Merge pull request #26 from fabianvf/service-catalog-and-broker

Add ansible-service-broker install

playbooks/common/openshift-cluster/service_catalog.yml

@@ -5,4 +5,4 @@
   hosts: oo_first_master
   roles:
   - openshift_service_catalog
-  - openshift_service_catalog_broker
+  - ansible_service_broker

roles/ansible_service_broker/defaults/main.yml

@@ -0,0 +1,6 @@
+---
+
+ansible_service_broker_remove: false
+ansible_service_broker_log_level: info
+# Recommended you do not enable this for now
+ansible_service_broker_launch_apb_on_bind: false

roles/ansible_service_broker/meta/main.yml

@@ -0,0 +1,15 @@
+---
+galaxy_info:
+  author: Fabian von Feilitzsch
+  description: OpenShift Ansible Service Broker
+  company: Red Hat, Inc.
+  license: Apache License, Version 2.0
+  min_ansible_version: 2.1
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - cloud
+dependencies:
+- role: lib_openshift

roles/ansible_service_broker/tasks/install.yml

@@ -0,0 +1,268 @@
+---
+
+# Fact setting and validations
+- name: Set default image variables based on deployment type
+  include_vars: "{{ item }}"
+  with_first_found:
+    - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+    - "default_images.yml"
+
+- name: set ansible_service_broker facts
+  set_fact:
+    ansible_service_broker_image_prefix: "{{ ansible_service_broker_image_prefix | default(__ansible_service_broker_image_prefix) }}"
+    ansible_service_broker_image_tag: "{{ ansible_service_broker_image_tag | default(__ansible_service_broker_image_tag) }}"
+
+    ansible_service_broker_etcd_image_prefix: "{{ ansible_service_broker_etcd_image_prefix | default(__ansible_service_broker_etcd_image_prefix) }}"
+    ansible_service_broker_etcd_image_tag: "{{ ansible_service_broker_etcd_image_tag | default(__ansible_service_broker_etcd_image_tag) }}"
+
+    ansible_service_broker_registry_type: "{{ ansible_service_broker_registry_type | default(__ansible_service_broker_registry_type) }}"
+    ansible_service_broker_registry_url: "{{ ansible_service_broker_registry_url | default(__ansible_service_broker_registry_url) }}"
+    ansible_service_broker_registry_user: "{{ ansible_service_broker_registry_user | default(__ansible_service_broker_registry_user) }}"
+    ansible_service_broker_registry_password: "{{ ansible_service_broker_registry_password | default(__ansible_service_broker_registry_password) }}"
+    ansible_service_broker_registry_organization: "{{ ansible_service_broker_registry_organization | default(__ansible_service_broker_registry_organization) }}"
+
+- name: set ansible-service-broker image facts using set prefix and tag
+  set_fact:
+    ansible_service_broker_image: "{{ ansible_service_broker_image_prefix }}ansible-service-broker:{{ ansible_service_broker_image_tag }}"
+    ansible_service_broker_etcd_image: "{{ ansible_service_broker_etcd_image_prefix }}ansible-service-broker:{{ ansible_service_broker_etcd_image_tag }}"
+
+- include: validate_facts.yml
+
+
+# Deployment of ansible-service-broker starts here
+- name: create openshift-ansible-service-broker project
+  oc_project:
+    name: openshift-ansible-service-broker
+    state: present
+
+- name: create ansible-service-broker serviceaccount
+  oc_serviceaccount:
+    name: asb
+    namespace: openshift-ansible-service-broker
+    state: present
+
+- name: create ansible-service-broker service
+  oc_service:
+    name: asb
+    namespace: openshift-ansible-service-broker
+    state: present
+    labels:
+      app: ansible-service-broker
+      service: asb
+    ports:
+      - name: port-1338
+        port: 1338
+    selector:
+      app: ansible-service-broker
+      service: asb
+
+- name: create etcd service
+  oc_service:
+    name: etcd
+    namespace: openshift-ansible-service-broker
+    state: present
+    ports:
+      - name: etcd-advertise
+        port: 2379
+    selector:
+      app: ansible-service-broker
+      service: etcd
+
+- name: create route for ansible-service-broker service
+  oc_route:
+    name: asb-1338
+    namespace: openshift-ansible-service-broker
+    state: present
+    service_name: asb
+    port: 1338
+  register: asb_route_out
+
+- name: get ansible-service-broker route name
+  set_fact:
+    ansible_service_broker_route: "{{ asb_route_out.results.results[0].spec.host }}"
+
+- name: create persistent volume claim for etcd
+  oc_obj:
+    name: etcd
+    namespace: openshift-ansible-service-broker
+    state: present
+    kind: PersistentVolumeClaim
+    content:
+      path: /tmp/dcout
+      data:
+        apiVersion: v1
+        kind: PersistentVolumeClaim
+        metadata:
+          name: etcd
+          namespace: openshift-ansible-service-broker
+        spec:
+          accessModes:
+            - ReadWriteOnce
+          resources:
+            requests:
+              storage: 1Gi
+
+- name: create etcd deployment
+  oc_obj:
+    name: etcd
+    namespace: openshift-ansible-service-broker
+    state: present
+    kind: Deployment
+    content:
+      path: /tmp/dcout
+      data:
+        apiVersion: extensions/v1beta1
