From e7ed329bd81c2273c03e94c93c9ce9c1d01cdc86 Mon Sep 17 00:00:00 2001 From: "Suren A. Chilingaryan" Date: Sat, 1 Apr 2017 04:53:28 +0200 Subject: Initial import --- playbooks/ands-prepare.yml | 46 +++++++++++++++++++++++++++ playbooks/ands-setup-vm.yml | 5 +++ playbooks/group_vars | 1 + playbooks/heketi-destroy.yml | 5 +++ playbooks/host_vars | 1 + playbooks/local.yml | 22 +++++++++++++ playbooks/maintain.yml | 11 +++++++ playbooks/openshift-add-nodes.yml | 7 ++++ playbooks/openshift-install.yml | 22 +++++++++++++ playbooks/openshift-redeploy-certificates.yml | 1 + playbooks/openshift-setup-projects.yml | 28 ++++++++++++++++ playbooks/openshift-setup-storage.yml | 37 +++++++++++++++++++++ playbooks/openshift-setup-users.yml | 24 ++++++++++++++ playbooks/openshift-setup-vpn.yml | 13 ++++++++ playbooks/openshift-setup.yml | 34 ++++++++++++++++++++ playbooks/projects | 1 + playbooks/roles | 1 + playbooks/tmp_role.yml | 6 ++++ playbooks/users | 1 + 19 files changed, 266 insertions(+) create mode 100644 playbooks/ands-prepare.yml create mode 100644 playbooks/ands-setup-vm.yml create mode 120000 playbooks/group_vars create mode 100644 playbooks/heketi-destroy.yml create mode 120000 playbooks/host_vars create mode 100644 playbooks/local.yml create mode 100644 playbooks/maintain.yml create mode 100644 playbooks/openshift-add-nodes.yml create mode 100644 playbooks/openshift-install.yml create mode 120000 playbooks/openshift-redeploy-certificates.yml create mode 100644 playbooks/openshift-setup-projects.yml create mode 100644 playbooks/openshift-setup-storage.yml create mode 100644 playbooks/openshift-setup-users.yml create mode 100644 playbooks/openshift-setup-vpn.yml create mode 100644 playbooks/openshift-setup.yml create mode 120000 playbooks/projects create mode 120000 playbooks/roles create mode 100644 playbooks/tmp_role.yml create mode 120000 playbooks/users (limited to 'playbooks') diff --git a/playbooks/ands-prepare.yml b/playbooks/ands-prepare.yml new file mode 100644 index 0000000..1b4fc2a --- /dev/null +++ b/playbooks/ands-prepare.yml @@ -0,0 +1,46 @@ +- name: Common setup procedures + hosts: ands + roles: + - role: ands_facts + - role: common + +- name: Keepalived service + hosts: masters + roles: + - role: keepalived + vars: + keepalived_vips: "{{ ands_ipfailover_vips | default([]) }}" + keepalived_iface: "{{ ands_ipfailover_interface | default('eth0') }}" + keepalived_password: "{{ ands_secrets.keepalived }}" + +#OpenVPN started before Origin-node causes problems +#- name: OpenVPN service +# hosts: nodes +# roles: +# - role: openvpn +# vars: +# openvpn_config: "katrin" +# openvpn_lb: "{{ ands_openshift_lb }}" +# openvpn_servers: "masters" + +- name: Configures Ands storage + hosts: ands_storage_servers + roles: + - role: ands_storage + +- name: Docker setup + hosts: nodes + roles: + - role: docker + vars: + docker_exclude_vgs: "{{ [ ands_data_vg ] }}" + +- name: Configure GlusterFS cluster + hosts: ands_servers + roles: + - role: glusterfs + vars: + glusterfs_network: "{{ ands_storage_network }}" + glusterfs_servers: "{{ ands_storage_servers }}" + glusterfs_bricks_path: "{{ ands_data_path }}/glusterfs" + glusterfs_domains: "{{ ands_storage_domains }}" diff --git a/playbooks/ands-setup-vm.yml b/playbooks/ands-setup-vm.yml new file mode 100644 index 0000000..d97916d --- /dev/null +++ b/playbooks/ands-setup-vm.yml @@ -0,0 +1,5 @@ +- name: Common setup procedures + hosts: vagrant + roles: + - role: ands_vagrant_vm + diff --git a/playbooks/group_vars b/playbooks/group_vars new file mode 120000 index 0000000..de38180 --- /dev/null +++ b/playbooks/group_vars @@ -0,0 +1 @@ +../group_vars/ \ No newline at end of file diff --git a/playbooks/heketi-destroy.yml b/playbooks/heketi-destroy.yml new file mode 100644 index 0000000..b29679b --- /dev/null +++ b/playbooks/heketi-destroy.yml @@ -0,0 +1,5 @@ +--- +- hosts: storage_nodes + tasks: + - name: Destroy Heketi volumes + shell: "yes | pvremove /dev/{{ansible_lvm.lvs.ands_heketi.vg}}/katrin_heketi --force --force" diff --git a/playbooks/host_vars b/playbooks/host_vars new file mode 120000 index 0000000..f1e217d --- /dev/null +++ b/playbooks/host_vars @@ -0,0 +1 @@ +../host_vars/ \ No newline at end of file diff --git