ptoal/toallab-automation
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Configure OIDC, make idempotent, fix bugs. Claude.ai

Browse Source
This commit is contained in:
Patrick Toal
2026-02-25 13:20:12 -05:00
parent 995b7c4070
commit d981b69669
23 changed files with 2269 additions and 760 deletions
Download Patch File Download Diff File Expand all files Collapse all files

110
roles/sno_deploy/meta/argument_specs.yml Normal file
View File

@@ -0,0 +1,110 @@
---
argument_specs:
main:
short_description: Deploy and configure Single Node OpenShift on Proxmox
description:
- Creates a Proxmox VM, installs SNO via agent-based installer,
configures OIDC authentication, deploys cert-manager with LetsEncrypt,
and removes the kubeadmin user.
options:
proxmox_node:
description: Proxmox cluster node to create the VM on.
type: str
default: pve1
proxmox_api_user:
description: Proxmox API username.
type: str
default: ansible@pam
proxmox_api_token_id:
description: Proxmox API token ID.
type: str
default: ansible
proxmox_api_token_secret:
description: Proxmox API token secret.
type: str
required: true
no_log: true
proxmox_validate_certs:
description: Whether to validate TLS certificates for the Proxmox API.
type: bool
default: false
proxmox_storage:
description: Proxmox storage pool for VM disks.
type: str
default: local-lvm
proxmox_iso_storage:
description: Proxmox storage pool name for ISO images.
type: str
default: local
proxmox_iso_dir:
description: Filesystem path on the Proxmox host where ISOs are stored.
type: str
default: /var/lib/vz/template/iso
sno_credentials_dir:
description: >-
Directory on proxmox_host where kubeconfig and kubeadmin-password
are persisted after installation.
type: str
default: "/root/sno-{{ ocp_cluster_name }}"
sno_vm_name:
description: Name of the VM in Proxmox.
type: str
default: "sno-{{ ocp_cluster_name }}"
sno_cpu:
description: Number of CPU cores for the VM.
type: int
default: 8
sno_memory_mb:
description: Memory in megabytes for the VM.
type: int
default: 32768
sno_disk_gb:
description: Primary disk size in gigabytes.
type: int
default: 120
sno_bridge:
description: Proxmox network bridge for the VM NIC.
type: str
default: vmbr0
sno_vlan:
description: VLAN tag for the VM NIC.
type: int
default: 40
sno_mac:
description: >-
MAC address to assign. Leave empty for auto-assignment by Proxmox.
type: str
default: ""
sno_vm_id:
description: Proxmox VM ID. Set to 0 for auto-assignment.
type: int
default: 0
sno_install_dir:
description: Local directory for openshift-install working files.
type: str
default: "/tmp/sno-{{ ocp_cluster_name }}"
sno_iso_filename:
description: Filename for the agent-based installer ISO.
type: str
default: agent.x86_64.iso
oidc_provider_name:
description: Identity provider name shown on OpenShift login page.
type: str
default: keycloak
oidc_client_id:
description: OIDC client ID registered in Keycloak.
type: str
default: openshift
oidc_admin_groups:
description: List of OIDC groups to grant cluster-admin via ClusterRoleBinding.
type: list
elements: str
default: []
sno_deploy_letsencrypt_email:
description: Email address for LetsEncrypt ACME account registration.
type: str
required: true
sno_deploy_certmanager_channel:
description: OLM subscription channel for cert-manager operator.
type: str
default: "stable-v1"

19
roles/sno_deploy/meta/main.yml Normal file
View File

@@ -0,0 +1,19 @@
---
galaxy_info:
author: ptoal
description: Deploy and configure Single Node OpenShift (SNO) on Proxmox
license: MIT
min_ansible_version: "2.16"
platforms:
- name: GenericLinux
versions:
- all
galaxy_tags:
- proxmox
- openshift
- sno
- vm
- oidc
- certmanager
dependencies: []