From cf9ae3a2d7e8411974282dc75735b0e8f3a9ba8e Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Mon, 27 Apr 2015 15:40:59 -0400 Subject: Updating ansible.cfg to use multi_ec2.py for inventory --- roles/openshift_ansible_inventory/tasks/main.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'roles') diff --git a/roles/openshift_ansible_inventory/tasks/main.yml b/roles/openshift_ansible_inventory/tasks/main.yml index 3990d5750..d68d27f84 100644 --- a/roles/openshift_ansible_inventory/tasks/main.yml +++ b/roles/openshift_ansible_inventory/tasks/main.yml @@ -9,3 +9,23 @@ group: "{{ oo_inventory_group }}" owner: "{{ oo_inventory_owner }}" mode: "0640" + +- file: + state: directory + dest: /etc/ansible/inventory + owner: root + group: libra_ops + mode: 0750 + +- file: + state: link + src: /usr/share/ansible/inventory/multi_ec2.py + dest: /etc/ansible/inventory/multi_ec2.py + owner: root + group: libra_ops + +- lineinfile: + dest: /etc/ansible/ansible.cfg + backrefs: yes + regexp: '^(hostfile|inventory)( *)=' + line: '\1\2= /etc/ansible/inventory' -- cgit v1.2.3 From 75cc97d6bf45cd14a8d0017beb88dbbadb6dcd0e Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Tue, 28 Apr 2015 14:07:31 -0400 Subject: Add vagrantfile and minor bugfixes - Add Vagrantfile for configuring a basic cluster - Add an initial readme for using vagrant - explicitly set connection: local and sudo: false for localhost actions in playbooks/common/openshift-node/config.yml - Fix permissions issue with openshift config file for non-root user --- .gitignore | 1 + README_vagrant.md | 25 ++++++++++++ Vagrantfile | 62 ++++++++++++++++++++++++++++++ playbooks/common/openshift-node/config.yml | 4 ++ roles/openshift_master/tasks/main.yml | 11 ++++++ 5 files changed, 103 insertions(+) create mode 100644 README_vagrant.md create mode 100644 Vagrantfile (limited to 'roles') diff --git a/.gitignore b/.gitignore index e25d99eeb..cacc711a1 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,4 @@ .DS_Store gce.ini multi_ec2.yaml +.vagrant diff --git a/README_vagrant.md b/README_vagrant.md new file mode 100644 index 000000000..e3b3b5551 --- /dev/null +++ b/README_vagrant.md @@ -0,0 +1,25 @@ +Requirements +------------ +- vagrant (tested against version 1.7.2) +- vagrant-hostmaster plugin (tested against version 1.5.0) +- vagrant-libvirt (tested against version 0.0.26) + - Only required if using libvirt instead of virtualbox + +Usage +----- +``` +vagrant up --no-provision +vagrant provision +``` + +Using libvirt: +``` +vagrant up --provider=libvirt --no-provision +vagrant provision +``` + +Environment Variables +--------------------- +The following environment variables can be overriden: +- OPENSHIFT_DEPLOYMENT_TYPE (defaults to origin, choices: origin, enterprise, online) +- OPENSHIFT_NUM_NODES (the number of nodes to create, defaults to 2) diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 000000000..648bc5171 --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,62 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : +VAGRANTFILE_API_VERSION = "2" + +unless Vagrant.has_plugin?("vagrant-hostmanager") + raise 'vagrant-hostmanager plugin is required' +end + +Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| + + deployment_type = ENV['OPENSHIFT_DEPLOYMENT_TYPE'] || 'origin' + num_nodes = (ENV['OPENSHIFT_NUM_NODES'] || 2).to_i + + config.hostmanager.enabled = true + config.hostmanager.manage_host = true + config.hostmanager.include_offline = true + config.ssh.insert_key = false + config.vm.provider "virtualbox" do |vbox, override| + override.vm.box = "chef/centos-7.1" + vbox.memory = 1024 + vbox.cpus = 2 + + # Enable multiple guest CPUs if available + vbox.customize ["modifyvm", :id, "--ioapic", "on"] + end + + config.vm.provider "libvirt" do |libvirt, override| + libvirt.cpus = 2 + libvirt.memory = 1024 + libvirt.driver = 'kvm' + override.vm.box = "centos-7.1" + override.vm.box_url = "https://download.gluster.org/pub/gluster/purpleidea/vagrant/centos-7.1/centos-7.1.box" + override.vm.box_download_checksum = "b2a9f7421e04e73a5acad6fbaf4e9aba78b5aeabf4230eebacc9942e577c1e05" + override.vm.box_download_checksum_type = "sha256" + end + + num_nodes.times do |n| + node_index = n+1 + config.vm.define "node#{node_index}" do |node| + node.vm.hostname = "ose3-node#{node_index}.example.com" + node.vm.network :private_network, ip: "192.168.100.