a/playbooks/local.yml b/playbooks/local.yml new file mode 100644 index 0000000..9e6ca38 --- /dev/null +++ b/playbooks/local.yml @@ -0,0 +1,22 @@ +- name: Store known hosts of 'all' the hosts in the inventory file + hosts: localhost + connection: local + + vars: + ssh_known_hosts_command: "ssh-keyscan -T 10" + ssh_known_hosts_file: "{{ lookup('env','HOME') + '/.ssh/known_hosts' }}" + ssh_known_hosts: "{{ groups['all'] }}" + + tasks: + - name: For each host, scan for its ssh public key + shell: "ssh-keyscan {{ item }},`dig +short {{ item }}`" + with_items: "{{ ssh_known_hosts }}" + register: ssh_known_host_results + ignore_errors: yes + + - name: Add/update the public key in the '{{ ssh_known_hosts_file }}' + known_hosts: + name: "{{ item.item }}" + key: "{{ item.stdout }}" + path: "{{ ssh_known_hosts_file }}" + with_items: "{{ ssh_known_host_results.results }}" diff --git a/playbooks/maintain.yml b/playbooks/maintain.yml new file mode 100644 index 0000000..3167252 --- /dev/null +++ b/playbooks/maintain.yml @@ -0,0 +1,11 @@ +- name: Check cert expirys + hosts: nodes:masters:etcd + become: yes + gather_facts: no + vars: + openshift_certificate_expiry_save_json_results: yes + openshift_certificate_expiry_generate_html_report: yes + openshift_certificate_expiry_html_report_path: ./report + openshift_certificate_expiry_show_all: yes + roles: + - role: openshift_certificate_expiry diff --git a/playbooks/openshift-add-nodes.yml b/playbooks/openshift-add-nodes.yml new file mode 100644 index 0000000..ccb5d1c --- /dev/null +++ b/playbooks/openshift-add-nodes.yml @@ -0,0 +1,7 @@ +- name: Configure cluster hosts names + hosts: nodes + roles: + - { role: ands_facts } + - { role: ands_openshift, subrole: hostnames } + +- include: ../../openshift-ansible/playbooks/byo/openshift-node/scaleup.yml diff --git a/playbooks/openshift-install.yml b/playbooks/openshift-install.yml new file mode 100644 index 0000000..c54f4ee --- /dev/null +++ b/playbooks/openshift-install.yml @@ -0,0 +1,22 @@ +- name: Configure cluster hosts names + hosts: nodes + roles: + - { role: ands_facts } + - { role: ands_openshift, subrole: hostnames } + +- name: Temporary provision /etc/hosts with Masters IP. + hosts: nodes:!masters + tasks: + - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present" + when: (ands_provision_without_dns | default(false)) + vars: + node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}" + + +- include: ../../openshift-ansible/playbooks/byo/config.yml + +- name: Remove temporary entries in /etc/hosts + hosts: nodes:!masters + tasks: + - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent" + when: (ands_provision_without_dns | default(false)) diff --git a/playbooks/openshift-redeploy-certificates.yml b/playbooks/openshift-redeploy-certificates.yml new file mode 120000 index 0000000..2ac0c05 --- /dev/null +++ b/playbooks/openshift-redeploy-certificates.yml @@ -0,0 +1 @@ +../../openshift-ansible/playbooks/byo/openshift-cluster/redeploy-certificates.yml \ No newline at end of file diff --git a/playbooks/openshift-setup-projects.yml b/playbooks/openshift-setup-projects.yml new file mode 100644 index 0000000..46d6767 --- /dev/null +++ b/playbooks/openshift-setup-projects.yml @@ -0,0 +1,28 @@ +- name: Configure users & user projects + hosts: masters + roles: + - { role: ands_facts } + +- name: Temporary provision /etc/hosts with Masters IP. + hosts: nodes:!masters + tasks: + - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present" + when: (ands_provision_without_dns | default(false)) + vars: + node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}" + +- name: Configure users & user projects + hosts: masters + roles: + - { role: ands_openshift, subrole: users } + - { role: ands_kaas } + vars: + kaas_projects: "{{ ands_openshift_projects.keys() }}" + kaas_openshift_volumes: "{{ ands_openshift_volumes }}" + + +- name: Remove temporary entries in /etc/hosts + hosts: nodes:!masters + tasks: + - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent" + when: (ands_provision_without_dns | default(false)) diff --git a/playbooks/openshift-setup-storage.yml b/playbooks/openshift-setup-storage.yml new file mode 100644 index 0000000..387b775 --- /dev/null +++ b/playbooks/openshift-setup-storage.yml @@ -0,0 +1,37 @@ +--- +- name: Configure GlusterFS storage + hosts: nodes + roles: + - { role: ands_facts } + +- name: Configure GlusterFS storage + hosts: nodes + roles: + - { role: glusterfs, subrole: volumes } + vars: + glusterfs_network: "{{ ands_storage_network }}" + glusterfs_servers: "{{ ands_storage_servers }}" + glusterfs_bricks_path: "{{ ands_data_path }}/glusterfs" + glusterfs_domains: "{{ ands_storage_domains }}" + + +- name: Temporary provision /etc/hosts with Masters IP. + hosts: nodes:!masters + tasks: + - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present" + when: (ands_provision_without_dns | default(false)) + vars: + node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}" + +- name: Configure OpenShift volumes + hosts: masters + roles: + - { role: ands_openshift, subrole: storage } + +- name: Remove temporary entries in /etc/hosts + hosts: nodes:!masters + tasks: + - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent" + when: (ands_provision_without_dns | default(false)) + +# we also reconfigure kaas to populate new configs? diff --git a/playbooks/openshift-setup-users.yml b/playbooks/openshift-setup-users.yml new file mode 100644 index 0000000..d160823 --- /dev/null +++ b/playbooks/openshift-setup-users.yml @@ -0,0 +1,24 @@ +- name: Configure users + hosts: masters + roles: + - { role: ands_facts } + + +- name: Temporary provision /etc/hosts with Masters IP. + hosts: nodes:!masters + tasks: + - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present" + when: (ands_provision_without_dns | default(false)) + vars: + node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}" + +- name: Configure users + hosts: masters + roles: + - { role: ands_openshift, subrole: users } + +- name: Remove temporary entries in /etc/hosts + hosts: nodes:!masters + tasks: + - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent" + when: (ands_provision_without_dns | default(false)) diff --git a/playbooks/openshift-setup-vpn.yml b/playbooks/openshift-setup-vpn.yml new file mode 100644 index 0000000..be5fe45 --- /dev/null +++ b/playbooks/openshift-setup-vpn.yml @@ -0,0 +1,13 @@ +- name: Common setup procedures + hosts: ands + roles: + - role: ands_facts + +- name: OpenVPN service + hosts: nodes + roles: + - role: openvpn + vars: + openvpn_config: "katrin" + openvpn_lb: "{{ ands_openshift_lb }}" + openvpn_servers: "masters" diff --git a/playbooks/openshift-setup.yml b/playbooks/openshift-setup.yml new file mode 100644 index 0000000..4b98f39 --- /dev/null +++ b/playbooks/openshift-setup.yml @@ -0,0 +1,34 @@ +- name: Common setup procedures + hosts: ands + roles: + - role: ands_facts + + +- name: Temporary provision /etc/hosts with Masters IP. + hosts: nodes:!masters + tasks: + - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present" + when: (ands_provision_without_dns | default(false)) + vars: + node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}" + +- name: Various OpenShift resources + hosts: nodes + roles: + - role: ands_openshift + +- name: Remove temporary entries in /etc/hosts + hosts: nodes:!masters + tasks: + - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent" + when: (ands_provision_without_dns | default(false)) + + +- name: OpenVPN service + hosts: nodes + roles: + - role: openvpn + vars: + openvpn_config: "katrin" + openvpn_lb: "{{ ands_openshift_lb }}" + openvpn_servers: "masters" diff --git a/playbooks/projects b/playbooks/projects new file mode 120000 index 0000000..aacce37 --- /dev/null +++ b/playbooks/projects @@ -0,0 +1 @@ +../setup/projects/ \ No newline at end of file diff --git a/playbooks/roles b/playbooks/roles new file mode 120000 index 0000000..d8c4472 --- /dev/null +++ b/playbooks/roles @@ -0,0 +1 @@ +../roles \ No newline at end of file diff --git a/playbooks/tmp_role.yml b/playbooks/tmp_role.yml new file mode 100644 index 0000000..f004204 --- /dev/null +++ b/playbooks/tmp_role.yml @@ -0,0 +1,6 @@ +- name: Common setup procedures + hosts: nodes + remote_user: root + roles: + - ands_facts + - ands_openshift diff --git a/playbooks/users b/playbooks/users new file mode 120000 index 0000000..1e70137 --- /dev/null +++ b/playbooks/users @@ -0,0 +1 @@ +../setup/users/ \ No newline at end of file -- cgit v1.2.3