Move setup into roles
Change-Id: I34c534ce9dc0659d8758efdfe017208d5337b01d
This commit is contained in:
parent
25ebaf3e99
commit
bd96f4b8ef
|
@ -12,6 +12,49 @@
|
|||
|
||||
ansible-playbook -i ci_inventory --skip-tags bastion-ssh-config -e skip_downloads=true cluster.yml
|
||||
kubectl create namespace openstack
|
||||
|
||||
cat <<EOF | kubectl create -f -
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: openstack-test-volume
|
||||
spec:
|
||||
capacity:
|
||||
storage: 5Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
persistentVolumeReclaimPolicy: Recycle
|
||||
storageClassName: slow
|
||||
hostPath:
|
||||
path: /tmp
|
||||
EOF
|
||||
|
||||
cat <<EOF | kubectl create -f -
|
||||
kind: Role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
namespace: openstack
|
||||
name: pod-reader
|
||||
rules:
|
||||
- apiGroups: [""] # "" indicates the core API group
|
||||
resources: ["secrets"]
|
||||
verbs: ["get", "watch", "update", "delete", "list"]
|
||||
EOF
|
||||
|
||||
cat <<EOF | kubectl create -f -
|
||||
kind: RoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: read-pods
|
||||
namespace: openstack
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: default
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: pod-reader
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
EOF
|
||||
executable: /bin/bash
|
||||
chdir: "/tmp/kubespray"
|
||||
delegate_to: "primary"
|
||||
|
|
|
@ -1,34 +1,3 @@
|
|||
{% if coe == 'kubernetes' %}
|
||||
- name: Prepare COE cluster
|
||||
hosts: localhost
|
||||
gather_facts: false
|
||||
connection: local
|
||||
|
||||
vars:
|
||||
namespace: openstack
|
||||
coe_host: "http://localhost:8080"
|
||||
|
||||
tasks:
|
||||
- name: Create test PV
|
||||
shell:
|
||||
cmd: |
|
||||
cat <<EOF | kubectl create -f -
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: openstack-test-volume
|
||||
spec:
|
||||
capacity:
|
||||
storage: 5Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
persistentVolumeReclaimPolicy: Recycle
|
||||
storageClassName: slow
|
||||
hostPath:
|
||||
path: /tmp
|
||||
EOF
|
||||
{% endif %}
|
||||
|
||||
- name: Provision {{project_name}}
|
||||
hosts: localhost
|
||||
gather_facts: false
|
||||
|
|
Loading…
Reference in New Issue