diff options
Diffstat (limited to 'playbooks/adhoc')
| -rw-r--r-- | playbooks/adhoc/s3_registry/s3_registry.j2 | 23 | ||||
| -rw-r--r-- | playbooks/adhoc/s3_registry/s3_registry.yml | 81 |
2 files changed, 0 insertions, 104 deletions
diff --git a/playbooks/adhoc/s3_registry/s3_registry.j2 b/playbooks/adhoc/s3_registry/s3_registry.j2 deleted file mode 100644 index 10454ad11..000000000 --- a/playbooks/adhoc/s3_registry/s3_registry.j2 +++ /dev/null @@ -1,23 +0,0 @@ -version: 0.1 -log: - level: debug -http: - addr: :5000 -storage: - cache: - layerinfo: inmemory - s3: - accesskey: {{ aws_access_key }} - secretkey: {{ aws_secret_key }} - region: {{ aws_bucket_region }} - bucket: {{ aws_bucket_name }} - encrypt: true - secure: true - v4auth: true - rootdirectory: /registry -auth: - openshift: - realm: openshift -middleware: - repository: - - name: openshift diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml deleted file mode 100644 index d6758dae5..000000000 --- a/playbooks/adhoc/s3_registry/s3_registry.yml +++ /dev/null @@ -1,81 +0,0 @@ ---- -# This playbook creates an S3 bucket named after your cluster and configures the docker-registry service to use the bucket as its backend storage. -# Usage: -# ansible-playbook s3_registry.yml -e clusterid="mycluster" -e aws_bucket="clusterid-docker" -e aws_region="us-east-1" -# -# The AWS access/secret keys should be the keys of a separate user (not your main user), containing only the necessary S3 access role. -# The 'clusterid' is the short name of your cluster. - -- hosts: tag_clusterid_{{ clusterid }}:&tag_host-type_openshift-master - remote_user: root - gather_facts: False - - vars: - aws_access_key: "{{ lookup('env', 'S3_ACCESS_KEY_ID') }}" - aws_secret_key: "{{ lookup('env', 'S3_SECRET_ACCESS_KEY') }}" - aws_bucket_name: "{{ aws_bucket | default(clusterid ~ '-docker') }}" - aws_bucket_region: "{{ aws_region | default(lookup('env', 'S3_REGION') | default('us-east-1', true)) }}" - aws_create_bucket: "{{ aws_create | default(True) }}" - aws_tmp_path: "{{ aws_tmp_pathfile | default('/root/config.yml')}}" - aws_delete_tmp_file: "{{ aws_delete_tmp | default(True) }}" - - tasks: - - - name: Check for AWS creds - fail: - msg: "Couldn't find {{ item }} creds in ENV" - when: "{{ item }} == ''" - with_items: - - aws_access_key - - aws_secret_key - - - name: Scale down registry - command: oc scale --replicas=0 dc/docker-registry - - - name: Create S3 bucket - when: aws_create_bucket | bool - local_action: - module: s3 bucket="{{ aws_bucket_name }}" mode=create - - - name: Set up registry environment variable - command: oc env dc/docker-registry REGISTRY_CONFIGURATION_PATH=/etc/registryconfig/config.yml - - - name: Generate docker registry config - template: src="s3_registry.j2" dest="/root/config.yml" owner=root mode=0600 - - - name: Determine if new secrets are needed - command: oc get secrets - register: secrets - - - name: Create registry secrets - command: oc secrets new dockerregistry /root/config.yml - when: "'dockerregistry' not in secrets.stdout" - - - name: Load lib_openshift modules - include_role: - name: lib_openshift - - - name: Add secrets to registry service account - oc_serviceaccount_secret: - service_account: registry - secret: dockerregistry - namespace: default - state: present - - - name: Determine if deployment config contains secrets - command: oc volume dc/docker-registry --list - register: dc - - - name: Add secrets to registry deployment config - command: oc volume dc/docker-registry --add --name=dockersecrets -m /etc/registryconfig --type=secret --secret-name=dockerregistry - when: "'dockersecrets' not in dc.stdout" - - - name: Wait for deployment config to take effect before scaling up - pause: seconds=30 - - - name: Scale up registry - command: oc scale --replicas=1 dc/docker-registry - - - name: Delete temporary config file - file: path={{ aws_tmp_path }} state=absent - when: aws_delete_tmp_file | bool |