From 71c0c0c6d3dd2b3360604b118b496107b0f76d37 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 13 Feb 2015 09:50:35 -0500 Subject: added initial tower configs --- bin/zsh_functions/_ossh | 49 ++++++++++++++++ playbooks/aws/ansible-tower/config.yml | 20 +++++++ playbooks/aws/ansible-tower/launch.yml | 97 +++++++++++++++++++++++++++++++ playbooks/aws/ansible-tower/user_data.txt | 6 ++ playbooks/aws/ansible-tower/vars.ops | 9 +++ playbooks/aws/ansible-tower/vars.yml | 1 + 6 files changed, 182 insertions(+) create mode 100644 bin/zsh_functions/_ossh create mode 100644 playbooks/aws/ansible-tower/config.yml create mode 100644 playbooks/aws/ansible-tower/launch.yml create mode 100644 playbooks/aws/ansible-tower/user_data.txt create mode 100644 playbooks/aws/ansible-tower/vars.ops create mode 100644 playbooks/aws/ansible-tower/vars.yml diff --git a/bin/zsh_functions/_ossh b/bin/zsh_functions/_ossh new file mode 100644 index 000000000..7c6cb7b0b --- /dev/null +++ b/bin/zsh_functions/_ossh @@ -0,0 +1,49 @@ +#compdef ossh oscp + +_ossh_known_hosts(){ + if [[ -f ~/.ansible/tmp/multi_ec2_inventory.cache ]]; then + print $(/usr/bin/python -c 'import json,os; z = json.loads(open("%s"%os.path.expanduser("~/.ansible/tmp/multi_ec2_inventory.cache")).read()); print "\n".join(["%s.%s" % (host["ec2_tag_Name"],host["ec2_tag_environment"]) for dns, host in z["_meta"]["hostvars"].items()])') + fi +} + +_ossh(){ + local curcontext="$curcontext" state line + typeset -A opt_args + + common_arguments=( + '(- *)'{-h,--help}'[show help]' \ + {-v,--verbose}'[enable verbose]' \ + {-d,--debug}'[debug mode]' \ + {-l,--login_name}+'[login name]:login_name' \ + {-c,--command}+'[command to run on remote host]:command' \ + {-o,--ssh_opts}+'[SSH Options to pass to SSH]:ssh options' \ + {-e,--env}+'[environtment to use]:environment:->env' \ + '--list[list out hosts]' \ + ':OP Hosts:->oo_hosts' + ) + + case "$service" in + ossh) + _arguments -C -s \ + "$common_arguments[@]" \ + ;; + + oscp) + _arguments -C -s \ + "$common_arguments[@]" \ + {-r,--recurse}'[Recursive copy]' \ + ':file:_files' + ;; + esac + + case "$state" in + oo_hosts) + _values 'oo_hosts' $(_ossh_known_hosts) + ;; + env) + _values 'environment' ops int stg prod + ;; + esac +} + +_ossh "$@" diff --git a/playbooks/aws/ansible-tower/config.yml b/playbooks/aws/ansible-tower/config.yml new file mode 100644 index 000000000..0124156a9 --- /dev/null +++ b/playbooks/aws/ansible-tower/config.yml @@ -0,0 +1,20 @@ +--- +- name: "populate oo_hosts_to_config host group if needed" + hosts: localhost + gather_facts: no + tasks: + - name: Evaluate oo_host_group_exp if it's set + add_host: "name={{ item }} groups=oo_hosts_to_config" + with_items: "{{ oo_host_group_exp | default(['']) }}" + when: oo_host_group_exp is defined + +- name: "Configure instances" + hosts: oo_hosts_to_config + connection: ssh + user: root + vars_files: + - vars.yml + - "vars.{{ oo_env }}.yml" + roles: + - ../../../roles/atomic_base + - ../../../roles/atomic_proxy diff --git a/playbooks/aws/ansible-tower/launch.yml b/playbooks/aws/ansible-tower/launch.yml new file mode 100644 index 000000000..fd6b0f39a --- /dev/null +++ b/playbooks/aws/ansible-tower/launch.yml @@ -0,0 +1,97 @@ +--- +- name: Launch instance(s) + hosts: localhost + connection: local + gather_facts: no + + vars: + inst_region: us-east-1 + atomic_ami: ami-8e239fe6 + user_data_file: user_data.txt + oo_vpc_subnet_id: # Purposely left blank, these are here to be overridden in env vars_files + oo_assign_public_ip: # Purposely left blank, these are here to be overridden in env vars_files + + vars_files: + - vars.yml + - "vars.