Install web console server

16 files changed, 250 insertions, 0 deletions

diff --git a/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py b/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py
index 83ca83350..da7e7b1da 100644
--- a/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py
+++ b/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py
@@ -31,6 +31,7 @@ class CallbackModule(CallbackBase):
             'installer_phase_node',
             'installer_phase_glusterfs',
             'installer_phase_hosted',
+            'installer_phase_web_console',
             'installer_phase_metrics',
             'installer_phase_logging',
             'installer_phase_prometheus',
@@ -80,6 +81,10 @@ class CallbackModule(CallbackBase):
                 'title': 'Hosted Install',
                 'playbook': 'playbooks/openshift-hosted/config.yml'
             },
+            'installer_phase_web_console': {
+                'title': 'Web Console Install',
+                'playbook': 'playbooks/openshift-web-console/config.yml'
+            },
             'installer_phase_metrics': {
                 'title': 'Metrics Install',
                 'playbook': 'playbooks/openshift-metrics/config.yml'
diff --git a/roles/openshift_logging/tasks/delete_logging.yaml b/roles/openshift_logging/tasks/delete_logging.yaml
index 51d6d0efd..a4a4645fa 100644
--- a/roles/openshift_logging/tasks/delete_logging.yaml
+++ b/roles/openshift_logging/tasks/delete_logging.yaml
@@ -130,3 +130,14 @@
     name: openshift_logging_eventrouter
   when:
     not openshift_logging_install_eventrouter | default(false) | bool
+
+# Update asset config in openshift-web-console namespace
+- name: Remove Kibana route information from web console asset config
+  include_role:
+    name: openshift_web_console
+    tasks_from: update_asset_config.yml
+  vars:
+    asset_config_edits:
+      - key: loggingPublicURL
+        value: ""
+  when: openshift_web_console_install | default(true) | bool
diff --git a/roles/openshift_logging/tasks/install_logging.yaml b/roles/openshift_logging/tasks/install_logging.yaml
index 11f59652c..b31fde7ae 100644
--- a/roles/openshift_logging/tasks/install_logging.yaml
+++ b/roles/openshift_logging/tasks/install_logging.yaml
@@ -311,4 +311,16 @@
     openshift_logging_install_eventrouter | default(false) | bool
 
 
+# TODO: Remove when asset config is removed from master-config.yaml
 - include_tasks: update_master_config.yaml
+
+# Update asset config in openshift-web-console namespace
+- name: Add Kibana route information to web console asset config
+  include_role:
+    name: openshift_web_console
+    tasks_from: update_asset_config.yml
+  vars:
+    asset_config_edits:
+    - key: loggingPublicURL
+      value: "https://{{ openshift_logging_kibana_hostname }}"
+  when: openshift_web_console_install | default(true) | bool
diff --git a/roles/openshift_logging/tasks/update_master_config.yaml b/roles/openshift_logging/tasks/update_master_config.yaml
index b96b8e29d..c0f42ba97 100644
--- a/roles/openshift_logging/tasks/update_master_config.yaml
+++ b/roles/openshift_logging/tasks/update_master_config.yaml
@@ -1,4 +1,5 @@
 ---
+# TODO: Remove when asset config is removed from master-config.yaml
 - name: Adding Kibana route information to loggingPublicURL
   modify_yaml:
     dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
diff --git a/roles/openshift_metrics/tasks/install_metrics.yaml b/roles/openshift_metrics/tasks/install_metrics.yaml
index 106909941..0866fe0d2 100644
--- a/roles/openshift_metrics/tasks/install_metrics.yaml
+++ b/roles/openshift_metrics/tasks/install_metrics.yaml
@@ -67,8 +67,20 @@
   with_items: "{{ hawkular_agent_object_defs.results }}"
   when: openshift_metrics_install_hawkular_agent | bool
 
+# TODO: Remove when asset config is removed from master-config.yaml
 - include_tasks: update_master_config.yaml
 
+# Update asset config in openshift-web-console namespace
+- name: Add metrics route information to web console asset config
+  include_role:
+    name: openshift_web_console
+    tasks_from: update_asset_config.yml
+  vars:
+    asset_config_edits:
+      - key: metricsPublicURL
+        value: "https://{{ openshift_metrics_hawkular_hostname}}/hawkular/metrics"
+  when: openshift_web_console_install | default(true) | bool
+
 - command: >
     {{openshift_client_binary}}
     --config={{mktemp.stdout}}/admin.kubeconfig
diff --git a/roles/openshift_metrics/tasks/uninstall_metrics.yaml b/roles/openshift_metrics/tasks/uninstall_metrics.yaml
index 0ab0eec4b..610c7b4e5 100644
--- a/roles/openshift_metrics/tasks/uninstall_metrics.yaml
+++ b/roles/openshift_metrics/tasks/uninstall_metrics.yaml
@@ -18,3 +18,14 @@
     clusterrolebinding/heapster-cluster-reader
     clusterrolebinding/hawkular-metrics
   changed_when: delete_metrics.stdout != 'No resources found'
+
+# Update asset config in openshift-web-console namespace
+- name: Remove metrics route information from web console asset config
+  include_role:
+    name: openshift_web_console
+    tasks_from: update_asset_config.yml
+  vars:
+    asset_config_edits:
+      - key: metricsPublicURL
+        value: ""
+  when: openshift_web_console_install | default(true) | bool
diff --git a/roles/openshift_metrics/tasks/update_master_config.yaml b/roles/openshift_metrics/tasks/update_master_config.yaml
index 5059d8d94..6567fcb4f 100644
--- a/roles/openshift_metrics/tasks/update_master_config.yaml
+++ b/roles/openshift_metrics/tasks/update_master_config.yaml
@@ -1,4 +1,5 @@
 ---
+# TODO: Remove when asset config is removed from master-config.yaml
 - name: Adding metrics route information to metricsPublicURL
   modify_yaml:
     dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
diff --git a/roles/openshift_web_console/defaults/main.yml b/roles/openshift_web_console/defaults/main.yml
new file mode 100644
index 000000000..4f395398c
--- /dev/null
+++ b/roles/openshift_web_console/defaults/main.yml
@@ -0,0 +1,3 @@
+---
+# TODO: This is temporary and will be updated to use taints and tolerations so that the console runs on the masters
+openshift_web_console_nodeselector: {"region":"infra"}
diff --git a/roles/openshift_web_console/meta/main.yaml b/roles/openshift_web_console/meta/main.yaml
new file mode 100644
index 000000000..033c1e3a3
--- /dev/null
+++ b/roles/openshift_web_console/meta/main.yaml
@@ -0,0 +1,19 @@
+---
+galaxy_info:
+  author: OpenShift Development <dev@lists.openshift.redhat.com>
+  description: Deploy OpenShift web console
+  company: Red Hat, Inc.
+  license: Apache License, Version 2.0
+  min_ansible_version: 2.4
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  - name: Fedora
+    versions:
+    - all
+  categories:
+  - openshift
+dependencies:
+- role: lib_openshift
+- role: openshift_facts
diff --git a/roles/openshift_web_console/tasks/install.yml b/roles/openshift_web_console/tasks/install.yml
new file mode 100644
index 000000000..8120c13e3
--- /dev/null
+++ b/roles/openshift_web_console/tasks/install.yml
@@ -0,0 +1,79 @@
+---
+# Fact setting
+- name: Set default image variables based on deployment type
+  include_vars: "{{ item }}"
+  with_first_found:
+    - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+    - "default_images.yml"
+
+- name: Set openshift_web_console facts
+  set_fact:
+    openshift_web_console_prefix: "{{ openshift_web_console_prefix | default(__openshift_web_console_prefix) }}"
+    openshift_web_console_version: "{{ openshift_web_console_version | default(__openshift_web_console_version) }}"
+    openshift_web_console_image_name: "{{ openshift_web_console_image_name | default(__openshift_web_console_image_name) }}"
+    # Default the replica count to the number of masters.
+    openshift_web_console_replica_count: "{{ openshift_web_console_replica_count | default(groups.oo_masters_to_config | length) }}"
+
+- name: Ensure openshift-web-console project exists
+  oc_project:
+    name: openshift-web-console
+    state: present
+
+- name: Make temp directory for asset config files
+  command: mktemp -d /tmp/console-ansible-XXXXXX
+  register: mktemp
+  changed_when: False
+  become: no
+
+- name: Copy asset config template to temp directory
+  copy:
+    src: "{{ __console_files_location }}/{{ item }}"
+    dest: "{{ mktemp.stdout }}/{{ item }}"
+  with_items:
+    - "{{ __console_template_file }}"
+    - "{{ __console_config_file }}"
+
+- name: Update asset config properties
+  yedit:
+    src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
+    edits:
+      - key: logoutURL
+        value: "{{ openshift.master.logout_url | default('') }}"
+      - key: publicURL
+        # Must have a trailing slash
+        value: "{{ openshift.master.public_console_url }}/"
+      - key: masterPublicURL
+        value: "{{ openshift.master.public_api_url }}"
+
+- slurp:
+    src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
+  register: config
+
+- name: Apply template file
+  shell: >
+    {{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __console_template_file }}"
+    --param API_SERVER_CONFIG="{{ config['content'] | b64decode }}"
+    --param IMAGE="{{ openshift_web_console_prefix }}{{ openshift_web_console_image_name }}:{{ openshift_web_console_version }}"
+    --param NODE_SELECTOR={{ openshift_web_console_nodeselector | to_json | quote }}
+    --param REPLICA_COUNT="{{ openshift_web_console_replica_count }}"
+    | {{ openshift_client_binary }} apply -f -
+
+- name: Verify that the web console is running
+  command: >
+    curl -k https://webconsole.openshift-web-console.svc/healthz
+  args:
+    # Disables the following warning:
+    # Consider using get_url or uri module rather than running curl
+    warn: no
+  register: console_health
+  until: console_health.stdout == 'ok'
+  retries: 120
+  delay: 1
+  changed_when: false
+
+- name: Remove temp directory
+  file:
+    state: absent
+    name: "{{ mktemp.stdout }}"
+  changed_when: False
+  become: no
diff --git a/roles/openshift_web_console/tasks/main.yml b/roles/openshift_web_console/tasks/main.yml
new file mode 100644
index 000000000..937bebf25
--- /dev/null
+++ b/roles/openshift_web_console/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+# do any asserts here
+
+- include_tasks: install.yml
+  when: openshift_web_console_install | default(true) | bool
+
+- include_tasks: remove.yml
+  when: not openshift_web_console_install | default(true) | bool
diff --git a/roles/openshift_web_console/tasks/remove.yml b/roles/openshift_web_console/tasks/remove.yml
new file mode 100644
index 000000000..f0712a993
--- /dev/null
+++ b/roles/openshift_web_console/tasks/remove.yml
@@ -0,0 +1,5 @@
+---
+- name: Remove openshift-web-console project
+  oc_project:
+    name: openshift-web-console
+    state: absent
diff --git a/roles/openshift_web_console/tasks/update_asset_config.yml b/roles/openshift_web_console/tasks/update_asset_config.yml
new file mode 100644
index 000000000..36e37e35d
--- /dev/null
+++ b/roles/openshift_web_console/tasks/update_asset_config.yml
@@ -0,0 +1,70 @@
+---
+# This task updates asset config values in the webconsole-config config map in
+# the openshift-web-console namespace. The values to set are pased in the
+# variable `asset_config_edits`, which is an array of objects with `key` and
+# `value` properties in the same format as `yedit` module `edits`. Only
+# properties passed are updated.
+#
+# Note that this triggers a redeployment on the console and a brief downtime
+# since it uses a `Recreate` strategy.
+#
+# Example usage:
+#
+# - include_role:
+#     name: openshift_web_console
+#     tasks_from: update_asset_config.yml
+#   vars:
+#     asset_config_edits:
+#       - key: loggingPublicURL
+#         value: "https://{{ openshift_logging_kibana_hostname }}"
+#   when: openshift_web_console_install | default(true) | bool
+
+- name: Read web console config map
+  oc_configmap:
+    namespace: openshift-web-console
+    name: webconsole-config
+    state: list
+  register: webconsole_config
+
+- name: Make temp directory
+  command: mktemp -d /tmp/console-ansible-XXXXXX
+  register: mktemp
+  changed_when: False
+  become: no
+
+- name: Copy asset config to temp file
+  copy:
+    content: "{{webconsole_config.results.results[0].data['webconsole-config.yaml']}}"
+    dest: "{{ mktemp.stdout }}/webconsole-config.yaml"
+
+- name: Change asset config properties
+  yedit:
+    src: "{{ mktemp.stdout }}/webconsole-config.yaml"
+    edits: "{{asset_config_edits}}"
+
+- name: Update web console config map
+  oc_configmap:
+    namespace: openshift-web-console
+    name: webconsole-config
+    state: present
+    from_file:
+      webconsole-config.yaml: "{{ mktemp.stdout }}/webconsole-config.yaml"
+
+- name: Remove temp directory
+  file:
+    state: absent
+    name: "{{ mktemp.stdout }}"
+  changed_when: False
+  become: no
+
+# There's currently no command to trigger a rollout for a k8s deployment
+# without changing the pod spec. Add an annotation to force a rollout after
+# the config map has been edited.
+- name: Rollout updated web console deployment
+  oc_edit:
+    kind: deployments
+    name: webconsole
+    namespace: openshift-web-console
+    separator: '#'
+    content:
+      spec#template#metadata#annotations#installer-triggered-rollout: "{{ ansible_date_time.iso8601_micro }}"
diff --git a/roles/openshift_web_console/vars/default_images.yml b/roles/openshift_web_console/vars/default_images.yml
new file mode 100644
index 000000000..7adb8a0d0
--- /dev/null
+++ b/roles/openshift_web_console/vars/default_images.yml
@@ -0,0 +1,4 @@
+---
+__openshift_web_console_prefix: "docker.io/openshift/"
+__openshift_web_console_version: "latest"
+__openshift_web_console_image_name: "origin-web-console"
diff --git a/roles/openshift_web_console/vars/main.yml b/roles/openshift_web_console/vars/main.yml
new file mode 100644
index 000000000..80bc56a17
--- /dev/null
+++ b/roles/openshift_web_console/vars/main.yml
@@ -0,0 +1,5 @@
+---
+__console_files_location: "../../../files/origin-components/"
+
+__console_template_file: "console-template.yaml"
+__console_config_file: "console-config.yaml"
diff --git a/roles/openshift_web_console/vars/openshift-enterprise.yml b/roles/openshift_web_console/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..721ac1d27
--- /dev/null
+++ b/roles/openshift_web_console/vars/openshift-enterprise.yml
@@ -0,0 +1,4 @@
+---
+__openshift_web_console_prefix: "registry.access.redhat.com/openshift3/"
+__openshift_web_console_version: "v3.9"
+__openshift_web_console_image_name: "ose-web-console"