├── .travis.yml ├── README.md ├── defaults └── main.yml ├── files ├── extract_crc_file.sh └── setup_crc.sh ├── handlers └── main.yml ├── meta └── main.yml ├── tasks ├── code-ready-info.yml ├── configure-dns-masq.yml ├── configure-ha-proxy.yml ├── configure-oc-cli.yml ├── delete-code-ready-containers.yml ├── download-install-crc.yml ├── main.yml ├── setup-crc-deployment.yml └── start-crc-deployment.yml ├── templates ├── 00-use-dnsmasq.conf ├── crc.conf.j2 ├── ext-dnsmasq.conf.j2 ├── haproxy.cfg.j2 └── pull-secret.txt.j2 ├── tests ├── inventory └── test.yml └── vars └── main.yml /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Red Hat CodeReady Containers Role w/hacks 2 | ========= 3 | 4 | Use Ansible to deploy Red Hat CodeReady Containers with HACKS 5 | 6 | CodeReady Containers brings a minimal, preconfigured OpenShift 4.1 or newer cluster to your local laptop or desktop computer for development and testing purposes. CodeReady Containers is delivered as a Red Hat Enterprise Linux virtual machine that supports native hypervisors for Linux, macOS, and Windows 10. 7 | 8 | Requirements 9 | ------------ 10 | 11 | * Ansible 12 | * Fedora or RHEL 8.x 13 | * IF using RHEL make sure it is registered 14 | * OpenShift CodeReady WorkSpaces pull secret 15 | * https://cloud.redhat.com/openshift/install/crc/installer-provisioned 16 | * Anisble post fix module 17 | * `ansible-galaxy collection install ansible.posix` 18 | 19 | **GET SHA** 20 | ``` 21 | $ curl -OL https://mirror.openshift.com/pub/openshift-v4/clients/crc/latest/sha256sum.txt 22 | $ cat sha256sum.txt | grep crc-linux-amd64.tar.xz | awk '{print $1}' 23 | ``` 24 | 25 | Inspriation 26 | -------------- 27 | [Accessing CodeReady Containers on a Remote Server](https://www.openshift.com/blog/accessing-codeready-containers-on-a-remote-server/) by Jason Dobies 28 | [Overview: running crc on a remote server](https://gist.github.com/tmckayus/8e843f90c44ac841d0673434c7de0c6a) by [Trevor McKay](https://gist.github.com/tmckayus) 29 | [Deploy Bare-Metal Clusters with CRC](https://gist.github.com/v1k0d3n/9ceec7589b5bab0b61b85c2a1e1c463c) by Brandon B. Jozsa 30 | 31 | Features 32 | -------- 33 | * CodeReady Containers Remote Server Access 34 | 35 | Role Variables 36 | -------------- 37 | 38 | Type | Description | Default Value 39 | --|---|-- 40 | crc_version | Target CRC version | latest 41 | crc_sha | SHA informaqtion of the crc-linux-amd64.tar.xz file | 179a5f41ce875859a403f79ce0fd1917701bc4c4fbc12a776e5078876dd07743 42 | crc_url | CRC download URL | https://mirror.openshift.com/pub/openshift-v4/clients/crc/ 43 | crc_file_name | CRC filename | crc-linux-amd64.tar.xz 44 | pull_secret_path | default path of pull secret | /tmp/pull-secert.txt 45 | pull_secret_content: | pull secret content | changeme 46 | use_all_in_one_haproxy | Use current machine as haproxy LB | true 47 | haproxy_ip | Set ha proxy ip if above is set to flase **NOT TESTED**| "" 48 | use_all_in_one_dnsmasq | Use current machine as dnsmasq server | true 49 | log_level | Change log level of crc start command | info 50 | crc_ip_address | Default CRC ip address| 192.168.130.11 51 | ocp4_release | OCP release folder for cli | latest 52 | ocp4_version | OCP cli version | latest 53 | ocp4_release_url | OCP release url | "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/{{ ocp4_release }}/" 54 | ocp4_client | OCP cli filename | "openshift-client-linux-{{ ocp4_version }}.tar.gz" 55 | remove_oc_tool | remove oc cli | false 56 | delete_crc_deployment | delete CodeReady Containers deployment | false 57 | forward_server | Server to manage external requests | 1.1.1.1 58 | 59 | Dependencies 60 | ------------ 61 | **Home drive should have 50 Gig or better** 62 | 63 | **On RHEL 8.x** 64 | * Register system 65 | * Follow system requirements from the code ready containers documentation 66 | 67 | **On Fedora** 68 | * Follow system requirements from the code ready containers documentation 69 | * enable and start sshd 70 | 71 | Prerequiestes 72 | ------------- 73 | Configure sudo user 74 | ``` 75 | curl -OL https://gist.githubusercontent.com/tosin2013/385054f345ff7129df6167631156fa2a/raw/b67866c8d0ec220c393ea83d2c7056f33c472e65/configure-sudo-user.sh 76 | chmod +x configure-sudo-user.sh 77 | ./configure-sudo-user.sh 78 | ``` 79 | 80 | Configure RHEL 8.x system 81 | ``` 82 | sudo su - sudouser 83 | curl -OL https://gist.githubusercontent.com/tosin2013/ae925297c1a257a1b9ac8157bcc81f31/raw/142d8dd142b031d59c14a7a7ad6f3000ad775453/configure-rhel8.x.sh 84 | chmod +x configure-rhel8.x.sh 85 | ./configure-rhel8.x.sh 86 | ``` 87 | 88 | Optional: Configure Fedora system 89 | ``` 90 | sudo su - sudouser 91 | curl -OL https://gist.githubusercontent.com/tosin2013/a2af69a0814b38ddf3d98cf8ac5fcf0d/raw/5aed9e7f4a407d8767fe449b763ab8cf11984468/configure-fedora.sh 92 | chmod +x configure-fedora.sh 93 | ./configure-fedora.sh 94 | ``` 95 | 96 | Example Playbook 97 | ---------------- 98 | To run playbook as sudo add the `-K` flag 99 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 100 | You can get pull secert [here](https://cloud.redhat.com/openshift/install/pull-secret). 101 | ``` 102 | - hosts: servers 103 | become: yes 104 | vars: 105 | crc_version: latest 106 | crc_sha: 659046b3e478ef89563babef59c1cacdefe91ed32e844bac4504dba68e4a9f88 107 | pull_secert_path: /tmp/pull-secert.txt 108 | pull_secert_content: | 109 | changeme 110 | use_all_in_one_haproxy: true 111 | haproxy_ip: "" 112 | use_all_in_one_dnsmasq: true 113 | log_level: info 114 | ocp4_release: latest 115 | ocp4_version: 4.7.16 116 | remove_oc_tool: false 117 | delete_crc_deployment: false 118 | forward_server: 1.1.1.1 119 | roles: 120 | - codeready-containers-hacks 121 | ``` 122 | 123 | Deployment Flags 124 | --------------- 125 | **Start a full deployment** 126 | ``` 127 | ansible-playbook -i inventory deploy-crc.yml --tags download_crc,extract_crc,configure_oc_cli,setup_crc,start_crc_deployment,configure_dnsmaq,configure_ha_proxy -K 128 | ``` 129 | 130 | Manual steps 131 | ------------ 132 | **Download and install CRC** 133 | ``` 134 | ansible-playbook -i inventory deploy-crc.yml --tags download_crc,extract_crc -K 135 | ``` 136 | 137 | 138 | **Configure OpenShift cli** 139 | ``` 140 | ansible-playbook -i inventory deploy-crc.yml --tags configure_oc_cli -K 141 | ``` 142 | 143 | **Setup crc and start deployment** 144 | ``` 145 | ansible-playbook -i inventory deploy-crc.yml --tags setup_crc,start_crc_deployment -K 146 | ``` 147 | 148 | **Configure dnsmasq** 149 | ``` 150 | ansible-playbook -i inventory deploy-crc.yml --tags configure_dnsmaq -K 151 | ``` 152 | 153 | **Configure HAPROXY** 154 | ``` 155 | ansible-playbook -i inventory deploy-crc.yml --tags configure_ha_proxy -K 156 | ``` 157 | 158 | **Get crc url and login info** 159 | ``` 160 | ansible-playbook -i inventory deploy-crc.yml --tags get_codeready_info 161 | ``` 162 | 163 | **Delete deployment** 164 | ``` 165 | ansible-playbook -i inventory deploy-crc.yml --extra-vars "delete_crc_deployment=true" -K 166 | ``` 167 | 168 | Post Steps 169 | --------- 170 | **Configure DNS for external access** 171 | Option 1: Add a custom zone to your dns 172 | `Example using bind or named` 173 | ``` 174 | ; 175 | ; BIND data file for local loopback interface 176 | ; 177 | $TTL 604800 178 | $ORIGIN testing. 179 | @ IN SOA ns.testing. admin.testing. ( 180 | 2 ; Serial 181 | 604800 ; Refresh 182 | 86400 ; Retry 183 | 2419200 ; Expire 184 | 604800 ) ; Negative Cache TTL 185 | ; 186 | @ IN NS testing. 