From 1d687af25e920f5913b05853ba6b4c8c330b5690 Mon Sep 17 00:00:00 2001
From: Wolfgang Kulhanek <wkulhanek@users.noreply.github.com>
Date: Sat, 14 Mar 2020 16:25:30 +0100
Subject: [PATCH] Change _input -> _vars, _secret -> _secrets (#1335)
---
ansible/roles/host-virtualenv/readme.adoc | 66 ++++++++++++++++
ansible/roles/ocp4-workload-authentication/tasks/workload.yml | 4
ansible/roles/ocp4-workload-machinesets/tasks/workload.yml | 4
ansible/roles/ocp4-workload-logging/tasks/workload.yml | 4
ansible/configs/ocp-workloads/env_vars.yml | 2
ansible/roles/host-virtualenv/tasks/main.yml | 32 ++++++++
ansible/roles/ocp4-workload-machinesets/defaults/main.yml | 12 +--
ansible/roles/ocp4-workload-authentication/defaults/main.yml | 6
ansible/configs/ocp-workloads/destroy_env.yml | 4
ansible/roles/ocp4-workload-quay-operator/defaults/main.yml | 4
ansible/roles/ocp4-workload-logging/defaults/main.yml | 4
ansible/configs/ocp-workloads/post_software.yml | 4
ansible/roles/host-virtualenv/defaults/main.yml | 17 ++++
ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml | 4
ansible/roles/host-virtualenv/meta/main.yml | 15 +++
ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml | 4
16 files changed, 156 insertions(+), 30 deletions(-)
diff --git a/ansible/configs/ocp-workloads/destroy_env.yml b/ansible/configs/ocp-workloads/destroy_env.yml
index fe061e1..1a58ef1 100644
--- a/ansible/configs/ocp-workloads/destroy_env.yml
+++ b/ansible/configs/ocp-workloads/destroy_env.yml
@@ -15,8 +15,8 @@
set_fact:
config_ocp_workloads: >-
{{ config_ocp_workloads_defaults
- | combine( config_ocp_workloads_input | default( {} ),
- config_ocp_workloads_secret | default( {} ), recursive=true)
+ | combine( config_ocp_workloads_vars | default( {} ),
+ config_ocp_workloads_secrets | default( {} ), recursive=true)
}}
- name: Print combined role variables
debug:
diff --git a/ansible/configs/ocp-workloads/env_vars.yml b/ansible/configs/ocp-workloads/env_vars.yml
index 3aa38db..6664710 100644
--- a/ansible/configs/ocp-workloads/env_vars.yml
+++ b/ansible/configs/ocp-workloads/env_vars.yml
@@ -3,7 +3,7 @@
# Default variables
# Can't use 'ocp_workloads' because that's the other input to the role...
-# Can be overridden via a dictionary called config_ocp_workloads_input
+# Can be overridden via a dictionary called config_ocp_workloads_vars
config_ocp_workloads_defaults:
virtualenv_path: /opt/virtualenvs/k8s
diff --git a/ansible/configs/ocp-workloads/post_software.yml b/ansible/configs/ocp-workloads/post_software.yml
index 8c357bb..a6a1bda 100644
--- a/ansible/configs/ocp-workloads/post_software.yml
+++ b/ansible/configs/ocp-workloads/post_software.yml
@@ -10,8 +10,8 @@
set_fact:
config_ocp_workloads: >-
{{ config_ocp_workloads_defaults
- | combine( config_ocp_workloads_input | default( {} ),
- config_ocp_workloads_secret | default( {} ), recursive=true)
+ | combine( config_ocp_workloads_vars | default( {} ),
+ config_ocp_workloads_secrets | default( {} ), recursive=true)
}}
- name: Print combined role variables
debug:
diff --git a/ansible/roles/host-virtualenv/defaults/main.yml b/ansible/roles/host-virtualenv/defaults/main.yml
new file mode 100644
index 0000000..619675a
--- /dev/null
+++ b/ansible/roles/host-virtualenv/defaults/main.yml
@@ -0,0 +1,17 @@
+---
+become_override: False
+ocp_username: "system:admin"
+silent: False
+
+host_virtualenv_defaults:
+ virtualenv_path: /opt/virtualenvs/k8s
+ install_virtualenv: false
+ virtualenv_package:
+ - python-virtualenv
+# - python34-virtualenv
+# - python36-virtualenv
+ virtualenv_python: /usr/bin/python
+ python_packages:
+ - ansible==2.9.6
+ - openshift=0.10.2
+ - selinux==0.2.1
\ No newline at end of file
diff --git a/ansible/roles/host-virtualenv/meta/main.yml b/ansible/roles/host-virtualenv/meta/main.yml
new file mode 100644
index 0000000..6386bf9
--- /dev/null
+++ b/ansible/roles/host-virtualenv/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+ role_name: host-virtualenv
+ author: Wolfgang Kulhanek
+ description: |
+ Set up a Python VirtualEnv on a Host
+ license: MIT
+ min_ansible_version: 2.8
+ platforms: []
+ galaxy_tags:
+ - ocp
+ - openshift
+ - python
+ - virtualenv
+dependencies: []
diff --git a/ansible/roles/host-virtualenv/readme.adoc b/ansible/roles/host-virtualenv/readme.adoc
new file mode 100644
index 0000000..b95ba2b
--- /dev/null
+++ b/ansible/roles/host-virtualenv/readme.adoc
@@ -0,0 +1,66 @@
+= host-virtualenv - Set up a Python VirtualEnv on a host
+
+== Role overview
+
+* This role set up a Python virtual environment on a host. It consists of the following playbooks:
+** Playbook: link:./tasks/pre_workload.yml[pre_workload.yml] - Sets up an
+ environment for the workload deployment.
