HowTo: Reverse Engineer an Operator, part 1
Andrew Berisha-Cornejo
Created: 2022-06-24 Fri 16:18
1. Use case
A client wants to use an implementation of AAP (Ansible Automation Platform) on OpenShift but they do not allow Operators
Needs:
- deploy on their controlled container platform
- no operators
1.1. Ansible
Ansible is an orchestration tool that takes an inventory of host machines and a playbook that runs and sets up each group within an inventory based on the instructions written in YAML
Previously, Ansible would run as Ansible Tower
1.2. AAP
The current version of AAP has an automation controller (replacing tower) and automation hub
2. TL;DR
Bill wrote a great piece here on reverse engineering https://blog.devgenius.io/journey-to-reverse-engineer-openshift-operator-20ce938fa74b
3. Run a local version of OpenShift
The best thing is to run the deployment with the operator and reverse engineer it.
3.1. RedHat OpenTLC
RedHat provides access to their lab environments as part of their RedHat Partnership
4. Reverse engineering the deployment
4.1. OpenShift objects
oc get deployment -o yaml > deployment.yaml
oc get secret -o yaml > secret.yaml
oc get configmap -o yaml > configmap.yaml
oc get pvc -o yaml > pvc.yaml
oc get route -o yaml > route.yaml
oc get statefulset -o yaml > statefulset.yaml
oc get svc -o yaml > svc.yaml
4.2. Deployment yaml
We'll focus on the deployment to get an overall picture
apiVersion: v1
items:
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"labels":{"app.kubernetes.io/component":"automationcontroller","app.kubernetes.io/managed-by":"automationcontroller-operator","app.kubernetes.io/name":"aap-21","app.kubernetes.io/operator-version":"","app.kubernetes.io/part-of":"aap-21","app.kubernetes.io/version":"latest"},"name":"aap-21","namespace":"ansible-automation-platform"},"spec":{"replicas":1,"selector":{"matchLabels":{"app.kubernetes.io/component":"automationcontroller","app.kubernetes.io/managed-by":"automationcontroller-operator","app.kubernetes.io/name":"aap-21"}},"template":{"metadata":{"labels":{"app.kubernetes.io/component":"automationcontroller","app.kubernetes.io/managed-by":"automationcontroller-operator","app.kubernetes.io/name":"aap-21","app.kubernetes.io/part-of":"aap-21","app.kubernetes.io/version":"latest"}},"spec":{"containers":[{"args":["redis-server","/etc/redis.conf"],"image":"registry.redhat.io/rhel8/redis-5@sha256:a4b62680bf5f8644e39fd25ca8e333b7d6d1e98c902b695a4c98984675ff195c","imagePullPolicy":"IfNotPresent","name":"redis","volumeMounts":[{"mountPath":"/etc/redis.conf","name":"aap-21-redis-config","readOnly":true,"subPath":"redis.conf"},{"mountPath":"/var/run/redis","name":"aap-21-redis-socket"},{"mountPath":"/data","name":"aap-21-redis-data"}]},{"env":[{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"registry.redhat.io/ansible-automation-platform-21/controller-rhel8@sha256:2dcaf47c2900c4c84df0d173aa2c67377798bc6eef675ec550be44264d51f7de","imagePullPolicy":"IfNotPresent","name":"aap-21-web","ports":[{"containerPort":8052}],"resources":{"requests":{"cpu":"1000m","memory":"2Gi"}},"volumeMounts":[{"mountPath":"/etc/tower/conf.d/execution_environments.py","name":"aap-21-application-credentials","readOnly":true,"subPath":"execution_environments.py"},{"mountPath":"/etc/tower/conf.d/credentials.py","name":"aap-21-application-credentials","readOnly":true,"subPath":"credentials.py"},{"mountPath":"/etc/tower/conf.d/ldap.py","name":"aap-21-application-credentials","readOnly":true,"subPath":"ldap.py"},{"mountPath":"/etc/tower/SECRET_KEY","name":"aap-21-secret-key","readOnly":true,"subPath":"SECRET_KEY"},{"mountPath":"/etc/tower/settings.py","name":"aap-21-settings","readOnly":true,"subPath":"settings.py"},{"mountPath":"/etc/nginx/nginx.conf","name":"aap-21-nginx-conf","readOnly":true,"subPath":"nginx.conf"},{"mountPath":"/var/run/redis","name":"aap-21-redis-socket"},{"mountPath":"/var/run/supervisor","name":"supervisor-socket"},{"mountPath":"/var/run/awx-rsyslog","name":"rsyslog-socket"},{"mountPath":"/var/lib/awx/rsyslog","name":"rsyslog-dir"},{"mountPath":"/var/lib/awx/projects","name":"aap-21-projects"}]},{"args":["/usr/bin/launch_awx_task.sh"],"env":[{"name":"SUPERVISOR_WEB_CONFIG_PATH","value":"/etc/supervisord.conf"},{"name":"AWX_SKIP_MIGRATIONS","value":"1"},{"name":"MY_POD_UID","valueFrom":{"fieldRef":{"fieldPath":"metadata.uid"}}},{"name":"MY_POD_IP","valueFrom":{"fieldRef":{"fieldPath":"status.podIP"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"registry.redhat.io/ansible-automation-platform-21/controller-rhel8@sha256:2dcaf47c2900c4c84df0d173aa2c67377798bc6eef675ec550be44264d51f7de","imagePullPolicy":"IfNotPresent","name":"aap-21-task","resources":{"requests":{"cpu":"500m","memory":"1Gi"}},"volumeMounts":[{"mountPath":"/etc/tower/conf.d/execution_environments.py","name":"aap-21-application-credentials","readOnly":true,"subPath":"execution_environments.py"},{"mountPath":"/etc/tower/conf.d/credentials.py","name":"aap-21-application-credentials","readOnly":true,"subPath":"credentials.py"},{"mountPath":"/etc/tower/conf.d/ldap.py","name":"aap-21-application-credentials","readOnly":true,"subPath":"ldap.py"},{"mountPath":"/etc/tower/SECRET_KEY","name":"aap-21-secret-key","readOnly":true,"subPath":"SECRET_KEY"},{"mountPath":"/etc/tower/settings.py","name":"aap-21-settings","readOnly":true,"subPath":"settings.py"},{"mountPath":"/var/run/redis","name":"aap-21-redis-socket"},{"mountPath":"/var/run/supervisor","name":"supervisor-socket"},{"mountPath":"/var/run/awx-rsyslog","name":"rsyslog-socket"},{"mountPath":"/var/lib/awx/rsyslog","name":"rsyslog-dir"},{"mountPath":"/etc/receptor/receptor.conf","name":"aap-21-receptor-config","readOnly":true,"subPath":"receptor.conf"},{"mountPath":"/var/run/receptor","name":"receptor-socket"},{"mountPath":"/var/lib/awx/projects","name":"aap-21-projects"}]},{"args":["receptor","--config","/etc/receptor/receptor.conf"],"env":null,"image":"registry.redhat.io/ansible-automation-platform-21/ee-supported-rhel8@sha256:02c5dff1518e1bdc4809775f47abbd10d79a5f6d64c0283875a72c019ad78eea","imagePullPolicy":"IfNotPresent","name":"aap-21-ee","resources":{"requests":{"cpu":"500m","memory":"1Gi"}},"volumeMounts":[{"mountPath":"/etc/receptor/receptor.conf","name":"aap-21-receptor-config","readOnly":true,"subPath":"receptor.conf"},{"mountPath":"/var/run/receptor","name":"receptor-socket"},{"mountPath":"/var/