diff --git a/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/files/kafka-console-cr.yaml b/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/files/kafka-console-cr.yaml deleted file mode 100644 index 8c838fd0302..00000000000 --- a/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/files/kafka-console-cr.yaml +++ /dev/null @@ -1,14 +0,0 @@ -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: console-server -rules: - - verbs: - - get - - watch - - list - apiGroups: - - kafka.strimzi.io - resources: - - kafkas - - kafkatopics diff --git a/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/files/kafka-user.yaml b/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/files/kafka-user.yaml index 8193e9a0607..71f10da7056 100644 --- a/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/files/kafka-user.yaml +++ b/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/files/kafka-user.yaml @@ -1,7 +1,7 @@ apiVersion: kafka.strimzi.io/v1beta2 kind: KafkaUser metadata: - name: console-kafka-user1 + name: console-kafka-user labels: strimzi.io/cluster: kafka spec: diff --git a/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/tasks/install_kafka-console.yml b/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/tasks/install_kafka-console.yml index 8a865923c81..c8ac90399fa 100644 --- a/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/tasks/install_kafka-console.yml +++ b/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/tasks/install_kafka-console.yml @@ -37,17 +37,44 @@ loop_var: user # Install Console -- name: Check Kafka Console ClusterRole +- name: Evaluate Console Operator kubernetes.core.k8s: validate_certs: '{{ verify_tls }}' state: present - resource_definition: "{{ lookup('file', 'kafka-console-cr.yaml') }}" + kind: Subscription + api_version: operators.coreos.com/v1alpha1 + definition: + metadata: + name: amq-streams-console + namespace: openshift-operators + spec: + channel: alpha + installPlanApproval: Automatic + name: amq-streams-console + source: redhat-operators + sourceNamespace: openshift-marketplace -- name: Check Kafka Console Template +- name: Wait for AMQ Streams Console operator to be running + kubernetes.core.k8s_info: + validate_certs: '{{ verify_tls }}' + api_version: v1 + kind: Pod + namespace: openshift-operators + label_selectors: + - app.kubernetes.io/instance=amq-streams-console-operator-v2.8.0-13 + field_selectors: + - status.phase=Running + register: r_streams_pod + retries: 10 + delay: 10 + until: r_streams_pod.resources | list | length == 1 + +- name: Check Console cr kubernetes.core.k8s: validate_certs: '{{ verify_tls }}' state: present - resource_definition: "{{ lookup('template', 'kafka-console-template.yaml.j2') }}" + namespace: '{{ user }}-{{ globex_ns_suffix }}' + resource_definition: "{{ lookup('template', 'console.yml.j2') }}" loop: "{{ users }}" loop_control: - loop_var: user + loop_var: user \ No newline at end of file diff --git a/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/templates/console.yml.j2 b/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/templates/console.yml.j2 new file mode 100644 index 00000000000..3094d7727a3 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/templates/console.yml.j2 @@ -0,0 +1,16 @@ +apiVersion: console.streamshub.github.com/v1alpha1 +kind: Console +metadata: + name: {{ user }}-console +spec: + hostname: streams-console-{{ user }}-{{ globex_ns_suffix }}.{{ route_subdomain }} + kafkaClusters: + - name: kafka + namespace: {{ user }}-{{ globex_ns_suffix }} + listener: plain + properties: + values: [] + valuesFrom: [] + credentials: + kafkaUser: + name: console-kafka-user \ No newline at end of file diff --git a/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/templates/kafka-console-template.yaml.j2 b/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/templates/kafka-console-template.yaml.j2 deleted file mode 100644 index c6f3fa8c404..00000000000 --- a/ansible/roles_ocp_workloads/ocp4_workload_summit_2024_cloud_native_camel/templates/kafka-console-template.yaml.j2 +++ /dev/null @@ -1,122 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -metadata: - name: console-ui-secrets - namespace: '{{ user }}-{{ globex_ns_suffix }}' -type: Opaque -stringData: - SESSION_SECRET: oy2JnFoj5lz3R8Qe+45EJpMXjr5wdiXb8VnUHWk9r3E= - NEXTAUTH_SECRET: m5Mw1b7MdihzNyR6OuavBHSgOTVKSpZ0UrpuhVxR8uU= ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: console-server - namespace: '{{ user }}-{{ globex_ns_suffix }}' ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ user }}-console-server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: console-server -subjects: - - kind: ServiceAccount - name: console-server - namespace: {{ user }}-{{ globex_ns_suffix }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: console - namespace: '{{ user }}-{{ globex_ns_suffix }}' -spec: - replicas: 1 - revisionHistoryLimit: 3 - selector: - matchLabels: - app: console - template: - metadata: - labels: - app: console - spec: - serviceAccountName: console-server - volumes: - - emptyDir: {} - name: cache - containers: -### API - - name: console-api - image: quay.io/eyefloaters/console-api:0.0.32 - ports: - - containerPort: 8080 - env: - - name: KAFKA_SECURITY_PROTOCOL - value: SASL_PLAINTEXT - - name: KAFKA_SASL_MECHANISM - value: SCRAM-SHA-512 - - name: CONSOLE_KAFKA_EXAMPLE - value: {{ user }}-{{ globex_ns_suffix }}/kafka - - name: CONSOLE_KAFKA_EXAMPLE_BOOTSTRAP_SERVERS - value: kafka-kafka-bootstrap:9092 - - name: CONSOLE_KAFKA_EXAMPLE_SASL_JAAS_CONFIG - valueFrom: - secretKeyRef: - name: console-kafka-user1 - key: sasl.jaas.config -### User Interface - - name: console-ui - image: quay.io/eyefloaters/ui:0.0.31 - volumeMounts: - - mountPath: /app/.next/cache - name: cache - env: - - name: NEXTAUTH_SECRET - valueFrom: - secretKeyRef: - name: console-ui-secrets - key: NEXTAUTH_SECRET - - name: SESSION_SECRET - valueFrom: - secretKeyRef: - name: console-ui-secrets - key: SESSION_SECRET - - name: NEXTAUTH_URL - value: 'https://console-ui-route-{{ user }}-{{ globex_ns_suffix }}.{{ route_subdomain }}' - - name: BACKEND_URL - value: 'http://127.0.0.1:8080' - - name: CONSOLE_METRICS_PROMETHEUS_URL - value: 'http://prometheus-operated.{{ user }}-{{ globex_ns_suffix }}.svc.cluster.local:9090' - ports: - - containerPort: 3000 ---- -apiVersion: v1 -kind: Service -metadata: - name: console-ui - namespace: '{{ user }}-{{ globex_ns_suffix }}' -spec: - ports: - - port: 80 - targetPort: 3000 - selector: - app: console ---- -kind: Route -apiVersion: route.openshift.io/v1 -metadata: - name: console-ui-route - namespace: '{{ user }}-{{ globex_ns_suffix }}' -spec: - to: - kind: Service - name: console-ui - weight: 100 - tls: - termination: edge - insecureEdgeTerminationPolicy: Redirect - wildcardPolicy: None