+*** Debug task will print out: `pre_workload Tasks completed successfully.`
+
+** Playbook: link:./tasks/workload.yml[workload.yml] - Used to configure authentication
+*** Debug task will print out: `workload Tasks completed successfully.`
+
+** Playbook: link:./tasks/post_workload.yml[post_workload.yml] - Used to
+ configure the workload after deployment
+*** This role doesn't do anything here
+*** Debug task will print out: `post_workload Tasks completed successfully.`
+
+** Playbook: link:./tasks/remove_workload.yml[remove_workload.yml] - Used to
+ delete the workload
+*** This role removes authentication from OCP 4. This role does *not* recreate the kubeadmin user - the only way to use OpenShift after removing the workload is via the `system:admin` user from the bastion VM.
+*** Debug task will print out: `remove_workload Tasks completed successfully.`
+
+== Review the defaults variable file
+
+* This file link:./defaults/main.yml[./defaults/main.yml] contains all the variables you need to define to control the deployment of your workload.
+* The variable *ocp_username* is mandatory to assign the workload to the correct OpenShift user.
+* A variable *silent=True* can be passed to suppress debug messages.
+* You can modify any of these default values by adding `-e "variable_name=variable_value"` to the command line
+
+=== Deploy a Workload with the `ocp-workload` playbook [Mostly for testing]
+
+----
+TARGET_HOST="bastion.wk.red.osp.opentlc.com"
+OCP_USERNAME="wkulhane"
+WORKLOAD="ocp4-workload-authentication"
+GUID=wk
+
+# a TARGET_HOST is specified in the command line, without using an inventory file
+ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \
+ -e"ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem" \
+ -e"ansible_user=cloud-user" \
+ -e"ocp_username=${OCP_USERNAME}" \
+ -e"ocp_workload=${WORKLOAD}" \
+ -e"silent=False" \
+ -e"guid=${GUID}" \
+ -e"ACTION=create"
+----
+
+=== To Delete an environment
+
+----
+TARGET_HOST="bastion.wk.red.osp.opentlc.com"
+OCP_USERNAME="wkulhane"
+WORKLOAD="ocp4-workload-authentication"
+GUID=wk
+
+# a TARGET_HOST is specified in the command line, without using an inventory file
+ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \
+ -e"ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem" \
+ -e"ansible_user=ec2-user" \
+ -e"ocp_username=${OCP_USERNAME}" \
+ -e"ocp_workload=${WORKLOAD}" \
+ -e"guid=${GUID}" \
+ -e"ACTION=remove"
+----
+
diff --git a/ansible/roles/host-virtualenv/tasks/main.yml b/ansible/roles/host-virtualenv/tasks/main.yml
new file mode 100644
index 0000000..62c061b
--- /dev/null
+++ b/ansible/roles/host-virtualenv/tasks/main.yml
@@ -0,0 +1,32 @@
+---
+- name: Set up combined host_virtualenv dictionary
+ set_fact:
+ host_virtualenv: >-
+ {{ host_virtualenv_defaults
+ | combine(host_virtualenv_vars | default( {} ),
+ host_virtualenv_secrets | default( {} ), recursive=true)
+ }}
+- name: Print combined role variables
+ debug:
+ var: host_virtualenv
+ verbosity: 2
+
+- name: Check if desired virtualenv is available on the host
+ stat:
+ path: "{{ host_virtualenv.virtualenv_path}}/bin/python"
+ register: r_virtualenv
+
+- name: Install Virtualenv if it doesn't exist yet
+ when:
+ - not r_virtualenv.exists
+ block:
+ - name: Ensure Virtualenv package is installed
+ package:
+ state: present
