Update for other k8s plaforms

Signed-off-by: Matthew B White <[email protected]>

roles/fabric_console/tasks/iks/create.yml

@@ -0,0 +1,59 @@
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+---
+- name: Fail if namespace not specified
+  fail:
+    msg: namespace not specified or is empty
+  when: not namespace is defined or not namespace
+
+- name: Determine if namespace exists
+  k8s_info:
+    api_version: v1
+    kind: Namespace
+    name: "{{ namespace }}"
+  register: namespace_info
+
+- name: Determine if console exists
+  k8s_info:
+    namespace: "{{ namespace }}"
+    api_version: "ibp.com/v1alpha2"
+    kind: IBPConsole
+    name: "{{ console_name }}"
+  register: existing_console
+
+# deletion of existin config maps? Other roles do this,, but AFTER the console creation has started?
+
+- name: Create console
+  k8s:
+    state: present
+    namespace: "{{ namespace }}"
+    resource_definition: "{{ lookup('template', 'templates/k8s/hlf-operations-console.yaml.j2') }}"
+    apply: yes
+  register: create_console
+
+- name: Wait for console deployment to exist
+  k8s_info:
+    namespace: "{{ namespace }}"
+    api_version: apps/v1
+    kind: Deployment
+    name: "{{ console_name }}"
+  register: console_deployment
+  until: console_deployment.resources
+  retries: "{{ wait_timeout }}"
+  delay: 1
+
+- name: Wait for console deployment to start
+  k8s:
+    state: present
+    namespace: "{{ namespace }}"
+    api_version: apps/v1
+    kind: Deployment
+    name: "{{ console_name }}"
+    wait: yes
+    wait_timeout: "{{ wait_timeout }}"
+  changed_when: False
+
+- name: Print console URL
+  debug:
+    msg: IBM Blockchain Platform console available at {{ create_console }}

roles/fabric_console/tasks/iks/delete.yml

@@ -0,0 +1,87 @@
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+---
+- name: Fail if namespace not specified
+  fail:
+    msg: namespace not specified or is empty
+  when: not namespace is defined or not namespace
+
+- name: Determine if namespace exists
+  k8s_info:
+    api_version: v1
+    kind: Namespace
+    name: "{{ namespace }}"
+  register: namespace_info
+
+- name: Determine if custom resource definitions exist
+  k8s_info:
+    api_version: apiextensions.k8s.io/v1
+    kind: CustomResourceDefinition
+    name: ibpconsoles.ibp.com
+  register: crds_info
+
+- name: Delete console
+  k8s:
+    state: absent
+    namespace: "{{ namespace }}"
+    api_version: "{{ 'ibp.com/v1alpha2' if product_version is version('2.5.0', '>=') else 'ibp.com/v1alpha1' }}"
+    kind: IBPConsole
+    name: "{{ console }}"
+  when: namespace_info.resources and crds_info.resources
+
+- name: Delete operator
+  k8s:
+    state: absent
+    namespace: "{{ namespace }}"
+    api_version: apps/v1
+    kind: Deployment
+    name: "{{ operator }}"
+    wait: yes
+    wait_timeout: "{{ wait_timeout }}"
+  when: namespace_info.resources
+
+- name: Delete image secret
+  k8s:
+    state: absent
+    namespace: "{{ namespace }}"
+    api_version: v1
+    kind: Secret
+    name: "{{ image_pull_secret }}"
+  when: namespace_info.resources
+
+- name: Delete role binding
+  k8s:
+    state: absent
+    namespace: "{{ namespace }}"
+    api_version: rbac.authorization.k8s.io/v1
+    kind: RoleBinding
+    name: "{{ role_binding }}"
+  when: namespace_info.resources
+
+- name: Delete cluster role binding
+  k8s:
+    state: absent
+    namespace: "{{ namespace }}"
+    api_version: rbac.authorization.k8s.io/v1
+    kind: ClusterRoleBinding
+    name: "{{ cluster_role_binding }}"
+  when: namespace_info.resources
+
+- name: Delete cluster role
+  k8s:
+    state: absent
+    namespace: "{{ namespace }}"
+    api_version: rbac.authorization.k8s.io/v1
+    kind: ClusterRole
+    name: "{{ cluster_role }}"
+  when: namespace_info.resources
+
+- name: Delete pod security policy
+  k8s:
+    state: absent
+    namespace: "{{ namespace }}"
+    api_version: policy/v1beta1
+    kind: PodSecurityPolicy
+    name: "{{ pod_security_policy }}"
+  when: namespace_info.resources

roles/fabric_console/tasks/main.yml

@@ -5,7 +5,7 @@
 - name: Fail if target not specified
   fail:
     msg: target not specified or is not one of "k8s" or "openshift" or "kind"
-  when: not target is defined or not target in ("k8s", "openshift","kind")
+  when: not target is defined or not target in ("iks","kind")
 
 - name: Create console
   include_tasks: "create.yml"

roles/fabric_console/templates/iks/hlf-operations-console.yaml.j2

@@ -0,0 +1,87 @@
+---
+apiVersion: ibp.com/v1beta1
+kind: IBPConsole
+metadata:
+  name: "{{ console_name }}"
+spec:
+  arch:
+    - "{{arch}}"
+  license:
+    accept: true
+  serviceAccountName: "{{ service_account }}"
+  email: "{{ console_email }}"
+  password: "{{ console_default_password }}"
+  allowDefaultPassword: true
+  imagePullSecrets:
+  - "{{ image_pull_secret }}"
+  networkinfo:
+    domain: "{{ console_domain }}"
+  images:
+    deployerImage: "{{deployer_image}}"
+    deployerTag: "{{deployer_image_label}}"
+    consoleInitImage: "{{init_image}}"
+    consoleInitTag: "{{init_image_label}}"
+    consoleImage: "{{console_image}}"
+    consoleTag: "{{console_image_label}}"
+    configtxlatorImage: "{{tools_image}}"
+    configtxlatorTag: "{{tools_image_label}}"
+    couchdbImage: "{{couchdb_image}}"
+    couchdbTag: "{{couchdb_image_label}}"
+    peerImage: ghcr.io/hyperledgendary/k8s-fabric-peer
+    peerTag: v0.6.0
+{%+ if console_versions is defined %}
+  versions:
+    {{ console_versions | to_nice_yaml(indent=2, width=1024) | indent(4, false) }}
+{% endif %}
+  networkinfo:
+    domain: "{{console_domain}}"
+  storage:
+    console:
+      class: "{{ console_storage_class }}"
+      size: "{{ console_storage_size }}"
+  usetags: true
+  version: 1.0.0
+  resources:
+    init:
+      limits:
+        cpu: 100m
+        memory: 200M
+      requests:
+        cpu: 10m
+        memory: 20M
+    configtxlator:
+      limits:
+        cpu: 25m
+        ephemeral-storage: 1G
+        memory: 50Mi
+      requests:
+        cpu: 25m
+        ephemeral-storage: 100M
+        memory: 50Mi
+    couchdb:
+      limits:
+        cpu: 500m
+        ephemeral-storage: 1Gi
+        memory: 1000Mi
+      requests:
+        cpu: 50m
+        ephemeral-storage: 100Mi
+        memory: 128Mi
+    deployer:
+      limits:
+        cpu: 100m
+        ephemeral-storage: 1G
+        memory: 200Mi
+      requests:
+        cpu: 100m
+        ephemeral-storage: 100M
+        memory: 128Mi
+    console:
+      limits:
+        cpu: 500m
+        ephemeral-storage: 1G
+        memory: 1000Mi
+      requests:
+        cpu: 50m
+        ephemeral-storage: 100M
+        memory: 128Mi

roles/fabric_console/templates/k8s/hlf-operations-console.yaml.j2

@@ -29,10 +29,10 @@ spec:
     couchdbTag: "{{couchdb_image_label}}"
     peerImage: ghcr.io/hyperledgendary/k8s-fabric-peer
     peerTag: v0.6.0
-{%+ if console_versions is defined %}
+{# {%+ if console_versions is defined %}
   versions:
     {{ console_versions | to_nice_yaml(indent=2, width=1024) | indent(4, false) }}
-{% endif %}
+{% endif %} #}
   networkinfo:
     domain: "{{console_domain}}"
   storage:

roles/fabric_operator_crds/tasks/iks/create.yml

@@ -0,0 +1,67 @@
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+---
+- name: Creating CRDs
+  k8s:
+    definition: "{{ lookup('kubernetes.core.kustomize',dir=role_path+'/templates/'+target+'/crd') }}"
+  register: resultcrds
+
+- name: Create kubernetes resources for the ingress
+  k8s:
+    definition: "{{ lookup('kubernetes.core.kustomize', dir=role_path+'/templates/'+target+'/ingress') }}"
+  register: resultingress
+
+- name: Wait for the ingress
+  command: kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=2m
+  changed_when: false
+
+# Time to deploy the operator
+# Create the namespace for the operator
+- name: Fail if namespace not specified
+  fail:
+    msg: namespace not specified or is empty
+  when: not namespace is defined or not namespace
+
+- name: Determine if namespace exists
+  k8s_info:
+    api_version: v1
+    kind: Namespace
+    name: "{{ namespace }}"
+  register: namespace_info
+
+- name: Create namespace
+  k8s:
+    state: present
+    api_version: v1
+    kind: Namespace
+    name: "{{ namespace }}"
+  when: not namespace_info.resources
+
+# Create the Role based Access Control
+- name: Create Role Based Access Control
+  k8s:
+    state: present
+    namespace: "{{ namespace }}"
+    resource_definition: "{{ lookup('template', 'templates/'+target+'/rbac/'+item) }}"
+    apply: yes
+  loop:
+    - hlf-operator-clusterrole.yaml
+    - hlf-operator-clusterrolebinding.yaml.j2
+    - hlf-operator-serviceaccount.yaml
+    - hlf-psp.yaml
+
+# create the manager
+- name: Create Operator
+  k8s:
+    state: present
+    namespace: "{{ namespace }}"
+    resource_definition: "{{ lookup('template', 'templates/'+target+'/manager/'+item) }}"
+    apply: yes
+  loop:
+    - hlf-operator-manager.yaml.j2
+
+- name: Wait for operator
+  shell: |
+    kubectl -n {{ namespace }} rollout status deploy fabric-operator
+  changed_when: false