aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/contrib/components/awx
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-04-07 12:02:22 +0200
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-04-08 13:53:39 +0200
commita5bb31b95347229e400099565bedd3f6a3785c9a (patch)
tree287f237d9428719650f968ef225cb9af89a2cf3b /kubernetes/contrib/components/awx
parentae739cd0ea9487d37b897e8ac0fd09577e16f5b0 (diff)
[Contrib] Authorize choice of subcomponents
Instead of forcing installation of all contrib components, make the installation of these components enabled with a toggle, so each person can choose to install a subset, all or none. Issue-ID: OOM-2352 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ie112fe1f1864587b9ac69f18967a3c28d16bdbbe
Diffstat (limited to 'kubernetes/contrib/components/awx')
-rwxr-xr-xkubernetes/contrib/components/awx/Chart.yaml20
-rw-r--r--kubernetes/contrib/components/awx/Makefile16
-rwxr-xr-xkubernetes/contrib/components/awx/charts/awx-postgres/Chart.yaml18
-rwxr-xr-xkubernetes/contrib/components/awx/charts/awx-postgres/templates/NOTES.txt33
-rwxr-xr-xkubernetes/contrib/components/awx/charts/awx-postgres/templates/deployment.yaml86
-rwxr-xr-xkubernetes/contrib/components/awx/charts/awx-postgres/templates/pv.yaml40
-rwxr-xr-xkubernetes/contrib/components/awx/charts/awx-postgres/templates/pvc.yaml39
-rwxr-xr-xkubernetes/contrib/components/awx/charts/awx-postgres/templates/service.yaml42
-rwxr-xr-xkubernetes/contrib/components/awx/charts/awx-postgres/values.yaml83
-rwxr-xr-xkubernetes/contrib/components/awx/charts/awx/Chart.yaml18
-rw-r--r--kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py36
-rw-r--r--kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh23
-rw-r--r--kubernetes/contrib/components/awx/charts/awx/templates/configmap.yaml146
-rw-r--r--kubernetes/contrib/components/awx/charts/awx/templates/job.yaml125
-rw-r--r--kubernetes/contrib/components/awx/charts/awx/templates/secret.yaml31
-rwxr-xr-xkubernetes/contrib/components/awx/charts/awx/templates/service.yaml80
-rw-r--r--kubernetes/contrib/components/awx/charts/awx/templates/serviceaccout.yaml47
-rw-r--r--kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml213
-rwxr-xr-xkubernetes/contrib/components/awx/charts/awx/values.yaml111
-rwxr-xr-xkubernetes/contrib/components/awx/requirements.yaml18
-rwxr-xr-xkubernetes/contrib/components/awx/values.yaml39
21 files changed, 1264 insertions, 0 deletions
diff --git a/kubernetes/contrib/components/awx/Chart.yaml b/kubernetes/contrib/components/awx/Chart.yaml
new file mode 100755
index 0000000000..6cd16b4783
--- /dev/null
+++ b/kubernetes/contrib/components/awx/Chart.yaml
@@ -0,0 +1,20 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Ansible AWX
+name: awx
+sources:
+ - https://github.com/ansible/awx
+version: 6.0.0
diff --git a/kubernetes/contrib/components/awx/Makefile b/kubernetes/contrib/components/awx/Makefile
new file mode 100644
index 0000000000..d8a50339d6
--- /dev/null
+++ b/kubernetes/contrib/components/awx/Makefile
@@ -0,0 +1,16 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+make-awx:
+ cd charts && helm dep up awx-postgres
diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/Chart.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/Chart.yaml
new file mode 100755
index 0000000000..e30faf275e
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx-postgres/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Ansible AWX database
+name: awx-postgres
+version: 6.0.0
diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/NOTES.txt b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/NOTES.txt
new file mode 100755
index 0000000000..3ab092e848
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/NOTES.txt
@@ -0,0 +1,33 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/deployment.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/deployment.yaml
new file mode 100755
index 0000000000..67d13cf477
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/deployment.yaml
@@ -0,0 +1,86 @@
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ readinessProbe:
+ exec:
+ command:
+ - /bin/sh
+ - -i
+ - -c
+ - psql -h 127.0.0.1 -U $POSTGRES_USER -q -d {{ .Values.config.postgresDB }}
+ -c 'SELECT 1'
+ initialDelaySeconds: 5
+ timeoutSeconds: 1
+ env:
+ - name: POSTGRES_USER
