Skip to main content

oc and Ansible k8s

oc

RedHat provide several CLIs to interact with OpenShift. With OpenShift 4.4 these include

  • oc - An operations-focussed tool for managing OpenShift clusters.
  • odo - OpenShift Do, a developer-focussed tool for developing applications with OpenShift, intentionally abstracting away the complexities of OpenShift and Kubernetes.
  • tkn - Tekton CLI for interacting with Tekton, the Kubernetes-native build tool behind OpenShift Pipelines.
  • kn - Knative CLI for interacting with OpenShift Serverless.

Ansible k8s

Ansible supports working with Kubernetes via the k8s modules. These were included with Ansible up to v2.9 but when v2.10 is released this will need to be installed using the community kubernetes collection. Either way, this provides a potentially idempotent way to manage resources in Kubernetes. I say potentially because it's still possible to unintentionally use these modules in a non-idempotent manner, more on that later.

Ansible 2.7 through to 2.9 has seen additions to the k8s family of modules including k8s_auth, k8s_service and k8s_info, as well as enhancements like the addition of wait, wait_timeout and wait_condition to the k8s module. This Ansible blog post provides some more details.

Convert oc CLI commands to Ansible k8s

It may not be immediately apparent what K8s resources need to be created to provide parity with oc commands. Here is a rough guide to what you'll need to create with k8s in order to replicate oc commands. Note as always that when writing or updating automation, simply automating exactly what came before is not always optimal especially if the process being automated was manual.

oc new-app - DeploymentConfig, ReplicationController, ImageStream, BuildConfig, Service

oc expose - Route

oc secrets link - ServiceAccount update to add linked secret

oc import-image - ImageStream

oc new_build - BuildConfig