lib/awx/projects","name":"aap-21-projects"}]}],"initContainers":null,"serviceAccountName":"aap-21","volumes":[{"name":"aap-21-application-credentials","secret":{"items":[{"key":"credentials.py","path":"credentials.py"},{"key":"ldap.py","path":"ldap.py"},{"key":"execution_environments.py","path":"execution_environments.py"}],"secretName":"aap-21-app-credentials"}},{"name":"aap-21-secret-key","secret":{"items":[{"key":"secret_key","path":"SECRET_KEY"}],"secretName":"aap-21-secret-key"}},{"configMap":{"items":[{"key":"settings","path":"settings.py"}],"name":"aap-21-automationcontroller-configmap"},"name":"aap-21-settings"},{"configMap":{"items":[{"key":"nginx_conf","path":"nginx.conf"}],"name":"aap-21-automationcontroller-configmap"},"name":"aap-21-nginx-conf"},{"configMap":{"items":[{"key":"redis_conf","path":"redis.conf"}],"name":"aap-21-automationcontroller-configmap"},"name":"aap-21-redis-config"},{"emptyDir":{},"name":"aap-21-redis-socket"},{"emptyDir":{},"name":"aap-21-redis-data"},{"emptyDir":{},"name":"supervisor-socket"},{"emptyDir":{},"name":"rsyslog-socket"},{"emptyDir":{},"name":"receptor-socket"},{"emptyDir":{},"name":"rsyslog-dir"},{"configMap":{"items":[{"key":"receptor_conf","path":"receptor.conf"}],"name":"aap-21-automationcontroller-configmap"},"name":"aap-21-receptor-config"},{"emptyDir":{},"name":"aap-21-projects"}]}}}}'
creationTimestamp: "2022-05-02T17:27:07Z"
generation: 1
labels:
app.kubernetes.io/component: automationcontroller
app.kubernetes.io/managed-by: automationcontroller-operator
app.kubernetes.io/name: aap-21
app.kubernetes.io/operator-version: ""
app.kubernetes.io/part-of: aap-21
app.kubernetes.io/version: latest
name: aap-21
namespace: ansible-automation-platform
ownerReferences:
- apiVersion: automationcontroller.ansible.com/v1beta1
kind: AutomationController
name: aap-21
uid: 20f413b8-9b92-4be6-995d-05e5bbab43c8
resourceVersion: "113155"
uid: d724ce3f-906f-48af-a31f-5eb09a5a2845
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: automationcontroller
app.kubernetes.io/managed-by: automationcontroller-operator
app.kubernetes.io/name: aap-21
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: automationcontroller
app.kubernetes.io/managed-by: automationcontroller-operator
app.kubernetes.io/name: aap-21
app.kubernetes.io/part-of: aap-21
app.kubernetes.io/version: latest
spec:
containers:
- args:
- redis-server
- /etc/redis.conf
image: registry.redhat.io/rhel8/redis-5@sha256:a4b62680bf5f8644e39fd25ca8e333b7d6d1e98c902b695a4c98984675ff195c
imagePullPolicy: IfNotPresent
name: redis
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/redis.conf
name: aap-21-redis-config
readOnly: true
subPath: redis.conf
- mountPath: /var/run/redis
name: aap-21-redis-socket
- mountPath: /data
name: aap-21-redis-data
- env:
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: registry.redhat.io/ansible-automation-platform-21/controller-rhel8@sha256:2dcaf47c2900c4c84df0d173aa2c67377798bc6eef675ec550be44264d51f7de
imagePullPolicy: IfNotPresent
name: aap-21-web
ports:
- containerPort: 8052
protocol: TCP
resources:
requests:
cpu: "1"
memory: 2Gi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/tower/conf.d/execution_environments.py
name: aap-21-application-credentials
readOnly: true
subPath: execution_environments.py
- mountPath: /etc/tower/conf.d/credentials.py
name: aap-21-application-credentials
readOnly: true
subPath: credentials.py
- mountPath: /etc/tower/conf.d/ldap.py
name: aap-21-application-credentials
readOnly: true
subPath: ldap.py
- mountPath: /etc/tower/SECRET_KEY
name: aap-21-secret-key
readOnly: true
subPath: SECRET_KEY
- mountPath: /etc/tower/settings.py
name: aap-21-settings
readOnly: true
subPath: settings.py
- mountPath: /etc/nginx/nginx.conf
name: aap-21-nginx-conf
readOnly: true
subPath: nginx.conf
- mountPath: /var/run/redis
name: aap-21-redis-socket
- mountPath: /var/run/supervisor
name: supervisor-socket
- mountPath: /var/run/awx-rsyslog
name: rsyslog-socket
- mountPath: /var/lib/awx/rsyslog
name: rsyslog-dir
- mountPath: /var/lib/awx/projects
name: aap-21-projects
- args:
- /usr/bin/launch_awx_task.sh
env:
- name: SUPERVISOR_WEB_CONFIG_PATH
value: /etc/supervisord.conf
- name: AWX_SKIP_MIGRATIONS
value: "1"
- name: MY_POD_UID
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.uid
- name: MY_POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: registry.redhat.io/ansible-automation-platform-21/controller-rhel8@sha256:2dcaf47c2900c4c84df0d173aa2c67377798bc6eef675ec550be44264d51f7de
imagePullPolicy: IfNotPresent
name: aap-21-task
resources:
requests:
cpu: 500m
memory: 1Gi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/tower/conf.d/execution_environments.py
name: aap-21-application-credentials
readOnly: true
subPath: execution_environments.py
- mountPath: /etc/tower/conf.d/credentials.py
name: aap-21-application-credentials
readOnly: true
subPath: credentials.py
- mountPath: /etc/tower/conf.d/ldap.py
name: aap-21-application-credentials
readOnly: true
subPath: ldap.py
- mountPath: /etc/tower/SECRET_KEY
name: aap-21-secret-key
readOnly: true
subPath: SECRET_KEY
- mountPath: /etc/tower/settings.py
name: aap-21-settings
readOnly: true
subPath: settings.py
- mountPath: /var/run/redis
name: aap-21-redis-socket
- mountPath: /var/run/supervisor
name: supervisor-socket
- mountPath: /var/run/awx-rsyslog
name: rsyslog-socket
- mountPath: /var/lib/awx/rsyslog
name: rsyslog-dir
- mountPath: /etc/receptor/receptor.conf
name: aap-21-receptor-config
readOnly: true
subPath: receptor.conf
- mountPath: /var/run/receptor
name: receptor-socket
- mountPath: /var/lib/awx/projects
name: aap-21-projects
- args:
- receptor
- --config
- /etc/receptor/receptor.conf
image: registry.redhat.io/ansible-automation-platform-21/ee-supported-rhel8@sha256:02c5dff1518e1bdc4809775f47abbd10d79a5f6d64c0283875a72c019ad78eea
imagePullPolicy: IfNotPresent
name: aap-21-ee
resources:
requests:
cpu: 500m
memory: 1Gi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/receptor/receptor.conf
name: aap-21-receptor-config
readOnly: true
subPath: receptor.conf
- mountPath: /var/run/receptor
name: receptor-socket
- mountPath: /var/lib/awx/projects
name: aap-21-projects
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: aap-21
serviceAccountName: aap-21
terminationGracePeriodSeconds: 30
volumes:
- name: aap-21-application-credentials
secret:
defaultMode: 420
items:
- key: credentials.py
path: credentials.py
- key: ldap.py
path: ldap.py
- key: execution_environments.py
path: execution_environments.py
secretName: aap-21-app-credentials
- name: aap-21-secret-key
secret:
defaultMode: 420
items:
- key: secret_key
path: SECRET_KEY
secretName: aap-21-secret-key
- configMap:
defaultMode: 420
items:
- key: settings
path: settings.py
name: aap-21-automationcontroller-configmap
name: aap-21-settings
- configMap:
defaultMode: 420
items:
- key: nginx_conf
path: nginx.conf
name: aap-21-automationcontroller-configmap
name: aap-21-nginx-conf
- configMap:
defaultMode: 420
items:
- key: redis_conf
path: redis.conf
name: aap-21-automationcontroller-configmap
name: aap-21-redis-config
- emptyDir: {}
name: aap-21-redis-socket
- emptyDir: {}
name: aap-21-redis-data
- emptyDir: {}
name: supervisor-socket
- emptyDir: {}
name: rsyslog-socket
- emptyDir: {}
name: receptor-socket
- emptyDir: {}
name: rsyslog-dir
- configMap:
defaultMode: 420
items:
- key: receptor_conf
path: receptor.conf
name: aap-21-automationcontroller-configmap
name: aap-21-receptor-config
- emptyDir: {}
name: aap-21-projects
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2022-05-02T17:28:20Z"
lastUpdateTime: "2022-05-02T17:28:20Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2022-05-02T17:27:07Z"
lastUpdateTime: "2022-05-02T17:28:20Z"
message: ReplicaSet "aap-21-c547fd9c4" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
email: pulp-dev@redhat.com
creationTimestamp: "2022-05-02T17:31:38Z"
generation: 1
labels:
app.kubernetes.io/component: api
app.kubernetes.io/instance: automationhub-api-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-api
app.kubernetes.io/part-of: automationhub
owner: pulp-dev
name: aap-21-hub-api
namespace: ansible-automation-platform
ownerReferences:
- apiVersion: automationhub.ansible.com/v1beta1
kind: AutomationHub
name: aap-21-hub
uid: 99d0180a-8c34-49ce-843f-652458e073f3
resourceVersion: "125877"
uid: c8088061-1b02-43af-a5b0-25ceb8e5a1f2
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: api
app.kubernetes.io/instance: automationhub-api-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-api
app.kubernetes.io/part-of: automationhub
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: api
app.kubernetes.io/instance: automationhub-api-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-api
app.kubernetes.io/part-of: automationhub
spec:
containers:
- args:
- pulp-api
env:
- name: POSTGRES_SERVICE_HOST
value: aap-21-hub-postgres-svc
- name: POSTGRES_SERVICE_PORT
value: "5432"
- name: REDIS_SERVICE_HOST
value: aap-21-hub-redis-svc
- name: REDIS_SERVICE_PORT
value: "6379"
image: registry.redhat.io/ansible-automation-platform-21/hub-rhel8@sha256:ec0cb1ad1164621721bfd61f1b284b6e541660b104b60d6af03437764971e16e
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 5
httpGet:
path: /pulp/api/v3/status/
port: 24817
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
name: api
ports:
- containerPort: 24817
protocol: TCP
readinessProbe:
failureThreshold: 10
httpGet:
path: /pulp/api/v3/status/
port: 24817
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/pulp/settings.py
name: aap-21-hub-server
readOnly: true
subPath: settings.py
- mountPath: /etc/pulp/pulp-admin-password
name: aap-21-hub-admin-password
readOnly: true
subPath: admin-password
- mountPath: /etc/pulp/keys/database_fields.symmetric.key
name: aap-21-hub-db-fields-encryption
readOnly: true
subPath: database_fields.symmetric.key
- mountPath: /var/lib/pulp
name: file-storage
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: aap-21-hub
serviceAccountName: aap-21-hub
terminationGracePeriodSeconds: 30
volumes:
- name: aap-21-hub-server
secret:
defaultMode: 420
items:
- key: settings.py
path: settings.py
secretName: aap-21-hub-server
- name: aap-21-hub-admin-password
secret:
defaultMode: 420
items:
- key: password
path: admin-password
secretName: aap-21-hub-admin-password
- name: aap-21-hub-db-fields-encryption
secret:
defaultMode: 420
items:
- key: database_fields.symmetric.key
path: database_fields.symmetric.key
secretName: aap-21-hub-db-fields-encryption
- name: file-storage
persistentVolumeClaim:
claimName: aap-21-hub-file-storage
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2022-05-02T17:33:05Z"
lastUpdateTime: "2022-05-02T17:33:05Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2022-05-02T17:31:38Z"
lastUpdateTime: "2022-05-02T17:33:05Z"
message: ReplicaSet "aap-21-hub-api-7888dbb956" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
email: pulp-dev@redhat.com
ignore-check.kube-linter.io/no-liveness-probe: Temporarily disabled
ignore-check.kube-linter.io/no-readiness-probe: Temporarily disabled
creationTimestamp: "2022-05-02T17:31:41Z"
generation: 1
labels:
app.kubernetes.io/component: content-server
app.kubernetes.io/instance: automationhub-content-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-content
app.kubernetes.io/part-of: automationhub
owner: pulp-dev
name: aap-21-hub-content
namespace: ansible-automation-platform
ownerReferences:
- apiVersion: automationhub.ansible.com/v1beta1
kind: AutomationHub
name: aap-21-hub
uid: 99d0180a-8c34-49ce-843f-652458e073f3
resourceVersion: "123957"
uid: c96802f2-d216-45ff-8213-a07c403df79d
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: content-server
app.kubernetes.io/instance: automationhub-content-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-content
app.kubernetes.io/part-of: automationhub
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: content-server
app.kubernetes.io/instance: automationhub-content-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-content
app.kubernetes.io/part-of: automationhub
spec:
containers:
- args:
- pulp-content
env:
- name: POSTGRES_SERVICE_HOST
value: aap-21-hub-postgres-svc
- name: POSTGRES_SERVICE_PORT
value: "5432"
- name: REDIS_SERVICE_HOST
value: aap-21-hub-redis-svc
- name: REDIS_SERVICE_PORT
value: "6379"
image: registry.redhat.io/ansible-automation-platform-21/hub-rhel8@sha256:ec0cb1ad1164621721bfd61f1b284b6e541660b104b60d6af03437764971e16e
imagePullPolicy: IfNotPresent
name: content
ports:
- containerPort: 24816
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/pulp/
name: aap-21-hub-server
- mountPath: /etc/pulp/keys/
name: aap-21-hub-db-fields-encryption
readOnly: true
- mountPath: /var/lib/pulp
name: file-storage
