Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / affae522aba2c84f4837b5ed00113a5073f8f2b2 / . / roles / magnum / tasks / main.yml
blob: 4f23a50311ac3f92c118b0d818b1cf6623e9c57a [file] [log] [blame]
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]1# Copyright (c) 2022 VEXXHOST, Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
Mohammed Naserfef69422023-01-18 02:38:06 +0000[diff] [blame]15# NOTE(mnaser): We should get rid of this task eventually as it is suspending
16# the old HelmRelease and removing it to avoid uninstalling the
17# Helm chart.
18- name: Uninstall the legacy HelmRelease
19 run_once: true
20 block:
21 - name: Suspend the existing HelmRelease
22 kubernetes.core.k8s:
23 state: patched
24 api_version: helm.toolkit.fluxcd.io/v2beta1
25 kind: HelmRelease
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]26 name: "{{ magnum_helm_release_name }}"
27 namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naserfef69422023-01-18 02:38:06 +0000[diff] [blame]28 definition:
29 spec:
30 suspend: true
31
32 - name: Remove the existing HelmRelease
33 kubernetes.core.k8s:
34 state: absent
35 api_version: helm.toolkit.fluxcd.io/v2beta1
36 kind: HelmRelease
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]37 name: "{{ magnum_helm_release_name }}"
38 namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naserfef69422023-01-18 02:38:06 +0000[diff] [blame]39
Mohammed Naser65850fd2023-02-22 21:36:27 -0500[diff] [blame]40- name: Install "clusterctl"
41 ansible.builtin.get_url:
42 url: "{{ magnum_clusterctl_url }}"
43 dest: /usr/local/bin/clusterctl
44 mode: 0755
45 owner: root
46 group: root
47
48- name: Create a configuration file
49 ansible.builtin.copy:
50 content: "{{ magnum_clusterctl_config | to_nice_yaml }}"
51 dest: "{{ magnum_clusterctl_config_file }}"
52 mode: 0644
53 owner: root
54 group: root
55
56- name: Initialize the management cluster
okozachenko120319b530e2023-01-27 23:52:04 +1100[diff] [blame]57 run_once: true
okozachenko12035b9d0f12023-01-28 01:24:40 +1100[diff] [blame]58 changed_when: false
Mohammed Naser65850fd2023-02-22 21:36:27 -0500[diff] [blame]59 ansible.builtin.command: |
60 clusterctl init \
61 --config {{ magnum_clusterctl_config_file }} \
62 --core cluster-api:v1.3.3 \
63 --bootstrap kubeadm:v1.3.3 \
64 --control-plane kubeadm:v1.3.3 \
65 --infrastructure openstack:v0.7.0
66 environment:
67 CLUSTER_TOPOLOGY: "true"
68 EXP_CLUSTER_RESOURCE_SET: "true"
okozachenko120319b530e2023-01-27 23:52:04 +1100[diff] [blame]69
Mohammed Naserfef69422023-01-18 02:38:06 +0000[diff] [blame]70- name: Deploy Helm chart
71 run_once: true
72 kubernetes.core.helm:
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]73 name: "{{ magnum_helm_release_name }}"
74 chart_ref: "{{ magnum_helm_chart_ref }}"
75 release_namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naserfef69422023-01-18 02:38:06 +0000[diff] [blame]76 create_namespace: true
77 kubeconfig: /etc/kubernetes/admin.conf
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]78 values: "{{ _magnum_helm_values | combine(magnum_helm_values, recursive=True) }}"
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]79
Mohammed Naser4c33bb52023-01-18 03:23:18 +0000[diff] [blame]80- name: Create Ingress
81 ansible.builtin.include_role:
82 name: openstack_helm_ingress
83 vars:
84 openstack_helm_ingress_endpoint: container_infra
85 openstack_helm_ingress_service_name: magnum-api
86 openstack_helm_ingress_service_port: 9511
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]87 openstack_helm_ingress_annotations: "{{ magnum_ingress_annotations }}"
Mohammed Naser4c33bb52023-01-18 03:23:18 +0000[diff] [blame]88
okozachenko120319b530e2023-01-27 23:52:04 +1100[diff] [blame]89- name: Deploy magnum registry
Mohammed Naser65850fd2023-02-22 21:36:27 -0500[diff] [blame]90 run_once: true
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]91 kubernetes.core.k8s:
92 state: present
93 definition:
94 - apiVersion: v1
95 kind: PersistentVolumeClaim
96 metadata:
97 labels:
98 application: magnum
99 component: registry
100 name: magnum-registry
