summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVinny Valdez <vvaldez@redhat.com>2016-03-29 16:52:05 -0500
committerVinny Valdez <vvaldez@redhat.com>2016-04-20 09:28:48 -0500
commit80c3d3332507fe620fcab99e65f2ffd81d48a69e (patch)
treebe5d04b76b6aabc7e1aed3562f83ed2337392108
parented0c9e5e46bdd1da003f399392c891912dbd07dc (diff)
downloadopenshift-80c3d3332507fe620fcab99e65f2ffd81d48a69e.tar.gz
openshift-80c3d3332507fe620fcab99e65f2ffd81d48a69e.tar.bz2
openshift-80c3d3332507fe620fcab99e65f2ffd81d48a69e.tar.xz
openshift-80c3d3332507fe620fcab99e65f2ffd81d48a69e.zip
Add subscription-manager support for Hosted or Satellite
-rw-r--r--roles/subscription-manager/README.md95
-rw-r--r--roles/subscription-manager/pre_tasks/pre_tasks.yml37
-rw-r--r--roles/subscription-manager/tasks/main.yml93
3 files changed, 225 insertions, 0 deletions
diff --git a/roles/subscription-manager/README.md b/roles/subscription-manager/README.md
new file mode 100644
index 000000000..b140ad09a
--- /dev/null
+++ b/roles/subscription-manager/README.md
@@ -0,0 +1,95 @@
+# Red Hat Subscription Manager Ansible Role
+
+## Parameters
+
+This role depends on user specified variables. These can be set in the inventory file, group_vars or passed to the playbook from the CLI. The variables are:
+
+### rhsm_method
+
+Subscription Manager method to use for registration. Valid values are:
+
+* **satellite** - Use a Satellite server. Additional variables required include **rhsm_server**, **rhsm_org** and either (**rhsm_username** and **rhsm_password**) or **rhsm_activationkey**
+* **hosted** - Use Red Hat's CDN. Additional variables required are **rhsm_server** (defaults to RHSM CDN) and **rhsm_username** and **rhsm_password**
+* none/false/blank will disable any subscription manager activities (this is the default if no parameters are set)
+
+Default: none
+
+### rhsm_server
+
+Subscription Manager server hostname. If using a Satellite server set the FQDN here. If using RHSM Hosted this value is ignored.
+
+Default: none
+
+### rhsm_username
+
+Subscription Manager username. Required for RHSM Hosted. Can be optionally used for Satellite, but it may be better to use **rhsm_activationkey** for this.
+
+Default: none
+
+### rhsm_password
+
+Subscription Manager password. Required for RHSM Hosted. Can be optionally used for Satellite, but it may be better to use **rhsm_activationkey** for this.
+
+Default: none
+
+### rhsm_org
+
+Optional Satellite Subscription Manager Organization. Required for Satellite, ignored if using RHSM Hosted.
+
+Default: none
+
+### rhsm_activationkey
+
+Optional Satellite Subscription Manager Activation Key, use this instead of **rhsm_username** and **rhsm_password** if using Satellite to provide repositories and authentication in a key instead.
+
+Default: none
+
+### rhsm_pool
+
+Optional Subscription Manager pool, determine this by running **subscription-manager list --available** on a registered system. Valid for RHSM Hosted or Satellite. Specifying **rhsm_activationkey** will ignore this option.
+
+Default: none
+
+### rhsm_repos
+
+Optional Repositories to enable, this can also be specified in the **rhsm_activationkey**. Valid for RHSM Hosted or Satellite. Specifying **rhsm_activationkey** will ignore this option.
+
+NOTE: If specifying this value in an inventory file as opposed to group_vars, be sure to define it as a proper list as such:
+
+rhsm_repos='["rhel-7-server-rpms", "rhel-7-server-ose-3.1-rpms", "rhel-7-server-extras-rpms"]'
+
+Default: none
+
+## Pre-tasks
+
+A number of variable checks are performed before any tasks to ensure the proper parameters are set. To include these checks call the pre_task yaml before any roles:
+
+```
+ pre_tasks:
+ - include: roles/subscription-manager/pre_tasks/pre_tasks.yml
+```
+
+## Tasks
+
+The bulk of the work is performed in the main.yml for this role. The pre-task play will set a variable which can be checked to contitionally include this role as such:
+
+```
+ roles:
+ - { role: subscription-manager, when: not hostvars.localhost.rhsm_skip, tags: 'subscription-manager' }
+```
+
+## Running the Playbook
+
+To register to RHSM Hosted with username and password:
+
+```
+ansible-playbook -i inventory/ose-provision ose-provision.yml -e "rhsm_method='hosted' rhsm_username=vvaldez rhsm_password='hunter2' openstack_key_name='vvaldez'"
+```
+
+To register to a Satellite server with an activation key:
+
+```
+ansible-playbook -i inventory/ose-provision ose-provision.yml -e "rhsm_server='10.12.32.1' rhsm_org='cloud_practice' rhsm_activationkey='rhel-7-ose-3-1' openstack_key_name='vvaldez' rhsm_method='satellite'"
+```
+
+To ignore any Subscription Manager activities, simple do not set any parameters or explicitly set **rhsm_method** to false.