+ value: "{{ .Values.config.postgresUser }}"
+ - name: POSTGRES_PASSWORD
+ value: "{{ .Values.config.postgresPassword }}"
+ - name: POSTGRES_DB
+ value: "{{ .Values.config.postgresDB }}"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /var/lib/postgresql/data
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ {{- if .Values.persistence.enabled }}
+ - name: {{ include "common.fullname" . }}-data
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pv.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pv.yaml
new file mode 100755
index 0000000000..bfe63abafe
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pv.yaml
@@ -0,0 +1,40 @@
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ include "common.release" . }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
+{{- end -}}
+{{- end -}}
diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pvc.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pvc.yaml
new file mode 100755
index 0000000000..e12dabf175
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pvc.yaml
@@ -0,0 +1,39 @@
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ include "common.release" . }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- end -}}
diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/service.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/service.yaml
new file mode 100755
index 0000000000..f560417425
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/service.yaml
@@ -0,0 +1,42 @@
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/values.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/values.yaml
new file mode 100755
index 0000000000..09012ead47
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx-postgres/values.yaml
@@ -0,0 +1,83 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for mariadb.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+global: # global defaults
+ nodePortPrefixExt: 304
+ persistence: {}
+
+# application image
+repository: docker.io
+image: postgres:10.4-alpine
+pullPolicy: Always
+
+# application configuration
+config:
+ postgresUser: awx
+ postgresPassword: awx
+ postgresDB: awx
+
+ingress:
+ enabled: false
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+## Persist data to a persitent volume
+persistence:
+ enabled: true
+ volumeReclaimPolicy: Retain
+
+ # Uncomment the storageClass parameter to use an existing PV
+ # that will match the following class.
+ # When uncomment the storageClass, the PV is not created anymore.
+
+ # storageClass: "nfs-dev-sc"
+
+ accessMode: ReadWriteOnce
+ size: 1Gi
+
+ # When using storage class, mountPath and mountSubPath are
+ # simply ignored.
+
+ mountPath: /dockerdata-nfs
+ mountSubPath: awx/pgdata
+
+service:
+ type: ClusterIP
+ name: awx-postgresql
+ portName: awx-postgresql
+ internalPort: 5432
+ externalPort: 5432
+
+resources: {}
diff --git a/kubernetes/contrib/components/awx/charts/awx/Chart.yaml b/kubernetes/contrib/components/awx/charts/awx/Chart.yaml
new file mode 100755
index 0000000000..00dca3f62c
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Ansible AWX application
+name: awx
+version: 6.0.0
diff --git a/kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py b/kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py
new file mode 100644
index 0000000000..39350e05d0
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py
@@ -0,0 +1,36 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+DATABASES = {
+ 'default': {
+ 'ATOMIC_REQUESTS': True,
+ 'ENGINE': 'awx.main.db.profiled_pg',
+ 'NAME': "{{ .Values.config.postgresDB }}",
+ 'USER': "{{ .Values.config.postgresUser }}",
+ 'PASSWORD': "{{ .Values.config.postgresPassword }}",
+ 'HOST': "awx-postgresql",
+ 'PORT': "5432",
+ }
+}
+BROKER_URL = 'amqp://{}:{}@{}:{}/{}'.format(
+ "{{ .Values.config.rabbitmqUser }}",
+ "{{ .Values.config.rabbitmqPassword }}",
+ "localhost",
+ "5672",
+ "{{ .Values.config.rabbitmqVhost }}")
+CHANNEL_LAYERS = {
+ 'default': {'BACKEND': 'asgi_amqp.AMQPChannelLayer',
+ 'ROUTING': 'awx.main.routing.channel_routing',
+ 'CONFIG': {'url': BROKER_URL}}
+} \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh b/kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh
new file mode 100644
index 0000000000..7c58c6bb48
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh
@@ -0,0 +1,23 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+DATABASE_USER={{ .Values.config.postgresUser }}
+DATABASE_NAME={{ .Values.config.postgresDB }}
+DATABASE_HOST=awx-postgresql
+DATABASE_PORT=5432
+DATABASE_PASSWORD={{ .Values.config.postgresPassword }}
+MEMCACHED_HOST=localhost
+RABBITMQ_HOST=localhost
+AWX_ADMIN_USER={{ .Values.config.awxAdminUser }}
+AWX_ADMIN_PASSWORD={{ .Values.config.awxAdminPassword }} \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/configmap.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/configmap.yaml
new file mode 100644
index 0000000000..9bc62b0856
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx/templates/configmap.yaml
@@ -0,0 +1,146 @@
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-init-mgnt
+ namespace: {{ include "common.namespace" . }}
+data:
+ entrypoint: |
+ #/bin/sh
+
+ awx-manage migrate --noinput
+ if [[ `echo 'from django.contrib.auth.models import User; nsu = User.objects.filter(is_superuser=True).count(); exit(0 if nsu > 0 else 1)' | awx-manage shell` > 0 ]]
+ then
+ echo 'from django.contrib.auth.models import User; User.objects.create_superuser('{{ .Values.config.awxAdminUser }}', '{{ .Values.config.awxAdminEmail }}', '{{ .Values.config.awxAdminPassword }}')' | awx-manage shell
+ awx-manage update_password --username='{{ .Values.config.awxAdminUser }}' --password='{{ .Values.config.awxAdminPassword }}'
+ fi
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-settings
+ namespace: {{ include "common.namespace" . }}
+data:
+ awx_settings: |
+ import os
+ import socket
+ ADMINS = ()
+
+ AWX_PROOT_ENABLED = True
+
+ # Automatically deprovision pods that go offline
+ AWX_AUTO_DEPROVISION_INSTANCES = True
+
+ SYSTEM_TASK_ABS_CPU = 6
+ SYSTEM_TASK_ABS_MEM = 20
+
+ INSIGHTS_URL_BASE = "https://example.org"
+
+ #Autoprovisioning should replace this
+ CLUSTER_HOST_ID = socket.gethostname()
+ SYSTEM_UUID = '00000000-0000-0000-0000-000000000000'
+
+ SESSION_COOKIE_SECURE = False
+ CSRF_COOKIE_SECURE = False
+
+ REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR']
+
+ STATIC_ROOT = '/var/lib/awx/public/static'
+ PROJECTS_ROOT = '/var/lib/awx/projects'
+ JOBOUTPUT_ROOT = '/var/lib/awx/job_status'
+ SECRET_KEY = open('/etc/tower/SECRET_KEY', 'rb').read().strip()
+ ALLOWED_HOSTS = ['*']
+ INTERNAL_API_URL = 'http://127.0.0.1:8052'
+ SERVER_EMAIL = 'root@localhost'
+ DEFAULT_FROM_EMAIL = 'webmaster@localhost'
+ EMAIL_SUBJECT_PREFIX = '[AWX] '
+ EMAIL_HOST = 'localhost'
+ EMAIL_PORT = 25
+ EMAIL_HOST_USER = ''
+ EMAIL_HOST_PASSWORD = ''
+ EMAIL_USE_TLS = False
+
+ LOGGING['handlers']['console'] = {
+ '()': 'logging.StreamHandler',
+ 'level': 'DEBUG',
+ 'formatter': 'simple',
+ }
+
+ LOGGING['loggers']['django.request']['handlers'] = ['console']
+ LOGGING['loggers']['rest_framework.request']['handlers'] = ['console']
+ LOGGING['loggers']['awx']['handlers'] = ['console']
+ LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console']
+ LOGGING['loggers']['awx.main.commands.inventory_import']['handlers'] = ['console']
+ LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console']
+ LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console']
+ LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console']
+ LOGGING['loggers']['social']['handlers'] = ['console']
+ LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console']
+ LOGGING['loggers']['rbac_migrations']['handlers'] = ['console']
+ LOGGING['loggers']['awx.isolated.manager.playbooks']['handlers'] = ['console']
+ LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'}
+ LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'}
+ LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'}
+ LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'}
+ LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'}
+ LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'}
+
+ CACHES = {
+ 'default': {
+ 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
+ 'LOCATION': '{}:{}'.format("localhost", "11211")
+ },
+ 'ephemeral': {
+ 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
+ },
+ }
+
+ USE_X_FORWARDED_PORT = True
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rabbitmq
+ namespace: {{ include "common.namespace" . }}
+data:
+ enabled_plugins: |
+ [rabbitmq_management,rabbitmq_peer_discovery_k8s].
+ rabbitmq.conf: |
+ ## Clustering
+ management.load_definitions = /etc/rabbitmq/rabbitmq_definitions.json
+ cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s
+ cluster_formation.k8s.host = kubernetes.default.svc
+ cluster_formation.k8s.address_type = ip
+ cluster_formation.node_cleanup.interval = 10
+ cluster_formation.node_cleanup.only_log_warning = false
+ cluster_partition_handling = autoheal
+ ## queue master locator
+ queue_master_locator=min-masters
+ ## enable guest user
+ loopback_users.guest = false
+ rabbitmq_definitions.json: |
+ {
+ "users":[{"name": "{{ .Values.config.rabbitmqUser }}", "password": "{{ .Values.config.rabbitmqPassword }}", "tags": ""}],
+ "permissions":[
+ {"user":"{{ .Values.config.rabbitmqUser }}","vhost":"{{ .Values.config.rabbitmqVhost }}","configure":".*","write":".*","read":".*"}
+ ],
+ "vhosts":[{"name":"{{ .Values.config.rabbitmqVhost }}"}],
+ "policies":[
+ {"vhost":"{{ .Values.config.rabbitmqVhost }}","name":"ha-all","pattern":".*","definition":{"ha-mode":"all","ha-sync-mode":"automatic"}}
+ ]
+ }
diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml
new file mode 100644
index 0000000000..4be13fbf88
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml
@@ -0,0 +1,125 @@
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: 5
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-mgnt
+ release: {{ include "common.release" . }}
+ spec:
+ serviceAccount: {{ include "common.fullname" . }}
+ serviceAccountName: {{ include "common.fullname" . }}
+ restartPolicy: Never
+ initContainers:
+ - name: {{ include "common.name" . }}-init-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - awx-postgres
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - command: ["/bin/sh","-c"]
+ args: ["/etc/tower/job-entrypoint.sh"]
+ image: "{{ .Values.repository }}/{{ .Values.image.task }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-mgnt
+ resources:
+ requests:
+ cpu: 1500m
+ memory: 2Gi
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - mountPath: /etc/tower/job-entrypoint.sh
+ name: awx-mgnt
+ readOnly: true
+ subPath: job-entrypoint.py
+ - mountPath: /etc/tower/settings.py
+ name: awx-application-config
+ readOnly: true
+ subPath: settings.py
+ - mountPath: /etc/tower/conf.d/
+ name: awx-application-credentials
+ readOnly: true
+ - mountPath: /etc/tower/SECRET_KEY
+ name: awx-secret-key
+ readOnly: true
+ subPath: SECRET_KEY
+
+ volumes:
+ - configMap:
+ defaultMode: 0777
+ items:
+ - key: entrypoint
+ path: job-entrypoint.py
+ name: {{ include "common.fullname" . }}-init-mgnt
+ name: awx-mgnt
+ - configMap:
+ defaultMode: 420
+ items:
+ - key: awx_settings
+ path: settings.py
+ name: {{ include "common.fullname" . }}-settings
+ name: awx-application-config
+ - name: awx-application-credentials
+ secret:
+ defaultMode: 420
+ items:
+ - key: credentials_py
+ path: credentials.py
+ - key: environment_sh
+ path: environment.sh
+ secretName: {{ include "common.fullname" . }}-secrets
+ - name: awx-secret-key
+ secret:
+ defaultMode: 420
+ items:
+ - key: secret_key
+ path: SECRET_KEY
+ secretName: {{ include "common.fullname" . }}-secrets
+ - configMap:
+ defaultMode: 420
+ items:
+ - key: rabbitmq.conf
+ path: rabbitmq.conf
+ - key: enabled_plugins
+ path: enabled_plugins
+ - key: rabbitmq_definitions.json
+ path: rabbitmq_definitions.json
+ name: {{ include "common.fullname" . }}-rabbitmq
+ name: rabbitmq-config
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/secret.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/secret.yaml
new file mode 100644
index 0000000000..642f779214
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx/templates/secret.yaml
@@ -0,0 +1,31 @@
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+ name: {{ include "common.fullname" . }}-secrets
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+ credentials_py: {{ tpl (.Files.Get "resources/config/credentials.py") . | b64enc }}
+ environment_sh: {{ tpl (.Files.Get "resources/config/environment.sh") . | b64enc }}
+ rabbitmq_erlang_cookie: {{ .Values.config.rabbitmqErlangCookie | b64enc | quote }}
+ secret_key: {{ .Values.config.secretKey | b64enc | quote }} \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/service.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/service.yaml
new file mode 100755
index 0000000000..10f031da82
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx/templates/service.yaml
@@ -0,0 +1,80 @@
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}-rmq-mgmt
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.rmqmgmt.type }}
+ ports:
+ - port: {{ .Values.service.rmqmgmt.externalPort }}
+ targetPort: {{ .Values.service.rmqmgmt.internalPort }}
+ name: {{ .Values.service.rmqmgmt.portName }}
+ selector:
+ app: {{ include "common.fullname" . }}
+ release: {{ include "common.release" . }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}-web
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.web.type }}
+ ports:
+ - port: {{ .Values.service.web.externalPort }}
+ targetPort: {{ .Values.service.web.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.web.nodePort }}
+ name: {{ .Values.service.web.portName }}
+ selector:
+ app: {{ include "common.fullname" . }}
+ release: {{ include "common.release" . }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}-rabbitmq
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+ type: LoadBalancer
+spec:
+ type: {{ .Values.service.rabbitmq.type }}
+ ports:
+ - port: {{ .Values.service.rabbitmq.http.externalPort }}
+ targetPort: {{ .Values.service.rabbitmq.http.internalPort }}
+ name: {{ .Values.service.rabbitmq.http.portName }}
+ - port: {{ .Values.service.rabbitmq.amqp.externalPort }}
+ targetPort: {{ .Values.service.rabbitmq.amqp.internalPort }}
+ name: {{ .Values.service.rabbitmq.amqp.portName }}
+ selector:
+ app: {{ include "common.fullname" . }}
+ release: {{ include "common.release" . }} \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/serviceaccout.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/serviceaccout.yaml
new file mode 100644
index 0000000000..0f52ce800a
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx/templates/serviceaccout.yaml
@@ -0,0 +1,47 @@
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: {{ include "common.fullname" . }}-endpoint-reader
+ namespace: {{ include "common.namespace" . }}
+rules:
+- apiGroups: ["", "extensions", "apps", "batch"]
+ resources: ["endpoints", "deployments", "pods", "replicasets/status", "jobs/status"]
+ verbs: ["get", "list"]
+---
+apiVersion: v1
+items:
+- apiVersion: rbac.authorization.k8s.io/v1
+ kind: RoleBinding
+ metadata:
+ name: {{ include "common.fullname" . }}-endpoint-reader
+ namespace: {{ include "common.namespace" . }}
+ roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: {{ include "common.fullname" . }}-endpoint-reader
+ subjects:
+ - kind: ServiceAccount
+ name: {{ include "common.fullname" . }}
+kind: List \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml
new file mode 100644
index 0000000000..988ac174ae
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml
@@ -0,0 +1,213 @@
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ podManagementPolicy: OrderedReady
+ replicas: {{ .Values.replicaCount }}
+ serviceName: {{ include "common.fullname" . }}
+ selector:
+ matchLabels:
+ app: {{ include "common.fullname" . }}
+ name: {{ include "common.name" . }}-web-deploy
+ service: django
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.fullname" . }}
+ name: {{ include "common.name" . }}-web-deploy
+ release: {{ include "common.release" . }}
+ service: django
+ spec:
+
+ initContainers:
+ - name: {{ include "common.name" . }}-init-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ include "common.name" . }}-mgnt
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+
+ containers:
+
+ - image: "{{ .Values.repository }}/{{ .Values.image.web }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-web
+ ports:
+ - containerPort: {{ .Values.service.web.internalPort }}
+ protocol: TCP
+ resources:
+ requests:
+ cpu: 500m
+ memory: 1Gi
+ volumeMounts:
+ - mountPath: /etc/tower/settings.py
+ name: awx-application-config
+ readOnly: true
+ subPath: settings.py
+ - mountPath: /etc/tower/conf.d/
+ name: awx-application-credentials
+ readOnly: true
+ - mountPath: /etc/tower/SECRET_KEY
+ name: awx-secret-key
+ readOnly: true
+ subPath: SECRET_KEY
+ - command: ["/bin/sh","-c"]
+ args: ["/usr/bin/launch_awx_task.sh"]
+ env:
+ - name: AWX_SKIP_MIGRATIONS
+ value: "1"
+
+ image: "{{ .Values.repository }}/{{ .Values.image.task }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-celery
+ resources:
+ requests:
+ cpu: 1500m
+ memory: 2Gi
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - mountPath: /etc/tower/settings.py
+ name: awx-application-config
+ readOnly: true
+ subPath: settings.py
+ - mountPath: /etc/tower/conf.d/
+ name: awx-application-credentials
+ readOnly: true
+ - mountPath: /etc/tower/SECRET_KEY
+ name: awx-secret-key
+ readOnly: true
+ subPath: SECRET_KEY
+ - env:
+ - name: MY_POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ - name: RABBITMQ_USE_LONGNAME
+ value: "true"
+ - name: RABBITMQ_NODENAME
+ value: rabbit@$(MY_POD_IP)
+ - name: RABBITMQ_ERLANG_COOKIE
+ valueFrom:
+ secretKeyRef:
+ key: rabbitmq_erlang_cookie
+ name: {{ include "common.fullname" . }}-secrets
+ - name: K8S_SERVICE_NAME
+ value: {{ include "common.servicename" . }}-rabbitmq
+
+ image: "{{ .Values.repository }}/{{ .Values.image.rabbitmq }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-rabbit
+ livenessProbe:
+ exec:
+ command:
+ - rabbitmqctl
+ - status
+ failureThreshold: 3
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ successThreshold: 1
+ timeoutSeconds: 10
+ ports:
+ - containerPort: {{ .Values.service.rabbitmq.http.internalPort }}
+ name: {{ .Values.service.rabbitmq.http.portName }}
+ protocol: TCP
+ - containerPort: {{ .Values.service.rabbitmq.amqp.internalPort }}
+ name: {{ .Values.service.rabbitmq.amqp.portName }}
+ protocol: TCP
+ readinessProbe:
+ exec:
+ command:
+ - rabbitmqctl
+ - status
+ failureThreshold: 3
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ successThreshold: 1
+ timeoutSeconds: 10
+ resources:
+ requests:
+ cpu: 500m
+ memory: 2Gi
+ volumeMounts:
+ - mountPath: /etc/rabbitmq
+ name: rabbitmq-config
+
+ - image: "{{ .Values.image.memcached }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-memcached
+ resources:
+ requests:
+ cpu: 500m
+ memory: 1Gi
+ serviceAccount: {{ include "common.fullname" . }}
+ serviceAccountName: {{ include "common.fullname" . }}
+ volumes:
+ - configMap:
+ defaultMode: 420
+ items:
+ - key: awx_settings
+ path: settings.py
+ name: {{ include "common.fullname" . }}-settings
+ name: awx-application-config
+ - name: awx-application-credentials
+ secret:
+ defaultMode: 420
+ items:
+ - key: credentials_py
+ path: credentials.py
+ - key: environment_sh
+ path: environment.sh
+ secretName: {{ include "common.fullname" . }}-secrets
+ - name: awx-secret-key
+ secret:
+ defaultMode: 420
+ items:
+ - key: secret_key
+ path: SECRET_KEY
+ secretName: {{ include "common.fullname" . }}-secrets
+ - configMap:
+ defaultMode: 420
+ items:
+ - key: rabbitmq.conf
+ path: rabbitmq.conf
+ - key: enabled_plugins
+ path: enabled_plugins
+ - key: rabbitmq_definitions.json
+ path: rabbitmq_definitions.json
+ name: {{ include "common.fullname" . }}-rabbitmq
+ name: rabbitmq-config
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/charts/awx/values.yaml b/kubernetes/contrib/components/awx/charts/awx/values.yaml
new file mode 100755
index 0000000000..fd77a12c0b
--- /dev/null
+++ b/kubernetes/contrib/components/awx/charts/awx/values.yaml
@@ -0,0 +1,111 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for mariadb.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+global: # global defaults
+ nodePortPrefixExt: 304
+ persistence: {}
+
+# application image
+repository: ansible
+image:
+ web: awx_web:9.0.1
+ task: awx_task:9.0.1
+ rabbitmq: awx_rabbitmq:3.7.4
+ memcached: memcached:1.5.20
+pullPolicy: Always
+
+# application configuration
+config:
+ postgresUser: awx
+ postgresPassword: awx
+ postgresDB: awx
+# RabbitMQ Configuration
+ rabbitmqUser: awx
+ rabbitmqPassword: awxpass
+ rabbitmqVhost: awx
+ rabbitmqErlangCookie: cookiemonster3
+# This will create or update a default admin (superuser) account in AWX, if not provided
+# then these default values are used
+ awxAdminUser: admin
+ awxAdminPassword: password
+ awxAdminEmail: cds@onap.org
+# AWX Secret key
+# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt
+# your credentials
+ secretKey: awxsecret
+
+ingress:
+ enabled: false
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ enabled: true
+
+## Persist data to a persitent volume
+persistence:
+ enabled: true
+ volumeReclaimPolicy: Retain
+
+ # Uncomment the storageClass parameter to use an existing PV
+ # that will match the following class.
+ # When uncomment the storageClass, the PV is not created anymore.
+
+ # storageClass: "nfs-dev-sc"
+
+ accessMode: ReadWriteOnce
+ size: 5Gi
+
+ # When using storage class, mountPath and mountSubPath are
+ # simply ignored.
+
+ mountPath: /dockerdata-nfs
+ mountSubPath: awx/pgdata
+
+service:
+ rmqmgmt:
+ type: ClusterIP
+ portName: rmqmgmt
+ internalPort: 15672
+ externalPort: 15672
+ web:
+ type: NodePort
+ portName: web
+ internalPort: 8052
+ externalPort: 80
+ nodePort: 78
+ rabbitmq:
+ type: ClusterIP
+ http:
+ portName: http
+ internalPort: 15672
+ externalPort: 15672
+ amqp:
+ portName: amqp
+ internalPort: 5672
+ externalPort: 5672
+
+resources: {}
diff --git a/kubernetes/contrib/components/awx/requirements.yaml b/kubernetes/contrib/components/awx/requirements.yaml
new file mode 100755
index 0000000000..a748affaac
--- /dev/null
+++ b/kubernetes/contrib/components/awx/requirements.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local' \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/values.yaml b/kubernetes/contrib/components/awx/values.yaml
new file mode 100755
index 0000000000..6c6a90e0de
--- /dev/null
+++ b/kubernetes/contrib/components/awx/values.yaml
@@ -0,0 +1,39 @@
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefixExt: 304
+ commonConfigPrefix: awx
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: hub.docker.io
+pullPolicy: Always
+
+# default number of instances
+replicaCount: 1
+nodeSelector: {}
+affinity: {}
+
+ingress:
+ enabled: false
+
+resources: {}