cee82d91b6
- Use quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_jammy image by default in Nagios and Registy - Update docker client image in registry. The registry bootstrap script fails with the old image - Update monitoring deployment scripts so they use nginx-osh-infra ingress class - Update deploy-env role so it deploys the ingress-nginx with the allowSnippetAnnotations=true and creates Metallb endpoint for the osh-infra ingress instance. Change-Id: I26150c3d012cac0988e4281e322b6768f0b76224 Signed-off-by: Vladimir Kozhukalov <kozhukalov@gmail.com>
113 lines
3.0 KiB
YAML
113 lines
3.0 KiB
YAML
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
---
|
|
- name: Create openstack ingress service
|
|
become: false
|
|
shell: |
|
|
tee > /tmp/openstack_endpoint_service.yaml <<EOF
|
|
---
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
labels:
|
|
kubernetes.io/metadata.name: openstack
|
|
name: openstack
|
|
name: openstack
|
|
---
|
|
kind: Service
|
|
apiVersion: v1
|
|
metadata:
|
|
name: public-openstack
|
|
namespace: openstack
|
|
annotations:
|
|
metallb.universe.tf/loadBalancerIPs: "{{ metallb_openstack_endpoint_cidr | ipaddr('address') }}"
|
|
spec:
|
|
externalTrafficPolicy: Cluster
|
|
type: LoadBalancer
|
|
selector:
|
|
app: ingress-api
|
|
ports:
|
|
- name: http
|
|
port: 80
|
|
- name: https
|
|
port: 443
|
|
EOF
|
|
kubectl apply -f /tmp/openstack_endpoint_service.yaml
|
|
|
|
- name: Create openstack ingress service
|
|
when: ingress_osh_infra_setup
|
|
become: false
|
|
shell: |
|
|
tee > /tmp/osh_infra_endpoint_service.yaml <<EOF
|
|
---
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
labels:
|
|
kubernetes.io/metadata.name: osh-infra
|
|
name: osh-infra
|
|
name: osh-infra
|
|
---
|
|
kind: Service
|
|
apiVersion: v1
|
|
metadata:
|
|
name: public-osh-infra
|
|
namespace: osh-infra
|
|
annotations:
|
|
metallb.universe.tf/loadBalancerIPs: "{{ metallb_osh_infra_endpoint_cidr | ipaddr('address') }}"
|
|
spec:
|
|
externalTrafficPolicy: Cluster
|
|
type: LoadBalancer
|
|
selector:
|
|
app: ingress-api
|
|
ports:
|
|
- name: http
|
|
port: 80
|
|
- name: https
|
|
port: 443
|
|
EOF
|
|
kubectl apply -f /tmp/osh_infra_endpoint_service.yaml
|
|
|
|
- name: Set dnsmasq listen ip
|
|
set_fact:
|
|
nameserver_ip: "{{ (groups['primary'] | map('extract', hostvars, ['ansible_default_ipv4', 'address']))[0] }}"
|
|
|
|
- name: Start dnsmasq
|
|
docker_container:
|
|
name: endpoint_dnsmasq
|
|
image: "{{ dnsmasq_image }}"
|
|
network_mode: host
|
|
capabilities:
|
|
- NET_ADMIN
|
|
entrypoint: dnsmasq
|
|
command: |
|
|
--keep-in-foreground
|
|
--no-hosts
|
|
--bind-interfaces
|
|
--address="/openstack.svc.cluster.local/{{ metallb_openstack_endpoint_cidr | ipaddr('address') }}"
|
|
--address="/osh-infra.svc.cluster.local/{{ metallb_osh_infra_endpoint_cidr | ipaddr('address') }}"
|
|
--listen-address="{{ nameserver_ip }}"
|
|
--no-resolv
|
|
--server=8.8.8.8
|
|
state: started
|
|
recreate: yes
|
|
|
|
- name: Configure /etc/resolv.conf
|
|
template:
|
|
src: files/resolv.conf
|
|
dest: /etc/resolv.conf
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
...
|