RedHatTraining/agnosticd.git

Add agnosticd_user_info for ocp4_workshop (#1320)

Johnathan Kupferer

2020-03-16 4663a06ee72eadd3be41cddbeb539ef3f462ee8a

commit \| author \| age
1874b6	1	---
GC	2	- name: Step 00xxxxx software
	3	hosts: bastions
	4	gather_facts: false
	5	become: false
	6	tasks:
	7	- when: install_ocp4 \| bool
	8	tags:
	9	- install_openshift
	10	block:
	11	- name: Create deployinprogress file
	12	file:
	13	path: /tmp/deployinprogress
	14	state: touch
	15
	16	- name: Get awscli bundle
	17	get_url:
	18	url: https://s3.amazonaws.com/aws-cli/awscli-bundle.zip
	19	dest: /tmp/awscli-bundle.zip
	20
	21	- name: Unzip awscli-bundle.zip
	22	unarchive:
	23	src: /tmp/awscli-bundle.zip
	24	dest: /tmp/
	25	remote_src: yes
	26
	27	- name: Install awscli
5b4c35	28	become: yes
1874b6	29	command: /tmp/awscli-bundle/install -i /usr/local/aws -b /bin/aws
GC	30	args:
	31	creates: /usr/local/aws
	32
	33	- name: cleanup archive and tmp files
	34	file:
	35	path: "{{ item }}"
	36	state: absent
	37	loop:
	38	- /tmp/awscli-bundle
	39	- /tmp/awscli-bundle.zip
	40
	41	- name: Create .aws directory
	42	file:
	43	path: ~/.aws
	44	state: directory
	45
	46	- name: Add aws credentials
	47	blockinfile:
	48	path: ~/.aws/credentials
	49	block: \|-
	50	[default]
	51	aws_access_key_id = {{ hostvars.localhost.student_access_key_id }}
	52	aws_secret_access_key = {{ hostvars.localhost.student_secret_access_key }}
	53
0b5cc4	54	# For GA Releases
WK	55	- name: Set URLs for OpenShift GA releases
	56	when: not ocp4_installer_use_dev_preview \| d(False) \| bool
	57	set_fact:
	58	ocp4_installer_url: "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/{{ ocp4_installer_version }}/openshift-install-linux-{{ ocp4_installer_version }}.tar.gz"
	59	ocp4_client_url: "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/{{ ocp4_installer_version }}/openshift-client-linux-{{ ocp4_installer_version }}.tar.gz"
	60
8df23a	61	- name: Get the OpenShift Installer
1874b6	62	become: yes
db9adc	63	unarchive:
0b5cc4	64	src: "{{ ocp4_installer_url}} "
db9adc	65	remote_src: yes
WK	66	dest: /usr/bin
	67	mode: 0755
1874b6	68	owner: root
GC	69	group: root
	70
8df23a	71	- name: Get the OpenShift CLI
1874b6	72	become: yes
GC	73	unarchive:
0b5cc4	74	src: "{{ ocp4_client_url }}"
1874b6	75	remote_src: yes
GC	76	dest: /usr/bin
	77	mode: 0775
	78	owner: root
	79	group: root
	80
	81	- name: Generate SSH keys
	82	shell: ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ""
	83	args:
	84	creates: ~/.ssh/id_rsa
	85
	86	- name: Generate SSH pub key
	87	shell: ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
	88	args:
	89	creates: ~/.ssh/id_rsa.pub
	90
	91	- name: Slurp public key
	92	slurp:
	93	path: /home/{{ ansible_user }}/.ssh/id_rsa.pub
	94	register: idrsapub
	95
	96	- name: Create cluster directory
	97	file:
	98	path: /home/{{ ansible_user }}/{{ cluster_name }}
	99	state: directory
	100
8df23a	101	- name: Check if version specific install-config.j2 exists
WK	102	stat:
1874b6	103	path: files/install-config.yaml.{{ ocp4_installer_version }}.j2
GC	104	register: rconfig
	105	delegate_to: localhost
	106
	107	- name: Use version-specific template for install-config-yaml
	108	set_fact:
	109	install_config_template_path: files/install-config.yaml.{{ ocp4_installer_version }}.j2
	110	when: rconfig.stat.exists
	111
	112	- name: Use default template for install-config-yaml
	113	set_fact:
	114	install_config_template_path: files/install-config.yaml.j2