+ name: "{{ host_virtualenv.virtualenv_package }}"
+ - name: Set up Virtualenv
+ pip:
+ state: present
+ name: "{{ host_virtualenv.python_packages }}"
+ virtualenv: "{{ host_virtualenv.virtualenv_path }}"
+ virtualenv_python: "{{ host_virtualenv.virtualenv_python }}"
diff --git a/ansible/roles/ocp4-workload-authentication/defaults/main.yml b/ansible/roles/ocp4-workload-authentication/defaults/main.yml
index b2eb491..283aed9 100644
--- a/ansible/roles/ocp4-workload-authentication/defaults/main.yml
+++ b/ansible/roles/ocp4-workload-authentication/defaults/main.yml
@@ -31,13 +31,13 @@
remove_kubeadmin: true
# Override the defaults by setting the overrides in
-# ocp4_workload_logging_input: {}
+# ocp4_workload_logging_vars: {}
#
# For example to set up LDAP:
-# ocp4_workload_authentication_input:
+# ocp4_workload_authentication_vars:
# idm_type: ldap
# admin_user: wkulhane-redhat.com
# Secret Variables should come from secrets file
-# ocp4_workload_authentication_secret:
+# ocp4_workload_authentication_secrets:
# ldap_bind_password: <should come from secrets>
diff --git a/ansible/roles/ocp4-workload-authentication/tasks/workload.yml b/ansible/roles/ocp4-workload-authentication/tasks/workload.yml
index 6ef4ea3..ccc198d 100644
--- a/ansible/roles/ocp4-workload-authentication/tasks/workload.yml
+++ b/ansible/roles/ocp4-workload-authentication/tasks/workload.yml
@@ -3,8 +3,8 @@
set_fact:
ocp4_workload_authentication: >-
{{ ocp4_workload_authentication_defaults
- | combine(ocp4_workload_authentication_input | default( {} ),
- ocp4_workload_authentication_secret | default( {} ), recursive=true)
+ | combine(ocp4_workload_authentication_vars | default( {} ),
+ ocp4_workload_authentication_secrets | default( {} ), recursive=true)
}}
- name: Print combined role variables
debug:
diff --git a/ansible/roles/ocp4-workload-logging/defaults/main.yml b/ansible/roles/ocp4-workload-logging/defaults/main.yml
index 57e082f..41018ff 100644
--- a/ansible/roles/ocp4-workload-logging/defaults/main.yml
+++ b/ansible/roles/ocp4-workload-logging/defaults/main.yml
@@ -11,7 +11,7 @@
elasticsearch_storage_request: "50Gi"
# Override the defaults by setting the overrides in
-# ocp4_workload_logging_input: {}
+# ocp4_workload_logging_vars: {}
#
# Example: Set up Cluster Logging on dedicated nodes
# In this example `elasticsearch` nodes.
@@ -29,7 +29,7 @@
# value: reserved
# effect: NoExecute
-# ocp4_workload_logging_inputs:
+# ocp4_workload_logging_vars:
# node_role: "elasticsearch"
# elasticsearch_replicas: 1
# elasticsearch_memory_request: "8Gi"
diff --git a/ansible/roles/ocp4-workload-logging/tasks/workload.yml b/ansible/roles/ocp4-workload-logging/tasks/workload.yml
index edad863..9a72b40 100644
--- a/ansible/roles/ocp4-workload-logging/tasks/workload.yml
+++ b/ansible/roles/ocp4-workload-logging/tasks/workload.yml
@@ -3,8 +3,8 @@
set_fact:
ocp4_workload_logging: >-
{{ ocp4_workload_logging_defaults
- | combine(ocp4_workload_logging_input | default( {} ),
- ocp4_workload_logging_secret | default( {}), recursive=true )
+ | combine(ocp4_workload_logging_vars | default( {} ),
+ ocp4_workload_logging_secrets | default( {}), recursive=true )
}}
- name: Print combined role variables
debug:
diff --git a/ansible/roles/ocp4-workload-machinesets/defaults/main.yml b/ansible/roles/ocp4-workload-machinesets/defaults/main.yml
