| ansible/roles/ocp-workload-rhte-mw-msa-mesh/defaults/main.yml | ●●●●● patch | view | raw | blame | history | |
| ansible/roles/ocp-workload-rhte-mw-msa-mesh/readme.adoc | ●●●●● patch | view | raw | blame | history | |
| ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/main.yml | ●●●●● patch | view | raw | blame | history | |
| ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/post_workload.yml | ●●●●● patch | view | raw | blame | history | |
| ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/pre_workload.yml | ●●●●● patch | view | raw | blame | history | |
| ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/remove_workload.yml | ●●●●● patch | view | raw | blame | history | |
| ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/wait_for_build.yml | ●●●●● patch | view | raw | blame | history | |
| ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/wait_for_deploy.yml | ●●●●● patch | view | raw | blame | history | |
| ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/workload.yml | ●●●●● patch | view | raw | blame | history |
ansible/roles/ocp-workload-rhte-mw-msa-mesh/defaults/main.yml
New file @@ -0,0 +1,28 @@ --- become_override: false ocp_username: jbride-redhat.com ocp_user_needs_quota: True ocp_user_groups: - OPENTLC-PROJECT-PROVISIONERS quota_requests_cpu: 5 quota_limits_cpu: 10 quota_requests_memory: '6Gi' quota_limits_memory: '20Gi' quota_configmaps: 10 quota_pods: 20 quota_persistentvolumeclaims: 20 quota_services: 30 quota_secrets: 30 quota_requests_storage: 50Gi build_status_retries: 20 build_status_delay: 20 deploy_status_retries: 15 deploy_status_delay: 20 lab_name: rhte-mw-msa-mesh ansible/roles/ocp-workload-rhte-mw-msa-mesh/readme.adoc
New file @@ -0,0 +1,47 @@ = ocp-workload-rhte-mw-msa-mesh === Deploy a Workload with the `ocp-workload` playbook [Mostly for testing] ---- GUID=jb45 HOST_GUID=dev39 TARGET_HOST="bastion.$HOST_GUID.openshift.opentlc.com" OCP_USERNAME="jbride-redhat.com" WORKLOAD="ocp-workload-rhte-mw-msa-mesh" SSH_USERNAME="jbride-redhat.com" SSH_PRIVATE_KEY="id_ocp" # a TARGET_HOST is specified in the command line, without using an inventory file ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ -e"ansible_ssh_private_key_file=~/.ssh/${SSH_PRIVATE_KEY}" \ -e"ansible_ssh_user=${SSH_USERNAME}" \ -e"ANSIBLE_REPO_PATH=`pwd`" \ -e"ocp_username=${OCP_USERNAME}" \ -e"ocp_workload=${WORKLOAD}" \ -e"guid=${GUID}" \ -e"ocp_user_needs_quota=true" \ -e"ocp_apps_domain=apps.${HOST_GUID}.openshift.opentlc.com" \ -e"ACTION=create" ---- === To Delete an environment ---- GUID=jb45 HOST_GUID=dev39 TARGET_HOST="bastion.$HOST_GUID.openshift.opentlc.com" OCP_USERNAME="jbride-redhat.com" WORKLOAD="ocp-workload-rhte-mw-msa-mesh" SSH_USERNAME="jbride-redhat.com" SSH_PRIVATE_KEY="id_ocp" # a TARGET_HOST is specified in the command line, without using an inventory file ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ -e"ansible_ssh_private_key_file=~/.ssh/${SSH_PRIVATE_KEY}" \ -e"ansible_ssh_user=${SSH_USERNAME}" \ -e"ANSIBLE_REPO_PATH=`pwd`" \ -e"ocp_username=${OCP_USERNAME}" \ -e"ocp_workload=${WORKLOAD}" \ -e"guid=${GUID}" \ -e"ACTION=remove" ---- ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/main.yml
New file @@ -0,0 +1,20 @@ --- - name: Running Pre Workload Tasks include: ./pre_workload.yml become: "{{ become_override | bool }}" when: ACTION == "create" or ACTION == "provision" - name: Running Workload Tasks include: ./workload.yml become: "{{ become_override | bool }}" when: ACTION == "create" or ACTION == "provision" - name: Running Post Workload Tasks include: ./post_workload.yml become: "{{ become_override | bool }}" when: ACTION == "create" or ACTION == "provision" - name: Running Workload removal Tasks include: ./remove_workload.yml become: "{{ become_override | bool }}" when: ACTION == "destroy" or ACTION == "remove" ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/post_workload.yml
New file @@ -0,0 +1,5 @@ --- - name: post_workload Tasks Complete debug: msg: "Post-Software checks completed successfully" ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/pre_workload.yml