Mohammed Naser756b7172023-02-03 04:01:53 +0000[diff] [blame]101 namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]102 spec:
103 accessModes:
104 - ReadWriteOnce
105 resources:
106 requests:
107 storage: 50Gi
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]108
109 - apiVersion: apps/v1
110 kind: Deployment
111 metadata:
112 labels:
113 application: magnum
114 component: registry
115 name: magnum-registry
Mohammed Naser756b7172023-02-03 04:01:53 +0000[diff] [blame]116 namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]117 spec:
118 replicas: 1
119 selector:
120 matchLabels:
121 application: magnum
122 component: registry
123 strategy:
124 type: Recreate
125 template:
126 metadata:
127 labels:
128 application: magnum
129 component: registry
130 spec:
131 containers:
132 - name: registry
133 env:
134 - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
135 value: /var/lib/registry
136 - name: REGISTRY_COMPATIBILITY_SCHEMA1_ENABLED
137 value: "true"
Michiel Piscaer60d09f92023-01-20 18:58:55 +0100[diff] [blame]138 image: "{{ atmosphere_images['magnum_registry'] | vexxhost.atmosphere.docker_image('ref') }}"
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]139 ports:
140 - containerPort: 5000
141 name: registry
142 protocol: TCP
143 livenessProbe:
144 httpGet:
145 path: /
146 port: 5000
147 scheme: HTTP
148 readinessProbe:
149 httpGet:
150 path: /
151 port: 5000
152 scheme: HTTP
153 volumeMounts:
154 - mountPath: /var/lib/registry
155 name: magnum-registry
156 nodeSelector:
157 openstack-control-plane: enabled
158 volumes:
159 - name: magnum-registry
160 persistentVolumeClaim:
161 claimName: magnum-registry
162
163 - apiVersion: v1
164 kind: Service
165 metadata:
166 labels:
167 application: magnum
168 component: registry
169 name: magnum-registry
Mohammed Naser756b7172023-02-03 04:01:53 +0000[diff] [blame]170 namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]171 spec:
172 ports:
173 - name: magnum
174 port: 5000
175 protocol: TCP
176 targetPort: 5000
177 selector:
178 application: magnum
179 component: registry
180 type: ClusterIP
181
182 - apiVersion: batch/v1
183 kind: Job
184 metadata:
Mohammed Naser756b7172023-02-03 04:01:53 +0000[diff] [blame]185 name: magnum-registry-init
186 namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]187 labels:
188 application: magnum
189 component: registry
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]190 spec:
191 backoffLimit: 5
192 template:
193 metadata:
194 labels:
195 application: magnum
196 spec:
197 restartPolicy: OnFailure
198 containers:
Mohammed Naser756b7172023-02-03 04:01:53 +0000[diff] [blame]199 - name: loader
200 image: "{{ atmosphere_images['magnum_api'] | vexxhost.atmosphere.docker_image('ref') }}"
201 command:
202 - magnum-cluster-api-image-loader
203 - --insecure
204 - --repository
205 - magnum-registry.openstack.svc.cluster.local:5000
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]206 nodeSelector:
207 openstack-control-plane: enabled
208
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]209- name: Create magnum registry Ingress
210 ansible.builtin.include_role:
211 name: openstack_helm_ingress
212 vars:
213 openstack_helm_ingress_endpoint: container_infra_registry
214 openstack_helm_ingress_service_name: magnum-registry
215 openstack_helm_ingress_service_port: 5000
Mohammed Naser756b7172023-02-03 04:01:53 +0000[diff] [blame]216 openstack_helm_ingress_annotations: "{{ _magnum_registry_ingress_annotations | combine(magnum_registry_ingress_annotations) }}"
Mohammed Naser096ade02022-12-15 09:53:33 -0500[diff] [blame]217
Mohammed Naser4b630042023-02-07 20:47:45 +0000[diff] [blame]218- name: Upload images
219 ansible.builtin.include_role:
220 name: glance_image
221 loop: "{{ magnum_images }}"
222 vars:
223 glance_image_name: "{{ item.name }}"
224 glance_image_url: "{{ item.url }}"
225 glance_image_container_format: "{{ magnum_image_container_format }}"
226 glance_image_disk_format: "{{ magnum_image_disk_format }}"
Mohammed Naser38a74382023-02-07 22:48:11 +0000[diff] [blame]227 glance_image_properties:
228 os_distro: "{{ item.distro }}"