diff --git a/README.md b/README.md index 5f2d675f..8d0140a7 100644 --- a/README.md +++ b/README.md @@ -255,12 +255,15 @@ spec: There are a few variables that are customizable for awx the image management. -| Name | Description | -| ----------------------- | -------------------------- | -| tower_image | Path of the image to pull | -| tower_image_pull_policy | The pull policy to adopt | -| tower_image_pull_secret | The pull secret to use | -| tower_ee_images | A list of EEs to register | +| Name | Description | +| --------------------------| -------------------------- | +| tower_image | Path of the image to pull | +| tower_image_version | Image version to pull | +| tower_image_pull_policy | The pull policy to adopt | +| tower_image_pull_secret | The pull secret to use | +| tower_ee_images | A list of EEs to register | +| tower_redis_image | Path of the image to pull | +| tower_redis_image_version | Image version to pull | Example of customization could be: @@ -269,6 +272,7 @@ Example of customization could be: spec: ... tower_image: myorg/my-custom-awx + tower_image_version: latest tower_image_pull_policy: Always tower_image_pull_secret: pull_secret_name tower_ee_images: @@ -276,6 +280,8 @@ spec: image: myorg/my-custom-awx-ee ``` +**Note**: The `tower_image` and `tower_image_version` are intended for local mirroring scenarios. Please note that using a version of AWX other than the one bundled with the `awx-operator` is **not** supported. For the default values, check the [main.yml](https://github.com/ansible/awx-operator/blob/devel/roles/installer/defaults/main.yml) file. + #### Privileged Tasks Depending on the type of tasks that you'll be running, you may find that you need the task pod to run as `privileged`. This can open yourself up to a variety of security concerns, so you should be aware (and verify that you have the privileges) to do this if necessary. In order to toggle this feature, you can add the following to your custom resource: @@ -334,12 +340,14 @@ the AWX pods to run only on the nodes that match all the specified key/value pai pods to be scheduled onto nodes with matching taints. -| Name | Description | Default | -| -------------------------- | --------------------------- | ------- | -| tower_node_selector | AWX pods' nodeSelector | '' | -| tower_tolerations | AWX pods' tolerations | '' | -| tower_postgres_selector | Postgres pods' nodeSelector | '' | -| tower_postgres_tolerations | Postgres pods' tolerations | '' | +| Name | Description | Default | +| -------------------------------| --------------------------- | ------- | +| tower_postgres_image | Path of the image to pull | 12 | +| tower_postgres_image_version | Image version to pull | 12 | +| tower_node_selector | AWX pods' nodeSelector | '' | +| tower_tolerations | AWX pods' tolerations | '' | +| tower_postgres_selector | Postgres pods' nodeSelector | '' | +| tower_postgres_tolerations | Postgres pods' tolerations | '' | Example of customization could be: diff --git a/ansible/templates/crd.yml.j2 b/ansible/templates/crd.yml.j2 index 17f07c18..50f035a1 100644 --- a/ansible/templates/crd.yml.j2 +++ b/ansible/templates/crd.yml.j2 @@ -113,6 +113,9 @@ spec: tower_image: description: Registry path to the application container to use type: string + tower_image_version: + description: Application container image version to use + type: string tower_ee_images: description: Registry path to the Execution Environment container to use type: array @@ -226,9 +229,15 @@ spec: tower_redis_image: description: Registry path to the redis container to use type: string + tower_redis_image_version: + description: Redis container image version to use + type: string tower_postgres_image: description: Registry path to the PostgreSQL container to use type: string + tower_postgres_image_version: + description: PostgreSQL container image version to use + type: string tower_postgres_selector: description: nodeSelector for the Postgres pods type: string diff --git a/deploy/awx-operator.yaml b/deploy/awx-operator.yaml index d3d1c250..3a90b30b 100644 --- a/deploy/awx-operator.yaml +++ b/deploy/awx-operator.yaml @@ -115,6 +115,9 @@ spec: tower_image: description: Registry path to the application container to use type: string + tower_image_version: + description: Application container image version to use + type: string tower_ee_images: description: Registry path to the Execution Environment container to use type: array @@ -223,9 +226,15 @@ spec: tower_redis_image: description: Registry path to the redis container to use type: string + tower_redis_image_version: + description: Redis container image version to use + type: string tower_postgres_image: description: Registry path to the PostgreSQL container to use type: string + tower_postgres_image_version: + description: PostgreSQL container image version to use + type: string tower_postgres_selector: description: nodeSelector for the Postgres pods type: string diff --git a/deploy/crds/awx_v1beta1_crd.yaml b/deploy/crds/awx_v1beta1_crd.yaml index f91d7e48..c598499d 100644 --- a/deploy/crds/awx_v1beta1_crd.yaml +++ b/deploy/crds/awx_v1beta1_crd.yaml @@ -113,6 +113,9 @@ spec: tower_image: description: Registry path to the application container to use type: string + tower_image_version: + description: Application container image version to use + type: string tower_ee_images: description: Registry path to the Execution Environment container to use type: array @@ -221,9 +224,15 @@ spec: tower_redis_image: description: Registry path to the redis container to use type: string + tower_redis_image_version: + description: Redis container image version to use + type: string tower_postgres_image: description: Registry path to the PostgreSQL container to use type: string + tower_postgres_image_version: + description: PostgreSQL container image version to use + type: string tower_postgres_selector: description: nodeSelector for the Postgres pods type: string diff --git a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml index 960d8987..c76964db 100644 --- a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml +++ b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml @@ -204,16 +204,31 @@ spec: x-descriptors: - urn:alm:descriptor:com.tectonic.ui:advanced - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Tower Image Version + path: tower_image_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden - displayName: Redis Image path: tower_redis_image x-descriptors: - urn:alm:descriptor:com.tectonic.ui:advanced - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Redis Image Version + path: tower_redis_image_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden - displayName: PostgreSQL Image path: tower_postgres_image x-descriptors: - urn:alm:descriptor:com.tectonic.ui:advanced - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: PostgreSQL Image Version + path: tower_postgres_image_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden - displayName: Tower Postgres Selector path: tower_postgres_selector x-descriptors: diff --git a/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml b/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml index e628463e..c7b54009 100644 --- a/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml +++ b/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml @@ -73,6 +73,9 @@ spec: tower_image: description: Registry path to the application container to use type: string + tower_image_version: + description: Application container image version to use + type: string tower_image_pull_policy: default: IfNotPresent description: The image pull policy @@ -134,6 +137,9 @@ spec: tower_postgres_image: description: Registry path to the PostgreSQL container to use type: string + tower_postgres_image_version: + description: PostgreSQL container image version to use + type: string tower_postgres_selector: description: nodeSelector for the Postgres pods type: string @@ -193,6 +199,9 @@ spec: tower_redis_image: description: Registry path to the redis container to use type: string + tower_redis_image_version: + description: Redis container image version to use + type: string tower_replicas: default: 1 description: Number of instance replicas diff --git a/roles/installer/defaults/main.yml b/roles/installer/defaults/main.yml index d86880cf..b34570da 100644 --- a/roles/installer/defaults/main.yml +++ b/roles/installer/defaults/main.yml @@ -81,7 +81,12 @@ tower_extra_volumes: '' # Use these image versions for Ansible AWX. -tower_image: quay.io/ansible/awx:19.0.0 +tower_image: quay.io/ansible/awx +tower_image_version: 19.0.0 +tower_redis_image: docker.io/redis +tower_redis_image_version: latest +tower_postgres_image: postgres +tower_postgres_image_version: 12 tower_image_pull_policy: IfNotPresent tower_image_pull_secret: '' @@ -127,9 +132,6 @@ tower_web_extra_env: '' tower_task_extra_volume_mounts: '' tower_web_extra_volume_mounts: '' tower_ee_extra_volume_mounts: '' -tower_redis_image: redis:latest - -tower_postgres_image: postgres:12 # Add a nodeSelector for the Postgres pods. # It must match a node's labels for the pod to be scheduled on that node. diff --git a/roles/installer/tasks/main.yml b/roles/installer/tasks/main.yml index 1d2bc7c5..27fb7690 100644 --- a/roles/installer/tasks/main.yml +++ b/roles/installer/tasks/main.yml @@ -16,10 +16,6 @@ app.kubernetes.io/managed-by: awx-operator app.kubernetes.io/component: awx -- name: Get current version - set_fact: - tower_image_version: "{{ tower_image.split(':')[1] }}" - - name: Include secret key configuration tasks include_tasks: secret_key_configuration.yml diff --git a/roles/installer/templates/tower_deployment.yaml.j2 b/roles/installer/templates/tower_deployment.yaml.j2 index f8a58659..23370018 100644 --- a/roles/installer/templates/tower_deployment.yaml.j2 +++ b/roles/installer/templates/tower_deployment.yaml.j2 @@ -33,7 +33,7 @@ spec: - name: {{ tower_image_pull_secret }} {% endif %} containers: - - image: '{{ tower_redis_image }}' + - image: '{{ tower_redis_image }}:{{ tower_redis_image_version }}' imagePullPolicy: '{{ tower_image_pull_policy }}' name: redis args: ["redis-server", "/etc/redis.conf"] @@ -46,7 +46,7 @@ spec: mountPath: "/var/run/redis" - name: "{{ meta.name }}-redis-data" mountPath: "/data" - - image: '{{ tower_image }}' + - image: '{{ tower_image }}:{{ tower_image_version }}' name: '{{ meta.name }}-web' {% if tower_web_command %} command: {{ tower_web_command }} @@ -124,7 +124,7 @@ spec: {{ tower_web_extra_env | indent(width=12, indentfirst=True) }} {% endif %} resources: {{ tower_web_resource_requirements }} - - image: '{{ tower_image }}' + - image: '{{ tower_image }}:{{ tower_image_version }}' name: '{{ meta.name }}-task' imagePullPolicy: '{{ tower_image_pull_policy }}' {% if tower_task_privileged == true %} diff --git a/roles/installer/templates/tower_postgres.yaml.j2 b/roles/installer/templates/tower_postgres.yaml.j2 index 18d2ae96..6bbab1ca 100644 --- a/roles/installer/templates/tower_postgres.yaml.j2 +++ b/roles/installer/templates/tower_postgres.yaml.j2 @@ -29,7 +29,7 @@ spec: app.kubernetes.io/component: database spec: containers: - - image: '{{ tower_postgres_image }}' + - image: '{{ tower_postgres_image }}:{{ tower_postgres_image_version }}' name: postgres env: - name: POSTGRES_DB