Merge "Add ceph as an application on top of kubernetes"
diff --git a/scenarios/armada-nofeature-noha/kubespray/overrides b/scenarios/armada-nofeature-noha/kubespray/overrides
new file mode 100644
index 0000000..759a739
--- /dev/null
+++ b/scenarios/armada-nofeature-noha/kubespray/overrides
@@ -0,0 +1 @@
+export HELM_VERSION=v2.15.2
diff --git a/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/files/keystone-manifest.yaml b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/files/keystone-manifest.yaml
new file mode 100644
index 0000000..5fbc72f
--- /dev/null
+++ b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/files/keystone-manifest.yaml
@@ -0,0 +1,215 @@
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: helm-toolkit
+data:
+ chart_name: helm-toolkit
+ release: helm-toolkit
+ namespace: helm-tookit
+ install:
+ no_hooks: false
+ upgrade:
+ no_hooks: false
+ values: {}
+ source:
+ type: git
+ location: https://git.openstack.org/openstack/openstack-helm-infra
+ subpath: helm-toolkit
+ reference: master
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: nfs-provisioner
+data:
+ chart_name: nfs-provisioner
+ release: nfs-provisioner
+ namespace: openstack
+ wait:
+ timeout: 900
+ labels:
+ release_group: armada-nfs-provisioner
+ install:
+ no_hooks: false
+ upgrade:
+ no_hooks: false
+ values:
+ storage:
+ hostPath:
+ path: /var/lib/armada/nfs
+ persistentVolumeClaim:
+ class_name: nfs-storage
+ size: 5Gi
+ storageclass:
+ name: nfs-storage
+ source:
+ type: git
+ location: https://git.openstack.org/openstack/openstack-helm-infra
+ subpath: nfs-provisioner
+ reference: master
+ dependencies:
+ - helm-toolkit
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: mariadb
+data:
+ chart_name: mariadb
+ release: mariadb
+ namespace: openstack
+ wait:
+ timeout: 3600
+ labels:
+ release_group: armada-mariadb
+ install:
+ no_hooks: false
+ upgrade:
+ no_hooks: false
+ values:
+ pod:
+ replicas:
+ server: 1
+ volume:
+ class_name: nfs-storage
+ backup:
+ class_name: nfs-storage
+ source:
+ type: git
+ location: https://git.openstack.org/openstack/openstack-helm-infra
+ subpath: mariadb
+ reference: master
+ dependencies:
+ - helm-toolkit
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: memcached
+data:
+ chart_name: memcached
+ release: memcached
+ namespace: openstack
+ wait:
+ timeout: 300
+ labels:
+ release_group: armada-memcached
+ install:
+ no_hooks: false
+ upgrade:
+ no_hooks: false
+ values: {}
+ source:
+ type: git
+ location: https://git.openstack.org/openstack/openstack-helm-infra
+ subpath: memcached
+ reference: master
+ dependencies:
+ - helm-toolkit
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: rabbitmq
+data:
+ chart_name: rabbitmq
+ test:
+ enabled: true
+ release: rabbitmq
+ namespace: openstack
+ wait:
+ timeout: 300
+ labels:
+ release_group: armada-rabbitmq
+ install:
+ no_hooks: false
+ upgrade:
+ no_hooks: false
+ values:
+ volume:
+ class_name: nfs-storage
+ endpoints:
+ oslo_messaging:
+ hosts:
+ default: rabbitmq
+ public: rabbitmq-mgr
+ source:
+ type: git
+ location: https://git.openstack.org/openstack/openstack-helm-infra
+ subpath: rabbitmq
+ reference: master
+ dependencies:
+ - helm-toolkit
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: keystone
+data:
+ chart_name: keystone
+ test:
+ enabled: true
+ release: keystone
+ namespace: openstack
+ wait:
+ timeout: 300
+ labels:
+ release_group: armada-keystone
+ install:
+ no_hooks: false
+ upgrade:
+ no_hooks: false
+ pre:
+ delete:
+ - name: keystone-bootstrap
+ type: job
+ labels:
+ application: keystone
+ component: bootstrap
+ values:
+ replicas: 3
+ endpoints:
+ oslo_messaging:
+ statefulset:
+ name: armada-rabbitmq-rabbitmq
+ source:
+ type: git
+ location: https://git.openstack.org/openstack/openstack-helm
+ subpath: keystone
+ reference: master
+ dependencies:
+ - helm-toolkit
+---
+schema: armada/ChartGroup/v1
+metadata:
+ schema: metadata/Document/v1
+ name: keystone-infra-services
+data:
+ description: "Keystone Infra Services"
+ sequenced: True
+ chart_group:
+ - nfs-provisioner
+ - mariadb
+ - memcached
+ - rabbitmq
+---
+schema: armada/ChartGroup/v1
+metadata:
+ schema: metadata/Document/v1
+ name: openstack-keystone
+data:
+ description: "Deploying OpenStack Keystone"
+ sequenced: True
+ chart_group:
+ - keystone
+---
+schema: armada/Manifest/v1
+metadata:
+ schema: metadata/Document/v1
+ name: armada-manifest
+data:
+ release_prefix: armada
+ chart_groups:
+ - keystone-infra-services
+ - openstack-keystone
diff --git a/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment.yml b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment.yml
new file mode 100644
index 0000000..53d3236
--- /dev/null
+++ b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment.yml
@@ -0,0 +1,38 @@
+---
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+# NOTE: this playbook should only include tasks to be run after the actual deployment
+# is completed in order to install additional stuff or adjust the deployment.c
+# anything that needs to be done before the deployment then they should go
+# into pre-deployment.yml playbook by creating it if it doesn't already exist
+# and adding the required tasks.
