eg_mep install playbook images tag added

[ealt-edge.git] / ocd / infra / playbooks / roles / eg_mep / tasks / install.yml

#
# Copyright 2020 Huawei Technologies Co., Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

---

- name: Doing deployment setup for edge gallery
  copy:
    src: deploy
    dest: /tmp/eg_mep/

- name: Import config file
  include_vars:
    file: ../../../config.yml
    name: vardata

- name: Create mep namespace
  command: kubectl create ns mep
  args:
    chdir: /tmp/

- name: Create generic pg secret
  # yamllint disable rule:line-length
  command: kubectl -n mep create secret generic pg-secret --from-literal=pg_admin_pwd={{ vardata.mepadminpwd.name}} --from-literal=kong_pg_pwd={{ vardata.mepkongpgpwd.name}} --from-file=server.key=/tmp/.mep_tmp_cer/server_tls.key --from-file=server.crt=/tmp/.mep_tmp_cer/server_tls.crt
  # yamllint disable rule:line-length
  args:
    chdir: /tmp/

- name: Create mep generic for mep ssl
  # yamllint disable rule:line-length
  command: kubectl -n mep create secret generic mep-ssl --from-literal=cert_pwd={{ vardata.mepcertpwd.name}} --from-file=server.cer=/tmp/.mep_tmp_cer/server_tls.crt --from-file=server_key.pem=/tmp/.mep_tmp_cer/server_encryptedtls.key --from-file=trust.cer=/tmp/.mep_tmp_cer/ca.crt
  # yamllint disable rule:line-length
  args:
    chdir: /tmp/

- name: Create mep seret generic
  # yamllint disable rule:line-length
  command: kubectl -n mep create secret generic mepauth-secret --from-file=server.crt=/tmp/.mep_tmp_cer/server_tls.crt --from-file=server.key=/tmp/.mep_tmp_cer/server_tls.key --from-file=ca.crt=/tmp/.mep_tmp_cer/ca.crt --from-file=jwt_publickey=/tmp/.mep_tmp_cer/jwt_publickey --from-file=jwt_encrypted_privatekey=/tmp/.mep_tmp_cer/jwt_encrypted_privatekey
  # yamllint disable rule:line-length
  args:
    chdir: /tmp/

- debug:
    msg: Deploy_dns_metallb execution start

- name: Eg_Mep deployment execution of namesapce
  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/metallb/namespace.yaml
  args:
    chdir: /tmp/eg_mep/deploy/

- name: Eg_Mep deployment execution of metallb
  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/metallb/metallb.yaml
  args:
    chdir: /tmp/eg_mep/deploy/

- name: Eg_Mep deployment create secret
  command: kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
  args:
    chdir: /tmp/eg_mep/deploy/

- name: Eg_Mep deployment execution of config-mep
  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/metallb/config-map.yaml
  args:
    chdir: /tmp/eg_mep/deploy/

- debug:
    msg: Deploy_network_isolation_multus execution start

- name: Running multus yaml files
  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/network-isolation/multus.yaml
  args:
    chdir: /tmp/eg_mep/deploy/

- name: Running eg-sp-rbac yaml files
  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-rbac.yaml
  args:
    chdir: /tmp/eg_mep/deploy/

- name: Replacing image
  replace:
    path: /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-controller.yaml
    regexp: 'edgegallery/edgegallery-secondary-ep-controller:{{ vardata.egepcontroller.name}}'
    replace: "swr.ap-southeast-1.myhuaweicloud.com/edgegallery/edgegallery-secondary-ep-controller:{{ vardata.cloudegepcontroller.name}}"

- name: Running eg-sp-controller yaml files
  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-controller.yaml
  args:
    chdir: /tmp/eg_mep/deploy/

- debug:
    msg: Setup_interfaces execution start

- name: Link eg mep macvlan
  command: ip link add eg-mp1 link {{ vardata.systeminterface1.name}} type macvlan mode bridge
  args:
    chdir: /tmp/eg_mep/deploy/
  ignore_errors: yes
  no_log: True

- name: Link eg mep macvlan
  command: ip addr add {{ vardata.ipaddregmepmacvlan.name}} dev eg-mp1
  args:
    chdir: /tmp/eg_mep/deploy/
  ignore_errors: yes
  no_log: True

- name: Link eg me1 up
  command: ip link set dev eg-mp1 up
  args:
    chdir: /tmp/eg_mep/deploy/
  ignore_errors: yes
  no_log: True

- name: Link eg eg mm5 with eth1
  command: ip link add eg-mm5 link {{ vardata.systeminterface2.name}} type macvlan mode bridge
  args:
    chdir: /tmp/eg_mep/deploy/
  ignore_errors: yes
  no_log: True

- name: Link eg eg mm5 ip addr
  command: ip addr add {{ vardata.ipaddregmep5.name}} dev eg-mm5
  args:
    chdir: /tmp/eg_mep/deploy/
  ignore_errors: yes
  no_log: True

- name: Link eg eg mm5 set dev
  command: ip link set dev eg-mm5 up
  args:
    chdir: /tmp/eg_mep/deploy/
  ignore_errors: yes
  no_log: True

- debug:
    msg: Pull helm repo start

- name: Edge gallery mep installation pull chart
  # yamllint disable rule:line-length
  command: helm install --wait mep-edgegallery edgegallery/mep --set networkIsolation.phyInterface.mp1={{ vardata.systeminterface1.name}} --set networkIsolation.phyInterface.mm5={{ vardata.systeminterface2.name}} --set images.mep.tag={{ vardata.mepimagetag.name}} --set images.mepauth.tag={{ vardata.mepauthimagetag.name}} --set images.dns.tag={{ vardata.mepdnsimagetag.name}} --set ssl.secretName=mep-ssl
  # yamllint disable rule:line-length
  args:
    chdir: /tmp/eg_mep/deploy/
  ignore_errors: yes
  no_log: True