expand/awx-on-k3s
1
0
Fork 0
mirror of https://github.com/Expand-sys/awx-on-k3s synced 2025-12-16 05:52:15 +11:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: bump pulp operator version to 1.0.0-alpha.2

Browse source
This commit is contained in:
kurokobo 2022-11-17 05:26:10 +09:00
parent 1825867461
commit efd1efd41a
6 changed files with 129 additions and 83 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

134
galaxy/README.md
View file

@ -50,7 +50,7 @@ You can control the version of Galaxy NG by using Tags in cloned local Git repos
Although not documented, a container image with Galaxy NG preinstalled and its source `Containerfile` are also available. Although not documented, a container image with Galaxy NG preinstalled and its source `Containerfile` are also available.
- [pulp/pulp-galaxy-ng - Docker Image | Docker Hub](https://hub.docker.com/r/pulp/pulp-galaxy-ng) - [pulp/pulp-galaxy-ng - Docker Image | Docker Hub](https://hub.docker.com/r/pulp/pulp-galaxy-ng)
- [pulp-oci-images/pulp_galaxy_ng at latest · pulp/pulp-oci-images](https://github.com/pulp/pulp-oci-images/tree/latest/pulp_galaxy_ng) - [pulp-oci-images/images/pulp_galaxy_ng at latest · pulp/pulp-oci-images · GitHub](https://github.com/pulp/pulp-oci-images/tree/latest/images/pulp_galaxy_ng)
### Procedure ### Procedure
@ -189,7 +189,7 @@ There is a Kubernetes Operator for Pulp 3 named Pulp Operator.
- [pulp/pulp-operator: Kubernetes Operator for Pulp 3](https://github.com/pulp/pulp-operator) - [pulp/pulp-operator: Kubernetes Operator for Pulp 3](https://github.com/pulp/pulp-operator)
This project is still under active development and there is no support, however, at least the code to create a new instance seems to be implemented. In this procedure, we use [Pulp Operator 0.14.1](https://github.com/pulp/pulp-operator/tree/0.14.1) This project is in alpha stage and under active development. In this guide, we use [Pulp Operator 1.0.0-alpha.2](https://github.com/pulp/pulp-operator/tree/1.0.0-alpha.2).
### Install Pulp Operator ### Install Pulp Operator
@ -199,12 +199,13 @@ Install specified version of Pulp Operator.
cd ~ cd ~
git clone https://github.com/pulp/pulp-operator.git git clone https://github.com/pulp/pulp-operator.git
cd pulp-operator cd pulp-operator
git checkout 0.14.1 git checkout 1.0.0-alpha.2
``` ```
Export the name of the namespace where you want to deploy Pulp Operator as the environment variable `NAMESPACE` and run `make deploy`. The default namespace is `pulp-operator-system`. Export the name of the namespace where you want to deploy Pulp Operator as the environment variable `NAMESPACE` and run `make deploy`. The default namespace is `pulp-operator-system`. Note that `make deploy` requires `go` binary by default but you can remove this dependency by small `sed` patch.
```bash ```bash
sed -i 's/^deploy: manifests/deploy:/g' ./Makefile
export NAMESPACE=galaxy export NAMESPACE=galaxy
make deploy make deploy
``` ```
@ -243,16 +244,17 @@ GALAXY_HOST="galaxy.example.com"
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -out ./pulp/tls.crt -keyout ./pulp/tls.key -subj "/CN=${GALAXY_HOST}/O=${GALAXY_HOST}" -addext "subjectAltName = DNS:${GALAXY_HOST}" openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -out ./pulp/tls.crt -keyout ./pulp/tls.key -subj "/CN=${GALAXY_HOST}/O=${GALAXY_HOST}" -addext "subjectAltName = DNS:${GALAXY_HOST}"
``` ```
Modify `hostname` in `pulp/galaxy.yaml`. Modify `ANSIBLE_API_HOSTNAME` and `CONTENT_ORIGIN` in `pulp/galaxy.yaml`.
