summaryrefslogtreecommitdiffstats
path: root/playbooks
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks')
-rw-r--r--playbooks/ands-prepare.yml46
-rw-r--r--playbooks/ands-setup-vm.yml5
l---------playbooks/group_vars1
-rw-r--r--playbooks/heketi-destroy.yml5
l---------playbooks/host_vars1
-rw-r--r--playbooks/local.yml22
-rw-r--r--playbooks/maintain.yml11
-rw-r--r--playbooks/openshift-add-nodes.yml7
-rw-r--r--playbooks/openshift-install.yml22
l---------playbooks/openshift-redeploy-certificates.yml1
-rw-r--r--playbooks/openshift-setup-projects.yml28
-rw-r--r--playbooks/openshift-setup-storage.yml37
-rw-r--r--playbooks/openshift-setup-users.yml24
-rw-r--r--playbooks/openshift-setup-vpn.yml13
-rw-r--r--playbooks/openshift-setup.yml34
l---------playbooks/projects1
l---------playbooks/roles1
-rw-r--r--playbooks/tmp_role.yml6
l---------playbooks/users1
19 files changed, 266 insertions, 0 deletions
diff --git a/playbooks/ands-prepare.yml b/playbooks/ands-prepare.yml
new file mode 100644
index 0000000..1b4fc2a
--- /dev/null
+++ b/playbooks/ands-prepare.yml
@@ -0,0 +1,46 @@
+- name: Common setup procedures
+ hosts: ands
+ roles:
+ - role: ands_facts
+ - role: common
+
+- name: Keepalived service
+ hosts: masters
+ roles:
+ - role: keepalived
+ vars:
+ keepalived_vips: "{{ ands_ipfailover_vips | default([]) }}"
+ keepalived_iface: "{{ ands_ipfailover_interface | default('eth0') }}"
+ keepalived_password: "{{ ands_secrets.keepalived }}"
+
+#OpenVPN started before Origin-node causes problems
+#- name: OpenVPN service
+# hosts: nodes
+# roles:
+# - role: openvpn
+# vars:
+# openvpn_config: "katrin"
+# openvpn_lb: "{{ ands_openshift_lb }}"
+# openvpn_servers: "masters"
+
+- name: Configures Ands storage
+ hosts: ands_storage_servers
+ roles:
+ - role: ands_storage
+
+- name: Docker setup
+ hosts: nodes
+ roles:
+ - role: docker
+ vars:
+ docker_exclude_vgs: "{{ [ ands_data_vg ] }}"
+
+- name: Configure GlusterFS cluster
+ hosts: ands_servers
+ roles:
+ - role: glusterfs
+ vars:
+ glusterfs_network: "{{ ands_storage_network }}"
+ glusterfs_servers: "{{ ands_storage_servers }}"
+ glusterfs_bricks_path: "{{ ands_data_path }}/glusterfs"
+ glusterfs_domains: "{{ ands_storage_domains }}"
diff --git a/playbooks/ands-setup-vm.yml b/playbooks/ands-setup-vm.yml
new file mode 100644
index 0000000..d97916d
--- /dev/null
+++ b/playbooks/ands-setup-vm.yml
@@ -0,0 +1,5 @@
+- name: Common setup procedures
+ hosts: vagrant
+ roles:
+ - role: ands_vagrant_vm
+
diff --git a/playbooks/group_vars b/playbooks/group_vars
new file mode 120000
index 0000000..de38180
--- /dev/null
+++ b/playbooks/group_vars
@@ -0,0 +1 @@
+../group_vars/ \ No newline at end of file
diff --git a/playbooks/heketi-destroy.yml b/playbooks/heketi-destroy.yml
new file mode 100644
index 0000000..b29679b
--- /dev/null
+++ b/playbooks/heketi-destroy.yml
@@ -0,0 +1,5 @@
+---
+- hosts: storage_nodes
+ tasks:
+ - name: Destroy Heketi volumes
+ shell: "yes | pvremove /dev/{{ansible_lvm.lvs.ands_heketi.vg}}/katrin_heketi --force --force"
diff --git a/playbooks/host_vars b/playbooks/host_vars
new file mode 120000
index 0000000..f1e217d
--- /dev/null
+++ b/playbooks/host_vars
@@ -0,0 +1 @@
+../host_vars/ \ No newline at end of file
diff --git a/playbooks/local.yml b/playbooks/local.yml
new file mode 100644
index 0000000..9e6ca38
--- /dev/null
+++ b/playbooks/local.yml
@@ -0,0 +1,22 @@
+- name: Store known hosts of 'all' the hosts in the inventory file
+ hosts: localhost
+ connection: local
+
+ vars:
+ ssh_known_hosts_command: "ssh-keyscan -T 10"
+ ssh_known_hosts_file: "{{ lookup('env','HOME') + '/.ssh/known_hosts' }}"
+ ssh_known_hosts: "{{ groups['all'] }}"
+
+ tasks:
+ - name: For each host, scan for its ssh public key
+ shell: "ssh-keyscan {{ item }},`dig +short {{ item }}`"
+ with_items: "{{ ssh_known_hosts }}"
+ register: ssh_known_host_results
+ ignore_errors: yes
+
+ - name: Add/update the public key in the '{{ ssh_known_hosts_file }}'
