commit | author | age
|
1d2130
|
1 |
--- |
S |
2 |
- name: Step 00xxxxx software |
3c6889
|
3 |
hosts: bastions |
GC |
4 |
gather_facts: false |
1d2130
|
5 |
become: false |
S |
6 |
tasks: |
3c6889
|
7 |
- when: install_ocp4 | bool |
50f3d5
|
8 |
tags: |
WK |
9 |
- install_openshift |
3c6889
|
10 |
block: |
1c8419
|
11 |
- name: Create deployinprogress file |
GC |
12 |
file: |
|
13 |
path: /tmp/deployinprogress |
|
14 |
state: touch |
|
15 |
|
3c6889
|
16 |
- name: Get awscli bundle |
GC |
17 |
get_url: |
|
18 |
url: https://s3.amazonaws.com/aws-cli/awscli-bundle.zip |
|
19 |
dest: /tmp/awscli-bundle.zip |
1d2130
|
20 |
|
3c6889
|
21 |
- name: Unzip awscli-bundle.zip |
GC |
22 |
unarchive: |
|
23 |
src: /tmp/awscli-bundle.zip |
|
24 |
dest: /tmp/ |
|
25 |
remote_src: yes |
|
26 |
|
|
27 |
- name: Install awscli |
|
28 |
command: /tmp/awscli-bundle/install -i /usr/local/aws -b /bin/aws |
|
29 |
args: |
|
30 |
creates: /usr/local/aws |
|
31 |
become: yes |
|
32 |
|
|
33 |
- name: cleanup archive and tmp files |
|
34 |
file: |
|
35 |
path: "{{ item }}" |
|
36 |
state: absent |
|
37 |
loop: |
|
38 |
- /tmp/awscli-bundle |
|
39 |
- /tmp/awscli-bundle.zip |
|
40 |
|
|
41 |
- name: Create .aws directory |
|
42 |
file: |
|
43 |
path: ~/.aws |
|
44 |
state: directory |
|
45 |
|
|
46 |
- name: Add aws credentials |
|
47 |
blockinfile: |
|
48 |
path: ~/.aws/credentials |
|
49 |
block: |- |
|
50 |
[default] |
53992b
|
51 |
aws_access_key_id = {{ hostvars.localhost.student_access_key_id }} |
GC |
52 |
aws_secret_access_key = {{ hostvars.localhost.student_secret_access_key }} |
3c6889
|
53 |
|
GC |
54 |
- name: Install Packages |
|
55 |
become: yes |
|
56 |
package: |
|
57 |
name: |
|
58 |
- golang |
|
59 |
- python2-boto3 |
|
60 |
- unzip |
|
61 |
|
|
62 |
- name: Get OS (var) |
|
63 |
shell: "/usr/bin/go env GOOS" |
|
64 |
register: GOOS_VAR |
|
65 |
|
|
66 |
- name: Get Arch (var) |
|
67 |
shell: "/usr/bin/go env GOARCH" |
|
68 |
register: GOARCH_VAR |
|
69 |
|
|
70 |
- name: Get the OpenShift Installer |
|
71 |
become: yes |
|
72 |
get_url: |
|
73 |
url: "https://github.com/openshift/installer/releases/download/{{ ocp4_installer_version }}/openshift-install-{{ GOOS_VAR.stdout }}-{{ GOARCH_VAR.stdout }}" |
ee1e92
|
74 |
dest: /usr/bin/openshift-install |
3c6889
|
75 |
mode: 0775 |
GC |
76 |
owner: root |
|
77 |
group: root |
|
78 |
|
|
79 |
- name: Get the OpenShift CLI |
|
80 |
become: yes |
|
81 |
unarchive: |
|
82 |
src: "https://mirror.openshift.com/pub/openshift-v3/clients/{{ oc_client_version }}/linux/oc.tar.gz" |
|
83 |
remote_src: yes |
ee1e92
|
84 |
dest: /usr/bin |
3c6889
|
85 |
mode: 0775 |
GC |
86 |
owner: root |
|
87 |
group: root |
|
88 |
|
|
89 |
- name: Generate SSH keys |
|
90 |
shell: ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N "" |
|
91 |
args: |
|
92 |
creates: ~/.ssh/id_rsa |
|
93 |
|
|
94 |
- name: Generate SSH pub key |
