Merge pull request #330 from tchellomello/ingress_minikube

Introducing service type definition and reworking Ingress rules

ansible/group_vars/all

@@ -1,3 +1,4 @@
 operator_image: quay.io/ansible/awx-operator
 operator_version: 0.9.0
 pull_policy: Always
+ansible_debug_logs: "false"

ansible/instantiate-awx-deployment.yml

@@ -20,7 +20,8 @@
           spec:
             admin_user: admin
             admin_email: admin@localhost
-            ingress_type: "{{ ingress_type | default(omit) }}"  # Either Route, Ingress or LoadBalancer
+            service_type: "{{ service_type | default(omit) }}"  # Either clusterIP, Loadbalancer or NodePort
+            ingress_type: "{{ ingress_type | default(omit) }}"  # Either none, Ingress, Route
             image: "{{ image | default(omit) }}"
             image_version: "{{ image_version | default(omit) }}"
             development_mode: "{{ development_mode | default(omit) | bool }}"

ansible/templates/crd.yml.j2

@@ -70,6 +70,16 @@ spec:
                 extra_volumes:
                   description: Specify extra volumes to add to the application pod
                   type: string
+                service_type:
+                  description: The service type to be used on the deployed instance
+                  type: string
+                  enum:
+                    - LoadBalancer
+                    - loadbalancer
+                    - ClusterIP
+                    - clusterip
+                    - NodePort
+                    - nodeport
                 ingress_type:
                   description: The ingress type to use to reach the deployed instance
                   type: string
@@ -79,15 +89,11 @@ spec:
                     - ingress
                     - Route
                     - route
-                    - LoadBalancer
-                    - loadbalancer
-                    - NodePort
-                    - nodeport
                 ingress_annotations:
-                  description: Annotations to add to the ingress
+                  description: Annotations to add to the Ingress Controller
                   type: string
                 ingress_tls_secret:
-                  description: Secret where the ingress TLS secret can be found
+                  description: Secret where the Ingress TLS secret can be found
                   type: string
                 loadbalancer_annotations:
                   description: Annotations to add to the loadbalancer

ansible/templates/operator.yml.j2

@@ -35,6 +35,8 @@ spec:
               value: explicit
             - name: OPERATOR_VERSION
               value: "{{ operator_version }}"
+            - name: ANSIBLE_DEBUG_LOGS
+              value: "{{ ansible_debug_logs|lower | default('false'|lower) }}"
           livenessProbe:
             httpGet:
               path: /healthz

deploy/awx-operator.yaml

@@ -72,6 +72,16 @@ spec:
                 extra_volumes:
                   description: Specify extra volumes to add to the application pod
                   type: string
+                service_type:
+                  description: The service type to be used on the deployed instance
+                  type: string
+                  enum:
+                    - LoadBalancer
+                    - loadbalancer
+                    - ClusterIP
+                    - clusterip
+                    - NodePort
+                    - nodeport
                 ingress_type:
                   description: The ingress type to use to reach the deployed instance
                   type: string
@@ -81,15 +91,11 @@ spec:
                     - ingress
                     - Route
                     - route
-                    - LoadBalancer
-                    - loadbalancer
-                    - NodePort
-                    - nodeport
                 ingress_annotations:
-                  description: Annotations to add to the ingress
+                  description: Annotations to add to the Ingress Controller
                   type: string
                 ingress_tls_secret:
-                  description: Secret where the ingress TLS secret can be found
+                  description: Secret where the Ingress TLS secret can be found
                   type: string
                 loadbalancer_annotations:
                   description: Annotations to add to the loadbalancer
@@ -621,7 +627,7 @@ spec:
       serviceAccountName: awx-operator
       containers:
         - name: awx-operator
-          image: "quay.io/ansible/awx-operator:0.9.0"
+          image: "quay.io/ansible/awx-operator:devel"
           imagePullPolicy: "Always"
           volumeMounts:
             - mountPath: /tmp/ansible-operator/runner
@@ -639,7 +645,9 @@ spec:
             - name: ANSIBLE_GATHERING
               value: explicit
             - name: OPERATOR_VERSION
-              value: "0.9.0"
+              value: "devel"
+            - name: ANSIBLE_DEBUG_LOGS
+              value: "false"
           livenessProbe:
             httpGet:
               path: /healthz

deploy/crds/awx_v1beta1_crd.yaml

@@ -70,6 +70,16 @@ spec:
                 extra_volumes:
                   description: Specify extra volumes to add to the application pod
                   type: string
+                service_type:
+                  description: The service type to be used on the deployed instance
+                  type: string
+                  enum:
+                    - LoadBalancer
+                    - loadbalancer
+                    - ClusterIP
+                    - clusterip
+                    - NodePort
+                    - nodeport
                 ingress_type:
                   description: The ingress type to use to reach the deployed instance
                   type: string
@@ -79,15 +89,11 @@ spec:
                     - ingress
                     - Route
                     - route
-                    - LoadBalancer
-                    - loadbalancer
-                    - NodePort
-                    - nodeport
                 ingress_annotations:
-                  description: Annotations to add to the ingress
+                  description: Annotations to add to the Ingress Controller
                   type: string
                 ingress_tls_secret:
-                  description: Secret where the ingress TLS secret can be found
+                  description: Secret where the Ingress TLS secret can be found
                   type: string
                 loadbalancer_annotations:
                   description: Annotations to add to the loadbalancer

deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml

@@ -178,46 +178,51 @@ spec:
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:text
-      - displayName: Ingress Type
+      - displayName: Tower Service Type
+        path: service_type
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:select:ClusterIP
+        - urn:alm:descriptor:com.tectonic.ui:select:LoadBalancer
+        - urn:alm:descriptor:com.tectonic.ui:select:NodePort
+      - displayName: Tower Ingress Type
         path: ingress_type
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:select:none
         - urn:alm:descriptor:com.tectonic.ui:select:Ingress
         - urn:alm:descriptor:com.tectonic.ui:select:Route
-        - urn:alm:descriptor:com.tectonic.ui:select:LoadBalancer
-        - urn:alm:descriptor:com.tectonic.ui:select:NodePort
-      - displayName: Ingress Annotations
+      - displayName: Tower Ingress Annotations
         path: ingress_annotations
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:text
         - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress
-      - displayName: Ingress TLS Secret
+      - displayName: Tower Ingress TLS Secret
         path: ingress_tls_secret
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:io.kubernetes:Secret
         - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress
-      - displayName: LoadBalancer Annotations
+      - displayName: Tower LoadBalancer Annotations
         path: loadbalancer_annotations
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:text
-        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:LoadBalancer
-      - displayName: LoadBalancer Protocol
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer
+      - displayName: Tower LoadBalancer Protocol
         path: loadbalancer_protocol
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:select:http
         - urn:alm:descriptor:com.tectonic.ui:select:https
-        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:LoadBalancer
-      - displayName: LoadBalancer Port
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer
+      - displayName: Tower LoadBalancer Port
         path: loadbalancer_port
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:number
-        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:LoadBalancer
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer
       - displayName: Route DNS host
         path: route_host
         x-descriptors:

molecule/test-local/converge.yml

@@ -28,6 +28,7 @@
     pull_policy: Never
     operator_image: awx.ansible.com/awx-operator
     operator_version: testing
+    ansible_debug_logs: "true"
     custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/awx_v1beta1_molecule.yaml'])) | from_yaml }}"
 
   tasks:

molecule/test-minikube/converge.yml

@@ -36,6 +36,7 @@
     pull_policy: Never
     operator_image: awx.ansible.com/awx-operator
     operator_version: testing
+    ansible_debug_logs: "true"
     # Change this to _awx to test AWX, _tower to test Tower.
     custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/awx_v1beta1_molecule.yaml'])) | from_yaml }}"
 

roles/installer/defaults/main.yml

@@ -7,6 +7,7 @@ database_name: "{{ deployment_type }}"
 database_username: "{{ deployment_type }}"
 
 task_privileged: false
+service_type: ClusterIP
 ingress_type: none
 
 # Add annotations to the service account. Specify as literal block. E.g.:
@@ -51,7 +52,7 @@ route_tls_secret: ''
 #
 route_host: ''
 
-hostname: '{{ deployment_type }}.example.com'
+hostname: '{{ meta.name }}.example.com'
 
 # Add a nodeSelector for the AWX pods. It must match a node's labels for the pod
 # to be scheduled on that node. Specify as literal block. E.g.:

roles/installer/templates/ingress.yaml.j2

@@ -1,4 +1,4 @@
-{% if 'ingress' == ingress_type|lower %}
+{% if ingress_type|lower == "ingress" %}
 ---
 apiVersion: extensions/v1beta1
 kind: Ingress
@@ -32,7 +32,7 @@ spec:
 {% endif %}
 {% endif %}
 
-{% if 'route' == ingress_type|lower %}
+{% if ingress_type|lower == "route" %}
 ---
 apiVersion: route.openshift.io/v1
 kind: Route

roles/installer/templates/service.yaml.j2

@@ -17,7 +17,7 @@ metadata:
 {% endif %}
 spec:
   ports:
-{% if ingress_type | lower != 'loadbalancer' and loadbalancer_protocol | lower != 'https' %}
+{% if service_type | lower != 'loadbalancer' and loadbalancer_protocol | lower != 'https' %}
     - port: 80
       protocol: TCP
       targetPort: 8052
@@ -29,12 +29,12 @@ spec:
       targetPort: 8053
       name: https
 {% endif %}
-{% if ingress_type | lower == 'loadbalancer' and loadbalancer_protocol | lower == 'https' %}
+{% if service_type | lower == 'loadbalancer' and loadbalancer_protocol | lower == 'https' %}
     - port: {{ loadbalancer_port }}
       protocol: TCP
       targetPort: 8052
       name: https
-{% elif ingress_type | lower == 'loadbalancer' and loadbalancer_protocol | lower != 'https' %}
+{% elif service_type | lower == 'loadbalancer' and loadbalancer_protocol | lower != 'https' %}
     - port: {{ loadbalancer_port }}
       protocol: TCP
       targetPort: 8052
@@ -44,9 +44,9 @@ spec:
     app.kubernetes.io/name: '{{ meta.name }}'
     app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
     app.kubernetes.io/component: '{{ deployment_type }}'
-{% if ingress_type | lower == "loadbalancer" %}
+{% if service_type | lower == "loadbalancer" %}
   type: LoadBalancer
-{% elif ingress_type != "none" %}
+{% elif service_type | lower == "nodeport" %}
   type: NodePort
 {% else %}
   type: ClusterIP

scripts/build.sh

@@ -8,7 +8,7 @@
 ##
 ## git clone https://github.com/ansible/awx-operator.git
 ## cd awx-operator
-## REGISTRY=registry.example.com/ansible TAG=mytag scripts/build.sh
+## REGISTRY=registry.example.com/ansible TAG=mytag ANSIBLE_DEBUG_LOGS=true scripts/build.sh
 ##
 ## As a result, the $REGISTRY will be populated with 2 images
 ## registry.example.com/ansible/awx-operator:mytag
@@ -51,6 +51,7 @@ prepare_local_deploy() {
     echo "operator_image: $REGISTRY/$OPERATOR_IMAGE" > ansible/group_vars/all
     echo "operator_version: $TAG" >> ansible/group_vars/all
     echo "pull_policy: Always" >> ansible/group_vars/all
+    echo "ansible_debug_logs: ${ANSIBLE_DEBUG_LOGS:-false}" >> ansible/group_vars/all
     ansible-playbook ansible/chain-operator-files.yml
 }