This project is a collection of Ansible inventories for installing the Istio Operator along with it's dependencies. It also includes installing the Istio sample application BookInfo for testing purposes.
It automates the process of installation defined in the OpenShift Service Mesh Documentation.
Currently this has been tested using an OpenShift 4.1 cluster and the tech preview version of the Istio operator which is version 0.12.0.
The layout of the project is like most standard ansible-playbooks
with a simplified view of the key parts shown below:
.
├── site.yml
├── requirements.yml
├── inventory
│ ├── host_vars
│ | └── ...
│ └── hosts
site.yml
is a playbook that sets up some variables and drives theopenshift-applier
role.requirements.yml
is a manifest which contains the Ansible modules needed to run the playbookinventory/host_vars/*.yml
is the collection of objects we want to insert into the cluster written according to the convention defined by the openshift-applier role.inventory/hosts
is where thetargets
are defined for grouping of the various inventories to be run egbootstrap
for creating projects and roles bindingsparams
is a set of parameter files to be processed along with their respective OpenShift template.
The Ansible layer is very thin; it simply provides a way to orchestrate the application of OpenShift templates across one or more OpenShift projects. All configuration for the applications should be defined by an OpenShift template and the corresponding parameters file or by file.
There are multiple Ansible inventories which divide the type of components to be built and deployed to an OpenShift cluster. These are broken down into multiple sections:
jaeger-operator
- Located ininventory/host_vars/jaeger-operator.yml
contains a collection of objects used to install the Jaeger Operator in OpenShiftkiali-operator
- Located ininventory/host_vars/kiali-operator.yml
contains a collection of objects used to install the Kiali Operator in OpenShiftistio-operator
- Located ininventory/host_vars/istio-operator.yml
contains a collection of objects used to install the Istio Operator in OpenShiftcontrol-plane
- Located ininventory/host_vars/control-plane.yml
creates the namespace and configuration for the Istio Operator to manage in OpenShiftsample-app
- Located ininventory/host_vars/sample-app.yml
creates the objects for the BookInfo application and the VirtualService in OpenShift
- Ansible 2.5 or above.
- OpenShift CLI Tools
- Access to the OpenShift cluster (Your user needs permissions to deploy ProjectRequest objects)
- libselinux-python (only needed on Fedora, RHEL, and CentOS)
- Install by running
yum install libselinux-python
.
- Install by running
It should be noted that non-docker executions will utilize the inventory directory included in this repo by default. If you would like to specify a custom inventory for any of the below tasks, you can do so by adding -i /path/to/my/inventory
to the command
- Log on to an OpenShift server
oc login -u <user> https://<server>:<port>/
- Clone this repository.
- Install the required openshift-applier dependency:
ansible-galaxy install -r requirements.yml --roles-path=roles
- Deploy the Jaeger Operator
ansible-playbook site.yml -l jaeger-operator
- Deploy the Kiali Operator
ansible-playbook site.yml -l kiali-operator
- Deploy the Istio Operator
# Verify that both the Jaeger and Kiali Operators
# are running before Installing the Istio Operator
ansible-playbook site.yml -l istio-operator
- Deploy the Service Mesh Control Plane
# Verify that the Istio Operator and the Admission
# Service is running before installing the Control
# Plane
ansible-playbook site.yml -l control-plane
- Deploy the BookInfo Sample Application
# Install the sample application once all pods in the
# istio-system namespace are running
ansible-playbook site.yml -l sample-app
Determine the URL for the ingress gateway.
export GATEWAY_URL=$(oc get route -n istio-system istio-ingressgateway -o jsonpath='{.spec.host}')
Call the product page using the gateway from above.
curl -o -s -w "%{http_code}\n" http://$GATEWAY_URL/productpage
A 200 HTTP Code should be returned from the CURL command.