diff --git a/README.md b/README.md index 02aab760..1fa5417b 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ # Ansible Tower/AWX Operator -An [Ansible Tower](https://www.ansible.com/products/tower) operator for Kubernetes built with [Operator SDK](https://github.com/operator-framework/operator-sdk) and Ansible. +An [Ansible AWX](https://github.com/ansible/awx) operator for Kubernetes built with [Operator SDK](https://github.com/operator-framework/operator-sdk) and Ansible. -Also configurable to run the open source [AWX](https://github.com/ansible/awx) instead of Tower (helpful for certain use cases where a license requirement is not warranted, like CI environments). +Also configurable to be able to run [Tower](https://ansible.com/products/tower) ## Purpose @@ -11,7 +11,7 @@ There are already official OpenShift/Kubernetes installers available for both AW - [AWX on Kubernetes](https://github.com/ansible/awx/blob/devel/INSTALL.md#kubernetes) - [Ansible Tower on Kubernetes](https://docs.ansible.com/ansible-tower/latest/html/administration/openshift_configuration.html) -This operator is meant to provide a more Kubernetes-native installation method for Ansible Tower or AWX via a Tower Custom Resource Definition (CRD). +This operator is meant to provide a more Kubernetes-native installation method for Ansible Tower or AWX via an AWX Custom Resource Definition (CRD). Note that the operator is not supported by Red Hat, and is in alpha status. Long-term, this operator will become the supported method of installing on Kubernetes and Openshift, and will be listed on OperatorHub.io. For now, use it at your own risk! @@ -19,24 +19,24 @@ Note that the operator is not supported by Red Hat, and is in alpha status. Long This Kubernetes Operator is meant to be deployed in your Kubernetes cluster(s) and can manage one or more Tower or AWX instances in any namespace. -First you need to deploy Tower Operator into your cluster: +First you need to deploy AWX Operator into your cluster: - kubectl apply -f https://raw.githubusercontent.com/ansible/tower-operator/devel/deploy/tower-operator.yaml + kubectl apply -f https://raw.githubusercontent.com/ansible/awx-operator/devel/deploy/awx-operator.yaml -Then you can create instances of Tower, for example: +Then you can create instances of AWX, for example: - 1. Make sure the namespace you're deploying into already exists (e.g. `kubectl create namespace ansible-tower`). - 1. Create a file named `my-tower.yml` with the following contents: + 1. Make sure the namespace you're deploying into already exists (e.g. `kubectl create namespace ansible-awx`). + 1. Create a file named `my-awx.yml` with the following contents: ``` --- - apiVersion: tower.ansible.com/v1beta1 - kind: Tower + apiVersion: awx.ansible.com/v1beta1 + kind: AWX metadata: - name: tower - namespace: ansible-tower + name: awx + namespace: ansible-awx spec: - deployment_type: tower + deployment_type: awx tower_secret_key: aabbcc tower_admin_user: test tower_admin_email: test@example.com @@ -47,31 +47,30 @@ Then you can create instances of Tower, for example: 1. Use `kubectl` to create the mcrouter instance in your cluster: ``` - kubectl apply -f my-tower.yml + kubectl apply -f my-awx.yml ``` -After a few minutes, your new Tower instance will be accessible at `http://tower.mycompany.com/` (assuming your cluster has an Ingress controller configured). Log in using the `tower_admin_` credentials configured in the `spec`, and supply a valid license to begin using Tower. +After a few minutes, your new AWX instance will be accessible at `http://awx.mycompany.com/` (assuming your cluster has an Ingress controller configured). Log in using the `tower_admin_` credentials configured in the `spec`. -### Red Hat Registry Authentication +### Deploy Tower instead of AWX + +If you would like to deploy Tower into your cluster instead of AWX, override the default variables in the AWX `spec` for the `tower_task_image` and `tower_web_image`, so the Tower container images are used instead, and set the `deployment_type` to ``awx`: + + --- + spec: + ... + deployment_type: tower + tower_task_image: registry.redhat.io/ansible-tower-37/ansible-tower-rhel7:3.7.0 + tower_web_image: registry.redhat.io/ansible-tower-37/ansible-tower-rhel7:3.7.0 To deploy Ansible Tower, images are pulled from the Red Hat Registry. Your Kubernetes or OpenShift cluster will have to have [Authentication Enabled for the Red Hat Registry](https://access.redhat.com/documentation/en-us/openshift_container_platform/3.11/html/configuring_clusters/install-config-configuring-red-hat-registry) for this to work, otherwise the Tower image will not be pulled. If you deploy Ansible AWX, images are available from public registries, so no authentication is required. -### Deploy AWX instead of Tower - -If you would like to deploy AWX (the open source upstream of Tower) into your cluster instead of Tower, override the default variables in the Tower `spec` for the `tower_task_image` and `tower_web_image`, so the AWX container images are used instead, and set the `deployment_type` to ``awx`: - - --- - spec: - ... - deployment_type: awx - tower_task_image: ansible/awx_task:11.2.0 - tower_web_image: ansible/awx_web:11.2.0 ### Ingress Types -Depending on the cluster that you're running on, you may wish to use an `Ingress` to access your tower or you may wish to use a `Route` to access your tower. To toggle between these two options, you can add the following to your Tower custom resource: +Depending on the cluster that you're running on, you may wish to use an `Ingress` to access your tower or you may wish to use a `Route` to access your awx. To toggle between these two options, you can add the following to your Tower custom resource: --- spec: @@ -84,7 +83,7 @@ OR spec: ... tower_ingress_type: Ingress - tower_hostname: tower.mycompany.com + tower_hostname: awx.mycompany.com By default, no ingress/route is deployed as the default is set to `none`. @@ -97,9 +96,9 @@ Depending on the type of tasks that you'll be running, you may find that you nee ... tower_task_privileged: true -If you are attempting to do this on an OpenShift cluster, you will need to grant the `tower` ServiceAccount the `privileged` SCC, which can be done with: +If you are attempting to do this on an OpenShift cluster, you will need to grant the `awx` ServiceAccount the `privileged` SCC, which can be done with: - oc adm policy add-scc-to-user privileged -z tower + oc adm policy add-scc-to-user privileged -z awx Again, this is the most relaxed SCC that is provided by OpenShift, so be sure to familiarize yourself with the security concerns that accompany this action. @@ -152,8 +151,8 @@ Once the operator is deployed, you can visit the Tower UI in your browser by fol There are a few moving parts to this project: - 1. The Docker image which powers Tower Operator. - 2. The `tower-operator.yaml` Kubernetes manifest file which initially deploys the Operator into a cluster. + 1. The Docker image which powers AWX Operator. + 2. The `awx-operator.yaml` Kubernetes manifest file which initially deploys the Operator into a cluster. Each of these must be appropriately built in preparation for a new tag: @@ -161,17 +160,17 @@ Each of these must be appropriately built in preparation for a new tag: Run the following command inside this directory: - operator-sdk build ansible/tower-operator:0.4.0 + operator-sdk build ansible/awx-operator:0.4.0 Then push the generated image to Docker Hub: - docker push ansible/tower-operator:0.4.0 + docker push ansible/awx-operator:0.4.0 -#### Build a new version of the `tower-operator.yaml` file +#### Build a new version of the `awx-operator.yaml` file -Update the tower-operator version in two places: +Update the awx-operator version in two places: - 1. `deploy/tower-operator.yaml`: in the `ansible` and `operator` container definitions in the `tower-operator` Deployment. + 1. `deploy/awx-operator.yaml`: in the `ansible` and `operator` container definitions in the `awx-operator` Deployment. 2. `build/chain-operator-files.yml`: the `operator_image` variable. Once the versions are updated, run the playbook in the `build/` directory: @@ -182,8 +181,8 @@ After it is built, test it on a local cluster: minikube start --memory 6g --cpus 4 minikube addons enable ingress - kubectl apply -f deploy/tower-operator.yaml - kubectl create namespace example-tower + kubectl apply -f deploy/awx-operator.yaml + kubectl create namespace example-awx kubectl apply -f deploy/crds/tower_v1beta1_tower_cr_awx.yaml minikube delete diff --git a/build/chain-operator-files.yml b/build/chain-operator-files.yml index fb0d56d7..f624471f 100644 --- a/build/chain-operator-files.yml +++ b/build/chain-operator-files.yml @@ -6,19 +6,19 @@ gather_facts: false vars: - operator_image: ansible/tower-operator:0.4.0 + operator_image: ansible/awx-operator:0.4.0 pull_policy: Always - operator_file_path: "../deploy/tower-operator.yaml" + operator_file_path: "../deploy/awx-operator.yaml" operator_template: "../deploy/operator.yaml" tasks: - - name: Clear out current contents of tower-operator.yml + - name: Clear out current contents of awx-operator.yml copy: dest: "{{ operator_file_path }}" content: '' force: true - - name: Concatenate operator files into tower-operator.yml + - name: Concatenate operator files into awx-operator.yml blockinfile: path: "{{ operator_file_path }}" block: "{{ item }}" @@ -33,12 +33,12 @@ - "../deploy/service_account.yaml" - "../deploy/operator.yaml" - - name: Remove space at beginning of tower-operator.yml + - name: Remove space at beginning of awx-operator.yml shell: > echo "$(tail -n +2 {{ operator_file_path }})" > {{ operator_file_path }} changed_when: true - - name: Template the tower-operator.yaml file into tower-operator.yml + - name: Template the awx-operator.yaml file into awx-operator.yml template: src: "{{ operator_file_path }}" dest: "{{ operator_file_path }}" diff --git a/deploy/tower-operator.yaml b/deploy/awx-operator.yaml similarity index 82% rename from deploy/tower-operator.yaml rename to deploy/awx-operator.yaml index 62b1d055..346da8eb 100644 --- a/deploy/tower-operator.yaml +++ b/deploy/awx-operator.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null - name: tower-operator + name: awx-operator rules: - apiGroups: - route.openshift.io @@ -45,7 +45,7 @@ rules: - apiGroups: - apps resourceNames: - - tower-operator + - awx-operator resources: - deployments/finalizers verbs: @@ -64,7 +64,7 @@ rules: verbs: - get - apiGroups: - - tower.ansible.com + - awx.ansible.com resources: - '*' verbs: @@ -74,53 +74,53 @@ rules: kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: tower-operator + name: awx-operator subjects: - kind: ServiceAccount - name: tower-operator + name: awx-operator namespace: default roleRef: kind: ClusterRole - name: tower-operator + name: awx-operator apiGroup: rbac.authorization.k8s.io --- apiVersion: v1 kind: ServiceAccount metadata: - name: tower-operator + name: awx-operator namespace: default --- apiVersion: apps/v1 kind: Deployment metadata: - name: tower-operator + name: awx-operator spec: replicas: 1 selector: matchLabels: - name: tower-operator + name: awx-operator template: metadata: labels: - name: tower-operator + name: awx-operator spec: - serviceAccountName: tower-operator + serviceAccountName: awx-operator containers: - name: ansible command: - /usr/local/bin/ao-logs - /tmp/ansible-operator/runner - stdout - image: "ansible/tower-operator:0.4.0" + image: "ansible/awx-operator:0.4.0" imagePullPolicy: "Always" volumeMounts: - mountPath: /tmp/ansible-operator/runner name: runner readOnly: true - name: operator - image: "ansible/tower-operator:0.4.0" + image: "ansible/awx-operator:0.4.0" imagePullPolicy: "Always" volumeMounts: - mountPath: /tmp/ansible-operator/runner @@ -134,7 +134,7 @@ spec: fieldRef: fieldPath: metadata.name - name: OPERATOR_NAME - value: tower-operator + value: awx-operator volumes: - name: runner emptyDir: {} @@ -143,14 +143,14 @@ spec: apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: towers.tower.ansible.com + name: awxs.awx.ansible.com spec: - group: tower.ansible.com + group: awx.ansible.com names: - kind: Tower - listKind: TowerList - plural: towers - singular: tower + kind: AWX + listKind: AWXList + plural: awxs + singular: awx scope: Namespaced subresources: status: {} @@ -161,7 +161,7 @@ spec: storage: true validation: openAPIV3Schema: - description: Schema validation for the Tower CRD + description: Schema validation for the AWX CRD type: object properties: spec: diff --git a/deploy/crds/tower_v1beta1_tower_cr_awx.yaml b/deploy/crds/tower_v1beta1_tower_cr_awx.yaml index 4f34e5be..bd7f3b6b 100644 --- a/deploy/crds/tower_v1beta1_tower_cr_awx.yaml +++ b/deploy/crds/tower_v1beta1_tower_cr_awx.yaml @@ -1,15 +1,15 @@ --- -apiVersion: tower.ansible.com/v1beta1 -kind: Tower +apiVersion: awx.ansible.com/v1beta1 +kind: AWX metadata: - name: example-tower - namespace: example-tower + name: example-awx + namespace: example-awx spec: deployment_type: awx tower_ingress_type: none tower_task_privileged: false - tower_hostname: example-tower.test + tower_hostname: example-awx.test tower_secret_key: aabbcc tower_broadcast_websocket_secret: changeme @@ -17,8 +17,8 @@ spec: tower_admin_email: test@example.com tower_admin_password: changeme - tower_task_image: ansible/awx_task:11.2.0 - tower_web_image: ansible/awx_web:11.2.0 + tower_task_image: ansible/awx:13.0.0 + tower_web_image: ansible/awx:13.0.0 tower_task_mem_request: 1Gi tower_task_cpu_request: 500m diff --git a/deploy/crds/tower_v1beta1_tower_cr_molecule.yaml b/deploy/crds/tower_v1beta1_tower_cr_molecule.yaml index 987ff2d3..06d4e126 100644 --- a/deploy/crds/tower_v1beta1_tower_cr_molecule.yaml +++ b/deploy/crds/tower_v1beta1_tower_cr_molecule.yaml @@ -1,15 +1,15 @@ --- -apiVersion: tower.ansible.com/v1beta1 -kind: Tower +apiVersion: awx.ansible.com/v1beta1 +kind: AWX metadata: - name: example-tower - namespace: example-tower + name: example-awx + namespace: example-awx spec: deployment_type: awx tower_ingress_type: ingress tower_task_privileged: false - tower_hostname: example-tower.test + tower_hostname: example-awx.test tower_secret_key: aabbcc tower_broadcast_websocket_secret: changeme @@ -17,8 +17,8 @@ spec: tower_admin_email: test@example.com tower_admin_password: changeme - tower_task_image: ansible/awx_task:11.2.0 - tower_web_image: ansible/awx_web:11.2.0 + tower_task_image: ansible/awx:13.0.0 + tower_web_image: ansible/awx:13.0.0 tower_task_mem_request: 128M tower_task_cpu_request: 500m diff --git a/deploy/crds/tower_v1beta1_tower_cr_tower.yaml b/deploy/crds/tower_v1beta1_tower_cr_tower.yaml index 85fa736e..55501c90 100644 --- a/deploy/crds/tower_v1beta1_tower_cr_tower.yaml +++ b/deploy/crds/tower_v1beta1_tower_cr_tower.yaml @@ -1,6 +1,6 @@ --- -apiVersion: tower.ansible.com/v1beta1 -kind: Tower +apiVersion: awx.ansible.com/v1beta1 +kind: AWX metadata: name: example-tower namespace: example-tower diff --git a/deploy/crds/tower_v1beta1_tower_crd.yaml b/deploy/crds/tower_v1beta1_tower_crd.yaml index e24157de..09be8e3a 100644 --- a/deploy/crds/tower_v1beta1_tower_crd.yaml +++ b/deploy/crds/tower_v1beta1_tower_crd.yaml @@ -2,14 +2,14 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: towers.tower.ansible.com + name: awxs.awx.ansible.com spec: - group: tower.ansible.com + group: awx.ansible.com names: - kind: Tower - listKind: TowerList - plural: towers - singular: tower + kind: AWX + listKind: AWXList + plural: awxs + singular: awx scope: Namespaced subresources: status: {} @@ -20,7 +20,7 @@ spec: storage: true validation: openAPIV3Schema: - description: Schema validation for the Tower CRD + description: Schema validation for the AWX CRD type: object properties: spec: diff --git a/deploy/operator.yaml b/deploy/operator.yaml index 2f5b38ce..43f73ea5 100644 --- a/deploy/operator.yaml +++ b/deploy/operator.yaml @@ -2,18 +2,18 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: tower-operator + name: awx-operator spec: replicas: 1 selector: matchLabels: - name: tower-operator + name: awx-operator template: metadata: labels: - name: tower-operator + name: awx-operator spec: - serviceAccountName: tower-operator + serviceAccountName: awx-operator containers: - name: ansible command: @@ -41,7 +41,7 @@ spec: fieldRef: fieldPath: metadata.name - name: OPERATOR_NAME - value: tower-operator + value: awx-operator volumes: - name: runner emptyDir: {} diff --git a/deploy/role.yaml b/deploy/role.yaml index 8f5eebde..83441b01 100644 --- a/deploy/role.yaml +++ b/deploy/role.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null - name: tower-operator + name: awx-operator rules: - apiGroups: - route.openshift.io @@ -45,7 +45,7 @@ rules: - apiGroups: - apps resourceNames: - - tower-operator + - awx-operator resources: - deployments/finalizers verbs: @@ -64,7 +64,7 @@ rules: verbs: - get - apiGroups: - - tower.ansible.com + - awx.ansible.com resources: - '*' verbs: diff --git a/deploy/role_binding.yaml b/deploy/role_binding.yaml index 69e2fa9a..c2c64a87 100644 --- a/deploy/role_binding.yaml +++ b/deploy/role_binding.yaml @@ -2,12 +2,12 @@ kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: tower-operator + name: awx-operator subjects: - kind: ServiceAccount - name: tower-operator + name: awx-operator namespace: default roleRef: kind: ClusterRole - name: tower-operator + name: awx-operator apiGroup: rbac.authorization.k8s.io diff --git a/deploy/service_account.yaml b/deploy/service_account.yaml index 88676b7a..91d79652 100644 --- a/deploy/service_account.yaml +++ b/deploy/service_account.yaml @@ -2,5 +2,5 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: tower-operator + name: awx-operator namespace: default diff --git a/main.yml b/main.yml index cc0e4a20..2760c98d 100644 --- a/main.yml +++ b/main.yml @@ -2,4 +2,4 @@ - hosts: localhost gather_facts: no roles: - - tower + - awx diff --git a/molecule/default/asserts.yml b/molecule/default/asserts.yml index 0fc71c7b..de7bd450 100644 --- a/molecule/default/asserts.yml +++ b/molecule/default/asserts.yml @@ -7,14 +7,14 @@ ansible_python_interpreter: '{{ ansible_playbook_python }}' tasks: - - name: Get tower Pod data + - name: Get AWX Pod data k8s_info: kind: Pod - namespace: example-tower + namespace: example-awx label_selectors: - - app=tower + - app=awx register: tower_pods - - name: Verify there is one tower pod + - name: Verify there is one AWX pod assert: that: '{{ (tower_pods.resources | length) == 1 }}' diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index d926077f..ec391972 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -5,6 +5,6 @@ vars: ansible_python_interpreter: '{{ ansible_playbook_python }}' roles: - - tower + - awx - import_playbook: '{{ playbook_dir }}/asserts.yml' diff --git a/molecule/test-local/converge.yml b/molecule/test-local/converge.yml index 56e9930c..7d9418db 100644 --- a/molecule/test-local/converge.yml +++ b/molecule/test-local/converge.yml @@ -3,7 +3,7 @@ hosts: k8s vars: - image_name: tower.ansible.com/tower-operator:testing + image_name: awx.ansible.com/awx-operator:testing tasks: # using command so we don't need to install any dependencies @@ -25,7 +25,7 @@ ansible_python_interpreter: '{{ ansible_playbook_python }}' deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy" pull_policy: Never - operator_image: tower.ansible.com/tower-operator:testing + operator_image: awx.ansible.com/awx-operator:testing custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1beta1_tower_cr_molecule.yaml'])) | from_yaml }}" tasks: @@ -59,14 +59,14 @@ namespace: '{{ operator_namespace }}' definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}" - - name: Ensure the Tower custom_resource namespace exists + - name: Ensure the AWX custom_resource namespace exists k8s: state: present name: '{{ custom_resource.metadata.namespace }}' kind: Namespace api_version: v1 - - name: Create the Tower Custom Resource + - name: Create the AWX Custom Resource k8s: state: present namespace: '{{ custom_resource.metadata.namespace }}' @@ -99,7 +99,7 @@ resource_name=custom_resource.metadata.name )}}' - - name: debug tower deployment + - name: debug awx deployment ignore_errors: yes failed_when: false debug: @@ -109,7 +109,7 @@ kind="Deployment", api_version="apps/v1", namespace=custom_resource.metadata.namespace, - label_selector="app=tower" + label_selector="app=awx" )}}' - name: get operator logs diff --git a/molecule/test-minikube/converge.yml b/molecule/test-minikube/converge.yml index fe9c38b7..e2540a31 100644 --- a/molecule/test-minikube/converge.yml +++ b/molecule/test-minikube/converge.yml @@ -7,7 +7,7 @@ connection: local vars: - image_name: tower.ansible.com/tower-operator:testing + image_name: awx.ansible.com/awx-operator:testing tasks: # Use raw Docker commands inside Minikube to avoid extra Python dependencies. @@ -33,7 +33,7 @@ ansible_python_interpreter: '{{ ansible_playbook_python }}' deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy" pull_policy: Never - operator_image: tower.ansible.com/tower-operator:testing + operator_image: awx.ansible.com/awx-operator:testing # Change this to _awx to test AWX, _tower to test Tower. custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1beta1_tower_cr_awx.yaml'])) | from_yaml }}" @@ -66,14 +66,14 @@ namespace: '{{ operator_namespace }}' definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}" - - name: Ensure the Tower custom_resource namespace exists + - name: Ensure the AWX custom_resource namespace exists k8s: state: present name: '{{ custom_resource.metadata.namespace }}' kind: Namespace api_version: v1 - - name: Create the Tower Custom Resource + - name: Create the AWX Custom Resource k8s: state: present namespace: '{{ custom_resource.metadata.namespace }}' @@ -106,7 +106,7 @@ resource_name=custom_resource.metadata.name )}}' - - name: debug tower deployment + - name: debug awx deployment ignore_errors: yes failed_when: false debug: @@ -116,7 +116,7 @@ kind="Deployment", api_version="apps/v1", namespace=custom_resource.metadata.namespace, - label_selector="app=tower" + label_selector="app=awx" )}}' - name: get operator logs diff --git a/roles/tower/README.md b/roles/awx/README.md similarity index 100% rename from roles/tower/README.md rename to roles/awx/README.md diff --git a/roles/tower/defaults/main.yml b/roles/awx/defaults/main.yml similarity index 76% rename from roles/tower/defaults/main.yml rename to roles/awx/defaults/main.yml index ed15fd66..5cf43288 100644 --- a/roles/tower/defaults/main.yml +++ b/roles/awx/defaults/main.yml @@ -2,7 +2,7 @@ tower_task_privileged: false tower_ingress_type: none -tower_hostname: example-tower.test +tower_hostname: example-awx.test tower_secret_key: aabbcc tower_admin_user: test @@ -12,12 +12,12 @@ tower_admin_password: changeme tower_broadcast_websocket_secret: changeme # Use these image versions for Ansible Tower. -tower_task_image: registry.redhat.io/ansible-tower-37/ansible-tower-rhel7:3.7.0 -tower_web_image: registry.redhat.io/ansible-tower-37/ansible-tower-rhel7:3.7.0 +#tower_task_image: registry.redhat.io/ansible-tower-37/ansible-tower-rhel7:3.7.0 +#tower_web_image: registry.redhat.io/ansible-tower-37/ansible-tower-rhel7:3.7.0 # Use these image versions for Ansible AWX. -# tower_task_image: ansible/awx_task:11.2.0 -# tower_web_image: ansible/awx_web:11.2.0 +tower_task_image: ansible/awx:13.0.0 +tower_web_image: ansible/awx:13.0.0 tower_create_preload_data: true diff --git a/roles/tower/meta/main.yml b/roles/awx/meta/main.yml similarity index 84% rename from roles/tower/meta/main.yml rename to roles/awx/meta/main.yml index d43a34af..fff58871 100644 --- a/roles/tower/meta/main.yml +++ b/roles/awx/meta/main.yml @@ -1,7 +1,7 @@ --- galaxy_info: author: Ansible - description: Tower role for Tower Operator for Kubernetes. + description: AWX role for AWX Operator for Kubernetes. company: Red Hat, Inc. license: MIT diff --git a/roles/tower/tasks/initialize.yml b/roles/awx/tasks/initialize.yml similarity index 89% rename from roles/tower/tasks/initialize.yml rename to roles/awx/tasks/initialize.yml index 8f064fc6..64d50292 100644 --- a/roles/tower/tasks/initialize.yml +++ b/roles/awx/tasks/initialize.yml @@ -1,5 +1,5 @@ --- -- name: Check if there are any Tower super users defined. +- name: Check if there are any AWX super users defined. shell: >- kubectl exec -n {{ meta.namespace }} -c {{ meta.name }}-task {{ tower_pod_name }} -- bash -c "echo 'from django.contrib.auth.models import User; @@ -10,7 +10,7 @@ register: users_result changed_when: users_result.rc > 0 -- name: Create Tower super user via Django if it doesn't exist. +- name: Create AWX super user via Django if it doesn't exist. shell: >- kubectl exec -n {{ meta.namespace }} -c {{ meta.name }}-task {{ tower_pod_name }} -- bash -c "echo \"from django.contrib.auth.models import User; diff --git a/roles/tower/tasks/main.yml b/roles/awx/tasks/main.yml similarity index 86% rename from roles/tower/tasks/main.yml rename to roles/awx/tasks/main.yml index b2909741..d4d4429e 100644 --- a/roles/tower/tasks/main.yml +++ b/roles/awx/tasks/main.yml @@ -2,7 +2,7 @@ - name: Include deployment type vars include_vars: "{{ deployment_type }}.yml" -- name: Ensure configured Tower resources exist in the cluster. +- name: Ensure configured AWX resources exist in the cluster. k8s: apply: yes definition: "{{ lookup('template', item) | from_yaml_all | list }}" @@ -14,18 +14,18 @@ - supervisor.yaml.j2 - tower.yaml.j2 -- name: Get the Tower pod information. +- name: Get the AWX pod information. k8s_info: kind: Pod namespace: '{{ meta.namespace }}' label_selectors: - - app=tower + - app=awx register: tower_pods until: "tower_pods['resources'][0]['status']['phase'] == 'Running'" delay: 5 retries: 60 -- name: Set the tower pod name as a variable. +- name: Set the awx pod name as a variable. set_fact: tower_pod_name: "{{ tower_pods['resources'][0]['metadata']['name'] }}" @@ -55,14 +55,14 @@ - include_tasks: initialize.yml -- name: Scale the tower deployment to 0 replicas after migration. +- name: Scale the awx deployment to 0 replicas after migration. k8s: definition: "{{ lookup('template', 'tower.yaml.j2') | from_yaml_all | list }}" vars: tower_replicas: "0" when: migrate_result and migrate_result.changed -- name: Scale the tower deployment back to 1 replica after migration. +- name: Scale the awx deployment back to 1 replica after migration. k8s: definition: "{{ lookup('template', 'tower.yaml.j2') | from_yaml_all | list }}" vars: diff --git a/roles/tower/templates/credentials.py.j2 b/roles/awx/templates/credentials.py.j2 similarity index 100% rename from roles/tower/templates/credentials.py.j2 rename to roles/awx/templates/credentials.py.j2 diff --git a/roles/tower/templates/environment.sh.j2 b/roles/awx/templates/environment.sh.j2 similarity index 100% rename from roles/tower/templates/environment.sh.j2 rename to roles/awx/templates/environment.sh.j2 diff --git a/roles/tower/templates/launch_awx.yaml.j2 b/roles/awx/templates/launch_awx.yaml.j2 similarity index 99% rename from roles/tower/templates/launch_awx.yaml.j2 rename to roles/awx/templates/launch_awx.yaml.j2 index 07d1e7d0..590e63c8 100644 --- a/roles/tower/templates/launch_awx.yaml.j2 +++ b/roles/awx/templates/launch_awx.yaml.j2 @@ -5,7 +5,7 @@ metadata: name: {{ meta.name }}-launch-awx namespace: {{ meta.namespace }} labels: - app: tower + app: awx data: launch-awx-task: | #!/usr/bin/env bash diff --git a/roles/tower/templates/supervisor.yaml.j2 b/roles/awx/templates/supervisor.yaml.j2 similarity index 99% rename from roles/tower/templates/supervisor.yaml.j2 rename to roles/awx/templates/supervisor.yaml.j2 index 740515d4..97cfcd7b 100644 --- a/roles/tower/templates/supervisor.yaml.j2 +++ b/roles/awx/templates/supervisor.yaml.j2 @@ -5,7 +5,7 @@ metadata: name: {{ meta.name }}-supervisor-config namespace: {{ meta.namespace }} labels: - app: tower + app: awx data: supervisor-web-config: | [supervisord] diff --git a/roles/tower/templates/tower.yaml.j2 b/roles/awx/templates/tower.yaml.j2 similarity index 96% rename from roles/tower/templates/tower.yaml.j2 rename to roles/awx/templates/tower.yaml.j2 index 2a8aaa94..8efcb28e 100644 --- a/roles/tower/templates/tower.yaml.j2 +++ b/roles/awx/templates/tower.yaml.j2 @@ -1,4 +1,4 @@ -# Tower Secret. +# AWX Secret. --- apiVersion: v1 kind: Secret @@ -10,7 +10,7 @@ data: credentials_py: "{{ lookup('template', 'credentials.py.j2') | b64encode }}" environment_sh: "{{ lookup('template', 'environment.sh.j2') | b64encode }}" -# Tower Deployment. +# AWX Deployment. --- apiVersion: apps/v1 kind: Deployment @@ -18,16 +18,16 @@ metadata: name: '{{ meta.name }}' namespace: '{{ meta.namespace }}' labels: - app: tower + app: awx spec: replicas: {{ tower_replicas }} selector: matchLabels: - app: tower + app: awx template: metadata: labels: - app: tower + app: awx spec: containers: - name: memcached @@ -173,19 +173,19 @@ spec: path: SECRET_KEY - name: {{ meta.name }}-settings configMap: - name: '{{ meta.name }}-tower-configmap' + name: '{{ meta.name }}-awx-configmap' items: - key: settings path: settings.py - name: {{ meta.name }}-nginx-conf configMap: - name: '{{ meta.name }}-tower-configmap' + name: '{{ meta.name }}-awx-configmap' items: - key: nginx_conf path: nginx.conf - name: {{ meta.name }}-redis-config configMap: - name: {{ meta.name }}-tower-configmap + name: {{ meta.name }}-awx-configmap items: - key: redis_conf path: redis.conf @@ -226,7 +226,7 @@ spec: - name: rsyslog-dir emptyDir: {} -# Tower Service. +# AWX Service. --- apiVersion: v1 kind: Service @@ -234,7 +234,7 @@ metadata: name: '{{ meta.name }}-service' namespace: '{{ meta.namespace }}' labels: - app: tower + app: awx spec: ports: - port: 80 @@ -242,9 +242,9 @@ spec: targetPort: 8052 name: http selector: - app: tower + app: awx -# Tower Ingress. +# AWX Ingress. {% if 'ingress' == tower_ingress_type|lower %} --- apiVersion: extensions/v1beta1 diff --git a/roles/tower/templates/tower_config.yaml.j2 b/roles/awx/templates/tower_config.yaml.j2 similarity index 98% rename from roles/tower/templates/tower_config.yaml.j2 rename to roles/awx/templates/tower_config.yaml.j2 index 17e0d281..ab05c318 100644 --- a/roles/tower/templates/tower_config.yaml.j2 +++ b/roles/awx/templates/tower_config.yaml.j2 @@ -1,12 +1,12 @@ -# Tower Web ConfigMap. +# AWX Web ConfigMap. --- apiVersion: v1 kind: ConfigMap metadata: - name: '{{ meta.name }}-tower-configmap' + name: '{{ meta.name }}-awx-configmap' namespace: '{{ meta.namespace }}' labels: - app: tower + app: awx data: environment: | DATABASE_USER=awx diff --git a/roles/tower/templates/tower_postgres.yaml.j2 b/roles/awx/templates/tower_postgres.yaml.j2 similarity index 93% rename from roles/tower/templates/tower_postgres.yaml.j2 rename to roles/awx/templates/tower_postgres.yaml.j2 index acb0dcdc..54feebc3 100644 --- a/roles/tower/templates/tower_postgres.yaml.j2 +++ b/roles/awx/templates/tower_postgres.yaml.j2 @@ -16,11 +16,11 @@ metadata: name: '{{ meta.name }}-postgres' namespace: '{{ meta.namespace }}' labels: - app: tower-postgres + app: awx-postgres spec: selector: matchLabels: - app: tower-postgres + app: awx-postgres serviceName: '{{ meta.name }}' replicas: 1 updateStrategy: @@ -28,7 +28,7 @@ spec: template: metadata: labels: - app: tower-postgres + app: awx-postgres spec: containers: - image: '{{ tower_postgres_image }}' @@ -73,11 +73,11 @@ metadata: name: '{{ meta.name }}-postgres' namespace: '{{ meta.namespace }}' labels: - app: tower-postgres + app: awx-postgres spec: ports: - port: 5432 clusterIP: None selector: - app: tower-postgres + app: awx-postgres diff --git a/roles/tower/vars/awx.yml b/roles/awx/vars/awx.yml similarity index 100% rename from roles/tower/vars/awx.yml rename to roles/awx/vars/awx.yml diff --git a/roles/tower/vars/tower.yml b/roles/awx/vars/tower.yml similarity index 100% rename from roles/tower/vars/tower.yml rename to roles/awx/vars/tower.yml diff --git a/watches.yaml b/watches.yaml index 43f72fb5..5ddfbbc4 100644 --- a/watches.yaml +++ b/watches.yaml @@ -1,5 +1,5 @@ --- - version: v1beta1 - group: tower.ansible.com - kind: Tower + group: awx.ansible.com + kind: AWX playbook: /opt/ansible/main.yml