[sap_vm_provision] add support for Red Hat Openshift Virtualization #35
Conversation
| kubeconfig: "{{ sap_hypervisor_node_preconfigure_ocp_kubeconfig }}" | ||
| kind: Node | ||
| register: __sap_hypervisor_node_preconfigure_register_nodes | ||
| until: __sap_hypervisor_node_preconfigure_register_nodes.resources | json_query('[?status.conditions[?type==`Ready` && status==`True`]].metadata.name') |\ |
There was a problem hiding this comment.
Maybe this can be expressed in wait_condition too?
There was a problem hiding this comment.
Unfortunately, k8s_info does not provide wait_condition.
There was a problem hiding this comment.
According to the docs it should?
| api_key: "{{ __sap_hypervisor_node_preconfigure_register_openshift_auth_results.openshift_auth.api_key }}" | ||
| kubeconfig: "{{ sap_hypervisor_node_preconfigure_ocp_kubeconfig }}" |
There was a problem hiding this comment.
Isn't setting host + ca_cert + api_key and kubeconfig redundant?
There was a problem hiding this comment.
I thought the same, but the k8s module is unhappy if either of them is not set. This might be a bug there.
There was a problem hiding this comment.
Setting all in enviroment though is possible and is kind of a workaround for that, too.
| @@ -1,6 +1,10 @@ | |||
| --- | |||
| - name: Create SAP bridge NodeNetworkConfigurationPolicy | |||
| kubernetes.core.k8s: | |||
| host: "{{ sap_hypervisor_node_preconfigure_ocp_endpoint }}" | |||
There was a problem hiding this comment.
Might be easier to export the auth settings in env variables, to avoid adding them to every single invocation of a module?
There was a problem hiding this comment.
Yes, agreed. I've solved it via delegate_to and setting the environment there but you seem not to be too happy with that (comment below).
| until: __sap_hypervisor_node_preconfigure_register_cnv_subscription_install_plan_name.stdout != "" | ||
| changed_when: __sap_hypervisor_node_preconfigure_register_cnv_subscription_install_plan_name.stdout != "" | ||
| until: __sap_hypervisor_node_preconfigure_register_cnv_subscription_install_plan_name.resources[0].status.installPlanRef.name is defined | ||
| changed_when: __sap_hypervisor_node_preconfigure_register_cnv_subscription_install_plan_name.resources[0].status.installPlanRef.name is defined |
There was a problem hiding this comment.
That means essentially changed_when: True considering the until above?
| delay: 5 | ||
| ignore_errors: true | ||
|
|
||
| - name: Fail if Install Plan is not Complete after waiting |
There was a problem hiding this comment.
Could this be avoided by adding a failed_when above?
There was a problem hiding this comment.
failed_when is not a generic attribute, moreover, it's not available for kubernetes.core.k8s_info
roles/sap_vm_provision/README.md
Outdated
| @@ -71,6 +72,7 @@ For a list of requirements and recommended authorizations on each Infrastructure | |||
| - `openstacksdk` for IBM PowerVM | |||
| - `ovirt-engine-sdk-python` for OVirt | |||
| - `aiohttp` for VMware | |||
| - `kubernetes` for Kubernetes based platforms such as Red Hat Openshift Virtualization | |||
There was a problem hiding this comment.
| - `kubernetes` for Kubernetes based platforms such as Red Hat Openshift Virtualization | |
| - `kubernetes` for Kubernetes based platforms such as Red Hat OpenShift Virtualization |
| sap_vm_provision_ocp_os_user: minion | ||
|
|
||
| # Password for the above user | ||
| sap_vm_provision_ocp_os_user_password: banana |
There was a problem hiding this comment.
It would be safer to not provide defaults for passwords. What do you think?
There was a problem hiding this comment.
Agreed, should be removed.
| --- | ||
| - name: Ansible Task block for looped provisioning of KubeVirt Virtual Machines | ||
| any_errors_fatal: true | ||
| # Using environment, no_log is ineffective and log will show 'EXEC /bin/sh -c 'ENV_VAR=value python3 /AnsiballZ_ansible_module_name.py && sleep 0' |
There was a problem hiding this comment.
I wonder if that could be avoided by setting env vars outside of the playbook?
There was a problem hiding this comment.
Why? The way I could make it work is by setting up the environment in a delegate_to statement. How would you set the environment inside the playbook? The other option I had was setting it explicitly on every call, which you didn't like either (above).
| 'spec' : { | ||
| 'source' : { | ||
| 'registry' : { | ||
| 'url': __sap_vm_provision_register_vm_config.os_image.url, |
There was a problem hiding this comment.
Could this use ImageStreams provided by OCP instead of using URLs?
| interfaces: "{{ __sap_vm_provision_register_network_interfaces }}" | ||
|
|
||
| cpu: | ||
| cores: "{{ __sap_vm_provision_register_vm_config.kubevirt_vm_cpu_cores | int }}" |
There was a problem hiding this comment.
Could these resource allocations be expressed in an instancetype instead?
[sap_vm_provision] add support for Red Hat Openshift Virtualization
There has been added support to create VMs on Red Hat OpenShift Virtualization platform. Simultaneous deployment of multiple VMs is supported. Further configuration of the VM other than basic OS install and configuration through cloud-init is out of scope and should be handled by other roles.
[sap_hypervisor_node_preconfigure] Removed oc binary dependency
Included and tested the oc wait improvements by @geetikakay from this PR