diff options
author | Shane McDonald <me@shanemcd.com> | 2019-07-03 18:09:17 +0200 |
---|---|---|
committer | Shane McDonald <me@shanemcd.com> | 2019-10-04 19:21:21 +0200 |
commit | bd5003ca986a2defa53a4af39475624f3d6e72d0 (patch) | |
tree | a1c4adbbb3d16904e104195d17ea997637076426 /docs/container_groups/README.md | |
parent | Allow associating a credential with an instance group (diff) | |
download | awx-bd5003ca986a2defa53a4af39475624f3d6e72d0.tar.xz awx-bd5003ca986a2defa53a4af39475624f3d6e72d0.zip |
Task manager / scheduler Kubernetes integration
Diffstat (limited to 'docs/container_groups/README.md')
-rw-r--r-- | docs/container_groups/README.md | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/docs/container_groups/README.md b/docs/container_groups/README.md new file mode 100644 index 0000000000..a13644abb2 --- /dev/null +++ b/docs/container_groups/README.md @@ -0,0 +1,72 @@ +# Container Groups + +In a traditional AWX installation, jobs (ansible-playbook runs) are executed +either directly on a member of the cluster or on a pre-provisioned "isolated" +node. + +The concept of a Container Group (working name) allows for job environments to +be provisioned on-demand as a Pod that exists only for the duration of the +playbook run. This is known as the ephemeral execution model and ensures a clean +environment for every job run. + +## Configuration + +A `ContainerGroup` is simply an `InstanceGroup` that has an associated Credential +that allows for connecting to an OpenShift or Kubernetes cluster. + +To create a new type, add a new `ManagedCredentialType` to +`awx/main/models/credential/__init__.py` where `kind='kubernetes'`. + +### Create Credential + +A `Credential` must be created where the associated `CredentialType` is one of: + +- `kubernetes_bearer_token` + +Other credential types (such as username/password) may be added in the future. + +### Create a Container Groupp + +Once this `Credential` has been associated with an `InstanceGroup`, the +`InstanceGroup.kubernetes` property will return `True`. + +#### Pod Customization + +There will be a very simple default pod spec that lives in code. + +A custom YAML document may be provided. This will allow the UI to implement +whatever fields necessary, because any custom fields (think 'image' or +'namespace') can be "serialized" as valid `Pod` JSON or YAML. A full list of +options can be found in the Kubernetes documentation +[here](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.15/#pod-v1-core). + +```bash +cat > api_request.json <<EOF +{ + "apiVersion": "v1", + "kind": "Pod", + "metadata": { + "namespace": "my-namespace" + }, + "spec": { + "containers": [ + { + "args": [ + "sleep", + "infinity" + ], + "image": "my-custom-image", + "stdin": true, + "tty": true + } + ] + } +} +EOF + +curl -Lk --user 'admin:password' \ + -X PATCH \ + -d @api_request.json \ + -H 'Content-Type: application/json' \ + https://localhost:8043/api/v2/instance_groups/2/ +``` |