{{ oo_env }}.yml" + + tasks: + - name: Launch instances in VPC + ec2: + state: present + region: "{{ inst_region }}" + keypair: mmcgrath_libra + group_id: "{{ oo_security_group_ids }}" + instance_type: m3.large + image: "{{ atomic_ami }}" + count: "{{ oo_new_inst_names | oo_len }}" + user_data: "{{ lookup('file', user_data_file) }}" + wait: yes + assign_public_ip: "{{ oo_assign_public_ip }}" + vpc_subnet_id: "{{ oo_vpc_subnet_id }}" + when: oo_vpc_subnet_id + register: ec2_vpc + + - set_fact: + ec2: "{{ ec2_vpc }}" + when: oo_vpc_subnet_id + + - name: Launch instances in Classic + ec2: + state: present + region: "{{ inst_region }}" + keypair: mmcgrath_libra + group: ['Libra', '{{ oo_env }}', '{{ oo_env }}_proxy', '{{ oo_env }}_proxy_atomic'] + instance_type: m3.large + image: "{{ atomic_ami }}" + count: "{{ oo_new_inst_names | oo_len }}" + user_data: "{{ lookup('file', user_data_file) }}" + wait: yes + when: not oo_vpc_subnet_id + register: ec2_classic + + - set_fact: + ec2: "{{ ec2_classic }}" + when: not oo_vpc_subnet_id + + - name: Add new instances public IPs to the atomic proxy host group + add_host: "hostname={{ item.public_ip }} groupname=new_ec2_instances" + with_items: ec2.instances + + - name: Add Name and environment tags to instances + ec2_tag: "resource={{ item.1.id }} region={{ inst_region }} state=present" + with_together: + - oo_new_inst_names + - ec2.instances + args: + tags: + Name: "{{ item.0 }}" + + - name: Add other tags to instances + ec2_tag: "resource={{ item.id }} region={{ inst_region }} state=present" + with_items: ec2.instances + args: + tags: "{{ oo_new_inst_tags }}" + + - name: Add new instances public IPs to oo_hosts_to_config + add_host: "hostname={{ item.0 }} ansible_ssh_host={{ item.1.public_ip }} groupname=oo_hosts_to_config" + with_together: + - oo_new_inst_names + - ec2.instances + + - debug: var=ec2 + + - name: Wait for ssh + wait_for: "port=22 host={{ item.public_ip }}" + with_items: ec2.instances + + - name: Wait for root user setup + command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null root@{{ item.public_ip }} echo root user is setup" + register: result + until: result.rc == 0 + retries: 20 + delay: 10 + with_items: ec2.instances + +# Apply the configs, seprate so that just the configs can be run by themselves +- include: config.yml diff --git a/playbooks/aws/ansible-tower/user_data.txt b/playbooks/aws/ansible-tower/user_data.txt new file mode 100644 index 000000000..643d17c32 --- /dev/null +++ b/playbooks/aws/ansible-tower/user_data.txt @@ -0,0 +1,6 @@ +#cloud-config +disable_root: 0 + +system_info: + default_user: + name: root diff --git a/playbooks/aws/ansible-tower/vars.ops b/playbooks/aws/ansible-tower/vars.ops new file mode 100644 index 000000000..feb5d786a --- /dev/null +++ b/playbooks/aws/ansible-tower/vars.ops @@ -0,0 +1,9 @@ +--- +oo_env_long: operations +oo_zabbix_hostgroups: ['OPS Environment'] +oo_vpc_subnet_id: subnet-4f0bdd38 # USE OPS +oo_assign_public_ip: yes +oo_security_group_ids: + - sg-02c2f267 # Libra (vpc) + - sg-7fc4f41a # ops (vpc) + - sg-4dc26829 # ops_tower (vpc) diff --git a/playbooks/aws/ansible-tower/vars.yml b/playbooks/aws/ansible-tower/vars.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/playbooks/aws/ansible-tower/vars.yml @@ -0,0 +1 @@ +--- -- cgit v1.2.3 From e45695622f867734cbfd64797cf6b830a2fff604 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 13 Feb 2015 14:55:01 -0500 Subject: more ansible tower commits --- lib/aws_command.rb | 2 +- playbooks/aws/ansible-tower/config.yml | 5 +++-- playbooks/aws/ansible-tower/launch.yml | 26 ++++++++++++++++---------- playbooks/aws/ansible-tower/vars.ops | 9 --------- playbooks/aws/ansible-tower/vars.ops.yml | 9 +++++++++ roles/ansible_install/tasks/main.yaml | 7 +++++++ roles/base_os/tasks/main.yaml | 5 +++++ roles/ipv6_disable/tasks/main.yaml | 11 +++++++++++ 8 files changed, 52 insertions(+), 22 deletions(-) delete mode 100644 playbooks/aws/ansible-tower/vars.ops