Skip to content

Latest commit

 

History

History
 
 

ocp-workloads

Deploy ocp-workload to a shared cluster

This config is used to run ocp-workloads on OCP shared clusters.

It is a config like any other agnosticd config and allows integration of this particular kind of deployment into our eco-system.

Create

Example: myvars.yml
cloud_provider: none
env_type: ocp-workloads

ocp_workloads:
  - ocp4-workload-fuse-ignite

target_host: bastion.dev.mycluster.mydomain.com

#become_override: false

# If the ocp-workload supports it, you should specify the OCP user:
# ocp_username: myuser

# Usually the ocp-workloads want a GUID also:
# guid: changeme
Run
cd agnosticd/ansible
ansible-playbook main.yml -e @myvars.yml

Delete

Just run the following:

cd agnosticd/ansible
ansible-playbook destroy.yml -e @myvars.yml

It will run the ocp-workload role with ACTION=destroy.

Lifecycle

The lifecycle_entry_point.yml playbook can be used as well.

It will just run the workload passing the ACTION variable. Just make sure to implement the action stop, start, status in the ocp-workloads.

target_host variable

This variable correspond to the bastion host used to run oc commands or k8s ansible task.

You can specify the target host in 2 different ways.

As localhost

target_host: localhost

This will execute the workload from localhost. It requires that whatever host the playbook is run from is authenticated to the OpenShift cluster.

As an hostname

If you want to just specify:

target_host: bastion.dev.mycluster.mydomain.com

Then you need to configure ssh properly to be able to connect to that host. Just make sure the command ssh bastion.dev.mycluster.mydomain.com works.

As a dictionary

You can specify the bastion host using a dictionary. This is useful is you need to specify the user, port, ssh_key to use, etc.

target_host:
  ansible_host: bastion.babydev.babylon.open.redhat.com
  ansible_port: 22
  ansible_user: ec2-user
  #ansible_ssh_private_key_content: "{{ ssh_private_key_content }}"
  ansible_ssh_private_key_file: ~/.ssh/admin_key.pem
  #ansible_ssh_extra_args:  ...
Note
you can add the ansible_ssh_private_key_content to a secret file or a vault. The config will create the key using that content in the directory output_dir/ and use it to connect to the bastion. The key will then be deleted when the playbook ends, see cleanup.yml.

ocp-workload.yml file

This file is for reference only.

It is still used in some of our deployment scripts.

It can be useful if you want to specify the bastion to connect to by passing it as the inventory:

ansible-playbook -i $TARGETHOST, ocp-workload.yml -e ocp_workload=ocp-workload-fuse-ignite

FAQ

  1. But i want to run my workload as root!

Just use the var become_override. Set it to true in your var file. Most ocp-workloads implement that variable.

extract of main.yml in ocp-workload
- name: Running Workload Tasks
  import_tasks: ./workload.yml
  become: "{{ become_override | bool }}"
  when: ACTION == "create" or ACTION == "provision"