• Stars
    star
    109
  • Rank 319,077 (Top 7 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created almost 5 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

An operator to manage VIPs backed by keepalived

Keepalived operator

build status Go Report Card GitHub go.mod Go version

The objective of the keepalived operator is to allow for a way to create self-hosted load balancers in an automated way. From a user experience point of view the behavior is the same as of when creating LoadBalancer services with a cloud provider able to manage them.

The keepalived operator can be used in all environments that allows nodes to advertise additional IPs on their NICs (and at least for now, in networks that allow multicast), however it's mainly aimed at supporting LoadBalancer services and ExternalIPs on bare metal installations (or other installation environments where a cloud provider is not available).

One possible use of the keepalived operator is also to support OpenShift Ingresses in environments where an external load balancer cannot be provisioned. See this how-to on how to configure keepalived-operator to support OpenShift ingresses

How it works

The keepalived operator will create one or more VIPs (an HA IP that floats between multiple nodes), based on the LoadBalancer services and/or services requesting ExternalIPs.

For LoadBalancer services the IPs found at .Status.LoadBalancer.Ingress[].IP will become VIPs.

For services requesting a ExternalIPs, the IPs found at .Spec.ExternalIPs[] will become VIPs.

Note that a service can be of LoadBalancer type and also request ExternalIPs, it this case both sets of IPs will become VIPs.

Due to a keepalived limitation a single keepalived cluster can manage up to 256 VIP configurations. Multiple keepalived clusters can coexists in the same network as long as they use different multicast ports [TODO verify this statement].

To address this limitation the KeepalivedGroup CRD has been introduced. This CRD is supposed to be configured by an administrator and allows you to specify a node selector to pick on which nodes the keepalived pods should be deployed. Here is an example:

apiVersion: redhatcop.redhat.io/v1alpha1
kind: KeepalivedGroup
metadata:
  name: keepalivedgroup-router
spec:
  image: registry.redhat.io/openshift4/ose-keepalived-ipfailover
  interface: ens3
  nodeSelector:
    node-role.kubernetes.io/loadbalancer: ""
  blacklistRouterIDs:
  - 1
  - 2  

This KeepalivedGroup will be deployed on all the nodes with role loadbalancer. Keepalived requires knowledge of the network device on which the VIPs will be exposed. If the interface name is the same on all nodes, it can be specified in the interface field. Alternatively, the interfaceFromIP field can be set to an IPv4 address to enable interface autodiscovery. In this scenario, the interface field will be ignored and each node in the KeepalivedGroup will expose the VIPs on the interface that would be used to reach the provided IP.

Services must be annotated to opt-in to being observed by the keepalived operator and to specify which KeepalivedGroup they refer to. The annotation looks like this:

keepalived-operator.redhat-cop.io/keepalivedgroup: <keepalivedgroup namespace>/<keepalivedgroup-name>

The image used for the keepalived containers can be specified with .Spec.Image it will default to registry.redhat.io/openshift4/ose-keepalived-ipfailover if undefined.

Requirements

Security Context Constraints

Each KeepalivedGroup deploys a daemonset that requires the privileged scc, this permission must be given to the default service account in the namespace where the keepalived group is created by and administrator.

oc adm policy add-scc-to-user privileged -z default-n <keepalivedgroup namespace>

Cluster Network Operator

In Openshift, use of an external IP address is governed by the following fields in the Network.config.openshift.io CR named cluster

  • spec.externalIP.autoAssignCIDRs defines an IP address block used by the load balancer when choosing an external IP address for the service. OpenShift supports only a single IP address block for automatic assignment.

  • spec.externalIP.policy defines the permissible IP address blocks when manually specifying an IP address. OpenShift does not apply policy rules to IP address blocks defined by spec.externalIP.autoAssignCIDRs

The following patch can be used to configure the Cluster Network Operator:

spec:
  externalIP:
    policy:
      allowedCIDRs:
      - ${ALLOWED_CIDR}
    autoAssignCIDRs:
      - "${AUTOASSIGNED_CIDR}"

Here is an example of how to apply the patch:

export ALLOWED_CIDR="192.168.131.128/26"
export AUTOASSIGNED_CIDR="192.168.131.192/26"
oc patch network cluster -p "$(envsubst < ./network-patch.yaml | yq r -j -)" --type=merge

Additionally, the fields can be edited manually via oc edit Network.config.openshift.io cluster

Blacklisting router IDs

If the Keepalived pods are deployed on nodes which are in the same network (same broadcast domain to be precise) with other keepalived the process, it's necessary to ensure that there is no collision between the used routers it. For this purpose it is possible to provide a blacklistRouterIDs field with a list of black-listed IDs that will not be used.