#{200 + n}" + end + end + + config.vm.define "master" do |master| + master.vm.hostname = "ose3-master.example.com" + master.vm.network :private_network, ip: "192.168.100.100" + master.vm.network :forwarded_port, guest: 8443, host: 8443 + master.vm.provision "ansible" do |ansible| + ansible.limit = 'all' + ansible.sudo = true + ansible.groups = { + "masters" => ["master"], + "nodes" => ["node1", "node2"], + } + ansible.extra_vars = { + openshift_deployment_type: "origin", + } + ansible.playbook = "playbooks/byo/config.yml" + end + end +end diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 5a6c89489..433cfeb87 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -28,6 +28,8 @@ - name: Create temp directory for syncing certs hosts: localhost + connection: local + sudo: false gather_facts: no tasks: - name: Create local temp directory for syncing certs @@ -112,6 +114,8 @@ - name: Delete temporary directory on localhost hosts: localhost + connection: local + sudo: false gather_facts: no tasks: - file: name={{ mktemp.stdout }} state=absent diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 28bdda618..f9e6199a5 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -104,3 +104,14 @@ with_items: - root - "{{ ansible_ssh_user }}" + +- name: Update the permissions on the OpenShift client config(s) + file: + path: "~{{ item }}/.config/openshift/.config" + state: file + mode: 0700 + owner: "{{ item }}" + group: "{{ item }}" + with_items: + - root + - "{{ ansible_ssh_user }}" -- cgit v1.2.3 From ae10ca0213897cc41b5dd7a497006bb3bb4a9699 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Wed, 29 Apr 2015 12:35:43 -0400 Subject: added destination_format to our ec2.ini --- roles/openshift_ansible_inventory/tasks/main.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'roles') diff --git a/roles/openshift_ansible_inventory/tasks/main.yml b/roles/openshift_ansible_inventory/tasks/main.yml index d68d27f84..dddfe24e3 100644 --- a/roles/openshift_ansible_inventory/tasks/main.yml +++ b/roles/openshift_ansible_inventory/tasks/main.yml @@ -29,3 +29,17 @@ backrefs: yes regexp: '^(hostfile|inventory)( *)=' line: '\1\2= /etc/ansible/inventory' + +- name: setting ec2.ini destination_format + lineinfile: + dest: /usr/share/ansible/inventory/aws/ec2.ini + regexp: '^destination_format *=' + line: "destination_format = {{ oo_ec2_destination_format }}" + when: oo_ec2_destination_format is defined + +- name: setting ec2.ini destination_format_tags + lineinfile: + dest: /usr/share/ansible/inventory/aws/ec2.ini + regexp: '^destination_format_tags *=' + line: "destination_format_tags = {{ oo_ec2_destination_format_tags }}" + when: oo_ec2_destination_format_tags is defined -- cgit v1.2.3 From 36602d6c7113c2e6c16196986c067583a53357c9 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 29 Apr 2015 12:52:17 -0400 Subject: ansible tower cli role --- roles/ansible_tower/tasks/main.yaml | 2 -- roles/ansible_tower_cli/README.md | 50 +++++++++++++++++++++++++++++++ roles/ansible_tower_cli/defaults/main.yml | 2 ++ roles/ansible_tower_cli/handlers/main.yml | 2 ++ roles/ansible_tower_cli/meta/main.yml | 9 ++++++ roles/ansible_tower_cli/tasks/main.yml | 3 ++ roles/ansible_tower_cli/vars/main.yml | 2 ++ 7 files changed, 68 insertions(+), 2 deletions(-) create mode 100644 roles/ansible_tower_cli/README.md create mode 100644 roles/ansible_tower_cli/defaults/main.yml create mode 100644 roles/ansible_tower_cli/handlers/main.yml create mode 100644 roles/ansible_tower_cli/meta/main.yml create mode 100644 roles/ansible_tower_cli/tasks/main.yml create mode 100644 roles/ansible_tower_cli/vars/main.yml (limited to 'roles') diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index 1d75a95e6..a85ce7dcc 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -9,7 +9,6 @@ - ansible - telnet - ack - - python-ansible-tower-cli - name: download Tower setup get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-2.1.1.tar.gz dest=/opt/ force=no @@ -31,4 +30,3 @@ - name: Set (httpd_can_network_connect_db) flag on and keep it persistent across reboots seboolean: name=httpd_can_network_connect_db state=yes persistent=yes - diff --git a/roles/ansible_tower_cli/README.md b/roles/ansible_tower_cli/README.md new file mode 100644 index 000000000..d2d68146f --- /dev/null +++ b/roles/ansible_tower_cli/README.md @@ -0,0 +1,50 @@ +ansible_tower_cli +============== + +Install ansible-tower-cli rpm. + +Requirements +------------ + +None + +Role Variables +-------------- + +None + +Dependencies +------------ + +None + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - roles/ansible_tower_cli + +License +------- + +Copyright 2012-2014 Red Hat, Inc., All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +Author Information +------------------ + +openshift operations diff --git a/roles/ansible_tower_cli/defaults/main.yml b/roles/ansible_tower_cli/defaults/main.yml new file mode 100644 index 000000000..bef66bbfd --- /dev/null +++ b/roles/ansible_tower_cli/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for ansible_tower_cli diff --git a/roles/ansible_tower_cli/handlers/main.yml b/roles/ansible_tower_cli/handlers/main.yml new file mode 100644 index 000000000..0ce873648 --- /dev/null +++ b/roles/ansible_tower_cli/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for ansible_tower_cli diff --git a/roles/ansible_tower_cli/meta/main.yml b/roles/ansible_tower_cli/meta/main.yml new file mode 100644 index 000000000..41dd23720 --- /dev/null +++ b/roles/ansible_tower_cli/meta/main.yml @@ -0,0 +1,9 @@ +--- +galaxy_info: + author: openshift operations name + description: install ansible-tower-cli + company: Red Hat, inc + license: ASL 2.0 + min_ansible_version: 1.2 +dependencies: [] + diff --git a/roles/ansible_tower_cli/tasks/main.yml b/roles/ansible_tower_cli/tasks/main.yml new file mode 100644 index 000000000..adf02ddc6 --- /dev/null +++ b/roles/ansible_tower_cli/tasks/main.yml @@ -0,0 +1,3 @@ +--- +- name: Install python-ansible-tower-cli + yum: name=python-ansible-tower-cli diff --git a/roles/ansible_tower_cli/vars/main.yml b/roles/ansible_tower_cli/vars/main.yml new file mode 100644 index 000000000..a4c9abfb4 --- /dev/null +++ b/roles/ansible_tower_cli/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for ansible_tower_cli -- cgit v1.2.3 From 0364e2cc29ce4f83a770d5bf33f74388c71185b1 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Mon, 4 May 2015 12:50:41 -0400 Subject: Adding towercli config to /etc/tower --- roles/ansible_tower/tasks/main.yaml | 10 ++++++++++ roles/ansible_tower_cli/tasks/main.yml | 8 ++++++++ roles/ansible_tower_cli/templates/tower_cli.cfg.j2 | 5 +++++ 3 files changed, 23 insertions(+) create mode 100644 roles/ansible_tower_cli/templates/tower_cli.cfg.j2 (limited to 'roles') diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index a85ce7dcc..d27c48e6a 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -30,3 +30,13 @@ - name: Set (httpd_can_network_connect_db) flag on and keep it persistent across reboots seboolean: name=httpd_can_network_connect_db state=yes persistent=yes + +- name: Setup proot to allow access to /etc/tower/ + lineinfile: + dest: /etc/tower/settings.py + backrefs: yes + regexp: "^({{ item.option }})( *)=" + line: '\1\2 = {{ item.value }}' + with_items: config_changes | default([]) + + diff --git a/roles/ansible_tower_cli/tasks/main.yml b/roles/ansible_tower_cli/tasks/main.yml index adf02ddc6..65aa6bdf4 100644 --- a/roles/ansible_tower_cli/tasks/main.yml +++ b/roles/ansible_tower_cli/tasks/main.yml @@ -1,3 +1,11 @@ --- - name: Install python-ansible-tower-cli yum: name=python-ansible-tower-cli + +- template: + src: tower_cli.cfg.j2 + dest: /etc/tower/tower_cli.cfg + owner: awx + group: awx + mode: 0640 + diff --git a/roles/ansible_tower_cli/templates/tower_cli.cfg.j2 b/roles/ansible_tower_cli/templates/tower_cli.cfg.j2 new file mode 100644 index 000000000..5a0a275b0 --- /dev/null +++ b/roles/ansible_tower_cli/templates/tower_cli.cfg.j2 @@ -0,0 +1,5 @@ +[general] +host = {{ oo_towercli_host }} +username = {{ oo_towercli_username }} +password = {{ oo_towercli_password }} +verify_ssl = true -- cgit v1.2.3 From 52594518ceff4fb54d589dcab2c1d753af77cc89 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Tue, 5 May 2015 14:11:27 -0400 Subject: symlink added for ansible-tower-cli. Also fix to spacing issue for proot options --- roles/ansible_tower/tasks/main.yaml | 4 ++-- roles/ansible_tower_cli/tasks/main.yml | 7 +++++++ 2 files changed, 9 insertions(+), 2 deletions(-) (limited to 'roles') diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index d27c48e6a..c110a3b70 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -36,7 +36,7 @@ dest: /etc/tower/settings.py backrefs: yes regexp: "^({{ item.option }})( *)=" - line: '\1\2 = {{ item.value }}' - with_items: config_changes | default([]) + line: '\1\2= {{ item.value }}' + with_items: config_changes | default([], true) diff --git a/roles/ansible_tower_cli/tasks/main.yml b/roles/ansible_tower_cli/tasks/main.yml index 65aa6bdf4..41fac22a0 100644 --- a/roles/ansible_tower_cli/tasks/main.yml +++ b/roles/ansible_tower_cli/tasks/main.yml @@ -9,3 +9,10 @@ group: awx mode: 0640 +- file: + state: link + src: /etc/tower + dest: /etc/awx + owner: awx + group: awx + -- cgit v1.2.3