index c21856f..1272c58 100644
--- a/ansible/roles/ocp4-workload-machinesets/defaults/main.yml
+++ b/ansible/roles/ocp4-workload-machinesets/defaults/main.yml
@@ -9,8 +9,7 @@
# more descriptive names.
ocp4_workload_machinesets_defaults:
machineset_groups:
- # Infranodes: Must be named "infra" if
- # desired
+ # Infranodes: Must be named "infra"
- name: infra
autoscale: false
total_replicas: 1
@@ -30,13 +29,10 @@
# instance_type for OpenStack
# instance_type: "4c16g30d"
-# Override the defaults by setting the overrides in
-# ocp4_workload_logging_input: {}
-
# To add Elasticsearch nodes (for Cluster Logging) add the following to
# the ocp4_workload_machinesets_group:
#
-# ocp4_workload_machinesets_input:
+# ocp4_workload_machinesets_vars:
# - name: elasticsearch
# autoscale: false
# total_replicas: 1
@@ -56,7 +52,7 @@
# To add another group of worker nodes - with autoscaling enabled add
# the following:
#
-# ocp4_workload_machinesets_input:
+# ocp4_workload_machinesets_vars:
# - name: worker-scaled
# autoscale: true
# total_replicas: 1
@@ -70,7 +66,7 @@
# following to the ocp4_workloads_machineset_group.
# Make sure you have enough disk space (and quota):
#
-# ocp4_workload_machinesets_input:
+# ocp4_workload_machinesets_vars:
# - name: ocs
# autoscale: false
# total_replicas: 3
diff --git a/ansible/roles/ocp4-workload-machinesets/tasks/workload.yml b/ansible/roles/ocp4-workload-machinesets/tasks/workload.yml
index 9e2cdf1..cdb64a0 100644
--- a/ansible/roles/ocp4-workload-machinesets/tasks/workload.yml
+++ b/ansible/roles/ocp4-workload-machinesets/tasks/workload.yml
@@ -3,8 +3,8 @@
set_fact:
ocp4_workload_machinesets: >-
{{ ocp4_workload_machinesets_defaults
- | combine(ocp4_workload_machinesets_input | default( {} ),
- ocp4_workload_machinesets_secret | default( {} ), recursive=true )
+ | combine(ocp4_workload_machinesets_vars | default( {} ),
+ ocp4_workload_machinesets_secrets | default( {} ), recursive=true )
}}
- name: Print combined role variables
debug:
diff --git a/ansible/roles/ocp4-workload-quay-operator/defaults/main.yml b/ansible/roles/ocp4-workload-quay-operator/defaults/main.yml
index ac353d6..9b84b4e 100644
--- a/ansible/roles/ocp4-workload-quay-operator/defaults/main.yml
+++ b/ansible/roles/ocp4-workload-quay-operator/defaults/main.yml
@@ -4,7 +4,7 @@
silent: False
# Default variables. Overwrite with a dictionary
-# ocp4_workload_quay_operator_input
+# ocp4_workload_quay_operator_vars
ocp4_workload_quay_operator_defaults:
project: quay-enterprise
@@ -87,7 +87,7 @@
# Access Credentials for Quay.io to pull Red Hat Quay
# Should be overwritten via base64 encoded Global Variables !!!
# reference https://access.redhat.com/solutions/3533201
-# ocp4_workload_quay_operator_secret:
+# ocp4_workload_quay_operator_secrets:
# quay_dockerconfigjson: 'pull_secret'
# Internal variables. Don't set or change
diff --git a/ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml b/ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml
index 1b20713..ab5b011 100644
--- a/ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml
+++ b/ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml
@@ -3,8 +3,8 @@
set_fact:
ocp4_workload_quay_operator: >-
{{ ocp4_workload_quay_operator_defaults
- | combine(ocp4_workload_quay_operator_input | default( {} ),
- ocp4_workload_quay_operator_secret | default( {} ), recursive=true)
+ | combine(ocp4_workload_quay_operator_vars | default( {} ),
+ ocp4_workload_quay_operator_secrets | default( {} ), recursive=true)
}}
- name: Remove Red Hat Quay Operator
diff --git a/ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml b/ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml
index 39ce709..b2ebb06 100644
--- a/ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml
+++ b/ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml
@@ -3,8 +3,8 @@
set_fact:
ocp4_workload_quay_operator: >-
{{ ocp4_workload_quay_operator_defaults
- | combine(ocp4_workload_quay_operator_input | default( {} ),
- ocp4_workload_quay_operator_secret | default( {} ), recursive=true)
+ | combine(ocp4_workload_quay_operator_vars | default( {} ),
+ ocp4_workload_quay_operator_secrets | default( {} ), recursive=true)
}}
- name: Print combined role variables
debug:
--
Gitblit v1.9.3