	115	when: not rconfig.stat.exists
	116
	117	- name: Generate config install-config.yaml
	118	template:
	119	src: "{{ install_config_template_path }}"
	120	dest: /home/{{ ansible_user }}/{{ cluster_name }}/install-config.yaml
	121
	122	- name: Run the installer
	123	tags:
	124	- run_installer
	125	command: openshift-install create cluster --dir=/home/{{ ansible_user }}/{{ cluster_name }}
982ecd	126	async: "{{ 2 * 60 * 60 }}"
1874b6	127
GC	128	- name: Fetch kube config
	129	fetch:
	130	flat: yes
	131	src: /home/{{ ansible_user }}/{{ cluster_name }}/auth/{{ item }}
	132	dest: "{{ hostvars.localhost.output_dir }}/{{ env_type }}_{{ guid }}_{{ item }}"
	133	loop:
	134	- kubeconfig
	135	- kubeadmin-password
	136
	137	- name: Make sure .kube directory exists in home directory
	138	file:
	139	state: directory
	140	path: "/home/{{ ansible_user }}/.kube"
	141	owner: "{{ ansible_user }}"
	142	mode: 0775
	143
	144	- name: Set up .kube/config
	145	copy:
	146	remote_src: yes
	147	src: "/home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeconfig"
	148	dest: "/home/{{ ansible_user }}/.kube/config"
	149
ae9072	150	- name: Make sure .kube directory exists in /root
GC	151	file:
	152	state: directory
	153	path: /root/.kube
	154	owner: root
	155	mode: 0700
	156	become: yes
	157
	158	- name: Set up .kube/config for root
	159	copy:
	160	remote_src: yes
	161	src: "/home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeconfig"
	162	dest: /root/.kube/config
	163	become: yes
	164
1874b6	165	- name: Get kubeadmin password
GC	166	slurp:
	167	path: /home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeadmin-password
	168	register: kubeadminr
	169
	170	- name: Get console route
	171	environment:
	172	KUBECONFIG: /home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeconfig
	173	command: oc get route -n openshift-console console -o json
	174	register: routeconsole
	175	retries: 10
	176	delay: 30
	177	until: routeconsole is succeeded
	178	ignore_errors: yes
	179
dea0a9	180	# Adjust for clusters with just one worker. Default is two routers with antiAffinity rules.
WK	181	# Which means that one router is pending. This doesn't work with Certificates
	182	- name: Set number of Ingress Controller replicas to 1 if only one worker node deployed
	183	when: worker_instance_count == 1
	184	environment:
	185	KUBECONFIG: /home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeconfig
	186	shell: "oc patch ingresscontroller default --type=merge --patch='{\"spec\": { \"replicas\": 1 }}' -n openshift-ingress-operator"
	187	ignore_errors: yes
	188
1874b6	189	- name: Set webconsole address
GC	190	set_fact:
	191	webconsole: "http://{{ routeconsole.stdout \| from_json \| json_query('spec.host') }}"
	192	when: routeconsole is succeeded
	193
	194	# sometimes the route is not ready, guess it
	195	- name: Guess webconsole address
	196	set_fact:
	197	webconsole: "http://console-openshift-console.apps.{{ cluster_name }}.{{ guid }}.{{ subdomain_base }}"
	198	when: routeconsole is failed
	199
	200	- name: Get API for command line
	201	environment:
	202	KUBECONFIG: /home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeconfig
	203	command: oc whoami --show-server
4663a0	204	register: r_showserver
1874b6	205
GC	206	- name: Print Overview
4663a0	207	agnosticd_user_info:
1874b6	208	msg: "{{ item }}"
4663a0	209	loop:
JK	210	- "Openshift Master Console: {{ webconsole }}"
