diff --git a/galaxy/README.md b/galaxy/README.md index c4beb4e..873db7a 100644 --- a/galaxy/README.md +++ b/galaxy/README.md @@ -189,7 +189,7 @@ There is a Kubernetes Operator for Pulp 3 named Pulp Operator. - [pulp/pulp-operator: Kubernetes Operator for Pulp 3](https://github.com/pulp/pulp-operator) -This project is in alpha stage and under active development. In this guide, we use [Pulp Operator 1.0.0-alpha.2](https://github.com/pulp/pulp-operator/tree/1.0.0-alpha.2). +This project is in alpha stage and under active development. In this guide, we use [Pulp Operator 1.0.0-alpha.3](https://github.com/pulp/pulp-operator/tree/1.0.0-alpha.3). ### Install Pulp Operator @@ -199,7 +199,7 @@ Install specified version of Pulp Operator. cd ~ git clone https://github.com/pulp/pulp-operator.git cd pulp-operator -git checkout 1.0.0-alpha.2 +git checkout 1.0.0-alpha.3 ``` Export the name of the namespace where you want to deploy Pulp Operator as the environment variable `NAMESPACE` and run `make deploy`. The default namespace is `pulp-operator-system`. Note that `make deploy` requires `go` binary by default but you can remove this dependency by small `sed` patch. @@ -244,17 +244,16 @@ GALAXY_HOST="galaxy.example.com" openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -out ./pulp/tls.crt -keyout ./pulp/tls.key -subj "/CN=${GALAXY_HOST}/O=${GALAXY_HOST}" -addext "subjectAltName = DNS:${GALAXY_HOST}" ``` -Modify `ANSIBLE_API_HOSTNAME` and `CONTENT_ORIGIN` in `pulp/galaxy.yaml`. +Modify `ingress_host` in `pulp/galaxy.yaml`. ```yaml ... spec: ... - pulp_settings: - ANSIBLE_API_HOSTNAME: https://galaxy.example.com 👈👈👈 - CONTENT_ORIGIN: https://galaxy.example.com 👈👈👈 - TOKEN_AUTH_DISABLED: "True" - ... + ingress_type: ingress + ingress_tls_secret: galaxy-secret-tls + ingress_host: galaxy.example.com 👈👈👈 +... ``` Modify two `password`s in `pulp/kustomization.yaml`. @@ -279,18 +278,6 @@ Modify two `password`s in `pulp/kustomization.yaml`. ... ``` -Modify `hosts` and `host` in `pulp/ingress.yaml`. - -```yaml -... - - hosts: - - galaxy.example.com 👈👈👈 - secretName: galaxy-secret-tls - rules: - - host: galaxy.example.com 👈👈👈 -... -``` - Prepare directories for Persistent Volumes defined in `pulp/pv.yaml`. ```bash @@ -321,7 +308,7 @@ When the deployment completes successfully, the logs end with: $ kubectl -n galaxy logs -f deployments/pulp-operator-controller-manager ... 2006-01-02T15:04:05Z INFO repo_manager/status.go:133 galaxy operator finished execution ... -2006-01-02T15:04:05Z INFO repo_manager/controller.go:335 Operator tasks synced +2006-01-02T15:04:05Z INFO repo_manager/controller.go:336 Operator tasks synced ``` Required objects has been deployed next to Pulp Operator in `galaxy` namespace. @@ -329,55 +316,55 @@ Required objects has been deployed next to Pulp Operator in `galaxy` namespace. ```bash $ kubectl -n galaxy get pulp,all,ingress,secrets NAME AGE -pulp.repo-manager.pulpproject.org/galaxy 3m21s +pulp.repo-manager.pulpproject.org/galaxy 3m22s -NAME READY STATUS RESTARTS AGE -pod/pulp-operator-controller-manager-c4d6bcbb7-trdr4 2/2 Running 0 3m54s -pod/galaxy-redis-7f985cb4f9-47xvl 1/1 Running 0 3m20s -pod/galaxy-database-0 1/1 Running 0 3m20s -pod/galaxy-worker-6cb8c9dc97-mfcvm 1/1 Running 0 3m20s -pod/galaxy-content-7cf7cf49f6-94qmm 1/1 Running 0 3m20s -pod/galaxy-api-6b86d65586-q9hnk 1/1 Running 0 3m20s -pod/galaxy-web-546fbf459-mcdtz 1/1 Running 0 3m20s +NAME READY STATUS RESTARTS AGE +pod/pulp-operator-controller-manager-66445f9d88-w6qjv 2/2 Running 0 5m34s +pod/galaxy-redis-84c95d97f8-86hkk 1/1 Running 0 3m22s +pod/galaxy-database-0 1/1 Running 0 3m22s +pod/galaxy-worker-588c5f4df4-k255c 1/1 Running 0 3m16s +pod/galaxy-api-6b86d65586-7rx79 1/1 Running 0 3m17s +pod/galaxy-content-7cf7cf49f6-tqqbl 1/1 Running 0 3m17s +pod/galaxy-web-546fbf459-cmn9v 1/1 Running 0 2m44s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -service/pulp-operator-controller-manager-metrics-service ClusterIP 10.43.132.135 8443/TCP 3m54s -service/galaxy-database-svc ClusterIP None 5432/TCP 3m20s -service/galaxy-redis-svc ClusterIP 10.43.13.40 6379/TCP 3m20s -service/galaxy-api-svc ClusterIP 10.43.134.165 24817/TCP 3m20s -service/galaxy-content-svc ClusterIP 10.43.204.25 24816/TCP 3m20s -service/galaxy-web-svc ClusterIP 10.43.219.152 24880/TCP 3m20s +service/pulp-operator-controller-manager-metrics-service ClusterIP 10.43.22.172 8443/TCP 5m34s +service/galaxy-database-svc ClusterIP None 5432/TCP 3m22s +service/galaxy-redis-svc ClusterIP 10.43.196.8 6379/TCP 3m22s +service/galaxy-api-svc ClusterIP 10.43.65.203 24817/TCP 3m17s +service/galaxy-content-svc ClusterIP 10.43.226.206 24816/TCP 3m16s +service/galaxy-web-svc ClusterIP 10.43.7.188 24880/TCP 2m43s NAME READY UP-TO-DATE AVAILABLE AGE -deployment.apps/pulp-operator-controller-manager 1/1 1 1 3m54s -deployment.apps/galaxy-redis 1/1 1 1 3m20s -deployment.apps/galaxy-worker 1/1 1 1 3m20s -deployment.apps/galaxy-content 1/1 1 1 3m20s -deployment.apps/galaxy-api 1/1 1 1 3m20s -deployment.apps/galaxy-web 1/1 1 1 3m20s +deployment.apps/pulp-operator-controller-manager 1/1 1 1 5m34s +deployment.apps/galaxy-redis 1/1 1 1 3m22s +deployment.apps/galaxy-worker 1/1 1 1 3m16s +deployment.apps/galaxy-api 1/1 1 1 3m17s +deployment.apps/galaxy-content 1/1 1 1 3m17s +deployment.apps/galaxy-web 1/1 1 1 2m44s -NAME DESIRED CURRENT READY AGE -replicaset.apps/pulp-operator-controller-manager-c4d6bcbb7 1 1 1 3m54s -replicaset.apps/galaxy-redis-7f985cb4f9 1 1 1 3m20s -replicaset.apps/galaxy-worker-6cb8c9dc97 1 1 1 3m20s -replicaset.apps/galaxy-content-7cf7cf49f6 1 1 1 3m20s -replicaset.apps/galaxy-api-6b86d65586 1 1 1 3m20s -replicaset.apps/galaxy-web-546fbf459 1 1 1 3m20s +NAME DESIRED CURRENT READY AGE +replicaset.apps/pulp-operator-controller-manager-66445f9d88 1 1 1 5m34s +replicaset.apps/galaxy-redis-84c95d97f8 1 1 1 3m22s +replicaset.apps/galaxy-worker-588c5f4df4 1 1 1 3m16s +replicaset.apps/galaxy-api-6b86d65586 1 1 1 3m17s +replicaset.apps/galaxy-content-7cf7cf49f6 1 1 1 3m17s +replicaset.apps/galaxy-web-546fbf459 1 1 1 2m44s NAME READY AGE -statefulset.apps/galaxy-database 1/1 3m20s +statefulset.apps/galaxy-database 1/1 3m22s NAME CLASS HOSTS ADDRESS PORTS AGE -ingress.networking.k8s.io/galaxy