|
95 |
shell: ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub |
|
96 |
args: |
|
97 |
creates: ~/.ssh/id_rsa.pub |
|
98 |
|
41fa25
|
99 |
- name: Slurp public key |
GC |
100 |
slurp: |
|
101 |
path: /home/{{ ansible_user }}/.ssh/id_rsa.pub |
|
102 |
register: idrsapub |
|
103 |
|
|
104 |
- name: Create cluster directory |
|
105 |
file: |
a8bf4e
|
106 |
path: /home/{{ ansible_user }}/{{ cluster_name }} |
41fa25
|
107 |
state: directory |
GC |
108 |
|
2fa6d3
|
109 |
- stat: |
GC |
110 |
path: files/install-config.yaml.{{ ocp4_installer_version }}.j2 |
|
111 |
register: rconfig |
|
112 |
delegate_to: localhost |
|
113 |
|
|
114 |
- name: Use version-specific template for install-config-yaml |
|
115 |
set_fact: |
|
116 |
install_config_template_path: files/install-config.yaml.{{ ocp4_installer_version }}.j2 |
|
117 |
when: rconfig.stat.exists |
|
118 |
|
|
119 |
- name: Use default template for install-config-yaml |
|
120 |
set_fact: |
|
121 |
install_config_template_path: files/install-config.yaml.j2 |
|
122 |
when: not rconfig.stat.exists |
|
123 |
|
ddb412
|
124 |
- name: Generate config install-config.yaml |
41fa25
|
125 |
template: |
2fa6d3
|
126 |
src: "{{ install_config_template_path }}" |
a8bf4e
|
127 |
dest: /home/{{ ansible_user }}/{{ cluster_name }}/install-config.yaml |
41fa25
|
128 |
|
GC |
129 |
- name: Run the installer |
6260e6
|
130 |
tags: |
WK |
131 |
- run_installer |
|
132 |
command: openshift-install create cluster --dir=/home/{{ ansible_user }}/{{ cluster_name }} |
6c3e38
|
133 |
|
GC |
134 |
- name: Fetch kube config |
|
135 |
fetch: |
|
136 |
flat: yes |
a8bf4e
|
137 |
src: /home/{{ ansible_user }}/{{ cluster_name }}/auth/{{ item }} |
6c3e38
|
138 |
dest: "{{ hostvars.localhost.output_dir }}/{{ env_type }}_{{ guid }}_{{ item }}" |
GC |
139 |
loop: |
|
140 |
- kubeconfig |
|
141 |
- kubeadmin-password |
|
142 |
|
b2ad60
|
143 |
- name: Make sure .kube directory exists in home directory |
WK |
144 |
file: |
|
145 |
state: directory |
|
146 |
path: "/home/{{ ansible_user }}/.kube" |
|
147 |
owner: "{{ ansible_user }}" |
|
148 |
mode: 0775 |
|
149 |
|
|
150 |
- name: Set up .kube/config |
|
151 |
copy: |
|
152 |
remote_src: yes |
|
153 |
src: "/home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeconfig" |
|
154 |
dest: "/home/{{ ansible_user }}/.kube/config" |
|
155 |
|
6c3e38
|
156 |
- name: Get kubeadmin password |
GC |
157 |
slurp: |
a8bf4e
|
158 |
path: /home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeadmin-password |
6c3e38
|
159 |
register: kubeadminr |
GC |
160 |
|
|
161 |
- name: Get console route |
|
162 |
environment: |
a8bf4e
|
163 |
KUBECONFIG: /home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeconfig |
6c3e38
|
164 |
command: oc get route -n openshift-console console -o json |
GC |
165 |
register: routeconsole |
d0f742
|
166 |
retries: 10 |
6d23a2
|
167 |
delay: 30 |
