From 781d3e0ec7087066b169d167d5f20025476259b0 Mon Sep 17 00:00:00 2001 From: "cbillett83@outlook.com" Date: Wed, 17 Mar 2021 11:59:57 +0000 Subject: [PATCH 01/10] Provided service type LoadBalancer --- README.md | 22 ++++++++++++++++++- ansible/instantiate-awx-deployment.yml | 2 +- ansible/templates/crd.yml.j2 | 16 ++++++++++++++ deploy/awx-operator.yaml | 16 ++++++++++++++ deploy/crds/awx_v1beta1_crd.yaml | 16 ++++++++++++++ .../awx-operator.clusterserviceversion.yaml | 18 +++++++++++++++ .../manifests/awx.ansible.com_awxs_crd.yaml | 16 ++++++++++++++ roles/installer/defaults/main.yml | 3 +++ .../installer/templates/tower_service.yaml.j2 | 16 +++++++++++++- 9 files changed, 122 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index d4e88c9c..700559c5 100644 --- a/README.md +++ b/README.md @@ -108,7 +108,7 @@ stringData: By default, the AWX operator is not opinionated and won't force a specific ingress type on you. So, if `tower_ingress_type` is not specified as part of the Custom Resource specification, it will default to `none` and nothing ingress-wise will be created. -The AWX operator provides support for two kind of `Ingress` to access AWX: `Ingress` and `Route`, To toggle between these two options, you can add the following to your AWX CR: +The AWX operator provides support for three kinds of `Ingress` to access AWX: `Ingress`, `Route` and `LoadBalancer`, To toggle between these options, you can add the following to your AWX CR: * Route @@ -129,6 +129,16 @@ spec: tower_hostname: awx.mycompany.com ``` + * LoadBalancer + +```yaml +--- +spec: + ... + tower_ingress_type: Loadbalancer + tower_ingress_protocal: http +``` + #### TLS Termination * Route @@ -150,6 +160,16 @@ The following variables are customizable to specify the TLS termination procedur | tower_ingress_annotations | Ingress annotations | Empty string | | tower_ingress_tls_secret | Secret that contains the TLS information | Empty string | + * LoadBalancer + +The following variables are customizable to specify the TLS termination procedure when `LoadBalancer` is picked as an Ingress + +| Name | Description | Default | +| ------------------------------ | ---------------------------------------- | ------------- | +| tower_loadbalancer_annotations | LoadBalancer annotations | Empty string | +| tower_loadbalancer_protocol | Protocol to use for Loadbalancer ingress | http | +| tower_loadbalancer_port | Port used for Loadbalancer ingress | 80 | + ### Database Configuration diff --git a/ansible/instantiate-awx-deployment.yml b/ansible/instantiate-awx-deployment.yml index a94c9d0d..0b7f6b9d 100644 --- a/ansible/instantiate-awx-deployment.yml +++ b/ansible/instantiate-awx-deployment.yml @@ -20,7 +20,7 @@ spec: tower_admin_user: test tower_admin_email: test@example.com - tower_ingress_type: "{{ tower_ingress_type | default(omit) }}" # Either Route or Ingress + tower_ingress_type: "{{ tower_ingress_type | default(omit) }}" # Either Route, Ingress or Loadbalancer tower_image: "{{ tower_image | default(omit) }}" development_mode: "{{ development_mode | default(omit) }}" tower_image_pull_policy: "{{ tower_image_pull_policy | default(omit) }}" diff --git a/ansible/templates/crd.yml.j2 b/ansible/templates/crd.yml.j2 index 72cb649c..13770ac1 100644 --- a/ansible/templates/crd.yml.j2 +++ b/ansible/templates/crd.yml.j2 @@ -62,12 +62,28 @@ spec: - ingress - Route - route + - Loadbalancer + - loadbalancer tower_ingress_annotations: description: Annotations to add to the ingress type: string tower_ingress_tls_secret: description: Secret where the ingress TLS secret can be found type: string + tower_loadbalancer_annotations: + description: Annotations to add to the loadbalancer + type: string + tower_loadbalancer_protocol: + description: Protocol to use for the loadbalancer + type: string + default: http + enum: + - http + - https + tower_loadbalancer_port: + description: Port to use for the loadbalancer + type: int32 + default: 80 tower_route_host: description: The DNS to use to points to the instance type: string diff --git a/deploy/awx-operator.yaml b/deploy/awx-operator.yaml index e7c195ae..c2c825eb 100644 --- a/deploy/awx-operator.yaml +++ b/deploy/awx-operator.yaml @@ -207,12 +207,28 @@ spec: - ingress - Route - route + - Loadbalancer + - loadbalancer tower_ingress_annotations: description: Annotations to add to the ingress type: string tower_ingress_tls_secret: description: Secret where the ingress TLS secret can be found type: string + tower_loadbalancer_annotations: + description: Annotations to add to the loadbalancer + type: string + tower_loadbalancer_protocol: + description: Protocol to use for the loadbalancer + type: string + default: http + enum: + - http + - https + tower_loadbalancer_port: + description: Port to use for the loadbalancer + type: number + default: 80 tower_route_host: description: The DNS to use to points to the instance type: string diff --git a/deploy/crds/awx_v1beta1_crd.yaml b/deploy/crds/awx_v1beta1_crd.yaml index 72cb649c..9955e787 100644 --- a/deploy/crds/awx_v1beta1_crd.yaml +++ b/deploy/crds/awx_v1beta1_crd.yaml @@ -62,12 +62,28 @@ spec: - ingress - Route - route + - Loadbalancer + - loadbalancer tower_ingress_annotations: description: Annotations to add to the ingress type: string tower_ingress_tls_secret: description: Secret where the ingress TLS secret can be found type: string + tower_loadbalancer_annotations: + description: Annotations to add to the loadbalancer + type: string + tower_loadbalancer_protocol: + description: Protocol to use for the loadbalancer + type: string + default: http + enum: + - http + - https + tower_loadbalancer_port: + description: Port to use for the loadbalancer + type: number + default: 80 tower_route_host: description: The DNS to use to points to the instance type: string diff --git a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml index f4ff94d9..3b3c1967 100644 --- a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml +++ b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml @@ -115,6 +115,7 @@ spec: - urn:alm:descriptor:com.tectonic.ui:select:none - urn:alm:descriptor:com.tectonic.ui:select:Ingress - urn:alm:descriptor:com.tectonic.ui:select:Route + - urn:alm:descriptor:com.tectonic.ui:select:Loadbalancer - displayName: Tower Ingress Annotations path: tower_ingress_annotations x-descriptors: @@ -127,6 +128,23 @@ spec: - urn:alm:descriptor:com.tectonic.ui:advanced - urn:alm:descriptor:io.kubernetes:Secret - urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_ingress_type:Ingress + - displayName: Tower LoadBalancer Annotations + path: tower_loadbalancer_annotations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_ingress_type:Loadbalancer + - displayName: Tower LoadBalancer Protocol + path: tower_loadbalancer_protocol + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:select:http + - urn:alm:descriptor:com.tectonic.ui:select:https + - displayName: Tower LoadBalancer Port + path: tower_loadbalancer_port + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:number - displayName: Route DNS host path: tower_route_host x-descriptors: diff --git a/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml b/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml index 52ffaf57..b419fe00 100644 --- a/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml +++ b/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml @@ -82,7 +82,23 @@ spec: - ingress - Route - route + - Loadbalancer + - loadbalancer type: string + tower_loadbalancer_annotations: + description: Annotations to add to the loadbalancer + type: string + tower_loadbalancer_protocol: + description: Protocol to use for the loadbalancer + type: string + default: http + enum: + - http + - https + tower_loadbalancer_port: + description: Port to use for the loadbalancer + type: number + default: 80 tower_postgres_configuration_secret: description: Secret where the database configuration can be found type: string diff --git a/roles/installer/defaults/main.yml b/roles/installer/defaults/main.yml index f92a19e2..439d296c 100644 --- a/roles/installer/defaults/main.yml +++ b/roles/installer/defaults/main.yml @@ -15,6 +15,9 @@ tower_ingress_annotations: '' # certificate and key. tower_ingress_tls_secret: '' +tower_loadbalancer_protocol: 'http' +tower_loadbalancer_port: '80' + # The TLS termination mechanism to use to access # the services. Supported mechanism are: edge, passthrough # diff --git a/roles/installer/templates/tower_service.yaml.j2 b/roles/installer/templates/tower_service.yaml.j2 index 0b31f267..5c1d1e93 100644 --- a/roles/installer/templates/tower_service.yaml.j2 +++ b/roles/installer/templates/tower_service.yaml.j2 @@ -6,20 +6,34 @@ metadata: namespace: '{{ meta.namespace }}' labels: app: '{{ deployment_type }}' +{% if tower_ingress_type | lower == 'loadbalancer' %} + annotations: + {{ tower_loadbalancer_annotations | indent(width=4) }} +{% endif %} spec: ports: +{% if tower_ingress_type | lower != 'loadbalancer' and tower_loadbalancer_protocol | lower != 'https' %} - port: 80 protocol: TCP targetPort: 8052 name: http +{% endif %} {% if tower_ingress_type | lower == 'route' and tower_route_tls_termination_mechanism | lower == 'passthrough' %} - port: 443 protocol: TCP targetPort: 8053 name: https +{% endif %} +{% if tower_ingress_type | lower == 'loadbalancer' and tower_loadbalancer_protocol | lower == 'https' %} + - port: 443 + protocol: TCP + targetPort: 8052 + name: https {% endif %} selector: app: '{{ deployment_type }}' -{% if tower_ingress_type != "none" %} +{% if tower_ingress_type == "loadbalancer" %} + type: LoadBalancer +{% elif tower_ingress_type != "none" %} type: NodePort {% endif %} From c6c94ce48d92fcde6393e5ba1146a340e56ff1ca Mon Sep 17 00:00:00 2001 From: billett83 <50586795+billett83@users.noreply.github.com> Date: Wed, 17 Mar 2021 15:20:16 +0000 Subject: [PATCH 02/10] Update deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml Co-authored-by: Shane McDonald --- .../manifests/awx-operator.clusterserviceversion.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml index 3b3c1967..019245b5 100644 --- a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml +++ b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml @@ -133,7 +133,7 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:advanced - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_ingress_type:Loadbalancer + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_ingress_type:LoadBalancer - displayName: Tower LoadBalancer Protocol path: tower_loadbalancer_protocol x-descriptors: From 084e0b38a8526720c84d8831a766ac069e99c99a Mon Sep 17 00:00:00 2001 From: billett83 <50586795+billett83@users.noreply.github.com> Date: Wed, 17 Mar 2021 15:20:25 +0000 Subject: [PATCH 03/10] Update deploy/crds/awx_v1beta1_crd.yaml Co-authored-by: Shane McDonald --- deploy/crds/awx_v1beta1_crd.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/crds/awx_v1beta1_crd.yaml b/deploy/crds/awx_v1beta1_crd.yaml index 9955e787..8a25b814 100644 --- a/deploy/crds/awx_v1beta1_crd.yaml +++ b/deploy/crds/awx_v1beta1_crd.yaml @@ -62,7 +62,7 @@ spec: - ingress - Route - route - - Loadbalancer + - LoadBalancer - loadbalancer tower_ingress_annotations: description: Annotations to add to the ingress From add62c29739d4f896c044bc6de83f8efed37166f Mon Sep 17 00:00:00 2001 From: billett83 <50586795+billett83@users.noreply.github.com> Date: Wed, 17 Mar 2021 15:20:33 +0000 Subject: [PATCH 04/10] Update deploy/awx-operator.yaml Co-authored-by: Shane McDonald --- deploy/awx-operator.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/awx-operator.yaml b/deploy/awx-operator.yaml index c2c825eb..a1c6231a 100644 --- a/deploy/awx-operator.yaml +++ b/deploy/awx-operator.yaml @@ -207,7 +207,7 @@ spec: - ingress - Route - route - - Loadbalancer + - LoadBalancer - loadbalancer tower_ingress_annotations: description: Annotations to add to the ingress From f099b15ff85521990f33cba52f3d8fd63e0c1471 Mon Sep 17 00:00:00 2001 From: billett83 <50586795+billett83@users.noreply.github.com> Date: Wed, 17 Mar 2021 15:21:11 +0000 Subject: [PATCH 05/10] Update ansible/templates/crd.yml.j2 Co-authored-by: Shane McDonald --- ansible/templates/crd.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/templates/crd.yml.j2 b/ansible/templates/crd.yml.j2 index 13770ac1..402714bb 100644 --- a/ansible/templates/crd.yml.j2 +++ b/ansible/templates/crd.yml.j2 @@ -62,7 +62,7 @@ spec: - ingress - Route - route - - Loadbalancer + - LoadBalancer - loadbalancer tower_ingress_annotations: description: Annotations to add to the ingress From 4297b158dc1bddb943b84777c80f54a6a07583fa Mon Sep 17 00:00:00 2001 From: billett83 <50586795+billett83@users.noreply.github.com> Date: Wed, 17 Mar 2021 15:27:30 +0000 Subject: [PATCH 06/10] Update ansible/instantiate-awx-deployment.yml Co-authored-by: Shane McDonald --- ansible/instantiate-awx-deployment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/instantiate-awx-deployment.yml b/ansible/instantiate-awx-deployment.yml index 0b7f6b9d..56a03a83 100644 --- a/ansible/instantiate-awx-deployment.yml +++ b/ansible/instantiate-awx-deployment.yml @@ -20,7 +20,7 @@ spec: tower_admin_user: test tower_admin_email: test@example.com - tower_ingress_type: "{{ tower_ingress_type | default(omit) }}" # Either Route, Ingress or Loadbalancer + tower_ingress_type: "{{ tower_ingress_type | default(omit) }}" # Either Route, Ingress