From 766626f0b8d233bfa49b21f4dc6d7c16e5edc701 Mon Sep 17 00:00:00 2001 From: Leonid Natapov Date: Mon, 23 Mar 2026 18:27:32 +0200 Subject: [PATCH] Adding Loki deployment role --- roles/deploy_loki/defaults/main.yml | 57 ++++++++ roles/deploy_loki/meta/main.yml | 27 ++++ roles/deploy_loki/tasks/main.yml | 66 +++++++++ .../templates/deploy_loki_for_ck.yaml.j2 | 137 ++++++++++++++++++ zuul.d/molecule.yaml | 9 ++ zuul.d/projects.yaml | 1 + 6 files changed, 297 insertions(+) create mode 100644 roles/deploy_loki/defaults/main.yml create mode 100644 roles/deploy_loki/meta/main.yml create mode 100644 roles/deploy_loki/tasks/main.yml create mode 100644 roles/deploy_loki/templates/deploy_loki_for_ck.yaml.j2 diff --git a/roles/deploy_loki/defaults/main.yml b/roles/deploy_loki/defaults/main.yml new file mode 100644 index 0000000000..25e6154f03 --- /dev/null +++ b/roles/deploy_loki/defaults/main.yml @@ -0,0 +1,57 @@ +--- +# Copyright Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for specific language governing permissions and limitations +# under the License. + +# All variables intended for modification should be placed in this file. +# All variables within this role should have a prefix of "cifmw_deploy_loki" + +cifmw_deploy_loki: true +cifmw_deploy_loki_wait_for_csv: true +cifmw_deploy_loki_base_dir: >- + {{ + cifmw_basedir | default(ansible_user_dir ~ '/ci-framework-data') + }} +cifmw_deploy_loki_manifest_dest: >- + {{ + [ + cifmw_deploy_loki_base_dir, + 'artifacts', + 'manifests', + 'deploy_loki_for_ck.yaml' + ] | path_join + }} + +cifmw_deploy_loki_operator_namespace: openshift-operators-redhat +cifmw_deploy_loki_subscription_channel: stable-6.4 +cifmw_deploy_loki_subscription_name: loki-operator +cifmw_deploy_loki_catalog_source: redhat-operators +cifmw_deploy_loki_catalog_namespace: openshift-marketplace + +cifmw_deploy_loki_minio_namespace: minio-dev +cifmw_deploy_loki_minio_image: quay.io/minio/minio:latest +cifmw_deploy_loki_minio_pvc_storage: 10Gi +cifmw_deploy_loki_minio_storage_class: lvms-local-storage +# If empty, OpenShift assigns hosts for the routes. +cifmw_deploy_loki_minio_route_console_host: "" +cifmw_deploy_loki_minio_route_api_host: "" + +cifmw_deploy_loki_openstack_namespace: openstack +cifmw_deploy_loki_s3_secret_name: cloudkitty-loki-s3 +cifmw_deploy_loki_s3_bucket: loki +cifmw_deploy_loki_minio_access_key: minio +cifmw_deploy_loki_minio_secret_key: minio123 + +cifmw_deploy_loki_csv_wait_retries: 30 +cifmw_deploy_loki_csv_wait_delay: 10 diff --git a/roles/deploy_loki/meta/main.yml b/roles/deploy_loki/meta/main.yml new file mode 100644 index 0000000000..c8f2773d87 --- /dev/null +++ b/roles/deploy_loki/meta/main.yml @@ -0,0 +1,27 @@ +--- +# Copyright Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for specific language governing permissions and limitations +# under the License. + +galaxy_info: + author: CI Framework + description: CI Framework Role -- deploy Loki operator and MinIO for CloudKitty + company: Red Hat + license: Apache-2.0 + min_ansible_version: "2.14" + namespace: cifmw + galaxy_tags: + - cifmw + +dependencies: [] diff --git a/roles/deploy_loki/tasks/main.yml b/roles/deploy_loki/tasks/main.yml new file mode 100644 index 0000000000..cb23da59c7 --- /dev/null +++ b/roles/deploy_loki/tasks/main.yml @@ -0,0 +1,66 @@ +--- +# Copyright Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for specific language governing permissions and limitations +# under the License. + +- name: Ensure manifest output directory exists + ansible.builtin.file: + path: "{{ cifmw_deploy_loki_manifest_dest | dirname }}" + state: directory + mode: "0755" + +- name: Render Loki / MinIO manifests for CloudKitty + ansible.builtin.template: + src: deploy_loki_for_ck.yaml.j2 + dest: "{{ cifmw_deploy_loki_manifest_dest }}" + mode: "0644" + +- name: Apply Loki operator and MinIO manifests + when: cifmw_deploy_loki | bool + environment: + KUBECONFIG: >- + {{ + cifmw_openshift_kubeconfig | + default(ansible_env.HOME + '/.kube/config') + }} + PATH: "{{ cifmw_path | default(ansible_env.PATH) }}" + ansible.builtin.command: + cmd: "oc apply -f {{ cifmw_deploy_loki_manifest_dest }}" + register: cifmw_deploy_loki_apply_result + changed_when: >- + ('stdout' in cifmw_deploy_loki_apply_result) and + ('unchanged' not in cifmw_deploy_loki_apply_result.stdout) + +- name: Wait until Loki operator CSV reports Succeeded + when: + - cifmw_deploy_loki | bool + - cifmw_deploy_loki_wait_for_csv | bool + environment: + KUBECONFIG: >- + {{ + cifmw_openshift_kubeconfig | + default(ansible_env.HOME + '/.kube/config') + }} + PATH: "{{ cifmw_path | default(ansible_env.PATH) }}" + ansible.builtin.shell: + cmd: >- + oc get csv -n {{ cifmw_deploy_loki_operator_namespace }} + --no-headers=true | grep {{ cifmw_deploy_loki_subscription_name }} + register: cifmw_deploy_loki_csv_out + ignore_errors: true + until: >- + (cifmw_deploy_loki_csv_out.stdout_lines | length == 1) and + ('Succeeded' in cifmw_deploy_loki_csv_out.stdout) + retries: "{{ cifmw_deploy_loki_csv_wait_retries }}" + delay: "{{ cifmw_deploy_loki_csv_wait_delay }}" diff --git a/roles/deploy_loki/templates/deploy_loki_for_ck.yaml.j2 b/roles/deploy_loki/templates/deploy_loki_for_ck.yaml.j2 new file mode 100644 index 0000000000..9f2f7f0532 --- /dev/null +++ b/roles/deploy_loki/templates/deploy_loki_for_ck.yaml.j2 @@ -0,0 +1,137 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: {{ cifmw_deploy_loki_operator_namespace }} + labels: + name: {{ cifmw_deploy_loki_operator_namespace }} +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: {{ cifmw_deploy_loki_subscription_name }} + namespace: {{ cifmw_deploy_loki_operator_namespace }} +spec: + upgradeStrategy: Default +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: {{ cifmw_deploy_loki_subscription_name }} + namespace: {{ cifmw_deploy_loki_operator_namespace }} +spec: + channel: {{ cifmw_deploy_loki_subscription_channel }} + name: {{ cifmw_deploy_loki_subscription_name }} + source: {{ cifmw_deploy_loki_catalog_source }} + sourceNamespace: {{ cifmw_deploy_loki_catalog_namespace }} +--- +apiVersion: v1 +kind: Namespace +metadata: + name: {{ cifmw_deploy_loki_minio_namespace }} + labels: + name: {{ cifmw_deploy_loki_minio_namespace }} +--- +apiVersion: v1 +kind: Pod +metadata: + labels: + app: minio + name: minio + namespace: {{ cifmw_deploy_loki_minio_namespace }} +spec: + containers: + - name: minio + image: {{ cifmw_deploy_loki_minio_image }} + command: + - /bin/bash + - -c + - | + mkdir -p /data/loki && \ + minio server /data + env: + - name: MINIO_ACCESS_KEY + value: "{{ cifmw_deploy_loki_minio_access_key }}" + - name: MINIO_SECRET_KEY + value: "{{ cifmw_deploy_loki_minio_secret_key }}" + volumeMounts: + - mountPath: /data + name: storage + volumes: + - name: storage + persistentVolumeClaim: + claimName: minio-pvc +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: minio-pvc + namespace: {{ cifmw_deploy_loki_minio_namespace }} +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ cifmw_deploy_loki_minio_pvc_storage }} + storageClassName: {{ cifmw_deploy_loki_minio_storage_class }} +--- +apiVersion: v1 +kind: Service +metadata: + name: minio + namespace: {{ cifmw_deploy_loki_minio_namespace }} +spec: + selector: + app: minio + ports: + - name: api + protocol: TCP + port: 9000 + - name: console + protocol: TCP + port: 9090 +--- +kind: Route +apiVersion: route.openshift.io/v1 +metadata: + name: minio-console + namespace: {{ cifmw_deploy_loki_minio_namespace }} +spec: +{% if cifmw_deploy_loki_minio_route_console_host | length > 0 %} + host: {{ cifmw_deploy_loki_minio_route_console_host }} +{% endif %} + to: + kind: Service + name: minio + weight: 100 + port: + targetPort: console + wildcardPolicy: None +--- +kind: Route +apiVersion: route.openshift.io/v1 +metadata: + name: minio-api + namespace: {{ cifmw_deploy_loki_minio_namespace }} +spec: +{% if cifmw_deploy_loki_minio_route_api_host | length > 0 %} + host: {{ cifmw_deploy_loki_minio_route_api_host }} +{% endif %} + to: + kind: Service + name: minio + weight: 100 + port: + targetPort: api + wildcardPolicy: None +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ cifmw_deploy_loki_s3_secret_name }} + namespace: {{ cifmw_deploy_loki_openstack_namespace }} +stringData: + access_key_id: "{{ cifmw_deploy_loki_minio_access_key }}" + access_key_secret: "{{ cifmw_deploy_loki_minio_secret_key }}" + bucketnames: "{{ cifmw_deploy_loki_s3_bucket }}" + endpoint: "http://minio.{{ cifmw_deploy_loki_minio_namespace }}.svc.cluster.local:9000" diff --git a/zuul.d/molecule.yaml b/zuul.d/molecule.yaml index 31db44ea9f..b0703ea8c1 100644 --- a/zuul.d/molecule.yaml +++ b/zuul.d/molecule.yaml @@ -927,6 +927,15 @@ - ^.config/molecule/.* name: cifmw-molecule-cleanup_openstack parent: cifmw-molecule-noop +- job: + files: + - ^common-requirements.txt + - ^test-requirements.txt + - ^roles/deploy_loki/.* + - ^ci/playbooks/molecule.* + - ^.config/molecule/.* + name: cifmw-molecule-deploy_loki + parent: cifmw-molecule-noop - job: files: - ^common-requirements.txt diff --git a/zuul.d/projects.yaml b/zuul.d/projects.yaml index b51fad17f0..b57dd2ef6d 100644 --- a/zuul.d/projects.yaml +++ b/zuul.d/projects.yaml @@ -42,6 +42,7 @@ - cifmw-molecule-config_drive - cifmw-molecule-copy_container - cifmw-molecule-deploy_bmh + - cifmw-molecule-deploy_loki - cifmw-molecule-devscripts - cifmw-molecule-discover_latest_image - cifmw-molecule-dlrn_promote