feat: migrate cert-mgr + rmq to operator
diff --git a/atmosphere/flows.py b/atmosphere/flows.py
index 0c8b2bd..d0bd92d 100644
--- a/atmosphere/flows.py
+++ b/atmosphere/flows.py
@@ -32,6 +32,14 @@
name=constants.HELM_REPOSITORY_JETSTACK,
url="https://charts.jetstack.io",
),
+ flux.ApplyHelmReleaseTask(
+ namespace=constants.NAMESPACE_CERT_MANAGER,
+ name=constants.HELM_RELEASE_CERT_MANAGER_NAME,
+ repository=constants.HELM_REPOSITORY_JETSTACK,
+ chart=constants.HELM_RELEASE_CERT_MANAGER_NAME,
+ version=constants.HELM_RELEASE_CERT_MANAGER_VERSION,
+ values=constants.HELM_RELEASE_CERT_MANAGER_VALUES,
+ ),
# monitoring
v1.ApplyNamespaceTask(name=constants.NAMESPACE_MONITORING),
flux.ApplyHelmRepositoryTask(
@@ -59,6 +67,15 @@
name=constants.HELM_REPOSITORY_BITNAMI,
url="https://charts.bitnami.com/bitnami",
),
+ flux.ApplyHelmReleaseTask(
+ namespace=constants.NAMESPACE_OPENSTACK,
+ name=constants.HELM_RELEASE_RABBITMQ_OPERATOR_NAME,
+ repository=constants.HELM_REPOSITORY_BITNAMI,
+ chart=constants.HELM_RELEASE_RABBITMQ_OPERATOR_NAME,
+ version=constants.HELM_RELEASE_RABBITMQ_OPERATOR_VERSION,
+ values=constants.HELM_RELEASE_RABBITMQ_OPERATOR_VALUES,
+ requires=constants.HELM_RELEASE_RABBITMQ_OPERATOR_REQUIRES,
+ ),
flux.ApplyHelmRepositoryTask(
namespace=constants.NAMESPACE_OPENSTACK,
name=constants.HELM_REPOSITORY_PERCONA,
diff --git a/atmosphere/tasks/constants.py b/atmosphere/tasks/constants.py
index 531a065..215d1e8 100644
--- a/atmosphere/tasks/constants.py
+++ b/atmosphere/tasks/constants.py
@@ -18,10 +18,73 @@
HELM_REPOSITORY_PERCONA = "percona"
HELM_REPOSITORY_PROMETHEUS_COMMUINTY = "prometheus-community"
+HELM_RELEASE_CERT_MANAGER_NAME = "cert-manager"
+HELM_RELEASE_CERT_MANAGER_VERSION = "v1.7.1"
+HELM_RELEASE_CERT_MANAGER_VALUES = {
+ "installCRDs": True,
+ "volumes": [
+ {
+ "name": "etc-ssl-certs",
+ "hostPath": {
+ "path": "/etc/ssl/certs",
+ },
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "etc-ssl-certs",
+ "mountPath": "/etc/ssl/certs",
+ "readOnly": True,
+ }
+ ],
+ "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+ "webhook": {
+ "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+ },
+ "cainjector": {
+ "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+ },
+ "startupapicheck": {
+ "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+ },
+}
+HELM_RELEASE_RABBITMQ_OPERATOR_REQUIRES = set(
+ [
+ f"helm-release-{NAMESPACE_CERT_MANAGER}-{HELM_RELEASE_CERT_MANAGER_NAME}",
+ ]
+)
+
HELM_RELEASE_NODE_FEATURE_DISCOVERY_VALUES = {
"master": {"nodeSelector": NODE_SELECTOR_CONTROL_PLANE}
}
+HELM_RELEASE_RABBITMQ_OPERATOR_NAME = "rabbitmq-cluster-operator"
+HELM_RELEASE_RABBITMQ_OPERATOR_VERSION = "2.5.2"
+HELM_RELEASE_RABBITMQ_OPERATOR_VALUES = {
+ "rabbitmqImage": {"repository": "library/rabbitmq", "tag": "3.10.2-management"},
+ "credentialUpdaterImage": {
+ "repository": "rabbitmqoperator/default-user-credential-updater",
+ "tag": "1.0.2",
+ },
+ "clusterOperator": {
+ "fullnameOverride": "rabbitmq-cluster-operator",
+ "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+ "image": {
+ "repository": "rabbitmqoperator/cluster-operator",
+ "tag": "1.13.1",
+ },
+ },
+ "msgTopologyOperator": {
+ "fullnameOverride": "rabbitmq-messaging-topology-operator",
+ "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+ "image": {
+ "repository": "rabbitmqoperator/messaging-topology-operator",
+ "tag": "1.6.0",
+ },
+ },
+ "useCertManager": True,
+}
+
HELM_RELEASE_PXC_OPERATOR_NAME = "pxc-operator"
HELM_RELEASE_PXC_OPERATOR_VERSION = "1.10.0"
HELM_RELEASE_PXC_OPERATOR_VALUES = {
diff --git a/playbooks/openstack.yml b/playbooks/openstack.yml
index c1da7f5..e16fdb7 100644
--- a/playbooks/openstack.yml
+++ b/playbooks/openstack.yml
@@ -64,10 +64,6 @@
tags:
- keepalived
- - role: rabbitmq_operator
- tags:
- - rabbitmq-operator
-
- role: openstack_helm_keystone
tags:
- openstack-helm-keystone
diff --git a/roles/cert_manager/tasks/main.yml b/roles/cert_manager/tasks/main.yml
