| commit | author | age | ||
| 6363e8 | 1 | = ocp-workshop standard config |
| S | 2 | |
| 16c4d7 | 3 | NOTE: AWS Instance Types of m5.* are known to fail. Use m4.* |
| JM | 4 | |
| 15654c | 5 | |
| 6363e8 | 6 | == Running Ansible Playbook |
| S | 7 | |
| acbd9a | 8 | * You can run the playbook with the following arguments to overwrite the default variable values: |
| S | 9 | + |
| 6363e8 | 10 | [source,bash] |
| S | 11 | ---- |
| acbd9a | 12 | # Generic Vars |
| 6363e8 | 13 | ENVTYPE="ocp-workshop" |
| acbd9a | 14 | GUID=ocpwtest1 |
| 6363e8 | 15 | |
| acbd9a | 16 | # Cloud Provider Settings |
| S | 17 | KEYNAME=ocpkey |
| 18 | REGION=ap-southeast-2 | |
| 19 | CLOUDPROVIDER=ec2 | |
| 20 | HOSTZONEID='Z3IHLWJZOU9SRT' | |
| 21 | BASESUFFIX='.example.opentlc.com' | |
| 22 | ||
| 23 | # OCP Vars | |
| 24 | NODE_COUNT=2 | |
| 25 | REPO_VERSION=3.11 | |
| 26 | OSRELEASE=3.11.16 | |
| 27 | ||
| 28 | ||
| 29 | ansible-playbook ansible/main.yml \ | |
| 30 | -e "guid=${GUID}" \ | |
| 31 | -e "env_type=${ENVTYPE}" \ | |
| 32 | -e "osrelease=${OSRELEASE}" \ | |
| 33 | -e "repo_version=${REPO_VERSION}" \ | |
| 34 | -e "cloud_provider=${CLOUDPROVIDER}" \ | |
| 35 | -e "aws_region=${REGION}" \ | |
| 36 | -e "HostedZoneId=${HOSTZONEID}" \ | |
| 37 | -e "key_name=${KEYNAME}" \ | |
| 6363e8 | 38 | -e "subdomain_base_suffix=${BASESUFFIX}" \ |
| acbd9a | 39 | -e "node_instance_count=2" \ |
| S | 40 | -e "email=name@example.com" -e"output_dir=/opt/workdir" -e"output_dir=/opt/workdir" -e@../secret.yml -vv |
| 41 | ||
| 42 | ||
| 43 | ---- | |
| 44 | ||
| 45 | NOTE: For 3.11 and above, you need to specify `redhat_registry_user` and `redhat_registry_password` it's recommended to keep those in your "secret.yml" file | |
| 46 | + | |
| 47 | ---- | |
| 48 | redhat_registry_user: "you_rhn_account@example.com" | |
| 49 | redhat_registry_password: "password_to_your_rhn_accunt_or_token" | |
| 50 | ---- | |
| 51 | ||
| 52 | * Additional Vars: | |
| 53 | + | |
| 54 | [source,bash] | |
| 55 | ---- | |
| 56 | -e "docker_version=1.13.1" \ | |
| 6363e8 | 57 | -e "bastion_instance_type=t2.large" -e "master_instance_type=c4.xlarge" \ |
| S | 58 | -e "infranode_instance_type=c4.4xlarge" -e "node_instance_type=c4.4xlarge" \ |
| 5e5a69 | 59 | -e "nfs_instance_type=m3.large" -e "node_instance_count=5" \ |
| acbd9a | 60 | -e "install_idm=htpasswd" |
| 5e5a69 | 61 | |
| S | 62 | ---- |
| 63 | ||
| acbd9a | 64 | |
| S | 65 | |
| 66 | === To Delete an environment | |
| 67 | ||
| 68 | [source,bash] | |
| c6075f | 69 | ---- |
| acbd9a | 70 | # Generic Vars |
| c6075f | 71 | ENVTYPE="ocp-workshop" |
| acbd9a | 72 | GUID=ocpwtest1 |
| S | 73 | |
| 74 | # Cloud Provider Settings | |
| 75 | REGION=ap-southeast-2 | |
| c6075f | 76 | CLOUDPROVIDER=ec2 |
| acbd9a | 77 | #To Destroy an Env |
| S | 78 | ansible-playbook ./ansible/configs/${ENVTYPE}/destroy_env.yml -e "aws_region=${REGION}" -e "guid=${GUID}" -e "env_type=${ENVTYPE}" -e "cloud_provider=${CLOUDPROVIDER}" -e@../secret.yml -vv |
| 5e5a69 | 79 | |
| c6075f | 80 | ---- |
| S | 81 | |
| 619d65 | 82 | === Advanced Development Workshop |
| 5e5a69 | 83 | [source,bash] |
| S | 84 | ---- |
| ec586c | 85 | REGION=us-east-1 |
| 5e5a69 | 86 | KEYNAME=ocpkey |
