From 1d687af25e920f5913b05853ba6b4c8c330b5690 Mon Sep 17 00:00:00 2001 From: Wolfgang Kulhanek <wkulhanek@users.noreply.github.com> Date: Sat, 14 Mar 2020 16:25:30 +0100 Subject: [PATCH] Change _input -> _vars, _secret -> _secrets (#1335) --- ansible/roles/host-virtualenv/readme.adoc | 66 ++++++++++++++++ ansible/roles/ocp4-workload-authentication/tasks/workload.yml | 4 ansible/roles/ocp4-workload-machinesets/tasks/workload.yml | 4 ansible/roles/ocp4-workload-logging/tasks/workload.yml | 4 ansible/configs/ocp-workloads/env_vars.yml | 2 ansible/roles/host-virtualenv/tasks/main.yml | 32 ++++++++ ansible/roles/ocp4-workload-machinesets/defaults/main.yml | 12 +-- ansible/roles/ocp4-workload-authentication/defaults/main.yml | 6 ansible/configs/ocp-workloads/destroy_env.yml | 4 ansible/roles/ocp4-workload-quay-operator/defaults/main.yml | 4 ansible/roles/ocp4-workload-logging/defaults/main.yml | 4 ansible/configs/ocp-workloads/post_software.yml | 4 ansible/roles/host-virtualenv/defaults/main.yml | 17 ++++ ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml | 4 ansible/roles/host-virtualenv/meta/main.yml | 15 +++ ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml | 4 16 files changed, 156 insertions(+), 30 deletions(-) diff --git a/ansible/configs/ocp-workloads/destroy_env.yml b/ansible/configs/ocp-workloads/destroy_env.yml index fe061e1..1a58ef1 100644 --- a/ansible/configs/ocp-workloads/destroy_env.yml +++ b/ansible/configs/ocp-workloads/destroy_env.yml @@ -15,8 +15,8 @@ set_fact: config_ocp_workloads: >- {{ config_ocp_workloads_defaults - | combine( config_ocp_workloads_input | default( {} ), - config_ocp_workloads_secret | default( {} ), recursive=true) + | combine( config_ocp_workloads_vars | default( {} ), + config_ocp_workloads_secrets | default( {} ), recursive=true) }} - name: Print combined role variables debug: diff --git a/ansible/configs/ocp-workloads/env_vars.yml b/ansible/configs/ocp-workloads/env_vars.yml index 3aa38db..6664710 100644 --- a/ansible/configs/ocp-workloads/env_vars.yml +++ b/ansible/configs/ocp-workloads/env_vars.yml @@ -3,7 +3,7 @@ # Default variables # Can't use 'ocp_workloads' because that's the other input to the role... -# Can be overridden via a dictionary called config_ocp_workloads_input +# Can be overridden via a dictionary called config_ocp_workloads_vars config_ocp_workloads_defaults: virtualenv_path: /opt/virtualenvs/k8s diff --git a/ansible/configs/ocp-workloads/post_software.yml b/ansible/configs/ocp-workloads/post_software.yml index 8c357bb..a6a1bda 100644 --- a/ansible/configs/ocp-workloads/post_software.yml +++ b/ansible/configs/ocp-workloads/post_software.yml @@ -10,8 +10,8 @@ set_fact: config_ocp_workloads: >- {{ config_ocp_workloads_defaults - | combine( config_ocp_workloads_input | default( {} ), - config_ocp_workloads_secret | default( {} ), recursive=true) + | combine( config_ocp_workloads_vars | default( {} ), + config_ocp_workloads_secrets | default( {} ), recursive=true) }} - name: Print combined role variables debug: diff --git a/ansible/roles/host-virtualenv/defaults/main.yml b/ansible/roles/host-virtualenv/defaults/main.yml new file mode 100644 index 0000000..619675a --- /dev/null +++ b/ansible/roles/host-virtualenv/defaults/main.yml @@ -0,0 +1,17 @@ +--- +become_override: False +ocp_username: "system:admin" +silent: False + +host_virtualenv_defaults: + virtualenv_path: /opt/virtualenvs/k8s + install_virtualenv: false + virtualenv_package: + - python-virtualenv +# - python34-virtualenv +# - python36-virtualenv + virtualenv_python: /usr/bin/python + python_packages: + - ansible==2.9.6 + - openshift=0.10.2 + - selinux==0.2.1 \ No newline at end of file diff --git a/ansible/roles/host-virtualenv/meta/main.yml b/ansible/roles/host-virtualenv/meta/main.yml new file mode 100644 index 0000000..6386bf9 --- /dev/null +++ b/ansible/roles/host-virtualenv/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + role_name: host-virtualenv + author: Wolfgang Kulhanek + description: | + Set up a Python VirtualEnv on a Host + license: MIT + min_ansible_version: 2.8 + platforms: [] + galaxy_tags: + - ocp + - openshift + - python + - virtualenv +dependencies: [] diff --git a/ansible/roles/host-virtualenv/readme.adoc b/ansible/roles/host-virtualenv/readme.adoc new file mode 100644 index 0000000..b95ba2b --- /dev/null +++ b/ansible/roles/host-virtualenv/readme.adoc @@ -0,0 +1,66 @@ += host-virtualenv - Set up a Python VirtualEnv on a host + +== Role overview + +* This role set up a Python virtual environment on a host. It consists of the following playbooks: +** Playbook: link:./tasks/pre_workload.yml[pre_workload.yml] - Sets up an + environment for the workload deployment. +*** Debug task will print out: `pre_workload Tasks completed successfully.` + +** Playbook: link:./tasks/workload.yml[workload.yml] - Used to configure authentication +*** Debug task will print out: `workload Tasks completed successfully.` + +** Playbook: link:./tasks/post_workload.yml[post_workload.yml] - Used to + configure the workload after deployment +*** This role doesn't do anything here +*** Debug task will print out: `post_workload Tasks completed successfully.` + +** Playbook: link:./tasks/remove_workload.yml[remove_workload.yml] - Used to + delete the workload +*** This role removes authentication from OCP 4. This role does *not* recreate the kubeadmin user - the only way to use OpenShift after removing the workload is via the `system:admin` user from the bastion VM. +*** Debug task will print out: `remove_workload Tasks completed successfully.` + +== Review the defaults variable file + +* This file link:./defaults/main.yml[./defaults/main.yml] contains all the variables you need to define to control the deployment of your workload. +* The variable *ocp_username* is mandatory to assign the workload to the correct OpenShift user. +* A variable *silent=True* can be passed to suppress debug messages. +* You can modify any of these default values by adding `-e "variable_name=variable_value"` to the command line + +=== Deploy a Workload with the `ocp-workload` playbook [Mostly for testing] + +---- +TARGET_HOST="bastion.wk.red.osp.opentlc.com" +OCP_USERNAME="wkulhane" +WORKLOAD="ocp4-workload-authentication" +GUID=wk + +# a TARGET_HOST is specified in the command line, without using an inventory file +ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ + -e"ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem" \ + -e"ansible_user=cloud-user" \ + -e"ocp_username=${OCP_USERNAME}" \ + -e"ocp_workload=${WORKLOAD}" \ + -e"silent=False" \ + -e"guid=${GUID}" \ + -e"ACTION=create" +---- + +=== To Delete an environment + +---- +TARGET_HOST="bastion.wk.red.osp.opentlc.com" +OCP_USERNAME="wkulhane" +WORKLOAD="ocp4-workload-authentication" +GUID=wk + +# a TARGET_HOST is specified in the command line, without using an inventory file +ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ + -e"ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem" \ + -e"ansible_user=ec2-user" \ + -e"ocp_username=${OCP_USERNAME}" \ + -e"ocp_workload=${WORKLOAD}" \ + -e"guid=${GUID}" \ + -e"ACTION=remove" +---- + diff --git a/ansible/roles/host-virtualenv/tasks/main.yml b/ansible/roles/host-virtualenv/tasks/main.yml new file mode 100644 index 0000000..62c061b --- /dev/null +++ b/ansible/roles/host-virtualenv/tasks/main.yml @@ -0,0 +1,32 @@ +--- +- name: Set up combined host_virtualenv dictionary + set_fact: + host_virtualenv: >- + {{ host_virtualenv_defaults + | combine(host_virtualenv_vars | default( {} ), + host_virtualenv_secrets | default( {} ), recursive=true) + }} +- name: Print combined role variables + debug: + var: host_virtualenv + verbosity: 2 + +- name: Check if desired virtualenv is available on the host + stat: + path: "{{ host_virtualenv.virtualenv_path}}/bin/python" + register: r_virtualenv + +- name: Install Virtualenv if it doesn't exist yet + when: + - not r_virtualenv.exists + block: + - name: Ensure Virtualenv package is installed + package: + state: present + name: "{{ host_virtualenv.virtualenv_package }}" + - name: Set up Virtualenv + pip: + state: present + name: "{{ host_virtualenv.python_packages }}" + virtualenv: "{{ host_virtualenv.virtualenv_path }}" + virtualenv_python: "{{ host_virtualenv.virtualenv_python }}" diff --git a/ansible/roles/ocp4-workload-authentication/defaults/main.yml b/ansible/roles/ocp4-workload-authentication/defaults/main.yml index b2eb491..283aed9 100644 --- a/ansible/roles/ocp4-workload-authentication/defaults/main.yml +++ b/ansible/roles/ocp4-workload-authentication/defaults/main.yml @@ -31,13 +31,13 @@ remove_kubeadmin: true # Override the defaults by setting the overrides in -# ocp4_workload_logging_input: {} +# ocp4_workload_logging_vars: {} # # For example to set up LDAP: -# ocp4_workload_authentication_input: +# ocp4_workload_authentication_vars: # idm_type: ldap # admin_user: wkulhane-redhat.com # Secret Variables should come from secrets file -# ocp4_workload_authentication_secret: +# ocp4_workload_authentication_secrets: # ldap_bind_password: <should come from secrets> diff --git a/ansible/roles/ocp4-workload-authentication/tasks/workload.yml b/ansible/roles/ocp4-workload-authentication/tasks/workload.yml index 6ef4ea3..ccc198d 100644 --- a/ansible/roles/ocp4-workload-authentication/tasks/workload.yml +++ b/ansible/roles/ocp4-workload-authentication/tasks/workload.yml @@ -3,8 +3,8 @@ set_fact: ocp4_workload_authentication: >- {{ ocp4_workload_authentication_defaults - | combine(ocp4_workload_authentication_input | default( {} ), - ocp4_workload_authentication_secret | default( {} ), recursive=true) + | combine(ocp4_workload_authentication_vars | default( {} ), + ocp4_workload_authentication_secrets | default( {} ), recursive=true) }} - name: Print combined role variables debug: diff --git a/ansible/roles/ocp4-workload-logging/defaults/main.yml b/ansible/roles/ocp4-workload-logging/defaults/main.yml index 57e082f..41018ff 100644 --- a/ansible/roles/ocp4-workload-logging/defaults/main.yml +++ b/ansible/roles/ocp4-workload-logging/defaults/main.yml @@ -11,7 +11,7 @@ elasticsearch_storage_request: "50Gi" # Override the defaults by setting the overrides in -# ocp4_workload_logging_input: {} +# ocp4_workload_logging_vars: {} # # Example: Set up Cluster Logging on dedicated nodes # In this example `elasticsearch` nodes. @@ -29,7 +29,7 @@ # value: reserved # effect: NoExecute -# ocp4_workload_logging_inputs: +# ocp4_workload_logging_vars: # node_role: "elasticsearch" # elasticsearch_replicas: 1 # elasticsearch_memory_request: "8Gi" diff --git a/ansible/roles/ocp4-workload-logging/tasks/workload.yml b/ansible/roles/ocp4-workload-logging/tasks/workload.yml index edad863..9a72b40 100644 --- a/ansible/roles/ocp4-workload-logging/tasks/workload.yml +++ b/ansible/roles/ocp4-workload-logging/tasks/workload.yml @@ -3,8 +3,8 @@ set_fact: ocp4_workload_logging: >- {{ ocp4_workload_logging_defaults - | combine(ocp4_workload_logging_input | default( {} ), - ocp4_workload_logging_secret | default( {}), recursive=true ) + | combine(ocp4_workload_logging_vars | default( {} ), + ocp4_workload_logging_secrets | default( {}), recursive=true ) }} - name: Print combined role variables debug: diff --git a/ansible/roles/ocp4-workload-machinesets/defaults/main.yml b/ansible/roles/ocp4-workload-machinesets/defaults/main.yml index c21856f..1272c58 100644 --- a/ansible/roles/ocp4-workload-machinesets/defaults/main.yml +++ b/ansible/roles/ocp4-workload-machinesets/defaults/main.yml @@ -9,8 +9,7 @@ # more descriptive names. ocp4_workload_machinesets_defaults: machineset_groups: - # Infranodes: Must be named "infra" if - # desired + # Infranodes: Must be named "infra" - name: infra autoscale: false total_replicas: 1 @@ -30,13 +29,10 @@ # instance_type for OpenStack # instance_type: "4c16g30d" -# Override the defaults by setting the overrides in -# ocp4_workload_logging_input: {} - # To add Elasticsearch nodes (for Cluster Logging) add the following to # the ocp4_workload_machinesets_group: # -# ocp4_workload_machinesets_input: +# ocp4_workload_machinesets_vars: # - name: elasticsearch # autoscale: false # total_replicas: 1 @@ -56,7 +52,7 @@ # To add another group of worker nodes - with autoscaling enabled add # the following: # -# ocp4_workload_machinesets_input: +# ocp4_workload_machinesets_vars: # - name: worker-scaled # autoscale: true # total_replicas: 1 @@ -70,7 +66,7 @@ # following to the ocp4_workloads_machineset_group. # Make sure you have enough disk space (and quota): # -# ocp4_workload_machinesets_input: +# ocp4_workload_machinesets_vars: # - name: ocs # autoscale: false # total_replicas: 3 diff --git a/ansible/roles/ocp4-workload-machinesets/tasks/workload.yml b/ansible/roles/ocp4-workload-machinesets/tasks/workload.yml index 9e2cdf1..cdb64a0 100644 --- a/ansible/roles/ocp4-workload-machinesets/tasks/workload.yml +++ b/ansible/roles/ocp4-workload-machinesets/tasks/workload.yml @@ -3,8 +3,8 @@ set_fact: ocp4_workload_machinesets: >- {{ ocp4_workload_machinesets_defaults - | combine(ocp4_workload_machinesets_input | default( {} ), - ocp4_workload_machinesets_secret | default( {} ), recursive=true ) + | combine(ocp4_workload_machinesets_vars | default( {} ), + ocp4_workload_machinesets_secrets | default( {} ), recursive=true ) }} - name: Print combined role variables debug: diff --git a/ansible/roles/ocp4-workload-quay-operator/defaults/main.yml b/ansible/roles/ocp4-workload-quay-operator/defaults/main.yml index ac353d6..9b84b4e 100644 --- a/ansible/roles/ocp4-workload-quay-operator/defaults/main.yml +++ b/ansible/roles/ocp4-workload-quay-operator/defaults/main.yml @@ -4,7 +4,7 @@ silent: False # Default variables. Overwrite with a dictionary -# ocp4_workload_quay_operator_input +# ocp4_workload_quay_operator_vars ocp4_workload_quay_operator_defaults: project: quay-enterprise @@ -87,7 +87,7 @@ # Access Credentials for Quay.io to pull Red Hat Quay # Should be overwritten via base64 encoded Global Variables !!! # reference https://access.redhat.com/solutions/3533201 -# ocp4_workload_quay_operator_secret: +# ocp4_workload_quay_operator_secrets: # quay_dockerconfigjson: 'pull_secret' # Internal variables. Don't set or change diff --git a/ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml b/ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml index 1b20713..ab5b011 100644 --- a/ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml +++ b/ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml @@ -3,8 +3,8 @@ set_fact: ocp4_workload_quay_operator: >- {{ ocp4_workload_quay_operator_defaults - | combine(ocp4_workload_quay_operator_input | default( {} ), - ocp4_workload_quay_operator_secret | default( {} ), recursive=true) + | combine(ocp4_workload_quay_operator_vars | default( {} ), + ocp4_workload_quay_operator_secrets | default( {} ), recursive=true) }} - name: Remove Red Hat Quay Operator diff --git a/ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml b/ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml index 39ce709..b2ebb06 100644 --- a/ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml +++ b/ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml @@ -3,8 +3,8 @@ set_fact: ocp4_workload_quay_operator: >- {{ ocp4_workload_quay_operator_defaults - | combine(ocp4_workload_quay_operator_input | default( {} ), - ocp4_workload_quay_operator_secret | default( {} ), recursive=true) + | combine(ocp4_workload_quay_operator_vars | default( {} ), + ocp4_workload_quay_operator_secrets | default( {} ), recursive=true) }} - name: Print combined role variables debug: -- Gitblit v1.9.3