index e6516ab..c9c0901 100644
--- a/roles/cert_manager/tasks/main.yml
+++ b/roles/cert_manager/tasks/main.yml
@@ -12,50 +12,6 @@
# License for the specific language governing permissions and limitations
# under the License.
-- name: Deploy Helm chart
- kubernetes.core.k8s:
- state: present
- definition:
- - apiVersion: helm.toolkit.fluxcd.io/v2beta1
- kind: HelmRelease
- metadata:
- name: cert-manager
- namespace: cert-manager
- spec:
- interval: 60s
- chart:
- spec:
- chart: cert-manager
- version: v1.7.1
- sourceRef:
- kind: HelmRepository
- name: jetstack
- install:
- crds: CreateReplace
- upgrade:
- crds: CreateReplace
- values:
- installCRDs: true
- volumes:
- - name: etc-ssl-certs
- hostPath:
- path: /etc/ssl/certs
- volumeMounts:
- - name: etc-ssl-certs
- mountPath: /etc/ssl/certs
- readOnly: true
- nodeSelector:
- openstack-control-plane: enabled
- webhook:
- nodeSelector:
- openstack-control-plane: enabled
- cainjector:
- nodeSelector:
- openstack-control-plane: enabled
- startupapicheck:
- nodeSelector:
- openstack-control-plane: enabled
-
- name: Create Issuer
kubernetes.core.k8s:
state: present
diff --git a/roles/rabbitmq/meta/main.yml b/roles/rabbitmq/meta/main.yml
index f3d8797..ac177b0 100644
--- a/roles/rabbitmq/meta/main.yml
+++ b/roles/rabbitmq/meta/main.yml
@@ -24,4 +24,4 @@
- focal
dependencies:
- - role: rabbitmq_operator
+ - role: atmosphere
diff --git a/roles/rabbitmq_operator/README.md b/roles/rabbitmq_operator/README.md
deleted file mode 100644
index 20ba0d8..0000000
--- a/roles/rabbitmq_operator/README.md
+++ /dev/null
@@ -1 +0,0 @@
-# `rabbitmq_operator`
diff --git a/roles/rabbitmq_operator/meta/main.yml b/roles/rabbitmq_operator/meta/main.yml
deleted file mode 100644
index e57b0da..0000000
--- a/roles/rabbitmq_operator/meta/main.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-# Copyright (c) 2022 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-galaxy_info:
- author: VEXXHOST, Inc.
- description: Ansible role for RabbitMQ operator
- license: Apache-2.0
- min_ansible_version: 5.5.0
- standalone: false
- platforms:
- - name: Ubuntu
- versions:
- - focal
-
-dependencies:
- - role: atmosphere
diff --git a/roles/rabbitmq_operator/tasks/main.yml b/roles/rabbitmq_operator/tasks/main.yml
deleted file mode 100644
index 2ba1c90..0000000
--- a/roles/rabbitmq_operator/tasks/main.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright (c) 2022 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-- name: Deploy Helm chart
- kubernetes.core.k8s:
- state: present
- definition:
- - apiVersion: helm.toolkit.fluxcd.io/v2beta1
- kind: HelmRelease
- metadata:
- name: rabbitmq-cluster-operator
- namespace: openstack
- spec:
- interval: 60s
- chart:
- spec:
- chart: rabbitmq-cluster-operator
- version: 2.5.2
- sourceRef:
- kind: HelmRepository
- name: bitnami
- install:
- crds: CreateReplace
- upgrade:
- crds: CreateReplace
- values:
- rabbitmqImage:
- repository: library/rabbitmq
- tag: 3.10.2-management
- credentialUpdaterImage:
- repository: rabbitmqoperator/default-user-credential-updater
- tag: 1.0.2
- clusterOperator:
- image:
- repository: rabbitmqoperator/cluster-operator
- tag: 1.13.1
- fullnameOverride: rabbitmq-cluster-operator
- nodeSelector:
- openstack-control-plane: enabled
- msgTopologyOperator:
- image:
- repository: rabbitmqoperator/messaging-topology-operator
- tag: 1.6.0
- fullnameOverride: rabbitmq-messaging-topology-operator
- nodeSelector:
- openstack-control-plane: enabled
- useCertManager: true