mirror of
https://github.com/ansible/awx-operator.git
synced 2026-04-10 19:01:19 +00:00
Merge pull request #177 from tchellomello/persistent_vol
Introducing ability to mount /var/lib/projects
This commit is contained in:
Shane McDonald
GitHub
24
README.md
24
README.md
@@ -25,6 +25,7 @@ An [Ansible AWX](https://github.com/ansible/awx) operator for Kubernetes built w
|
||||
* [Privileged Tasks](#privileged-tasks)
|
||||
* [Containers Resource Requirements](#containers-resource-requirements)
|
||||
* [LDAP Certificate Authority](#ldap-certificate-authority)
|
||||
* [Persisting Projects Directory](#persisting-projects-directory)
|
||||
* [Development](#development)
|
||||
* [Testing](#testing)
|
||||
* [Testing in Docker](#testing-in-docker)
|
||||
@@ -375,6 +376,29 @@ To create the secret, you can use the command below:
|
||||
# kubectl create secret generic <resourcename>-ldap-ca-cert --from-file=ldap-ca.crt=<PATH/TO/YOUR/CA/PEM/FILE>
|
||||
```
|
||||
|
||||
#### Persisting Projects Directory
|
||||
|
||||
In cases which you want to persist the `/var/lib/projects` directory, there are few variables that are customizable for the `awx-operator`.
|
||||
|
||||
| Name | Description | Default |
|
||||
| -----------------------------------| ---------------------------------------------------------------------------------------------------- | ---------------|
|
||||
| tower_projects_persistence | Whether or not the /var/lib/projects directory will be persistent | false |
|
||||
| tower_projects_storage_class | Define the PersistentVolume storage class | '' |
|
||||
| tower_projects_storage_size | Define the PersistentVolume size | 8Gi |
|
||||
| tower_projects_storage_access_mode | Define the PersistentVolume access mode | ReadWriteMany |
|
||||
| tower_projects_existing_claim | Define an existing PersistentVolumeClaim to use (cannot be combined with `tower_projects_storage_*`) | '' |
|
||||
|
||||
Example of customization when the `awx-operator` automatically handles the persistent volume could be:
|
||||
|
||||
```yaml
|
||||
---
|
||||
spec:
|
||||
...
|
||||
tower_projects_persistence: true
|
||||
tower_projects_storage_class: rook-ceph
|
||||
tower_projects_storage_size: 20Gi
|
||||
```
|
||||
|
||||
## Development
|
||||
|
||||
### Testing
|
||||
|
||||
@@ -258,6 +258,30 @@ spec:
|
||||
ldap_cacert_secret:
|
||||
description: Secret where can be found the LDAP trusted Certificate Authority Bundle
|
||||
type: string
|
||||
tower_projects_persistence:
|
||||
description: Whether or not the /var/lib/projects directory will be persistent
|
||||
default: false
|
||||
type: boolean
|
||||
tower_projects_use_existing_claim:
|
||||
description: Using existing PersistentVolumeClaim
|
||||
type: string
|
||||
enum:
|
||||
- _Yes_
|
||||
- _No_
|
||||
tower_projects_existing_claim:
|
||||
description: PersistentVolumeClaim to mount /var/lib/projects directory
|
||||
type: string
|
||||
tower_projects_storage_class:
|
||||
description: Storage class for the /var/lib/projects PersistentVolumeClaim
|
||||
type: string
|
||||
tower_projects_storage_size:
|
||||
description: Size for the /var/lib/projects PersistentVolumeClaim
|
||||
default: 8Gi
|
||||
type: string
|
||||
tower_projects_storage_access_mode:
|
||||
description: AccessMode for the /var/lib/projects PersistentVolumeClaim
|
||||
default: ReadWriteMany
|
||||
type: string
|
