summaryrefslogtreecommitdiffstats
path: root/docs/container_groups/README.md
diff options
context:
space:
mode:
authorShane McDonald <me@shanemcd.com>2019-07-03 18:09:17 +0200
committerShane McDonald <me@shanemcd.com>2019-10-04 19:21:21 +0200
commitbd5003ca986a2defa53a4af39475624f3d6e72d0 (patch)
treea1c4adbbb3d16904e104195d17ea997637076426 /docs/container_groups/README.md
parentAllow associating a credential with an instance group (diff)
downloadawx-bd5003ca986a2defa53a4af39475624f3d6e72d0.tar.xz
awx-bd5003ca986a2defa53a4af39475624f3d6e72d0.zip
Task manager / scheduler Kubernetes integration
Diffstat (limited to 'docs/container_groups/README.md')
-rw-r--r--docs/container_groups/README.md72
1 files changed, 72 insertions, 0 deletions
diff --git a/docs/container_groups/README.md b/docs/container_groups/README.md
new file mode 100644
index 0000000000..a13644abb2
--- /dev/null
+++ b/docs/container_groups/README.md
@@ -0,0 +1,72 @@
+# Container Groups
+
+In a traditional AWX installation, jobs (ansible-playbook runs) are executed
+either directly on a member of the cluster or on a pre-provisioned "isolated"
+node.
+
+The concept of a Container Group (working name) allows for job environments to
+be provisioned on-demand as a Pod that exists only for the duration of the
+playbook run. This is known as the ephemeral execution model and ensures a clean
+environment for every job run.
+
+## Configuration
+
+A `ContainerGroup` is simply an `InstanceGroup` that has an associated Credential
+that allows for connecting to an OpenShift or Kubernetes cluster.
+
+To create a new type, add a new `ManagedCredentialType` to
+`awx/main/models/credential/__init__.py` where `kind='kubernetes'`.
+
+### Create Credential
+
+A `Credential` must be created where the associated `CredentialType` is one of:
+
+- `kubernetes_bearer_token`
+
+Other credential types (such as username/password) may be added in the future.
+
+### Create a Container Groupp
+
+Once this `Credential` has been associated with an `InstanceGroup`, the
+`InstanceGroup.kubernetes` property will return `True`.
+
+#### Pod Customization
+
+There will be a very simple default pod spec that lives in code.
+
+A custom YAML document may be provided. This will allow the UI to implement
+whatever fields necessary, because any custom fields (think 'image' or
+'namespace') can be "serialized" as valid `Pod` JSON or YAML. A full list of
+options can be found in the Kubernetes documentation
+[here](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.15/#pod-v1-core).
+
+```bash
+cat > api_request.json <<EOF
+{
+ "apiVersion": "v1",
+ "kind": "Pod",
+ "metadata": {
+ "namespace": "my-namespace"
+ },
+ "spec": {
+ "containers": [
+ {
+ "args": [
+ "sleep",
+ "infinity"
+ ],
+ "image": "my-custom-image",
+ "stdin": true,
+ "tty": true
+ }
+ ]
+ }
+}
+EOF
+
+curl -Lk --user 'admin:password' \
+ -X PATCH \
+ -d @api_request.json \
+ -H 'Content-Type: application/json' \
+ https://localhost:8043/api/v2/instance_groups/2/
+```