GC |
168 |
until: routeconsole is succeeded |
|
169 |
ignore_errors: yes |
e27b5f
|
170 |
# tags: post_flight_check |
6d23a2
|
171 |
|
GC |
172 |
- name: Set webconsole address |
|
173 |
set_fact: |
|
174 |
webconsole: "http://{{ routeconsole.stdout | from_json | json_query('spec.host') }}" |
|
175 |
when: routeconsole is succeeded |
e27b5f
|
176 |
# tags: post_flight_check |
6d23a2
|
177 |
|
GC |
178 |
# sometimes the route is not ready, guess it |
|
179 |
- name: Guess webconsole address |
|
180 |
set_fact: |
a8bf4e
|
181 |
webconsole: "http://console-openshift-console.apps.{{ cluster_name }}.{{ guid }}.{{ subdomain_base }}" |
6d23a2
|
182 |
when: routeconsole is failed |
e27b5f
|
183 |
# tags: post_flight_check |
6c3e38
|
184 |
|
72d7f0
|
185 |
- name: Get API for command line |
GC |
186 |
environment: |
a8bf4e
|
187 |
KUBECONFIG: /home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeconfig |
72d7f0
|
188 |
command: oc whoami --show-server |
GC |
189 |
register: showserver |
e27b5f
|
190 |
# tags: post_flight_check |
72d7f0
|
191 |
|
6c3e38
|
192 |
- name: Print Overview |
GC |
193 |
debug: |
|
194 |
msg: "{{ item }}" |
|
195 |
with_items: |
|
196 |
- "user.info: Kubeadmin user / password: kubeadmin / {{ kubeadminr.content | b64decode }}" |
6d23a2
|
197 |
- "user.info: Openshift Master Console: {{ webconsole }}" |
72d7f0
|
198 |
- "user.info: Openshift API for command line 'oc' client: {{ showserver.stdout | trim }}" |
06aaa8
|
199 |
- "user.info: Download oc client from https://mirror.openshift.com/pub/openshift-v3/clients/{{ oc_client_version }}" |
e8326c
|
200 |
- "user.info: " |
GC |
201 |
- "user.info: You *CANNOT* SSH into this environment" |
53992b
|
202 |
|
1c8419
|
203 |
always: |
bf6219
|
204 |
- name: Delete deployinprogress lock file |
1c8419
|
205 |
file: |
GC |
206 |
path: /tmp/deployinprogress |
|
207 |
state: absent |
|
208 |
|
c6f7e1
|
209 |
- name: Step 00xxxxx software |
GC |
210 |
hosts: localhost |
|
211 |
gather_facts: false |
|
212 |
become: false |
|
213 |
tasks: |
53992b
|
214 |
# NOT Pre-installed |
c6f7e1
|
215 |
- name: Print Student aws access as user.info |
GC |
216 |
debug: |
|
217 |
msg: "{{ item }}" |
|
218 |
with_items: |
396c66
|
219 |
- "user.info: WARNING: with great power comes great responsibility. We monitor usage." |
a5abcc
|
220 |
- "user.info: Your AWS programmatic access:" |
GC |
221 |
- "user.info: aws_access_key_id = {{ student_access_key_id }}" |
|
222 |
- "user.info: aws_secret_access_key = {{ student_secret_access_key }}" |
67da7d
|
223 |
- "user.info: " |
2ea7cb
|
224 |
- "user.info: SSH Access: ssh {{ student_name }}@bastion.{{ guid }}{{ subdomain_base_suffix }}" |
GC |
225 |
- "user.info: SSH password: {{ student_password }}" |
c6f7e1
|
226 |
when: |
GC |
227 |
- not install_ocp4 | bool |
|
228 |
- student_access_key_id is defined |
|
229 |
- student_secret_access_key is defined |