This project is a collection of Ansible inventories for installing the Istio Operator along with it's dependencies. It also includes installing the Istio sample application BookInfo for testing purposes.
It automates the process of installation defined in the OpenShift Service Mesh Documentation.
Currently this has been tested using an OpenShift 4.1 cluster and the tech preview version of the Istio operator which is version 0.12.0.
The layout of the project is like most standard ansible-playbooks with a simplified view of the key parts shown below:
.
├── site.yml
├── requirements.yml
├── inventory
│ ├── host_vars
│ | └── ...
│ └── hostssite.ymlis a playbook that sets up some variables and drives theopenshift-applierrole.requirements.ymlis a manifest which contains the Ansible modules needed to run the playbookinventory/host_vars/*.ymlis the collection of objects we want to insert into the cluster written according to the convention defined by the openshift-applier role.inventory/hostsis where thetargetsare defined for grouping of the various inventories to be run egbootstrapfor creating projects and roles bindingsparamsis a set of parameter files to be processed along with their respective OpenShift template.
The Ansible layer is very thin; it simply provides a way to orchestrate the application of OpenShift templates across one or more OpenShift projects. All configuration for the applications should be defined by an OpenShift template and the corresponding parameters file or by file.
There are multiple Ansible inventories which divide the type of components to be built and deployed to an OpenShift cluster. These are broken down into multiple sections:
jaeger-operator- Located ininventory/host_vars/jaeger-operator.ymlcontains a collection of objects used to install the Jaeger Operator in OpenShiftkiali-operator- Located ininventory/host_vars/kiali-operator.ymlcontains a collection of objects used to install the Kiali Operator in OpenShiftistio-operator- Located ininventory/host_vars/istio-operator.ymlcontains a collection of objects used to install the Istio Operator in OpenShiftcontrol-plane- Located ininventory/host_vars/control-plane.ymlcreates the namespace and configuration for the Istio Operator to manage in OpenShiftsample-app- Located ininventory/host_vars/sample-app.ymlcreates the objects for the BookInfo application and the VirtualService in OpenShift
- Ansible 2.5 or above.
- OpenShift CLI Tools
- Access to the OpenShift cluster (Your user needs permissions to deploy ProjectRequest objects)
- libselinux-python (only needed on Fedora, RHEL, and CentOS)
- Install by running
yum install libselinux-python.
- Install by running
It should be noted that non-docker executions will utilize the inventory directory included in this repo by default. If you would like to specify a custom inventory for any of the below tasks, you can do so by adding -i /path/to/my/inventory to the command
- Log on to an OpenShift server
oc login -u <user> https://<server>:<port>/ - Clone this repository.
- Install the required openshift-applier dependency:
ansible-galaxy install -r requirements.yml --roles-path=roles- Deploy the Jaeger Operator
ansible-playbook site.yml -l jaeger-operator- Deploy the Kiali Operator
ansible-playbook site.yml -l kiali-operator- Deploy the Istio Operator
# Verify that both the Jaeger and Kiali Operators
# are running before Installing the Istio Operator
ansible-playbook site.yml -l istio-operator- Deploy the Service Mesh Control Plane
# Verify that the Istio Operator and the Admission
# Service is running before installing the Control
# Plane
ansible-playbook site.yml -l control-plane- Deploy the BookInfo Sample Application
# Install the sample application once all pods in the
# istio-system namespace are running
ansible-playbook site.yml -l sample-appDetermine the URL for the ingress gateway.
export GATEWAY_URL=$(oc get route -n istio-system istio-ingressgateway -o jsonpath='{.spec.host}')Call the product page using the gateway from above.
curl -o -s -w "%{http_code}\n" http://$GATEWAY_URL/productpageA 200 HTTP Code should be returned from the CURL command.