internet/awx-operator
3
0
Fork 0
mirror of https://github.com/ansible/awx-operator.git synced 2026-03-27 05:43:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #43 from geerlingguy/42-upgrade-redis

Browse Source 
Upgrade to latest versions of Tower and AWX, switch RabbitMQ to Redis
This commit is contained in:
Jeff Geerling
2020-05-26 17:12:12 -05:00
committed by GitHub
parent 152fe82954 df73fd664f
commit cb966eb66b
9 changed files with 77 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@@ -54,6 +54,12 @@ Then you can create instances of Tower, for example:
After a few minutes, your new Tower instance will be accessible at `http://tower.mycompany.com/` (assuming your cluster has an Ingress controller configured). Log in using the `tower_admin_` credentials configured in the `spec`, and supply a valid license to begin using Tower.
### Red Hat Registry Authentication
To deploy Ansible Tower, images are pulled from the Red Hat Registry. Your Kubernetes or OpenShift cluster will have to have [Authentication Enabled for the Red Hat Registry](https://access.redhat.com/documentation/en-us/openshift_container_platform/3.11/html/configuring_clusters/install-config-configuring-red-hat-registry) for this to work, otherwise the Tower image will not be pulled.
If you deploy Ansible AWX, images are available from public registries, so no authentication is required.
### Deploy AWX instead of Tower
If you would like to deploy AWX (the open source upstream of Tower) into your cluster instead of Tower, override the default variables in the Tower `spec` for the `tower_task_image` and `tower_web_image`, so the AWX container images are used instead:
@@ -61,8 +67,8 @@ If you would like to deploy AWX (the open source upstream of Tower) into your cl
---
spec:
...
tower_task_image: ansible/awx_task:9.2.0
tower_web_image: ansible/awx_web:9.2.0
tower_task_image: ansible/awx_task:11.2.0
tower_web_image: ansible/awx_web:11.2.0
### Ingress Types
@@ -124,7 +130,7 @@ This environment is meant for headless testing (e.g. in a CI environment, or whe
#### Testing in Minikube
minikube start --memory 6g --cpus 4
minikube start --memory 8g --cpus 4
minikube addons enable ingress
molecule test -s test-minikube

6
deploy/crds/tower_v1alpha1_tower_cr_awx.yaml
View File

@@ -15,8 +15,8 @@ spec:
tower_admin_email: test@example.com
tower_admin_password: changeme
tower_task_image: ansible/awx_task:9.2.0
tower_web_image: ansible/awx_web:9.2.0
tower_task_image: ansible/awx_task:11.2.0
tower_web_image: ansible/awx_web:11.2.0
tower_task_mem_request: 1Gi
tower_task_cpu_request: 500m
@@ -28,7 +28,7 @@ spec:
tower_memcached_image: memcached:alpine
tower_rabbitmq_image: rabbitmq:3
tower_redis_image: redis:latest
tower_postgres_pass: awxpass
tower_postgres_image: postgres:10

6
deploy/crds/tower_v1alpha1_tower_cr_tower.yaml
View File

@@ -15,8 +15,8 @@ spec:
tower_admin_email: test@example.com
tower_admin_password: changeme
tower_task_image: quay.io/ansible-tower/ansible-tower:3.6.4
tower_web_image: quay.io/ansible-tower/ansible-tower:3.6.4
tower_task_image: registry.redhat.io/ansible-tower-37/ansible-tower-rhel7:3.7.0
tower_web_image: registry.redhat.io/ansible-tower-37/ansible-tower-rhel7:3.7.0
tower_task_mem_request: 1Gi
tower_task_cpu_request: 500m
@@ -28,7 +28,7 @@ spec:
tower_memcached_image: memcached:alpine
tower_rabbitmq_image: rabbitmq:3
tower_redis_image: redis:latest
tower_postgres_pass: awxpass
tower_postgres_image: postgres:10

3
molecule/test-minikube/converge.yml
View File

@@ -34,7 +34,8 @@
deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy"
pull_policy: Never
operator_image: tower.ansible.com/tower-operator:testing
custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1alpha1_tower_cr_tower.yaml'])) | from_yaml }}"
# Change this to _awx to test AWX, _tower to test Tower.
custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1alpha1_tower_cr_awx.yaml'])) | from_yaml }}"
tasks:
- block:

10
roles/tower/defaults/main.yml
View File

@@ -10,12 +10,12 @@ tower_admin_email: test@example.com
tower_admin_password: changeme
# Use these image versions for Ansible Tower.
tower_task_image: quay.io/ansible-tower/ansible-tower:3.6.4
tower_web_image: quay.io/ansible-tower/ansible-tower:3.6.4
tower_task_image: registry.redhat.io/ansible-tower-37/ansible-tower-rhel7:3.7.0
tower_web_image: registry.redhat.io/ansible-tower-37/ansible-tower-rhel7:3.7.0
# Use these image versions for Ansible AWX.
# tower_task_image: ansible/awx_task:9.2.0
# tower_web_image: ansible/awx_web:9.2.0
# tower_task_image: ansible/awx_task:11.2.0
# tower_web_image: ansible/awx_web:11.2.0
tower_create_preload_data: true
@@ -29,7 +29,7 @@ tower_web_cpu_request: 1000m
tower_memcached_image: memcached:alpine
tower_rabbitmq_image: rabbitmq:3
tower_redis_image: redis:latest
tower_postgres_pass: awxpass
tower_postgres_image: postgres:10

2
roles/tower/tasks/main.yml
View File

@@ -6,8 +6,8 @@
with_items:
- tower_memcached.yaml.j2
- tower_postgres.yaml.j2
- tower_rabbitmq.yaml.j2
- tower_config.yaml.j2
- tower_redis.yaml.j2
- tower_web.yaml.j2
- tower_task.yaml.j2

24
roles/tower/templates/tower_config.yaml.j2
View File

@@ -16,8 +16,8 @@ data:
DATABASE_PASSWORD={{ tower_postgres_pass | quote }}
MEMCACHED_HOST='{{ meta.name }}-memcached.{{ meta.namespace }}.svc.cluster.local'
MEMCACHED_PORT='11211'
RABBITMQ_HOST='{{ meta.name }}-rabbitmq.{{ meta.namespace }}.svc.cluster.local'
RABBITMQ_PORT='5672'
REDIS_HOST='{{ meta.name }}-redis.{{ meta.namespace }}.svc.cluster.local'
REDIS_PORT='6379'
AWX_SKIP_MIGRATIONS=true
settings: |
@@ -110,17 +110,19 @@ data:
},
}
BROKER_URL = 'amqp://{}:{}@{}:{}/{}'.format(
'guest',
'guest',
'{{ meta.name }}-rabbitmq.{{ meta.namespace }}.svc.cluster.local',
'5672',
'awx')
BROKER_URL = 'redis://{}:{}/'.format(
'{{ meta.name }}-redis.{{ meta.namespace }}.svc.cluster.local',
'6379')
CHANNEL_LAYERS = {
'default': {'BACKEND': 'asgi_amqp.AMQPChannelLayer',
'ROUTING': 'awx.main.routing.channel_routing',
'CONFIG': {'url': BROKER_URL}}
"default": {
"BACKEND": "channels_redis.core.RedisChannelLayer",
"CONFIG": {
"hosts": [BROKER_URL],
"capacity": 10000,
"group_expiry": 157784760, # 5 years
}
}
}
USE_X_FORWARDED_PORT = True

48
roles/tower/templates/tower_rabbitmq.yaml.j2
View File

@@ -1,48 +0,0 @@
# RabbitMQ Deployment.
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: '{{ meta.name }}-rabbitmq'
namespace: '{{ meta.namespace }}'
labels:
app: tower-rabbitmq
spec:
replicas: 1
selector:
matchLabels:
app: tower-rabbitmq
template:
metadata:
labels:
app: tower-rabbitmq
spec:
containers:
- image: '{{ tower_rabbitmq_image }}'
name: rabbitmq
env:
- name: RABBITMQ_DEFAULT_VHOST
value: awx
- name: RABBITMQ_NODE_PORT
value: '5672'
ports:
- containerPort: 15672
- containerPort: 5672
# RabbitMQ Service.
---
apiVersion: v1
kind: Service
metadata:
name: '{{ meta.name }}-rabbitmq'
namespace: '{{ meta.namespace }}'
labels:
app: tower-rabbitmq
spec:
clusterIP: None
ports:
- port: 5672
protocol: TCP
targetPort: 5672
selector:
app: tower-rabbitmq

41
roles/tower/templates/tower_redis.yaml.j2 Normal file
View File

@@ -0,0 +1,41 @@
# Redis Deployment.
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: '{{ meta.name }}-redis'
namespace: '{{ meta.namespace }}'
labels:
app: tower-redis
spec:
replicas: 1
selector:
matchLabels:
app: tower-redis
template:
metadata:
labels:
app: tower-redis
spec:
containers:
- image: '{{ tower_redis_image }}'
name: redis
ports:
- containerPort: 6379
# Redis Service.
---
apiVersion: v1
kind: Service
metadata:
name: '{{ meta.name }}-redis'
namespace: '{{ meta.namespace }}'
labels:
app: tower-redis
spec:
ports:
- port: 6379
protocol: TCP
targetPort: 6379
selector:
app: tower-redis