187 | @ IN A 127.0.0.1 188 | @ IN AAAA ::1 189 | @ IN A 192.168.1.2 190 | ns1 IN A 192.168.1.2 191 | 192 | api.crc.testing. IN A 192.168.1.10 193 | assisted-service-assisted-installer.apps-crc.testing. IN A 192.168.1.10 194 | oauth-openshift.apps-crc.testing. IN A 192.168.1.10 195 | console-openshift-console.apps-crc.testing. IN A 192.168.1.10 196 | *.apps-crc.testing. IN A 192.168.1.10 197 | ``` 198 | 199 | Option 2: Add the following to your hosts file to access crc remotly 200 | `change 192.168.1.10 to your ip` 201 | ``` 202 | 192.168.1.10 console-openshift-console.apps-crc.testing oauth-openshift.apps-crc.testing api.crc.testing 203 | ``` 204 | 205 | **Install ODF-Nano on CRC** 206 | * [ODF-Nano](https://github.com/ksingh7/odf-nano) lets you deploy OpenShift Data Foundation on CRC 207 | 208 | Debug info 209 | ---------- 210 | * During setup the new CodeReady Containers release tasks 211 | * `tail -f /tmp/crc_setup.log` 212 | * or `tail -f tail -f ~/.crc/crc.log` 213 | * Validate configs on crc 214 | ``` 215 | $ crc config view 216 | - consent-telemetry : yes 217 | - cpus : 8 218 | - memory : 96000 219 | - nameserver : 1.1.1.1 220 | 221 | ``` 222 | 223 | To-Do 224 | ------- 225 | * develop against MacOS 226 | * test against RHEL 7 227 | * develop for windows 228 | * test using external dns and haproxy 229 | * develop against other OS's 230 | * add cpu and memory custom sizing options 231 | * delete deployment 232 | 233 | License 234 | ------- 235 | 236 | GPL-3.0 237 | 238 | Author Information 239 | ------------------ 240 | 241 | * Tosin Akinosho - [tosin2013](https://github.com/tosin2013) 242 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for codeready-containers-hack 3 | crc_version: latest 4 | crc_sha: 179a5f41ce875859a403f79ce0fd1917701bc4c4fbc12a776e5078876dd07743 5 | crc_url: https://mirror.openshift.com/pub/openshift-v4/clients/crc/ 6 | crc_file_name: crc-linux-amd64.tar.xz 7 | pull_secret_path: /tmp/pull-secert.txt 8 | pull_secret_content: | 9 | changeme 10 | use_all_in_one_haproxy: true 11 | haproxy_ip: "" 12 | use_all_in_one_dnsmasq: true 13 | log_level: info 14 | crc_ip_address: 192.168.130.11 15 | delete_crc_deployment: false 16 | forward_server: 1.1.1.1 17 | 18 | ocp4_release: latest 19 | ocp4_release_url: "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/{{ ocp4_release }}/" 20 | ocp4_client: "openshift-client-linux.tar.gz" 21 | remove_oc_tool: false 22 | 23 | # 6 vCPU 24 | cpu: 6 25 | # 12G of RAM 26 | memory: 12288 27 | -------------------------------------------------------------------------------- /files/extract_crc_file.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -xe 3 | cd /tmp/ 4 | 5 | if [ -d crc-linux-*-amd64/ ]; then 6 | rm -rf crc-linux-*-amd64/ 7 | fi 8 | 9 | 10 | CRC=$(ls | grep crc-linux) 11 | tar -xf $CRC 12 | sudo mv crc-linux-*-amd64/crc /usr/local/bin 13 | rm -rf crc-linux-*-amd64/ 14 | -------------------------------------------------------------------------------- /files/setup_crc.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -xe 3 | 4 | #export PATH=/home/admin/crc-linux-1.8.0-amd64:$PATH 5 | /usr/local/bin/crc config set consent-telemetry yes| tee -a /tmp/crc_setup.log 6 | /usr/local/bin/crc config set nameserver ${1} | tee -a /tmp/crc_setup.log 7 | /usr/local/bin/crc config set network-mode system 8 | /usr/local/bin/crc setup | tee -a /tmp/crc_setup.log -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for codeready-containers-hack -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: Tosin Akinosho 3 | description: OpenShift Solutions Architect 4 | company: Red Hat 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: GPL-3.0 18 | 19 | min_ansible_version: 2.9 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | platforms: 31 | - name: Fedora 32 | versions: 33 | - 32 34 | - 31 35 | - 30 36 | - name: EPEL 37 | versions: 38 | - 8 39 | 40 | 41 | galaxy_tags: ['codeready', 'containers','openshift'] 42 | # List tags for your role here, one per line. A tag is a keyword that describes 43 | # and categorizes the role. Users find roles by searching for tags. Be sure to 44 | # remove the '[]' above, if you add tags to this list. 45 | # 46 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 47 | # Maximum 20 tags per role. 48 | 49 | dependencies: [] 50 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 51 | # if you add dependencies to this list. 52 | -------------------------------------------------------------------------------- /tasks/code-ready-info.yml: -------------------------------------------------------------------------------- 1 | - name: Get crc url information 2 | command: /usr/local/bin/crc console --url 3 | register: crc_console_url 4 | tags: 5 | - get_codeready_info 6 | 7 | - name: Get crc url credentials 8 | command: /usr/local/bin/crc console --credentials 9 | register: crc_console_credentials 10 | tags: 11 | - get_codeready_info 12 | 13 | - debug: 14 | msg: 15 | - "Your Code Ready Console URL is {{ crc_console_url.stdout }}" 16 | - "Your Code Ready Console Credentials is below" 17 | - "{{ crc_console_credentials.stdout_lines }}" 18 | tags: 19 | - get_codeready_info -------------------------------------------------------------------------------- /tasks/configure-dns-masq.yml: -------------------------------------------------------------------------------- 1 | - name: Get current ipv4 address 2 | debug: var=ansible_default_ipv4.address 3 | tags: 4 | - configure_dnsmaq 5 | 6 | - name: Configure dnsmasq to access CodeReady Containers 7 | lineinfile: 8 | path: /etc/dnsmasq.conf 9 | regexp: '^#address=/double-click.net/127.0.0.1' 10 | line: "address=/crc.testing/{{ ansible_default_ipv4.address }}" 11 | become: true 12 | become_user: root 13 | tags: 14 | - configure_dnsmaq 15 | 16 | - name: Configure dnsmasq to access CodeReady Containers 17 | lineinfile: 18 | path: /etc/dnsmasq.conf 19 | insertafter: "address=/crc.testing/{{ ansible_default_ipv4.address }}" 20 | line: "address=/apps-crc.testing/{{ ansible_default_ipv4.address }}" 21 | become: true 22 | become_user: root 23 | tags: 24 | - configure_dnsmaq 25 | 26 | - name: Ensure listen address for current ip is configured 27 | lineinfile: 28 | path: /etc/dnsmasq.conf 29 | insertafter: "#listen-address=" 30 | line: "listen-address={{ ansible_default_ipv4.address }}" 31 | become: true 32 | become_user: root 33 | tags: 34 | - configure_dnsmaq 35 | 36 | - name: Configure forwarding IP for dns mask 37 | lineinfile: 38 | path: /etc/dnsmasq.conf 39 | insertafter: "^#server=/localnet/192.168.0.1" 40 | line: "server=/.com/{{ forward_server }}" 41 | become: true 42 | become_user: root 43 | tags: 44 | - configure_dnsmaq 45 | 46 | - name: Configure forwarding IP for dns mask 47 | lineinfile: 48 | path: /etc/dnsmasq.conf 49 | insertafter: "^#server=/localnet/192.168.0.1" 50 | line: "server=/.io/{{ forward_server }}" 51 | become: true 52 | become_user: root 53 | tags: 54 | - configure_dnsmaq 55 | 56 | - name: Ensure bind-interfaces is enabled 57 | lineinfile: 58 | path: /etc/dnsmasq.conf 59 | insertafter: "#bind-interfaces" 60 | line: "bind-interfaces" 61 | become: true 62 | become_user: root 63 | tags: 64 | - configure_dnsmaq 65 | 66 | - name: Enable DNS port for TCP 67 | firewalld: 68 | port: 53/tcp 69 | permanent: yes 70 | state: enabled 71 | become: true 72 | become_user: root 73 | tags: 74 | - configure_dnsmaq 75 | 76 | - name: Enable DNS port for UDP 77 | firewalld: 78 | port: 53/udp 79 | permanent: yes 80 | state: enabled 81 | become: true 82 | become_user: root 83 | tags: 84 | - configure_dnsmaq 85 | 86 | - name: restart firewalld service 87 | systemd: 88 | name: firewalld 89 | state: restarted 90 | enabled: yes 91 | become: true 92 | become_user: root 93 | tags: 94 | - configure_dnsmaq 95 | 96 | - name: enable and restart dnsmasq service 97 | systemd: 98 | name: dnsmasq 99 | state: restarted 100 | enabled: yes 101 | become: true 102 | become_user: root 103 | tags: 104 | - configure_dnsmaq -------------------------------------------------------------------------------- /tasks/configure-ha-proxy.yml: -------------------------------------------------------------------------------- 1 | - name: install the packages required for haproxy 2 | dnf: 3 | name: 4 | - haproxy 5 | - policycoreutils-python-utils 6 | - firewalld 7 | state: present 8 | become: true 9 | become_user: root 10 | tags: 11 | - configure_ha_proxy 12 | 13 | - name: enable and start firewalld service 14 | systemd: 15 | name: firewalld 16 | state: started 17 | enabled: yes 18 | become: true 19 | become_user: root 20 | tags: 21 | - configure_ha_proxy 22 | 23 | - name: enable port 80 tcp 24 | firewalld: 25 | port: 80/tcp 26 | permanent: yes 27 | state: enabled 28 | become: true 29 | become_user: root 30 | tags: 31 | - configure_ha_proxy 32 | 33 | - name: enable port 6443 tcp 34 | firewalld: 35 | port: 6443/tcp 36 | permanent: yes 37 | state: enabled 38 | become: true 39 | become_user: root 40 | tags: 41 | - configure_ha_proxy 42 | 43 | - name: enable port 443 tcp 44 | firewalld: 45 | port: 443/tcp 46 | permanent: yes 47 | state: enabled 48 | become: true 49 | become_user: root 50 | tags: 51 | - configure_ha_proxy 52 | 53 | - name: Add masquerade to public 54 | ansible.posix.firewalld: 55 | masquerade: yes 56 | state: enabled 57 | permanent: yes 58 | zone: public 59 | become: true 60 | become_user: root 61 | tags: 62 | - configure_ha_proxy 63 | 64 | - name: Add masquerade to libvirt 65 | ansible.posix.firewalld: 66 | masquerade: yes 67 | state: enabled 68 | permanent: yes 69 | zone: libvirt 70 | become: true 71 | become_user: root 72 | tags: 73 | - configure_ha_proxy 74 | 75 | - name: enable port 80 tcp 76 | firewalld: 77 | port: 80/tcp 78 | permanent: yes 79 | state: enabled 80 | become: true 81 | become_user: root 82 | tags: 83 | - configure_ha_proxy 84 | 85 | - name: enable port 1936 tcp 86 | firewalld: 87 | port: 1936/tcp 88 | permanent: yes 89 | state: enabled 90 | become: true 91 | become_user: root 92 | tags: 93 | - configure_ha_proxy 94 | 95 | - name: restart firewalld service 96 | systemd: 97 | name: firewalld 98 | state: restarted 99 | enabled: yes 100 | become: true 101 | become_user: root 102 | tags: 103 | - configure_ha_proxy 104 | 105 | - name: Configure semange port for http on 6443 106 | command: semanage port -a -t http_port_t -p tcp 6443 107 | become: true 108 | become_user: root 109 | ignore_errors: yes 110 | tags: 111 | - configure_ha_proxy 112 | 113 | - name: Configure semange port for http on 443 114 | command: semanage port -a -t http_port_t -p tcp 443 115 | become: true 116 | become_user: root 117 | ignore_errors: yes 118 | tags: 119 | - configure_ha_proxy 120 | 121 | - name: Configure semange port for http on 80 122 | command: semanage port -a -t http_port_t -p tcp 80 123 | become: true 124 | become_user: root 125 | ignore_errors: yes 126 | tags: 127 | - configure_ha_proxy 128 | 129 | - name: Configure semange port for http on 1936 130 | command: semanage port -a -t http_port_t -p tcp 1936 131 | become: true 132 | become_user: root 133 | ignore_errors: yes 134 | tags: 135 | - configure_ha_proxy 136 | 137 | - debug: var=ansible_default_ipv4.address 138 | tags: 139 | - configure_ha_proxy 140 | 141 | - name: "Getting current ip" 142 | set_fact: 143 | haproxy_ip: "{{ ansible_default_ipv4.address }}" 144 | tags: 145 | - configure_ha_proxy 146 | 147 | - debug: var=haproxy_ip 148 | tags: 149 | - configure_ha_proxy 150 | 151 | - name: Copying over haproxy configuration 152 | template: 153 | src: templates/haproxy.cfg.j2 154 | dest: /etc/haproxy/haproxy.cfg 155 | owner: root 156 | group: root 157 | mode: 0666 158 | become: true 159 | become_user: root 160 | tags: 161 | - configure_ha_proxy 162 | 163 | - name: enable and start haproxy service 164 | systemd: 165 | name: haproxy 166 | state: restarted 167 | enabled: yes 168 | become: true 169 | become_user: root 170 | tags: 171 | - configure_ha_proxy -------------------------------------------------------------------------------- /tasks/configure-oc-cli.yml: -------------------------------------------------------------------------------- 1 | - name: Remove openshift client cli 2 | command: rm -rf /usr/local/bin/oc 3 | when: remove_oc_tool 4 | tags: 5 | - configure_oc_cli 6 | 7 | - name: Extract ocp client into /usr/local/bin/oc 8 | unarchive: 9 | src: "{{ ocp4_release_url }}/{{ ocp4_client }}" 10 | dest: /usr/local/bin 11 | remote_src: yes 12 | become: true 13 | become_user: root 14 | tags: 15 | - configure_oc_cli 16 | 17 | - name: Remove openshift client tar file 18 | command: rm -rf "/tmp/{{ ocp4_client }}" 19 | become: true 20 | become_user: root 21 | tags: 22 | - configure_oc_cli 23 | -------------------------------------------------------------------------------- /tasks/delete-code-ready-containers.yml: -------------------------------------------------------------------------------- 1 | - name: Delete CodeReady Deployment 2 | command: "crc delete -f" 3 | ignore_errors: yes 4 | 5 | - name: get the username running the deploy 6 | become: false 7 | command: whoami 8 | register: username 9 | 10 | - debug: var=username.stdout 11 | 12 | - name: Clean crc directory 13 | file: 14 | state: absent 15 | path: "/home/{{ username.stdout }}/.crc" 16 | -------------------------------------------------------------------------------- /tasks/download-install-crc.yml: -------------------------------------------------------------------------------- 1 | - name: "Remove /tmp/{{ crc_file_name }} if exists" 2 | file: 3 | path: "/tmp/{{ crc_file_name }}" 4 | state: absent 5 | ignore_errors: yes 6 | 7 | - name: "Download Code Ready Containers {{ crc_version }}" 8 | get_url: 9 | url: "{{ crc_url }}/{{ crc_version }}/{{ crc_file_name }}" 10 | dest: "/tmp/{{ crc_file_name }}" 11 | tags: 12 | - download_crc 13 | 14 | - name: "Get {{ crc_file_name }} sha information" 15 | stat: 16 | path: "/tmp/{{ crc_file_name }}" 17 | checksum_algorithm: sha256 18 | register: crc_file_name 19 | tags: 20 | - download_crc 21 | 22 | - name: Get crc file sha 23 | debug: 24 | var: crc_file_name 25 | failed_when: crc_sha != crc_file_name.stat.checksum 26 | tags: 27 | - download_crc 28 | 29 | - name: Extract crc-linux-amd64.tar.xz into /tmp/ 30 | script: "files/extract_crc_file.sh" 31 | become: true 32 | become_user: root 33 | tags: 34 | - extract_crc 35 | 36 | - name: Check to see is crc installed 37 | command: crc -h 38 | changed_when: false 39 | failed_when: false 40 | register: crc_installed 41 | tags: 42 | - extract_crc 43 | 44 | - name: Check CodeReady Containers executable status 45 | fail: 46 | msg: "CRC appears to be missing, install failed" 47 | when: crc_installed.rc == 2 48 | tags: 49 | - extract_crc -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for codeready-containers-hack 3 | - name: Download and extract CRC 4 | include_tasks: download-install-crc.yml 5 | when: not delete_crc_deployment 6 | tags: 7 | - download_crc 8 | - extract_crc 9 | 10 | - name: Setup CRC Deployment 11 | include_tasks: setup-crc-deployment.yml 12 | when: not delete_crc_deployment 13 | tags: 14 | - setup_crc 15 | 16 | - name: Start CRC Deployment 17 | include_tasks: start-crc-deployment.yml 18 | when: not delete_crc_deployment 19 | tags: 20 | - start_crc_deployment 21 | 22 | - name: Configure OC cli 23 | include_tasks: configure-oc-cli.yml 24 | when: not delete_crc_deployment 25 | tags: 26 | - configure_oc_cli 27 | 28 | 29 | - name: Configure HAProxy for external connections 30 | include_tasks: configure-ha-proxy.yml 31 | when: 32 | - use_all_in_one_haproxy 33 | - not delete_crc_deployment 34 | tags: 35 | - configure_ha_proxy 36 | 37 | - name: Configure dnsmasq for external connections 38 | include_tasks: configure-dns-masq.yml 39 | when: 40 | - use_all_in_one_dnsmasq 41 | - not delete_crc_deployment 42 | tags: 43 | - configure_dnsmaq 44 | 45 | - name: Code Ready Container information 46 | include_tasks: code-ready-info.yml 47 | when: not delete_crc_deployment 48 | tags: 49 | - get_codeready_info 50 | 51 | - name: Delete Code ready cluster instance 52 | include_tasks: delete-code-ready-containers.yml 53 | when: delete_crc_deployment -------------------------------------------------------------------------------- /tasks/setup-crc-deployment.yml: -------------------------------------------------------------------------------- 1 | - name: install packages required for CRC 2 | dnf: 3 | name: 4 | - libvirt 5 | - libvirt-daemon-kvm 6 | - qemu-kvm 7 | - NetworkManager 8 | - dnsmasq 9 | - jq 10 | state: present 11 | become: true 12 | become_user: root 13 | tags: 14 | - setup_crc 15 | 16 | - name: Add Users to libvirt 17 | action: user name=admin groups="kvm,libvirt" append=yes 18 | become: true 19 | become_user: root 20 | tags: 21 | - setup_crc 22 | 23 | - name: enable and start libvirtd service 24 | systemd: 25 | name: libvirtd 26 | state: started 27 | enabled: yes 28 | become: true 29 | become_user: root 30 | tags: 31 | - setup_crc 32 | 33 | - name: Copying over dnsmasq configuration 34 | copy: 35 | content: | 36 | [main] 37 | dns=dnsmasq 38 | dest: /etc/NetworkManager/conf.d/crc-nm-dnsmasq.conf 39 | become: true 40 | become_user: root 41 | tags: 42 | - setup_crc 43 | 44 | - name: Copying over dnsmasq configuration for crc 45 | template: 46 | src: templates/crc.conf.j2 47 | dest: /etc/NetworkManager/dnsmasq.d/crc.conf 48 | owner: root 49 | group: root 50 | mode: 0666 51 | become: true 52 | become_user: root 53 | tags: 54 | - setup_crc 55 | 56 | - name: enable and start NetworkManager service 57 | systemd: 58 | name: NetworkManager 59 | state: restarted 60 | enabled: yes 61 | become: true 62 | become_user: root 63 | tags: 64 | - setup_crc 65 | 66 | - name: enable and start dnsmasq service 67 | systemd: 68 | name: dnsmasq 69 | state: restarted 70 | enabled: yes 71 | become: true 72 | become_user: root 73 | when: ansible_facts['distribution'] == "RedHat" 74 | tags: 75 | - setup_crc 76 | 77 | - name: Set up the new CodeReady Containers release 78 | script: "files/setup_crc.sh {{ forward_server }}" 79 | tags: 80 | - setup_crc 81 | 82 | 83 | -------------------------------------------------------------------------------- /tasks/start-crc-deployment.yml: -------------------------------------------------------------------------------- 1 | - name: Copying over pull-secert.txt 2 | template: 3 | src: templates/pull-secret.txt.j2 4 | dest: "{{ pull_secert_path }}" 5 | owner: admin 6 | group: admin 7 | mode: 0666 8 | tags: 9 | - start_crc_deployment 10 | 11 | - name: ensure libvirtd service 12 | systemd: 13 | name: libvirtd 14 | state: started 15 | enabled: yes 16 | register: libvirtd_status 17 | become: true 18 | become_user: root 19 | tags: 20 | - start_crc_deployment 21 | 22 | - debug: var=libvirtd_status.state 23 | tags: 24 | - start_crc_deployment 25 | 26 | - name: Libvirtd service failed to start 27 | fail: 28 | msg: " Libvirtd service failed to start {{ libvirtd_status.state }}" 29 | when: "'started' not in libvirtd_status.state" 30 | tags: 31 | - start_crc_deployment 32 | 33 | - name: Start CodeReady Deployment 34 | shell: | 35 | set -o pipefail 36 | crc start -c {{ cpu }} -m {{ memory }} -p {{ pull_secert_path }} --log-level {{ log_level }} | tee /tmp/install_status.log 37 | tags: 38 | - start_crc_deployment 39 | -------------------------------------------------------------------------------- /templates/00-use-dnsmasq.conf: -------------------------------------------------------------------------------- 1 | [main] 2 | dns=dnsmasq -------------------------------------------------------------------------------- /templates/crc.conf.j2: -------------------------------------------------------------------------------- 1 | server=/apps-crc.testing/192.168.130.11 2 | server=/crc.testing/192.168.130.11 3 | -------------------------------------------------------------------------------- /templates/ext-dnsmasq.conf.j2: -------------------------------------------------------------------------------- 1 | address=/crc.testing/{{ ansible_default_ipv4.address }} 2 | address=/apps-crc.testing/{{ ansible_default_ipv4.address }} -------------------------------------------------------------------------------- /templates/haproxy.cfg.j2: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------------------------- 2 | # Global settings 3 | #--------------------------------------------------------------------- 4 | global 5 | # to have these messages end up in /var/log/haproxy.log you will 6 | # need to: 7 | # 8 | # 1) configure syslog to accept network log events. This is done 9 | # by adding the '-r' option to the SYSLOGD_OPTIONS in 10 | # /etc/sysconfig/syslog 11 | # 12 | # 2) configure local2 events to go to the /var/log/haproxy.log 13 | # file. A line like the following can be added to 14 | # /etc/sysconfig/syslog 15 | # 16 | # local2.* /var/log/haproxy.log 17 | # 18 | log 127.0.0.1 local2 19 | 20 | chroot /var/lib/haproxy 21 | pidfile /var/run/haproxy.pid 22 | maxconn 4000 23 | user haproxy 24 | group haproxy 25 | daemon 26 | 27 | # turn on stats unix socket 28 | stats socket /var/lib/haproxy/stats 29 | 30 | #--------------------------------------------------------------------- 31 | # common defaults that all the 'listen' and 'backend' sections will 32 | # use if not designated in their block 33 | #--------------------------------------------------------------------- 34 | defaults 35 | mode http 36 | log global 37 | option httplog 38 | option dontlognull 39 | option http-server-close 40 | #option forwardfor except 127.0.0.0/8 41 | option redispatch 42 | retries 3 43 | timeout http-request 10s 44 | timeout queue 1m 45 | timeout connect 10s 46 | timeout client 1m 47 | timeout server 1m 48 | timeout http-keep-alive 10s 49 | timeout check 10s 50 | maxconn 3000 51 | 52 | 53 | listen stats 54 | bind {{ haproxy_ip }}:1936 55 | mode http 56 | log global 57 | 58 | maxconn 10 59 | 60 | #clitimeout 100s 61 | #srvtimeout 100s 62 | #contimeout 100s 63 | timeout queue 100s 64 | 65 | stats enable 66 | stats hide-version 67 | stats refresh 30s 68 | stats show-node 69 | stats auth admin:password 70 | stats uri /haproxy?stats 71 | 72 | #--------------------------------------------------------------------- 73 | # settings for crc endpoints 74 | #--------------------------------------------------------------------- 75 | 76 | frontend apps 77 | bind {{ haproxy_ip }}:80 78 | bind {{ haproxy_ip }}:443 79 | option tcplog 80 | mode tcp 81 | default_backend apps 82 | 83 | backend apps 84 | mode tcp 85 | balance roundrobin 86 | option ssl-hello-chk 87 | server webserver1 {{ crc_ip_address }}:443 check 88 | 89 | frontend api 90 | bind {{ haproxy_ip }}:6443 91 | option tcplog 92 | mode tcp 93 | default_backend api 94 | 95 | backend api 96 | mode tcp 97 | balance roundrobin 98 | option ssl-hello-chk 99 | server webserver1 {{ crc_ip_address }}:6443 check 100 | -------------------------------------------------------------------------------- /templates/pull-secret.txt.j2: -------------------------------------------------------------------------------- 1 | {{ pull_secert_content }} -------------------------------------------------------------------------------- /tests/inventory: -------------------------------------------------------------------------------- 1 | crc_device: 2 | hosts: 3 | 10.0.1.19: -------------------------------------------------------------------------------- /tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: crc_device 3 | remote_user: admin 4 | vars: 5 | crc_version: latest 6 | crc_sha: 659046b3e478ef89563babef59c1cacdefe91ed32e844bac4504dba68e4a9f88 7 | pull_secert_path: /tmp/pull-secert.txt 8 | pull_secert_content: | 9 | changeme 10 | use_all_in_one_haproxy: true 11 | haproxy_ip: "" 12 | use_all_in_one_dnsmasq: true 13 | log_level: info 14 | ocp4_release: latest 15 | ocp4_version: 4.7.16 16 | remove_oc_tool: false 17 | delete_crc_deployment: false 18 | forward_server: 1.1.1.1 19 | roles: 20 | - codeready-containers-hacks -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for codeready-containers-hack --------------------------------------------------------------------------------