galaxy.example.com 192.168.0.219 80, 443 3m21s +ingress.networking.k8s.io/galaxy galaxy.example.com 192.168.0.219 80, 443 2m45s NAME TYPE DATA AGE -secret/galaxy-admin-password Opaque 1 3m21s -secret/galaxy-postgres-configuration Opaque 7 3m21s -secret/galaxy-secret-tls kubernetes.io/tls 2 3m21s -secret/redhat-operators-pull-secret Opaque 1 3m21s -secret/galaxy-server Opaque 1 3m20s -secret/galaxy-db-fields-encryption Opaque 1 3m20s -secret/galaxy-container-auth Opaque 2 3m20s +secret/galaxy-admin-password Opaque 1 3m22s +secret/galaxy-postgres-configuration Opaque 7 3m22s +secret/galaxy-secret-tls kubernetes.io/tls 2 3m22s +secret/redhat-operators-pull-secret Opaque 1 3m22s +secret/galaxy-server Opaque 1 3m22s +secret/galaxy-db-fields-encryption Opaque 1 3m22s +secret/galaxy-container-auth Opaque 2 3m22s ``` Now your AWX is available at `https://galaxy.example.com/` or the hostname you specified. You can log in to the GUI by user `admin` with password you specified in `pulp/kustomization.yaml`. diff --git a/galaxy/pulp/galaxy.yaml b/galaxy/pulp/galaxy.yaml index bd060a7..9a87150 100644 --- a/galaxy/pulp/galaxy.yaml +++ b/galaxy/pulp/galaxy.yaml @@ -4,8 +4,8 @@ metadata: name: galaxy spec: # These parameters are designed for use with: - # - Pulp Operator: 1.0.0-alpha.2 - # https://github.com/pulp/pulp-operator/blob/1.0.0-alpha.2/README.md + # - Pulp Operator: 1.0.0-alpha.3 + # https://github.com/pulp/pulp-operator/blob/1.0.0-alpha.3/README.md # - Galaxy NG: 4.5.2 # https://github.com/ansible/galaxy_ng/tree/4.5.2 @@ -18,15 +18,9 @@ spec: admin_password_secret: galaxy-admin-password - # As a workaround for 1.0.0-alpha.2, - # to force use TLS termination on Ingress and to force to deploy Pulp Web container, - # keep ingress_type empty and deploy ingress without using Operator. - # I believe this can be back in the next release. - # https://github.com/pulp/pulp-operator/issues/676 - # https://github.com/pulp/pulp-operator/issues/770 - #ingress_type: ingress - #ingress_tls_secret: galaxy-secret-tls - #ingress_host: galaxy.example.com + ingress_type: ingress + ingress_tls_secret: galaxy-secret-tls + ingress_host: galaxy.example.com storage_type: file file_storage_storage_class: galaxy-file-volume @@ -34,8 +28,6 @@ spec: file_storage_size: 8Gi pulp_settings: - ANSIBLE_API_HOSTNAME: https://galaxy.example.com - CONTENT_ORIGIN: https://galaxy.example.com TOKEN_AUTH_DISABLED: "True" api: diff --git a/galaxy/pulp/ingress.yaml b/galaxy/pulp/ingress.yaml deleted file mode 100644 index 9662d3c..0000000 --- a/galaxy/pulp/ingress.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: galaxy -spec: - tls: - - hosts: - - galaxy.example.com - secretName: galaxy-secret-tls - rules: - - host: galaxy.example.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: galaxy-web-svc - port: - number: 24880 diff --git a/galaxy/pulp/kustomization.yaml b/galaxy/pulp/kustomization.yaml index 9a8b113..daef487 100644 --- a/galaxy/pulp/kustomization.yaml +++ b/galaxy/pulp/kustomization.yaml @@ -31,5 +31,4 @@ secretGenerator: resources: - pv.yaml - - ingress.yaml - galaxy.yaml