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: aap-21-hub
serviceAccountName: aap-21-hub
terminationGracePeriodSeconds: 30
volumes:
- name: aap-21-hub-server
secret:
defaultMode: 420
items:
- key: settings.py
path: settings.py
secretName: aap-21-hub-server
- name: aap-21-hub-db-fields-encryption
secret:
defaultMode: 420
items:
- key: database_fields.symmetric.key
path: database_fields.symmetric.key
secretName: aap-21-hub-db-fields-encryption
- name: file-storage
persistentVolumeClaim:
claimName: aap-21-hub-file-storage
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2022-05-02T17:32:21Z"
lastUpdateTime: "2022-05-02T17:32:21Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2022-05-02T17:31:42Z"
lastUpdateTime: "2022-05-02T17:32:21Z"
message: ReplicaSet "aap-21-hub-content-5b8457f549" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
email: pulp-dev@redhat.com
ignore-check.kube-linter.io/unset-cpu-requirements: Temporarily disabled
ignore-check.kube-linter.io/unset-memory-requirements: Temporarily disabled
creationTimestamp: "2022-05-02T17:31:12Z"
generation: 1
labels:
app.kubernetes.io/component: cache
app.kubernetes.io/instance: redis-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: redis
app.kubernetes.io/part-of: automationhub
owner: pulp-dev
name: aap-21-hub-redis
namespace: ansible-automation-platform
ownerReferences:
- apiVersion: automationhub.ansible.com/v1beta1
kind: AutomationHub
name: aap-21-hub
uid: 99d0180a-8c34-49ce-843f-652458e073f3
resourceVersion: "122252"
uid: fca91759-da03-4ad2-81c0-0cb7c3471f5a
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: cache
app.kubernetes.io/instance: redis-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: redis
app.kubernetes.io/part-of: automationhub
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: cache
app.kubernetes.io/instance: redis-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: redis
app.kubernetes.io/part-of: automationhub
spec:
containers:
- image: registry.redhat.io/rhel8/redis-5@sha256:a4b62680bf5f8644e39fd25ca8e333b7d6d1e98c902b695a4c98984675ff195c
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- /bin/sh
- -i
- -c
- redis-cli -h 127.0.0.1 -p 6379
failureThreshold: 5
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
name: redis
ports:
- containerPort: 6379
protocol: TCP
readinessProbe:
exec:
command:
- /bin/sh
- -i
- -c
- redis-cli -h 127.0.0.1 -p 6379
failureThreshold: 5
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
resources:
requests:
cpu: 200m
memory: 512Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /data
name: aap-21-hub-redis-data
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: aap-21-hub
serviceAccountName: aap-21-hub
terminationGracePeriodSeconds: 30
volumes:
- name: aap-21-hub-redis-data
persistentVolumeClaim:
claimName: aap-21-hub-redis-data
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2022-05-02T17:31:43Z"
lastUpdateTime: "2022-05-02T17:31:43Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2022-05-02T17:31:12Z"
lastUpdateTime: "2022-05-02T17:31:43Z"
message: ReplicaSet "aap-21-hub-redis-6c947c7cc8" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
email: pulp-dev@redhat.com
ignore-check.kube-linter.io/no-liveness-probe: Port isn't exposed
ignore-check.kube-linter.io/no-readiness-probe: Port isn't exposed
creationTimestamp: "2022-05-02T17:33:18Z"
generation: 1
labels:
app.kubernetes.io/component: resource-manager
app.kubernetes.io/instance: automationhub-resource-manager-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-resource-manager
app.kubernetes.io/part-of: automationhub
owner: pulp-dev
name: aap-21-hub-resource-manager
namespace: ansible-automation-platform
ownerReferences:
- apiVersion: automationhub.ansible.com/v1beta1
kind: AutomationHub
name: aap-21-hub
uid: 99d0180a-8c34-49ce-843f-652458e073f3
resourceVersion: "126715"
uid: 9ebe1de5-4f0c-4b78-99b1-0e1fe38d20cd
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: resource-manager
app.kubernetes.io/instance: automationhub-resource-manager-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-resource-manager
app.kubernetes.io/part-of: automationhub
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: resource-manager
app.kubernetes.io/instance: automationhub-resource-manager-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-resource-manager
app.kubernetes.io/part-of: automationhub
spec:
containers:
- args:
- pulp-resource-manager
env:
- name: POSTGRES_SERVICE_HOST
value: aap-21-hub-postgres-svc
- name: POSTGRES_SERVICE_PORT
value: "5432"
- name: REDIS_SERVICE_HOST
value: aap-21-hub-redis-svc
- name: REDIS_SERVICE_PORT
value: "6379"
image: registry.redhat.io/ansible-automation-platform-21/hub-rhel8@sha256:ec0cb1ad1164621721bfd61f1b284b6e541660b104b60d6af03437764971e16e
imagePullPolicy: IfNotPresent
name: resource-manager
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/pulp/
name: aap-21-hub-server
- mountPath: /etc/pulp/keys/
name: aap-21-hub-db-fields-encryption
readOnly: true
- mountPath: /var/lib/pulp
name: file-storage
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: aap-21-hub
serviceAccountName: aap-21-hub
terminationGracePeriodSeconds: 30
volumes:
- name: aap-21-hub-server
secret:
defaultMode: 420
items:
- key: settings.py
path: settings.py
secretName: aap-21-hub-server
- name: aap-21-hub-db-fields-encryption
secret:
defaultMode: 420
items:
- key: database_fields.symmetric.key
path: database_fields.symmetric.key
secretName: aap-21-hub-db-fields-encryption
- name: file-storage
persistentVolumeClaim:
claimName: aap-21-hub-file-storage
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2022-05-02T17:33:23Z"
lastUpdateTime: "2022-05-02T17:33:23Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2022-05-02T17:33:18Z"
lastUpdateTime: "2022-05-02T17:33:23Z"
message: ReplicaSet "aap-21-hub-resource-manager-76846c67db" has successfully
progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
email: pulp-dev@redhat.com
creationTimestamp: "2022-05-02T17:31:15Z"
generation: 1
labels:
app.kubernetes.io/component: webserver
app.kubernetes.io/instance: nginx-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: nginx
app.kubernetes.io/part-of: automationhub
owner: pulp-dev
name: aap-21-hub-web
namespace: ansible-automation-platform
ownerReferences:
- apiVersion: automationhub.ansible.com/v1beta1
kind: AutomationHub
name: aap-21-hub
uid: 99d0180a-8c34-49ce-843f-652458e073f3