```yaml ```yaml
... ...
spec: spec:
... ...
ingress_type: ingress pulp_settings:
ingress_tls_secret: galaxy-secret-tls ANSIBLE_API_HOSTNAME: https://galaxy.example.com 👈👈👈
hostname: galaxy.example.com 👈👈👈 CONTENT_ORIGIN: https://galaxy.example.com 👈👈👈
... TOKEN_AUTH_DISABLED: "True"
...
``` ```
Modify two `password`s in `pulp/kustomization.yaml`. Modify two `password`s in `pulp/kustomization.yaml`.
@ -262,11 +264,12 @@ Modify two `password`s in `pulp/kustomization.yaml`.
- name: galaxy-postgres-configuration - name: galaxy-postgres-configuration
type: Opaque type: Opaque
literals: literals:
- host=galaxy-postgres - host=galaxy-database-svc
- port=5432 - port=5432
- database=galaxy - database=galaxy
- username=galaxy - username=galaxy
- password=Galaxy123! 👈👈👈 - password=Galaxy123! 👈👈👈
- sslmode=prefer
- type=managed - type=managed
- name: galaxy-admin-password - name: galaxy-admin-password
@ -276,14 +279,26 @@ Modify two `password`s in `pulp/kustomization.yaml`.
... ...
``` ```
Modify `hosts` and `host` in `pulp/ingress.yaml`.
```yaml
...
- hosts:
- galaxy.example.com 👈👈👈
secretName: galaxy-secret-tls
rules:
- host: galaxy.example.com 👈👈👈
...
```
Prepare directories for Persistent Volumes defined in `pulp/pv.yaml`. Prepare directories for Persistent Volumes defined in `pulp/pv.yaml`.
```bash ```bash
sudo mkdir -p /data/galaxy/postgres-13 sudo mkdir -p /data/galaxy/database
sudo mkdir -p /data/galaxy/redis sudo mkdir -p /data/galaxy/redis
sudo mkdir -p /data/galaxy/pulp sudo mkdir -p /data/galaxy/file
sudo chmod 755 /data/galaxy/postgres-13 sudo chmod 755 /data/galaxy/database
sudo chown 700:0 /data/galaxy/pulp sudo chown 700:0 /data/galaxy/file
``` ```
### Deploy Galaxy NG ### Deploy Galaxy NG
@ -297,73 +312,72 @@ kubectl apply -k pulp
To monitor the progress of the deployment, check the logs of `deployments/awx-operator-controller-manager`: To monitor the progress of the deployment, check the logs of `deployments/awx-operator-controller-manager`:
```bash ```bash
kubectl -n galaxy logs -f deployments/pulp-operator-controller-manager -c pulp-manager kubectl -n galaxy logs -f deployments/pulp-operator-controller-manager
``` ```
When the deployment completes successfully, the logs end with: When the deployment completes successfully, the logs end with:
```txt ```txt
$ kubectl -n galaxy logs -f deployments/pulp-operator-controller-manager -c pulp-manager $ kubectl -n galaxy logs -f deployments/pulp-operator-controller-manager
... ...
----- Ansible Task Status Event StdOut (pulp.pulpproject.org/v1beta1, Kind=Pulp, galaxy/galaxy) ----- 2006-01-02T15:04:05Z INFO repo_manager/status.go:133 galaxy operator finished execution ...
PLAY RECAP ********************************************************************* 2006-01-02T15:04:05Z INFO repo_manager/controller.go:335 Operator tasks synced
localhost : ok=117 changed=26 unreachable=0 failed=0 skipped=82 rescued=0 ignored=0
``` ```
Required objects has been deployed next to Pulp Operator in `galaxy` namespace. Required objects has been deployed next to Pulp Operator in `galaxy` namespace.
```bash ```bash
$ kubectl -n galaxy get pulp,all,ingress,secrets $ kubectl -n galaxy get pulp,all,ingress,secrets
NAME AGE NAME AGE
pulp.pulp.pulpproject.org/galaxy 4m48s pulp.repo-manager.pulpproject.org/galaxy 3m21s
NAME READY STATUS RESTARTS AGE NAME READY STATUS RESTARTS AGE
pod/pulp-operator-controller-manager-74d4f59ddb-mtwzq 2/2 Running 0 5m4s pod/pulp-operator-controller-manager-c4d6bcbb7-trdr4 2/2 Running 0 3m54s
pod/galaxy-postgres-13-0 1/1 Running 0 4m31s pod/galaxy-redis-7f985cb4f9-47xvl 1/1 Running 0 3m20s
pod/galaxy-redis-6f79b47f66-4dg75 1/1 Running 0 4m5s pod/galaxy-database-0 1/1 Running 0 3m20s
pod/galaxy-content-57fd45b97c-mxkdx 1/1 Running 0 3m39s pod/galaxy-worker-6cb8c9dc97-mfcvm 1/1 Running 0 3m20s
pod/galaxy-worker-6fcbd5ff47-b2h6v 1/1 Running 0 3m37s pod/galaxy-content-7cf7cf49f6-94qmm 1/1 Running 0 3m20s
pod/galaxy-api-5cf69c85d-vc6z8 1/1 Running 0 3m43s pod/galaxy-api-6b86d65586-q9hnk 1/1 Running 0 3m20s
pod/galaxy-web-5f7bc488fb-69mbk 1/1 Running 0 4m22s pod/galaxy-web-546fbf459-mcdtz 1/1 Running 0 3m20s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/pulp-operator-controller-manager-metrics-service ClusterIP 10.43.145.99 <none> 8443/TCP 5m4s service/pulp-operator-controller-manager-metrics-service ClusterIP 10.43.132.135 <none> 8443/TCP 3m54s
service/galaxy-postgres-13 ClusterIP None <none> 5432/TCP 4m31s service/galaxy-database-svc ClusterIP None <none> 5432/TCP 3m20s
service/galaxy-web-svc ClusterIP 10.43.17.192 <none> 24880/TCP 4m21s service/galaxy-redis-svc ClusterIP 10.43.13.40 <none> 6379/TCP 3m20s
service/galaxy-redis-svc ClusterIP 10.43.58.131 <none> 6379/TCP 4m7s service/galaxy-api-svc ClusterIP 10.43.134.165 <none> 24817/TCP 3m20s
service/galaxy-api-svc ClusterIP 10.43.106.139 <none> 24817/TCP 3m52s service/galaxy-content-svc ClusterIP 10.43.204.25 <none> 24816/TCP 3m20s
service/galaxy-content-svc ClusterIP 10.43.154.10 <none> 24816/TCP 3m41s service/galaxy-web-svc ClusterIP 10.43.219.152 <none> 24880/TCP 3m20s
NAME READY UP-TO-DATE AVAILABLE AGE NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/pulp-operator-controller-manager 1/1 1 1 5m4s deployment.apps/pulp-operator-controller-manager 1/1 1 1 3m54s
deployment.apps/galaxy-redis 1/1 1 1 4m5s deployment.apps/galaxy-redis 1/1 1 1 3m20s
deployment.apps/galaxy-content 1/1 1 1 3m39s deployment.apps/galaxy-worker 1/1 1 1 3m20s
deployment.apps/galaxy-worker 1/1 1 1 3m37s deployment.apps/galaxy-content 1/1 1 1 3m20s
deployment.apps/galaxy-api 1/1 1 1 3m43s deployment.apps/galaxy-api 1/1 1 1 3m20s
deployment.apps/galaxy-web 1/1 1 1 4m22s deployment.apps/galaxy-web 1/1 1 1 3m20s
NAME DESIRED CURRENT READY AGE NAME DESIRED CURRENT READY AGE
replicaset.apps/pulp-operator-controller-manager-74d4f59ddb 1 1 1 5m4s replicaset.apps/pulp-operator-controller-manager-c4d6bcbb7 1 1 1 3m54s
replicaset.apps/galaxy-redis-6f79b47f66 1 1 1 4m5s replicaset.apps/galaxy-redis-7f985cb4f9 1 1 1 3m20s
replicaset.apps/galaxy-content-57fd45b97c 1 1 1 3m39s replicaset.apps/galaxy-worker-6cb8c9dc97 1 1 1 3m20s
replicaset.apps/galaxy-worker-6fcbd5ff47 1 1 1 3m37s replicaset.apps/galaxy-content-7cf7cf49f6 1 1 1 3m20s
replicaset.apps/galaxy-api-5cf69c85d 1 1 1 3m43s replicaset.apps/galaxy-api-6b86d65586 1 1 1 3m20s
replicaset.apps/galaxy-web-5f7bc488fb 1 1 1 4m22s replicaset.apps/galaxy-web-546fbf459 1 1 1 3m20s
NAME READY AGE NAME READY AGE
statefulset.apps/galaxy-postgres-13 1/1 4m31s statefulset.apps/galaxy-database 1/1 3m20s
NAME CLASS HOSTS ADDRESS PORTS AGE NAME CLASS HOSTS ADDRESS PORTS AGE
ingress.networking.k8s.io/galaxy-ingress <none> galaxy.example.com 192.168.0.219,2400:4050:a8e2:a00:250:56ff:fe86:454d 80, 443 4m19s ingress.networking.k8s.io/galaxy <none> galaxy.example.com 192.168.0.219 80, 443 3m21s
NAME TYPE DATA AGE NAME TYPE DATA AGE
secret/galaxy-admin-password Opaque 1 4m48s secret/galaxy-admin-password Opaque 1 3m21s
secret/galaxy-postgres-configuration Opaque 6 4m48s secret/galaxy-postgres-configuration Opaque 7 3m21s
secret/galaxy-secret-tls kubernetes.io/tls 2 4m48s secret/galaxy-secret-tls kubernetes.io/tls 2 3m21s
secret/redhat-operators-pull-secret Opaque 1 4m40s secret/redhat-operators-pull-secret Opaque 1 3m21s
secret/galaxy-server Opaque 1 4m3s secret/galaxy-server Opaque 1 3m20s
secret/galaxy-db-fields-encryption Opaque 1 3m54s secret/galaxy-db-fields-encryption Opaque 1 3m20s
secret/galaxy-container-auth Opaque 2 3m47s secret/galaxy-container-auth Opaque 2 3m20s
``` ```
Now your AWX is available at `https://galaxy.example.com/` or the hostname you specified. You can log in to the GUI by user `admin` with password you specified in `pulp/kustomization.yaml`. Now your AWX is available at `https://galaxy.example.com/` or the hostname you specified. You can log in to the GUI by user `admin` with password you specified in `pulp/kustomization.yaml`.

2
galaxy/all-in-one/ingress.yaml
View file

@ -13,7 +13,7 @@ spec:
http: http:
paths: paths:
- path: / - path: /
pathType: ImplementationSpecific pathType: Prefix
backend: backend:
service: service:
name: galaxy-service name: galaxy-service

39
galaxy/pulp/galaxy.yaml
View file

@ -1,14 +1,16 @@
apiVersion: pulp.pulpproject.org/v1beta1 apiVersion: repo-manager.pulpproject.org/v1alpha1
kind: Pulp kind: Pulp
metadata: metadata:
name: galaxy name: galaxy
spec: spec:
# These parameters are designed for use with: # These parameters are designed for use with:
# - Pulp Operator: 0.14.1 # - Pulp Operator: 1.0.0-alpha.2
# https://github.com/pulp/pulp-operator/blob/0.14.1/README.md # https://github.com/pulp/pulp-operator/blob/1.0.0-alpha.2/README.md
# - Galaxy NG: 4.5.2 # - Galaxy NG: 4.5.2
# https://github.com/ansible/galaxy_ng/tree/4.5.2 # https://github.com/ansible/galaxy_ng/tree/4.5.2
deployment_type: galaxy
image: quay.io/pulp/galaxy image: quay.io/pulp/galaxy
image_version: 4.5.2 image_version: 4.5.2
image_web: quay.io/pulp/galaxy-web image_web: quay.io/pulp/galaxy-web
@ -16,29 +18,36 @@ spec:
admin_password_secret: galaxy-admin-password admin_password_secret: galaxy-admin-password
ingress_type: ingress # As a workaround for 1.0.0-alpha.2,
ingress_tls_secret: galaxy-secret-tls # to force use TLS termination on Ingress and to force to deploy Pulp Web container,
hostname: galaxy.example.com # keep ingress_type empty and deploy ingress without using Operator.
# I believe this can be back in the next release.
postgres_storage_class: galaxy-postgres-volume # https://github.com/pulp/pulp-operator/issues/676
postgres_storage_requirements: # https://github.com/pulp/pulp-operator/issues/770
requests: #ingress_type: ingress
storage: 8Gi #ingress_tls_secret: galaxy-secret-tls
redis_storage_class: galaxy-redis-volume #ingress_host: galaxy.example.com
storage_type: file storage_type: file
file_storage_storage_class: galaxy-pulp-volume file_storage_storage_class: galaxy-file-volume
file_storage_access_mode: ReadWriteOnce file_storage_access_mode: ReadWriteOnce
file_storage_size: 8Gi file_storage_size: 8Gi
pulp_settings: pulp_settings:
ANSIBLE_API_HOSTNAME: https://galaxy.example.com
CONTENT_ORIGIN: https://galaxy.example.com
TOKEN_AUTH_DISABLED: "True" TOKEN_AUTH_DISABLED: "True"
api: api:
replicas: 1 replicas: 1
cache:
redis_storage_class: galaxy-redis-volume
content: content:
replicas: 1 replicas: 1
database:
postgres_storage_class: galaxy-database-volume
postgres_storage_requirements: 8Gi
web:
replicas: 1
worker: worker:
replicas: 1 replicas: 1
web:
replicas: 1

21
galaxy/pulp/ingress.yaml Normal file
View file

@ -0,0 +1,21 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: galaxy
spec:
tls:
- hosts:
- galaxy.example.com
secretName: galaxy-secret-tls
rules:
- host: galaxy.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: galaxy-web-svc
port:
number: 24880

4
galaxy/pulp/kustomization.yaml
View file

@ -16,11 +16,12 @@ secretGenerator:
- name: galaxy-postgres-configuration - name: galaxy-postgres-configuration
type: Opaque type: Opaque
literals: literals:
- host=galaxy-postgres-13 - host=galaxy-database-svc
- port=5432 - port=5432
- database=galaxy - database=galaxy
- username=galaxy - username=galaxy
- password=Galaxy123! - password=Galaxy123!
- sslmode=prefer
- type=managed - type=managed
- name: galaxy-admin-password - name: galaxy-admin-password
@ -30,4 +31,5 @@ secretGenerator:
resources: resources:
- pv.yaml - pv.yaml
- ingress.yaml
- galaxy.yaml - galaxy.yaml

12
galaxy/pulp/pv.yaml
View file

@ -2,31 +2,31 @@
apiVersion: v1 apiVersion: v1
kind: PersistentVolume kind: PersistentVolume
metadata: metadata:
name: galaxy-postgres-volume name: galaxy-database-volume
spec: spec:
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
persistentVolumeReclaimPolicy: Retain persistentVolumeReclaimPolicy: Retain
capacity: capacity:
storage: 8Gi storage: 8Gi
storageClassName: galaxy-postgres-volume storageClassName: galaxy-database-volume
hostPath: hostPath:
path: /data/galaxy/postgres-13 path: /data/galaxy/database
--- ---
apiVersion: v1 apiVersion: v1
kind: PersistentVolume kind: PersistentVolume
metadata: metadata:
name: galaxy-pulp-volume name: galaxy-file-volume
spec: spec:
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
persistentVolumeReclaimPolicy: Retain persistentVolumeReclaimPolicy: Retain
capacity: capacity:
storage: 8Gi storage: 8Gi
storageClassName: galaxy-pulp-volume storageClassName: galaxy-file-volume
hostPath: hostPath:
path: /data/galaxy/pulp path: /data/galaxy/file
--- ---
apiVersion: v1 apiVersion: v1