ -1,24 +1,43 @@ --- # Implement your Post Workload deployment tasks here - name: "Checking if NooBaa system exists..." shell: "oc get project {{ noobaa_namespace|d('noobaa') }}" register: noobaa_status ignore_errors: true # Leave these as the last tasks in the playbook - block: - name: "Getting NooBaa endpoint" shell: "oc get route s3 -n {{ noobaa_namespace|d('noobaa') }} -o go-template='{{ '{{' }} .spec.host {{ '}}' }}{{ '{{' }} println {{ '}}' }}'" register: noobaa_endpoint - name: "Creating temp directory" tempfile: state: directory register: tmp_dir - name: "Getting AWS key" shell: "oc get secret noobaa-admin -n noobaa -o go-template='{{ '{{' }} .data.AWS_ACCESS_KEY_ID {{ '}}' }}{{ '{{' }} println {{ '}}' }}'|base64 --decode" register: noobaa_aws_key - name: "Getting AWS key" shell: "oc get secret noobaa-admin -n noobaa -o go-template='{{ '{{' }} .data.AWS_SECRET_ACCESS_KEY {{ '}}' }}{{ '{{' }} println {{ '}}' }}'|base64 --decode" register: noobaa_aws_secret - name: "Generating migstorage definition" template: src: "migstorage.yaml.j2" dest: "{{ tmp_dir.path }}/migstorage.yaml" vars: - noobaa_s3_url: "http://{{ noobaa_endpoint.stdout }}" - noobaa_key: "{{ noobaa_aws_key.stdout }}" - noobaa_secret: "{{ noobaa_aws_secret.stdout }}" - noobaa_region: "{{ region|d('us-east-1') }}" - name: "Creating migstorage" shell: "oc apply -f {{ tmp_dir.path }}/migstorage.yaml" when: noobaa_status.rc == 0 and not migration_workload_destroy|bool # For deployment onto a dedicated cluster (as part of the # cluster deployment) set workload_shared_deployment to False # This is the default so it does not have to be set explicitely - name: pre_workload tasks complete - name: "Cleaning up temp directory" file: path: "{{ repodir.path }}" state: absent # Leave this as the last task in the playbook. - name: post_workload tasks complete debug: msg: "Post-Workload tasks completed successfully." when: - not silent|bool - not workload_shared_deployment|d(False) # For RHPDS deployment (onto a shared cluster) set # workload_shared_deployment to True # (in the deploy script or AgnosticV configuration) - name: pre_workload tasks complete debug: msg: "Post-Software checks completed successfully" when: - not silent|bool - workload_shared_deployment|d(False) msg: "Post-Workload Tasks completed successfully." when: not silent|bool ansible/roles/ocp-workload-migration/tasks/pre_workload.yml
@@ -1,7 +1,4 @@ --- # Implement your Pre Workload deployment tasks here - wait_for: port: 22 host: "bastion.{{ guid }}.internal" @@ -9,39 +6,96 @@ register: status ignore_errors: true - name: copy lab scripts to bastion delegate_to: "{{ bastion_host | d( groups.bastions | first ) }}" become: true copy: src: "{{ role_path }}/files/" dest: "/root/" - block: - name: "Ensuring SSH directory" file: path: "/home/{{ student_name }}/.ssh" state: directory owner: "{{ student_name }}" - name: "Downloading CPMA binary to bastion" delegate_to: "{{ bastion_host | d( groups.bastions | first ) }}" become: true get_url: url: "https://cpma.s3.us-east-2.amazonaws.com/cpma" dest: "/root/cpma" mode: "u+rwx" - name: "Checking if SSH keys exist on bastion" stat: path: /home/{{ student_name }}/.ssh/openshift_key register: ssh_key # Leave these as the last tasks in the playbook - name: "Creating SSH keys on bastion" shell: "ssh-keygen -q -t rsa -f /home/{{ student_name }}/.ssh/openshift_key -C '' -N ''" when: not ssh_key.stat.exists|d('false') # For deployment onto a dedicated cluster (as part of the # cluster deployment) set workload_shared_deployment to False # This is the default so it does not have to be set explicitely - name: "Fixing permissions of SSH key" file: path: "/home/{{ student_name }}/.ssh/{{ item }}" owner: "{{ student_name }}" mode: "0600" loop: - "openshift_key" - "openshift_key.pub" when: ssh_key.stat.exists|d('false') - name: "Finding SSH key" stat: path: /home/{{ student_name }}/.ssh/openshift_key.pub register: public_key - name: "Reading public key" shell: "cat /home/{{ student_name }}/.ssh/openshift_key.pub" register: pub_key_contents when: public_key.stat.exists|d('false') - name: "Downloading lab scripts [1]" tempfile: state: directory register: scripts_dir - name: "Downloading lab scripts [2]" git: repo: "https://github.com/fusor/mig-agnosticd" dest: "{{ scripts_dir.path }}" - name: "Downloading lab scripts [3]" copy: src: "{{ scripts_dir.path }}/demos/2019_RHTE/labs/{{ item }}" dest: "/home/{{ student_name }}" remote_src: true owner: "{{ student_name }}" mode: "u+rwx" loop: - 'scripts' - 'files' - name: "Downloading CPMA binary to bastion" get_url: url: "{{ item.src }}" dest: "{{ item.dest }}" owner: "{{ student_name }}" mode: "u+rwx" loop: - { dest: "/home/{{ student_name }}/cpma", src: "https://cpma.s3.us-east-2.amazonaws.com/cpma" } when: student_name is defined and not status.failed delegate_to: "{{ groups.bastions | first }}" become: yes - name: "Adding public key to authorized_keys" authorized_key: user: "{{ migration_master_user_name | d('ec2-user') }}" state: present key: "{{ pub_key_contents.stdout }}" when: pub_key_contents.stdout is defined and student_name is defined - name: "Creating temp directory for operator repo" tempfile: state: directory suffix: mig-operator register: repodir - name: "Checking out operator repo" git: repo: "{{ mig_operator_repo }}" dest: "{{ repodir.path }}" version: "{{ mig_operator_repo_branch }}" # Leave this as the last task in the playbook. - name: pre_workload tasks complete debug: msg: "Pre-Workload tasks completed successfully." when: - not silent|bool - not workload_shared_deployment|d(False) # For RHPDS deployment (onto a shared cluster) set # workload_shared_deployment to True # (in the deploy script or AgnosticV configuration) - name: pre_workload tasks complete debug: msg: "Pre-Software checks completed successfully" when: - not silent|bool - workload_shared_deployment|d(False) when: not silent|bool ansible/roles/ocp-workload-migration/tasks/remove_workload.yml
@@ -1,9 +1,15 @@ --- - name: "Removing controller and operator" debug: msg="Not Implemented" - name: "Removing workload" include_tasks: "{{ item }}" with_items: - './pre_workload.yml' - './workload.yml' - './post_workload.yml' vars: migration_workload_destroy: yes # Leave this as the last task in the playbook. - name: remove_workload tasks complete debug: msg: "Remove Workload tasks completed successfully." when: not silent|bool when: not silent|bool ansible/roles/ocp-workload-migration/tasks/workload.yml
@@ -1,12 +1,16 @@ --- # Implement your Workload deployment tasks here - name: Setting up workload for user debug: msg: "Setting up workload for user ocp_username = {{ ocp_username }}" - name: "Creating controller and operator" debug: msg="Student creates the workload" shell: "oc apply -f {{ repodir.path }}/deploy/non-olm/{{ mig_operator_version }}/{{ item }}" loop: - "operator.yml" - "controller-{{ mig_ocp_version }}.yml" when: not migration_workload_destroy|bool - name: "Removing controller and operator" shell: "oc delete --ignore-not-found -f {{ repodir.path }}/deploy/non-olm/{{ mig_operator_version }}/{{ item }}" loop: - "operator.yml" when: migration_workload_destroy|bool # Leave this as the last task in the playbook. - name: workload tasks complete ansible/roles/ocp-workload-migration/templates/migstorage.yaml.j2
New file @@ -0,0 +1,35 @@ --- apiVersion: v1 kind: Secret metadata: namespace: mig name: migstorage-creds type: Opaque data: aws-access-key-id: {{ noobaa_key|b64encode }} aws-secret-access-key: {{ noobaa_secret|b64encode }} --- apiVersion: migration.openshift.io/v1alpha1 kind: MigStorage metadata: labels: controller-tools.k8s.io: "1.0" name: migstorage-sample namespace: mig spec: backupStorageProvider: aws volumeSnapshotProvider: aws backupStorageConfig: awsBucketName: first.bucket awsS3ForcePathStyle: true awsS3Url: {{ noobaa_s3_url }} credsSecretRef: namespace: mig name: migstorage-creds volumeSnapshotConfig: awsRegion: {{ noobaa_region }} credsSecretRef: namespace: mig name: migstorage-creds