	211	- "Openshift API for command line 'oc' client: {{ r_showserver.stdout \| trim }}"
	212	- "Download oc client from {{ ocp4_client_url }}"
	213
	214	- name: Print Overview
	215	agnosticd_user_info:
	216	data:
	217	openshift_console_url: "{{ webconsole }}"
	218	openshift_api_url: "{{ r_showserver.stdout \| trim }}"
	219	openshift_client_download_url: "{{ ocp4_client_url }}"
1874b6	220
GC	221	- name: Output htpasswd
4663a0	222	agnosticd_user_info:
JK	223	msg: "This cluster has authentication enabled. You can use '{{ admin_user }}' with password '{{ admin_password }}' to access your cluster"
	224	data:
	225	openshift_admin_user: "{{ admin_user }}"
	226	openshift_admin_password: "{{ admin_password }}"
1874b6	227	when:
GC	228	- admin_password is defined
	229	- install_idm == "htpasswd"
	230
	231	- name: Output kubeadmin
4663a0	232	agnosticd_user_info:
JK	233	msg: "Kubeadmin user / password: kubeadmin / {{ kubeadminr.content \| b64decode }}"
	234	data:
	235	openshift_kubeadmin_password: "{{ kubeadminr.content \| b64decode }}"
1874b6	236	when: >-
GC	237	install_idm is not defined
	238	or install_idm != "htpasswd"
	239
	240	- name: Print SSH warning
4663a0	241	agnosticd_user_info:
1874b6	242	msg: "{{ item }}"
4663a0	243	loop:
JK	244	- ""
	245	- "You CANNOT SSH into this environment"
1874b6	246	when: not install_student_user \| bool
GC	247
	248	always:
	249	- name: Delete deployinprogress lock file
	250	file:
	251	path: /tmp/deployinprogress
	252	state: absent
	253
	254	- name: Step 00xxxxx software
	255	hosts: localhost
	256	gather_facts: false
	257	become: false
	258	tasks:
bf4161	259	# NOT Pre-installed
4663a0	260	- when:
1874b6	261	- not install_ocp4 \| bool
GC	262	- student_access_key_id is defined
	263	- student_secret_access_key is defined
4663a0	264	block:
JK	265	- name: Print Student aws access as user.info
	266	agnosticd_user_info:
	267	msg: "{{ item }}"
	268	loop:
	269	- "Top level domain: {{ subdomain_base_suffix }}"
	270	- ""
	271	- "WARNING: with great power comes great responsibility. We monitor usage."
	272	- "Your AWS programmatic access:"
	273	- "aws_access_key_id = {{ student_access_key_id }}"
	274	- "aws_secret_access_key = {{ student_secret_access_key }}"
	275
	276	- name: Set aws access user data
	277	agnosticd_user_info:
	278	data:
	279	subdomain_base_suffix: "{{ subdomain_base_suffix }}"
	280	aws_access_key_id: "{{ student_access_key_id }}"
	281	aws_secret_access_key: "{{ student_secret_access_key }}"
1874b6	282
21532b	283	- when:
1874b6	284	- install_student_user \| bool
GC	285	- student_name is defined
b348a4	286	- student_password is defined or hostvars[groups.bastions.0].student_password is defined
21532b	287	block:
GC	288	- name: Print Student SSH access as user.info
4663a0	289	agnosticd_user_info:
21532b	290	msg: "{{ item }}"
4663a0	291	data:
JK	292	student_ssh_command: >-
	293	ssh {{ student_name }}@bastion.{{ guid }}{{ subdomain_base_suffix }}
	294	loop:
	295	- ""
	296	- "SSH Access: ssh {{ student_name }}@bastion.{{ guid }}{{ subdomain_base_suffix }}"
21532b	297
GC	298	- name: Print Student SSH password as user.info
4663a0	299	agnosticd_user_info:
JK	300	msg: "SSH password: {{ student_ssh_password }}"
	301	data:
	302	student_ssh_password: "{{ student_ssh_password }}"
	303	vars:
	304	student_ssh_password: >-
	305	{{ student_password \| default(hostvars[groups.bastions.0].student_password) }}
21532b	306	when: print_student_password \| default(true) \| bool