From: arvindpatel Date: Thu, 12 Nov 2020 19:23:20 +0000 (+0530) Subject: Install Uninstall end to end testing X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=commitdiff_plain;h=0f5e32849f70dfb4acf7297ba1b35e729def95f9;p=ealt-edge.git Install Uninstall end to end testing Signed-off-by: arvindpatel Change-Id: Ia9be8ab8fb7e1c8177c7f4d6a36d7944dff572fb --- diff --git a/ocd/infra/playbooks/config.yml b/ocd/infra/playbooks/config.yml index 94a7bb0..cddacaa 100644 --- a/ocd/infra/playbooks/config.yml +++ b/ocd/infra/playbooks/config.yml @@ -26,6 +26,9 @@ common_pwd: name: ########## Edge config ############# +######### Mandatory ######### +mep_kong_pg_pwd: + name: ######### Optional ######### edge_management_interface: name: eth0 @@ -40,8 +43,6 @@ eg-dataplane-address: # need common password for security purpose mep_pg_admin_pwd: name: -mep_kong_pg_pwd: - name: mep_cert_pwd: name: generate_cert_pass: diff --git a/ocd/infra/playbooks/ealt-all.yml b/ocd/infra/playbooks/ealt-all.yml index 39ccdcf..c0028bc 100644 --- a/ocd/infra/playbooks/ealt-all.yml +++ b/ocd/infra/playbooks/ealt-all.yml @@ -53,6 +53,7 @@ - center roles: + - eg_prerequisite - helm - kubeconfig @@ -76,7 +77,6 @@ - center roles: - - eg_prerequisite - eg_secret - eg_set-helm-repo - service_center @@ -98,6 +98,7 @@ roles: - docker + - eg_prerequisite - k3s ### Pre-Requisites ### @@ -126,7 +127,6 @@ - mepkubeconfig - cadvisor - ### EdgeGallery related ### - hosts: egedge @@ -136,7 +136,6 @@ - edge roles: - - eg_prerequisite - eg_secret - eg_set-helm-repo - eg_mep diff --git a/ocd/infra/playbooks/ealt-inventory.ini b/ocd/infra/playbooks/ealt-inventory.ini index 719aaf4..d0d3792 100644 --- a/ocd/infra/playbooks/ealt-inventory.ini +++ b/ocd/infra/playbooks/ealt-inventory.ini @@ -54,4 +54,4 @@ edge edge [egedge:children] -edge \ No newline at end of file +edge diff --git a/ocd/infra/playbooks/roles/eg_appstore/tasks/uninstall.yml b/ocd/infra/playbooks/roles/eg_appstore/tasks/uninstall.yml index d4e089f..f38b51d 100644 --- a/ocd/infra/playbooks/roles/eg_appstore/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/eg_appstore/tasks/uninstall.yml @@ -16,5 +16,7 @@ --- -- name: Unisntall appstore +- name: Uninstall appstore command: helm uninstall appstore-edgegallery + ignore_errors: yes + no_log: True diff --git a/ocd/infra/playbooks/roles/eg_certs/tasks/uninstall.yml b/ocd/infra/playbooks/roles/eg_certs/tasks/uninstall.yml index c6d92b3..ca56d0d 100644 --- a/ocd/infra/playbooks/roles/eg_certs/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/eg_certs/tasks/uninstall.yml @@ -20,3 +20,5 @@ command: rm -rf /tmp/ssl-eg-keys-certs args: chdir: /tmp/ + ignore_errors: yes + no_log: True diff --git a/ocd/infra/playbooks/roles/eg_developer/tasks/uninstall.yml b/ocd/infra/playbooks/roles/eg_developer/tasks/uninstall.yml index 41caeee..787052a 100644 --- a/ocd/infra/playbooks/roles/eg_developer/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/eg_developer/tasks/uninstall.yml @@ -18,3 +18,5 @@ - name: Uninstall developer command: helm uninstall developer-edgegallery + ignore_errors: yes + no_log: True diff --git a/ocd/infra/playbooks/roles/eg_helm-repo/tasks/uninstall.yml b/ocd/infra/playbooks/roles/eg_helm-repo/tasks/uninstall.yml index 6cd47d5..04ab2a9 100644 --- a/ocd/infra/playbooks/roles/eg_helm-repo/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/eg_helm-repo/tasks/uninstall.yml @@ -17,6 +17,10 @@ - name: Docker stop helm repo command: docker stop helm-repo + ignore_errors: yes + no_log: True - name: Docker rm helm repo