New file @@ -0,0 +1,32 @@ --- # - name: Add user to developer group (allowed to create projects) # shell: "oadm groups add-users {{item}} {{ocp_username}}" # register: groupadd_register # with_items: "{{ocp_user_groups}}" # when: ocp_username is defined and ocp_user_groups is defined # # - name: test that command worked # debug: # var: groupadd_register # verbosity: 2 - name: Create user Quota - clusterresourcequota shell: | oc create clusterquota clusterquota-"{{ocp_username}}-{{guid}}" \ --project-annotation-selector=openshift.io/requester="{{ocp_username}}" \ --hard requests.cpu="{{quota_requests_cpu}}" \ --hard limits.cpu="{{quota_limits_cpu}}" \ --hard requests.memory="{{quota_requests_memory}}" \ --hard limits.memory="{{quota_limits_memory}}" \ --hard configmaps="{{quota_configmaps}}" \ --hard pods="{{quota_pods}}" \ --hard persistentvolumeclaims="{{quota_persistentvolumeclaims}}" \ --hard services="{{quota_services}}" \ --hard secrets="{{quota_secrets}}" \ --hard requests.storage="{{quota_requests_storage}}" ignore_errors: true - name: pre_workload Tasks Complete debug: msg: "Pre-Software checks completed successfully" ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/remove_workload.yml
New file @@ -0,0 +1,23 @@ --- - name: post_workload Tasks Complete debug: msg: "Pre-Software checks completed successfully - Removed" - name: define ocp_project set_fact: ocp_project: "{{lab_name}}-{{guid}}" - name: Remove user Quota - oc delete clusterresourcequota "clusterquota-{{ocp_username}}-{{guid}}" shell: oc delete clusterresourcequota clusterquota-{{ocp_username}}-{{guid}} ignore_errors: true - name: Remove any lingering tmp files shell: "rm -rf /tmp/{{guid}}" - name: Remove user Project shell: "oc delete project {{ocp_project}}" - name: post_workload Tasks Complete debug: msg: "Post-Software checks completed successfully - Removed" ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/wait_for_build.yml
New file @@ -0,0 +1,23 @@ --- # Purpose: # This script queries OCP for builds that exist but are not yet ready. # So long as there are unready builds, this script continues to loop # # Manual Test to determine list of unready builds : # 1) install jp : https://github.com/jmespath/jp # 2) oc get builds -o json | jp "items[? (status.phase != 'Complete') ].metadata.annotations.\"openshift.io/build-config.name\"" # # Documentation pertaining to jq syntax: # - http://jmespath.org/tutorial.html # - https://stackoverflow.com/questions/41261680/ansible-json-query-path-to-select-item-by-content # - name: "Wait for following builds to become ready: {{build_to_wait}}" command: 'oc get build -o json -n "{{ ocp_project }}"' register: build_state changed_when: false retries: "{{ build_status_retries }}" delay: "{{ build_status_delay }}" vars: query: "items[? (status.phase != 'Complete') ].metadata.annotations.\"openshift.io/build-config.name\"" until: "build_state.stdout |from_json |json_query(query) |intersect(build_to_wait) |length == 0" ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/wait_for_deploy.yml
New file @@ -0,0 +1,20 @@ --- # Purpose: # This script queries OCP for replication controllers that exist but are not yet ready. # So long as there are unready replication controllers, this script continues to loop # # Manual Test to determine list of unready replication controllers : # 1) install jp : https://github.com/jmespath/jp # 2) oc get rc -o json | jp 'items[? (status.readyReplicas == ""|| status.readyReplicas == `0`) ].metadata.annotations."openshift.io/deployment-config.name"' # - name: "Wait for following deployments to become ready: {{pod_to_wait}}" command: 'oc get rc -o json -n "{{ ocp_project }}"' register: rc_state changed_when: false retries: "{{ deploy_status_retries }}" delay: "{{ deploy_status_delay }}" until: 'rc_state.stdout |from_json |json_query(''items[? (status.readyReplicas == ""|| status.readyReplicas == `0`) ].metadata.annotations."openshift.io/deployment-config.name"'') |intersect(pod_to_wait) |length == 0' # Documentation pertaining to jq syntax: # - http://jmespath.org/tutorial.html ansible/roles/ocp-workload-rhte-mw-msa-mesh/tasks/workload.yml
New file @@ -0,0 +1,39 @@ --- - name: define ocp_project set_fact: ocp_project: "{{lab_name}}-{{guid}}" - name: "Create project for workload {{ocp_project}}" shell: "oc new-project {{ocp_project}}" - name: "Label namespace" command: "oc label namespace {{ocp_project}} AAD='{{guid}}'" - name: Make sure we go back to default project shell: "oc project default" # ####### lab specific tasks ############## # # Components: # 1) Mongodb (use replica set .... 1 replica is sufficient) # 2) AMQ Streaming (Kafka with Zookeeper) # 3) Red Hat's Apache Spark ( https://radanalytics.io/projects ) # 4) JDG # 5) Decision Manager (KIE-Server, maybe Decision Central ? ) # 6) other ??? #################################################### - name: Annotate the empty project as requested by user shell: "oc annotate namespace {{ocp_project}} openshift.io/requester={{ocp_username}} --overwrite" - name: Give ocp_username access to ocp_project; user = {{ocp_username}} shell: "oc policy add-role-to-user admin {{ocp_username}} -n {{ocp_project}}" - name: workload Tasks Complete debug: msg: workload Tasks Complete
