Using Ansible Tower to deploy OpenShift on Azure: episode 4

Add more job templates to configure hosts & install OpenShift OKD

In the fourth episode of our blog series, we are going to add two more job templates to our Ansible Tower.

The first job template will use playbook-2.yml, which executes the following roles:

  1. osPrerequisites: installs needed packages, configures system file, starts docker
  2. osDNS: modifies /etc/hosts and adds the correct hostname to your machine

Explore the playbook on Gitlab.

 

The second job template will use playbook-3.yml and has the following roles:

  1. osStart: starts OpenShift OKD and sets the routing-suffix parameter to {{public ip}}.nip.io. We will go deeper into this matter later on in this episode
  2. osReStart: checks it will be able to restart via systemd
  3. osConigureUsers: creates the user developer with password developer and gives it clusteradmin rights
  4. osInstallPHPApplication: creates a new project, installs php 7.1 together with a php application from Devoteam’s GitLab server

Explore the playbook on Gitlab.

 

In Ansible Tower click on RESOURCES/Template.

Click on the + ADD button and choose ‘Job Template’.

NAME: OKD Azure Part 2
JOB TYPE: Run
INVENTORY: OKD
PROJECT: Azure Deployment OKD
PLAYBOOK: playbook-2.yml
CREDENTIAL: Add the machine credential clusteradmin we created in episode 2
VERBOSITY: 1 (Verbose)

Save

 

In Ansible Tower click on RESOURCES/Template.

Click on the + ADD button and choose ‘Job Template'.

NAME: OKD Azure Part 3
JOB TYPE: Run
INVENTORY: OKD
PROJECT: Azure Deployment OKD
PLAYBOOK: playbook-3.yml
CREDENTIAL: Add the machine credential clusteradmin we created in episode 2
VERBOSITY: 1 (Verbose)

Save

 

For now we only created job templates. The real power of Ansible Tower lays in the Workflow Templates. With these templates you can link different job templates together, synchronize projects and inventories on demand.

In Ansible Tower click on RESOURCES/Template.

Click on the + button and choose ‘Workflow Template'.

In the Details tab we name the template.

NAME: OKD Azure Workflow

Save

 

Because we will start our playbooks from this workflow from now on, we have to create the survey also here. We did the same in episode 3 for template OKD Azure Part 1.

EDIT SURVEY

PROMPT: Machine prefix
DESCRIPTION: This prefix will be used both on the machines deployed on Azure, as well as for the dns creation. It must be unique in the .westeurope.cloudapp.azure.com domain
ANSWER VARIABLE NAME: azure_virtualMachineName
ANSWER TYPE: Text
MINIMUM LENGTH: 5       MAXIMUM LENGTH: 50
REQUIRED: Checked

+ADD  

 

The second variable is the openSSH public matching the private key we added in episode 2. You can get it via:

PROMPT: ssh public key.  This is the key we created in episode 1
DESCRIPTION: .
ANSWER VARIABLE NAME: ssh_sshPubKey
ANSWER TYPE: Text
DEFAULT ANSWER: <paste the public key>
REQUIRED: Checked

+ADD  

 

The next variable is the Azure resource group that will be used to create the machines.

PROMPT: Azure resource group
DESCRIPTION: The resource group you created on Azure where you want the machines deployed
ANSWER VARIABLE NAME: azure_ResourceGroup
ANSWER TYPE: Text
REQUIRED: Checked

+ADD  

 

Now we only need the user and password for Azure.

PROMPT: Azure AD user
DESCRIPTION:
ANSWER VARIABLE NAME: AZURE_AD_USER
ANSWER TYPE: Text
REQUIRED: Checked

+ADD  

 

PROMPT: Azure password
DESCRIPTION:
ANSWER VARIABLE NAME: AZURE_PASSWORD
ANSWER TYPE: Password
REQUIRED: Checked

+ADD  

Save

Attention: don’t forget to save or you’ll need to enter the survey again from scratch.

 

Now you should also be able to click on the WORKFLOW VISUALIZER button.

From the start we click on + and we add a project sync block. Select the Azure Deployment ODK project and click on Select .  

Starting from this block we will add a jobs block and select the OKD Azure Part 1 job template. Select and check to run ‘Always’.

Starting from this job template block, we will add a block Inventory Sync and we select the OKD inventory. Select and check to run ‘On Success’.

From this block, we will add again a jobs block OKD Azure part 2. Select and check to run ‘On Success’.

The last block we add, will also be a jobs block OKD Azure part 3. Select and check to run ‘On Success’.

Now click Save to create this workflow. Your workflow should look like this:

This workflow consists of the following steps:

  1. A project sync to make sure we have the last version from git
  2. Running of the first playbook that creates the VM on Azure and creates the inventory hosts for our next playbooks
  3. An inventory sync for the next playbooks
  4. Running of the playbook, which runs the prerequisites for the OKD installation on the VM
  5. Running of the playbook which installs OKD and the demo application

Now we will run this workflow template and sit back and watch what happens.

RESOURCE/Template and click the ‘launch’ icon after the OKD Azure Workflow template.

During runtime, you can follow what Tower is doing at this point. If you go to the RESOURCE/Template screen, you see this layout:

If you click on the first blinking green icon you should be able to see what this first playbook does.

After the three job templates are finished, the application is ready. This can take about 30 minutes.

After running this workflow template you should be able to login to Openshift OKD. The url to use is: https://master0yourUniqueString.westeurope.cloudapp.azure.com:8443/console

yourUniqueString is the value you entered in the survey.

You can login with user ‘developer’ by using ‘developer’ as password.

This user has cluster admin rights. If you login, you should be able to see the project we made for the php demo project. The ‘devoteam php countdown project’.

When you enter this project, you will be able to open the project and see the following screen:

At the top right you see the link of the php application, for this we use the nip.io service.

NIP.IO allows you to map any IP Address in the following DNS wildcard entries:

  • 10.0.0.1.nip.io maps to 10.0.0.1
  • app.10.0.0.1.nip.io maps to 10.0.0.1
  • customer1.app.10.0.0.1.nip.io maps to 10.0.0.1
  • customer2.app.10.0.0.1.nip.io maps to 10.0.0.1
  • otherapp.10.0.0.1.nip.io maps to 10.0.0.1

So the address http://phpcountdown-php-devoteam.13.81.31.211.nip.io will redirect to 13.81.31.211. The IP in the link will be different for you.

When you click on the link you will be redirected to the demo application:

What’s next?

This blog post is part of the series ‘Using Ansible Tower to deploy OpenShift on Azure: a step-by-step guide”. In the next and final episode, we show you how to automate tasks on OpenShift via Ansible by using the command line interface.

 

Contact

Hans Neefs

Senior Consultant

Open Source and Open Network Infrastructure

Devoteam Belgium