| ec586c | 87 | GUID=rdu |
| 5e5a69 | 88 | ENVTYPE="ocp-workshop" |
| S | 89 | CLOUDPROVIDER=ec2 |
| 90 | HOSTZONEID='Z186MFNM7DX4NF' | |
| 91 | REPO_PATH='https://admin.example.com/repos/ocp/3.5/' | |
| ec586c | 92 | DEPLOYER_REPO_PATH=/opt/ansible_agnostic_deployer/ansible |
| 5e5a69 | 93 | BASESUFFIX='.openshift.opentlc.com' |
| S | 94 | REPO_VERSION=3.5 |
| 400a88 | 95 | ansible-playbook ${DEPLOYER_REPO_PATH}/main.yml \ |
| GC | 96 | -e "guid=${GUID}" \ |
| 97 | -e "env_type=${ENVTYPE}" \ | |
| 5e5a69 | 98 | -e "cloud_provider=${CLOUDPROVIDER}" -e "aws_region=${REGION}" \ |
| S | 99 | -e "HostedZoneId=${HOSTZONEID}" -e "key_name=${KEYNAME}" \ |
| 100 | -e "subdomain_base_suffix=${BASESUFFIX}" \ | |
| ec586c | 101 | -e "bastion_instance_type=t2.large" -e "master_instance_type=c4.xlarge" \ |
| WK | 102 | -e "infranode_instance_type=c4.4xlarge" -e "node_instance_type=c4.4xlarge" \ |
| ce1606 | 103 | -e "nfs_instance_type=t2.large" -e "node_instance_count=${NODE_COUNT}" \ |
| ae6f44 | 104 | -e "install_idm=htpasswd" -e "software_to_deploy=openshift" \ |
| d9abab | 105 | -e "email=name@example.com" \ |
| 281c84 | 106 | -e "own_repo_path=${REPO_PATH}" -e"repo_method=rhn" -e"ANSIBLE_REPO_PATH=${DEPLOYER_REPO_PATH}" \ |
| ce1606 | 107 | -e "osrelease=3.5.5.31" -e "repo_version=${REPO_VERSION}" -e "docker_version=1.12.6" \ |
| S | 108 | --skip-tags=remove_self_provisioners,opentlc-integration |
| 6363e8 | 109 | ---- |
| S | 110 | |
| 54ae64 | 111 | === IPA registration |
| GC | 112 | |
| 113 | You can either provide `ipa_host_password` or a couple `ipa_kerberos_user`/`ipa_kerberos_password` to register the host to the ipa server. See link:../../roles/bastion-opentlc-ipa[roles/bastion-opentlc-ipa]. | |
| 114 | ||
| 77341c | 115 | === CNS/Glusterfs |
| GC | 116 | |
| 117 | If you set this variable, 3 support nodes will be deployed and used for glusterfs: | |
| 118 | ||
| 119 | ---- | |
| 120 | -e install_glusterfs=true | |
| 121 | ---- | |
| 122 | ||
| 123 | NOTE: This will discard NFS PVs for logging (elasticsearch) and metrics (cassandra). Instead storage for those pods will be 'EmptyDir'. Proper persistent storage setup is left to user as a post-install step. | |
| 124 | ||
| 1b9b50 | 125 | Tested on OCP 3.7. See examples in `tools/examples` |
| 77341c | 126 | |
| 619d65 | 127 | === Scale Up |
| dc0234 | 128 | Use the `scaleup.yml` playbook. Increase `node_instance_count` and `new_node_instance_count` accordingly. For example, if your previous `node_instance_count` was 2: |
| GC | 129 | [source,bash] |
| e93dc8 | 130 | ---- |
| S | 131 | REGION=us-west-1 |
| 132 | KEYNAME=ocpkey | |
| 133 | GUID=na1 | |
| 134 | ENVTYPE="ocp-workshop" | |
| 135 | CLOUDPROVIDER=ec2 | |
| 136 | HOSTZONEID='Z186MFNM7DX4NF' | |
| 137 | REPO_PATH='https://admin.example.com/repos/ocp/3.5/' | |
| dc0234 | 138 | MINOR_VERSION="3.5.5.15" |
| GC | 139 | INSTALLIPA=false |
| e93dc8 | 140 | BASESUFFIX='.openshift.opentlc.com' |
| S | 141 | REPO_VERSION=3.5 |
| dc0234 | 142 | NODE_COUNT=4 |
| GC | 143 | NEW_NODE_COUNT=2 |
| 400a88 | 144 | ansible-playbook ./configs/${ENVTYPE}/scaleup.yml \ |
| 281c84 | 145 | -e "ANSIBLE_REPO_PATH=${DEPLOYER_REPO_PATH}" \ |
| dc0234 | 146 | -e "HostedZoneId=${HOSTZONEID}" \ |
| GC | 147 | -e "bastion_instance_type=t2.large" \ |
| 148 | -e "cloud_provider=${CLOUDPROVIDER}" \ | |
| 149 | -e "guid=${GUID}" \ | |
| 9754fb | 150 | -e "infranode_instance_type=m4.4xlarge" \ |
| dc0234 | 151 | -e "install_idm=htpasswd" \ |
| 9754fb | 152 | -e user_password=PASSWORD \ |
| GC | 153 | -e admin_password=PASSWORD \ |
| 154 | -e admin_user=admin \ | |
| dc0234 | 155 | -e "install_ipa_client=${INSTALLIPA}" \ |
| GC | 156 | -e "nfs_instance_type=m3.large" \ |
| 157 | -e "osrelease=${MINOR_VERSION}" \ | |
| 158 | -e "own_repo_path=${REPO_PATH}" \ | |
| d9abab | 159 | -e "email=name@example.com" \ |
| dc0234 | 160 | -e "repo_method=file" \ |
| GC | 161 | -e "subdomain_base_suffix=${BASESUFFIX}" \ |
| 162 | --skip-tags=remove_self_provisioners,install_zabbix \ | |
| 163 | -e "aws_region=${REGION}" \ | |
| 164 | -e "docker_version=1.12.6" \ | |
| 165 | -e "env_type=${ENVTYPE}" \ | |
| 166 | -e "key_name=${KEYNAME}" \ | |
| 9754fb | 167 | -e "master_instance_type=m4.xlarge" \ |
| dc0234 | 168 | -e "node_instance_count=${NODE_COUNT}" \ |
| GC | 169 | -e "new_node_instance_count=${NEW_NODE_COUNT}" \ |
| 170 | -e "node_instance_type=c4.4xlarge" \ | |
| 171 | -e "repo_version=${REPO_VERSION}" | |
| e93dc8 | 172 | ---- |
| 619d65 | 173 | |
| acbd9a | 174 | |
| S | 175 | |
| 176 | === Add new users on the bastion | |
| 177 | ||
| 178 | For managing users on the bastion, you can override the `mgr_users` variable. The default is located in `{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/mgr_users.yml`, and looks like : | |
| 179 | ||
| 180 | .Default mgr_users.yml | |
| 181 | [source,yaml] | |
| 6363e8 | 182 | ---- |
| acbd9a | 183 | mgr_users: |
| S | 184 | - name: opentlc-mgr |
| 185 | home: /home/opentlc-mgr | |
| 186 | authorized_keys: | |
| 187 | - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4OojwKH74UWVOY92y87Tb/b56CMJoWbz2gyEYsr3geOc2z/n1pXMwPfiC2KT7rALZFHofc+x6vfUi6px5uTm06jXa78S7UB3MX56U3RUd8XF3svkpDzql1gLRbPIgL1h0C7sWHfr0K2LG479i0nPt/X+tjfsAmT3nWj5PVMqSLFfKrOs6B7dzsqAcQPInYIM+Pqm/pXk+Tjc7cfExur2oMdzx1DnF9mJaj1XTnMsR81h5ciR2ogXUuns0r6+HmsHzdr1I1sDUtd/sEVu3STXUPR8oDbXBsb41O5ek6E9iacBJ327G3/1SWwuLoJsjZM0ize+iq3HpT1NqtOW6YBLR opentlc-mgr@inf00-mwl.opentlc.com | |
| 188 | ---- | |
| 189 | ||
| 190 | You can, for example, want to add another user. For that just override the variable in `env_secret_vars.yml`: | |
| 191 | ||
| 192 | .managing users ("Secret" Vars file or Env Vars file) | |
| 193 | [source,yaml] | |
| 194 | ---- | |
| 195 | mgr_users: | |
| 196 | - name: opentlc-mgr | |
| 197 | home: /home/opentlc-mgr | |
| 198 | authorized_keys: | |
| 199 | - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4OojwKH74UWVOY92y87Tb/b56CMJoWbz2gyEYsr3geOc2z/n1pXMwPfiC2KT7rALZFHofc+x6vfUi6px5uTm06jXa78S7UB3MX56U3RUd8XF3svkpDzql1gLRbPIgL1h0C7sWHfr0K2LG479i0nPt/X+tjfsAmT3nWj5PVMqSLFfKrOs6B7dzsqAcQPInYIM+Pqm/pXk+Tjc7cfExur2oMdzx1DnF9mJaj1XTnMsR81h5ciR2ogXUuns0r6+HmsHzdr1I1sDUtd/sEVu3STXUPR8oDbXBsb41O5ek6E9iacBJ327G3/1SWwuLoJsjZM0ize+iq3HpT1NqtOW6YBLR opentlc-mgr@inf00-mwl.opentlc.com | |
| 200 | - name: fridim | |
| 201 | home: /home/fridim | |
| 202 | authorized_keys: | |
| 203 | - https://github.com/fridim.keys | |
| 6363e8 | 204 | ---- |
