diff --git a/roles/mesh_ingress/defaults/main.yml b/roles/mesh_ingress/defaults/main.yml index 42e819868..28e05ef95 100644 --- a/roles/mesh_ingress/defaults/main.yml +++ b/roles/mesh_ingress/defaults/main.yml @@ -4,3 +4,5 @@ set_self_owneref: true _control_plane_ee_image: quay.io/ansible/awx-ee:latest _image_pull_policy: Always + +finalizer_run: false diff --git a/roles/mesh_ingress/tasks/creation.yml b/roles/mesh_ingress/tasks/creation.yml new file mode 100644 index 000000000..f08234f4a --- /dev/null +++ b/roles/mesh_ingress/tasks/creation.yml @@ -0,0 +1,137 @@ +--- +- name: Import common role + import_role: + name: common + +- name: Debug is_openshift + debug: + msg: "is_openshift={{ is_openshift }}" + +- name: Check for presence of AWX instance that we will use to create the Mesh Ingress for. + k8s_info: + api_version: awx.ansible.com/v1beta1 + kind: AWX + name: "{{ deployment_name }}" + namespace: "{{ ansible_operator_meta.namespace }}" + register: awx_instance + +- name: Fail if awx_deployment does not exist in the same namespace + fail: + msg: "AWX instance {{ deployment_name }} does not exist in the same namespace as the AWXMeshIngress instance." + when: awx_instance.resources | length == 0 + +- name: Set awx_spec + set_fact: + awx_spec: "{{ awx_instance.resources[0].spec }}" + +- name: Set owner_reference of AWXMeshIngress to related AWX instance + k8s: + state: present + definition: + apiVersion: awx.ansible.com/v1beta1 + kind: AWX + name: "{{ deployment_name }}" + namespace: "{{ ansible_operator_meta.namespace }}" + metadata: + name: "{{ deployment_name }}" + namespace: "{{ ansible_operator_meta.namespace }}" + ownerReferences: + - apiVersion: awx.ansible.com/v1beta1 + blockOwnerDeletion: true + controller: true + kind: AWX + name: "{{ deployment_name }}" + uid: "{{ awx_instance.resources[0].metadata.uid }}" + when: set_self_owneref | bool + +- name: Set user provided control plane ee image + set_fact: + _custom_control_plane_ee_image: "{{ awx_spec.control_plane_ee_image }}" + when: + - awx_spec.control_plane_ee_image | default([]) | length + +- name: Set Control Plane EE image URL + set_fact: + _control_plane_ee_image: "{{ _custom_control_plane_ee_image | default(lookup('env', 'RELATED_IMAGE_CONTROL_PLANE_EE')) | default(_control_plane_ee_image, true) }}" + +- name: Set Image Pull Policy + set_fact: + _image_pull_policy: "{{ awx_spec.image_pull_policy | default(_image_pull_policy, true) }}" + +- name: Apply Route resource + k8s: + apply: yes + definition: "{{ lookup('template', 'route.yml.j2') }}" + wait: yes + wait_timeout: "120" + register: route + when: is_openshift | bool + +# TODO: need to wait until the route is ready before we can get the hostname +# right now this will rereconcile until the route is ready + +- name: Set external_hostname + set_fact: + external_hostname: "{{ route.result.status.ingress[0].host }}" + when: is_openshift | bool + +- name: Create other resources + k8s: + apply: yes + definition: "{{ lookup('template', '{{ item }}.yml.j2') }}" + wait: yes + wait_timeout: "120" + loop: + - service_account + - receptor_conf.configmap + - service + - deployment + +- name: Get the current resource task pod information. + k8s_info: + api_version: v1 + kind: Pod + namespace: '{{ ansible_operator_meta.namespace }}' + label_selectors: + - "app.kubernetes.io/name={{ deployment_name }}-task" + - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" + - "app.kubernetes.io/component={{ deployment_type }}" + field_selectors: + - status.phase=Running + register: awx_task_pod + +- name: Set the resource pod as a variable. + set_fact: + awx_task_pod: >- + {{ awx_task_pod['resources'] + | rejectattr('metadata.deletionTimestamp', 'defined') + | sort(attribute='metadata.creationTimestamp') + | first | default({}) }} + +- name: Set the resource pod name as a variable. + set_fact: + awx_task_pod_name: "{{ awx_task_pod['metadata']['name'] | default('') }}" + +# TODO: awx-manage provision_instance does not currently support peer from control nodes +# !!!dependent on API/CLI changes!!! +- name: Add new instance to AWX + kubernetes.core.k8s_exec: + namespace: "{{ ansible_operator_meta.namespace }}" + pod: "{{ awx_task_pod_name }}" + container: "{{ deployment_name }}-task" + command: "awx-manage provision_instance --hostname {{ ansible_operator_meta.name }} --node_type hop" + register: result + +- name: Add internal receptor address + kubernetes.core.k8s_exec: + namespace: "{{ ansible_operator_meta.namespace }}" + pod: "{{ awx_task_pod_name }}" + container: "{{ deployment_name }}-task" + command: "awx-manage add_receptor_address --hostname {{ ansible_operator_meta.name }} --address {{ ansible_operator_meta.name }} --port 443 --protocol ws --is_internal --peers_from_control_nodes" + +- name: Add external receptor address + kubernetes.core.k8s_exec: + namespace: "{{ ansible_operator_meta.namespace }}" + pod: "{{ awx_task_pod_name }}" + container: "{{ deployment_name }}-task" + command: "awx-manage add_receptor_address --hostname {{ ansible_operator_meta.name }} --address {{ external_hostname }} --port 443 --protocol ws" diff --git a/roles/mesh_ingress/tasks/finalizer.yml b/roles/mesh_ingress/tasks/finalizer.yml new file mode 100644 index 000000000..8a7e37746 --- /dev/null +++ b/roles/mesh_ingress/tasks/finalizer.yml @@ -0,0 +1,33 @@ +--- +- name: Get the current resource task pod information. + k8s_info: + api_version: v1 + kind: Pod + namespace: '{{ ansible_operator_meta.namespace }}' + label_selectors: + - "app.kubernetes.io/name={{ deployment_name }}-task" + - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" + - "app.kubernetes.io/component={{ deployment_type }}" + field_selectors: + - status.phase=Running + register: awx_task_pod + +- name: Set the resource pod as a variable. + set_fact: + awx_task_pod: >- + {{ awx_task_pod['resources'] + | rejectattr('metadata.deletionTimestamp', 'defined') + | sort(attribute='metadata.creationTimestamp') + | first | default({}) }} + +- name: Set the resource pod name as a variable. + set_fact: + awx_task_pod_name: "{{ awx_task_pod['metadata']['name'] | default('') }}" + +- name: Deprovision mesh ingress instance in AWX + kubernetes.core.k8s_exec: + namespace: "{{ ansible_operator_meta.namespace }}" + pod: "{{ awx_task_pod_name }}" + container: "{{ deployment_name }}-task" + command: "awx-manage deprovision_instance --hostname {{ ansible_operator_meta.name }}" + register: result diff --git a/roles/mesh_ingress/tasks/main.yml b/roles/mesh_ingress/tasks/main.yml index 8295bc58d..77e7e69ca 100644 --- a/roles/mesh_ingress/tasks/main.yml +++ b/roles/mesh_ingress/tasks/main.yml @@ -1,138 +1,8 @@ --- -- name: Import common role - import_role: - name: common +- name: Run creation tasks + include_tasks: creation.yml + when: not finalizer_run -- name: Debug is_openshift - debug: - msg: "is_openshift={{ is_openshift }}" - -- name: Check for presence of AWX instance that we will use to create the Mesh Ingress for. - k8s_info: - api_version: awx.ansible.com/v1beta1 - kind: AWX - name: "{{ deployment_name }}" - namespace: "{{ ansible_operator_meta.namespace }}" - register: awx_instance - -- name: Fail if awx_deployment does not exist in the same namespace - fail: - msg: "AWX instance {{ deployment_name }} does not exist in the same namespace as the AWXMeshIngress instance." - when: awx_instance.resources | length == 0 - -- name: Set awx_spec - set_fact: - awx_spec: "{{ awx_instance.resources[0].spec }}" - -- name: Set owner_reference of AWXMeshIngress to related AWX instance - k8s: - state: present - definition: - apiVersion: awx.ansible.com/v1beta1 - kind: AWX - name: "{{ deployment_name }}" - namespace: "{{ ansible_operator_meta.namespace }}" - metadata: - name: "{{ deployment_name }}" - namespace: "{{ ansible_operator_meta.namespace }}" - ownerReferences: - - apiVersion: awx.ansible.com/v1beta1 - blockOwnerDeletion: true - controller: true - kind: AWX - name: "{{ deployment_name }}" - uid: "{{ awx_instance.resources[0].metadata.uid }}" - when: set_self_owneref | bool - -- name: Set user provided control plane ee image - set_fact: - _custom_control_plane_ee_image: "{{ awx_spec.control_plane_ee_image }}" - when: - - awx_spec.control_plane_ee_image | default([]) | length - -- name: Set Control Plane EE image URL - set_fact: - _control_plane_ee_image: "{{ _custom_control_plane_ee_image | default(lookup('env', 'RELATED_IMAGE_CONTROL_PLANE_EE')) | default(_control_plane_ee_image, true) }}" - -- name: Set Image Pull Policy - set_fact: - _image_pull_policy: "{{ awx_spec.image_pull_policy | default(_image_pull_policy, true) }}" - -- name: Apply Route resource - k8s: - apply: yes - definition: "{{ lookup('template', 'route.yml.j2') }}" - wait: yes - wait_timeout: "120" - register: route - when: is_openshift | bool - -# TODO: need to wait until the route is ready before we can get the hostname -# right now this will rereconcile until the route is ready - -- name: Set external_hostname - set_fact: - external_hostname: "{{ route.result.status.ingress[0].host }}" - when: is_openshift | bool - -- name: Create other resources - k8s: - apply: yes - definition: "{{ lookup('template', '{{ item }}.yml.j2') }}" - wait: yes - wait_timeout: "120" - loop: - - service_account - - receptor_conf.configmap - - service - - deployment - -- name: Get the current resource task pod information. - k8s_info: - api_version: v1 - kind: Pod - namespace: '{{ ansible_operator_meta.namespace }}' - label_selectors: - - "app.kubernetes.io/name={{ deployment_name }}-task" - - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" - - "app.kubernetes.io/component={{ deployment_type }}" - field_selectors: - - status.phase=Running - register: awx_task_pod - -- name: Set the resource pod as a variable. - set_fact: - awx_task_pod: >- - {{ awx_task_pod['resources'] - | rejectattr('metadata.deletionTimestamp', 'defined') - | sort(attribute='metadata.creationTimestamp') - | first | default({}) }} - -- name: Set the resource pod name as a variable. - set_fact: - awx_task_pod_name: "{{ awx_task_pod['metadata']['name'] | default('') }}" - -# TODO: awx-manage provision_instance does not currently support peer from control nodes -# !!!dependent on API/CLI changes!!! -- name: Add new instance to AWX - kubernetes.core.k8s_exec: - namespace: "{{ ansible_operator_meta.namespace }}" - pod: "{{ awx_task_pod_name }}" - container: "{{ deployment_name }}-task" - command: "awx-manage provision_instance --hostname {{ ansible_operator_meta.name }} --node_type hop" - register: result - -- name: Add internal receptor address - kubernetes.core.k8s_exec: - namespace: "{{ ansible_operator_meta.namespace }}" - pod: "{{ awx_task_pod_name }}" - container: "{{ deployment_name }}-task" - command: "awx-manage add_receptor_address --hostname {{ ansible_operator_meta.name }} --address {{ ansible_operator_meta.name }} --port 443 --protocol ws --is_internal --peers_from_control_nodes" - - -- name: Add external receptor address - kubernetes.core.k8s_exec: - namespace: "{{ ansible_operator_meta.namespace }}" - pod: "{{ awx_task_pod_name }}" - container: "{{ deployment_name }}-task" - command: "awx-manage add_receptor_address --hostname {{ ansible_operator_meta.name }} --address {{ external_hostname }} --port 443 --protocol ws" +- name: Run finalizer tasks + include_tasks: finalizer.yml + when: finalizer_run diff --git a/watches.yaml b/watches.yaml index 9a0067f50..355965fe4 100644 --- a/watches.yaml +++ b/watches.yaml @@ -27,4 +27,10 @@ group: awx.ansible.com kind: AWXMeshIngress role: mesh_ingress + snakeCaseParameters: False + finalizer: + name: awx.ansible.com/awx-mesh-ingress-finalizer + role: mesh_ingress + vars: + finalizer_run: true # +kubebuilder:scaffold:watch