Ansible Tower and its ‘venv’ Lifecycle on OpenShift

Process overview

As we live in the beautiful world of GitOps, therefore the best and easiest way to store our environments would be GIT (GitLab, GitHub, BitBucket, gitea or any other preferred SCM). Each time when developers update their dependencies they follow the standard PullRequest procedure. After changes merged in master branch, Git can trigger Tekton WebHook to launch a pipeline, or it can be triggered manually.

High-level Pipeline Overview

Deploying pipeline

I use OCP 4.6 with pipelines 1.2.3 and assume it’s all up and running.
Create a new project/namespace

oc new-project tower
oc adm policy add-cluster-role-to-user cluster-admin system:serviceaccount:tower:pipeline
$ oc apply -k https://github.com/mancubus77/tekton-ansible-lifecycle.git -n tower

configmap/ansible-inventory unchanged
pipeline.tekton.dev/ansible-build unchanged
task.tekton.dev/ansible-lifecycle configured
task.tekton.dev/buildah configured
Ansible builder pipeline in OpenShift UI

Running deployment

There are a few ways to trigger Tekton pipeline. WebHook — most advanced method when it will be launched Git action like (merge or commit); Pipeline UI in Openshift; Tekton CLI tool tkn (my preference)

tkn pipeline start ansible-build -w name=shared-workspace,volumeClaimTemplateFile=https://raw.githubusercontent.com/openshift/pipelines-tutorial/master/01_pipeline/03_persistent_volume_claim.yaml
Happy Path Output after Pipeline trigger
Ansible Tower version and new environments (Sure you need to apply Tower Subscription on the first login)

Upgrading version or virtual environment

As most of the parameters can be passed to Tekton as parameters on launch, we can easily re-run pipeline with a few arguments. As we agreed before, we are going to deploy a new version of Ansible Tower and keep the same virtual environments. Simply trigger new build:

tkn pipeline start ansible-build \
-p tower-image=3.8.3 \
-p ansible-installer=https://releases.ansible.com/ansible-tower/setup_openshift/ansible-tower-openshift-setup-3.8.3-1.tar.gz \
-w name=shared-workspace,volumeClaimTemplateFile=https://raw.githubusercontent.com/openshift/pipelines-tutorial/master/01_pipeline/03_persistent_volume_claim.yaml
Ansible Tower version was upgraded

Conclusion

Tekton is a very powerful tool that allows not only manage the application lifecycle but also useful for infrastructural tasks in a GitOps fashion.

Links

Tekton Source code: https://github.com/mancubus77/tekton-ansible-lifecycle
Buildah:
https://github.com/containers/buildah
Ansible Automation Platfrom: https://www.ansible.com/products/automation-platform
Ansible environments git: https://gitlab.com/skozlov1/ansible-tower-environments

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store