This is an ansible inventory which identifies all application, including CI/CD components, to be built and deploy in an OpenShift environment. The ansible layer is very thin. It simply provides a way to orchestrate the application of OpenShift templates across one or more OpenShift projects. All configuration for the applications should be defined by an OpenShift template and the corresponding parameters file.
Currently, the following components are included in this inventory:
- Ruby Application, Infrastructure OpenShift Templates and corresponding parameter files
- Tower configuration for the Ruby project, inventory, credentials, and job templates
- Ansible
- OpenShift CLI Tools
- Access to the OpenShift cluster
- Log on to an OpenShift server
oc login -u <user> https://<server>:<port>/- User needs permissions to deploy ProjectRequest objects
- Clone this repository
- Install the required openshift-applier dependency
[rh-applier-tower]$ ansible-galaxy install -r roles/requirements.yml
- Run the ansible playbook provided by the casl-ansible
[rh-applier-tower]$ ansible-playbook site.yml
inventory/: a standard ansible inventory.- the
hostsfile reflects the fact that the playbook will use the OpenShift CLI on your localhost to interact with the cluster host_vars/: the host_vars files are written according to the convention defined by the openshift-applier role.group_vars/all.yml: file that is used to change the namespaces and provide global variables for all playbooks and inventories
- the
templates/: a set OpenShift templates to be sourced from the inventory (and then vars files). OpenShift provides a lot of templates out of the box, and the Labs team curates a repository as well. These should be favored before writing custom/new templates to be kept here.params/: a set of parameter files to be processed along with their respective OpenShift template. the convention here is to group files by their application.projectrequests: processing templates forProjectRequestobjects in OpenShift requires elevated privileges, so we processProjectRequestswithout templates because we want normal users to be able to run these playbooks. this directory contains the object definitions.