Spreading VIPs across nodes to maximize load balancing

If a service contains multiple externalIPs or LoadBalancer IPs, it is possible to instruct keepalived-operator to maximize the spread of such VIPs across the nodes in the KeepalivedGroup by specifying the keepalived-operator.redhat-cop.io/spreadvips: "true" annotation on the service. This option ensures that different VIPs for the same service are always owned by different nodes (or, if the number of nodes in the group is less than the number of VIPs, that the VIPs are assigned maximizing the spread), to avoid creating a traffic bottleneck. However, in order to achieve this, keepalived-operator will create a separate VRRP instance per VIP of that service, which could exhaust the 256 available instances faster.

OpenShift RHV, vSphere, OSP and bare metal IPI instructions

When IPI is used for RHV, vSphere, OSP or bare metal platforms, three keepalived VIPs are deployed. To make sure that keepalived-operator can work in these environment we need to discover and blacklist the corresponding VRRP router IDs.

To discover the VRRP router IDs being used, run the following command, you can run this command from you laptop:

podman run quay.io/openshift/origin-baremetal-runtimecfg:4.5 vr-ids <cluster_name>

If you don't know your cluster name, run this command:

podman run quay.io/openshift/origin-baremetal-runtimecfg:4.5 vr-ids $(oc get cm cluster-config-v1 -n kube-system -o jsonpath='{.data.install-config}'| yq -r .metadata.name)

Then use these instructions to blacklist those VRRP router IDs.

Verbatim Configurations

Keepalived has dozens of configurations. At the early stage of this project it's difficult to tell which one should be modeled in the API. Yet, users of this project may still need to use them. To account for that there is a way to pass verbatim options both at the keepalived group level (which maps to the keepalived config global_defs section) and at the service level (which maps to the keepalived config vrrp_instance section).

KeepalivedGroup-level verbatim configurations can be passed as in the following example:

apiVersion: redhatcop.redhat.io/v1alpha1
kind: KeepalivedGroup
metadata:
  name: keepalivedgroup-router
spec:
  interface: ens3
  nodeSelector:
    node-role.kubernetes.io/loadbalancer: ""
  verbatimConfig:  
    vrrp_iptables: my-keepalived

this will map to the following global_defs:

    global_defs {
        router_id keepalivedgroup-router
        vrrp_iptables my-keepalived
    }

Service-level verbatim configurations can be passed as in the following example:

apiVersion: v1
kind: Service
metadata:
  annotations:
    keepalived-operator.redhat-cop.io/keepalivedgroup: keepalived-operator/keepalivedgroup-router
    keepalived-operator.redhat-cop.io/verbatimconfig: '{ "track_src_ip": "" }'

this will map to the following vrrp_instance section

    vrrp_instance openshift-ingress/router-default {
        interface ens3
        virtual_router_id 1  
        virtual_ipaddress {
          192.168.131.129
        }
        track_src_ip
    }

Advanced Users Only: Override Keepalived Configuration Template

NOTE: This config customization feature can only be used via Helm.

Each of the Keepalived daemon pods gets received it's configuration from a ConfigMap that gets generated by the Keepalived Operator from a configuration file template. If you need to customize the configuration for your Keepalived daemon pods, you'll want to use the following steps.

Create a ConfigMap with the full contents of this configuration template file: https://github.com/redhat-cop/keepalived-operator/blob/master/config/templates/keepalived-template.yaml

apiVersion: v1
kind: ConfigMap
metadata:
name: keepalived-template
namespace: {{ .KeepalivedGroup.ObjectMeta.Namespace }}
labels:
  keepalivedGroup: {{ .KeepalivedGroup.ObjectMeta.Name }}    
data: 
keepalived.conf: |
    ...
    # expected merge structure
    # .KeepAlivedGroup
    # .Services
    - apiVersion: apps/v1
      kind: DaemonSet
      metadata:
        name: {{ .KeepalivedGroup.ObjectMeta.Name }}
        namespace: {{ .KeepalivedGroup.ObjectMeta.Namespace }}
      spec:
    ...

Then in the Helm Chart set keepalivedTemplateFromConfigMap: keepalived-template

This will override the /templates/keepalived-template.yaml config file in the keepalived-operator pod which will allow you to update the configs without having to rebuild/push the operator docker image.