or LoadBalancer tower_image: "{{ tower_image | default(omit) }}" development_mode: "{{ development_mode | default(omit) }}" tower_image_pull_policy: "{{ tower_image_pull_policy | default(omit) }}" From e990c6bed2214b46ddf488017a9b9e72d9b5bb30 Mon Sep 17 00:00:00 2001 From: billett83 <50586795+billett83@users.noreply.github.com> Date: Wed, 17 Mar 2021 15:27:35 +0000 Subject: [PATCH 07/10] Update README.md Co-authored-by: Shane McDonald --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 700559c5..6bfed384 100644 --- a/README.md +++ b/README.md @@ -135,7 +135,7 @@ spec: --- spec: ... - tower_ingress_type: Loadbalancer + tower_ingress_type: LoadBalancer tower_ingress_protocal: http ``` From a65834dbf399f09cc294c84a0eca5009b824356a Mon Sep 17 00:00:00 2001 From: billett83 <50586795+billett83@users.noreply.github.com> Date: Wed, 17 Mar 2021 15:27:40 +0000 Subject: [PATCH 08/10] Update README.md Co-authored-by: Shane McDonald --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6bfed384..aaa5ba0b 100644 --- a/README.md +++ b/README.md @@ -136,7 +136,7 @@ spec: spec: ... tower_ingress_type: LoadBalancer - tower_ingress_protocal: http + tower_ingress_protocol: http ``` #### TLS Termination From 1570c0a883d57c7ca43210f61633f3c6f3d780c5 Mon Sep 17 00:00:00 2001 From: "cbillett83@outlook.com" Date: Thu, 18 Mar 2021 10:58:00 +0000 Subject: [PATCH 09/10] Minor Changes from Spredzy --- .../manifests/awx-operator.clusterserviceversion.yaml | 4 +++- .../awx-operator/manifests/awx.ansible.com_awxs_crd.yaml | 2 +- roles/installer/templates/tower_service.yaml.j2 | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml index 019245b5..3c121af1 100644 --- a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml +++ b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml @@ -115,7 +115,7 @@ spec: - urn:alm:descriptor:com.tectonic.ui:select:none - urn:alm:descriptor:com.tectonic.ui:select:Ingress - urn:alm:descriptor:com.tectonic.ui:select:Route - - urn:alm:descriptor:com.tectonic.ui:select:Loadbalancer + - urn:alm:descriptor:com.tectonic.ui:select:LoadB alancer - displayName: Tower Ingress Annotations path: tower_ingress_annotations x-descriptors: @@ -140,11 +140,13 @@ spec: - urn:alm:descriptor:com.tectonic.ui:advanced - urn:alm:descriptor:com.tectonic.ui:select:http - urn:alm:descriptor:com.tectonic.ui:select:https + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_ingress_type:LoadBalancer - displayName: Tower LoadBalancer Port path: tower_loadbalancer_port x-descriptors: - urn:alm:descriptor:com.tectonic.ui:advanced - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_ingress_type:LoadBalancer - displayName: Route DNS host path: tower_route_host x-descriptors: diff --git a/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml b/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml index b419fe00..d2f1b0f0 100644 --- a/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml +++ b/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml @@ -82,7 +82,7 @@ spec: - ingress - Route - route - - Loadbalancer + - LoadBalancer - loadbalancer type: string tower_loadbalancer_annotations: diff --git a/roles/installer/templates/tower_service.yaml.j2 b/roles/installer/templates/tower_service.yaml.j2 index 5c1d1e93..8d5d7cc0 100644 --- a/roles/installer/templates/tower_service.yaml.j2 +++ b/roles/installer/templates/tower_service.yaml.j2 @@ -32,7 +32,7 @@ spec: {% endif %} selector: app: '{{ deployment_type }}' -{% if tower_ingress_type == "loadbalancer" %} +{% if tower_ingress_type | lower == "loadbalancer" %} type: LoadBalancer {% elif tower_ingress_type != "none" %} type: NodePort From 76acd335b98551a5251b84fa1eb2e195314bec72 Mon Sep 17 00:00:00 2001 From: "cbillett83@outlook.com" Date: Thu, 18 Mar 2021 11:12:03 +0000 Subject: [PATCH 10/10] removed extra space --- .../manifests/awx-operator.clusterserviceversion.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml index 3c121af1..0e1ddef4 100644 --- a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml +++ b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml @@ -115,7 +115,7 @@ spec: - urn:alm:descriptor:com.tectonic.ui:select:none - urn:alm:descriptor:com.tectonic.ui:select:Ingress - urn:alm:descriptor:com.tectonic.ui:select:Route - - urn:alm:descriptor:com.tectonic.ui:select:LoadB alancer + - urn:alm:descriptor:com.tectonic.ui:select:LoadBalancer - displayName: Tower Ingress Annotations path: tower_ingress_annotations x-descriptors: