diff --git a/ansible-navigator.yml b/ansible-navigator.yml deleted file mode 100644 index e69de29..0000000 diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/README.md b/collections/ansible_collections/demo/openshift/roles/cluster_config/README.md new file mode 100644 index 0000000..aa2dda5 --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/README.md @@ -0,0 +1,131 @@ +Role Name +========= + +This Ansible role helps configure Operators on the Openshift Cluster to support VM migrations. Tasks include +- Configure Catalog Sources to use mirroring repository for Operators +- Create and configure Operators + + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +The task `operators/catalog_sources.yml` needs following variables: + +- **Variable Name**: `cluster_config_catalog_sources` + - **Type**: List + - **Description**: A list of custom CatalogSources configurations used as loop variables to generate Kubernetes manifest files from the template `catalog_source.j2` for CatalogSource. If the variable is not available, no manifest is created. + - **Example**: + ```yaml + cluster_config_catalog_sources: + - name: redhat-marketplace2 + source_type: grpc + display_name: Mirror to Red Hat Marketplace + image_path: internal-registry.example.com/operator:v1 + priority: '-300' + icon: + base64data: '' + mediatype: '' + publisher: redhat + address: '' + grpc_pod_config: | + nodeSelector: + kubernetes.io/os: linux + node-role.kubernetes.io/master: '' + priorityClassName: system-cluster-critical + securityContextConfig: restricted + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 120 + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 120 + registry_poll_interval: 10m + ``` + +The task `operators/operator_config.yaml` needs following variables: + +- **Variable Name**: `cluster_config_operators` + - **Type**: List + - **Description**: A list of operators to be installed on OCP cluster +- **Variable Name**: `cluster_config_[OPERATOR_NAME]` + - **Type**: Dict + - **Description**: Configuration specific to each operator listed in `cluster_config_operators`. Includes settings for namespace, operator group, subscription, and any extra resources + - **Example**: Assume the `cluster_config_operators` specifies these operators: + ```yaml + cluster_config_operators: + - cnv + - oadp + ``` + then the corresponding `cluster_config_mtv` and `cluster_config_cnv` can be configured as following: + ```yaml + cluster_config_cnv_namespace: openshift-cnv + cluster_config_cnv: + namespace: + name: "{{ cluster_config_cnv_namespace }}" + operator_group: + name: kubevirt-hyperconverged-group + target_namespaces: + - "{{ cluster_config_cnv_namespace }}" + subscription: + name: kubevirt-hyperconverged + starting_csv: kubevirt-hyperconverged-operator.v4.13.8 + extra_resources: + - apiVersion: hco.kubevirt.io/v1beta1 + kind: HyperConverged + metadata: + name: kubevirt-hyperconverged + namespace: "{{ cluster_config_cnv_namespace }}" + spec: + BareMetalPlatform: true + + cluster_config_oadp_namespace: openshift-adp + cluster_config_oadp: + namespace: + name: "{{ cluster_config_oadp_namespace }}" + operator_group: + name: redhat-oadp-operator-group + target_namespaces: + - "{{ cluster_config_oadp_namespace }}" + subscription: + name: redhat-oadp-operator-subscription + spec_name: redhat-oadp-operator + ``` +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +An example of configuring a CatalogSource resource: +``` +- name: Configure Catalog Sources for Operators + hosts: localhost + gather_facts: false + tasks: + - ansible.builtin.include_role: + name: cluster_config + tasks_from: operators/catalog_sources +``` + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/defaults/main.yml b/collections/ansible_collections/demo/openshift/roles/cluster_config/defaults/main.yml new file mode 100644 index 0000000..6e40fd3 --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/defaults/main.yml @@ -0,0 +1,23 @@ +--- +# defaults file for cluster_config +cluster_config_operators: + - cnv + +cluster_config_cnv: + checkplan: true + namespace: + name: &cluster_config_cnv_namespace openshift-cnv + operator_group: + name: kubevirt-hyperconverged-group + target_namespaces: + - *cluster_config_cnv_namespace + subscription: + name: kubevirt-hyperconverged + extra_resources: + - apiVersion: hco.kubevirt.io/v1beta1 + kind: HyperConverged + metadata: + name: kubevirt-hyperconverged + namespace: *cluster_config_cnv_namespace + spec: + BareMetalPlatform: true diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/handlers/main.yml b/collections/ansible_collections/demo/openshift/roles/cluster_config/handlers/main.yml new file mode 100644 index 0000000..252ae12 --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for cluster_config diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/main.yml b/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/main.yml new file mode 100644 index 0000000..05fa4d6 --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/main.yml @@ -0,0 +1,3 @@ +--- +- name: Configure Operators + ansible.builtin.import_tasks: operators/operator_config.yml diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/_operator_config_item.yml b/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/_operator_config_item.yml new file mode 100644 index 0000000..37b413e --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/_operator_config_item.yml @@ -0,0 +1,37 @@ +--- +- name: Retrieve Operator name + ansible.builtin.set_fact: + _operator: "{{ vars['cluster_config_' + _operator_name] }}" +- name: Configure Operator {{ _operator_name }} + redhat.openshift.k8s: + state: present + template: + - operators/namespace.yml.j2 + - operators/operator_group.yml.j2 + - operators/subscription.yml.j2 +- name: Query for install plan + kubernetes.core.k8s_info: + api_version: operators.coreos.com/v1alpha1 + kind: InstallPlan + namespace: "{{ _operator.namespace.name }}" + register: r_install_plans + retries: 30 + delay: 5 + until: + - r_install_plans.resources | default([]) | length > 0 + - r_install_plans.resources[0].status is defined + - r_install_plans.resources[0].status.phase == "Complete" + when: + - _operator.checkplan is defined + - _operator.checkplan | bool + +- name: Configure extra resources for Operator {{ _operator_name }} + redhat.openshift.k8s: + state: present + definition: "{{ item }}" + register: creation_result + loop: "{{ _operator.extra_resources }}" + retries: 30 + delay: 5 + until: creation_result is success + when: _operator.extra_resources is defined diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/catalog_sources.yml b/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/catalog_sources.yml new file mode 100644 index 0000000..50e0a9f --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/catalog_sources.yml @@ -0,0 +1,7 @@ +--- +- name: Configure custom CatalogSource for Operators + redhat.openshift.k8s: + state: present + template: operators/catalog_source.j2 + loop: "{{ cluster_config_catalog_sources }}" + when: cluster_config_catalog_sources is defined diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/node-health-check.yml b/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/node-health-check.yml new file mode 100644 index 0000000..139fbf3 --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/node-health-check.yml @@ -0,0 +1,59 @@ +--- +- name: Create node-health-check operator namespace + redhat.openshift.k8s: + name: openshift-workload-availability + api_version: v1 + kind: Namespace + state: present + +- name: Create node-health-check operator group + redhat.openshift.k8s: + state: present + definition: + apiVersion: operators.coreos.com/v1 + kind: OperatorGroup + metadata: + generateName: openshift-workload-availability- + annotations: + olm.providedAPIs: >- + NodeHealthCheck.v1alpha1.remediation.medik8s.io,SelfNodeRemediation.v1alpha1.self-node-remediation.medik8s.io,SelfNodeRemediationConfig.v1alpha1.self-node-remediation.medik8s.io,SelfNodeRemediationTemplate.v1alpha1.self-node-remediation.medik8s.io + namespace: openshift-workload-availability + spec: + upgradeStrategy: Default + +- name: Create node-health-check operator subscription + redhat.openshift.k8s: + state: present + definition: + apiVersion: operators.coreos.com/v1alpha1 + kind: Subscription + metadata: + labels: + operators.coreos.com/node-healthcheck-operator.openshift-workload-availability: '' + name: node-health-check-operator + namespace: openshift-workload-availability + spec: + channel: stable + installPlanApproval: Automatic + name: node-healthcheck-operator + source: redhat-operators + sourceNamespace: openshift-marketplace + +- name: Create Self Node Remediation subscription + redhat.openshift.k8s: + state: present + definition: + apiVersion: operators.coreos.com/v1alpha1 + kind: Subscription + metadata: + name: self-node-remediation-stable-redhat-operators-openshift-marketplace + namespace: openshift-workload-availability + labels: + operators.coreos.com/self-node-remediation.openshift-workload-availability: '' + spec: + channel: stable + installPlanApproval: Automatic + name: self-node-remediation + source: redhat-operators + sourceNamespace: openshift-marketplace + startingCSV: self-node-remediation.v0.8.0 diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/operator_config.yml b/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/operator_config.yml new file mode 100644 index 0000000..f00e24a --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/operator_config.yml @@ -0,0 +1,6 @@ +--- +- name: Configure Operators + ansible.builtin.include_tasks: _operator_config_item.yml + loop: "{{ cluster_config_operators }}" + loop_control: + loop_var: _operator_name diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/catalog_source.j2 b/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/catalog_source.j2 new file mode 100644 index 0000000..861198c --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/catalog_source.j2 @@ -0,0 +1,34 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: {{ item.name }} + namespace: openshift-marketplace +spec: + sourceType: {{ item.source_type | d('grpc',true) }} + image: {{ item.image_path }} + {% if item.display_name is defined -%} + displayName: {{ item.display_name }} + {% endif -%} + {% if item.priority is defined -%} + priority: {{ item.priority }} + {% endif -%} + {% if item.grpc_pod_config is defined -%} + grpcPodConfig: + {{ item.grpc_pod_config | indent(4) }} + {% endif -%} + {% if item.icon is defined -%} + icon: + base64data: '{{ item.icon.base64data or '' }}' + mediatype: '{{ item.icon.mediatype or '' }}' + {% endif -%} + {% if item.publisher is defined -%} + publisher: {{ item.publisher }} + {% endif -%} + {% if item.address is defined -%} + address: {{ item.address }} + {% endif -%} + {% if item.registry_poll_interval is defined -%} + updateStrategy: + registryPoll: + interval: {{ item.registry_poll_interval }} + {% endif -%} diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/namespace.yml.j2 b/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/namespace.yml.j2 new file mode 100644 index 0000000..bab8e19 --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/namespace.yml.j2 @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: {{ _operator.namespace.name }} +{% if _operator.namespace.labels is defined %} + labels: + {% for key, value in _operator.namespace.labels.items() -%} + {{ key }}: "{{ value }}" + {% endfor -%} +{% endif -%} diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/operator_group.yml.j2 b/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/operator_group.yml.j2 new file mode 100644 index 0000000..6c1a0ca --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/operator_group.yml.j2 @@ -0,0 +1,12 @@ +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: {{ _operator.operator_group.name }} + namespace: {{ _operator.operator_group.namespace | d(_operator.namespace.name, true) }} +spec: + {% if _operator.operator_group.target_namespaces is defined -%} + targetNamespaces: + {% for item in _operator.operator_group.target_namespaces %} + - {{ item }} + {% endfor %} + {% endif -%} diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/subscription.yml.j2 b/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/subscription.yml.j2 new file mode 100644 index 0000000..9cd7b9d --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/subscription.yml.j2 @@ -0,0 +1,14 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: {{ _operator.subscription.name }} + namespace: "{{ _operator.subscription.namespace | d(_operator.namespace.name, true) }}" +spec: + channel: {{ _operator.subscription.channel | d('stable', true) }} + installPlanApproval: {{ _operator.subscription.install_plan_approval | d('Automatic', true) }} + name: {{ _operator.subscription.spec_name | d(_operator.subscription.name, true) }} + source: {{ _operator.subscription.source | d('redhat-operators', true) }} + sourceNamespace: {{ _operator.subscription.source_namespace | d('openshift-marketplace', true) }} +{% if _operator.subscription.starting_csv is defined %} + startingCSV: {{ _operator.subscription.starting_csv }} +{% endif -%} diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/tests/inventory b/collections/ansible_collections/demo/openshift/roles/cluster_config/tests/inventory new file mode 100644 index 0000000..2fbb50c --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/tests/inventory @@ -0,0 +1 @@ +localhost diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/tests/test.yml b/collections/ansible_collections/demo/openshift/roles/cluster_config/tests/test.yml new file mode 100644 index 0000000..3e267cb --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/tests/test.yml @@ -0,0 +1,6 @@ +--- +- name: Include cluster_config role + hosts: localhost + remote_user: root + roles: + - cluster_config diff --git a/collections/ansible_collections/demo/openshift/roles/cluster_config/vars/main.yml b/collections/ansible_collections/demo/openshift/roles/cluster_config/vars/main.yml new file mode 100644 index 0000000..8e721fc --- /dev/null +++ b/collections/ansible_collections/demo/openshift/roles/cluster_config/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for cluster_config diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/README.md b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/README.md new file mode 100644 index 0000000..1aabd4f --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/README.md @@ -0,0 +1,36 @@ +build_report_linux_patch +======== + +Installs Apache and creates a report based on facts from Linux patching + +Requirements +------------ + +Must run on Apache server + +Role Variables / Configuration +-------------- + +N/A + +Dependencies +------------ + +N/A + +Example Playbook +---------------- + +The role can be used to create an html report on any number of Linux hosts using any number of Linux servers about their patching results(yum and dnf) + + +``` +--- +- hosts: all + + tasks: + - name: Run Windows Report + import_role: + name: shadowman.reports.build_report_linux_patch + +``` diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/defaults/main.yml new file mode 100644 index 0000000..b5c1fd1 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/defaults/main.yml @@ -0,0 +1,8 @@ +--- +email_from: tower@shadowman.dev # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +to_emails: alex@shadowman.dev,tower@shadowman.dev # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +to_emails_list: "{{ to_emails.split(',') }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +detailedreport: true # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +reports: # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way + - linux.html + - linuxpatch.html diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/example_results/Full_Report.png b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/example_results/Full_Report.png new file mode 100644 index 0000000..a7d66a2 Binary files /dev/null and b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/example_results/Full_Report.png differ diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/example_results/Splunk Patching Aggregated RHEL 8.png b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/example_results/Splunk Patching Aggregated RHEL 8.png new file mode 100644 index 0000000..4367264 Binary files /dev/null and b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/example_results/Splunk Patching Aggregated RHEL 8.png differ diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/new.css b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/new.css new file mode 100644 index 0000000..afa6382 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/new.css @@ -0,0 +1,202 @@ +p.hostname { + color: #000000; + font-weight: bolder; + font-size: large; + margin: auto; + width: 50%; + } + + #subtable { + background: #ebebeb; + margin: 0px; + width: 100%; + } + + #subtable tbody tr td { + padding: 5px 5px 5px 5px; + } + + #subtable thead th { + padding: 5px; + } + + * { + -moz-box-sizing: border-box; + -webkit-box-sizing: border-box; + box-sizing: border-box; + font-family: "Open Sans", "Helvetica"; + + } + + a { + color: #ffffff; + } + + p { + color: #ffffff; + } + h1 { + text-align: center; + color: #ffffff; + } + + body { + background:#353a40; + padding: 0px; + margin: 0px; + font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; + } + + table { + border-collapse: separate; + background:#fff; + @include border-radius(5px); + @include box-shadow(0px 0px 5px rgba(0,0,0,0.3)); + } + + .main_net_table { + margin:50px auto; + } + + thead { + @include border-radius(5px); + } + + thead th { + font-size:16px; + font-weight:400; + color:#fff; + @include text-shadow(1px 1px 0px rgba(0,0,0,0.5)); + text-align:left; + padding:20px; + border-top:1px solid #858d99; + background: #353a40; + + &:first-child { + @include border-top-left-radius(5px); + } + + &:last-child { + @include border-top-right-radius(5px); + } + } + + tbody tr td { + font-weight:400; + color:#5f6062; + font-size:13px; + padding:20px 20px 20px 20px; + border-bottom:1px solid #e0e0e0; + } + + tbody tr:nth-child(2n) { + background:#f0f3f5; + } + + tbody tr:last-child td { + border-bottom:none; + &:first-child { + @include border-bottom-left-radius(5px); + } + &:last-child { + @include border-bottom-right-radius(5px); + } + } + + td { + vertical-align: top; + } + + span.highlight { + background-color: yellow; + } + + .expandclass { + color: #5f6062; + } + + .content{ + display:none; + margin: 10px; + } + + header { + width: 100%; + position: initial; + float: initial; + padding: 0; + margin: 0; + border-radius: 0; + height: 88px; + background-color: #171717; + } + + .header-container { + margin: 0 auto; + width: 100%; + height: 100%; + max-width: 1170px; + padding: 0; + float: initial; + display: flex; + align-items: center; + } + + .header-logo { + width: 137px; + border: 0; + margin: 0; + margin-left: 15px; + } + + .header-link { + margin-left: 40px; + text-decoration: none; + cursor: pointer; + text-transform: uppercase; + font-size: 15px; + font-family: 'Red Hat Text'; + font-weight: 500; + } + + .header-link:hover { + text-shadow: 0 0 0.02px white; + text-decoration: none; + } + + table.net_info td { + padding: 5px; +} + +p.expandclass:hover { + text-decoration: underline; + color: #EE0000; + cursor: pointer; +} + +.summary_info { +} + +.ui-state-active, .ui-widget-content .ui-state-active, .ui-widget-header .ui-state-active, a.ui-button:active, .ui-button:active, .ui-button.ui-state-active:hover { + border: 1px solid #5F0000; + background: #EE0000; +} + +div#net_content { + padding: 0px; + height: auto !important; +} + +img.router_image { + vertical-align: middle; + padding: 0px 10px 10px 10px; + width: 50px; +} + +table.net_info { + width: 100%; +} + +p.internal_label { + color: #000000; +} diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/redhat-ansible-logo.svg b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/redhat-ansible-logo.svg new file mode 100644 index 0000000..2ecef98 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/redhat-ansible-logo.svg @@ -0,0 +1,48 @@ + + + + +Logo-Red_Hat-Ansible_Automation_Platform-A-Reverse-RGB + + + + + + + + + + + diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/report.png b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/report.png new file mode 100644 index 0000000..3c38d52 Binary files /dev/null and b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/report.png differ diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/server.png b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/server.png new file mode 100644 index 0000000..9ad96fc Binary files /dev/null and b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/server.png differ diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/webpage_logo.png b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/webpage_logo.png new file mode 100644 index 0000000..65b5836 Binary files /dev/null and b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/webpage_logo.png differ diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/tasks/main.yml new file mode 100644 index 0000000..1e524f3 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/tasks/main.yml @@ -0,0 +1,22 @@ +--- +- name: Define namespace + redhat.openshift.k8s: + wait: true + state: present + api_version: v1 + kind: Namespace + name: patching-report + +- name: Define deployment resources + redhat.openshift.k8s: + wait: true + state: present + namespace: patching-report + definition: "{{ lookup('ansible.builtin.template', 'resources.yaml.j2') }}" + register: resources_output + +- name: Display link to patching report + ansible.builtin.debug: + msg: + - "Patching report availbable at:" + - "{{ resources_output.result.results[3].result.spec.port.targetPort }}://{{ resources_output.result.results[3].result.spec.host }}" diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/header.j2 b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/header.j2 new file mode 100644 index 0000000..7a7a7dd --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/header.j2 @@ -0,0 +1,15 @@ + + +
+
+
+ + + +
+
diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/landing.j2 b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/landing.j2 new file mode 100644 index 0000000..47da521 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/landing.j2 @@ -0,0 +1,41 @@ + + + + Ansible Linux Automation Report + + + + + + + + + +
+ {% include 'header.j2' %} +
+
+

Ansible Automation Reports

+

+

+ + +{% for report in reports %} + + + +{% endfor %} + +
+
+

+
+ 		+ {{ report }} +
+

Created with


+
+
+
+ + diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/new.css.j2 b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/new.css.j2 new file mode 100644 index 0000000..2340b05 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/new.css.j2 @@ -0,0 +1,202 @@ +p.hostname { + color: #000000; + font-weight: bolder; + font-size: large; + margin: auto; + width: 50%; + } + + #subtable { + background: #ebebeb; + margin: 0px; + width: 100%; + } + + #subtable tbody tr td { + padding: 5px 5px 5px 5px; + } + + #subtable thead th { + padding: 5px; + } + + * { + -moz-box-sizing: border-box; + -webkit-box-sizing: border-box; + box-sizing: border-box; + font-family: "Open Sans", "Helvetica"; + + } + + a { + color: #000000; + } + + p { + color: #ffffff; + } + h1 { + text-align: center; + color: #ffffff; + } + + body { + background:#353a40; + padding: 0px; + margin: 0px; + font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; + } + + table { + border-collapse: separate; + background:#fff; + @include border-radius(5px); + @include box-shadow(0px 0px 5px rgba(0,0,0,0.3)); + } + + .main_net_table { + margin:50px auto; + } + + thead { + @include border-radius(5px); + } + + thead th { + font-size:16px; + font-weight:400; + color:#fff; + @include text-shadow(1px 1px 0px rgba(0,0,0,0.5)); + text-align:left; + padding:20px; + border-top:1px solid #858d99; + background: #353a40; + + &:first-child { + @include border-top-left-radius(5px); + } + + &:last-child { + @include border-top-right-radius(5px); + } + } + + tbody tr td { + font-weight:400; + color:#5f6062; + font-size:13px; + padding:20px 20px 20px 20px; + border-bottom:1px solid #e0e0e0; + } + + tbody tr:nth-child(2n) { + background:#f0f3f5; + } + + tbody tr:last-child td { + border-bottom:none; + &:first-child { + @include border-bottom-left-radius(5px); + } + &:last-child { + @include border-bottom-right-radius(5px); + } + } + + td { + vertical-align: top; + } + + span.highlight { + background-color: yellow; + } + + .expandclass { + color: #5f6062; + } + + .content{ + display:none; + margin: 10px; + } + + header { + width: 100%; + position: initial; + float: initial; + padding: 0; + margin: 0; + border-radius: 0; + height: 88px; + background-color: #171717; + } + + .header-container { + margin: 0 auto; + width: 100%; + height: 100%; + max-width: 1170px; + padding: 0; + float: initial; + display: flex; + align-items: center; + } + + .header-logo { + width: 137px; + border: 0; + margin: 0; + margin-left: 15px; + } + + .header-link { + margin-left: 40px; + text-decoration: none; + cursor: pointer; + text-transform: uppercase; + font-size: 15px; + font-family: 'Red Hat Text'; + font-weight: 500; + } + + .header-link:hover { + text-shadow: 0 0 0.02px white; + text-decoration: none; + } + + table.net_info td { + padding: 5px; +} + +p.expandclass:hover { + text-decoration: underline; + color: #EE0000; + cursor: pointer; +} + +.summary_info { +} + +.ui-state-active, .ui-widget-content .ui-state-active, .ui-widget-header .ui-state-active, a.ui-button:active, .ui-button:active, .ui-button.ui-state-active:hover { + border: 1px solid #5F0000; + background: #EE0000; +} + +div#net_content { + padding: 0px; + height: auto !important; +} + +img.router_image { + vertical-align: middle; + padding: 0px 10px 10px 10px; + width: 50px; +} + +table.net_info { + width: 100%; +} + +p.internal_label { + color: #000000; +} diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/packages.j2 b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/packages.j2 new file mode 100644 index 0000000..63b73e0 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/packages.j2 @@ -0,0 +1,31 @@ + +
+
+ + +
+
+ diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/patch.j2 b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/patch.j2 new file mode 100644 index 0000000..1d7a840 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/patch.j2 @@ -0,0 +1,120 @@ + + + + Linux Patch Report + + +
+

Ansible Linux Patching Report

+ +
+ + +
+
+ + + + + + + + + + +{% for linux_host in ansible_play_hosts |sort %} + + + + + + +{% endfor %} + +
HostnameOperating SystemOperating System VersionRequired Updates
{{hostvars[linux_host]['inventory_hostname']}}{{hostvars[linux_host]['ansible_os_family']|default("none")}}{{hostvars[linux_host]['ansible_distribution_version']|default("none")}} +
    +{% if hostvars[linux_host].patchingresult_yum.changed|default("false",true) == true %} +{% for packagename in hostvars[linux_host].patchingresult_yum.changes.updated|sort %} +
  • {{ packagename[0] }} - {{ packagename[1] }}
    • +{% endfor %} +{% elif hostvars[linux_host].patchingresult_dnf.changed|default("false",true) == true %} +{% for packagename in hostvars[linux_host].patchingresult_dnf.results|sort %} +
  • {{ packagename }}
    • +{% endfor %} +{% elif hostvars[linux_host].patchingresult_dnf.changed is undefined %} +
  • Patching Failed
    • +{% elif hostvars[linux_host].patchingresult_yum.changed is undefined %} +
  • Patching Failed
    • +{% else %} +
  • Compliant
    • +{% endif %} +
+
+

Created with Ansible on {{hostvars[inventory_hostname].ansible_date_time.iso8601}}

+ + + diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/report.j2 b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/report.j2 new file mode 100644 index 0000000..07c9972 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/report.j2 @@ -0,0 +1,105 @@ + + + + Ansible Linux Automation Report + + + + + + + + + + + +
+ {% include 'header.j2' %} +
+
+

Ansible Linux Automation Report

+

+

+ + + + + + + + + + + +{% for linux_host in ansible_play_hosts |sort %} + + + + + + + +{% endfor %} + +
Linux DevicePackage ManagerOperating SystemOperating System VersionOperating System Kernel Version
+
+

+ {{ hostvars[linux_host]['inventory_hostname'].split('.')[0] }}

+
+{% if detailedreport == 'True' %} +{% include 'packages.j2' %} +{% include 'services.j2' %} +{% endif %} +		{{hostvars[linux_host]['ansible_pkg_mgr']|default("none")}}{{hostvars[linux_host]['ansible_os_family']|default("none")}}{{hostvars[linux_host]['ansible_distribution_version']|default("none")}}{{hostvars[linux_host]['ansible_kernel']|default("none")}}
+

Created with


+
+
+
+ + diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/resources.yaml.j2 b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/resources.yaml.j2 new file mode 100644 index 0000000..a3ef6bd --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/resources.yaml.j2 @@ -0,0 +1,94 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: linux-patching-report + labels: + app: linux-patching-report +data: + index.html: | + {% filter indent(width=4) %} + {%- include 'landing.j2' %} + {% endfilter %} + + linux.html: | + {% filter indent(width=4) %} + {%- include 'report.j2' %} + {% endfilter %} + + linuxpatch.html: | + {% filter indent(width=4) %} + {%- include 'patch.j2' %} + {% endfilter %} + + new.css: | + {% filter indent(width=4) %} + {%- include 'new.css.j2' %} + {% endfilter %} + +binaryData: + server.png: {{ lookup('ansible.builtin.file', 'server.png') | b64encode }} + report.png: {{ lookup('ansible.builtin.file', 'report.png') | b64encode }} + webpage_logo.png: {{ lookup('file', 'webpage_logo.png') | b64encode }} + redhat-ansible-logo.svg: {{ lookup('ansible.builtin.file', 'redhat-ansible-logo.svg') | b64encode }} + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: linux-patching-report + labels: + app: linux-patching-report +spec: + replicas: 1 + selector: + matchLabels: + app: linux-patching-report + template: + metadata: + labels: + app: linux-patching-report + spec: + terminationGracePeriodSeconds: 1 + containers: + - image: registry.redhat.io/rhel8/httpd-24 + name: report-server + volumeMounts: + - name: html + mountPath: /var/www/html + volumes: + - name: html + configMap: + name: linux-patching-report +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: linux-patching-report + name: linux-patching-report +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 8080 + selector: + app: linux-patching-report + type: ClusterIP +--- +kind: Route +apiVersion: route.openshift.io/v1 +metadata: + labels: + app: linux-patching-report + name: linux-patching-report +spec: + to: + kind: Service + name: linux-patching-report + weight: 100 + port: + targetPort: http + tls: + termination: edge + insecureEdgeTerminationPolicy: Redirect diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/services.j2 b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/services.j2 new file mode 100644 index 0000000..0a8daa6 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/services.j2 @@ -0,0 +1,30 @@ + +
+
+ + +
+
+ diff --git a/collections/ansible_collections/demo/patching/roles/report_ocp_patching/vars/main.yml b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/vars/main.yml new file mode 100644 index 0000000..ed97d53 --- /dev/null +++ b/collections/ansible_collections/demo/patching/roles/report_ocp_patching/vars/main.yml @@ -0,0 +1 @@ +--- diff --git a/collections/requirements.yml b/collections/requirements.yml index 1c0759c..8b4ce34 100644 --- a/collections/requirements.yml +++ b/collections/requirements.yml @@ -1,30 +1,53 @@ --- +# This file is mainly used by product-demos CI, +# See cloin/ee-builds/product-demos-ee/requirements.yml +# for configuring collections and collection versions. collections: - name: ansible.controller + version: ">=4.5.5" - name: infra.ah_configuration + version: ">=2.0.6" - name: infra.controller_configuration + version: ">=2.7.1" - name: redhat_cop.controller_configuration + version: ">=2.3.1" # linux - name: ansible.posix + version: ">=1.5.4" - name: community.general version: ">=8.0.0" - name: containers.podman + version: ">=1.12.1" - name: redhat.insights + version: ">=1.2.2" - name: redhat.rhel_system_roles + version: ">=1.23.0" # windows - name: ansible.windows + version: ">=2.3.0" - name: chocolatey.chocolatey + version: ">=1.5.1" - name: community.windows + version: ">=2.2.0" # cloud - name: amazon.aws + version: ">=7.5.0" # satellite - name: redhat.satellite + version: ">=4.0.0" # network - name: ansible.netcommon + version: ">=6.0.0" - name: cisco.ios + version: ">=7.0.0" - name: cisco.iosxr + version: ">=8.0.0" - name: cisco.nxos + version: ">=7.0.0" # openshift - name: kubernetes.core + version: ">=4.0.0" - name: redhat.openshift + version: ">=3.0.1" - name: redhat.openshift_virtualization + version: ">=1.4.0" diff --git a/openshift/cnv/install.yml b/openshift/cnv/install.yml new file mode 100644 index 0000000..3c75f58 --- /dev/null +++ b/openshift/cnv/install.yml @@ -0,0 +1,101 @@ +--- +- name: Deploy OpenShift CNV Operator and create the Hyperconverged object, provision VM to prove funciontality + hosts: localhost + gather_facts: false + vars: + vm_name: ocpvtest + vm_namespace: openshift-cnv + tasks: + - name: Include role + ansible.builtin.include_role: + name: demo.openshift.cluster_config + + - name: Attempt to Provision a VM + kubernetes.core.k8s: + wait: true + state: "{{ instance_state | default('present') }}" + definition: + apiVersion: kubevirt.io/v1 + kind: VirtualMachine + metadata: + name: "{{ vm_name }}" + namespace: "{{ vm_namespace }}" + labels: + app: "{{ vm_name }}" + vm.kubevirt.io/name: "{{ vm_name }}" + spec: + dataVolumeTemplates: + - apiVersion: cdi.kubevirt.io/v1beta1 + kind: DataVolume + metadata: + creationTimestamp: null + name: "{{ vm_name }}" + spec: + sourceRef: + kind: DataSource + name: "{{ os_version | default('fedora') }}" + namespace: openshift-virtualization-os-images + storage: + resources: + requests: + storage: 30Gi + running: true + template: + metadata: + annotations: + vm.kubevirt.io/flavor: small + vm.kubevirt.io/os: "{{ os_version | default('fedora') }}" + vm.kubevirt.io/workload: server + creationTimestamp: null + labels: + kubevirt.io/domain: "{{ vm_name }}" + kubevirt.io/size: small + spec: + domain: + cpu: + cores: 4 + sockets: 1 + threads: 1 + devices: + disks: + - disk: + bus: virtio + name: rootdisk + interfaces: + - masquerade: {} + model: virtio + name: default + networkInterfaceMultiqueue: true + rng: {} + machine: + type: pc-q35-rhel9.2.0 + resources: + requests: + memory: 8Gi + evictionStrategy: LiveMigrate + networks: + - name: default + pod: {} + terminationGracePeriodSeconds: 180 + volumes: + - dataVolume: + name: "{{ vm_name }}" + name: rootdisk + retries: 60 + delay: 5 + register: provision + until: provision.changed + + - name: Clean up test VM + kubernetes.core.k8s: + wait: true + state: absent + definition: + apiVersion: kubevirt.io/v1 + kind: VirtualMachine + metadata: + name: "{{ vm_name }}" + namespace: "{{ vm_namespace }}" + labels: + app: "{{ vm_name }}" + vm.kubevirt.io/name: "{{ vm_name }}" diff --git a/openshift/cnv/patch.yml b/openshift/cnv/patch.yml new file mode 100644 index 0000000..6ceeceb --- /dev/null +++ b/openshift/cnv/patch.yml @@ -0,0 +1,37 @@ +--- +- name: Linux server patching for OpenShift Virtalized Hosts + hosts: "{{ _hosts | default(omit) }}" + become: true + tasks: + # Install yum-utils if it's not there + - name: Install yum-utils + ansible.builtin.yum: + name: yum-utils + state: installed + + - name: Include patching role + ansible.builtin.include_role: + name: demo.patching.patch_linux + + - name: Tell user when Insights Client is not configured + ansible.builtin.debug: + msg: "Insights client does not appear to be configured. Scan will be skipped" + when: + - ansible_local.insights.system_id is not defined + + - name: Run the Insights Client Scan # noqa: no-changed-when + ansible.builtin.command: insights-client + when: + - not ansible_check_mode + - ansible_local.insights.system_id is defined + + - name: Create nginx container + when: not ansible_check_mode + delegate_to: localhost + become: false + connection: local + run_once: true # noqa: run-once[task] + block: + - name: Publish landing page + ansible.builtin.include_role: + name: demo.patching.report_ocp_patching diff --git a/openshift/cnv/provision.yml b/openshift/cnv/provision.yml new file mode 100644 index 0000000..243a273 --- /dev/null +++ b/openshift/cnv/provision.yml @@ -0,0 +1,76 @@ +--- +- name: De-Provision OCP-CNV VM + hosts: localhost + tasks: + - name: Define resources + kubernetes.core.k8s: + wait: true + state: "{{ instance_state | default('present') }}" + definition: + apiVersion: kubevirt.io/v1 + kind: VirtualMachine + metadata: + name: "{{ vm_name }}" + namespace: "{{ vm_namespace }}" + labels: + app: "{{ vm_name }}" + os.template.kubevirt.io/fedora36: 'true' + vm.kubevirt.io/name: "{{ vm_name }}" + spec: + dataVolumeTemplates: + - apiVersion: cdi.kubevirt.io/v1beta1 + kind: DataVolume + metadata: + creationTimestamp: null + name: "{{ vm_name }}" + spec: + sourceRef: + kind: DataSource + name: "{{ os_version |default('rhel9') }}" + namespace: openshift-virtualization-os-images + storage: + resources: + requests: + storage: 30Gi + running: true + template: + metadata: + annotations: + vm.kubevirt.io/flavor: small + vm.kubevirt.io/os: "{{ os_version | default('rhel9') }}" + vm.kubevirt.io/workload: server + creationTimestamp: null + labels: + kubevirt.io/domain: "{{ vm_name }}" + kubevirt.io/size: small + spec: + domain: + cpu: + cores: 4 + sockets: 1 + threads: 1 + devices: + disks: + - disk: + bus: virtio + name: rootdisk + interfaces: + - masquerade: {} + model: virtio + name: default + networkInterfaceMultiqueue: true + rng: {} + machine: + type: pc-q35-rhel9.2.0 + resources: + requests: + memory: 8Gi + evictionStrategy: LiveMigrate + networks: + - name: default + pod: {} + terminationGracePeriodSeconds: 180 + volumes: + - dataVolume: + name: "{{ vm_name }}" + name: rootdisk diff --git a/openshift/cnv/provision_rhel.yml b/openshift/cnv/provision_rhel.yml new file mode 100644 index 0000000..cea2cbf --- /dev/null +++ b/openshift/cnv/provision_rhel.yml @@ -0,0 +1,96 @@ +--- +- name: Provision OCP-CNV RHEL VM + hosts: localhost + tasks: + - name: Define resources + redhat.openshift.k8s: + wait: true + state: "{{ instance_state | default('present') }}" + definition: + apiVersion: kubevirt.io/v1 + kind: VirtualMachine + metadata: + name: "{{ vm_name }}" + namespace: "{{ vm_namespace }}" + labels: + app: "{{ vm_name }}" + os.template.kubevirt.io/fedora36: 'true' + vm.kubevirt.io/name: "{{ vm_name }}" + spec: + dataVolumeTemplates: + - apiVersion: cdi.kubevirt.io/v1beta1 + kind: DataVolume + metadata: + creationTimestamp: null + name: "{{ vm_name }}" + spec: + sourceRef: + kind: DataSource + name: "{{ os_version }}" + namespace: openshift-virtualization-os-images + storage: + resources: + requests: + storage: 30Gi + running: true + template: + metadata: + annotations: + vm.kubevirt.io/flavor: small + vm.kubevirt.io/os: "{{ os_version }}" + vm.kubevirt.io/workload: server + creationTimestamp: null + labels: + kubevirt.io/domain: "{{ vm_name }}" + kubevirt.io/size: small + spec: + domain: + cpu: + cores: 4 + sockets: 1 + threads: 1 + devices: + disks: + - disk: + bus: virtio + name: rootdisk + - disk: + bus: virtio + name: cloudinitdisk + interfaces: + - masquerade: {} + model: virtio + name: default + networkInterfaceMultiqueue: true + rng: {} + machine: + type: pc-q35-rhel9.2.0 + resources: + requests: + memory: 8Gi + evictionStrategy: LiveMigrate + networks: + - name: default + pod: {} + terminationGracePeriodSeconds: 180 + volumes: + - dataVolume: + name: "{{ vm_name }}" + name: rootdisk + - name: cloudinitdisk + cloudInitNoCloud: + userData: |- + #cloud-config + chpasswd: { expire: False } + ssh_pwauth: False + ssh_authorized_keys: + - "{{ ssh_authorized_key }}" + rh_subscription: + activation-key: "{{ rh_subscription_key }}" + org: "{{ rh_subscription_org }}" + + - name: Wait for VM to be running + redhat.openshift_virtualization.kubevirt_vm_info: + name: "{{ vm_name }}" + namespace: "{{ vm_namespace }}" + wait: true diff --git a/openshift/cnv/wait.yml b/openshift/cnv/wait.yml new file mode 100644 index 0000000..459d501 --- /dev/null +++ b/openshift/cnv/wait.yml @@ -0,0 +1,14 @@ +--- +- name: Wait for VMs to start and become ready + hosts: "{{ _hosts | default(omit) }}" + gather_facts: false + tasks: + - name: Wait for + ansible.builtin.wait_for: + port: 22 + host: '{{ (ansible_ssh_host|default(ansible_host))|default(inventory_hostname) }}' + search_regex: OpenSSH + delay: 10 + retries: 10 + vars: + ansible_connection: local diff --git a/openshift/host_vars/localhost.yml b/openshift/host_vars/localhost.yml index 662bd88..7c40544 100644 --- a/openshift/host_vars/localhost.yml +++ b/openshift/host_vars/localhost.yml @@ -1,2 +1,2 @@ --- -gitlab_chart_version: "8.0.1" \ No newline at end of file +gitlab_chart_version: "8.0.1" diff --git a/openshift/inventory.kubevirt.yml b/openshift/inventory.kubevirt.yml new file mode 100644 index 0000000..fa48d7e --- /dev/null +++ b/openshift/inventory.kubevirt.yml @@ -0,0 +1,23 @@ +--- +plugin: redhat.openshift_virtualization.kubevirt +strict: true +connections: + - namespaces: + - openshift-cnv +compose: + ansible_user: "'cloud-user' if 'rhel' in annotations['vm.kubevirt.io/os']" + annotations: "annotations | ansible.utils.replace_keys(target=[ + {'before':'vm.kubevirt.io/os', 'after':'os'}, + {'before':'vm.kubevirt.io/flavor', 'after':'flavor'}, + {'before':'vm.kubevirt.io/workload', 'after':'workload'}, + {'before':'kubevirt.io/vm-generation', 'after':'vm-generation'}, + {'before':'kubevirt.io/latest-observed-api-version', 'after':'latest-observed-api-version'}, + {'before':'kubevirt.io/storage-observed-api-version', 'after':'storage-observed-api-version' }] )" + labels: "labels | ansible.utils.replace_keys(target=[ + {'before':'kubevirt.io/nodeName', 'after':'nodeName'}, + {'before':'kubevirt.io/size', 'after':'size'}, + {'before':'kubevirt.io/domain', 'after':'domain' }] )" +keyed_groups: + - key: annotations.os + prefix: "cnv" + separator: "_" diff --git a/openshift/setup.yml b/openshift/setup.yml index 3c8cc9e..c1cc493 100644 --- a/openshift/setup.yml +++ b/openshift/setup.yml @@ -1,4 +1,35 @@ --- +controller_components: + - execution_environments + - credential_types + - credentials + - inventory_sources + - job_templates + - workflow_job_templates + +controller_credential_types: + # Ideally, we would not need to use this and could just re-use the OCP credential for the inventory plugin + - name: OCPV inventory credential + kind: cloud + inputs: + fields: + - id: host + type: string + label: OpenShift or Kubernetes API Endpoint + secret: false + - id: bearer_token + type: string + label: API authentication bearer token + secret: true + - id: verify_ssl + type: boolean + label: Verify SSL + injectors: + env: + K8S_AUTH_HOST: "{% raw %}{ { host }}{% endraw %}" + K8S_AUTH_API_KEY: "{% raw %}{ { bearer_token }}{% endraw %}" + K8S_AUTH_VERIFY_SSL: "{% raw %}{ { verify_ssl }}{% endraw %}" + controller_credentials: - name: OpenShift Credential organization: Default @@ -9,7 +40,149 @@ controller_credentials: bearer_token: CHANGEME verify_ssl: false + - name: OCP-V Inventory Credential + organization: Default + credential_type: OCPV inventory credential + state: exists + inputs: + host: CHANGEME + bearer_token: CHANGEME + verify_ssl: false + +controller_inventory_sources: + - name: OpenShift CNV Inventory + inventory: Demo Inventory + source: scm + source_project: Ansible official demo project + source_path: openshift/inventory.kubevirt.yml + credential: OCP-V Inventory Credential + update_on_launch: true + controller_templates: + - name: OpenShift / CNV / Install + job_type: run + inventory: "Demo Inventory" + project: "Ansible official demo project" + playbook: "openshift/cnv/install.yml" + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + survey_enabled: true + credentials: + - "OpenShift Credential" + + - name: OpenShift / CNV / Create RHEL VM + job_type: run + inventory: "Demo Inventory" + project: "Ansible official demo project" + playbook: "openshift/cnv/provision_rhel.yml" + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + survey_enabled: true + allow_simultaneous: true + survey: + name: '' + description: '' + spec: + - question_name: VM name + type: text + variable: vm_name + default: rhel9 + required: true + - question_name: VM NameSpace + type: text + variable: vm_namespace + default: openshift-cnv + required: true + - question_name: SSH Authorized Key + type: textarea + variable: ssh_authorized_key + required: true + - question_name: OS Version + type: text + variable: os_version + default: rhel9 + required: true + - question_name: RHEL Activation Key + type: text + variable: rh_subscription_key + required: true + - question_name: RHEL Organization ID + type: text + variable: rh_subscription_org + required: true + credentials: + - "OpenShift Credential" + + - name: OpenShift / CNV / Delete VM + job_type: run + inventory: "Demo Inventory" + project: "Ansible official demo project" + playbook: "openshift/cnv/provision.yml" + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + survey_enabled: true + extra_vars: + state: absent + survey: + name: '' + description: '' + spec: + - question_name: VM name + type: text + variable: vm_name + required: true + - question_name: VM NameSpace + type: text + variable: vm_namespace + default: openshift-cnv + required: true + credentials: + - "OpenShift Credential" + + - name: OpenShift / CNV / Patching + job_type: check + inventory: "Demo Inventory" + project: "Ansible official demo project" + playbook: "openshift/cnv/patch.yml" + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + ask_job_type_on_launch: true + credentials: + - "OpenShift Credential" + - "Demo Credential" + survey_enabled: true + survey: + name: '' + description: '' + spec: + - question_name: Server Name or Pattern + type: text + variable: _hosts + default: "openshift-cnv-rhel*" + required: true + + - name: OpenShift / CNV / Wait Hosts + inventory: "Demo Inventory" + project: "Ansible official demo project" + playbook: "openshift/cnv/wait.yml" + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + survey_enabled: true + survey: + name: '' + description: '' + spec: + - question_name: Wait hosts + type: text + variable: _hosts + default: "openshift-cnv-rhel*" + required: true + - name: OpenShift / Dev Spaces job_type: run inventory: "Demo Inventory" @@ -31,3 +204,53 @@ controller_templates: notification_templates_error: Telemetry credentials: - "OpenShift Credential" + +controller_workflows: + - name: OpenShift / CNV / Infra Stack + description: A workflow to deploy Virtualized infra in OCP Virtalization + organization: Default + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + survey_enabled: true + survey: + name: '' + description: '' + spec: + - question_name: SSH Authorized Key + type: textarea + variable: ssh_authorized_key + required: true + - question_name: RHEL Activation Key + type: text + variable: rh_subscription_key + required: true + - question_name: RHEL Organization ID + type: text + variable: rh_subscription_org + required: true + simplified_workflow_nodes: + - identifier: Deploy RHEL8 VM + unified_job_template: OpenShift / CNV / Create RHEL VM + extra_data: + vm_name: rhel8 + os_version: rhel8 + success_nodes: + - Update Inventory + failure_nodes: + - Ticket - Instance Failed + - identifier: Deploy RHEL9 VM + unified_job_template: OpenShift / CNV / Create RHEL VM + extra_data: + vm_name: rhel9 + os_version: rhel9 + success_nodes: + - Update Inventory + failure_nodes: + - Ticket - Instance Failed + - identifier: Update Inventory + unified_job_template: OpenShift CNV Inventory + - identifier: Ticket - Instance Failed + unified_job_template: 'SUBMIT FEEDBACK' + extra_data: + feedback: Failed to create CNV instance diff --git a/setup_demo.yml b/setup_demo.yml index a49ad78..38baa45 100644 --- a/setup_demo.yml +++ b/setup_demo.yml @@ -2,7 +2,6 @@ - name: Setup demo hosts: localhost gather_facts: false - tasks: - name: Default Components ansible.builtin.include_role: