From a0d2dd9d29e8622e739870baf172f2b8a7e9c6a0 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Mon, 17 Jul 2017 14:05:42 +0200 Subject: Add a role to generate a static inventory (#540) * Add the static-inventory role that configures the inventory/hosts file by the given path, or creates it for you. Signed-off-by: Bogdan Dobrelya --- roles/static_inventory/tasks/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 roles/static_inventory/tasks/main.yml (limited to 'roles/static_inventory/tasks/main.yml') diff --git a/roles/static_inventory/tasks/main.yml b/roles/static_inventory/tasks/main.yml new file mode 100644 index 000000000..15c81690e --- /dev/null +++ b/roles/static_inventory/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Generate in-memory inventory + include: openstack.yml + +- name: Checkpoint in-memory data into a static inventory + include: checkpoint.yml -- cgit v1.2.3 From 677fd46cf37cab5f995170b3567939d784ebb07a Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 5 Jul 2017 12:46:57 +0200 Subject: Add bastion and ssh config for the static inventory role * Autogenerate SSH config for static inventory and bastion. * When using bastion, use FQDN for inventory's ansible_host and SSH config's Hostname. Simplifies accessing nodes by names instead of private IPs. Signed-off-by: Bogdan Dobrelya --- roles/static_inventory/tasks/main.yml | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'roles/static_inventory/tasks/main.yml') diff --git a/roles/static_inventory/tasks/main.yml b/roles/static_inventory/tasks/main.yml index 15c81690e..b58866017 100644 --- a/roles/static_inventory/tasks/main.yml +++ b/roles/static_inventory/tasks/main.yml @@ -4,3 +4,7 @@ - name: Checkpoint in-memory data into a static inventory include: checkpoint.yml + +- name: Generate SSH config for accessing hosts via bastion + include: sshconfig.yml + when: use_bastion|bool -- cgit v1.2.3 From 6ebad037254b0c254638f6e6dfbd48e451a1ceeb Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 16 Aug 2017 09:14:06 +0200 Subject: Access UI via a bastion node (#596) When using a bastion and a single master, use the lb-secgrp to access UI port allowed from the ingress bastion node cidr. For HA (masters>1), UI still should be accessed via the LB node's ingress cidr, omitting the bastion. Signed-off-by: Bogdan Dobrelya --- roles/static_inventory/tasks/main.yml | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'roles/static_inventory/tasks/main.yml') diff --git a/roles/static_inventory/tasks/main.yml b/roles/static_inventory/tasks/main.yml index b58866017..24e11beb6 100644 --- a/roles/static_inventory/tasks/main.yml +++ b/roles/static_inventory/tasks/main.yml @@ -8,3 +8,10 @@ - name: Generate SSH config for accessing hosts via bastion include: sshconfig.yml when: use_bastion|bool + +- name: Configure SSH tunneling to access UI + include: sshtun.yml + become: true + when: + - use_bastion|bool + - ui_ssh_tunnel|bool -- cgit v1.2.3 From 8a204aaec709135ebfa716459f2ba3bcf1db4f04 Mon Sep 17 00:00:00 2001 From: Tomas Sedovic Date: Wed, 13 Sep 2017 17:44:45 +0200 Subject: Clear the previous inventory during provisioning If there was a left-over inventory from a previous run that had nodes which were subsequently removed, these would still show up in the Ansible's in-memory inventory and Ansible would fail trying to connect to them. This is because Ansible automatically loads the `inventory/hosts` file if it exists and even if we overwrite it later, every node and group still remains in the memory. By removing the inventory file and and calling the `refresh_inventory` meta task, we make sure that any left-over values are removed. --- roles/static_inventory/tasks/main.yml | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'roles/static_inventory/tasks/main.yml') diff --git a/roles/static_inventory/tasks/main.yml b/roles/static_inventory/tasks/main.yml index 24e11beb6..3dab62df2 100644 --- a/roles/static_inventory/tasks/main.yml +++ b/roles/static_inventory/tasks/main.yml @@ -1,4 +1,12 @@ --- +- name: Remove any existing inventory + file: + path: "{{ inventory_path }}/hosts" + state: absent + +- name: Refresh the inventory + meta: refresh_inventory + - name: Generate in-memory inventory include: openstack.yml -- cgit v1.2.3