diff --git a/roles/subscription-manager/pre_tasks/pre_tasks.yml b/roles/subscription-manager/pre_tasks/pre_tasks.yml
new file mode 100644
index 000000000..497f39353
--- /dev/null
+++ b/roles/subscription-manager/pre_tasks/pre_tasks.yml
@@ -0,0 +1,37 @@
+---
+- name: Initialize Subscription Manager fact
+ set_fact:
+ rhsm_skip: false
+
+- name: Determine if Subscription Manager should be skipped or not
+ set_fact:
+ rhsm_skip: true
+ when: rhsm_method is undefined or rhsm_method is none or rhsm_method|trim == ''
+
+- name: Determine Subscription Manager method
+ fail: msg="Value for 'rhsm_method' of '{{ rhsm_method }}' is not valid, it should be one of 'hosted', 'satellite', or false/none/blank"
+ when:
+ - rhsm_method != 'hosted' and rhsm_method != 'satellite'
+ - not rhsm_skip
+
+- name: Validate Subscription Manager host is set
+ fail: msg="Cannot determine Subscription Manager server hostname without a value for 'rhsm_server'"
+ when:
+ - rhsm_server is undefined or rhsm_server is none or rhsm_server|trim == ''
+ - not rhsm_method == 'hosted'
+ - not rhsm_skip
+
+- name: Validate Subscription Manager organization is set
+ fail: msg="Cannot register to a Satellite server without a value for the Organization via 'rhsm_org'"
+ when:
+ - rhsm_org is undefined or rhsm_org is none or rhsm_org|trim == ''
+ - rhsm_method == 'satellite'
+ - not rhsm_skip
+
+- name: Validate Subscription Manager authentication is defined
+ fail: msg="Cannot register without ('rhsm_username' and 'rhsm_password') or 'rhsm_activationkey' variables set"
+ when:
+ - (rhsm_username is undefined or rhsm_username is none or rhsm_username|trim == '') or (rhsm_password is undefined or rhsm_password is none or rhsm_password|trim == '')
+ - rhsm_activationkey is undefined or rhsm_activationkey is none or rhsm_activationkey|trim == ''
+ - not rhsm_skip
+
diff --git a/roles/subscription-manager/tasks/main.yml b/roles/subscription-manager/tasks/main.yml
new file mode 100644
index 000000000..2e04a7a22
--- /dev/null
+++ b/roles/subscription-manager/tasks/main.yml
@@ -0,0 +1,93 @@
+---
+- name: Initializing Subscription Manager authenticaiton method
+ set_fact:
+ rhsm_authentication: false
+
+# 'rhsm_activationkey' will take precedence even if 'rhsm_username' and 'rhsm_password' are also set
+- name: Setting Subscription Manager Activation Key Fact
+ set_fact:
+ rhsm_authentication: "key"
+ when:
+ - rhsm_activationkey is defined
+ - rhsm_activationkey is not none
+ - rhsm_activationkey|trim != ''
+ - not rhsm_authentication
+
+# If 'rhsm_username' and 'rhsm_password' are set but not 'rhsm_activationkey', set 'rhsm_authentication' to password
+- name: Setting Subscription Manager Username and Password Fact
+ set_fact:
+ rhsm_authentication: "password"
+ when:
+ - rhsm_username is defined and rhsm_username is not none and rhsm_username|trim != ''
+ - rhsm_password is defined and rhsm_password is not none and rhsm_password|trim != ''
+ - not rhsm_authentication
+
+- name: Initializing registration status
+ set_fact:
+ registered: false
+
+- name: Checking subscription status (a failure means it is not registered and will be)
+ command: "/usr/bin/subscription-manager status"
+ ignore_errors: yes
+ changed_when: no
+ register: check_if_registered
+
+- name: Set registration fact
+ set_fact:
+ registered: true
+ when: check_if_registered.rc == 0
+
+- name: Cleaning any old subscriptions
+ command: "/usr/bin/subscription-manager clean"
+ when:
+ - not registered
+ - rhsm_authentication is defined
+
+- name: Install Satellite certificate
+ command: "rpm -Uvh --force http://{{ rhsm_server }}/pub/katello-ca-consumer-latest.noarch.rpm"
+ when:
+ - not registered
+ - rhsm_method == 'satellite'
+
+- name: Register to Satellite using activation key
+ command: "/usr/bin/subscription-manager register --activationkey={{ rhsm_activationkey }} --org={{ rhsm_org }}"
+ when:
+ - not registered
+ - rhsm_authentication == 'key'
+ - rhsm_method == 'satellite'
+
+# This can apply to either Hosted or Satellite
+- name: Register using username and password
+ command: "/usr/bin/subscription-manager register --username={{ rhsm_username }} --password={{ rhsm_password }}"
+ when:
+ - not registered
+ - rhsm_authentication != "key"
+
+- name: Auto-attach to Subscription Manager Pool
+ command: "/usr/bin/subscription-manager attach --auto"
+ when:
+ - not registered
+ - rhsm_authentication != "key"
+
+- name: Attach to a specific pool
+ command: "/usr/bin/subscription-manager attach --pool={{ rhsm_pool }}"
+ when:
+ - rhsm_pool is defined and rhsm_pool is not none and rhsm_pool|trim != ''
+ - and not registered
+ - rhsm_authentication != "key"
+
+- name: Disable all repositories
+ command: "/usr/bin/subscription-manager repos --disable=*"
+ when:
+ - not registered
+ - not rhsm_authentication == "key"
+
+- name: Enable specified repositories
+ command: "/usr/bin/subscription-manager repos --enable={{ item }}"
+ with_items: rhsm_repos
+ when:
+ - not registered
+ - not rhsm_authentication == "key"
+
+- name: Cleaning yum repositories
+ command: "yum clean all"