Metrics collection

Each keepalived pod exposes a Prometheus metrics port at 9650. Metrics are collected with keepalived_exporter, the available metrics are described in the project documentation.

When a keepalived group is created a PodMonitor rule to collect those metrics. All PodMonitor resources created that way have the label: metrics: keepalived. It is up to you to make sure your Prometheus instance watches for those PodMonitor rules. Here is an example of a fragment of a Prometheus CR configured to collect the keepalived pod metrics:

  podMonitorSelector:
    matchLabels:
      metrics: keepalived

In order to enable the collection of these metrics by the platform prometheus you have to appropriately label the namespace in which the KeepalivedGroup CR was created:

oc label namespace <keepalived-group namespace> openshift.io/cluster-monitoring="true"

Deploying the Operator

This is a cluster-level operator that you can deploy in any namespace, keepalived-operator is recommended.

It is recommended to deploy this operator via OperatorHub, but you can also deploy it using Helm.

Multiarch Support

Arch Support
amd64 βœ…
arm64 βœ…
ppc64le βœ…
s390x ❌

Deploying from OperatorHub

Note: This operator supports being installed disconnected environments

If you want to utilize the Operator Lifecycle Manager (OLM) to install this operator, you can do so in two ways: from the UI or the CLI.

Deploying from OperatorHub UI

  • If you would like to launch this operator from the UI, you'll need to navigate to the OperatorHub tab in the console.Before starting, make sure you've created the namespace that you want to install this operator to with the following:
oc new-project keepalived-operator
  • Once there, you can search for this operator by name: keepalived. This will then return an item for our operator and you can select it to get started. Once you've arrived here, you'll be presented with an option to install, which will begin the process.
  • After clicking the install button, you can then select the namespace that you would like to install this to as well as the installation strategy you would like to proceed with (Automatic or Manual).
  • Once you've made your selection, you can select Subscribe and the installation will begin. After a few moments you can go ahead and check your namespace and you should see the operator running.

Keepalived Operator

Deploying from OperatorHub using CLI

If you'd like to launch this operator from the command line, you can use the manifests contained in this repository by running the following:

oc new-project keepalived-operator
oc apply -f config/operatorhub -n keepalived-operator

This will create the appropriate OperatorGroup and Subscription and will trigger OLM to launch the operator in the specified namespace.

Deploying with Helm

Here are the instructions to install the latest release with Helm.

oc new-project keepalived-operator
helm repo add keepalived-operator https://redhat-cop.github.io/keepalived-operator
helm repo update
helm install keepalived-operator keepalived-operator/keepalived-operator

This can later be updated with the following commands:

helm repo update
helm upgrade keepalived-operator keepalived-operator/keepalived-operator

Metrics

Prometheus compatible metrics are exposed by the Operator and can be integrated into OpenShift's default cluster monitoring. To enable OpenShift cluster monitoring, label the namespace the operator is deployed in with the label openshift.io/cluster-monitoring="true".

oc label namespace <namespace> openshift.io/cluster-monitoring="true"

Testing metrics

export operatorNamespace=keepalived-operator-local # or keepalived-operator
oc label namespace ${operatorNamespace} openshift.io/cluster-monitoring="true"
oc rsh -n openshift-monitoring -c prometheus prometheus-k8s-0 /bin/bash
export operatorNamespace=keepalived-operator-local # or keepalived-operator
curl -v -s -k -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" https://keepalived-operator-controller-manager-metrics.${operatorNamespace}.svc.cluster.local:8443/metrics
exit

Development

Running the operator locally

Note: this operator build process is tested with podman, but some of the build files (Makefile specifically) use docker because they are generated automatically by operator-sdk. It is recommended remap the docker command to the podman command.

export repo=raffaelespazzoli
docker login quay.io/$repo
oc new-project keepalived-operator
oc project keepalived-operator
tilt up

Test helm chart locally

Define an image and tag. For example...

export imageRepository="quay.io/redhat-cop/keepalived-operator"
export imageTag="$(git -c 'versionsort.suffix=-' ls-remote --exit-code --refs --sort='version:refname' --tags https://github.com/redhat-cop/keepalived-operator.git '*.*.*' | tail --lines=1 | cut --delimiter='/' --fields=3)"

Deploy chart...