create mode 100644 playbooks/aws/ansible-tower/vars.ops.yml create mode 100644 roles/ansible_install/tasks/main.yaml create mode 100644 roles/ipv6_disable/tasks/main.yaml diff --git a/lib/aws_command.rb b/lib/aws_command.rb index 1c3efc91c..7c6872c64 100644 --- a/lib/aws_command.rb +++ b/lib/aws_command.rb @@ -7,7 +7,7 @@ module OpenShift module Ops class AwsCommand < Thor # WARNING: we do not currently support environments with hyphens in the name - SUPPORTED_ENVS = %w(prod stg int tint kint test jint amint tdint lint) + SUPPORTED_ENVS = %w(prod stg int ops tint kint test jint amint tdint lint) option :type, :required => true, :enum => LaunchHelper.get_aws_host_types, :desc => 'The host type of the new instances.' diff --git a/playbooks/aws/ansible-tower/config.yml b/playbooks/aws/ansible-tower/config.yml index 0124156a9..069a7b7b1 100644 --- a/playbooks/aws/ansible-tower/config.yml +++ b/playbooks/aws/ansible-tower/config.yml @@ -16,5 +16,6 @@ - vars.yml - "vars.{{ oo_env }}.yml" roles: - - ../../../roles/atomic_base - - ../../../roles/atomic_proxy + - ../../../roles/base_os + - ../../../roles/ipv6_disable + - ../../../roles/ansible_install diff --git a/playbooks/aws/ansible-tower/launch.yml b/playbooks/aws/ansible-tower/launch.yml index fd6b0f39a..b4b294a02 100644 --- a/playbooks/aws/ansible-tower/launch.yml +++ b/playbooks/aws/ansible-tower/launch.yml @@ -6,7 +6,7 @@ vars: inst_region: us-east-1 - atomic_ami: ami-8e239fe6 + rhel7_ami: ami-a24e30ca user_data_file: user_data.txt oo_vpc_subnet_id: # Purposely left blank, these are here to be overridden in env vars_files oo_assign_public_ip: # Purposely left blank, these are here to be overridden in env vars_files @@ -22,8 +22,8 @@ region: "{{ inst_region }}" keypair: mmcgrath_libra group_id: "{{ oo_security_group_ids }}" - instance_type: m3.large - image: "{{ atomic_ami }}" + instance_type: c4.xlarge + image: "{{ rhel7_ami }}" count: "{{ oo_new_inst_names | oo_len }}" user_data: "{{ lookup('file', user_data_file) }}" wait: yes @@ -42,8 +42,8 @@ region: "{{ inst_region }}" keypair: mmcgrath_libra group: ['Libra', '{{ oo_env }}', '{{ oo_env }}_proxy', '{{ oo_env }}_proxy_atomic'] - instance_type: m3.large - image: "{{ atomic_ami }}" + instance_type: c4.xlarge + image: "{{ rhel7_ami }}" count: "{{ oo_new_inst_names | oo_len }}" user_data: "{{ lookup('file', user_data_file) }}" wait: yes @@ -54,10 +54,6 @@ ec2: "{{ ec2_classic }}" when: not oo_vpc_subnet_id - - name: Add new instances public IPs to the atomic proxy host group - add_host: "hostname={{ item.public_ip }} groupname=new_ec2_instances" - with_items: ec2.instances - - name: Add Name and environment tags to instances ec2_tag: "resource={{ item.1.id }} region={{ inst_region }} state=present" with_together: @@ -93,5 +89,15 @@ delay: 10 with_items: ec2.instances +- name: Initial setup + hosts: oo_hosts_to_config + user: root + gather_facts: true + + tasks: + + - name: Yum update + yum: name=* state=latest + # Apply the configs, seprate so that just the configs can be run by themselves -- include: config.yml +#- include: config.yml diff --git a/playbooks/aws/ansible-tower/vars.ops b/playbooks/aws/ansible-tower/vars.ops deleted file mode 100644 index feb5d786a..000000000 --- a/playbooks/aws/ansible-tower/vars.ops +++ /dev/null @@ -1,9 +0,0 @@ ---- -oo_env_long: operations -oo_zabbix_hostgroups: ['OPS Environment'] -oo_vpc_subnet_id: subnet-4f0bdd38 # USE OPS -oo_assign_public_ip: yes -oo_security_group_ids: - - sg-02c2f267 # Libra (vpc) - - sg-7fc4f41a # ops (vpc) - - sg-4dc26829 # ops_tower (vpc) diff --git a/playbooks/aws/ansible-tower/vars.ops.yml b/playbooks/aws/ansible-tower/vars.ops.yml new file mode 100644 index 000000000..feb5d786a --- /dev/null +++ b/playbooks/aws/ansible-tower/vars.ops.yml @@ -0,0 +1,9 @@ +--- +oo_env_long: operations +oo_zabbix_hostgroups: ['OPS Environment'] +oo_vpc_subnet_id: subnet-4f0bdd38 # USE OPS +oo_assign_public_ip: yes +oo_security_group_ids: + - sg-02c2f267 # Libra (vpc) + - sg-7fc4f41a # ops (vpc) + - sg-4dc26829 # ops_tower (vpc) diff --git a/roles/ansible_install/tasks/main.yaml b/roles/ansible_install/tasks/main.yaml new file mode 100644 index 000000000..67a04b919 --- /dev/null +++ b/roles/ansible_install/tasks/main.yaml @@ -0,0 +1,7 @@ +--- +# Install ansible client + +- name: Install Ansible + yum: + pkg: ansible + state: installed diff --git a/roles/base_os/tasks/main.yaml b/roles/base_os/tasks/main.yaml index 01d2898c5..dddedeaa8 100644 --- a/roles/base_os/tasks/main.yaml +++ b/roles/base_os/tasks/main.yaml @@ -16,6 +16,11 @@ src: vimrc dest: /root/.vimrc +- name: Bash Completion + yum: + pkg: bash-completion + state: installed + - name: Install firewalld yum: pkg: firewalld diff --git a/roles/ipv6_disable/tasks/main.yaml b/roles/ipv6_disable/tasks/main.yaml new file mode 100644 index 000000000..fae5beee7 --- /dev/null +++ b/roles/ipv6_disable/tasks/main.yaml @@ -0,0 +1,11 @@ +--- +# Disable ipv6 on RHEL7 + +- name: Disable all ipv6 + sysctl: name="net.ipv6.conf.all.disable_ipv6" value=1 sysctl_set=yes state=present reload=yes + +- name: Disable default ipv6 + sysctl: name="net.ipv6.conf.default.disable_ipv6" value=1 sysctl_set=yes state=present reload=yes + +- name: Remove ipv6 localhost from /etc/hosts + lineinfile: dest='/etc/hosts' regexp='^::1 ' state=absent owner=root group=root mode=0644 -- cgit v1.2.3 From 6f4ccff8954b57156a4df2984c953debfeef7c2d Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Sun, 15 Feb 2015 21:47:17 -0500 Subject: more trials to make things work --- lib/aws_command.rb | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/lib/aws_command.rb b/lib/aws_command.rb index 7c6872c64..109542007 100644 --- a/lib/aws_command.rb +++ b/lib/aws_command.rb @@ -76,9 +76,18 @@ module OpenShift host_type = nil if options[:name] details = AwsHelper.get_host_details(options[:name]) +#- ah.extra_vars['oo_host_group_exp'] = options[:name] +#- ah.extra_vars['oo_env'] = details['env'] +#- host_type = details['host-type'] +#+ ah.extra_vars['oo_host_group_exp'] = details['ec2_public_dns_name'] +#+ ah.extra_vars['oo_env'] = details['ec2_tag_environment'] +#+ host_type = details['ec2_tag_host-type'] + +# ah.extra_vars['oo_host_group_exp'] = details['ec2_public_dns_name'] ah.extra_vars['oo_host_group_exp'] = options[:name] - ah.extra_vars['oo_env'] = details['env'] - host_type = details['host-type'] +# ah.extra_vars['oo_env'] = details['env'] + ah.extra_vars['oo_env'] = details['ec2_tag_environment'] + host_type = details['ec2_tag_host-type'] elsif options[:type] && options[:env] oo_env_host_type_tag = AwsHelper.generate_env_host_type_tag_name(options[:env], options[:type]) ah.extra_vars['oo_host_group_exp'] = "groups['#{oo_env_host_type_tag}']" -- cgit v1.2.3 From 8120628e5a4f913e770851c1a3172126d79695fc Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Tue, 17 Feb 2015 16:41:48 -0500 Subject: ansible tower install --- playbooks/aws/ansible-tower/config.yml | 1 + playbooks/aws/ansible-tower/launch.yml | 2 +- roles/ansible_tower/files/inventory | 5 ++++ roles/ansible_tower/files/tower_setup_conf.yml | 10 +++++++ roles/ansible_tower/tasks/main.yaml | 38 ++++++++++++++++++++++++++ 5 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 roles/ansible_tower/files/inventory create mode 100644 roles/ansible_tower/files/tower_setup_conf.yml create mode 100644 roles/ansible_tower/tasks/main.yaml diff --git a/playbooks/aws/ansible-tower/config.yml b/playbooks/aws/ansible-tower/config.yml index 069a7b7b1..33c331222 100644 --- a/playbooks/aws/ansible-tower/config.yml +++ b/playbooks/aws/ansible-tower/config.yml @@ -19,3 +19,4 @@ - ../../../roles/base_os - ../../../roles/ipv6_disable - ../../../roles/ansible_install + - ../../../roles/ansible_tower diff --git a/playbooks/aws/ansible-tower/launch.yml b/playbooks/aws/ansible-tower/launch.yml index b4b294a02..d2938f443 100644 --- a/playbooks/aws/ansible-tower/launch.yml +++ b/playbooks/aws/ansible-tower/launch.yml @@ -100,4 +100,4 @@ yum: name=* state=latest # Apply the configs, seprate so that just the configs can be run by themselves -#- include: config.yml +- include: config.yml diff --git a/roles/ansible_tower/files/inventory b/roles/ansible_tower/files/inventory new file mode 100644 index 000000000..c4f03c7fb --- /dev/null +++ b/roles/ansible_tower/files/inventory @@ -0,0 +1,5 @@ +[primary] +localhost + +[all:children] +primary diff --git a/roles/ansible_tower/files/tower_setup_conf.yml b/roles/ansible_tower/files/tower_setup_conf.yml new file mode 100644 index 000000000..023e6cd3e --- /dev/null +++ b/roles/ansible_tower/files/tower_setup_conf.yml @@ -0,0 +1,10 @@ +admin_password: Wd97YLJkqt0Z +database: external +munin_password: Wd97YLJkqt0Z +pg_database: tower +pg_host: use-tower1.cx5dyo4uindu.us-east-1.rds.amazonaws.com +pg_password: qG3JwuXb6uXi +pg_port: 5432 +pg_username: tower_admin +primary_machine: localhost +redis_password: wbTneuaKu4YSLSmWqCYVQaB83bREadRg8HRvNJX4 diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml new file mode 100644 index 000000000..ccdc5a486 --- /dev/null +++ b/roles/ansible_tower/tasks/main.yaml @@ -0,0 +1,38 @@ +--- +- name: install some useful packages + yum: name={{ item }} + with_items: + - git + - python-pip + - unzip + - python-psphere + - ansible + - telnet + - ack + +- name: download Tower setup + #get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-{{tower_version}}.tar.gz + get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-2.1.1.tar.gz + dest=/opt/ force=yes + +- name: extract Tower + unarchive: src=/opt/ansible-tower-setup-2.1.1.tar.gz dest=/opt copy=no + +- name: copy tower_setup_conf.yml + copy: src=tower_setup_conf.yml dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 + +- name: copy inventory + copy: src=inventory dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 + +- name: run the Tower installer + command: chdir=/opt/ansible-tower-setup-2.1.1 creates=/etc/awx/settings.py ./setup.sh + +- name: Open firewalld port for http + firewalld: port=80/tcp permanent=true state=enabled + +- name: Open firewalld port for https + firewalld: port=443/tcp permanent=true state=enabled + +- name: Open firewalld port for https + firewalld: port=8080/tcp permanent=true state=enabled + -- cgit v1.2.3 From eaeeb1ec8370c35c7010b9350d42e30e5e00dcc5 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Thu, 19 Feb 2015 09:42:28 -0500 Subject: more updates --- playbooks/aws/ansible-tower/config.yml | 1 + roles/ansible_tower/tasks/main.yaml | 16 ++++++++-------- roles/timezone/tasks/main.yaml | 4 ++++ 3 files changed, 13 insertions(+), 8 deletions(-) create mode 100644 roles/timezone/tasks/main.yaml diff --git a/playbooks/aws/ansible-tower/config.yml b/playbooks/aws/ansible-tower/config.yml index 33c331222..0318d7a98 100644 --- a/playbooks/aws/ansible-tower/config.yml +++ b/playbooks/aws/ansible-tower/config.yml @@ -17,6 +17,7 @@ - "vars.{{ oo_env }}.yml" roles: - ../../../roles/base_os + - ../../../roles/timezone - ../../../roles/ipv6_disable - ../../../roles/ansible_install - ../../../roles/ansible_tower diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index ccdc5a486..8fe0634d2 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -15,14 +15,14 @@ get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-2.1.1.tar.gz dest=/opt/ force=yes -- name: extract Tower - unarchive: src=/opt/ansible-tower-setup-2.1.1.tar.gz dest=/opt copy=no - -- name: copy tower_setup_conf.yml - copy: src=tower_setup_conf.yml dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 - -- name: copy inventory - copy: src=inventory dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 +#- name: extract Tower +# unarchive: src=/opt/ansible-tower-setup-2.1.1.tar.gz dest=/opt copy=no +# +#- name: copy tower_setup_conf.yml +# copy: src=tower_setup_conf.yml dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 +# +#- name: copy inventory +# copy: src=inventory dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 - name: run the Tower installer command: chdir=/opt/ansible-tower-setup-2.1.1 creates=/etc/awx/settings.py ./setup.sh diff --git a/roles/timezone/tasks/main.yaml b/roles/timezone/tasks/main.yaml new file mode 100644 index 000000000..339b4e0b2 --- /dev/null +++ b/roles/timezone/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- name: Setup correct timezone + command: timedatectl set-timezone America/New_York + when: ansible_os_family == "RedHat" and ansible_lsb.major_release|int >= 7 -- cgit v1.2.3 From f780d4fa01a1e8b1559d31a7065715317a884ec4 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Tue, 24 Feb 2015 10:14:28 -0500 Subject: renamed ipv6_disable --- roles/ipv6_disable/tasks/main.yaml | 11 ----------- roles/os_ipv6_disable/tasks/main.yaml | 11 +++++++++++ roles/timezone/tasks/main.yaml | 4 ---- 3 files changed, 11 insertions(+), 15 deletions(-) delete mode 100644 roles/ipv6_disable/tasks/main.yaml create mode 100644 roles/os_ipv6_disable/tasks/main.yaml delete mode 100644 roles/timezone/tasks/main.yaml diff --git a/roles/ipv6_disable/tasks/main.yaml b/roles/ipv6_disable/tasks/main.yaml deleted file mode 100644 index fae5beee7..000000000 --- a/roles/ipv6_disable/tasks/main.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -# Disable ipv6 on RHEL7 - -- name: Disable all ipv6 - sysctl: name="net.ipv6.conf.all.disable_ipv6" value=1 sysctl_set=yes state=present reload=yes - -- name: Disable default ipv6 - sysctl: name="net.ipv6.conf.default.disable_ipv6" value=1 sysctl_set=yes state=present reload=yes - -- name: Remove ipv6 localhost from /etc/hosts - lineinfile: dest='/etc/hosts' regexp='^::1 ' state=absent owner=root group=root mode=0644 diff --git a/roles/os_ipv6_disable/tasks/main.yaml b/roles/os_ipv6_disable/tasks/main.yaml new file mode 100644 index 000000000..fae5beee7 --- /dev/null +++ b/roles/os_ipv6_disable/tasks/main.yaml @@ -0,0 +1,11 @@ +--- +# Disable ipv6 on RHEL7 + +- name: Disable all ipv6 + sysctl: name="net.ipv6.conf.all.disable_ipv6" value=1 sysctl_set=yes state=present reload=yes + +- name: Disable default ipv6 + sysctl: name="net.ipv6.conf.default.disable_ipv6" value=1 sysctl_set=yes state=present reload=yes + +- name: Remove ipv6 localhost from /etc/hosts + lineinfile: dest='/etc/hosts' regexp='^::1 ' state=absent owner=root group=root mode=0644 diff --git a/roles/timezone/tasks/main.yaml b/roles/timezone/tasks/main.yaml deleted file mode 100644 index 339b4e0b2..000000000 --- a/roles/timezone/tasks/main.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- name: Setup correct timezone - command: timedatectl set-timezone America/New_York - when: ansible_os_family == "RedHat" and ansible_lsb.major_release|int >= 7 -- cgit v1.2.3 From ff08486781625fcdd13210963b94e2c1d3a2e00a Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Tue, 24 Feb 2015 10:19:17 -0500 Subject: cleaned up ansible tower --- roles/ansible_tower/files/inventory | 5 ----- roles/ansible_tower/files/tower_setup_conf.yml | 10 ---------- roles/ansible_tower/tasks/main.yaml | 8 ++++---- 3 files changed, 4 insertions(+), 19 deletions(-) delete mode 100644 roles/ansible_tower/files/inventory delete mode 100644 roles/ansible_tower/files/tower_setup_conf.yml diff --git a/roles/ansible_tower/files/inventory b/roles/ansible_tower/files/inventory