From dc17ef540e3f76790400809ceeee78548ab02265 Mon Sep 17 00:00:00 2001 From: Dylan Murray Date: Thu, 14 Dec 2017 16:01:12 -0500 Subject: [PATCH 1/2] [enterprise-3.7] Updated OpenShift Ansible Broker documents (cherry picked from commit 0c1280b841d3f7afe7aaa8805ab469b2ab57d14d) xref:https://github.com/openshift/openshift-docs/pull/7057 --- apb_devel/writing/getting_started.adoc | 16 ++++++++++++---- install_config/install/advanced_install.adoc | 16 ++++++++++++++++ 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/apb_devel/writing/getting_started.adoc b/apb_devel/writing/getting_started.adoc index 1ccafcb4b835..d577a2658a66 100644 --- a/apb_devel/writing/getting_started.adoc +++ b/apb_devel/writing/getting_started.adoc @@ -112,9 +112,17 @@ RUN chmod -R g=u /opt/{ansible,apb} USER apb ---- -. In the *_Dockerfile_*, you must now update `com.redhat.apb.spec` in the `LABEL` -instruction with a base64 encoded version of *_apb.yml_*. To do this, run `apb -prepare`: +. In the *_Dockerfile_*, there are two updates to make. + +.. The first is to change the `FROM` directive to use the image from the Red Hat +Container Catalog. The first line should now read: ++ +---- +FROM openshift3/apb-base +---- + +.. Next, update `com.redhat.apb.spec` in the `LABEL` instruction with a base64 +encoded version of *_apb.yml_*. To do this, run `apb prepare`: + ---- $ cd my-test-apb @@ -125,7 +133,7 @@ This updates the *_Dockerfile_* as follows: + .*_Dockerfile_* ---- -FROM ansibleplaybookbundle/apb-base +FROM openshift3/apb-base LABEL "com.redhat.apb.spec"=\ "dmVyc2lvbjogMS4wCm5hbWU6IG15LXRlc3QtYXBiCmRlc2NyaXB0aW9uOiBUaGlzIGlzIGEgc2Ft\ diff --git a/install_config/install/advanced_install.adoc b/install_config/install/advanced_install.adoc index d90ef23ed2b0..6027ab589119 100644 --- a/install_config/install/advanced_install.adoc +++ b/install_config/install/advanced_install.adoc @@ -1668,6 +1668,22 @@ endif::[] These settings create a persistent volume that is attached to the OAB's etcd instance during cluster installation. +[[configuring-oab-local-apb-devel]] +==== Configuring the OpenShift Ansible Broker for Local APB Development + +In order to do xref:../../apb_devel/index.adoc#apb-devel-intro[APB development] +with the OpenShift Container Registry in conjunction with the OAB, a whitelist +must be defined. By default, the whitelist is empty so that a user cannot add +APB images to the broker without a cluster administrator configuring the broker. + +To whitelist all images that end in `-apb`: + +. Add the following in the `[OSEv3:vars]` section: ++ +---- +ansible_service_broker_local_registry_whitelist=['.*-apb$'] +---- + [[configuring-template-service-broker]] === Configuring the Template Service Broker From 7e4890cb16719394e7463c8676e60e6183c8018c Mon Sep 17 00:00:00 2001 From: Alex Dellapenta Date: Wed, 17 Jan 2018 16:51:50 -0500 Subject: [PATCH 2/2] [enterprise-3.7] Give pv proc its own heading (cherry picked from commit 442d9a617f34be1d2b24479fb8eb1a7921dbe89a) xref:https://github.com/openshift/openshift-docs/pull/7057 --- apb_devel/writing/getting_started.adoc | 10 ++++---- install_config/install/advanced_install.adoc | 26 ++++++++++++-------- 2 files changed, 21 insertions(+), 15 deletions(-) diff --git a/apb_devel/writing/getting_started.adoc b/apb_devel/writing/getting_started.adoc index d577a2658a66..d02f974d3e69 100644 --- a/apb_devel/writing/getting_started.adoc +++ b/apb_devel/writing/getting_started.adoc @@ -112,17 +112,17 @@ RUN chmod -R g=u /opt/{ansible,apb} USER apb ---- -. In the *_Dockerfile_*, there are two updates to make. +. In the *_Dockerfile_*, there are two updates to make: -.. The first is to change the `FROM` directive to use the image from the Red Hat -Container Catalog. The first line should now read: +.. Change the `FROM` directive to use the image from the Red Hat Container Catalog. +The first line should now read: + ---- FROM openshift3/apb-base ---- -.. Next, update `com.redhat.apb.spec` in the `LABEL` instruction with a base64 -encoded version of *_apb.yml_*. To do this, run `apb prepare`: +.. Update `com.redhat.apb.spec` in the `LABEL` instruction with a base64 encoded +version of *_apb.yml_*. To do this, run `apb prepare`: + ---- $ cd my-test-apb diff --git a/install_config/install/advanced_install.adoc b/install_config/install/advanced_install.adoc index 6027ab589119..49bfe62a04cd 100644 --- a/install_config/install/advanced_install.adoc +++ b/install_config/install/advanced_install.adoc @@ -1599,7 +1599,11 @@ as well; see xref:configuring-openshift-ansible-broker[Configuring the OpenShift === Configuring the OpenShift Ansible Broker Starting with {product-title} 3.7, the -xref:../../architecture/service_catalog/ansible_service_broker.adoc#arch-ansible-service-broker[OpenShift Ansible broker] (OAB) is enabled by default. +xref:../../architecture/service_catalog/ansible_service_broker.adoc#arch-ansible-service-broker[OpenShift +Ansible broker] (OAB) is enabled by default. However, further configuration may be required for use. + +[[configuring-oab-storage]] +==== Configuring Persistent Storage for the OpenShift Ansible Broker The OAB deploys its own etcd instance separate from the etcd used by the rest of the {product-title} cluster. The OAB's etcd instance requires separate storage @@ -1607,6 +1611,10 @@ using persistent volumes (PVs) to function. If no PV is available, etcd will wait until the PV can be satisfied. The OAB application will enter a `CrashLoop` state until its etcd instance is available. +Some Ansible playbook bundles (APBs) may also require a PV for their own usage. +Two APBs are currently provided with {product-title} 3.7: MediaWiki and +PostgreSQL. Both of these require their own PV to deploy. + [NOTE] ==== The following example shows usage of an NFS host to provide the required PVs, @@ -1614,11 +1622,7 @@ but xref:../../install_config/persistent_storage/index.adoc#install-config-persistent-storage-index[other persistent storage providers] can be used instead. ==== -Some Ansible playbook bundles (APBs) may also require a PV for their own usage. -Two APBs are currently provided with {product-title} 3.7: MediaWiki and -PostgreSQL. Both of these require their own PV to deploy. - -To configure the OAB: +To configure persistent storage for the OAB: . In your inventory file, add `nfs` to the `[OSEv3:children]` section to enable the `[nfs]` group: @@ -1673,12 +1677,14 @@ instance during cluster installation. In order to do xref:../../apb_devel/index.adoc#apb-devel-intro[APB development] with the OpenShift Container Registry in conjunction with the OAB, a whitelist -must be defined. By default, the whitelist is empty so that a user cannot add -APB images to the broker without a cluster administrator configuring the broker. +of images the OAB can access must be defined. If a whitelist is not defined, the +broker will ignore APBs and users will not see any APBs available. -To whitelist all images that end in `-apb`: +By default, the whitelist is empty so that a user cannot add APB images to the +broker without a cluster administrator configuring the broker. To whitelist all +images that end in `-apb`: -. Add the following in the `[OSEv3:vars]` section: +. In your inventory file, add the following to the `[OSEv3:vars]` section: + ---- ansible_service_broker_local_registry_whitelist=['.*-apb$']