+        kind: Deployment
+        metadata:
+          name: etcd
+          namespace: openshift-ansible-service-broker
+          labels:
+            app: ansible-service-broker
+            service: etcd
+        spec:
+          selector:
+            matchLabels:
+              app: ansible-service-broker
+              service: etcd
+          strategy:
+            type: RollingUpdate
+            rollingUpdate:
+              maxSurge: 1
+              maxUnavailable: 1
+          replicas: 1
+          template:
+            metadata:
+              labels:
+                app: ansible-service-broker
+                service: etcd
+            spec:
+              restartPolicy: Always
+              containers:
+                - image: "{{ ansible_service_broker_etcd_image }}"
+                  name: etcd
+                  imagePullPolicy: IfNotPresent
+                  terminationMessagePath: /tmp/termination-log
+                  workingDir: /etcd
+                  args:
+                    - ./etcd
+                    - --data-dir=/data
+                    - "--listen-client-urls=http://0.0.0.0:2379"
+                    - "--advertise-client-urls=http://0.0.0.0:2379"
+                  ports:
+                  - containerPort: 2379
+                    protocol: TCP
+                  env:
+                  - name: ETCDCTL_API
+                    value: "3"
+                  volumeMounts:
+                  - mountPath: /data
+                    name: etcd
+              volumes:
+              - name: etcd
+                persistentVolumeClaim:
+                  claimName: etcd
+
+- name: create ansible-service-broker deployment
+  oc_obj:
+    name: asb
+    namespace: openshift-ansible-service-broker
+    state: present
+    kind: Deployment
+    content:
+      path: /tmp/dcout
+      data:
+        apiVersion: extensions/v1beta1
+        kind: Deployment
+        metadata:
+          name: asb
+          namespace: openshift-ansible-service-broker
+          labels:
+            app: openshift-ansible-service-broker
+            service: asb
+        spec:
+          strategy:
+            type: Recreate
+          replicas: 1
+          template:
+            metadata:
+              labels:
+                app: openshift-ansible-service-broker
+                service: asb
+            spec:
+              serviceAccount: asb
+              restartPolicy: Always
+              containers:
+                - image: "{{ ansible_service_broker_image }}"
+                  name: asb
+                  imagePullPolicy: IfNotPresent
+                  volumeMounts:
+                    - name: config-volume
+                      mountPath: /etc/ansible-service-broker
+                  ports:
+                    - containerPort: 1338
+                      protocol: TCP
+                  args:
+                    - -c
+                    - /etc/ansible-service-broker/config.yaml
+                  terminationMessagePath: /tmp/termination-log
+              volumes:
+              - name: config-volume
+                configMap:
+                  name: broker-config
+                  items:
+                  - key: broker-config
+                    path: config.yaml
+
+
+# TODO: saw a oc_configmap in the library, but didn't understand how to get it to do the following:
+- name: Create config map for ansible-service-broker
+  oc_obj:
+    name: broker-config
+    namespace: openshift-ansible-service-broker
+    state: present
+    kind: ConfigMap
+    content:
+      path: /tmp/cmout
+      data:
+        apiVersion: v1
+        kind: ConfigMap
+        metadata:
+          name: broker-config
+          namespace: openshift-ansible-service-broker
+          labels:
+            app: ansible-service-broker
+        data:
+          broker-config: |
+            registry:
+              name: "{{ ansible_service_broker_registry_type }}"
+              url:  "{{ ansible_service_broker_registry_url }}"
+              user: "{{ ansible_service_broker_registry_user }}"
+              pass: "{{ ansible_service_broker_registry_password }}"
+              org:  "{{ ansible_service_broker_registry_organization }}"
+            dao:
+              etcd_host: etcd
+              etcd_port: 2379
+            log:
+              logfile: /var/log/ansible-service-broker/asb.log
+              stdout: true
+              level: "{{ ansible_service_broker_log_level }}"
+              color: true
+            openshift: {}
+            broker:
+              devbroker: false
+              launchapbonbind: "{{ ansible_service_broker_launch_apb_on_bind }}"
+
+- name: Create the Broker resource in the catalog
+  oc_obj:
+    name: ansible-service-broker
+    state: present
+    kind: Broker
+    content:
+      path: /tmp/brokerout
+      data:
+        apiVersion: servicecatalog.k8s.io/v1alpha1
+        kind: Broker
+        metadata:
+          name: ansible-service-broker
+        spec:
+          url: http://{{ ansible_service_broker_route }}