deleted file mode 100644 index c4f03c7fb..000000000 --- a/roles/ansible_tower/files/inventory +++ /dev/null @@ -1,5 +0,0 @@ -[primary] -localhost - -[all:children] -primary diff --git a/roles/ansible_tower/files/tower_setup_conf.yml b/roles/ansible_tower/files/tower_setup_conf.yml deleted file mode 100644 index 023e6cd3e..000000000 --- a/roles/ansible_tower/files/tower_setup_conf.yml +++ /dev/null @@ -1,10 +0,0 @@ -admin_password: Wd97YLJkqt0Z -database: external -munin_password: Wd97YLJkqt0Z -pg_database: tower -pg_host: use-tower1.cx5dyo4uindu.us-east-1.rds.amazonaws.com -pg_password: qG3JwuXb6uXi -pg_port: 5432 -pg_username: tower_admin -primary_machine: localhost -redis_password: wbTneuaKu4YSLSmWqCYVQaB83bREadRg8HRvNJX4 diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index 8fe0634d2..090f0ed00 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -11,13 +11,13 @@ - ack - name: download Tower setup - #get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-{{tower_version}}.tar.gz +# get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-{{tower_version}}.tar.gz get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-2.1.1.tar.gz dest=/opt/ force=yes -#- name: extract Tower -# unarchive: src=/opt/ansible-tower-setup-2.1.1.tar.gz dest=/opt copy=no -# +- name: extract Tower + unarchive: src=/opt/ansible-tower-setup-2.1.1.tar.gz dest=/opt copy=no + #- name: copy tower_setup_conf.yml # copy: src=tower_setup_conf.yml dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 # -- cgit v1.2.3 From 0a6602e6ff0e1340331002e371f5379ef74934a8 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Tue, 24 Feb 2015 12:55:41 -0500 Subject: cleaned up ansible tower --- lib/aws_command.rb | 2 +- playbooks/aws/ansible-tower/config.yml | 5 ++--- playbooks/aws/ansible-tower/launch.yml | 27 +-------------------------- roles/ansible/tasks/main.yaml | 7 +++++++ roles/ansible_install/tasks/main.yaml | 7 ------- roles/ansible_tower/tasks/main.yaml | 9 ++++----- 6 files changed, 15 insertions(+), 42 deletions(-) create mode 100644 roles/ansible/tasks/main.yaml delete mode 100644 roles/ansible_install/tasks/main.yaml diff --git a/lib/aws_command.rb b/lib/aws_command.rb index 0c714cdb4..44df05e6a 100644 --- a/lib/aws_command.rb +++ b/lib/aws_command.rb @@ -7,7 +7,7 @@ module OpenShift module Ops class AwsCommand < Thor # WARNING: we do not currently support environments with hyphens in the name - SUPPORTED_ENVS = %w(prod stg int twiest gshipley kint test jhonce amint tdint lint) + SUPPORTED_ENVS = %w(prod stg int ops twiest gshipley kint test jhonce amint tdint lint) option :type, :required => true, :enum => LaunchHelper.get_aws_host_types, :desc => 'The host type of the new instances.' diff --git a/playbooks/aws/ansible-tower/config.yml b/playbooks/aws/ansible-tower/config.yml index 0318d7a98..423860828 100644 --- a/playbooks/aws/ansible-tower/config.yml +++ b/playbooks/aws/ansible-tower/config.yml @@ -17,7 +17,6 @@ - "vars.{{ oo_env }}.yml" roles: - ../../../roles/base_os - - ../../../roles/timezone - - ../../../roles/ipv6_disable - - ../../../roles/ansible_install + - ../../../roles/os_ipv6_disable + - ../../../roles/ansible - ../../../roles/ansible_tower diff --git a/playbooks/aws/ansible-tower/launch.yml b/playbooks/aws/ansible-tower/launch.yml index d2938f443..4c29fa833 100644 --- a/playbooks/aws/ansible-tower/launch.yml +++ b/playbooks/aws/ansible-tower/launch.yml @@ -8,8 +8,6 @@ inst_region: us-east-1 rhel7_ami: ami-a24e30ca user_data_file: user_data.txt - oo_vpc_subnet_id: # Purposely left blank, these are here to be overridden in env vars_files - oo_assign_public_ip: # Purposely left blank, these are here to be overridden in env vars_files vars_files: - vars.yml @@ -29,30 +27,7 @@ wait: yes assign_public_ip: "{{ oo_assign_public_ip }}" vpc_subnet_id: "{{ oo_vpc_subnet_id }}" - when: oo_vpc_subnet_id - register: ec2_vpc - - - set_fact: - ec2: "{{ ec2_vpc }}" - when: oo_vpc_subnet_id - - - name: Launch instances in Classic - ec2: - state: present - region: "{{ inst_region }}" - keypair: mmcgrath_libra - group: ['Libra', '{{ oo_env }}', '{{ oo_env }}_proxy', '{{ oo_env }}_proxy_atomic'] - instance_type: c4.xlarge - image: "{{ rhel7_ami }}" - count: "{{ oo_new_inst_names | oo_len }}" - user_data: "{{ lookup('file', user_data_file) }}" - wait: yes - when: not oo_vpc_subnet_id - register: ec2_classic - - - set_fact: - ec2: "{{ ec2_classic }}" - when: not oo_vpc_subnet_id + register: ec2 - name: Add Name and environment tags to instances ec2_tag: "resource={{ item.1.id }} region={{ inst_region }} state=present" diff --git a/roles/ansible/tasks/main.yaml b/roles/ansible/tasks/main.yaml new file mode 100644 index 000000000..67a04b919 --- /dev/null +++ b/roles/ansible/tasks/main.yaml @@ -0,0 +1,7 @@ +--- +# Install ansible client + +- name: Install Ansible + yum: + pkg: ansible + state: installed diff --git a/roles/ansible_install/tasks/main.yaml b/roles/ansible_install/tasks/main.yaml deleted file mode 100644 index 67a04b919..000000000 --- a/roles/ansible_install/tasks/main.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# Install ansible client - -- name: Install Ansible - yum: - pkg: ansible - state: installed diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index 090f0ed00..f62612eff 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -12,11 +12,10 @@ - name: download Tower setup # get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-{{tower_version}}.tar.gz - get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-2.1.1.tar.gz - dest=/opt/ force=yes + get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-2.1.1.tar.gz dest=/opt/ force=no - name: extract Tower - unarchive: src=/opt/ansible-tower-setup-2.1.1.tar.gz dest=/opt copy=no + unarchive: src=/opt/ansible-tower-setup-2.1.1.tar.gz dest=/opt copy=no creates=ansible-tower-setup-2.1.1 #- name: copy tower_setup_conf.yml # copy: src=tower_setup_conf.yml dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 @@ -24,8 +23,8 @@ #- name: copy inventory # copy: src=inventory dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 -- name: run the Tower installer - command: chdir=/opt/ansible-tower-setup-2.1.1 creates=/etc/awx/settings.py ./setup.sh +#- name: run the Tower installer +# command: chdir=/opt/ansible-tower-setup-2.1.1 creates=/etc/awx/settings.py ./setup.sh - name: Open firewalld port for http firewalld: port=80/tcp permanent=true state=enabled -- cgit v1.2.3 From 44e939dba128ea0a02112af555fdf085edacf464 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Tue, 24 Feb 2015 14:52:57 -0500 Subject: removing dead code for twiest --- roles/ansible_tower/tasks/main.yaml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index f62612eff..f58a5b1c2 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -11,21 +11,11 @@ - ack - name: download Tower setup -# get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-{{tower_version}}.tar.gz get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-2.1.1.tar.gz dest=/opt/ force=no - name: extract Tower unarchive: src=/opt/ansible-tower-setup-2.1.1.tar.gz dest=/opt copy=no creates=ansible-tower-setup-2.1.1 -#- name: copy tower_setup_conf.yml -# copy: src=tower_setup_conf.yml dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 -# -#- name: copy inventory -# copy: src=inventory dest=/opt/ansible-tower-setup-2.1.1 owner=root group=root mode=0644 - -#- name: run the Tower installer -# command: chdir=/opt/ansible-tower-setup-2.1.1 creates=/etc/awx/settings.py ./setup.sh - - name: Open firewalld port for http firewalld: port=80/tcp permanent=true state=enabled -- cgit v1.2.3