From 99811e05a245ef23e806f5c847f72d267b142bf1 Mon Sep 17 00:00:00 2001 From: Tim Bielawa Date: Wed, 4 Oct 2017 10:06:50 -0400 Subject: Add notes about SA token. Improve NFS validation. --- roles/openshift_cfme/README.md | 68 +++++++++++++++------- roles/openshift_cfme/defaults/main.yml | 7 --- .../tasks/storage/create_nfs_pvs.yml | 26 +++++++++ roles/openshift_cfme/tasks/validate.yml | 36 +++++++++--- roles/openshift_cfme/vars/main.yml | 7 +++ 5 files changed, 107 insertions(+), 37 deletions(-) diff --git a/roles/openshift_cfme/README.md b/roles/openshift_cfme/README.md index 98cefa6b4..26618ffb8 100644 --- a/roles/openshift_cfme/README.md +++ b/roles/openshift_cfme/README.md @@ -67,7 +67,7 @@ now for examples of how to set up your Ansible inventory for various deployment configurations. However, you are **strongly urged** to first read through the [Configuration](#configuration) and [Customization](#customization) sections as well as the following -[Important Note](#important-notes). +[Important Notes](#important-notes). ## Important Notes @@ -81,6 +81,30 @@ to there being no databases that require pods. parameters. Including parameters not defined in a template **will cause errors**. +**Container Provider Integration** - If you want add your container +platform (OCP/Origin) as a *Container Provider* in CFME/MIQ then you +must ensure that the infrastructure management hooks are installed. + +* During your OCP/Origin install, ensure that you have the + `openshift_use_manageiq` parameter set to `true` in your inventory + at install time. This will create a `management-infra` project and a + service account user. +* After CFME/MIQ is installed, obtain the `management-admin` service + account token and copy it somewhere safe. + +```bash +$ oc serviceaccounts get-token -n management-infra management-admin +eyJhuGdiOiJSUzI1NiIsInR5dCI6IkpXVCJ9.eyJpd9MiOiJrbWJldm5lbGVzL9NldnZpY2VhY2NvbW50Iiwiy9ViZXJuZXRldy5puy9zZXJ2yWNlYWNju9VubC9uYW1ld9BhY2UiOiJtYW5hZ2VtZW50LWluZnJhIiwiy9ViZXJuZXRldy5puy9zZXJ2yWNlYWNju9VubC9zZWNyZXQuumFtZSI6Im1humFnZW1lunQtYWRtyW4tbG9rZW4tdDBnOTAiLCJrbWJldm5lbGVzLmlvL9NldnZpY2VhY2NvbW50L9NldnZpY2UtYWNju9VubC5uYW1lIjoiuWFuYWbluWVubC1hZG1puiIsImt1YmVyumV0ZXMuyW8vd2VybmljZWFjY291unQvd2VybmljZS1hY2NvbW50LnVpZCI6IjRiZDM2MWQ1LWE1NDAtMTFlNy04YzI5LTUyNTQwMDliMmNkZCIsInN1YiI6InN5d9RluTpzZXJ2yWNlYWNju9VubDptYW5hZ2VtZW50LWluZnJhOm1humFnZW1lunQtYWRtyW4ifQ.B6sZLGD9O4vBu9MHwiG-C_4iEwjBXb7Af8BPw-LNlujDmHhOnQ-Oo4QxQKyj9edynfmDy2yutUyJ2Mm9HfDGWg4C9xhWImHoq6Nl7T5_9djkeGKkK7Ejvg4fA-IkrzEsZeQuluBvXnE6wvP0LCjUo_dx4pPyZJyp46teV9NqKQeDzeysjlMCyqp6AK6-Lj8ILG8YA6d_97HlzL_EgFBLAu0lBSn-uC_9J0gLysqBtK6TI0nExfhv9Bm1_5bdHEbKHPW7xIlYlI9AgmyTyhsQ6SoQWtL2khBjkG9TlPBq9wYJj9bzqgVZlqEfICZxgtXO7sYyuoje4y8lo0YQ0kZmig +``` + +* In the CFME/MIQ web interface, navigate to `Compute` → + `Containers` → `Providers` and select `⚙ Configuration` → `⊕ + Add a new Containers Provider` + +*See the [upstream documentation](http://manageiq.org/docs/reference/latest/doc-Managing_Providers/miq/index.html#containers-providers) for additional information.* + + + # Requirements The **default** requirements are listed in the table below. These can @@ -105,7 +129,8 @@ The implications of this table are summarized below: * Your cluster nodes must have lots of memory available * You will need several GiB's of storage available, either locally or on your cloud provider - +* PV sizes can be changed by providing override values to template + parameters (see also: [Customization](#customization)) # Role Variables @@ -127,15 +152,10 @@ installer. | `openshift_cfme_storage_nfs_base_dir` | **No** | `/exports/` | If you are using **External NFS** then you may set the base path to the exports location here.
**Local NFS Note**: You *may* also change this value if you want to change the default path used for local NFS exports. | | `openshift_cfme_storage_nfs_local_hostname` | **No** | `false` | If you do not have an `[nfs]` group in your inventory, or want to simply manually define the local NFS host in your cluster, set this parameter to the hostname of the preferred NFS server. The server must be a part of your OCP/Origin cluster. | | **CUSTOMIZATION OPTIONS** | | | | | -| `openshift_cfme_app_pv_size` | **No** | `5Gi` | How large the application PV will be in Kube units (`Gi`, `Mi`, etc) [2]| -| `openshift_cfme_db_pv_size` | **No** | `15Gi` | How large the database PV will be in Kube units [2]| | `openshift_cfme_template_parameters` | **No** | `{}` | A dictionary of any parameters you want to override in the application/pv templates. -* [1] `cfme-template*` will be available once CFME 4.6 is released -* [2] If you override the PV sizes, read - [Override PV Sizes](#override-pv-sizes) (below) for additional - required parameters - +* [1] The `cfme-template`s will be available and + automatically detected once CFME 4.6 is released # Getting Started @@ -143,13 +163,21 @@ installer. Below are some inventory snippets that can help you get started right away. -Once you've settled on a configuration scheme you can install CFME -using this `ansible-playbook` invocation: +If you want to install CFME/MIQ at the same time you install your +OCP/Origin cluster, ensure that `openshift_cfme_install_cfme` is set +to `true` in your inventory. Call the standard +`playbooks/byo/config.yml` playbook to begin the cluster and CFME/MIQ +installation. + +If you are installing CFME/MIQ on an *already provisioned cluster* +then you can call the CFME/MIQ playbook directly: ``` $ ansible-playbook -v -i playbooks/byo/openshift-cfme/config.yml ``` +*Note: Use `miq-template` in the following examples for ManageIQ installs* + ## All Defaults This example is the simplest. All of the default values and choices @@ -159,7 +187,7 @@ created as pods in the container platform. ```ini [OSEv3:vars] -openshift_cfme_app_template=miq-template +openshift_cfme_app_template=cfme-template ``` ## External NFS Storage @@ -174,7 +202,7 @@ as a storage appliance). Note the two new parameters: ```ini [OSEv3:vars] -openshift_cfme_app_template=miq-template +openshift_cfme_app_template=cfme-template openshift_cfme_storage_class=nfs_external openshift_cfme_storage_nfs_external_hostname=nfs.example.com ``` @@ -190,16 +218,14 @@ openshift_cfme_storage_nfs_base_dir=/exports/hosted/prod ## Override PV sizes -This example will override the PV sizes. Note that we must **also -set** template parameters in the `openshift_cfme_template_parameters` -parameter so that the application/db will be able to make claims on -created PVs without clobbering each other. +This example will override the PV sizes. Note that we set the PV sizes +in the template parameters, `openshift_cfme_template_parameters`. This +ensures that the application/db will be able to make claims on created +PVs without clobbering each other. ```ini [OSEv3:vars] -openshift_cfme_app_template=miq-template -openshift_cfme_app_pv_size=10Gi -openshift_cfme_db_pv_size=25Gi +openshift_cfme_app_template=cfme-template openshift_cfme_template_parameters={'APPLICATION_VOLUME_CAPACITY': '10Gi', 'DATABASE_VOLUME_CAPACITY': '25Gi'} ``` @@ -212,7 +238,7 @@ performance or a complete failure to initialize the application. ```ini [OSEv3:vars] -openshift_cfme_app_template=miq-template +openshift_cfme_app_template=cfme-template openshift_cfme_template_parameters={'APPLICATION_MEM_REQ': '3000Mi', 'POSTGRESQL_MEM_REQ': '1Gi', 'ANSIBLE_MEM_REQ': '512Mi'} ``` diff --git a/roles/openshift_cfme/defaults/main.yml b/roles/openshift_cfme/defaults/main.yml index a1a6e7190..8ba672262 100644 --- a/roles/openshift_cfme/defaults/main.yml +++ b/roles/openshift_cfme/defaults/main.yml @@ -76,13 +76,6 @@ openshift_cfme_storage_nfs_base_dir: /exports # setting this variable. Useful for testing specific task files. openshift_cfme_storage_nfs_local_hostname: false -#--------------------------------------------------------------------- -# DEFAULT PV SIZES -# How large to make the MIQ application PV -openshift_cfme_app_pv_size: 5Gi -# How large to make the MIQ PostgreSQL PV -openshift_cfme_db_pv_size: 15Gi - ###################################################################### # SCAFFOLDING - These are parameters we pre-seed that a user may or # may not set later diff --git a/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml b/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml index 0a67b2193..b8d4ec8c5 100644 --- a/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml +++ b/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml @@ -1,5 +1,31 @@ --- # Create the required PVs for the App and the DB +- name: Note the App PV Size from Template Parameters + set_fact: + openshift_cfme_app_pv_size: "{{ openshift_cfme_template_parameters.APPLICATION_VOLUME_CAPACITY }}" + when: + - openshift_cfme_template_parameters.APPLICATION_VOLUME_CAPACITY is defined + +- name: Note the App PV Size from defaults + set_fact: + openshift_cfme_app_pv_size: "{{ __openshift_cfme_app_pv_size }}" + when: + - openshift_cfme_template_parameters.APPLICATION_VOLUME_CAPACITY is not defined + +- when: openshift_cfme_app_template in ['miq-template', 'cfme-template'] + block: + - name: Note the DB PV Size from Template Parameters + set_fact: + openshift_cfme_db_pv_size: "{{ openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY }}" + when: + - openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY is defined + + - name: Note the DB PV Size from defaults + set_fact: + openshift_cfme_db_pv_size: "{{ __openshift_cfme_db_pv_size }}" + when: + - openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY is not defined + - name: Check if the CFME App PV has been created oc_obj: namespace: "{{ openshift_cfme_project }}" diff --git a/roles/openshift_cfme/tasks/validate.yml b/roles/openshift_cfme/tasks/validate.yml index c7409d9ab..1ba813a43 100644 --- a/roles/openshift_cfme/tasks/validate.yml +++ b/roles/openshift_cfme/tasks/validate.yml @@ -7,13 +7,18 @@ assert: that: - openshift_cfme_app_template in __openshift_cfme_app_templates - msg: "openshift_cfme_app_template must be one of {{ __openshift_cfme_app_templates | join(', ') }}" + + msg: | + "openshift_cfme_app_template must be one of {{ + __openshift_cfme_app_templates | join(', ') }}" - name: Ensure openshift_cfme_storage_class is a valid type assert: that: - openshift_cfme_storage_class in __openshift_cfme_storage_classes - msg: "openshift_cfme_storage_class must be one of {{ __openshift_cfme_storage_classes | join(', ') }}" + msg: | + "openshift_cfme_storage_class must be one of {{ + __openshift_cfme_storage_classes | join(', ') }}" ###################################################################### # STORAGE PARAMS - NFS @@ -21,12 +26,24 @@ assert: that: - openshift_cfme_storage_nfs_external_hostname | default(False) - msg: The selected storage class 'nfs_external' requires a valid hostname for the openshift_cfme_storage_nfs_hostname parameter + msg: | + The selected storage class 'nfs_external' requires a valid + hostname for the openshift_cfme_storage_nfs_hostname parameter when: - openshift_cfme_storage_class == 'nfs_external' -# that 'nfs' types have one of the following set: -# +- name: Ensure local NFS storage has a valid NFS server to use + fail: + msg: | + No NFS hosts detected or defined but storage class is set to + 'nfs'. Add hosts to your [nfs] group or define one manually with + the 'openshift_cfme_storage_nfs_local_hostname' parameter + when: + - openshift_cfme_storage_class == 'nfs' + # You haven't created any NFS groups + - (groups.nfs is defined and groups.nfs | length == 0) or (groups.nfs is not defined) + # You did not manually specify a host to use + - (openshift_cfme_storage_nfs_local_hostname is not defined) or (openshift_cfme_storage_nfs_local_hostname == false) ###################################################################### # STORAGE PARAMS -CLOUD PROVIDER @@ -36,9 +53,10 @@ - openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce' msg: | openshift_cfme_storage_class is 'cloudprovider' but you have an - invalid kind defined. See 'openshift_cloudprovider_kind' in the - example inventories for the required parameters for your - selected cloud provider. Working providers: 'aws' and 'gce'. + invalid kind defined, '{{ openshift_cloudprovider_kind }}'. See + 'openshift_cloudprovider_kind' in the example inventories for + the required parameters for your selected cloud + provider. Working providers: 'aws' and 'gce'. when: - openshift_cfme_storage_class == 'cloudprovider' - openshift_cloudprovider_kind is defined @@ -64,7 +82,7 @@ that: - item in openshift_cfme_template_parameters msg: | - "You are not using podified database services and a required + "You are using external database services but a required database parameter {{ item }} was not found in 'openshift_cfme_template_parameters'" with_items: "{{ __openshift_cfme_required_db_conn_params }}" diff --git a/roles/openshift_cfme/vars/main.yml b/roles/openshift_cfme/vars/main.yml index f79724afa..9764f464c 100644 --- a/roles/openshift_cfme/vars/main.yml +++ b/roles/openshift_cfme/vars/main.yml @@ -8,6 +8,13 @@ __openshift_cfme_storage_classes: - preconfigured - cloudprovider +#--------------------------------------------------------------------- +# DEFAULT PV SIZES +# How large to make the MIQ application PV +__openshift_cfme_app_pv_size: 5Gi +# How large to make the MIQ PostgreSQL PV +__openshift_cfme_db_pv_size: 15Gi + # Name of the application templates with object/parameter definitions __openshift_cfme_app_templates: - miq-template-ext-db -- cgit v1.2.3