make helmchart IMG=${imageRepository} VERSION=${imageTag}
helm upgrade -i keepalived-operator-local charts/keepalived-operator -n keepalived-operator-local --create-namespace

Delete...

helm delete keepalived-operator-local -n keepalived-operator-local
kubectl delete -f charts/keepalived-operator/crds/crds.yaml

Building/Pushing the operator image

export repo=raffaelespazzoli #replace with yours
docker login quay.io/$repo/keepalived-operator
make docker-build IMG=quay.io/$repo/keepalived-operator:latest
make docker-push IMG=quay.io/$repo/keepalived-operator:latest

Deploy to OLM via bundle

make manifests
make bundle IMG=quay.io/$repo/keepalived-operator:latest
operator-sdk bundle validate ./bundle --select-optional name=operatorhub
make bundle-build BUNDLE_IMG=quay.io/$repo/keepalived-operator-bundle:latest
docker login quay.io/$repo/keepalived-operator-bundle
docker push quay.io/$repo/keepalived-operator-bundle:latest
operator-sdk bundle validate quay.io/$repo/keepalived-operator-bundle:latest --select-optional name=operatorhub
oc new-project keepalived-operator
oc label namespace keepalived-operator openshift.io/cluster-monitoring="true" --overwrite
operator-sdk cleanup keepalived-operator -n keepalived-operator
operator-sdk run bundle --install-mode AllNamespaces -n keepalived-operator quay.io/$repo/keepalived-operator-bundle:latest

Integration Test

make helmchart-test

Testing

Add an external IP CIDR to your cluster to manage

export CIDR="192.168.130.128/28"
oc patch network cluster -p "$(envsubst < ./test/externalIP-patch.yaml | yq r -j -)" --type=merge

create a project that uses a LoadBalancer Service

oc new-project test-keepalived-operator
oc new-app django-psql-example -n test-keepalived-operator
oc delete route django-psql-example -n test-keepalived-operator
oc patch service django-psql-example -n test-keepalived-operator -p '{"spec":{"type":"LoadBalancer"}}' --type=strategic
export SERVICE_IP=$(oc get svc django-psql-example -n test-keepalived-operator -o jsonpath='{.status.loadBalancer.ingress[0].ip}')

create a keepalivedgroup

oc adm policy add-scc-to-user privileged -z default -n test-keepalived-operator
oc apply -f ./test/keepalivedgroup.yaml -n test-keepalived-operator

annotate the service to be used by keepalived

oc annotate svc django-psql-example -n test-keepalived-operator keepalived-operator.redhat-cop.io/keepalivedgroup=test-keepalived-operator/keepalivedgroup-test

curl the app using the service IP

curl http://$SERVICE_IP:8080

test with a second keepalived group

oc apply -f ./test/test-servicemultiple.yaml -n test-keepalived-operator
oc apply -f ./test/keepalivedgroup2.yaml -n test-keepalived-operator
oc apply -f ./test/test-service-g2.yaml -n test-keepalived-operator

Releasing

git tag -a "<tagname>" -m "<commit message>"
git push upstream <tagname>

If you need to remove a release:

git tag -d <tagname>
git push upstream --delete <tagname>

If you need to "move" a release to the current main

git tag -f <tagname>
git push upstream -f <tagname>

Cleaning up

operator-sdk cleanup keepalived-operator -n keepalived-operator
oc delete operatorgroup operator-sdk-og
oc delete catalogsource keepalived-operator-catalog

More Repositories

1

agnosticd

AgnosticD - Ansible Deployer for multiple Cloud Deployers
Jinja
384
star
2

ocp4-helpernode

This playbook helps set up an "all-in-one" node, that has all the infrastructure/services in order to install OpenShift 4.
Jinja
341
star
3

gitops-catalog

Tools and technologies that are hosted on an OpenShift cluster
Shell
309
star
4

infra.aap_configuration

A collection of roles to manage Ansible Automation Platform with code
YAML
269
star
5

automation-good-practices

Recommended practices for all elements of automation using Ansible, starting with collections and roles, continuing with playbooks, inventories and plug-ins... These good practices are planned to be used by all Red Hat teams interested but can of course be used by others.
Makefile
265
star
6

containers-quickstarts

Images & templates for deploying software to OpenShift
Shell
243
star
7

openshift-toolkit

A collection of code samples to help you get started with OpenShift
Python
223
star
8

infra-ansible

Tooling / Ansible to support the many aspects of infrastructure installation, setup and configuration.
Jinja
203
star
9