command: docker rm helm-repo + ignore_errors: yes + no_log: True diff --git a/ocd/infra/playbooks/roles/eg_mecm-fe/tasks/uninstall.yml b/ocd/infra/playbooks/roles/eg_mecm-fe/tasks/uninstall.yml index c51438e..6c67b36 100644 --- a/ocd/infra/playbooks/roles/eg_mecm-fe/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/eg_mecm-fe/tasks/uninstall.yml @@ -18,3 +18,5 @@ - name: Uninstall mecm fe command: helm uninstall mecm-fe-edgegallery + ignore_errors: yes + no_log: True diff --git a/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/install.yml b/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/install.yml index bfb3da1..e6c2fc7 100644 --- a/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/install.yml +++ b/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/install.yml @@ -30,19 +30,23 @@ replace: path: /tmp/eg_mecm-meo/deploy/conf/keys/postgres_init.sql regexp: 'PASSWORD_VALUE' - replace: "{{ vardata.db_password.name }}" + replace: "{{ vardata.common_pwd.name }}" + +- name: Set a variable + ansible.builtin.set_fact: + comm_pwd: "{{ vardata.common_pwd.name }}" - name: Create mecm-ssl-secret with common pwd # yamllint disable rule:line-length command: kubectl create secret generic mecm-ssl-secret --from-file=keystore.p12=/tmp/ssl-eg-keys-certs/keystore.p12 --from-file=keystore.jks=/tmp/ssl-eg-keys-certs/keystore.jks --from-literal=keystorePassword={{ vardata.common_pwd.name}} --from-literal=keystoreType=PKCS12 --from-literal=keyAlias=edgegallery --from-literal=truststorePassword={{ vardata.common_pwd.name}} # yamllint disable rule:line-length - when: '{{ vardata.common_pwd.name}}' + when: comm_pwd != "" - name: Generates certificate mecm-ssl-secret # yamllint disable rule:line-length command: kubectl create secret generic mecm-ssl-secret --from-file=keystore.p12=/tmp/ssl-eg-keys-certs/keystore.p12 --from-file=keystore.jks=/tmp/ssl-eg-keys-certs/keystore.jks --from-literal=keystorePassword={{ vardata.mecm_meo_keystorePassword.name}} --from-literal=keystoreType=PKCS12 --from-literal=keyAlias=edgegallery --from-literal=truststorePassword={{ vardata.mecm_meo_truststorePassword.name}} # yamllint disable rule:line-length - when: '{{ vardata.mecm_meo_keystorePassword.name}}' + when: comm_pwd == "" - name: Create certificate edgegallery-mecm-secret with common pwd # yamllint disable rule:line-length @@ -50,7 +54,7 @@ # yamllint disable rule:line-length args: chdir: /tmp/eg_mecm-meo/deploy/ - when: '{{ vardata.common_pwd.name}}' + when: comm_pwd != "" - name: Generates certificate edgegallery-mecm-secret # yamllint disable rule:line-length @@ -58,7 +62,7 @@ # yamllint disable rule:line-length args: chdir: /tmp/eg_mecm-meo/deploy/ - when: '{{ vardata.mecm_meo_postgresPassword.name}}' + when: comm_pwd == "" - name: Fs group value shell: 'getent group docker | cut -d: -f3' @@ -66,5 +70,4 @@ - name: Helm install # yamllint disable rule:line-length - command: helm install mecm-meo-edgegallery edgegallery/mecm-meo --set ssl.secretName=mecm-ssl-secret --set mecm.secretName=edgegallery-mecm-secret --set images.inventory.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-inventory --set images.appo.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-appo --set images.apm.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-apm --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/postgres --set images.inventory.tag={{ vardata.eg_image_tag.name}} --set images.appo.tag={{ vardata.eg_image_tag.name}} --set images.apm.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag=12.3 --set images.inventory.pullPolicy=IfNotPresent --set images.appo.pullPolicy=IfNotPresent --set images.apm.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set mecm.docker.fsgroup=result.stdout - # yamllint disable rule:line-length + command: helm install mecm-meo-edgegallery edgegallery/mecm-meo --set ssl.secretName=mecm-ssl-secret --set mecm.secretName=edgegallery-mecm-secret --set images.inventory.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-inventory --set images.appo.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-appo --set images.apm.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-apm --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/postgres --set images.inventory.tag={{ vardata.eg_image_tag.name}} --set images.appo.tag={{ vardata.eg_image_tag.name}} --set images.apm.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag=12.3 --set images.inventory.pullPolicy=IfNotPresent --set images.appo.pullPolicy=IfNotPresent --set images.apm.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set mecm.docker.fsgroup="{{result.stdout}}" diff --git a/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/uninstall.yml b/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/uninstall.yml index 3f93558..3bd6754 100644 --- a/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/uninstall.yml @@ -18,6 +18,10 @@ - name: Uninstall mecm meo command: helm uninstall mecm-meo-edgegallery + ignore_errors: yes + no_log: True -- name: Uninstall sercets +- name: Delete mecm-ssl-secret and edgegallery-mecm-secret command: kubectl delete secret mecm-ssl-secret edgegallery-mecm-secret + ignore_errors: yes + no_log: True diff --git a/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/install.yml b/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/install.yml index 42a72bb..12a388c 100644 --- a/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/install.yml +++ b/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/install.yml @@ -26,11 +26,15 @@ file: ../../../config.yml name: vardata +- name: Set a variable + ansible.builtin.set_fact: + comm_pwd: "{{ vardata.common_pwd.name }}" + - name: Replacing password replace: path: /tmp/eg_mecm-mepm/deploy/conf/keys/postgres_init.sql regexp: 'PASSWORD_VALUE' - replace: "{{ vardata.db_password.name }}" + replace: "{{ vardata.common_pwd.name }}" - name: Create mecm-mepm-ssl-secret secret # yamllint disable rule:line-length @@ -48,15 +52,15 @@ - name: Create edgegallery-mepm-secret secret with common pwd # yamllint disable rule:line-length - command: kubectl create secret generic edgegallery-mepm-secret --from-file=postgres_init.sql=/tmp/eg_mecm-mepm/deploy/conf/keys/postgres_init.sql --from-literal=postgresPassword={{ vardata.db_password.name}} --from-literal=postgresLcmCntlrPassword={{ vardata.db_password.name}} --from-literal=postgresk8sPluginPassword={{ vardata.db_password.name}} + command: kubectl create secret generic edgegallery-mepm-secret --from-file=postgres_init.sql=/tmp/eg_mecm-mepm/deploy/conf/keys/postgres_init.sql --from-literal=postgresPassword={{ vardata.common_pwd.name}} --from-literal=postgresLcmCntlrPassword={{ vardata.common_pwd.name}} --from-literal=postgresk8sPluginPassword={{ vardata.common_pwd.name}} # yamllint disable rule:line-length - when: '{{ vardata.db_password.name}}' + when: comm_pwd != "" - name: Create edgegallery-mepm-secret secret # yamllint disable rule:line-length command: kubectl create secret generic edgegallery-mepm-secret --from-file=postgres_init.sql=/tmp/eg_mecm-mepm/deploy/conf/keys/postgres_init.sql --from-literal=postgresPassword={{ vardata.mecm_mepm_postgresPassword.name}} --from-literal=postgresLcmCntlrPassword={{ vardata.mecm_mepm_postgresLcmCntlrPassword.name}} --from-literal=postgresk8sPluginPassword={{ vardata.mecm_mepm_postgresk8sPluginPassword.name}} # yamllint disable rule:line-length - when: '{{ vardata.mecm_mepm_postgresPassword.name}}' + when: comm_pwd == "" - name: Create mepm service account command: kubectl apply -f /tmp/eg_mecm-mepm/deploy/conf/manifest/mepm/mepm-service-account.yaml diff --git a/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/uninstall.yml b/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/uninstall.yml index 409b69a..699ef18 100644 --- a/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/uninstall.yml @@ -18,13 +18,18 @@ - name: Delete mecm-mepm secret command: helm uninstall mecm-mepm-edgegallery + ignore_errors: yes + no_log: True - name: Mecm mepm jwt delete # yamllint disable rule:line-length command: kubectl delete secret mecm-mepm-jwt-public-secret mecm-mepm-ssl-secret edgegallery-mepm-secret # yamllint disable rule:line-length + ignore_errors: yes + no_log: True - name: Delete mep-service-account # yamllint disable rule:line-length command: kubectl delete -f /tmp/eg_mecm-mepm/deploy/conf/manifest/mepm/mepm-service-account.yaml - # yamllint disable rule:line-length + ignore_errors: yes + no_log: True diff --git a/ocd/infra/playbooks/roles/eg_mep/files/deploy/conf/edge/network-isolation/multus.yaml b/ocd/infra/playbooks/roles/eg_mep/files/deploy/conf/edge/network-isolation/multus.yaml index bb21616..20a6016 100644 --- a/ocd/infra/playbooks/roles/eg_mep/files/deploy/conf/edge/network-isolation/multus.yaml +++ b/ocd/infra/playbooks/roles/eg_mep/files/deploy/conf/edge/network-isolation/multus.yaml @@ -195,14 +195,14 @@ spec: - "--multus-conf-file=auto" - "--cni-version=0.3.1" resources: - requests: - cpu: "100m" - memory: "50Mi" - limits: - cpu: "100m" - memory: "50Mi" + requests: + cpu: "100m" + memory: "50Mi" + limits: + cpu: "100m" + memory: "50Mi" securityContext: - privileged: true + privileged: true volumeMounts: - name: cni mountPath: /host/etc/cni/net.d diff --git a/ocd/infra/playbooks/roles/eg_mep/tasks/install.yml b/ocd/infra/playbooks/roles/eg_mep/tasks/install.yml index 62e103b..f33094d 100644 --- a/ocd/infra/playbooks/roles/eg_mep/tasks/install.yml +++ b/ocd/infra/playbooks/roles/eg_mep/tasks/install.yml @@ -25,6 +25,10 @@ file: ../../../config.yml name: vardata +- name: Set a variable + ansible.builtin.set_fact: + comm_pwd: "{{ vardata.common_pwd.name }}" + - name: Remove old dir command: rm -rf /tmp/.mep_tmp_cer args: @@ -61,19 +65,15 @@ - name: Openssl rsa mep tls with common pwd # yamllint disable rule:line-length - command: openssl rsa -in mepserver_tls.key -aes256 -passout pass:{{ vardata.common_pwd.name}} -out mepserver_encryptedtls.key + command: openssl rsa -in /tmp/.mep_tmp_cer/mepserver_tls.key -aes256 -passout pass:{{ vardata.common_pwd.name}} -out /tmp/.mep_tmp_cer/mepserver_encryptedtls.key # yamllint disable rule:line-length - args: - chdir: /tmp/.mep_tmp_cer/ - when: '{{ vardata.common_pwd.name}}' + when: comm_pwd != "" - name: Openssl rsa mep tls # yamllint disable rule:line-length - command: openssl rsa -in mepserver_tls.key -aes256 -passout pass:{{ vardata.mep_cert_pwd.name}} -out mepserver_encryptedtls.key + command: openssl rsa -in /tmp/.mep_tmp_cer/mepserver_tls.key -aes256 -passout pass:{{ vardata.mep_cert_pwd.name}} -out /tmp/.mep_tmp_cer/mepserver_encryptedtls.key # yamllint disable rule:line-length - args: - chdir: /tmp/.mep_tmp_cer/ - when: '{{ vardata.mep_cert_pwd.name}}' + when: comm_pwd == "" - name: Openssl req new key mepserver tls key # yamllint disable rule:line-length @@ -101,19 +101,19 @@ - name: Openssl rsa in jwt with common pwd # yamllint disable rule:line-length - command: openssl rsa -in jwt_privatekey -aes256 -passout pass:{{ vardata.common_pwd.name}} -out jwt_encrypted_privatekey + command: openssl rsa -in /tmp/.mep_tmp_cer/jwt_privatekey -aes256 -passout pass:{{ vardata.common_pwd.name}} -out /tmp/.mep_tmp_cer/jwt_encrypted_privatekey + ignore_errors: yes + no_log: True # yamllint disable rule:line-length - args: - chdir: /tmp/.mep_tmp_cer/ - when: '{{ vardata.common_pwd.name}}' + when: comm_pwd != "" - name: Openssl rsa in jwt # yamllint disable rule:line-length - command: openssl rsa -in jwt_privatekey -aes256 -passout pass:{{ vardata.mep_cert_pwd.name}} -out jwt_encrypted_privatekey + command: openssl rsa -in /tmp/.mep_tmp_cer/jwt_privatekey -aes256 -passout pass:{{ vardata.mep_cert_pwd.name}} -out /tmp/.mep_tmp_cer/jwt_encrypted_privatekey # yamllint disable rule:line-length - args: - chdir: /tmp/.mep_tmp_cer/ - when: '{{ vardata.mep_cert_pwd.name}}' + ignore_errors: yes + no_log: True + when: comm_pwd == "" - name: Create mep namespace command: kubectl create ns mep @@ -122,39 +122,37 @@ - name: Create generic pg secret with common pwd # yamllint disable rule:line-length - command: kubectl -n mep create secret generic pg-secret --from-literal=pg_admin_pwd={{ vardata.common_pwd.name}} --from-literal=kong_pg_pwd={{ vardata.common_pwd.name}} + command: kubectl -n mep create secret generic pg-secret --from-literal=pg_admin_pwd={{ vardata.common_pwd.name}} --from-literal=kong_pg_pwd={{ vardata.mep_kong_pg_pwd.name}} --from-file=server.key=/tmp/.mep_tmp_cer/mepserver_tls.key --from-file=server.crt=/tmp/.mep_tmp_cer/mepserver_tls.crt + ignore_errors: yes + no_log: True # yamllint disable rule:line-length - args: - chdir: /tmp/ - when: '{{ vardata.common_pwd.name}}' + when: comm_pwd != "" - name: Create generic pg secret # yamllint disable rule:line-length command: kubectl -n mep create secret generic pg-secret --from-literal=pg_admin_pwd={{ vardata.mep_pg_admin_pwd.name}} --from-literal=kong_pg_pwd={{ vardata.mep_kong_pg_pwd.name}} --from-file=server.key=/tmp/.mep_tmp_cer/mepserver_tls.key --from-file=server.crt=/tmp/.mep_tmp_cer/mepserver_tls.crt + ignore_errors: yes + no_log: True # yamllint disable rule:line-length - args: - chdir: /tmp/ - when: '{{ vardata.mep_pg_admin_pwd.name}}' + when: comm_pwd == "" - name: Create mep generic for mep ssl with common pwd # yamllint disable rule:line-length command: kubectl -n mep create secret generic mep-ssl --from-literal=cert_pwd={{ vardata.common_pwd.name}} --from-file=server.cer=/tmp/.mep_tmp_cer/mepserver_tls.crt --from-file=server_key.pem=/tmp/.mep_tmp_cer/mepserver_encryptedtls.key --from-file=trust.cer=/tmp/.mep_tmp_cer/ca.crt + ignore_errors: yes + no_log: True # yamllint disable rule:line-length - args: - chdir: /tmp/ - when: '{{ vardata.common_pwd.name}}' + when: comm_pwd != "" - name: Create mep generic for mep ssl # yamllint disable rule:line-length command: kubectl -n mep create secret generic mep-ssl --from-literal=cert_pwd={{ vardata.mep_cert_pwd.name}} --from-file=server.cer=/tmp/.mep_tmp_cer/mepserver_tls.crt --from-file=server_key.pem=/tmp/.mep_tmp_cer/mepserver_encryptedtls.key --from-file=trust.cer=/tmp/.mep_tmp_cer/ca.crt # yamllint disable rule:line-length - args: - chdir: /tmp/ - when: '{{ vardata.mep_cert_pwd.name}}' + when: comm_pwd == "" - name: Create mep seret generic # yamllint disable rule:line-length @@ -211,7 +209,7 @@ replace: path: /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-controller.yaml regexp: 'edgegallery/edgegallery-secondary-ep-controller:latest' - replace: "swr.ap-southeast-1.myhuaweicloud.com/edgegallery/edgegallery-secondary-ep-controller:latest" + replace: "{{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/edgegallery-secondary-ep-controller:latest" - name: Running eg-sp-controller yaml files # yamllint disable rule:line-length diff --git a/ocd/infra/playbooks/roles/eg_prerequisite/files/deploy/eg_daemon.sh b/ocd/infra/playbooks/roles/eg_prerequisite/files/deploy/eg_daemon.sh index 7be82de..61842b2 100644 --- a/ocd/infra/playbooks/roles/eg_prerequisite/files/deploy/eg_daemon.sh +++ b/ocd/infra/playbooks/roles/eg_prerequisite/files/deploy/eg_daemon.sh @@ -1,3 +1,5 @@ +#!/bin/bash + function _help_insecure_registry() { grep -i "insecure-registries" /etc/docker/daemon.json | grep "REGISTRIES_IP:REGISTRIES_PORT" >/dev/null 2>&1 @@ -20,4 +22,4 @@ function main(){ ######################################### #skip main in case of source main $@ -###################### \ No newline at end of file +###################### diff --git a/ocd/infra/playbooks/roles/eg_prerequisite/tasks/install.yml b/ocd/infra/playbooks/roles/eg_prerequisite/tasks/install.yml index 9e6a4d6..31c20a3 100644 --- a/ocd/infra/playbooks/roles/eg_prerequisite/tasks/install.yml +++ b/ocd/infra/playbooks/roles/eg_prerequisite/tasks/install.yml @@ -15,10 +15,12 @@ # --- + - name: Doing deployment setup for edge gallery copy: src: deploy dest: /tmp/eg_prerequisite/ + mode: 750 - name: Import config file include_vars: @@ -38,7 +40,11 @@ replace: "{{ vardata.docker_registry_port.name }}" - name: Execute script for docker daemon - command: sh /tmp/eg_prerequisite/deploy/eg_daemon.sh + shell: + cmd: /tmp/eg_prerequisite/deploy/eg_daemon.sh + +- name: Delete Execute script for docker daemon + command: rm -rf /tmp/eg_prerequisite - name: Certificate copy debug: diff --git a/ocd/infra/playbooks/roles/eg_prerequisite/tasks/main.yml b/ocd/infra/playbooks/roles/eg_prerequisite/tasks/main.yml index bf4c98a..17fe532 100644 --- a/ocd/infra/playbooks/roles/eg_prerequisite/tasks/main.yml +++ b/ocd/infra/playbooks/roles/eg_prerequisite/tasks/main.yml @@ -16,7 +16,7 @@ --- -# tasks file for eg_comm +# tasks file for eg_prerequisite - include: "install.yml" static: false when: operation == 'install' diff --git a/ocd/infra/playbooks/roles/eg_registry/files/deploy/load-images.sh b/ocd/infra/playbooks/roles/eg_registry/files/deploy/load-images.sh index 0f4ec6a..c0b1731 100644 --- a/ocd/infra/playbooks/roles/eg_registry/files/deploy/load-images.sh +++ b/ocd/infra/playbooks/roles/eg_registry/files/deploy/load-images.sh @@ -1,3 +1,4 @@ +#!/bin/bash TARBALL_PATH=/tmp/eg_registry/deploy/ function _load_and_run_docker_registry() @@ -35,4 +36,4 @@ function main(){ ######################################### #skip main in case of source main $@ -###################### \ No newline at end of file +###################### diff --git a/ocd/infra/playbooks/roles/eg_registry/tasks/install.yml b/ocd/infra/playbooks/roles/eg_registry/tasks/install.yml index 85465da..57c9829 100644 --- a/ocd/infra/playbooks/roles/eg_registry/tasks/install.yml +++ b/ocd/infra/playbooks/roles/eg_registry/tasks/install.yml @@ -20,6 +20,12 @@ copy: src: deploy dest: /tmp/eg_registry/ + mode: 750 + +- name: Import config file + include_vars: + file: ../../../config.yml + name: vardata - name: Download 0.9 tar command: wget http://release.edgegallery.org/arm64/all/0.9.tar.gz @@ -41,14 +47,15 @@ - name: Replacing private ip replace: path: /tmp/eg_registry/deploy/load-images.sh - regexp: REGISTRIES_IP + regexp: 'REGISTRIES_IP' replace: "{{ vardata.private_repo_ip.name }}" - name: Replacing private port replace: path: /tmp/eg_registry/deploy/load-images.sh - regexp: REGISTRIES_PORT + regexp: 'REGISTRIES_PORT' replace: "{{ vardata.docker_registry_port.name }}" -- name: Execute load-images file - command: sh /tmp/eg_registry/deploy/load-images.sh +- name: Execute the script + shell: + cmd: /tmp/eg_registry/deploy/load-images.sh diff --git a/ocd/infra/playbooks/roles/eg_registry/tasks/uninstall.yml b/ocd/infra/playbooks/roles/eg_registry/tasks/uninstall.yml index f35b6d4..31ffe3b 100644 --- a/ocd/infra/playbooks/roles/eg_registry/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/eg_registry/tasks/uninstall.yml @@ -18,9 +18,15 @@ - name: Stop registry command: docker stop registry + ignore_errors: yes + no_log: True - name: Remove registry command: docker rm -v registry + ignore_errors: yes + no_log: True - name: Remove tmp file command: rm -v /tmp/eg_registry + ignore_errors: yes + no_log: True diff --git a/ocd/infra/playbooks/roles/eg_secret/tasks/install.yml b/ocd/infra/playbooks/roles/eg_secret/tasks/install.yml index 4ee1012..60e6a1a 100644 --- a/ocd/infra/playbooks/roles/eg_secret/tasks/install.yml +++ b/ocd/infra/playbooks/roles/eg_secret/tasks/install.yml @@ -18,10 +18,11 @@ - name: Import config file include_vars: - file: ../../../config.yml - name: vardata + file: ../../../config.yml + name: vardata - name: Generate secret # yamllint disable rule:line-length command: kubectl create secret generic edgegallery-ssl-secret --from-file=keystore.p12=/tmp/ssl-eg-keys-certs/keystore.p12 --from-literal=keystorePassword={{ vardata.common_pwd.name}} --from-literal=keystoreType=PKCS12 --from-literal=keyAlias=edgegallery --from-file=trust.cer=/tmp/ssl-eg-keys-certs/ca.crt --from-file=server.cer=/tmp/ssl-eg-keys-certs/tls.crt --from-file=server_key.pem=/tmp/ssl-eg-keys-certs/encryptedtls.key --from-literal=cert_pwd={{ vardata.common_pwd.name}} - # yamllint disable rule:line-length + args: + chdir: /tmp/ssl-eg-keys-certs/ diff --git a/ocd/infra/playbooks/roles/eg_secret/tasks/uninstall.yml b/ocd/infra/playbooks/roles/eg_secret/tasks/uninstall.yml index c180f5e..ea33726 100644 --- a/ocd/infra/playbooks/roles/eg_secret/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/eg_secret/tasks/uninstall.yml @@ -18,3 +18,5 @@ - name: Delete edgegallery ssl secret command: kubectl delete secret edgegallery-ssl-secret + ignore_errors: yes + no_log: True diff --git a/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml b/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml index f2a3686..e215dab 100644 --- a/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml +++ b/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml @@ -21,19 +21,22 @@ file: ../../../config.yml name: vardata +- name: Set a variable + ansible.builtin.set_fact: + comm_pwd: "{{ vardata.common_pwd.name }}" + - name: Create certificates for usermanagment with common pwd # yamllint disable rule:line-length command: kubectl create secret generic user-mgmt-jwt-secret --from-file=publicKey=/tmp/ssl-eg-keys-certs/rsa_public_key.pem --from-file=encryptedPrivateKey=/tmp/ssl-eg-keys-certs/encrypted_rsa_private_key.pem --from-literal=encryptPassword={{ vardata.common_pwd.name}} # yamllint disable rule:line-length - when: '{{ vardata.common_pwd.name}}' + when: comm_pwd != "" - name: Generating certificates for usermanagment # yamllint disable rule:line-length command: kubectl create secret generic user-mgmt-jwt-secret --from-file=publicKey=/tmp/ssl-eg-keys-certs/rsa_public_key.pem --from-file=encryptedPrivateKey=/tmp/ssl-eg-keys-certs/encrypted_rsa_private_key.pem --from-literal=encryptPassword={{ vardata.user_mgmt_encryptPassword.name}} # yamllint disable rule:line-length - when: '{{ vardata.user_mgmt_encryptPassword.name}}' + when: comm_pwd == "" - name: Install user-mgmt # yamllint disable rule:line-length command: helm install user-mgmt-edgegallery edgegallery/usermgmt --set global.oauth2.clients.appstore.clientUrl=https://{{ ansible_host }}:{{vardata.appstore_port.name}},global.oauth2.clients.developer.clientUrl=https://{{ ansible_host }}:{{vardata.developer_port.name}},global.oauth2.clients.mecm.clientUrl=https://{{ ansible_host }}:{{vardata.mecm_port.name}}, --set jwt.secretName=user-mgmt-jwt-secret --set images.usermgmt.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/user-mgmt --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/postgres --set images.redis.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/redis --set images.initservicecenter.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/curl --set images.usermgmt.tag={{ vardata.eg_image_tag.name}} --set images.usermgmt.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set images.redis.pullPolicy=IfNotPresent --set images.initservicecenter.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret - # yamllint disable rule:line-length diff --git a/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/uninstall.yml b/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/uninstall.yml index a234fb4..60eb052 100644 --- a/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/uninstall.yml @@ -18,6 +18,10 @@ - name: Uninstall user management command: helm uninstall user-mgmt-edgegallery + ignore_errors: yes + no_log: True -- name: Uninstall user mngmt jwt +- name: Delete user-mgmt-jwt-secret command: kubectl delete secret user-mgmt-jwt-secret + ignore_errors: yes + no_log: True diff --git a/ocd/infra/playbooks/roles/service_center/tasks/install.yml b/ocd/infra/playbooks/roles/service_center/tasks/install.yml index ca84c5b..f32c163 100644 --- a/ocd/infra/playbooks/roles/service_center/tasks/install.yml +++ b/ocd/infra/playbooks/roles/service_center/tasks/install.yml @@ -16,17 +16,12 @@ --- -- name: Doing deployment setup for service-center - copy: - src: deploy - dest: /tmp/service_center/ - - name: Import config file include_vars: file: ../../../config.yml name: vardata -- name: Pull helm chart service center +- name: Install service center # yamllint disable rule:line-length command: helm install service-center-edgegallery edgegallery/servicecenter --set images.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/service-center --set images.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret # yamllint disable rule:line-length diff --git a/ocd/infra/playbooks/roles/service_center/tasks/uninstall.yml b/ocd/infra/playbooks/roles/service_center/tasks/uninstall.yml index 0f5e128..0df700f 100644 --- a/ocd/infra/playbooks/roles/service_center/tasks/uninstall.yml +++ b/ocd/infra/playbooks/roles/service_center/tasks/uninstall.yml @@ -18,3 +18,5 @@ - name: Uninstall service center command: helm uninstall service-center-edgegallery + ignore_errors: yes + no_log: True