From 3b538cc3951a38dd499fbf4ce54476f0d4ec25eb Mon Sep 17 00:00:00 2001 From: Fabian von Feilitzsch Date: Thu, 8 Jun 2017 11:31:24 -0400 Subject: add play and role to install ansible-service-broker * add ansible-service-broker role to catalog install playbook add ansible_service_broker to catalog install flow fix indentation syntax error respond to code review Remove content, update image prefix to exclude image name Make variables deployment type specific, add rhcc configuration, add fact validation some spacing/comments Remove ansible_service_broker_namespace variable Fix stupid typo == nil -> is none nil -> null, fix validation checks Fix a few typos Add Broker object to catalog replace oc_pvc creation with oc_obj remove namespace from broker creation fix namespace --- .../common/openshift-cluster/service_catalog.yml | 2 +- roles/ansible_service_broker/defaults/main.yml | 6 + roles/ansible_service_broker/meta/main.yml | 15 ++ roles/ansible_service_broker/tasks/install.yml | 268 +++++++++++++++++++++ roles/ansible_service_broker/tasks/main.yml | 8 + roles/ansible_service_broker/tasks/remove.yml | 65 +++++ .../tasks/validate_facts.yml | 14 ++ .../ansible_service_broker/vars/default_images.yml | 13 + .../vars/openshift-enterprise.yml | 13 + 9 files changed, 403 insertions(+), 1 deletion(-) create mode 100644 roles/ansible_service_broker/defaults/main.yml create mode 100644 roles/ansible_service_broker/meta/main.yml create mode 100644 roles/ansible_service_broker/tasks/install.yml create mode 100644 roles/ansible_service_broker/tasks/main.yml create mode 100644 roles/ansible_service_broker/tasks/remove.yml create mode 100644 roles/ansible_service_broker/tasks/validate_facts.yml create mode 100644 roles/ansible_service_broker/vars/default_images.yml create mode 100644 roles/ansible_service_broker/vars/openshift-enterprise.yml diff --git a/playbooks/common/openshift-cluster/service_catalog.yml b/playbooks/common/openshift-cluster/service_catalog.yml index dd1d33525..c42e8781a 100644 --- a/playbooks/common/openshift-cluster/service_catalog.yml +++ b/playbooks/common/openshift-cluster/service_catalog.yml @@ -5,4 +5,4 @@ hosts: oo_first_master roles: - openshift_service_catalog - - openshift_service_catalog_broker + - ansible_service_broker diff --git a/roles/ansible_service_broker/defaults/main.yml b/roles/ansible_service_broker/defaults/main.yml new file mode 100644 index 000000000..4a7252679 --- /dev/null +++ b/roles/ansible_service_broker/defaults/main.yml @@ -0,0 +1,6 @@ +--- + +ansible_service_broker_remove: false +ansible_service_broker_log_level: info +# Recommended you do not enable this for now +ansible_service_broker_launch_apb_on_bind: false diff --git a/roles/ansible_service_broker/meta/main.yml b/roles/ansible_service_broker/meta/main.yml new file mode 100644 index 000000000..ec4aafb79 --- /dev/null +++ b/roles/ansible_service_broker/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + author: Fabian von Feilitzsch + description: OpenShift Ansible Service Broker + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 2.1 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: +- role: lib_openshift diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml new file mode 100644 index 000000000..3d7023704 --- /dev/null +++ b/roles/ansible_service_broker/tasks/install.yml @@ -0,0 +1,268 @@ +--- + +# Fact setting and validations +- name: Set default image variables based on deployment type + include_vars: "{{ item }}" + with_first_found: + - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "default_images.yml" + +- name: set ansible_service_broker facts + set_fact: + ansible_service_broker_image_prefix: "{{ ansible_service_broker_image_prefix | default(__ansible_service_broker_image_prefix) }}" + ansible_service_broker_image_tag: "{{ ansible_service_broker_image_tag | default(__ansible_service_broker_image_tag) }}" + + ansible_service_broker_etcd_image_prefix: "{{ ansible_service_broker_etcd_image_prefix | default(__ansible_service_broker_etcd_image_prefix) }}" + ansible_service_broker_etcd_image_tag: "{{ ansible_service_broker_etcd_image_tag | default(__ansible_service_broker_etcd_image_tag) }}" + + ansible_service_broker_registry_type: "{{ ansible_service_broker_registry_type | default(__ansible_service_broker_registry_type) }}" + ansible_service_broker_registry_url: "{{ ansible_service_broker_registry_url | default(__ansible_service_broker_registry_url) }}" + ansible_service_broker_registry_user: "{{ ansible_service_broker_registry_user | default(__ansible_service_broker_registry_user) }}" + ansible_service_broker_registry_password: "{{ ansible_service_broker_registry_password | default(__ansible_service_broker_registry_password) }}" + ansible_service_broker_registry_organization: "{{ ansible_service_broker_registry_organization | default(__ansible_service_broker_registry_organization) }}" + +- name: set ansible-service-broker image facts using set prefix and tag + set_fact: + ansible_service_broker_image: "{{ ansible_service_broker_image_prefix }}ansible-service-broker:{{ ansible_service_broker_image_tag }}" + ansible_service_broker_etcd_image: "{{ ansible_service_broker_etcd_image_prefix }}ansible-service-broker:{{ ansible_service_broker_etcd_image_tag }}" + +- include: validate_facts.yml + + +# Deployment of ansible-service-broker starts here +- name: create openshift-ansible-service-broker project + oc_project: + name: openshift-ansible-service-broker + state: present + +- name: create ansible-service-broker serviceaccount + oc_serviceaccount: + name: asb + namespace: openshift-ansible-service-broker + state: present + +- name: create ansible-service-broker service + oc_service: + name: asb + namespace: openshift-ansible-service-broker + state: present + labels: + app: ansible-service-broker + service: asb + ports: + - name: port-1338 + port: 1338 + selector: + app: ansible-service-broker + service: asb + +- name: create etcd service + oc_service: + name: etcd + namespace: openshift-ansible-service-broker + state: present + ports: + - name: etcd-advertise + port: 2379 + selector: + app: ansible-service-broker + service: etcd + +- name: create route for ansible-service-broker service + oc_route: + name: asb-1338 + namespace: openshift-ansible-service-broker + state: present + service_name: asb + port: 1338 + register: asb_route_out + +- name: get ansible-service-broker route name + set_fact: + ansible_service_broker_route: "{{ asb_route_out.results.results[0].spec.host }}" + +- name: create persistent volume claim for etcd + oc_obj: + name: etcd + namespace: openshift-ansible-service-broker + state: present + kind: PersistentVolumeClaim + content: + path: /tmp/dcout + data: + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: etcd + namespace: openshift-ansible-service-broker + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + +- name: create etcd deployment + oc_obj: + name: etcd + namespace: openshift-ansible-service-broker + state: present + kind: Deployment + content: + path: /tmp/dcout + data: + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: etcd + namespace: openshift-ansible-service-broker + labels: + app: ansible-service-broker + service: etcd + spec: + selector: + matchLabels: + app: ansible-service-broker + service: etcd + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + replicas: 1 + template: + metadata: + labels: + app: ansible-service-broker + service: etcd + spec: + restartPolicy: Always + containers: + - image: "{{ ansible_service_broker_etcd_image }}" + name: etcd + imagePullPolicy: IfNotPresent + terminationMessagePath: /tmp/termination-log + workingDir: /etcd + args: + - ./etcd + - --data-dir=/data + - "--listen-client-urls=http://0.0.0.0:2379" + - "--advertise-client-urls=http://0.0.0.0:2379" + ports: + - containerPort: 2379 + protocol: TCP + env: + - name: ETCDCTL_API + value: "3" + volumeMounts: + - mountPath: /data + name: etcd + volumes: + - name: etcd + persistentVolumeClaim: + claimName: etcd + +- name: create ansible-service-broker deployment + oc_obj: + name: asb + namespace: openshift-ansible-service-broker + state: present + kind: Deployment + content: + path: /tmp/dcout + data: + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: asb + namespace: openshift-ansible-service-broker + labels: + app: openshift-ansible-service-broker + service: asb + spec: + strategy: + type: Recreate + replicas: 1 + template: + metadata: + labels: + app: openshift-ansible-service-broker + service: asb + spec: + serviceAccount: asb + restartPolicy: Always + containers: + - image: "{{ ansible_service_broker_image }}" + name: asb + imagePullPolicy: IfNotPresent + volumeMounts: + - name: config-volume + mountPath: /etc/ansible-service-broker + ports: + - containerPort: 1338 + protocol: TCP + args: + - -c + - /etc/ansible-service-broker/config.yaml + terminationMessagePath: /tmp/termination-log + volumes: + - name: config-volume + configMap: + name: broker-config + items: + - key: broker-config + path: config.yaml + + +# TODO: saw a oc_configmap in the library, but didn't understand how to get it to do the following: +- name: Create config map for ansible-service-broker + oc_obj: + name: broker-config + namespace: openshift-ansible-service-broker + state: present + kind: ConfigMap + content: + path: /tmp/cmout + data: + apiVersion: v1 + kind: ConfigMap + metadata: + name: broker-config + namespace: openshift-ansible-service-broker + labels: + app: ansible-service-broker + data: + broker-config: | + registry: + name: "{{ ansible_service_broker_registry_type }}" + url: "{{ ansible_service_broker_registry_url }}" + user: "{{ ansible_service_broker_registry_user }}" + pass: "{{ ansible_service_broker_registry_password }}" + org: "{{ ansible_service_broker_registry_organization }}" + dao: + etcd_host: etcd + etcd_port: 2379 + log: + logfile: /var/log/ansible-service-broker/asb.log + stdout: true + level: "{{ ansible_service_broker_log_level }}" + color: true + openshift: {} + broker: + devbroker: false + launchapbonbind: "{{ ansible_service_broker_launch_apb_on_bind }}" + +- name: Create the Broker resource in the catalog + oc_obj: + name: ansible-service-broker + state: present + kind: Broker + content: + path: /tmp/brokerout + data: + apiVersion: servicecatalog.k8s.io/v1alpha1 + kind: Broker + metadata: + name: ansible-service-broker + spec: + url: http://{{ ansible_service_broker_route }} diff --git a/roles/ansible_service_broker/tasks/main.yml b/roles/ansible_service_broker/tasks/main.yml new file mode 100644 index 000000000..b46ce8233 --- /dev/null +++ b/roles/ansible_service_broker/tasks/main.yml @@ -0,0 +1,8 @@ +--- +# do any asserts here + +- include: install.yml + when: not ansible_service_broker_remove|default(false) | bool + +- include: remove.yml + when: ansible_service_broker_remove|default(false) | bool diff --git a/roles/ansible_service_broker/tasks/remove.yml b/roles/ansible_service_broker/tasks/remove.yml new file mode 100644 index 000000000..2519f9f4c --- /dev/null +++ b/roles/ansible_service_broker/tasks/remove.yml @@ -0,0 +1,65 @@ +--- + +- name: remove openshift-ansible-service-broker project + oc_project: + name: openshift-ansible-service-broker + state: absent + +- name: remove ansible-service-broker serviceaccount + oc_serviceaccount: + name: asb + namespace: openshift-ansible-service-broker + state: absent + +- name: remove ansible-service-broker service + oc_service: + name: asb + namespace: openshift-ansible-service-broker + state: absent + +- name: remove etcd service + oc_service: + name: etcd + namespace: openshift-ansible-service-broker + state: absent + +- name: remove route for ansible-service-broker service + oc_route: + name: asb-1338 + namespace: openshift-ansible-service-broker + state: absent + +- name: remove persistent volume claim for etcd + oc_pvc: + name: etcd + namespace: openshift-ansible-service-broker + state: absent + +- name: remove etcd deployment + oc_obj: + name: etcd + namespace: openshift-ansible-service-broker + state: absent + kind: Deployment + +- name: remove ansible-service-broker deployment + oc_obj: + name: asb + namespace: openshift-ansible-service-broker + state: absent + kind: Deployment + +# TODO: saw a oc_configmap in the library, but didn't understand how to get it to do the following: +- name: remove config map for ansible-service-broker + oc_obj: + name: broker-config + namespace: openshift-ansible-service-broker + state: absent + kind: ConfigMap + +# TODO: Is this going to work? +- name: remove broker object from the catalog + oc_obj: + name: ansible-service-broker + state: absent + kind: Broker diff --git a/roles/ansible_service_broker/tasks/validate_facts.yml b/roles/ansible_service_broker/tasks/validate_facts.yml new file mode 100644 index 000000000..053fdc09d --- /dev/null +++ b/roles/ansible_service_broker/tasks/validate_facts.yml @@ -0,0 +1,14 @@ +- name: validate Dockerhub registry settings + fail: msg="To use the dockerhub registry, you must provide the ansible_service_broker_registry_user. ansible_service_broker_registry_password, and ansible_service_broker_registry_organization parameters" + when: + - ansible_service_broker_registry_type == 'dockerhub' + - not (ansible_service_broker_registry_user and + ansible_service_broker_registry_password and + ansible_service_broker_registry_organization) + + +- name: validate RHCC registry settings + fail: msg="To use the Red Hat Container Catalog registry, you must provide the ansible_service_broker_registry_url" + when: + - ansible_service_broker_registry_type == 'rhcc' + - not ansible_service_broker_registry_url diff --git a/roles/ansible_service_broker/vars/default_images.yml b/roles/ansible_service_broker/vars/default_images.yml new file mode 100644 index 000000000..b0b3835e3 --- /dev/null +++ b/roles/ansible_service_broker/vars/default_images.yml @@ -0,0 +1,13 @@ +--- + +__ansible_service_broker_image_prefix: ansibleplaybookbundle/ +__ansible_service_broker_image_tag: latest + +__ansible_service_broker_etcd_image_prefix: quay.io/coreos/ +__ansible_service_broker_etcd_image_tag: latest + +__ansible_service_broker_registry_type: dockerhub +__ansible_service_broker_registry_url: null +__ansible_service_broker_registry_user: null +__ansible_service_broker_registry_password: null +__ansible_service_broker_registry_organization: null diff --git a/roles/ansible_service_broker/vars/openshift-enterprise.yml b/roles/ansible_service_broker/vars/openshift-enterprise.yml new file mode 100644 index 000000000..a6d999647 --- /dev/null +++ b/roles/ansible_service_broker/vars/openshift-enterprise.yml @@ -0,0 +1,13 @@ +--- + +__ansible_service_broker_image_prefix: openshift3/ +__ansible_service_broker_image_tag: latest + +__ansible_service_broker_etcd_image_prefix: rhel7/ +__ansible_service_broker_etcd_image_tag: latest + +__ansible_service_broker_registry_type: rhcc +__ansible_service_broker_registry_url: "https://registry.access.redhat.com" +__ansible_service_broker_registry_user: null +__ansible_service_broker_registry_password: null +__ansible_service_broker_registry_organization: null -- cgit v1.2.3