resourceVersion: "125909"
uid: 4c83c49a-cf35-4ebd-88c7-12f4a6f13275
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: webserver
app.kubernetes.io/instance: nginx-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: nginx
app.kubernetes.io/part-of: automationhub
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: webserver
app.kubernetes.io/instance: nginx-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: nginx
app.kubernetes.io/part-of: automationhub
spec:
containers:
- image: registry.redhat.io/ansible-automation-platform-21/hub-web-rhel8@sha256:3580a7295bf8b6441c58288451d15ca28c491c47bbda2f88f05729110a52f8c6
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 5
httpGet:
path: /pulp/api/v3/status/
port: 8080
scheme: HTTP
initialDelaySeconds: 90
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
name: web
ports:
- containerPort: 8080
protocol: TCP
readinessProbe:
failureThreshold: 10
httpGet:
path: /pulp/api/v3/status/
port: 8080
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/nginx/nginx.conf
name: aap-21-hub-nginx-conf
readOnly: true
subPath: nginx.conf
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: aap-21-hub
serviceAccountName: aap-21-hub
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 420
items:
- key: nginx_conf
path: nginx.conf
name: aap-21-hub-automationhub-configmap
name: aap-21-hub-nginx-conf
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2022-05-02T17:33:05Z"
lastUpdateTime: "2022-05-02T17:33:05Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2022-05-02T17:31:15Z"
lastUpdateTime: "2022-05-02T17:33:05Z"
message: ReplicaSet "aap-21-hub-web-8494cdfbf7" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
email: pulp-dev@redhat.com
ignore-check.kube-linter.io/no-liveness-probe: Port isn't exposed
ignore-check.kube-linter.io/no-readiness-probe: Port isn't exposed
creationTimestamp: "2022-05-02T17:31:43Z"
generation: 1
labels:
app.kubernetes.io/component: worker
app.kubernetes.io/instance: automationhub-worker-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-worker
app.kubernetes.io/part-of: automationhub
owner: pulp-dev
name: aap-21-hub-worker
namespace: ansible-automation-platform
ownerReferences:
- apiVersion: automationhub.ansible.com/v1beta1
kind: AutomationHub
name: aap-21-hub
uid: 99d0180a-8c34-49ce-843f-652458e073f3
resourceVersion: "123961"
uid: 7ae50a52-8aef-4a8d-8644-c27b33261e59
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: worker
app.kubernetes.io/instance: automationhub-worker-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-worker
app.kubernetes.io/part-of: automationhub
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: worker
app.kubernetes.io/instance: automationhub-worker-aap-21-hub
app.kubernetes.io/managed-by: automationhub-operator
app.kubernetes.io/name: automationhub-worker
app.kubernetes.io/part-of: automationhub
spec:
containers:
- args:
- pulp-worker
env:
- name: POSTGRES_SERVICE_HOST
value: aap-21-hub-postgres-svc
- name: POSTGRES_SERVICE_PORT
value: "5432"
- name: REDIS_SERVICE_HOST
value: aap-21-hub-redis-svc
- name: REDIS_SERVICE_PORT
value: "6379"
image: registry.redhat.io/ansible-automation-platform-21/hub-rhel8@sha256:ec0cb1ad1164621721bfd61f1b284b6e541660b104b60d6af03437764971e16e
imagePullPolicy: IfNotPresent
name: worker
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /.ansible/tmp/
name: aap-21-hub-ansible-tmp
- mountPath: /etc/pulp/
name: aap-21-hub-server
- mountPath: /etc/pulp/keys/
name: aap-21-hub-db-fields-encryption
readOnly: true
- mountPath: /var/lib/pulp
name: file-storage
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: aap-21-hub
serviceAccountName: aap-21-hub
terminationGracePeriodSeconds: 30
volumes:
- name: aap-21-hub-server
secret:
defaultMode: 420
items:
- key: settings.py
path: settings.py
secretName: aap-21-hub-server
- name: aap-21-hub-db-fields-encryption
secret:
defaultMode: 420
items:
- key: database_fields.symmetric.key
path: database_fields.symmetric.key
secretName: aap-21-hub-db-fields-encryption
- name: file-storage
persistentVolumeClaim:
claimName: aap-21-hub-file-storage
- emptyDir: {}
name: aap-21-hub-ansible-tmp
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2022-05-02T17:32:21Z"
lastUpdateTime: "2022-05-02T17:32:21Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2022-05-02T17:31:43Z"
lastUpdateTime: "2022-05-02T17:32:21Z"
message: ReplicaSet "aap-21-hub-worker-fbcf987b6" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
creationTimestamp: "2022-05-02T17:22:18Z"
generation: 2
labels:
olm.deployment-spec-hash: 9969db6db
olm.owner: aap-operator.v2.1.2-0.1650395354
olm.owner.kind: ClusterServiceVersion
olm.owner.namespace: ansible-automation-platform
operators.coreos.com/ansible-automation-platform-operator.ansible-automation-platfor: ""
name: automation-controller-operator-controller-manager
namespace: ansible-automation-platform
ownerReferences:
- apiVersion: operators.coreos.com/v1alpha1
blockOwnerDeletion: false
controller: false
kind: ClusterServiceVersion
name: aap-operator.v2.1.2-0.1650395354
uid: 86448b14-de7c-4655-b041-9912a151f78c
resourceVersion: "98500"
uid: fa291512-c3e9-434e-b0fc-ba919f0327e1
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 1
selector:
matchLabels:
control-plane: controller-manager
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
alm-examples: ""
capabilities: Full Lifecycle
categories: Integration & Delivery
description: The Ansible Automation Platform Resource Operator manages everything
Automation
olm.operatorGroup: ansible-automation-platform-operator
olm.operatorNamespace: ansible-automation-platform
olm.targetNamespaces: ansible-automation-platform
operatorframework.io/properties: '{"properties":[{"type":"olm.gvk","value":{"group":"automationcontroller.ansible.com","kind":"AutomationController","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationcontroller.ansible.com","kind":"AutomationControllerBackup","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationcontroller.ansible.com","kind":"AutomationControllerRestore","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationhub.ansible.com","kind":"AutomationHub","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationhub.ansible.com","kind":"AutomationHubBackup","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationhub.ansible.com","kind":"AutomationHubRestore","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"tower.ansible.com","kind":"AnsibleJob","version":"v1alpha1"}},{"type":"olm.gvk","value":{"group":"tower.ansible.com","kind":"JobTemplate","version":"v1alpha1"}},{"type":"olm.package","value":{"packageName":"ansible-automation-platform-operator","version":"2.1.2+0.1650395354"}}]}'
operatorframework.io/suggested-namespace: ansible-automation-platform
operators.openshift.io/infrastructure-features: '["disconnected"]'
operators.openshift.io/valid-subscription: '["Red Hat Ansible Automation
Platform"]'
operators.operatorframework.io/builder: operator-sdk-v1.11.0+git
operators.operatorframework.io/project_layout: ansible
support: Red Hat
creationTimestamp: null
labels:
control-plane: controller-manager
spec:
containers:
- args:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8080/
- --logtostderr=true
- --v=10
env:
- name: OPERATOR_CONDITION_NAME
value: aap-operator.v2.1.2-0.1650395354
image: registry.redhat.io/openshift4/ose-kube-rbac-proxy@sha256:12f0c23da8a11e77c4aa58bd38143ab34858405c66936296aaebf21b4e61fd92
imagePullPolicy: IfNotPresent
name: kube-rbac-proxy
ports:
- containerPort: 8443
name: https
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
- args:
- --health-probe-bind-address=:6789
- --metrics-bind-address=127.0.0.1:8080
- --leader-elect
- --leader-election-id=automation-controller-operator
env:
- name: ANSIBLE_GATHERING
value: explicit
- name: ANSIBLE_DEBUG_LOGS
value: "false"
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.annotations['olm.targetNamespaces']
- name: RELATED_IMAGE_CONTROLLER_APP
value: registry.redhat.io/ansible-automation-platform-21/controller-rhel8@sha256:2dcaf47c2900c4c84df0d173aa2c67377798bc6eef675ec550be44264d51f7de
- name: RELATED_IMAGE_CONTROLLER_INIT_CONTAINER
value: registry.redhat.io/ubi8/ubi-minimal@sha256:c536d4c63253318fdfc1db499f8f4bb0881db7fbd6f3d1554b4d54c812f85cc7
- name: RELATED_IMAGE_CONTROLLER_REDIS
value: registry.redhat.io/rhel8/redis-5@sha256:a4b62680bf5f8644e39fd25ca8e333b7d6d1e98c902b695a4c98984675ff195c
- name: RELATED_IMAGE_CONTROL_PLANE_EE
value: registry.redhat.io/ansible-automation-platform-21/ee-supported-rhel8@sha256:02c5dff1518e1bdc4809775f47abbd10d79a5f6d64c0283875a72c019ad78eea
- name: RELATED_IMAGE_CONTROLLER_POSTGRES
value: registry.redhat.io/rhel8/postgresql-12@sha256:be7212e938d1ef314a75aca070c28b6433cd0346704d0d3523c8ef403ff0c69e
- name: RELATED_IMAGE_EE_SUPPORTED
value: registry.redhat.io/ansible-automation-platform-21/ee-supported-rhel8@sha256:02c5dff1518e1bdc4809775f47abbd10d79a5f6d64c0283875a72c019ad78eea
- name: RELATED_IMAGE_EE_29
value: registry.redhat.io/ansible-automation-platform-21/ee-29-rhel8@sha256:bf63f1fb4be831a794ba7c89972ff47bb10e496a480461787901918077a1f23f
- name: RELATED_IMAGE_EE_MINIMAL
value: registry.redhat.io/ansible-automation-platform-21/ee-minimal-rhel8@sha256:7cd16ac4b22b218a9bd586884fa14f36ce61764ecad9a3c881927fe14578c5e7
- name: OPERATOR_CONDITION_NAME
value: aap-operator.v2.1.2-0.1650395354
image: registry.redhat.io/ansible-automation-platform-21/controller-rhel8-operator@sha256:6843ed689e5c55bf77cff135fb429cd0e27ca31b937030288cbb66c9d8558d79
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 6789
scheme: HTTP
initialDelaySeconds: 15
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 1
name: automation-controller-manager
readinessProbe:
failureThreshold: 3
httpGet:
path: /readyz
port: 6789
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources: {}
securityContext:
allowPrivilegeEscalation: false
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: true
serviceAccount: automation-controller-operator-controller-manager
serviceAccountName: automation-controller-operator-controller-manager
terminationGracePeriodSeconds: 10
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2022-05-02T17:22:48Z"
lastUpdateTime: "2022-05-02T17:22:48Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2022-05-02T17:22:18Z"
lastUpdateTime: "2022-05-02T17:22:48Z"
message: ReplicaSet "automation-controller-operator-controller-manager-5d995fb76d"
has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 2
readyReplicas: 1
replicas: 1
updatedReplicas: 1
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
creationTimestamp: "2022-05-02T17:22:18Z"
generation: 2
labels:
olm.deployment-spec-hash: 6b69845c8d
olm.owner: aap-operator.v2.1.2-0.1650395354
olm.owner.kind: ClusterServiceVersion
olm.owner.namespace: ansible-automation-platform
operators.coreos.com/ansible-automation-platform-operator.ansible-automation-platfor: ""
name: automation-hub-operator-controller-manager
namespace: ansible-automation-platform
ownerReferences:
- apiVersion: operators.coreos.com/v1alpha1
blockOwnerDeletion: false
controller: false
kind: ClusterServiceVersion
name: aap-operator.v2.1.2-0.1650395354
uid: 86448b14-de7c-4655-b041-9912a151f78c
resourceVersion: "98505"
uid: b988a7e4-a7ca-456a-a678-28ba03e505cd
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 1
selector:
matchLabels:
control-plane: controller-manager
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
alm-examples: ""
capabilities: Full Lifecycle
categories: Integration & Delivery
description: The Ansible Automation Platform Resource Operator manages everything
Automation
olm.operatorGroup: ansible-automation-platform-operator
olm.operatorNamespace: ansible-automation-platform
olm.targetNamespaces: ansible-automation-platform
operatorframework.io/properties: '{"properties":[{"type":"olm.gvk","value":{"group":"automationcontroller.ansible.com","kind":"AutomationController","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationcontroller.ansible.com","kind":"AutomationControllerBackup","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationcontroller.ansible.com","kind":"AutomationControllerRestore","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationhub.ansible.com","kind":"AutomationHub","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationhub.ansible.com","kind":"AutomationHubBackup","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationhub.ansible.com","kind":"AutomationHubRestore","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"tower.ansible.com","kind":"AnsibleJob","version":"v1alpha1"}},{"type":"olm.gvk","value":{"group":"tower.ansible.com","kind":"JobTemplate","version":"v1alpha1"}},{"type":"olm.package","value":{"packageName":"ansible-automation-platform-operator","version":"2.1.2+0.1650395354"}}]}'
operatorframework.io/suggested-namespace: ansible-automation-platform
operators.openshift.io/infrastructure-features: '["disconnected"]'
operators.openshift.io/valid-subscription: '["Red Hat Ansible Automation
Platform"]'
operators.operatorframework.io/builder: operator-sdk-v1.11.0+git
operators.operatorframework.io/project_layout: ansible
support: Red Hat
creationTimestamp: null
labels:
app.kubernetes.io/component: operator
app.kubernetes.io/name: automation-hub-operator
control-plane: controller-manager
spec:
containers:
- args:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8080/
- --logtostderr=true
- --v=10
env:
- name: OPERATOR_CONDITION_NAME
value: aap-operator.v2.1.2-0.1650395354
image: registry.redhat.io/openshift4/ose-kube-rbac-proxy@sha256:12f0c23da8a11e77c4aa58bd38143ab34858405c66936296aaebf21b4e61fd92
imagePullPolicy: IfNotPresent
name: kube-rbac-proxy
ports:
- containerPort: 8443
name: https
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
- args:
- --health-probe-bind-address=:6789
- --metrics-bind-address=127.0.0.1:8080
- --leader-elect
- --leader-election-id=automation-hub-operator
env:
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.annotations['olm.targetNamespaces']
- name: ANSIBLE_GATHERING
value: explicit
- name: ANSIBLE_DEBUG_LOGS
value: "false"
- name: RELATED_IMAGE_HUB_APP
value: registry.redhat.io/ansible-automation-platform-21/hub-rhel8@sha256:ec0cb1ad1164621721bfd61f1b284b6e541660b104b60d6af03437764971e16e
- name: RELATED_IMAGE_HUB_APP_WEB
value: registry.redhat.io/ansible-automation-platform-21/hub-web-rhel8@sha256:3580a7295bf8b6441c58288451d15ca28c491c47bbda2f88f05729110a52f8c6
- name: RELATED_IMAGE_HUB_REDIS
value: registry.redhat.io/rhel8/redis-5@sha256:a4b62680bf5f8644e39fd25ca8e333b7d6d1e98c902b695a4c98984675ff195c
- name: RELATED_IMAGE_HUB_POSTGRES
value: registry.redhat.io/rhel8/postgresql-12@sha256:be7212e938d1ef314a75aca070c28b6433cd0346704d0d3523c8ef403ff0c69e
- name: OPERATOR_CONDITION_NAME
value: aap-operator.v2.1.2-0.1650395354
image: registry.redhat.io/ansible-automation-platform-21/hub-rhel8-operator@sha256:f76ba13f0f5aed424b1b3aa67b9bbd2c0c918c69165143c6a16b193042c7f8d9
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /readyz
port: 6789
scheme: HTTP
initialDelaySeconds: 15
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 1
name: automation-hub-manager
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 6789
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
limits:
cpu: 1200m
memory: 2Gi
requests:
cpu: 1m
memory: 6Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: automation-hub-operator-controller-manager
serviceAccountName: automation-hub-operator-controller-manager
terminationGracePeriodSeconds: 10
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2022-05-02T17:22:48Z"
lastUpdateTime: "2022-05-02T17:22:48Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2022-05-02T17:22:18Z"
lastUpdateTime: "2022-05-02T17:22:48Z"
message: ReplicaSet "automation-hub-operator-controller-manager-547b64f94d"
has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 2
readyReplicas: 1
replicas: 1
updatedReplicas: 1
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
creationTimestamp: "2022-05-02T17:22:18Z"
generation: 2
labels:
olm.deployment-spec-hash: 76754dc757
olm.owner: aap-operator.v2.1.2-0.1650395354
olm.owner.kind: ClusterServiceVersion
olm.owner.namespace: ansible-automation-platform
operators.coreos.com/ansible-automation-platform-operator.ansible-automation-platfor: ""
name: resource-operator-controller-manager
namespace: ansible-automation-platform
ownerReferences:
- apiVersion: operators.coreos.com/v1alpha1
blockOwnerDeletion: false
controller: false
kind: ClusterServiceVersion
name: aap-operator.v2.1.2-0.1650395354
uid: 86448b14-de7c-4655-b041-9912a151f78c
resourceVersion: "98497"
uid: fc928727-51ad-4bc1-b235-370d3ce816cb
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 1
selector:
matchLabels:
control-plane: controller-manager
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
alm-examples: ""
capabilities: Full Lifecycle
categories: Integration & Delivery
description: The Ansible Automation Platform Resource Operator manages everything
Automation
olm.operatorGroup: ansible-automation-platform-operator
olm.operatorNamespace: ansible-automation-platform
olm.targetNamespaces: ansible-automation-platform
operatorframework.io/properties: '{"properties":[{"type":"olm.gvk","value":{"group":"automationcontroller.ansible.com","kind":"AutomationController","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationcontroller.ansible.com","kind":"AutomationControllerBackup","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationcontroller.ansible.com","kind":"AutomationControllerRestore","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationhub.ansible.com","kind":"AutomationHub","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationhub.ansible.com","kind":"AutomationHubBackup","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"automationhub.ansible.com","kind":"AutomationHubRestore","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"tower.ansible.com","kind":"AnsibleJob","version":"v1alpha1"}},{"type":"olm.gvk","value":{"group":"tower.ansible.com","kind":"JobTemplate","version":"v1alpha1"}},{"type":"olm.package","value":{"packageName":"ansible-automation-platform-operator","version":"2.1.2+0.1650395354"}}]}'
operatorframework.io/suggested-namespace: ansible-automation-platform
operators.openshift.io/infrastructure-features: '["disconnected"]'
operators.openshift.io/valid-subscription: '["Red Hat Ansible Automation
Platform"]'
operators.operatorframework.io/builder: operator-sdk-v1.11.0+git
operators.operatorframework.io/project_layout: ansible
support: Red Hat
creationTimestamp: null
labels:
control-plane: controller-manager
spec:
containers:
- args:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8080/
- --logtostderr=true
- --v=10
env:
- name: OPERATOR_CONDITION_NAME
value: aap-operator.v2.1.2-0.1650395354
image: registry.redhat.io/openshift4/ose-kube-rbac-proxy@sha256:12f0c23da8a11e77c4aa58bd38143ab34858405c66936296aaebf21b4e61fd92
imagePullPolicy: IfNotPresent
name: kube-rbac-proxy
ports:
- containerPort: 8443
name: https
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
- args:
- --health-probe-bind-address=:6789