+
+- include: post-deployment/configure-nodes.yml
+ when: "'baremetal' in group_names"
+
+- include: post-deployment/configure-jumphost.yml
+ when: "'localhost' in group_names"
+
+- include: post-deployment/install.yml
+ when: "'localhost' in group_names"
+
+- include: post-deployment/apply.yml
+ when: "'localhost' in group_names"
+
+# vim: set ts=2 sw=2 expandtab:
diff --git a/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/apply.yml b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/apply.yml
new file mode 100644
index 0000000..f17a951
--- /dev/null
+++ b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/apply.yml
@@ -0,0 +1,68 @@
+---
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+# vim: set ts=2 sw=2 expandtab:
+
+- name: Check host where tiller is running
+ shell: >-
+ kubectl get nodes -o wide | grep master | awk '{print $6}'
+ register: tiller_host
+ become: false
+
+- name: Check port where tiller is running
+ shell: >-
+ kubectl get svc -n kube-system -o json |
+ jq -r '.items[] | select(.metadata.name|test("tiller")).spec.ports[0].nodePort'
+ register: tiller_port
+ become: false
+
+- name: Delete armada lock
+ shell: >-
+ kubectl delete lock --all -n kube-system
+ become: false
+ ignore_errors: yes
+
+- name: Get existing armada processes
+ shell: >-
+ ps -ef | grep -v grep | grep -w 'armada apply' | awk '{print $2}'
+ register: armada_processes
+ become: false
+
+- name: Kill existing armada processes
+ shell: kill {{ item }}
+ with_items: "{{ armada_processes.stdout_lines }}"
+ become: false
+
+- name: Wait until existing armada processes are killed
+ wait_for:
+ path: "/proc/{{ item }}/status"
+ state: absent
+ with_items: "{{ armada_processes.stdout_lines }}"
+
+- name: Apply keystone manifest
+ shell: >-
+ LC_ALL="en_US.UTF-8"
+ {{ engine_venv }}/bin/armada apply
+ --tiller-host {{ tiller_host.stdout }}
+ --tiller-port {{ tiller_port.stdout }}
+ --timeout 9000
+ {{ armada_manifest }} >
+ {{ lookup('env','HOME') }}/armada.log
+ when: tiller_port.stdout != ""
+ become: false
diff --git a/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/configure-jumphost.yml b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/configure-jumphost.yml
new file mode 100644
index 0000000..c567895
--- /dev/null
+++ b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/configure-jumphost.yml
@@ -0,0 +1,75 @@
+---
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Install openshift
+ pip:
+ name: openshift
+ virtualenv: "{{ engine_venv }}"
+
+- name: Ensure /home/{{ ansible_env.SUDO_USER }}/.kube folder exists and empty
+ file:
+ path: "/home/{{ ansible_env.SUDO_USER }}/.kube"
+ state: "{{ item }}"
+ owner: "{{ ansible_env.SUDO_USER }}"
+ mode: 0755
+ with_items:
+ - absent
+ - directory
+
+- name: Copy kubernetes admin.conf to /home/{{ ansible_env.SUDO_USER }}/.kube
+ copy:
+ src: "{{ engine_cache }}/repos/kubespray/inventory/engine/artifacts/admin.conf"
+ dest: "/home/{{ ansible_env.SUDO_USER }}/.kube/config"
+ owner: "{{ ansible_env.SUDO_USER }}"
+ mode: 0644
+
+- name: Download kubectl and place it to /usr/local/bin
+ get_url:
+ url: "{{ kubectl_download_url }}"
+ dest: /usr/local/bin/kubectl
+ owner: root
+ group: root
+ mode: 0755
+
+- name: Download helm client
+ unarchive:
+ src: "{{ helm_client_download_url }}"
+ remote_src: yes
+ dest: /tmp
+
+- name: Place helm and tiller binaries to /usr/local/bin
+ copy:
+ src: "/tmp/linux-amd64/{{ item }}"
+ dest: "/usr/local/bin/{{ item }}"
+ owner: root
+ group: root
+ mode: 0755
+ with_items:
+ - helm
+ - tiller
+
+- name: Delete temporary files and folders
+ file:
+ path: "{{ item }}"
+ state: absent
+ with_items:
+ - "/tmp/helm-{{ helm_version }}-linux-amd64.tar.gz"
+ - "/tmp/linux-amd64"
+
+# vim: set ts=2 sw=2 expandtab:
diff --git a/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/configure-nodes.yml b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/configure-nodes.yml
new file mode 100644
index 0000000..a6769d3
--- /dev/null
+++ b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/configure-nodes.yml
@@ -0,0 +1,26 @@
+---
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Install packages
+ action: >
+ {{ ansible_pkg_mgr }} name={{ item }} state=present update_cache=yes
+ with_items:
+ - "nfs-kernel-server"
+
+# vim: set ts=2 sw=2 expandtab:
diff --git a/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/install.yml b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/install.yml
new file mode 100644
index 0000000..d867c06
--- /dev/null
+++ b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/post-deployment/install.yml
@@ -0,0 +1,54 @@
+---
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+- name: Clone the armada repo
+ git:
+ repo: "https://opendev.org/airship/armada.git"
+ dest: "{{ armada_work_dir }}"
+
+- name: Install armada requirements
+ pip:
+ requirements: "{{ armada_work_dir }}/requirements.txt"
+ virtualenv: "{{ engine_venv }}"
+
+- name: Install armada
+ args:
+ chdir: "{{ armada_work_dir }}"
+ command: >-
+ "{{ engine_venv }}/bin/python"
+ setup.py install
+ become: true
+
+- name: Assign node label
+ command: >-
+ kubectl label node node0 --overwrite openstack-control-plane=enabled
+ become: false
+
+- name: Replace tiller service from ClusterIP to LoadBalancer
+ command: >-
+ kubectl -n kube-system patch svc tiller-deploy -p '{"spec": {"type": "LoadBalancer"}}'
+ become: false
+
+- name: Render armada manifest
+ copy:
+ src: "{{ role_path }}/files/keystone-manifest.yaml"
+ remote_src: true
+ dest: "{{ armada_manifest }}"
+
+# vim: set ts=2 sw=2 expandtab:
diff --git a/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/pre-deployment.yml b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/pre-deployment.yml
new file mode 100644
index 0000000..eaa74d9
--- /dev/null
+++ b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/pre-deployment.yml
@@ -0,0 +1,32 @@
+---
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+# NOTE: this playbook should only include tasks to be run before the actual deployment
+# is initiated in order to configure or fine tune the final deployment.
+# anything that needs to be done after the completion of the deployment should go
+# into post-deployment.yml playbook by creating it if it doesn't already exist
+# and adding the required tasks.
+
+# NOTE: configure k8s deployment
+# this task should only be run on localhost as the kubespray repository is cloned on it
+# and the deployment is driven from it
+- include: pre-deployment/configure-k8s-deployment.yml
+ when: "'localhost' in group_names"
+
+# vim: set ts=2 sw=2 expandtab:
diff --git a/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/pre-deployment/configure-k8s-deployment.yml b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/pre-deployment/configure-k8s-deployment.yml
new file mode 100644
index 0000000..bea0a60
--- /dev/null
+++ b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/tasks/pre-deployment/configure-k8s-deployment.yml
@@ -0,0 +1,40 @@
+---
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+# set k8s version to install
+- name: Set k8s version to '{{ kubernetes_version }}'
+ lineinfile:
+ path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/k8s-cluster.yml"
+ regexp: "^kube_version:.*"
+ line: "kube_version: {{ kubernetes_version }}"
+
+# set helm version to install
+- name: Set helm version to '{{ helm_version }}'
+ lineinfile:
+ path: "{{ engine_cache }}/repos/kubespray/roles/download/defaults/main.yml"
+ regexp: "^helm_version:.*"
+ line: "helm_version: {{ helm_version }}"
+
+- name: Enable ingress nginx
+ lineinfile:
+ path: "{{ engine_cache }}/repos/kubespray/inventory/engine/group_vars/k8s-cluster/addons.yml"
+ regexp: "^ingress_nginx_enabled:.*"
+ line: "ingress_nginx_enabled: true"
+
+# set k8s version to install
diff --git a/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/vars/main.yml b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/vars/main.yml
new file mode 100644
index 0000000..9279ddf
--- /dev/null
+++ b/scenarios/armada-nofeature-noha/kubespray/role/armada-nofeature-noha/vars/main.yml
@@ -0,0 +1,24 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+kubectl_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kubectl_version }}/bin/linux/amd64/kubectl"
+helm_client_download_url: "https://get.helm.sh/helm-{{ helm_version }}-linux-amd64.tar.gz"
+
+armada_work_dir: "/tmp/armada"
+armada_manifest: "{{ config_path }}/keystone-manifest.yaml"
+
+# vim: set ts=2 sw=2 expandtab: