Merge pull request #663 from IBM/cp4ba-2024-02-08

CP4BA version and architecture updates

automation-roles/50-install-cloud-pak/cp4ba/akhq/defaults/main.yml

@@ -1,8 +1,9 @@
 akhq_action: install
-akhq_base_dir: "{{ status_dir }}/cp4ba"
+akhq_base_dir: "{{ generic_directory }}"
 akhq_dir_name: akhq
+akhq_project_name: ""
 akhq_universal_password: ""
-akhq_admin_user: ""
 akhq_storage_class_name: ""
-akhq_chart_version: 0.3.0
-akhq_cp4ba_project_name: "cp4ba"
+akhq_image: docker.io/tchiotludo/akhq:0.24.0
+akhq_admin_user: ""
+akhq_cp4ba_project_name: ""

automation-roles/50-install-cloud-pak/cp4ba/akhq/tasks/install.yml

@@ -11,14 +11,9 @@
     name: common
     tasks_from: create-project
   vars:
-    common_namespace_name: akhq
+    common_namespace_name: "{{ akhq_project_name }}"
     common_output_directory: "{{ akhq_output_directory }}"
 
-- name: Add helm-akhq chart repo
-  kubernetes.core.helm_repository:
-    name: helm-akhq
-    repo_url: "https://akhq.io/"
-
 - name: Import trusted CA from SSL certificate
   community.general.java_cert:
     cert_url: "iaf-system-kafka-bootstrap-{{ akhq_cp4ba_project_name }}.{{ apps_endpoint_domain }}"
@@ -45,42 +40,38 @@
     common_output_to_var: "apps_endpoint_domain"
   when: apps_endpoint_domain is not defined
 
-- name: Prepare yaml file for values of helm chart
+- name: Prepare yaml file for {{ item }}
   ansible.builtin.template:
-    src: values.yaml.j2
-    dest: "{{ akhq_output_directory }}/values.yaml"
+    src: "{{ item }}.yaml.j2"
+    dest: "{{ akhq_output_directory }}/{{ item }}.yaml"
     mode: u+rwx
+  with_items:
+    - configmaps
+    - secrets
+    - deployments
+    - services
 
-- name: Deploy akhq chart using values files on target
-  kubernetes.core.helm:
-    name: akhq
-    chart_ref: helm-akhq/akhq
-    chart_version: "{{ akhq_chart_version }}"
-    release_namespace: akhq
-    values_files:
-      - "{{ akhq_output_directory }}/values.yaml"
+- name: Add {{ item.name }}
+  kubernetes.core.k8s:
+    state: present
+    src: "{{ akhq_output_directory }}/{{ item.name }}.yaml"
+    wait: true
+    wait_sleep: "{{ item.wait_sleep }}"
+    wait_timeout: "{{ item.wait_timeout }}"
+  with_items:
+    - {name: configmaps, wait_sleep: 15, wait_timeout: 15}
+    - {name: secrets, wait_sleep: 15, wait_timeout: 15}
+    - {name: deployments, wait_sleep: 15, wait_timeout: 600}
+    - {name: services, wait_sleep: 15, wait_timeout: 15}
 
 - name: Crete Edge Route
   ansible.builtin.include_role:
     name: common
     tasks_from: create-edge-route
   vars:
-    common_namespace_name: akhq
-    common_route_name: akhq
+    common_namespace_name: "{{ akhq_project_name }}"
+    common_route_name: "akhq-{{ akhq_project_name }}"
     common_service_name: akhq
     common_service_port: http
     common_apps_endpoint_domain: "{{ apps_endpoint_domain }}"
     common_output_directory: "{{ akhq_output_directory }}"
-
-- name: Wait for akhq Deployment to be Available
-  ansible.builtin.include_role:
-    name: common
-    tasks_from: wait-resource-condition
-  vars:
-    common_api_version: apps/v1
-    common_resource_kind: Deployment
-    common_resource_name: akhq
-    common_resource_namespace: akhq
-    common_condition_name: Available
-    common_retries: 60
-    common_delay: 15

automation-roles/50-install-cloud-pak/cp4ba/akhq/tasks/remove.yml

@@ -1,9 +1,52 @@
-- name: Remove Project akhq
+- name: Create directory for generated files
+  ansible.builtin.file:
+    path: "{{ akhq_output_directory }}"
+    state: directory
+    mode: u+rwx
+
+- name: Mock variables
+  ansible.builtin.set_fact:
+    apps_endpoint_domain: mock
+    _jks: mock
+
+- name: Prepare yaml file for {{ item }}
+  ansible.builtin.template:
+    src: "{{ item }}.yaml.j2"
+    dest: "{{ akhq_output_directory }}/{{ item }}.yaml"
+    mode: u+rwx
+  with_items:
+    - configmaps
+    - secrets
+    - deployments
+    - services
+
+- name: Remove {{ item.name }}
   kubernetes.core.k8s:
     state: absent
-    api_version: project.openshift.io/v1
-    kind: Project
+    src: "{{ akhq_output_directory }}/{{ item.name }}.yaml"
+    wait: true
+    wait_sleep: "{{ item.wait_sleep }}"
+    wait_timeout: "{{ item.wait_timeout }}"
+  with_items:
+    - {name: services, wait_sleep: 15, wait_timeout: 15}
+    - {name: deployments, wait_sleep: 15, wait_timeout: 600}
+    - {name: secrets, wait_sleep: 15, wait_timeout: 15}
+    - {name: configmaps, wait_sleep: 15, wait_timeout: 15}
+
+- name: Remove Route
+  kubernetes.core.k8s:
+    state: absent
+    api_version: route.openshift.io/v1
+    kind: Route
+    namespace: "{{ akhq_project_name }}"
     name: akhq
     wait: true
     wait_sleep: 15
     wait_timeout: 120
+
+- name: Remove Empty Project
+  ansible.builtin.include_role:
+    name: common
+    tasks_from: remove-empty-project
+  vars:
+    common_project_name: "{{ akhq_project_name }}"

automation-roles/50-install-cloud-pak/cp4ba/akhq/templates/configmaps.yaml.j2

@@ -0,0 +1,14 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: akhq
+  namespace: "{{ akhq_project_name }}"
+  labels:
+    app: akhq
+data:
+  application.yml: |
+    akhq:
+      server:
+        access-log:
+          enabled: true
+          name: org.akhq.log.access

automation-roles/50-install-cloud-pak/cp4ba/akhq/templates/deployments.yaml.j2

@@ -0,0 +1,89 @@
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: akhq
+  namespace: "{{ akhq_project_name }}"
+  labels:
+    app: akhq
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: akhq
+  template:
+    metadata:
+      labels:
+        app: akhq
+    spec:
+      containers:
+        - name: akhq
+          image: "{{ akhq_image }}"
+          resources:
+            requests:
+              cpu: 50m
+              memory: 512Mi
+            limits:
+              cpu: 500m
+              memory: 1536Mi
+          startupProbe:
+            httpGet:
+              path: /health
+              port: management
+              scheme: HTTP
+            timeoutSeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            failureThreshold: 3
+          readinessProbe:
+            httpGet:
+              path: /health
+              port: management
+              scheme: HTTP
+            timeoutSeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            failureThreshold: 3
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: management
+              scheme: HTTP
+            timeoutSeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            failureThreshold: 3
+          env:
+            - name: MICRONAUT_ENVIRONMENTS
+              value: secrets
+            - name: MICRONAUT_CONFIG_FILES
+              value: '/app/application.yml,/app/application-secrets.yml'
+          ports:
+            - name: http
+              containerPort: 8080
+              protocol: TCP
+            - name: management
+              containerPort: 28081
+              protocol: TCP
+          volumeMounts:
+            - name: secrets
+              mountPath: /app/truststore.jks
+              subPath: truststorejks
+            - name: config
+              mountPath: /app/application.yml
+              subPath: application.yml
+            - name: secrets
+              mountPath: /app/application-secrets.yml
+              subPath: application-secrets.yml
+          terminationMessagePolicy: File
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: config
+          configMap:
+            name: akhq
+            defaultMode: 420
+        - name: secrets
+          secret:
+            secretName: akhq-secrets
+            defaultMode: 420
+

automation-roles/50-install-cloud-pak/cp4ba/akhq/templates/secrets.yaml.j2

@@ -0,0 +1,23 @@
+kind: Secret
+apiVersion: v1
+metadata:
+  name: akhq-secrets
+  namespace: "{{ akhq_project_name }}"
+  labels:
+    app: akhq
+stringData:
+  application-secrets.yml: >-
+    akhq:
+      connections:
+        iaf-kafka:
+          properties:
+            bootstrap.servers: "iaf-system-kafka-bootstrap-{{ akhq_cp4ba_project_name }}.{{ apps_endpoint_domain }}:443"
+            security.protocol: SASL_SSL
+            sasl.mechanism: SCRAM-SHA-512
+            sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username='{{ akhq_admin_user }}' password='{{ akhq_universal_password }}';
+            ssl.truststore.location: /app/truststore.jks
+            ssl.truststore.password: '{{ akhq_universal_password }}'
+data:
+  truststorejks: >-
+    {{ _jks }}
+type: Opaque

automation-roles/50-install-cloud-pak/cp4ba/akhq/templates/services.yaml.j2

@@ -0,0 +1,19 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: akhq
+  namespace: "{{ akhq_project_name }}"
+  labels:
+    app: akhq
+spec:
+  ports:
+    - name: http
+      protocol: TCP
+      port: 80
+      targetPort: http
+    - name: management
+      protocol: TCP
+      port: 28081
+      targetPort: management
+  selector:
+    app: akhq

automation-roles/50-install-cloud-pak/cp4ba/cerebro/defaults/main.yml

@@ -1,6 +1,7 @@
 cerebro_action: install
-cerebro_base_dir: "{{ status_dir }}/cp4ba"
+cerebro_base_dir: "{{ generic_directory }}"
 cerebro_dir_name: cerebro
-cerebro_image_tag: 0.9.4
+cerebro_project_name: ""
 cerebro_universal_password: ""
+cerebro_image: lmenezes/cerebro:0.9.4
 cerebro_cp4ba_project_name: ""