+ known_hosts:
+ name: "{{ item.item }}"
+ key: "{{ item.stdout }}"
+ path: "{{ ssh_known_hosts_file }}"
+ with_items: "{{ ssh_known_host_results.results }}"
diff --git a/playbooks/maintain.yml b/playbooks/maintain.yml
new file mode 100644
index 0000000..3167252
--- /dev/null
+++ b/playbooks/maintain.yml
@@ -0,0 +1,11 @@
+- name: Check cert expirys
+ hosts: nodes:masters:etcd
+ become: yes
+ gather_facts: no
+ vars:
+ openshift_certificate_expiry_save_json_results: yes
+ openshift_certificate_expiry_generate_html_report: yes
+ openshift_certificate_expiry_html_report_path: ./report
+ openshift_certificate_expiry_show_all: yes
+ roles:
+ - role: openshift_certificate_expiry
diff --git a/playbooks/openshift-add-nodes.yml b/playbooks/openshift-add-nodes.yml
new file mode 100644
index 0000000..ccb5d1c
--- /dev/null
+++ b/playbooks/openshift-add-nodes.yml
@@ -0,0 +1,7 @@
+- name: Configure cluster hosts names
+ hosts: nodes
+ roles:
+ - { role: ands_facts }
+ - { role: ands_openshift, subrole: hostnames }
+
+- include: ../../openshift-ansible/playbooks/byo/openshift-node/scaleup.yml
diff --git a/playbooks/openshift-install.yml b/playbooks/openshift-install.yml
new file mode 100644
index 0000000..c54f4ee
--- /dev/null
+++ b/playbooks/openshift-install.yml
@@ -0,0 +1,22 @@
+- name: Configure cluster hosts names
+ hosts: nodes
+ roles:
+ - { role: ands_facts }
+ - { role: ands_openshift, subrole: hostnames }
+
+- name: Temporary provision /etc/hosts with Masters IP.
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present"
+ when: (ands_provision_without_dns | default(false))
+ vars:
+ node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}"
+
+
+- include: ../../openshift-ansible/playbooks/byo/config.yml
+
+- name: Remove temporary entries in /etc/hosts
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent"
+ when: (ands_provision_without_dns | default(false))
diff --git a/playbooks/openshift-redeploy-certificates.yml b/playbooks/openshift-redeploy-certificates.yml
new file mode 120000
index 0000000..2ac0c05
--- /dev/null
+++ b/playbooks/openshift-redeploy-certificates.yml
@@ -0,0 +1 @@
+../../openshift-ansible/playbooks/byo/openshift-cluster/redeploy-certificates.yml \ No newline at end of file
diff --git a/playbooks/openshift-setup-projects.yml b/playbooks/openshift-setup-projects.yml
new file mode 100644
index 0000000..46d6767
--- /dev/null
+++ b/playbooks/openshift-setup-projects.yml
@@ -0,0 +1,28 @@
+- name: Configure users & user projects
+ hosts: masters
+ roles:
+ - { role: ands_facts }
+
+- name: Temporary provision /etc/hosts with Masters IP.
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present"
+ when: (ands_provision_without_dns | default(false))
+ vars:
+ node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}"
+
+- name: Configure users & user projects
+ hosts: masters
+ roles:
+ - { role: ands_openshift, subrole: users }
+ - { role: ands_kaas }
+ vars:
+ kaas_projects: "{{ ands_openshift_projects.keys() }}"
+ kaas_openshift_volumes: "{{ ands_openshift_volumes }}"
+
+
+- name: Remove temporary entries in /etc/hosts
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent"
+ when: (ands_provision_without_dns | default(false))
diff --git a/playbooks/openshift-setup-storage.yml b/playbooks/openshift-setup-storage.yml
new file mode 100644
index 0000000..387b775
--- /dev/null
+++ b/playbooks/openshift-setup-storage.yml
@@ -0,0 +1,37 @@
+---
+- name: Configure GlusterFS storage
+ hosts: nodes
+ roles:
+ - { role: ands_facts }
+
+- name: Configure GlusterFS storage
+ hosts: nodes
+ roles:
+ - { role: glusterfs, subrole: volumes }
+ vars:
+ glusterfs_network: "{{ ands_storage_network }}"
+ glusterfs_servers: "{{ ands_storage_servers }}"
+ glusterfs_bricks_path: "{{ ands_data_path }}/glusterfs"
+ glusterfs_domains: "{{ ands_storage_domains }}"
+
+
+- name: Temporary provision /etc/hosts with Masters IP.
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present"
+ when: (ands_provision_without_dns | default(false))
+ vars:
+ node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}"
+
+- name: Configure OpenShift volumes
+ hosts: masters
+ roles:
+ - { role: ands_openshift, subrole: storage }
+
+- name: Remove temporary entries in /etc/hosts
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent"
+ when: (ands_provision_without_dns | default(false))
+
+# we also reconfigure kaas to populate new configs?
diff --git a/playbooks/openshift-setup-users.yml b/playbooks/openshift-setup-users.yml
new file mode 100644
index 0000000..d160823
--- /dev/null
+++ b/playbooks/openshift-setup-users.yml
@@ -0,0 +1,24 @@
+- name: Configure users
+ hosts: masters
+ roles:
+ - { role: ands_facts }
+
+
+- name: Temporary provision /etc/hosts with Masters IP.
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present"
+ when: (ands_provision_without_dns | default(false))
+ vars:
+ node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}"
+
+- name: Configure users
+ hosts: masters
+ roles:
+ - { role: ands_openshift, subrole: users }
+
+- name: Remove temporary entries in /etc/hosts
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent"
+ when: (ands_provision_without_dns | default(false))
diff --git a/playbooks/openshift-setup-vpn.yml b/playbooks/openshift-setup-vpn.yml
new file mode 100644
index 0000000..be5fe45
--- /dev/null
+++ b/playbooks/openshift-setup-vpn.yml
@@ -0,0 +1,13 @@
+- name: Common setup procedures
+ hosts: ands
+ roles:
+ - role: ands_facts
+
+- name: OpenVPN service
+ hosts: nodes
+ roles:
+ - role: openvpn
+ vars:
+ openvpn_config: "katrin"
+ openvpn_lb: "{{ ands_openshift_lb }}"
+ openvpn_servers: "masters"
diff --git a/playbooks/openshift-setup.yml b/playbooks/openshift-setup.yml
new file mode 100644
index 0000000..4b98f39
--- /dev/null
+++ b/playbooks/openshift-setup.yml
@@ -0,0 +1,34 @@
+- name: Common setup procedures
+ hosts: ands
+ roles:
+ - role: ands_facts
+
+
+- name: Temporary provision /etc/hosts with Masters IP.
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present"
+ when: (ands_provision_without_dns | default(false))
+ vars:
+ node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}"
+
+- name: Various OpenShift resources
+ hosts: nodes
+ roles:
+ - role: ands_openshift
+
+- name: Remove temporary entries in /etc/hosts
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent"
+ when: (ands_provision_without_dns | default(false))
+
+
+- name: OpenVPN service
+ hosts: nodes
+ roles:
+ - role: openvpn
+ vars:
+ openvpn_config: "katrin"
+ openvpn_lb: "{{ ands_openshift_lb }}"
+ openvpn_servers: "masters"
diff --git a/playbooks/projects b/playbooks/projects
new file mode 120000
index 0000000..aacce37
--- /dev/null
+++ b/playbooks/projects
@@ -0,0 +1 @@
+../setup/projects/ \ No newline at end of file
diff --git a/playbooks/roles b/playbooks/roles
new file mode 120000
index 0000000..d8c4472
--- /dev/null
+++ b/playbooks/roles
@@ -0,0 +1 @@
+../roles \ No newline at end of file
diff --git a/playbooks/tmp_role.yml b/playbooks/tmp_role.yml
new file mode 100644
index 0000000..f004204
--- /dev/null
+++ b/playbooks/tmp_role.yml
@@ -0,0 +1,6 @@
+- name: Common setup procedures
+ hosts: nodes
+ remote_user: root
+ roles:
+ - ands_facts
+ - ands_openshift
diff --git a/playbooks/users b/playbooks/users
new file mode 120000
index 0000000..1e70137
--- /dev/null
+++ b/playbooks/users
@@ -0,0 +1 @@
+../setup/users/ \ No newline at end of file