- --metrics-bind-address=127.0.0.1:8080
- --leader-elect
- --leader-election-id=platform-resource-operator
env:
- name: ANSIBLE_GATHERING
value: explicit
- name: ANSIBLE_DEBUG_LOGS
value: "false"
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.annotations['olm.targetNamespaces']
- name: RELATED_IMAGE_ANSIBLE_JOB_RUNNER_IMAGE
value: registry.redhat.io/ansible-automation-platform-21/platform-resource-runner-rhel8@sha256:76294630a853a5628e70b6ed5deaf0288735b0fa78c0a09db8525201da273528
- name: OPERATOR_CONDITION_NAME
value: aap-operator.v2.1.2-0.1650395354
image: registry.redhat.io/ansible-automation-platform-21/platform-resource-rhel8-operator@sha256:2dc9a60ded130c8b5e27ff3d62dd862d2601e6c27e20f5102af8e365de91c493
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 6789
scheme: HTTP
initialDelaySeconds: 15
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 1
name: platform-resource-manager
readinessProbe:
failureThreshold: 3
httpGet:
path: /readyz
port: 6789
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources: {}
securityContext:
allowPrivilegeEscalation: false
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: true
serviceAccount: resource-operator-controller-manager
serviceAccountName: resource-operator-controller-manager
terminationGracePeriodSeconds: 10
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2022-05-02T17:22:48Z"
lastUpdateTime: "2022-05-02T17:22:48Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2022-05-02T17:22:18Z"
lastUpdateTime: "2022-05-02T17:22:48Z"
message: ReplicaSet "resource-operator-controller-manager-65fd9b4cdf" has successfully
progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 2
readyReplicas: 1
replicas: 1
updatedReplicas: 1
kind: List
metadata:
resourceVersion: ""
selfLink: ""
4.3. yq
yq is a command-line YAML processor
People familiar with jq, the JSON equivalent,
would find yq very similar
4.4. Simple yq query
Get the names of the objects that have an instance (deployment -> pod -> image)
yq '.items |
map(
select(.metadata.labels."app.kubernetes.io/name")) |
group_by(.metadata.labels."app.kubernetes.io/part-of") as $common |
$common| map({"key":.[0].metadata.labels."app.kubernetes.io/part-of",
"value": map(
{"key":.metadata.labels."app.kubernetes.io/name",
"value":.spec.template.spec.containers|map(.name)})
| from_entries}) | from_entries' deployment.yaml
aap-21:
aap-21:
- redis
- aap-21-web
- aap-21-task
- aap-21-ee
automationhub:
automationhub-api:
- api
automationhub-content:
- content
redis:
- redis
automationhub-resource-manager:
- resource-manager
nginx:
- web
automationhub-worker:
- worker
4.5. Mapping volumes, containers
yq '.items |
map(select(.metadata.labels."app.kubernetes.io/name")) |
group_by(.metadata.labels."app.kubernetes.io/part-of") as $common |
$common| map({"key":.[0].metadata.labels."app.kubernetes.io/part-of",
"value": map(
{"key":.metadata.labels."app.kubernetes.io/name",
"value": .spec.template.spec as $pod|
$pod.volumes|map(select(has("configMap")).name) as $cm |
$pod.volumes|map(select(has("secret")).name) as $sec |
$pod.volumes|map(select(has("persistentVolumeClaim")).name) as $pvc |
$cm + $sec + $pvc as $vol |
$pod | map(
{"key": "volume_configMap", "value": $cm },
{"key": "volume_secret", "value": $sec}
{"key": "volume_pvc", "value": $pvc},
{"key": "container", "value": $pod.containers|map(
{"key": .name, "value": [
{"key": "image","value": .image|sub("\@[\w\d\:]+","")},
.volumeMounts|map(.name) as $mnt |
{"key": "volMnt", "value": $vol - ($mnt - $vol)}
]| from_entries }) | from_entries},)| from_entries}) | from_entries }) | from_entries' deployment.yaml
aap-21:
aap-21:
volume_configMap:
- aap-21-settings
- aap-21-nginx-conf
- aap-21-redis-config
- aap-21-receptor-config
volume_secret:
- aap-21-application-credentials
- aap-21-secret-key
volume_pvc: []
container:
redis:
image: registry.redhat.io/rhel8/redis-5
volMnt:
- aap-21-settings
- aap-21-nginx-conf
- aap-21-redis-config
- aap-21-receptor-config
- aap-21-application-credentials
- aap-21-secret-key
aap-21-web:
image: registry.redhat.io/ansible-automation-platform-21/controller-rhel8
volMnt:
- aap-21-settings
- aap-21-nginx-conf
- aap-21-redis-config
- aap-21-receptor-config
- aap-21-application-credentials
- aap-21-secret-key
aap-21-task:
image: registry.redhat.io/ansible-automation-platform-21/controller-rhel8
volMnt:
- aap-21-settings
- aap-21-nginx-conf
- aap-21-redis-config
- aap-21-receptor-config
- aap-21-application-credentials
- aap-21-secret-key
aap-21-ee:
image: registry.redhat.io/ansible-automation-platform-21/ee-supported-rhel8
volMnt:
- aap-21-settings
- aap-21-nginx-conf
- aap-21-redis-config
- aap-21-receptor-config
- aap-21-application-credentials
- aap-21-secret-key
automationhub:
automationhub-api:
volume_configMap: []
volume_secret:
- aap-21-hub-server
- aap-21-hub-admin-password
- aap-21-hub-db-fields-encryption
volume_pvc:
- file-storage
container:
api:
image: registry.redhat.io/ansible-automation-platform-21/hub-rhel8
volMnt:
- aap-21-hub-server
- aap-21-hub-admin-password
- aap-21-hub-db-fields-encryption
- file-storage
automationhub-content:
volume_configMap: []
volume_secret:
- aap-21-hub-server
- aap-21-hub-db-fields-encryption
volume_pvc:
- file-storage
container:
content:
image: registry.redhat.io/ansible-automation-platform-21/hub-rhel8
volMnt:
- aap-21-hub-server
- aap-21-hub-db-fields-encryption
- file-storage
redis:
volume_configMap: []
volume_secret: []
volume_pvc:
- aap-21-hub-redis-data
container:
redis:
image: registry.redhat.io/rhel8/redis-5
volMnt:
- aap-21-hub-redis-data
automationhub-resource-manager:
volume_configMap: []
volume_secret:
- aap-21-hub-server
- aap-21-hub-db-fields-encryption
volume_pvc:
- file-storage
container:
resource-manager:
image: registry.redhat.io/ansible-automation-platform-21/hub-rhel8
volMnt:
- aap-21-hub-server
- aap-21-hub-db-fields-encryption
- file-storage
nginx:
volume_configMap:
- aap-21-hub-nginx-conf
volume_secret: []
volume_pvc: []
container:
web:
image: registry.redhat.io/ansible-automation-platform-21/hub-web-rhel8
volMnt:
- aap-21-hub-nginx-conf
automationhub-worker:
volume_configMap: []
volume_secret:
- aap-21-hub-server
- aap-21-hub-db-fields-encryption
volume_pvc:
- file-storage
container:
worker:
image: registry.redhat.io/ansible-automation-platform-21/hub-rhel8
volMnt:
- aap-21-hub-server
- aap-21-hub-db-fields-encryption
- file-storage