||||
type: object
|
||||
status:
|
||||
properties:
|
||||
|
||||
@@ -409,6 +409,30 @@ spec:
|
||||
ldap_cacert_secret:
|
||||
description: Secret where can be found the LDAP trusted Certificate Authority Bundle
|
||||
type: string
|
||||
tower_projects_persistence:
|
||||
description: Whether or not the /var/lib/projects directory will be persistent
|
||||
default: false
|
||||
type: boolean
|
||||
tower_projects_use_existing_claim:
|
||||
description: Using existing PersistentVolumeClaim
|
||||
type: string
|
||||
enum:
|
||||
- _Yes_
|
||||
- _No_
|
||||
tower_projects_existing_claim:
|
||||
description: PersistentVolumeClaim to mount /var/lib/projects directory
|
||||
type: string
|
||||
tower_projects_storage_class:
|
||||
description: Storage class for the /var/lib/projects PersistentVolumeClaim
|
||||
type: string
|
||||
tower_projects_storage_size:
|
||||
description: Size for the /var/lib/projects PersistentVolumeClaim
|
||||
default: 8Gi
|
||||
type: string
|
||||
tower_projects_storage_access_mode:
|
||||
description: AccessMode for the /var/lib/projects PersistentVolumeClaim
|
||||
default: ReadWriteMany
|
||||
type: string
|
||||
type: object
|
||||
status:
|
||||
properties:
|
||||
|
||||
@@ -258,6 +258,30 @@ spec:
|
||||
ldap_cacert_secret:
|
||||
description: Secret where can be found the LDAP trusted Certificate Authority Bundle
|
||||
type: string
|
||||
tower_projects_persistence:
|
||||
description: Whether or not the /var/lib/projects directory will be persistent
|
||||
default: false
|
||||
type: boolean
|
||||
tower_projects_use_existing_claim:
|
||||
description: Using existing PersistentVolumeClaim
|
||||
type: string
|
||||
enum:
|
||||
- _Yes_
|
||||
- _No_
|
||||
tower_projects_existing_claim:
|
||||
description: PersistentVolumeClaim to mount /var/lib/projects directory
|
||||
type: string
|
||||
tower_projects_storage_class:
|
||||
description: Storage class for the /var/lib/projects PersistentVolumeClaim
|
||||
type: string
|
||||
tower_projects_storage_size:
|
||||
description: Size for the /var/lib/projects PersistentVolumeClaim
|
||||
default: 8Gi
|
||||
type: string
|
||||
tower_projects_storage_access_mode:
|
||||
description: AccessMode for the /var/lib/projects PersistentVolumeClaim
|
||||
default: ReadWriteMany
|
||||
type: string
|
||||
type: object
|
||||
status:
|
||||
properties:
|
||||
|
||||
@@ -243,6 +243,45 @@ spec:
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:hidden
|
||||
- displayName: Enable persistence for /var/lib/projects directory?
|
||||
path: tower_projects_persistence
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:booleanSwitch
|
||||
- displayName: Use existing Persistent Claim?
|
||||
path: tower_projects_use_existing_claim
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:select:_Yes_
|
||||
- urn:alm:descriptor:com.tectonic.ui:select:_No_
|
||||
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_projects_persistence:true
|
||||
- displayName: Tower Projects Existing Persistent Claim
|
||||
path: tower_projects_existing_claim
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_projects_use_existing_claim:_Yes_
|
||||
- urn:alm:descriptor:io.kubernetes:PersistentVolumeClaim
|
||||
- displayName: Tower Projects Storage Class Name
|
||||
description: Tower Projects Storage Class Name. If not present, the default storage class will be used.