openshift-playbooks

Source for the add on documentation site for OpenShift Container Platform.
CSS
181
star
10

namespace-configuration-operator

The namespace-configuration-operator helps keeping configurations related to Users, Groups and Namespaces aligned with one of more policies specified as a CRs
Go
161
star
11

container-pipelines

Let's get the ball rolling on some Container-driven CI & CD
HTML
149
star
12

operator-utils

Utilities to support operators
Go
135
star
13

rego-policies

Rego policies collection
Shell
135
star
14

casl-ansible

Ansible automation for Managing OpenShift Container Platform clusters
Python
125
star
15

openshift-management

Set of maintenance scripts & cron jobs for OpenShift Container Platform
Python
113
star
16

openshift-applier

Used to apply OpenShift objects to an OpenShift Cluster
Python
99
star
17

group-sync-operator

Synchronizes groups from external providers into OpenShift
Go
92
star
18

helm-charts

Helm Charts Repository
Shell
84
star
19

vault-config-operator

An operator to support Haschicorp Vault configuration workflows from within Kubernetes
Go
81
star
20

cert-utils-operator

Set of functionalities around certificates packaged in a Kubernetes operator
Go
81
star
21

aap_utilities

Ansible Collection for automated deployment of AAP and other objects for general use
YAML
80
star
22

openshift-migration-best-practices

Best practices for migrating from OpenShift 3 to 4
Liquid
75
star
23

patch-operator

An operator to apply patches to Kubernetes objects in a declarative way.
Go
68
star
24

automate-tower-ha-dr

Configure High Availability and/or Disaster Recovery on a Tower Cluster
Python
63
star
25

businessautomation-cop

All examples related to business automation processes such as jbpm, drools, dmn, optaplanner, cloud native kogito(quarkus), quickstart, pipelines, runtimes, etc.
Java
60
star
26

k8s-notify

Turn kubernetes events into useful notifications & alerts
Go
58
star
27

openshift-disconnected-operators

Python
58
star
28

podpreset-webhook

Implementation of Kubernetes PodPreset as an Admission Webhook.
Go
57
star
29

aap_configuration_template

Ansible Automation Platform Configuration as Code examples template
YAML
55
star
30

pipeline-library

A repository of Jenkins pipeline files we can reference from elsewhere
Groovy
54
star
31

global-load-balancer-operator

A global load balancer operator for OpenShift
Go
48
star
32

infra.leapp

Collection of Ansible roles for automating RHEL in-place upgrades using Leapp.
YAML
48
star
33

openshift-lab-origin

OpenShift Upstream Lab Repository. Feedback and PRs welcome!
46
star
34

ee_utilities

This ansible collection includes a number of roles and tools which can be useful for managing Ansible Execution Environments.
YAML
44
star
35

uncontained.io

On containers, cloud, and digitial transformation
JavaScript
43
star
36

template2helm

Converts an OpenShift template into a Helm chart
Go
43
star
37

rhel-edge-automation-arch

RHEL for Edge Automation Deployment Architecture
Jinja
43
star
38

openshift-templates

A home for templates that do not live in https://github.com/redhat-cop/containers-quickstarts
Shell
43
star
39

pathfinder

JavaScript
41
star
40

image-scanning-signing-service

Image Signing and Scanning as a Service
Go
36
star
41

babylon

The Babylon Project
TypeScript
35
star
42

infra.osbuild

Ansible Collection for management of ostree composer
Python
33
star
43

egressip-ipam-operator

egressip-ipam-operator
Go
31
star
44

canary

Ansible Migration Factory
Python
31
star
45

jboss_eap

[DEPRECATED] - Ansible role to install JBoss EAP
Jinja
30
star
46

ocp-disconnected-docs

HCL
30
star
47

resource-locker-operator

Go
30
star
48

anarchy

An operator for adding state for arbitrary api interactions
Python
28
star
49

operationalizing-openshift-lab

27
star
50

cert-operator

An OpenShift controller using the Operator SDK for managing TLS certficate lifecycle
Go
26
star
51

openshift-image-signing-scanning

DEPRECATED: Tools to support Image Signing and Scanning with the OpenShift Container Platform
23
star
52

container-native-spring-postgresql

Java
21
star
53

acm-policies

Curated set of policies for Advanced Cluster Management for Kubernetes
Shell
21
star
54

ocp4-vsphere-workshop

Workshop Hands-on - Deploying OpenShift on vSphere
21
star
55

dynamic-rbac-operator

Go
20
star
56

declarative-openshift

Working examples of manifests for openshift for use in a declarative management strategy.
20
star
57

ansible-middleware-playbooks

Ansible playbooks to deploy Red Hat Middleware
19
star
58

proactive-node-scaling-operator

An operator to proactively scales Kubernetes clusters
Go
19
star
59

tower_grafana_dashboards

Playbook for installing node_exporter on rhel8 and dashboards to import into Grafana and monitor Ansible Tower metrics.
18
star
60

volume-expander-operator

Go
16
star
61

automate-tower

Automating Ansible Tower with Ansible (or the like)
15
star
62

jboss_amq

[Deprecated] - Ansible role to install JBoss AMQ
Python
15
star
63

dark-tower

Ansible Tower based PoC Deployer
Shell
14
star
64

cloud.azure_ops

Ansible Roles for managing Azure Resources
Jinja
13
star
65

jboss_fuse

[Deprecated] - The JBoss Repository for Ansible JBoss Fuse role
13
star
66

network.base

This role provides a single platform-agnostics entry point to manage all the resources supported for a given network OS.
13
star
67

spring-rest

Java
13
star
68

openshift-event-controller

A Container-based python controller used to integration OpenShift with other things
Python
13
star
69

edge.microshift

Microshift Management and Automation Collection
Jinja
12
star
70

osia

Tool for reliable automated deployments of OpenShift Container Platform 4.x into OpenStack and AWS.
Python
11
star
71

project-initialize-operator

Go
10
star
72

must-gather-operator

An operator to simplify the creation and upload of cluster diagnostics from the must-gather tool
Go
10
star
73

ocp4-prereqs-validator

Ansible resources to validate the prerequisites for OpenShift 4
10
star
74

ansible-role-jboss-common

Jinja
10
star
75

openshift-4-alpha-enablement

9
star
76

k8s_config

Ansible role for managing Kubernetes configuration
Python
9
star
77

poolboy

Operator for managing resource claims and provisioning
Python
9
star
78

sqlserver-coi

This repository holds code, documentation, playbooks and other artifacts relating to deployment of SQL Server on RHEL and OpenShift.
Shell
9
star
79

blockchain-cop

The Blockchain Community of Practice is a place for Red Hatters to learn about decentralized web technologies, including decentralized ledgers, storage, and many others. This repository is meant so serve as both a means of organizing upcoming talks, as well as storing recordings and presentations of past talks, along with any demos/workshops that accompany them.
9
star
80

infra.lvm_snapshots

Ansible roles for LVM snapshot management
Shell
8
star
81

network.bgp

This role provides a single platform-agnostics entry point to manage all the BGP network resources supported for a given network OS.
Python
8
star
82

ninja-points

Scripts for the ninja program that integrate with external channels, such as github, gitlab & trello
Python
8
star
83

cloud.aws_ops

Ansible Roles for managing AWS Resources
Python
7
star
84

disconnectedinfra

Ansible collection designed to support building a disconnected network in a connected world.
Jinja
7
star
85

tool-integrations

Repository for various implementation for integrations between tools
Python
7
star
86

github-actions

Collection of GitHub Actions implementations
Shell
7
star
87

monitoring

Assets to manage monitoring infrastructure and applications
Python
7
star
88

automate-windows

Automating Windows with Ansible and Ansible Tower
PowerShell
7
star
89

redhat_sso

[Deprecated] - Ansible role to install Red Hat Single Sign On (SSO)
Jinja
6
star
90

dash

Go
6
star
91

pbl-rocketchat

A Project Blue Line effort to Operationalize Rocket Chat on OpenShift
6
star
92

agnosticv

Organize and merge YAML files to manage a Catalog
Go
6
star
93

org

Meta configuration for Red Hat Community of Practice Github Organization
6
star
94

microsegmentation-operator

Go
6
star
95

ansible_collections_tooling

Various workflows and actions used in the infra collections for pre commit and publishing of ansible collections.
5
star
96

jboss_bxms

[Deprecated] - Ansible role to install and configure JBoss BxMS
5
star
97

applier-cli

Go
5
star
98

rti

Ready to Innovate
JavaScript
5
star
99

redhat-cop.github.io

Global docs and contribution guidelines for the Red Hat Communities of Practice GitHub space
CSS
5
star
100

infra.convert2rhel

Collection of Ansible roles for automating RHEL in-place conversions using Convert2RHEL.
YAML
5
star