Blame - roles/magnum/tasks/main.yml - atmosphere

blob: 201aca580640ccad77588cb39fbb9d64ca416f3a [file] [log] [blame]

Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	1	# Copyright (c) 2022 VEXXHOST, Inc.
				2	#
				3	# Licensed under the Apache License, Version 2.0 (the "License"); you may
				4	# not use this file except in compliance with the License. You may obtain
				5	# a copy of the License at
				6	#
				7	# http://www.apache.org/licenses/LICENSE-2.0
				8	#
				9	# Unless required by applicable law or agreed to in writing, software
				10	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				11	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
				12	# License for the specific language governing permissions and limitations
				13	# under the License.
				14
Mohammed Naser	fef6942	2023-01-18 02:38:06 +0000	[diff] [blame]	15	# NOTE(mnaser): We should get rid of this task eventually as it is suspending
				16	# the old HelmRelease and removing it to avoid uninstalling the
				17	# Helm chart.
				18	- name: Uninstall the legacy HelmRelease
				19	run_once: true
				20	block:
				21	- name: Suspend the existing HelmRelease
				22	kubernetes.core.k8s:
				23	state: patched
				24	api_version: helm.toolkit.fluxcd.io/v2beta1
				25	kind: HelmRelease
Mohammed Naser	2145fc3	2023-01-29 23:23:03 +0000	[diff] [blame]	26	name: "{{ magnum_helm_release_name }}"
				27	namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser	fef6942	2023-01-18 02:38:06 +0000	[diff] [blame]	28	definition:
				29	spec:
				30	suspend: true
				31
				32	- name: Remove the existing HelmRelease
				33	kubernetes.core.k8s:
				34	state: absent
				35	api_version: helm.toolkit.fluxcd.io/v2beta1
				36	kind: HelmRelease
Mohammed Naser	2145fc3	2023-01-29 23:23:03 +0000	[diff] [blame]	37	name: "{{ magnum_helm_release_name }}"
				38	namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser	fef6942	2023-01-18 02:38:06 +0000	[diff] [blame]	39
okozachenko1203	19b530e	2023-01-27 23:52:04 +1100	[diff] [blame]	40	- name: Deploy cluster api
				41	kubernetes.core.k8s:
				42	kubeconfig: /etc/kubernetes/admin.conf
				43	state: present
				44	template:
				45	- path: 'templates/capi-bootstrap.yml.j2'
				46	- path: 'templates/capi-control-plane.yml.j2'
				47	- path: 'templates/capi-core.yml.j2'
				48	- path: 'templates/capi-provider.yml.j2'
				49	- path: 'templates/capi-rbac.yml.j2'
				50	run_once: true
okozachenko1203	5b9d0f1	2023-01-28 01:24:40 +1100	[diff] [blame]	51	changed_when: false
okozachenko1203	19b530e	2023-01-27 23:52:04 +1100	[diff] [blame]	52
Mohammed Naser	fef6942	2023-01-18 02:38:06 +0000	[diff] [blame]	53	- name: Deploy Helm chart
				54	run_once: true
				55	kubernetes.core.helm:
Mohammed Naser	2145fc3	2023-01-29 23:23:03 +0000	[diff] [blame]	56	name: "{{ magnum_helm_release_name }}"
				57	chart_ref: "{{ magnum_helm_chart_ref }}"
				58	release_namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser	fef6942	2023-01-18 02:38:06 +0000	[diff] [blame]	59	create_namespace: true
				60	kubeconfig: /etc/kubernetes/admin.conf
Mohammed Naser	2145fc3	2023-01-29 23:23:03 +0000	[diff] [blame]	61	values: "{{ _magnum_helm_values \| combine(magnum_helm_values, recursive=True) }}"
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	62
Mohammed Naser	4c33bb5	2023-01-18 03:23:18 +0000	[diff] [blame]	63	- name: Create Ingress
				64	ansible.builtin.include_role:
				65	name: openstack_helm_ingress
				66	vars:
				67	openstack_helm_ingress_endpoint: container_infra
				68	openstack_helm_ingress_service_name: magnum-api
				69	openstack_helm_ingress_service_port: 9511
Mohammed Naser	2145fc3	2023-01-29 23:23:03 +0000	[diff] [blame]	70	openstack_helm_ingress_annotations: "{{ magnum_ingress_annotations }}"
Mohammed Naser	4c33bb5	2023-01-18 03:23:18 +0000	[diff] [blame]	71
okozachenko1203	19b530e	2023-01-27 23:52:04 +1100	[diff] [blame]	72	- name: Deploy magnum registry
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	73	kubernetes.core.k8s:
				74	state: present
				75	definition:
				76	- apiVersion: v1
				77	kind: PersistentVolumeClaim
				78	metadata:
				79	labels:
				80	application: magnum
				81	component: registry
				82	name: magnum-registry
Mohammed Naser	756b717	2023-02-03 04:01:53 +0000	[diff] [blame]	83	namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	84	spec:
				85	accessModes:
				86	- ReadWriteOnce
				87	resources:
				88	requests:
				89	storage: 50Gi
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	90
				91	- apiVersion: apps/v1
				92	kind: Deployment
				93	metadata:
				94	labels:
				95	application: magnum
				96	component: registry
				97	name: magnum-registry
Mohammed Naser	756b717	2023-02-03 04:01:53 +0000	[diff] [blame]	98	namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	99	spec:
				100	replicas: 1
				101	selector:
				102	matchLabels:
				103	application: magnum
				104	component: registry
				105	strategy:
				106	type: Recreate
				107	template:
				108	metadata:
				109	labels:
				110	application: magnum
				111	component: registry
				112	spec:
				113	containers:
				114	- name: registry
				115	env:
				116	- name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
				117	value: /var/lib/registry
				118	- name: REGISTRY_COMPATIBILITY_SCHEMA1_ENABLED
				119	value: "true"
Michiel Piscaer	60d09f9	2023-01-20 18:58:55 +0100	[diff] [blame]	120	image: "{{ atmosphere_images['magnum_registry'] \| vexxhost.atmosphere.docker_image('ref') }}"
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	121	ports:
				122	- containerPort: 5000
				123	name: registry
				124	protocol: TCP
				125	livenessProbe:
				126	httpGet:
				127	path: /
				128	port: 5000
				129	scheme: HTTP
				130	readinessProbe:
				131	httpGet:
				132	path: /
				133	port: 5000
				134	scheme: HTTP
				135	volumeMounts:
				136	- mountPath: /var/lib/registry
				137	name: magnum-registry
				138	nodeSelector:
				139	openstack-control-plane: enabled
				140	volumes:
				141	- name: magnum-registry
				142	persistentVolumeClaim:
				143	claimName: magnum-registry
				144
				145	- apiVersion: v1
				146	kind: Service
				147	metadata:
				148	labels:
				149	application: magnum
				150	component: registry
				151	name: magnum-registry
Mohammed Naser	756b717	2023-02-03 04:01:53 +0000	[diff] [blame]	152	namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	153	spec:
				154	ports:
				155	- name: magnum
				156	port: 5000
				157	protocol: TCP
				158	targetPort: 5000
				159	selector:
				160	application: magnum
				161	component: registry
				162	type: ClusterIP
				163
				164	- apiVersion: batch/v1
				165	kind: Job
				166	metadata:
Mohammed Naser	756b717	2023-02-03 04:01:53 +0000	[diff] [blame]	167	name: magnum-registry-init
				168	namespace: "{{ magnum_helm_release_namespace }}"
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	169	labels:
				170	application: magnum
				171	component: registry
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	172	spec:
				173	backoffLimit: 5
				174	template:
				175	metadata:
				176	labels:
				177	application: magnum
				178	spec:
				179	restartPolicy: OnFailure
				180	containers:
Mohammed Naser	756b717	2023-02-03 04:01:53 +0000	[diff] [blame]	181	- name: loader
				182	image: "{{ atmosphere_images['magnum_api'] \| vexxhost.atmosphere.docker_image('ref') }}"
				183	command:
				184	- magnum-cluster-api-image-loader
				185	- --insecure
				186	- --repository
				187	- magnum-registry.openstack.svc.cluster.local:5000
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	188	nodeSelector:
				189	openstack-control-plane: enabled
				190
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	191	- name: Create magnum registry Ingress
				192	ansible.builtin.include_role:
				193	name: openstack_helm_ingress
				194	vars:
				195	openstack_helm_ingress_endpoint: container_infra_registry
				196	openstack_helm_ingress_service_name: magnum-registry
				197	openstack_helm_ingress_service_port: 5000
Mohammed Naser	756b717	2023-02-03 04:01:53 +0000	[diff] [blame]	198	openstack_helm_ingress_annotations: "{{ _magnum_registry_ingress_annotations \| combine(magnum_registry_ingress_annotations) }}"
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	199
				200	- name: Create k8s images
Mohammed Naser	2145fc3	2023-01-29 23:23:03 +0000	[diff] [blame]	201	when: magnum_images \| length > 0
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	202	block:
				203	- name: Wait until image service ready
				204	kubernetes.core.k8s_info:
				205	api_version: apps/v1
				206	kind: Deployment
				207	name: glance-api
				208	namespace: openstack
				209	wait_sleep: 10
				210	wait_timeout: 600
				211	wait: true
				212	wait_condition:
				213	type: Available
				214	status: true
				215
				216	- name: Download images
				217	ansible.builtin.get_url:
				218	url: "{{ item.source_url \| regex_replace('\\/$', '') }}/{{ item.image_file }}"
				219	dest: "/tmp/{{ item.image_file }}"
				220	mode: "0600"
Mohammed Naser	2145fc3	2023-01-29 23:23:03 +0000	[diff] [blame]	221	loop: "{{ magnum_images }}"
Mohammed Naser	096ade0	2022-12-15 09:53:33 -0500	[diff] [blame]	222
				223	- name: Upload images
				224	openstack.cloud.image:
				225	cloud: atmosphere
				226	name: "{{ item.name }}"
				227	state: present
				228	filename: "/tmp/{{ item.image_file }}"
				229	container_format: "{{ item.container_format \| default(omit) }}"
				230	disk_format: "{{ item.disk_format \| default(omit) }}"
				231	properties:
				232	os_distro: ubuntu-focal
Mohammed Naser	2145fc3	2023-01-29 23:23:03 +0000	[diff] [blame]	233	loop: "{{ magnum_images }}"
Mohammed Naser	52c3a70	2023-02-02 02:03:34 +0000	[diff] [blame]	234	# NOTE(mnaser): This often fails since the SSL certificates are not
				235	# ready yet. We need to wait for them to be ready.
				236	retries: 60
				237	delay: 5
				238	register: _result
				239	until: _result is not failed