|
||||
path: tower_projects_storage_class
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_projects_use_existing_claim:_No_
|
||||
- urn:alm:descriptor:com.tectonic.ui:text
|
||||
- displayName: Tower Projects Storage Size
|
||||
description: Tower Projects Storage Size
|
||||
path: tower_projects_storage_size
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_projects_use_existing_claim:_No_
|
||||
- urn:alm:descriptor:com.tectonic.ui:text
|
||||
- displayName: Tower Projects Storage Access Mode
|
||||
description: Tower Projects Storage Access Mode
|
||||
path: tower_projects_storage_access_mode
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:tower_projects_use_existing_claim:_No_
|
||||
- urn:alm:descriptor:com.tectonic.ui:text
|
||||
- displayName: Tower Task Command
|
||||
path: tower_task_command
|
||||
x-descriptors:
|
||||
|
||||
@@ -32,6 +32,30 @@ spec:
|
||||
description: Secret where can be found the LDAP trusted Certificate
|
||||
Authority Bundle
|
||||
type: string
|
||||
tower_projects_persistence:
|
||||
description: Whether or not the /var/lib/projects directory will be persistent
|
||||
default: false
|
||||
type: boolean
|
||||
tower_projects_use_existing_claim:
|
||||
description: Using existing PersistentVolumeClaim
|
||||
type: string
|
||||
enum:
|
||||
- _Yes_
|
||||
- _No_
|
||||
tower_projects_existing_claim:
|
||||
description: PersistentVolumeClaim to mount /var/lib/projects directory
|
||||
type: string
|
||||
tower_projects_storage_class:
|
||||
description: Storage class for the /var/lib/projects PersistentVolumeClaim
|
||||
type: string
|
||||
tower_projects_storage_size:
|
||||
description: Size for the /var/lib/projects PersistentVolumeClaim
|
||||
default: 8Gi
|
||||
type: string
|
||||
tower_projects_storage_access_mode:
|
||||
description: AccessMode for the /var/lib/projects PersistentVolumeClaim
|
||||
default: ReadWriteMany
|
||||
type: string
|
||||
tower_admin_email:
|
||||
description: The admin user email
|
||||
type: string
|
||||
|
||||
@@ -136,6 +136,19 @@ tower_postgres_resource_requirements:
|
||||
tower_postgres_storage_class: ''
|
||||
tower_postgres_data_path: '/var/lib/postgresql/data/pgdata'
|
||||
|
||||
# Persistence to the AWX project data folder
|
||||
# Whether or not the /var/lib/projects directory will be persistent
|
||||
tower_projects_persistence: false
|
||||
#
|
||||
# Define an existing PersistentVolumeClaim to use
|
||||
tower_projects_existing_claim: ''
|
||||
#
|
||||
# Define the storage_class, size and access_mode
|
||||
# when not using an existing claim
|
||||
tower_projects_storage_class: ''
|
||||
tower_projects_storage_size: 8Gi
|
||||
tower_projects_storage_access_mode: ReadWriteMany
|
||||
|
||||
# Secret to lookup that provide the PostgreSQL configuration
|
||||
#
|
||||
tower_postgres_configuration_secret: ''
|
||||
|
||||
@@ -41,6 +41,7 @@
|
||||
loop:
|
||||
- 'tower_app_credentials'
|
||||
- 'tower_service_account'
|
||||
- 'tower_persistent'
|
||||
- 'tower_deployment'
|
||||
- 'tower_service'
|
||||
- 'tower_ingress'
|
||||
|
||||
@@ -283,7 +283,16 @@ spec:
|
||||
- key: receptor_conf
|
||||
path: receptor.conf
|
||||
- name: "{{ meta.name }}-projects"
|
||||
{% if tower_projects_persistence|bool %}
|
||||
persistentVolumeClaim:
|
||||
{% if tower_projects_existing_claim %}
|
||||
claimName: {{ tower_projects_existing_claim }}
|
||||
{% else %}
|
||||
claimName: '{{ meta.name }}-projects-claim'
|
||||
{% endif %}
|
||||
{% else %}
|
||||
emptyDir: {}
|
||||
{% endif %}
|
||||
{% if development_mode | bool %}
|
||||
- name: awx-devel
|
||||
hostPath:
|
||||
|
||||
21
roles/installer/templates/tower_persistent.yaml.j2
Normal file
21
roles/installer/templates/tower_persistent.yaml.j2
Normal file
@@ -0,0 +1,21 @@
|
||||
{% if tower_projects_persistence|bool and tower_projects_existing_claim == '' %}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: '{{ meta.name }}-projects-claim'
|
||||
namespace: '{{ meta.namespace }}'
|
||||
labels:
|
||||
app.kubernetes.io/name: '{{ meta.name }}'
|
||||
app.kubernetes.io/part-of: '{{ meta.name }}'
|
||||
app.kubernetes.io/managed-by: awx-operator
|
||||
app.kubernetes.io/component: awx
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ tower_projects_storage_access_mode }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ tower_projects_storage_size }}
|
||||
{% if tower_projects_storage_class != '' %}
|
||||
storageClassName: {{ tower_projects_storage_class }}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
@@ -2,3 +2,4 @@
|
||||
postgres_initdb_args: '--auth-host=scram-sha-256'
|
||||
postgres_host_auth_method: 'scram-sha-256'
|
||||
ldap_cacert_ca_crt: ''
|
||||
tower_projects_existing_claim: ''
|
||||
|
||||
Reference in New Issue
Block a user