roles/ansible_service_broker/tasks/main.yml

@@ -0,0 +1,8 @@
+---
+# do any asserts here
+
+- include: install.yml
+  when: not  ansible_service_broker_remove|default(false) | bool
+
+- include: remove.yml
+  when: ansible_service_broker_remove|default(false) | bool

roles/ansible_service_broker/tasks/remove.yml

@@ -0,0 +1,65 @@
+---
+
+- name: remove openshift-ansible-service-broker project
+  oc_project:
+    name: openshift-ansible-service-broker
+    state: absent
+
+- name: remove ansible-service-broker serviceaccount
+  oc_serviceaccount:
+    name: asb
+    namespace: openshift-ansible-service-broker
+    state: absent
+
+- name: remove ansible-service-broker service
+  oc_service:
+    name: asb
+    namespace: openshift-ansible-service-broker
+    state: absent
+
+- name: remove etcd service
+  oc_service:
+    name: etcd
+    namespace: openshift-ansible-service-broker
+    state: absent
+
+- name: remove route for ansible-service-broker service
+  oc_route:
+    name: asb-1338
+    namespace: openshift-ansible-service-broker
+    state: absent
+
+- name: remove persistent volume claim for etcd
+  oc_pvc:
+    name: etcd
+    namespace: openshift-ansible-service-broker
+    state: absent
+
+- name: remove etcd deployment
+  oc_obj:
+    name: etcd
+    namespace: openshift-ansible-service-broker
+    state: absent
+    kind: Deployment
+
+- name: remove ansible-service-broker deployment
+  oc_obj:
+    name: asb
+    namespace: openshift-ansible-service-broker
+    state: absent
+    kind: Deployment
+
+# TODO: saw a oc_configmap in the library, but didn't understand how to get it to do the following:
+- name: remove config map for ansible-service-broker
+  oc_obj:
+    name: broker-config
+    namespace: openshift-ansible-service-broker
+    state: absent
+    kind: ConfigMap
+
+# TODO: Is this going to work?
+- name: remove broker object from the catalog
+  oc_obj:
+    name: ansible-service-broker
+    state: absent
+    kind: Broker

roles/ansible_service_broker/tasks/validate_facts.yml

@@ -0,0 +1,14 @@
+- name: validate Dockerhub registry settings
+  fail: msg="To use the dockerhub registry, you must provide the ansible_service_broker_registry_user. ansible_service_broker_registry_password, and ansible_service_broker_registry_organization parameters"
+  when:
+   - ansible_service_broker_registry_type == 'dockerhub'
+   - not (ansible_service_broker_registry_user and
+      ansible_service_broker_registry_password and
+      ansible_service_broker_registry_organization)
+
+
+- name: validate RHCC registry settings
+  fail: msg="To use the Red Hat Container Catalog registry, you must provide the ansible_service_broker_registry_url"
+  when:
+   - ansible_service_broker_registry_type == 'rhcc'
+   - not ansible_service_broker_registry_url

roles/ansible_service_broker/vars/default_images.yml

@@ -0,0 +1,13 @@
+---
+
+__ansible_service_broker_image_prefix: ansibleplaybookbundle/
+__ansible_service_broker_image_tag: latest
+
+__ansible_service_broker_etcd_image_prefix: quay.io/coreos/
+__ansible_service_broker_etcd_image_tag: latest
+
+__ansible_service_broker_registry_type: dockerhub
+__ansible_service_broker_registry_url: null
+__ansible_service_broker_registry_user: null
+__ansible_service_broker_registry_password: null
+__ansible_service_broker_registry_organization: null

roles/ansible_service_broker/vars/openshift-enterprise.yml

@@ -0,0 +1,13 @@
+---
+
+__ansible_service_broker_image_prefix: openshift3/
+__ansible_service_broker_image_tag: latest
+
+__ansible_service_broker_etcd_image_prefix: rhel7/
+__ansible_service_broker_etcd_image_tag: latest
+
+__ansible_service_broker_registry_type: rhcc
+__ansible_service_broker_registry_url: "https://registry.access.redhat.com"
+__ansible_service_broker_registry_user: null
+__ansible_service_broker_registry_password: null
+__ansible_service_broker_registry_organization: null