diff --git a/automation-generators/generic/cp4i/preprocessor.py b/automation-generators/generic/cp4i/preprocessor.py index 2523b23b8..32f2fbda2 100644 --- a/automation-generators/generic/cp4i/preprocessor.py +++ b/automation-generators/generic/cp4i/preprocessor.py @@ -61,9 +61,7 @@ def preprocessor(attributes=None, fullConfig=None, moduleVariables=None): g('project').isRequired() g('openshift_cluster_name').expandWith('openshift[*]',remoteIdentifier='name') - openshift_cluster_name=g('openshift_cluster_name').getExpandedAttributes()['openshift_cluster_name'] g('cp4i_version').isRequired() - g('openshift_storage_name').expandWithSub('openshift', remoteIdentifier='name', remoteValue=openshift_cluster_name, listName='openshift_storage',listIdentifier='storage_name') g('instances').isRequired() g('use_case_files').isOptional().mustBeOneOf([True, False]) g('olm_utils').isOptional().mustBeOneOf([True, False]) @@ -74,7 +72,9 @@ def preprocessor(attributes=None, fullConfig=None, moduleVariables=None): fc = g.getFullConfig() ge=g.getExpandedAttributes() - # Check for cp4i: + # Check for cp4i: + openshift_cluster_name=g('openshift_cluster_name').getExpandedAttributes()['openshift_cluster_name'] + g('openshift_storage_name').expandWithSub('openshift', remoteIdentifier='name', remoteValue=openshift_cluster_name, listName='openshift_storage',listIdentifier='storage_name') # Check that version matches x.y.z pattern if not re.match(r"[0-9]+\.[0-9]\.[0-9]+",str(ge['cp4i_version'])): diff --git a/automation-roles/50-install-cloud-pak/cp4d/cp4d-subscriptions/files/temp-patch-olm.sh b/automation-roles/50-install-cloud-pak/cp4d/cp4d-subscriptions/files/temp-patch-olm.sh index 9c2d75344..b8c508f31 100755 --- a/automation-roles/50-install-cloud-pak/cp4d/cp4d-subscriptions/files/temp-patch-olm.sh +++ b/automation-roles/50-install-cloud-pak/cp4d/cp4d-subscriptions/files/temp-patch-olm.sh @@ -40,7 +40,7 @@ while true;do current_ts=$(date +%s) log "Collecting OLM information" - oc get sub -n ${fs_project} \ + oc get subscriptions.operators.coreos.com -n ${fs_project} \ --sort-by=.metadata.creationTimestamp \ --no-headers \ -o jsonpath='{range .items[*]}{.metadata.name}{","}{.metadata.creationTimestamp}{","}{.status.installedCSV}{","}{.status.state}{"\n"}{end}' > ${sub_file} @@ -86,7 +86,7 @@ while true;do while IFS=, read -r sub sub_ts csv sub_state;do if [[ "${csv}" == "" ]];then log "DIAG: Exporting subscription ${sub} to ${diag_dir}/sub-${sub}.yaml and deleting" - oc get sub -n ${fs_project} ${sub} -o yaml > ${diag_dir}/sub-${sub}.yaml + oc get subscriptions.operators.coreos.com -n ${fs_project} ${sub} -o yaml > ${diag_dir}/sub-${sub}.yaml oc delete sub -n ${fs_project} ${sub} fi done < ${diag_dir}/sub-diag.csv diff --git a/automation-roles/50-install-cloud-pak/cp4d/cp4d-subscriptions/tasks/cp4d-create-subscriptions-olm-utils.yml b/automation-roles/50-install-cloud-pak/cp4d/cp4d-subscriptions/tasks/cp4d-create-subscriptions-olm-utils.yml index 259399496..ec53f6918 100644 --- a/automation-roles/50-install-cloud-pak/cp4d/cp4d-subscriptions/tasks/cp4d-create-subscriptions-olm-utils.yml +++ b/automation-roles/50-install-cloud-pak/cp4d/cp4d-subscriptions/tasks/cp4d-create-subscriptions-olm-utils.yml @@ -53,7 +53,7 @@ block: - name: Retrieving state of all operators in project {{ foundational_services_project }} shell: | - oc get sub -n {{ foundational_services_project }} \ + oc get subscriptions.operators.coreos.com -n {{ foundational_services_project }} \ --no-headers \ --sort-by=.metadata.creationTimestamp \ -o jsonpath='{range .items[*]}{.metadata.name}{","}{.metadata.creationTimestamp}{","}{.status.installedCSV}{","}{.status.state}{"\n"}{end}' diff --git a/automation-roles/50-install-cloud-pak/cp4d/cp4d-variables/vars/vars-cp4d-installation.yml b/automation-roles/50-install-cloud-pak/cp4d/cp4d-variables/vars/vars-cp4d-installation.yml index 1986d561a..d563ebf4f 100644 --- a/automation-roles/50-install-cloud-pak/cp4d/cp4d-variables/vars/vars-cp4d-installation.yml +++ b/automation-roles/50-install-cloud-pak/cp4d/cp4d-variables/vars/vars-cp4d-installation.yml @@ -9,6 +9,8 @@ cp4d_login_username: admin cp4d_repo_url: cp.icr.io/cp/cpd cp4d_repo_username: cp +_v_template_dest_directory: "{{ status_dir }}/cp4d" + license_service_project: ibm-licensing scheduling_service_project: cpd-scheduler cert_manager_project: ibm-cert-manager diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/apply-template.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/apply-template.yml new file mode 100644 index 000000000..47216be90 --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/apply-template.yml @@ -0,0 +1,18 @@ +--- +# Paramteres: +# - _p_template +# - _p_dest_name +# +# The other parameters, as they are defined in the template, +# must be provided when invoking this task + +- name: "Prepare yaml file" + template: + src: "{{ _p_template }}" + dest: "{{ status_dir }}/cp4i/{{ _p_dest_name }}" + +- name: "Apply {{ status_dir }}/cp4i/{{ _p_dest_name }}" + shell: | + oc apply -f {{ status_dir }}/cp4i/{{ _p_dest_name }} + + \ No newline at end of file diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-entitlement-key-secret.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-entitlement-key-secret.yml index be60d1715..2545221df 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-entitlement-key-secret.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-entitlement-key-secret.yml @@ -1,5 +1,4 @@ --- - - name: Verify if the entitlement key secret already exists shell: | oc get secret ibm-entitlement-key -n {{ current_cp4i_cluster.project }} | grep -i '^ibm-entitlement-key' | wc -l @@ -8,4 +7,4 @@ - name: Create secret ibm-entitlement-key shell: | oc create secret docker-registry ibm-entitlement-key --docker-username=cp --docker-password={{ibm_cp_entitlement_key}} --docker-server=cp.icr.io --namespace={{ current_cp4i_cluster.project }} - when: entitlement_key_secret_exists.stdout == "0" \ No newline at end of file + when: "entitlement_key_secret_exists.stdout | trim == '0'" \ No newline at end of file diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-foundational-svc-catalog.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-foundational-svc-catalog.yml new file mode 100644 index 000000000..f4eca33d8 --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-foundational-svc-catalog.yml @@ -0,0 +1,18 @@ +--- +# Global variables: +# - _use_entitled_registry + +# Paramaters: +# - _p_case_file_name +# - _p_catalog_source_yaml +# - _p_case_version + +- name: "Create Foundational Services catalog source when entitled registry is used" + shell: | + oc apply -f ~/.ibm-pak/data/mirror/{{ _p_case_file_name }}/{{ _p_case_version }}/{{ _p_catalog_source_yaml }} + when: _use_entitled_registry + +- name: "Create Foundational Services catalog source when private registry is used" + shell: | + oc apply -f {{ status_dir }}/ibm-pak/data/mirror/{{ {{ _p_case_file_name }} }}/{{ _p_case_version }}/{{ _p_catalog_source_yaml }} + when: not _use_entitled_registry diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-instance.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-instance.yml index c8025536d..a94b66045 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-instance.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-instance.yml @@ -1,6 +1,5 @@ --- - -- name: Create instance +- name: "Create instance" block: - debug: @@ -8,22 +7,23 @@ # ---------- FIND INSTANCE TYPE DEFINITION -------------- - - name: Get instance type details + - name: "Get instance type details" set_fact: _inst_type_def: "{{ instance_types | json_query(query) | first | default({}) }}" vars: query: >- [?type=='{{ current_cp4i_instance.type }}'] - - name: Fail if the instance type cannot be found + - name: "Fail if the instance type cannot be found" fail: msg: "Case instance type for instance {{ current_cp4i_instance.name }} not found." when: _inst_type_def=={} # ---------- FIND VERSION PROPERTIES ----------------------- - - name: Find version specific instance type properties + - name: "Find version specific instance type properties" include_tasks: get-instance-properties.yml + # returns: instance_properties # ---------- CREATE INSTANCE ---------------------------- @@ -32,19 +32,20 @@ oc get {{_inst_type_def.kind}} {{instance_properties.name}} -n {{current_cp4i_cluster.project}} | grep -i '^{{instance_properties.name}}' | wc -l register: instance_exists - - name: Create instance if it does not already exist + - name: "Create instance if it does not already exist" block: - - name: If instance type is enterprise-gateway create admin password secret + - name: "If instance type is enterprise-gateway create admin password secret" include_tasks: create-dp-admin-password-secret.yml when: instance_properties.type == 'enterprise-gateway' - - - set_fact: + + - name: "Get template from instance properties or use a default one defined for the instance type" + set_fact: instance_template: "{{ instance_properties.template | default(default_template_name) }}" vars: default_template_name: "{{ _inst_type_def.default_template }}" - - name: Prepare yaml file for creating instance + - name: "Prepare yaml file for creating instance" template: src: "{{instance_template}}.j2" dest: "{{ status_dir }}/cp4i/{{instance_properties.type}}-{{instance_properties.name}}.yml" @@ -53,12 +54,11 @@ shell: | oc apply -f {{ status_dir }}/cp4i/{{instance_properties.type}}-{{instance_properties.name}}.yml - when: instance_exists.stdout == "0" - + when: "instance_exists.stdout | trim == '0'" # ---------- WAITING FOR PLATFORM NAVIGATOR TO BECOME READY ------- - - name: "Wait for the {{_inst_type_def.kind}} to become ready" + - name: "Waiting for the {{_inst_type_def.kind}} to become ready" shell: | oc get {{_inst_type_def.kind}} -n {{current_cp4i_cluster.project}} {{instance_properties.name}} -o json | jq -r '.status.conditions[] | select(.type=="Ready").status' register: instance_status @@ -67,7 +67,4 @@ until: instance_status.stdout == "True" when: instance_properties.type == 'platform-navigator' - when: (current_cp4i_instance.state | default('installed')) == 'installed' - - diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-project.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-project.yml new file mode 100644 index 000000000..b81a32338 --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/create-project.yml @@ -0,0 +1,11 @@ +--- +# Parameters: +# - _p_project_name + +- name: "Validate if OpenShift project {{ _p_project_name }} exists" + shell: "oc get projects | grep -i '^{{ _p_project_name }}' | wc -l" + register: _project_exists + +- name: "Create OpenShift Project {{ _p_project_name }} if it does not exist" + command: "oc new-project {{ _p_project_name }}" + when: "_project_exists.stdout | trim == '0'" diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/download-case-file.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/download-case-file.yml index 5457a9616..a64adb3b5 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/download-case-file.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/download-case-file.yml @@ -30,13 +30,14 @@ - name: Create mirror manifest when Entitled registry is used shell: | oc ibm-pak generate mirror-manifests {{ _instance_type_details.case_file_name }} --version {{ instance_properties.case_version }} icr.io + when: _use_entitled_registry # # Mirror manifest when private registry is used # - # - name: Create mirror manifest when private registry is used - # shell: | - # oc ibm-pak generate mirror-manifests {{ _instance_type_details.case_file_name }} --version {{ instance_properties.case_version }} {{ current_cp4i_cluster.image_registry_url }} - # when: not (_use_entitled_registry | bool) + - name: Create mirror manifest when private registry is used + shell: | + oc ibm-pak generate mirror-manifests {{ _instance_type_details.case_file_name }} --version {{ instance_properties.case_version }} {{ current_cp4i_cluster.image_registry_url }} + when: not (_use_entitled_registry | bool) when: (current_cp4i_instance.state | default('installed')) == 'installed' diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/download-foundational-svc-case.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/download-foundational-svc-case.yml new file mode 100644 index 000000000..c1c94a73e --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/download-foundational-svc-case.yml @@ -0,0 +1,70 @@ +--- + +# Global variables: +# - current_cp4i_cluster +# - _use_entitled_registry + +# Returns: +# - _fs_case_file_name +# - _fs_catalog_source_yaml +# - _fs_case_version +# - _fs_channel + +- name: "Find Foundational Services instance type" + set_fact: + _instance_type_details: "{{ instance_types | json_query(query) | first | default({}) }}" + vars: + query: >- + [?type=='foundational-services'] + +- fail: + msg: "An instance type foundational-services was not found" + when: _instance_type_details == {} + +- name: "Include version details variables" + include_vars: versions.yml + +- name: "Select cloud pak version" + set_fact: + _cloud_pak_ver: "{{ version_specific_properties | json_query(query) | first | default({}) }}" + vars: + query: >- + [?cp4i_version=='{{ current_cp4i_cluster.cp4i_version }}'] + +- fail: + msg: "Cloud Pak version {{ current_cp4i_cluster.cp4i_version }} not defined" + when: _cloud_pak_ver == {} + +- name: "Get Foundational Services version specific details" + set_fact: + _foundational_services_details: "{{ _cloud_pak_ver.instance_types | json_query(query) | first | default({}) }}" + vars: + query: >- + [?type=='foundational-services'] + +- fail: + msg: "Foundational Services not defined in CP4I version {{ current_cp4i_cluster.cp4i_version }}" + when: _foundational_services_details == {} + +- name: "Get Foundational Services CASE name, CASE version and channel" + set_fact: + _fs_case_file_name: "{{ _instance_type_details.case_file_name }}" + _fs_catalog_source_yaml: "{{ _instance_type_details.catalog_source_yaml_name }}" + _fs_case_version: "{{ _foundational_services_details.case_version }}" + _fs_channel: "{{ _foundational_services_details.channel }}" + +- name: "Save Foundational Services CASE file" + shell: | + oc ibm-pak get {{ _fs_case_file_name }} --version {{ _fs_case_version }} + +- name: "Create Foundational Services mirror manifest when Entitled registry is used" + shell: | + oc ibm-pak generate mirror-manifests {{ _fs_case_file_name }} --version {{ _fs_case_version }} icr.io + when: _use_entitled_registry + +- name: "Create Foundational Services mirror manifest when private registry is used" + shell: | + oc ibm-pak generate mirror-manifests {{ _fs_case_file_name }} --version {{ _fs_case_version }} {{ current_cp4i_cluster.image_registry_url }} + when: not _use_entitled_registry + + \ No newline at end of file diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/get-instance-properties.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/get-instance-properties.yml index 354cc9b9a..b28f10d19 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/get-instance-properties.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/get-instance-properties.yml @@ -43,5 +43,3 @@ - name: Combine properties set_fact: instance_properties: "{{ _inst_type_ver | combine(current_cp4i_instance) }}" - - diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-cert-manager-operator.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-cert-manager-operator.yml new file mode 100644 index 000000000..07d6177e6 --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-cert-manager-operator.yml @@ -0,0 +1,30 @@ +--- + +- name: "Create project cert-manager-operator" + include_tasks: create-project.yml + vars: + _p_project_name: "cert-manager-operator" + +- name: "Create operator group for cert-manager-operator" + include_tasks: apply-template.yml + vars: + _p_template: "operator-group.j2" + _p_dest_name: "cert-manager-operator-group.yml" + operator_group_name: "cert-manager-operator-group" + operator_group_namespace: "cert-manager-operator" + +- name: "Install cert manager operator" + # Note: this step is architecture dependent + # In case of installing on Power or Z an IBM operator + # should be used instead of one provided by RedHat + include_tasks: install-operator.yml + vars: + _p_subscr_name: "openshift-cert-manager-operator" + _p_namespace: "cert-manager-operator" + _p_channel: "stable-v1" + _p_subscr_source: "redhat-operators" + +- name: "Return default project back to {{ current_cp4i_cluster.project }}" + include_tasks: set-default-project.yml + vars: + _p_project_name: "{{ current_cp4i_cluster.project }}" diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-cp4i.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-cp4i.yml index 53eb0a041..a18d40778 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-cp4i.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-cp4i.yml @@ -1,13 +1,12 @@ --- +# ------------ SETTING PROCESSING ENVIRONMENT ----------------------- -# ------------ SETTING PROCESSING FACTS ----------------------------- - -- name: Use CASE files by default +- name: "Use CASE files by default" set_fact: _use_case_files: True -- name: Ignore False value for use_case_files when private registry is used +- name: "Ignore False value for use_case_files when private registry is used" block: - name: Check the configuration for the use of CASE files set_fact: @@ -15,14 +14,10 @@ when: (not current_cp4i_cluster.use_case_files | default(True) | bool) when: not (_use_entitled_registry | bool) -- name: Install operators in all namespaces by default - set_fact: - _operators_in_all_namespaces: True -- name: Check the configuration for the operators visbility +- name: "Check whether operators should be installed in all or specific namespace" set_fact: - _operators_in_all_namespaces: False - when: (not current_cp4i_cluster.operators_in_all_namespaces | default(True) | bool) + _operators_in_all_namespaces: "{{ current_cp4i_cluster.operators_in_all_namespaces | default(False) }}" - debug: msg: "Using CASE files: {{ _use_case_files }}" @@ -30,6 +25,34 @@ - debug: msg: "Operators visible in all namespaces: {{ _operators_in_all_namespaces }}" +- name: "Get OpenShift storage classes to use for {{ current_cp4i_cluster.project }} and storage class name {{ current_cp4i_cluster.openshift_storage_name }}" + include_role: + name: get-openshift-storage + vars: + _p_openshift_cluster_name: "{{ current_cp4i_cluster.openshift_cluster_name }}" + _p_openshift_storage_name: "{{ current_cp4i_cluster.openshift_storage_name }}" + # returns: + # ocp_storage_class_file + # ocp_storage_class_block + +- set_fact: + _new_style: False + +- name: "Check if new installation style is needed based on specified Cloud Pak for Integration version {{ current_cp4i_cluster.cp4i_version }}" + set_fact: + _new_style: True + when: current_cp4i_cluster.cp4i_version >= '2023.4' + +- debug: + var: _new_style + +- name: "Define the namespace for foundational services objects" + set_fact: + _foundational_services_namespace: "{{ current_cp4i_cluster.foundational_services_namespace | default('ibm-common-services') }}" + +- debug: + var: _foundational_services_namespace + # ------------ DOWLOADING CASE FILES, MIRRORING IMAGES -------------- @@ -42,54 +65,91 @@ loop_var: current_cp4i_instance when: _use_case_files and (_use_entitled_registry | bool) +- name: "Download Foundational Services CASE file" + include_tasks: download-foundational-svc-case.yml + when: + - _new_style + - _use_case_files + - _use_entitled_registry + # returns + # - _fs_case_file_name + # - _fs_catalog_source_yaml + # - _fs_case_version + # - _fs_channel -# ------------ OPENSHIFT OBJECTS ------------------------------------ +# ------------ CREATING CATALOG SOURCES ----------------------------- -- name: "Get OpenShift storage classes to use for {{ current_cp4i_cluster.project }} and storage class name {{ current_cp4i_cluster.openshift_storage_name }}" - include_role: - name: get-openshift-storage - vars: - _p_openshift_cluster_name: "{{ current_cp4i_cluster.openshift_cluster_name }}" - _p_openshift_storage_name: "{{ current_cp4i_cluster.openshift_storage_name }}" +- name: Create catalog sources for entitled registry when not using CASE files + include_tasks: create-catalog-sources-entitled.yml + when: not _use_case_files + +- name: "Create catalog sources when using CASE files" + block: + + - name: "Create instances catalog sources when using CASE files" + include_tasks: create-catalog-source-case-file.yml + loop: "{{ current_cp4i_cluster.instances | default([]) }}" + loop_control: + loop_var: current_cp4i_instance + + - name: "Create Foundational Services catalog source" + include_tasks: create-foundational-svc-catalog.yml + vars: + _p_case_file_name: "{{ _fs_case_file_name }}" + _p_catalog_source_yaml: "{{ _fs_catalog_source_yaml }}" + _p_case_version: "{{ _fs_case_version }}" + when: + - _new_style + - _use_case_files + - _use_entitled_registry + + when: _use_case_files + +# ------------ OPENSHIFT PROJECT ------------------------------------ - name: "Prepare OpenShift project {{ current_cp4i_cluster.project }} for Cloud Pak for Integration" include_tasks: openshift-prepare-project.yml - name: Create entitlement key secret when entitled registry is used block: - # NOTE(SJ) This could be skipped because we add entitled key in - # the cluster's global pull secret - name: Create entitlement key secret include_tasks: create-entitlement-key-secret.yml when: (_use_entitled_registry | bool) -# ------------ CREATING CATALOG SOURCES ----------------------------- - -- name: Create catalog sources for entitled registry when not using CASE files - include_tasks: create-catalog-sources-entitled.yml - when: not _use_case_files - -- name: Create catalog sources when using CASE files - include_tasks: create-catalog-source-case-file.yml - loop: "{{ current_cp4i_cluster.instances | default([]) }}" - loop_control: - loop_var: current_cp4i_instance - when: _use_case_files - # ------------ INSTALLING OPERATORS --------------------------------- - name: Prepare operator group if installing in specific namespace include_tasks: prepare-operator-group.yml when: not _operators_in_all_namespaces + +- name: "Operators for the new installation style" + block: + + - name: Activate license service and certificate manager on OpenShift cluster {{ current_cp4i_cluster.openshift_cluster_name }} + include_role: + name: cp-fs-cluster-components + vars: + _p_openshift_cluster_name: "{{ current_cp4i_cluster.openshift_cluster_name }}" + _p_migrate_topology: False + _p_preview: False + + - name: "Installing foundational service operator" + include_tasks: install-foundational-service-operator.yml + + when: _new_style - name: Install operators for each needed instance type - include_tasks: install-operator.yml + include_tasks: install-instance-operator.yml loop: "{{ current_cp4i_cluster.instances | default([]) }}" loop_control: loop_var: current_cp4i_instance # ------------ INTEGRATION INSTANCES -------------------------------- +- name: "Setup prerequisites for Foundational Services instance" + include_tasks: setup-foundational-svc-prereq.yml + when: _new_style + - name: Create instances of CP4I capabilities and runtimes include_tasks: create-instance.yml loop: "{{ current_cp4i_cluster.instances | default([]) }}" @@ -98,11 +158,18 @@ # ------------ FINALIZING ------------------------------------------- -- name: Output Cloud pak for Integration URL and admin password +- name: "Output Cloud pak for Integration URL and admin password" include_role: name: cp4i-cluster-show + vars: + _p_new_style: "{{ _new_style }}" + _p_fs_namespace: "{{ 'ibm-common-services' if _operators_in_all_namespaces else current_cp4i_cluster.project }}" -- name: Ensure the status log folder exists +- name: "Ensure the status log folder exists" file: path: "{{status_dir}}/log" state: directory + + + + diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-foundational-service-operator.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-foundational-service-operator.yml new file mode 100644 index 000000000..c1b13c5df --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-foundational-service-operator.yml @@ -0,0 +1,81 @@ +--- + +# Global variables: +# - current_cp4i_cluster +# - _use_case_files +# - _operators_in_all_namespaces + + + +- name: "Find Foundational Services instance type" + set_fact: + _instance_type_details: "{{ instance_types | json_query(query) | first | default({}) }}" + vars: + query: >- + [?type=='foundational-services'] + +- fail: + msg: "An instance type foundational-services was not found" + when: _instance_type_details == {} + +- name: "Include version details variables" + include_vars: versions.yml + +- name: "Select cloud pak version" + set_fact: + _cloud_pak_ver: "{{ version_specific_properties | json_query(query) | first | default({}) }}" + vars: + query: >- + [?cp4i_version=='{{ current_cp4i_cluster.cp4i_version }}'] + +- fail: + msg: "Cloud Pak version {{ current_cp4i_cluster.cp4i_version }} not defined" + when: _cloud_pak_ver == {} + +- name: "Get Foundational Services version specific details" + set_fact: + _foundational_services_details: "{{ _cloud_pak_ver.instance_types | json_query(query) | first | default({}) }}" + vars: + query: >- + [?type=='foundational-services'] + +- fail: + msg: "Foundational Services not defined in CP4I version {{ current_cp4i_cluster.cp4i_version }}" + when: _foundational_services_details == {} + +- name: "Set Foundational Services subscription name" + set_fact: + _fs_subscr_name: "{{ _instance_type_details.package_name }}" + +- name: "Set Foundational channel" + set_fact: + _fs_channel: "{{ _foundational_services_details.channel }}" + +- name: "Set Foundation Services namespace when installing in all nxamespaces" + set_fact: + _fs_namespace: "openshift-operators" + when: _operators_in_all_namespaces + +- name: "Set Foundation Services namespace when installing in specific namespace" + set_fact: + _fs_namespace: "{{ current_cp4i_cluster.project }}" + when: not _operators_in_all_namespaces + +- name: "Set Foundational Services subscription source when using CASE files" + set_fact: + _fs_subscr_source: "{{ _instance_type_details.source_catalog_case }}" + when: _use_case_files + +- name: "Set Foundational Services subscription source when using online catalog" + set_fact: + _fs_subscr_source: "{{ _instance_type_details.source_catalog_online }}" + when: not _use_case_files + +- name: "Install operator" + include_tasks: install-operator.yml + vars: + _p_subscr_name: "{{ _fs_subscr_name }}" + _p_namespace: "{{ _fs_namespace }}" + _p_channel: "{{ _fs_channel }}" + _p_subscr_source: "{{ _fs_subscr_source }}" + diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-instance-operator.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-instance-operator.yml new file mode 100644 index 000000000..cde1c207b --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-instance-operator.yml @@ -0,0 +1,55 @@ +--- + +# Global variables: +# - current_cp4i_instance +# - _use_case_files +# - _operators_in_all_namespaces + +- name: "Install operator for {{ current_cp4i_instance.type }}" + block: + + - name: Find version specific instance type properties + include_tasks: get-instance-properties.yml + # --> instance_properties + + # ------------ FIND INSTANCE TYPE DEFINITION ---------------------- + + - name: Get instance type details + set_fact: + _inst_type_def: "{{ instance_types | json_query(query) | first | default({}) }}" + vars: + query: >- + [?type=='{{ instance_properties.type }}'] + + - name: Fail if the instance type cannot be found + fail: + msg: "Case instance type for instance {{ instance_properties.name }} not found." + when: _inst_type_def=={} + + # ------------ INSTALL OPERATOR ------------------------------------ + + - set_fact: + _source: "{{ _inst_type_def.source_catalog_case }}" + when: _use_case_files + + - set_fact: + _source: "{{ _inst_type_def.source_catalog_online }}" + when: not _use_case_files + + - set_fact: + _subscription_namespace: "openshift-operators" + when: _operators_in_all_namespaces + + - set_fact: + _subscription_namespace: "{{ current_cp4i_cluster.project }}" + when: not _operators_in_all_namespaces + + - name: "Install operator" + include_tasks: install-operator.yml + vars: + _p_subscr_name: "{{ _inst_type_def.package_name }}" + _p_namespace: "{{ _subscription_namespace }}" + _p_channel: "{{ instance_properties.channel }}" + _p_subscr_source: "{{ _source }}" + + when: (current_cp4i_instance.state | default('installed')) == 'installed' diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-operator.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-operator.yml index 842d9fe56..914cce832 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-operator.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/install-operator.yml @@ -1,88 +1,46 @@ --- -- name: "Install operator for {{ current_cp4i_instance.type }}" - block: +# Parameters: +# - _p_subscr_name +# - _p_namespace +# - _p_channel +# - _p_subscr_source - - name: Find version specific instance type properties - include_tasks: get-instance-properties.yml +# ------------ CHECK IF SUBSCRIPTION EXISTS ------------------------- - # ------------ FIND INSTANCE TYPE DEFINITION ---------------------- +- name: "Check if subscription {{ _p_subscr_name }} already exists" + shell: | + oc get subscriptions.operators.coreos.com -n {{ _p_namespace }} | grep {{ _p_subscr_name }} | wc -l + register: subscription_exists - - name: Get instance type details - set_fact: - _inst_type_def: "{{ instance_types | json_query(query) | first | default({}) }}" - vars: - query: >- - [?type=='{{ instance_properties.type }}'] - - - name: Fail if the instance type cannot be found - fail: - msg: "Case instance type for instance {{ instance_properties.name }} not found." - when: _inst_type_def=={} - - - # ------------ CHECK IF SUBSCRIPTION EXISTS ------------------------- - - - name: "Check if subscription {{ _inst_type_def.package_name }} already exists" - shell: | - oc get subscriptions -n openshift-operators | grep {{ _inst_type_def.package_name }} | wc -l - register: subscription_exists - - - name: Create subscription if it does not already exist - block: - - # ------------ SUBSCRIPTION VARIABLES ----------------------------- - - - set_fact: - _subscr_name: "{{ _inst_type_def.package_name }}" - - - set_fact: - _subscr_namespace: "openshift-operators" - when: _operators_in_all_namespaces - - - set_fact: - _subscr_namespace: "{{ current_cp4i_cluster.project }}" - when: not _operators_in_all_namespaces +- name: Create subscription if it does not already exist + block: - - set_fact: - _subscr_channel: "{{ instance_properties.channel }}" - - - set_fact: - _subscr_source: "{{ _inst_type_def.source_catalog_case }}" - when: _use_case_files - - - set_fact: - _subscr_source: "{{ _inst_type_def.source_catalog_online }}" - when: not _use_case_files - - # ------------ PREPARE AND APPLY YAML ----------------------------- - - - name: Prepare yaml file for creating subscription - template: - src: subscription.j2 - dest: "{{ status_dir }}/cp4i/{{ _subscr_name }}.yml" - - - name: "Create subscription using {{ status_dir }}/cp4i/{{ _subscr_name }}.yml" - shell: | - oc apply -f {{ status_dir }}/cp4i/{{ _subscr_name }}.yml - - # ---------- WAIT FOR SUBSCRIPTION TO BECOME READY ---------------- - - - name: "Wait for subscription {{ _subscr_name }} to become ready" - shell: | - csv=$(oc get subscription -n openshift-operators {{ _subscr_name }} -o json | jq -r .status.currentCSV) - if [[ "$csv" == "null" ]]; then - echo "null" - else - oc get csv -n openshift-operators ${csv} -o json 2>/dev/null | jq -r .status.phase - fi - register: pn_phase - retries: 100 - delay: 20 - until: pn_phase.stdout == "Succeeded" - - - when: subscription_exists.stdout == "0" - - when: (current_cp4i_instance.state | default('installed')) == 'installed' + # ------------ PREPARE AND APPLY YAML ----------------------------- + - name: "Create subscription" + include_tasks: apply-template.yml + vars: + _p_template: "subscription.j2" + _p_dest_name: "{{ _p_subscr_name }}.yml" + _subscr_name: "{{ _p_subscr_name }}" + _subscr_namespace: "{{ _p_namespace }}" + _subscr_channel: "{{ _p_channel }}" + _subscr_source: "{{ _p_subscr_source }}" + + # ---------- WAIT FOR SUBSCRIPTION TO BECOME READY ---------------- + + - name: "Waiting for subscription {{ _p_subscr_name }} in project {{ _p_namespace }} to become ready" + shell: | + csv=$(oc get subscriptions.operators.coreos.com -n {{ _p_namespace }} {{ _p_subscr_name }} -o json | jq -r .status.currentCSV) + if [[ "$csv" == "null" ]]; then + echo "null" + else + oc get clusterserviceversions.operators.coreos.com -n {{ _p_namespace }} ${csv} -o json 2>/dev/null | jq -r .status.phase + fi + register: pn_phase + retries: 100 + delay: 20 + until: pn_phase.stdout == "Succeeded" + + when: "subscription_exists.stdout | trim == '0'" diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/main.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/main.yml index b0b4390f6..09e58c521 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/main.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/main.yml @@ -1,9 +1,10 @@ --- -# INPUT VARIABLES: -# The following variables are prepared in roles 10 and 20: +# INPUT PARAMETERS +# +# all_config : loaded all configuration yamls +# current_cp4i_cluster : currently selected cluster from configuration # -# all_config : loaded all configuration yamls # status_dir : from environment variable STATUS_DIR # cloud_platform # @@ -15,7 +16,6 @@ # vault with the entitlement key or private registry credentials - - debug: msg: "Handling CP4I cluster {{ current_cp4i_cluster.project }}" @@ -23,60 +23,49 @@ # Check if license is accepted and fail if it is not # -- set_fact: - _cpd_accept_licenses: "False" +- name: Check if license is accepted and fail if it is not + block: + - set_fact: + _cpd_accept_licenses: "False" -- set_fact: - _cpd_accept_licenses: "True" - when: (cpd_accept_licenses | default(False) | bool) or (current_cp4i_cluster.accept_licenses | default(False) | bool) + - set_fact: + _cpd_accept_licenses: "True" + when: (cpd_accept_licenses | default(False) | bool) or (current_cp4i_cluster.accept_licenses | default(False) | bool) -- name: Fail if licenses were not accepted - fail: - msg: "You must accept the licenses, either in the cp4i object with accept_licenses: True, or by specifying --accept-all-licenses at the command line" - when: - - not (cpd_accept_licenses | default(False) | bool) - - not (current_cp4i_cluster.accept_licenses | default(False) | bool) + - name: Fail if licenses were not accepted + fail: + msg: "You must accept the licenses, either in the cp4i object with accept_licenses: True, or by specifying --accept-all-licenses at the command line" + when: not _cpd_accept_licenses # # Check which registry is used. Entitled or private? # +# --> _use_entitled_registry - name: Check if Entitled or private registry is used - set_fact: - _use_entitled_registry: False - -- set_fact: - _use_entitled_registry: True - when: - - (current_cp4i_cluster.image_registry_name | default("")) == "" - -- debug: - msg: "Using Entitled registry" - when: (_use_entitled_registry | bool) + block: + - set_fact: + _use_entitled_registry: False -- debug: - msg: "Using private registry" - when: not (_use_entitled_registry | bool) + - set_fact: + _use_entitled_registry: True + when: + - (current_cp4i_cluster.image_registry_name | default("")) == "" -# -# If private registry is used, check if {{ status_dir }}/ibm-pak exists -# + - debug: + msg: "Using Entitled registry" + when: (_use_entitled_registry | bool) -- name: "If private registry is used, check if {{ status_dir }}/ibm-pak exists" - block: - - stat: - path: "{{ status_dir }}/ibm-pak" - register: _ibm_pak_dir - - fail: - msg: "Directory {{ status_dir }}/ibm-pak needed for private registry does not exist" - when: _ibm_pak_dir.stat.exists==false - when: not (_use_entitled_registry | bool) + - debug: + msg: "Using private registry" + when: not (_use_entitled_registry | bool) # # If Entitled registry is used obtain its key from vault # and prepare authentication credentials. # Fail if the key does not exist in the vault # +# --> _entitled_reg_auth - name: Obtain Entitled registry key and prepare authentication credentials block: @@ -100,9 +89,12 @@ when: (_use_entitled_registry | bool) - +# # If private registry is used obtain its authentication credentials # from the vault. Fail if they don't exist +# +# --> _private_reg_auth +# _private_reg_url - name: Obtain private registry authentication credentials block: @@ -147,19 +139,20 @@ when: not (_use_entitled_registry | bool) - # -# Detect current openshift cluster from config +# Detect current openshift cluster from config (!!env_id) # +# --> _current_openshift_cluster -- set_fact: +- name: Detect current openshift cluster from config + set_fact: _current_openshift_cluster: "{{ all_config.openshift | json_query(query) | first | default({}) }}" vars: query: >- [?name=='{{ current_cp4i_cluster.openshift_cluster_name }}'] # -# Download OpenShift client for current version +# Download OpenShift client for current version # - name: Download and activate OpenShift client for version {{ _current_openshift_cluster.ocp_version }} @@ -168,7 +161,6 @@ vars: _p_ocp_version: "{{ _current_openshift_cluster.ocp_version }}" - # If airgapped installation defined mirror from portable to private registry - name: If airgapped installation mirror from portable to private registry @@ -256,7 +248,7 @@ when: (cpd_airgap | bool) # -# Login to OpenShift cluster +# Login to OpenShift cluster (!!env_id) # - name: Login to the OpenShift cluster @@ -270,13 +262,16 @@ # - name: Reset CP4I directory for generated files - file: - path: "{{ status_dir }}/cp4i" - state: absent + block: + + - file: + path: "{{ status_dir }}/cp4i" + state: absent -- file: - path: "{{ status_dir }}/cp4i" - state: directory + - name: Create directory status/cp4i + file: + path: "{{ status_dir }}/cp4i" + state: directory # # Prepare OpenShift cluster @@ -297,4 +292,5 @@ - name: Run cp4i installation include_tasks: install-cp4i.yml - when: not (cpd_skip_cp_install | bool) \ No newline at end of file + when: not (cpd_skip_cp_install | bool) + diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/openshift-prepare-project.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/openshift-prepare-project.yml index be11f9d85..a99f229e2 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/openshift-prepare-project.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/openshift-prepare-project.yml @@ -1,4 +1,5 @@ --- + - name: Validate mandatory variables are defined assert: that: @@ -8,13 +9,12 @@ fail: msg="cloud_platform {{ cloud_platform }} is not implemented, current implemented cloud platforms are {{ implemented_cloud_platform_types }} " when: "cloud_platform not in implemented_cloud_platform_types" -- name: "Validate if OpenShift project {{ current_cp4i_cluster.project }} exists" - shell: "oc get projects | grep -i '^{{ current_cp4i_cluster.project }}' | wc -l" - register: cp4i_cluster_project_exists - -- name: "Create OpenShift Project {{ current_cp4i_cluster.project }} if it does not exist" - command: "oc new-project {{ current_cp4i_cluster.project }}" - when: cp4i_cluster_project_exists.stdout == "0" +- name: "Create project {{ current_cp4i_cluster.project }}" + include_tasks: create-project.yml + vars: + _p_project_name: "{{ current_cp4i_cluster.project }}" - name: "Set OpenShift project {{ current_cp4i_cluster.project }} active" - command: "oc project {{ current_cp4i_cluster.project }}" + include_tasks: set-default-project.yml + vars: + _p_project_name: "{{ current_cp4i_cluster.project }}" diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/prepare-operator-group.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/prepare-operator-group.yml index 9b263548c..6d3464faf 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/prepare-operator-group.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/prepare-operator-group.yml @@ -1,10 +1,9 @@ --- -- name: Prepare yaml file for creating operator group - template: - src: operator-group.j2 - dest: "{{ status_dir }}/cp4i/operator-group.yml" - -- name: "Create operator group using {{ status_dir }}/cp4i/operator-group.yml" - shell: | - oc apply -f {{ status_dir }}/cp4i/operator-group.yml +- name: "Apply operator group template for namespace {{ current_cp4i_cluster.project }}" + include_tasks: apply-template.yml + vars: + _p_template: "operator-group.j2" + _p_dest_name: "operator-group.yml" + operator_group_name: "ibm-integration-operatorgroup" + operator_group_namespace: "{{ current_cp4i_cluster.project }}" diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/set-default-project.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/set-default-project.yml new file mode 100644 index 000000000..e7176d628 --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/set-default-project.yml @@ -0,0 +1,7 @@ +--- + +# Parameters: +# - _p_project_name + +- name: "Set project {{ _p_project_name }}" + command: "oc project {{ _p_project_name }}" diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/setup-foundational-svc-prereq.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/setup-foundational-svc-prereq.yml new file mode 100644 index 000000000..4ae8c3e52 --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/tasks/setup-foundational-svc-prereq.yml @@ -0,0 +1,33 @@ +--- + +# Global variables: +# - ocp_storage_class_file +# - _operators_in_all_namespaces +# - _foundational_services_namespace + +- name: "Check if default storage class is defined" + shell: | + oc get sc | grep "(default)" + register: _storage_class_exists + ignore_errors: yes + +- name: "Define a default storage class if it does not exist" + shell: | + oc patch storageclass {{ ocp_storage_class_file }} -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' + when: _storage_class_exists.rc != 0 + +- name: "If operators are installed in all namespaces, create extra namespace for FS" + block: + + - name: "Patch common-service CR" + shell: | + oc patch CommonService common-service -n openshift-operators --type merge -p '{"spec": {"servicesNamespace": "{{ _foundational_services_namespace }}"}}' + when: _foundational_services_namespace != "ibm-common-services" + + - name: "Create ibm-common-services project if installing in all namespaces" + include_tasks: create-project.yml + vars: + _p_project_name: "{{ _foundational_services_namespace }}" + + when: _operators_in_all_namespaces + diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/api-management-2.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/api-management-2.j2 new file mode 100644 index 000000000..41bc8a1fc --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/api-management-2.j2 @@ -0,0 +1,33 @@ +--- +apiVersion: apiconnect.ibm.com/v1beta1 +kind: APIConnectCluster +metadata: + annotations: + apiconnect-operator/backups-not-configured: 'true' + labels: + app.kubernetes.io/instance: apiconnect + app.kubernetes.io/managed-by: ibm-apiconnect + app.kubernetes.io/name: apiconnect-small + name: {{instance_properties.name}} + namespace: {{current_cp4i_cluster.project}} +spec: + analytics: + mtlsValidateClient: true + imagePullSecrets: + - ibm-entitlement-key + imageRegistry: cp.icr.io/cp/apic + license: + accept: {{ _cpd_accept_licenses | default(False) }} + license: {{instance_properties.license}} + metric: VIRTUAL_PROCESSOR_CORE + use: nonproduction + portal: + adminClientSubjectDN: '' + mtlsValidateClient: true + originalUID: '' + portalAdminEndpoint: {} + portalUIEndpoint: {} + profile: n1xc7.m48 + storageClassName: {{ocp_storage_class_block}} + version: "{{instance_properties.version}}" + \ No newline at end of file diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/api-management-one-node-minimum.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/api-management-one-node-minimum.j2 index 14a9dd7b9..be777920f 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/api-management-one-node-minimum.j2 +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/api-management-one-node-minimum.j2 @@ -4,14 +4,19 @@ metadata: labels: app.kubernetes.io/instance: apiconnect app.kubernetes.io/managed-by: ibm-apiconnect - app.kubernetes.io/name: apiconnect-minimum + app.kubernetes.io/name: apiconnect-small name: {{instance_properties.name}} namespace: {{current_cp4i_cluster.project}} spec: + analytics: + mtlsValidateClient: true license: accept: {{ _cpd_accept_licenses | default(False) }} - use: nonproduction license: {{instance_properties.license}} + metric: VIRTUAL_PROCESSOR_CORE + use: nonproduction + portal: + mtlsValidateClient: true profile: n1xc7.m48 version: "{{instance_properties.version}}" storageClassName: {{ocp_storage_class_block}} \ No newline at end of file diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/automation-assets-2.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/automation-assets-2.j2 new file mode 100644 index 000000000..8e039450b --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/automation-assets-2.j2 @@ -0,0 +1,20 @@ +--- +apiVersion: integration.ibm.com/v1beta1 +kind: AssetRepository +metadata: + labels: + backup.integration.ibm.com/component: assetrepository + name: {{instance_properties.name}} + namespace: {{current_cp4i_cluster.project}} +spec: + license: + accept: {{ _cpd_accept_licenses | default(False) }} + license: {{instance_properties.license}} + replicas: 1 + singleReplicaOnly: true + storage: + assetDataVolume: + class: {{ocp_storage_class_file}} + couchVolume: + class: {{ocp_storage_class_block}} + version: "{{instance_properties.version}}" \ No newline at end of file diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/automation-assets-development.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/automation-assets-development.j2 index 4a163aa02..0eae94911 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/automation-assets-development.j2 +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/automation-assets-development.j2 @@ -8,6 +8,7 @@ spec: accept: {{ _cpd_accept_licenses | default(False) }} license: {{instance_properties.license}} replicas: 1 + singleReplicaOnly: true storage: assetDataVolume: class: {{ocp_storage_class_file}} diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/cp4i-catalog-sources.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/cp4i-catalog-sources.j2 index 131127ac2..835430e38 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/cp4i-catalog-sources.j2 +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/cp4i-catalog-sources.j2 @@ -12,4 +12,4 @@ spec: sourceType: grpc updateStrategy: registryPoll: - interval: 45m + interval: 45m diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/cp4i-platform-navigator-2.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/cp4i-platform-navigator-2.j2 new file mode 100644 index 000000000..f68f8d146 --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/cp4i-platform-navigator-2.j2 @@ -0,0 +1,15 @@ +--- + +apiVersion: integration.ibm.com/v1beta1 +kind: PlatformNavigator +metadata: + name: {{instance_properties.name}} + labels: + backup.integration.ibm.com/component: platformnavigator + namespace: {{current_cp4i_cluster.project}} +spec: + license: + accept: {{ _cpd_accept_licenses | default(False) }} + license: {{instance_properties.license}} + replicas: 1 + version: {{current_cp4i_cluster.cp4i_version}} diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/enterprise-gateway-2.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/enterprise-gateway-2.j2 new file mode 100644 index 000000000..fe3b5025e --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/enterprise-gateway-2.j2 @@ -0,0 +1,56 @@ +--- +apiVersion: datapower.ibm.com/v1beta3 +kind: DataPowerService +metadata: + name: {{instance_properties.name}} + namespace: {{current_cp4i_cluster.project}} +spec: + createServiceBinding: automatic + healthCheck: + logLevel: info + probe: + port: 7879 + watchdog: + enabled: true + hardTimeoutSeconds: 80 + softTimeoutSeconds: 60 + imagePullPolicy: IfNotPresent + license: + accept: {{ _cpd_accept_licenses | default(False) }} + license: {{instance_properties.license}} + use: nonproduction + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 7879 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + podManagementPolicy: Parallel + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 7879 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + replicas: 1 + resources: + limits: + memory: 4Gi + requests: + cpu: '1' + memory: 4Gi + terminationGracePeriodSeconds: 30 + users: + - name: admin + accessLevel: privileged + passwordSecret: {{_dp_admin_password_secret}} + version: "{{instance_properties.version}}" + \ No newline at end of file diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-endpoint-management-2.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-endpoint-management-2.j2 new file mode 100644 index 000000000..277c59de5 --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-endpoint-management-2.j2 @@ -0,0 +1,33 @@ +--- +apiVersion: events.ibm.com/v1beta1 +kind: EventEndpointManagement +metadata: + finalizers: + - eventendpointmanagements.events.ibm.com/finalizer + name: {{instance_properties.name}} + namespace: {{current_cp4i_cluster.project}} +spec: + deployNetworkPolicies: true + license: + accept: {{ _cpd_accept_licenses | default(False) }} + license: {{instance_properties.license}} + metric: VIRTUAL_PROCESSOR_CORE + use: CloudPakForIntegrationNonProduction + manager: + authConfig: + authType: LOCAL + storage: + deleteClaim: false + type: ephemeral + template: + pod: + spec: + containers: + - name: manager + resources: + limits: + cpu: '0.5' + memory: 512Mi + requests: + cpu: '0.25' + memory: 256Mi diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-endpoint-management-one-node-minimum.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-endpoint-management-one-node-minimum.j2 index 4cf6ac59e..d0f2ac836 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-endpoint-management-one-node-minimum.j2 +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-endpoint-management-one-node-minimum.j2 @@ -1,20 +1,28 @@ -apiVersion: eventendpointmanager.apiconnect.ibm.com/v1beta1 -kind: EventEndpointManager +apiVersion: events.ibm.com/v1beta1 +kind: EventEndpointManagement metadata: - labels: - app.kubernetes.io/instance: eventendpointmanager-minimum - app.kubernetes.io/managed-by: ibm-apiconnect - app.kubernetes.io/name: eventendpointmanager-minimum name: {{instance_properties.name}} namespace: {{current_cp4i_cluster.project}} spec: - endpointTypes: - - Events license: accept: {{ _cpd_accept_licenses | default(False) }} license: {{instance_properties.license}} metric: VIRTUAL_PROCESSOR_CORE - use: nonproduction - profile: n1xc10.m48 - version: "{{instance_properties.version}}" - storageClassName: {{ocp_storage_class_block}} \ No newline at end of file + use: CloudPakForIntegrationNonProduction + manager: + authConfig: + authType: LOCAL + storage: + type: ephemeral + template: + pod: + spec: + containers: + - name: manager + resources: + requests: + cpu: '0.25' + memory: 256Mi + limits: + cpu: '0.5' + memory: 512Mi diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-streams-2.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-streams-2.j2 new file mode 100644 index 000000000..a847dde6a --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-streams-2.j2 @@ -0,0 +1,68 @@ +--- +apiVersion: eventstreams.ibm.com/v1beta2 +kind: EventStreams +metadata: + annotations: + eventstreams.ibm.com/apicurio-registry-version: '>=2.4' + labels: + backup.eventstreams.ibm.com/component: eventstreams + name: {{instance_properties.name}} + namespace: {{current_cp4i_cluster.project}} +spec: + adminApi: {} + adminUI: + authentication: + - type: integrationKeycloak + apicurioRegistry: {} + collector: {} + license: + accept: {{ _cpd_accept_licenses | default(False) }} + license: {{instance_properties.license}} + use: CloudPakForIntegrationNonProduction + restProducer: {} + strimziOverrides: + kafka: + authorization: + type: simple + config: + default.replication.factor: 3 + inter.broker.protocol.version: '3.5' + log.cleaner.threads: 6 + min.insync.replicas: 2 + num.io.threads: 24 + num.network.threads: 9 + num.replica.fetchers: 3 + offsets.topic.replication.factor: 3 + listeners: + - name: external + authentication: + type: scram-sha-512 + port: 9094 + tls: true + type: route + - name: tls + authentication: + type: tls + port: 9093 + tls: true + type: internal + metricsConfig: + type: jmxPrometheusExporter + valueFrom: + configMapKeyRef: + key: kafka-metrics-config.yaml + name: {{instance_properties.name}}-metrics-config + replicas: 3 + storage: + type: ephemeral + zookeeper: + metricsConfig: + type: jmxPrometheusExporter + valueFrom: + configMapKeyRef: + key: zookeeper-metrics-config.yaml + name: {{instance_properties.name}}-metrics-config + replicas: 3 + storage: + type: ephemeral + version: "{{instance_properties.version}}" diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-streams-development.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-streams-development.j2 index 835ddc53e..485dc36c3 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-streams-development.j2 +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/event-streams-development.j2 @@ -1,12 +1,17 @@ apiVersion: eventstreams.ibm.com/v1beta2 kind: EventStreams metadata: + annotations: + eventstreams.ibm.com/apicurio-registry-version: '>=2.4' name: {{instance_properties.name}} + labels: + backup.eventstreams.ibm.com/component: eventstreams namespace: {{current_cp4i_cluster.project}} spec: version: "{{instance_properties.version}}" license: accept: {{ _cpd_accept_licenses | default(False) }} + license: {{instance_properties.license}} use: CloudPakForIntegrationNonProduction adminApi: {} adminUI: {} @@ -21,9 +26,8 @@ spec: supportsAdminApi: true authorizerClass: com.ibm.eventstreams.runas.authorizer.RunAsAuthorizer config: - inter.broker.protocol.version: '3.2' + inter.broker.protocol.version: '3.5' log.cleaner.threads: 6 - log.message.format.version: '3.2' num.io.threads: 24 num.network.threads: 9 num.replica.fetchers: 3 @@ -48,7 +52,7 @@ spec: valueFrom: configMapKeyRef: key: kafka-metrics-config.yaml - name: metrics-config + name: {{instance_properties.name}}-metrics-config storage: type: ephemeral zookeeper: @@ -58,7 +62,7 @@ spec: valueFrom: configMapKeyRef: key: zookeeper-metrics-config.yaml - name: metrics-config + name: {{instance_properties.name}}-metrics-config storage: type: ephemeral requestIbmServices: diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/high-speed-transfer-server-quickstart.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/high-speed-transfer-server-quickstart.j2 index f86e11140..02a46903e 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/high-speed-transfer-server-quickstart.j2 +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/high-speed-transfer-server-quickstart.j2 @@ -18,7 +18,7 @@ spec: redis: persistence: enabled: false - version: "{{instance_properties.redis_version}}" + storageClass: {{ocp_storage_class_file}} services: httpProxy: type: ClusterIP diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/integration-dashboard-2.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/integration-dashboard-2.j2 new file mode 100644 index 000000000..9ceca43df --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/integration-dashboard-2.j2 @@ -0,0 +1,42 @@ +--- +apiVersion: appconnect.ibm.com/v1beta1 +kind: Dashboard +metadata: + labels: + backup.appconnect.ibm.com/component: dashboard + name: {{instance_properties.name}} + namespace: {{current_cp4i_cluster.project}} +spec: + authentication: + integrationKeycloak: + enabled: true + authorization: + integrationKeycloak: + enabled: true + displayMode: IntegrationRuntimes + license: + accept: {{ _cpd_accept_licenses | default(False) }} + license: {{instance_properties.license}} + use: CloudPakForIntegrationNonProduction + pod: + containers: + content-server: + resources: + limits: + memory: 512Mi + requests: + cpu: 50m + memory: 50Mi + control-ui: + resources: + limits: + memory: 512Mi + requests: + cpu: 50m + memory: 125Mi + replicas: 1 + storage: + size: 5Gi + type: persistent-claim + class: {{ocp_storage_class_file}} + version: "{{instance_properties.version}}" diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/integration-dashboard-quickstart.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/integration-dashboard-quickstart.j2 index 3bc5393ad..8e559b8eb 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/integration-dashboard-quickstart.j2 +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/integration-dashboard-quickstart.j2 @@ -4,6 +4,7 @@ metadata: name: {{instance_properties.name}} namespace: {{current_cp4i_cluster.project}} spec: + displayMode: IntegrationRuntimes license: accept: {{ _cpd_accept_licenses | default(False) }} license: {{instance_properties.license}} @@ -13,7 +14,6 @@ spec: content-server: resources: limits: - cpu: 250m memory: 512Mi requests: cpu: 50m @@ -21,7 +21,6 @@ spec: control-ui: resources: limits: - cpu: 500m memory: 512Mi requests: cpu: 50m diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/integration-design-2.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/integration-design-2.j2 new file mode 100644 index 000000000..e3d5a936f --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/integration-design-2.j2 @@ -0,0 +1,28 @@ +--- +apiVersion: appconnect.ibm.com/v1beta1 +kind: DesignerAuthoring +metadata: + labels: + backup.appconnect.ibm.com/component: designerauthoring + name: {{instance_properties.name}} + namespace: {{current_cp4i_cluster.project}} +spec: + authentication: + integrationKeycloak: + enabled: true + authorization: + integrationKeycloak: + enabled: true + couchdb: + replicas: 1 + storage: + size: 10Gi + type: persistent-claim + class: {{ocp_storage_class_block}} + designerFlowsOperationMode: local + license: + accept: {{ _cpd_accept_licenses | default(False) }} + license: {{instance_properties.license}} + use: CloudPakForIntegrationNonProduction + replicas: 1 + version: "{{instance_properties.version}}" \ No newline at end of file diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/messaging-2.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/messaging-2.j2 new file mode 100644 index 000000000..f6ed1b05b --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/messaging-2.j2 @@ -0,0 +1,33 @@ +--- +apiVersion: mq.ibm.com/v1beta1 +kind: QueueManager +metadata: + annotations: + com.ibm.mq/write-defaults-spec: 'false' + finalizers: + - finalizer.queuemanagers.mq.ibm.com + name: {{instance_properties.name}} + namespace: {{current_cp4i_cluster.project}} +spec: + license: + accept: {{ _cpd_accept_licenses | default(False) }} + license: {{instance_properties.license}} + use: NonProduction + queueManager: + name: {{instance_properties.queue_manager_name}} + resources: + limits: + cpu: 500m + requests: + cpu: 500m + storage: + queueManager: + type: ephemeral + version: "{{instance_properties.version}}" + web: + console: + authentication: + provider: integration-keycloak + authorization: + provider: integration-keycloak + enabled: true \ No newline at end of file diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/operator-group.j2 b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/operator-group.j2 index 5775c9e47..23e75d34f 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/operator-group.j2 +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/templates/operator-group.j2 @@ -1,8 +1,9 @@ +--- apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: - name: ibm-integration-operatorgroup - namespace: {{current_cp4i_cluster.project}} + name: {{operator_group_name}} + namespace: {{operator_group_namespace}} spec: targetNamespaces: - - {{current_cp4i_cluster.project}} + - {{operator_group_namespace}} diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/vars/main.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/vars/main.yml index 8d4d98877..6e8f61737 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/vars/main.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/vars/main.yml @@ -1,10 +1,13 @@ --- -implemented_cloud_platform_types: ['ibm-cloud','existing-ocp','vsphere','aws'] +implemented_cloud_platform_types: ['ibm-cloud','existing-ocp','vsphere','aws','azure'] _v_entitled_registry: cp.icr.io _v_entitled_registry_username: cp case_github_url: "https://github.com/IBM/cloud-pak/raw/master/repo/case" +license_service_project: ibm-licensing +_v_template_dest_directory: "{{ status_dir }}/cp4i" + instance_types: - type: platform-navigator @@ -78,14 +81,15 @@ instance_types: catalog_source_yaml_name: catalog-sources-linux-amd64.yaml - type: event-endpoint-management - package_name: ibm-apiconnect - kind: EventEndpointManager - case_file_name: ibm-apiconnect - case_inventory: apiconnectOperatorSetup + # NOTE: Not compatible with cp4i 2022.4 and older + package_name: ibm-eventendpointmanagement + kind: EventEndpointManagement + case_file_name: ibm-eventendpointmanagement + case_inventory: eemOperatorSetup source_catalog_online: ibm-operator-catalog - source_catalog_case: ibm-apiconnect-catalog - default_template: event-endpoint-management-one-node-minimum - catalog_source_yaml_name: catalog-sources.yaml + source_catalog_case: ibm-eventendpointmanagement-catalog + default_template: event-endpoint-management-one-node-minimum # ?? + catalog_source_yaml_name: catalog-sources-linux-amd64.yaml - type: event-streams package_name: ibm-eventstreams @@ -116,4 +120,12 @@ instance_types: source_catalog_case: ibm-integration-operations-dashboard-catalog default_template: integration-tracing-development catalog_source_yaml_name: catalog-sources-linux-amd64.yaml + +- type: foundational-services + package_name: ibm-common-service-operator + case_file_name: ibm-cp-common-services + source_catalog_online: ibm-operator-catalog + source_catalog_case: opencloud-operators + catalog_source_yaml_name: catalog-sources.yaml + diff --git a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/vars/versions.yml b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/vars/versions.yml index 1625d3a03..6dda3e16f 100644 --- a/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/vars/versions.yml +++ b/automation-roles/50-install-cloud-pak/cp4i/cp4i-cluster/vars/versions.yml @@ -1,5 +1,169 @@ version_specific_properties: +- cp4i_version: 2023.4.1-0 + instance_types: + + - type: platform-navigator + name: integration-navigator + license: L-VTPK-22YZPK + channel: v7.2 + case_version: 7.2.0 + template: cp4i-platform-navigator-2 + + - type: api-management + name: apic1 + license: L-MMBZ-295QZQ + version: 10.0.7.0 + channel: v5.1 + case_version: 5.1.0 + template: api-management-2 + + - type: automation-assets + name: asset-repo1 + license: L-VTPK-22YZPK + version: 2023.4.1-0 + channel: v1.6 + case_version: 1.6.0 + template: automation-assets-2 + + - type: enterprise-gateway + name: data-power1 + admin_password_secret: '' + license: L-DMTT-Y3TW5C + version: 10.5-cd + channel: v1.9 + case_version: 1.9.0 + template: enterprise-gateway-2 + + - type: event-endpoint-management + name: eepm1 + license: L-VTPK-22YZPK + version: latest + channel: v11.1 + case_version: 11.1.1 + template: event-endpoint-management-2 + + - type: event-streams + name: es1 + license: L-VTPK-22YZPK + version: latest + channel: v3.3 + case_version: 3.3.0 + template: event-streams-2 + + - type: high-speed-transfer-server + name: aspera1 + aspera_key: '' + version: 4.4.3 + channel: v1.5 + case_version: 1.5.12 + + - type: integration-dashboard + name: ace1 + license: L-UAZF-8ZYQDD + version: '12.0' + channel: v11.1 + case_version: 11.1.0 + template: integration-dashboard-2 + + - type: integration-design + name: designer1 + license: L-UAZF-8ZYQDD + version: '12.0' + channel: v11.1 + case_version: 11.1.0 + template: integration-design-2 + + - type: messaging + name: mq1 + queue_manager_name: QUICKSTART + license: L-VTPK-22YZPK + version: 9.3.4.0-r1 + channel: v3.0 + case_version: 3.0.0 + template: messaging-2 + + - type: foundational-services + channel: v4.3 + case_version: 4.3.1 + +- cp4i_version: 2023.2.1-3 + instance_types: + + - type: platform-navigator + name: integration-navigator + license: L-YBXJ-ADJNSM + channel: v7.1 + case_version: 7.1.3 + + - type: api-management + name: apic1 + license: L-KZXM-S7SNCU + version: 10.0.6.0 + channel: v5.0 + case_version: 5.0.0 + + - type: automation-assets + name: asset-repo1 + license: L-RJON-CD3JKX + version: 2022.2.1-15 + channel: v1.5 + case_version: 1.5.15 + + - type: enterprise-gateway + name: data-power1 + admin_password_secret: '' + license: L-SNGS-6KCD8C + version: 10.5-cd + channel: v1.8 + case_version: 1.8.1 + + - type: event-endpoint-management + name: eepm1 + license: L-YBXJ-ADJNSM + version: latest + channel: v11.0 + case_version: 11.0.6 + + - type: event-streams + name: es1 + license: L-YBXJ-ADJNSM + version: latest + channel: v3.2 + case_version: 3.2.5 + + - type: high-speed-transfer-server + name: aspera1 + aspera_key: '' + version: 4.4.3 + channel: v1.5 + case_version: 1.5.12 + + - type: integration-dashboard + name: ace1 + license: L-UTKS-P46KK2 + version: '12.0' + channel: v10.1 + case_version: 10.1.1 + + - type: integration-design + name: designer1 + license: L-UTKS-P46KK2 + version: '12.0' + channel: v10.1 + case_version: 10.1.1 + + - type: messaging + name: mq1 + queue_manager_name: QUICKSTART + license: L-YBXJ-ADJNSM + version: 9.3.3.2-r3 + channel: v2.4 + case_version: 2.4.6 + + - type: foundational-services + case_version: 1.19.11 + - cp4i_version: 2022.4.1-0 instance_types: @@ -31,13 +195,6 @@ version_specific_properties: channel: v1.6 case_version: 1.6.6 - - type: event-endpoint-management - name: eepm1 - license: L-VQYA-YNM22H - version: 10.0.5.3 - channel: v3.3 - case_version: 4.0.4 - - type: event-streams name: es1 version: latest @@ -111,13 +268,6 @@ version_specific_properties: channel: v1.6 case_version: 1.6.1 - - type: event-endpoint-management - name: eepm1 - license: L-RJON-CEBLEH - version: 10.0.5.0 - channel: v3.0 - case_version: 4.0.0 - - type: event-streams name: es1 version: 11.0.4 @@ -191,13 +341,6 @@ version_specific_properties: channel: v1.5 case_version: 1.5.0 - - type: event-endpoint-management - name: eepm1 - license: L-RJON-C7BJ42 - version: 10.0 - channel: v2.5 - case_version: 3.0.6 - - type: event-streams name: es1 version: 10.5.0 diff --git a/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/tasks/get-latest-cp4d-version.yml b/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/tasks/get-latest-cp4d-version.yml new file mode 100644 index 000000000..0025f1c7f --- /dev/null +++ b/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/tasks/get-latest-cp4d-version.yml @@ -0,0 +1,18 @@ +--- +- name: Get all release files in directory /opt/ansible/ansible-play/config-vars + find: + paths: /opt/ansible/ansible-play/config-vars + recurse: False + patterns: "release*.yml" + register: _cp4d_release_files + +- debug: + var: _cp4d_release_files + +- name: Show latest release + debug: + msg: "Last file: {{ _cp4d_release_files.files | last | default({}) }}" + +- name: Extract release from {{ (_cp4d_release_files.files | last).path }} file + set_fact: + _p_cp4d_version: "{{ (_cp4d_release_files.files | last).path | regex_search('([0-9].[0-9]+.[0-9]+)','\\1') | first }}" diff --git a/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/tasks/main.yml b/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/tasks/main.yml index 589bac8f4..6e5a043c4 100644 --- a/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/tasks/main.yml +++ b/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/tasks/main.yml @@ -2,27 +2,37 @@ - set_fact: _threads_per_core: "{{ _p_license_threads_per_core | default(1) }}" +- include_tasks: get-latest-cp4d-version.yml + when: (_p_cp4d_version | default('')) == '' + - name: Delete offline directory file: path: /tmp/work/offline state: absent -- name: If air-gapped, copy case files from {{ status_dir }}/cp4d/offline to /tmp/work/offline +- name: If air-gapped, copy case files from {{ _v_template_dest_directory }}/offline to /tmp/work/offline copy: - src: "{{ status_dir }}/cp4d/offline" + src: "{{ _v_template_dest_directory }}/offline" dest: /tmp/work/ remote_src: True when: (cpd_airgap | default(False) | bool) -- name: Generate apply-cluster-components script {{ status_dir }}/cp4d/{{ _p_openshift_cluster_name }}-apply-cluster-components.sh +- set_fact: + _cert_manager_project: 'ibm-cert-manager' + +- set_fact: + _cert_manager_project: 'cert-manager' + when: (_p_cert_manager | default('ibm')) != 'ibm' + +- name: Generate apply-cluster-components script {{ _v_template_dest_directory }}/{{ _p_openshift_cluster_name }}-apply-cluster-components.sh template: src: apply-cluster-components.j2 - dest: "{{ status_dir }}/cp4d/{{ _p_openshift_cluster_name }}-apply-cluster-components.sh" + dest: "{{ _v_template_dest_directory }}/{{ _p_openshift_cluster_name }}-apply-cluster-components.sh" mode: u+rwx - name: Run shell script to apply cluster components on OpenShift cluster {{ _p_openshift_cluster_name }}, logs are in {{ status_dir }}/log/{{ _p_openshift_cluster_name }}-apply-cluster-components.log shell: | - {{ status_dir }}/cp4d/{{ _p_openshift_cluster_name }}-apply-cluster-components.sh + {{ _v_template_dest_directory }}/{{ _p_openshift_cluster_name }}-apply-cluster-components.sh when: - not _p_preview diff --git a/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/templates/apply-cluster-components.j2 b/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/templates/apply-cluster-components.j2 index 9db3c58d7..ee606d214 100644 --- a/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/templates/apply-cluster-components.j2 +++ b/automation-roles/50-install-cloud-pak/cpfs/cp-fs-cluster-components/templates/apply-cluster-components.j2 @@ -8,5 +8,5 @@ apply-cluster-components \ {% if _p_migrate_topology | default(False) -%} --migrate_from_cs_ns={{ foundational_services_project }} \ {% endif -%} - --cert_manager_ns={{ cert_manager_project }} \ - --licensing_ns={{ license_service_project }} 2>&1 | tee {{ status_dir }}/log/{{ _p_openshift_cluster_name }}-apply-cluster-components.log 2>&1 + --cert_manager_ns={{ _cert_manager_project }} \ + --licensing_ns={{ license_service_project | default('ibm-licensing') }} 2>&1 | tee {{ status_dir }}/log/{{ _p_openshift_cluster_name }}-apply-cluster-components.log 2>&1 diff --git a/automation-roles/80-smoke-tests/cp4i-cluster-show/tasks/main.yml b/automation-roles/80-smoke-tests/cp4i-cluster-show/tasks/main.yml index d0465687f..1d93f52ca 100644 --- a/automation-roles/80-smoke-tests/cp4i-cluster-show/tasks/main.yml +++ b/automation-roles/80-smoke-tests/cp4i-cluster-show/tasks/main.yml @@ -1,17 +1,30 @@ --- +# Parameters: +# - _p_new_style +# - _p_fs_namespace -- name: Extract admin password from OpenShift secret +- name: "Extract admin password when using versions prior to 2023.4.1" shell: | oc get secrets -n ibm-common-services platform-auth-idp-credentials -ojsonpath='{.data.admin_password}' | base64 -d && echo "" register: admin_pwd + when: not _p_new_style -- name: Make sure that directory {{ status_dir }}/cloud-paks exists +- name: "Extract admin password when using versions 2023.4.1 and later" + shell: | + oc get secrets -n {{ _p_fs_namespace }} integration-admin-initial-temporary-credentials -ojsonpath='{.data.password}' | base64 -d && echo "" + register: admin_pwd + when: _p_new_style + +- name: "Make sure that directory {{ status_dir }}/cloud-paks exists" file: path: "{{ status_dir }}/cloud-paks" state: directory -- name: Store CP4I Platform Navigator into log file +- name: "Determine admin user name" + set_fact: + admin_user: "{{ 'integration-admin' if _p_new_style else 'admin' }}" + +- name: "Store CP4I Platform Navigator into log file" copy: - content: "admin password: {{ admin_pwd.stdout }}" + content: "{{ admin_user }} password: {{ admin_pwd.stdout }}" dest: "{{ status_dir }}/cloud-paks/cp4i-{{ current_cp4i_cluster.openshift_cluster_name }}-{{ current_cp4i_cluster.project }}-PN-access.txt" - diff --git a/sample-configurations/cp4i-existing-ocp/config/sample-cp4i.yaml b/sample-configurations/cp4i-existing-ocp/config/sample-cp4i.yaml index dd8cd5e44..ea619608a 100644 --- a/sample-configurations/cp4i-existing-ocp/config/sample-cp4i.yaml +++ b/sample-configurations/cp4i-existing-ocp/config/sample-cp4i.yaml @@ -1,6 +1,6 @@ --- + global_config: - environment_name: sample cloud_platform: existing-ocp confirm_destroy: False @@ -10,9 +10,9 @@ vault: openshift: - name: "{{ env_id }}" - ocp_version: "4.10" + ocp_version: "4.14" cluster_name: "{{ env_id }}" - domain_name: ocp-120000gh3t-tyhe.cloud.techzone.ibm.com + domain_name: 658a76f3fb5859001139d5cf.cloud.techzone.ibm.com openshift_storage: - storage_name: techzone storage_type: custom @@ -27,14 +27,13 @@ image_registry: cp4i: - project: cp4i openshift_cluster_name: "{{ env_id }}" - cp4i_version: 2022.4.1-0 + cp4i_version: 2023.4.1-0 accept_licenses: true - #image_registry_name: demoreg - + instances: - type: platform-navigator - state: installed + state: installed # installed/removed - type: api-management state: removed @@ -45,7 +44,7 @@ cp4i: - type: enterprise-gateway state: removed - - type: event-endpoint-management + - type: event-endpoint-management # NOTE: Don't use it for cp4i 2022.4 and older state: removed - type: event-streams @@ -55,13 +54,13 @@ cp4i: state: removed - type: integration-dashboard - state: removed + state: installed - type: integration-design state: removed - - type: integration-tracing + - type: integration-tracing # NOTE: Don't use it for cp4i 2023.2 and newer state: removed - type: messaging - state: removed \ No newline at end of file + state: installed \ No newline at end of file diff --git a/sample-configurations/sample-dynamic/config-samples/cp4i-simple.yaml b/sample-configurations/sample-dynamic/config-samples/cp4i-2022-2-1.yaml similarity index 100% rename from sample-configurations/sample-dynamic/config-samples/cp4i-simple.yaml rename to sample-configurations/sample-dynamic/config-samples/cp4i-2022-2-1.yaml diff --git a/sample-configurations/sample-dynamic/config-samples/cp4i-2023-4-1.yaml b/sample-configurations/sample-dynamic/config-samples/cp4i-2023-4-1.yaml new file mode 100644 index 000000000..144f4f585 --- /dev/null +++ b/sample-configurations/sample-dynamic/config-samples/cp4i-2023-4-1.yaml @@ -0,0 +1,40 @@ +--- +cp4i: +- project: cp4i + openshift_cluster_name: "{{ env_id }}" + cp4i_version: 2023.4.1-0 + accept_licenses: False + + instances: + - type: platform-navigator + state: installed # installed/removed + + - type: api-management + state: removed + + - type: automation-assets + state: removed + + - type: enterprise-gateway + state: removed + + - type: event-endpoint-management # NOTE: Don't use it for cp4i 2022.4 and older + state: removed + + - type: event-streams + state: removed + + - type: high-speed-transfer-server + state: removed + + - type: integration-dashboard + state: installed + + - type: integration-design + state: removed + + - type: integration-tracing # NOTE: Don't use it for cp4i 2023.2 and newer + state: removed + + - type: messaging + state: installed \ No newline at end of file