---
|
- name: Step 002 Post Infrastructure
|
hosts: localhost
|
connection: local
|
become: false
|
vars_files:
|
- "./env_vars.yml"
|
- "./env_secret_vars.yml"
|
tags:
|
- step002
|
- post_infrastructure
|
tasks:
|
|
- name: Job Template to launch a Job Template with update on launch inventory set
|
uri:
|
url: "https://{{ ansible_tower_ip }}/api/v1/job_templates/{{ job_template_id }}/launch/"
|
method: POST
|
user: "{{ tower_admin }}"
|
password: "{{ tower_admin_password }}"
|
body:
|
extra_vars:
|
guid: "{{guid}}"
|
ipa_host_password: "{{ ipa_host_password }}"
|
|
body_format: json
|
validate_certs: False
|
HEADER_Content-Type: "application/json"
|
status_code: 200, 201
|
when: tower_run == 'true'
|
|
- name: customizization entry point for labs
|
hosts: control_nodes
|
gather_facts: false
|
|
tasks:
|
|
- name: test clone to control host
|
git:
|
repo: https://github.com/tonykay/bad-ansible.git
|
dest: /tmp
|
|
- name: create our own ansible agnostic deployer inventory
|
hosts: localhost
|
connection: local
|
gather_facts: false
|
become: false
|
vars_files:
|
- "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_vars.yml"
|
- "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_secret_vars.yml"
|
tags:
|
- step001
|
- pre_infrastructure
|
- generate_env_keys
|
|
tasks:
|
- name: get rid of linklight deployers hostvars
|
set_fact:
|
hostvars: ""
|
|
- name: Gather EC2 facts
|
ec2_instance_facts:
|
aws_access_key: "{{ aws_access_key_id }}"
|
aws_secret_key: "{{ aws_secret_access_key }}"
|
region: "{{ aws_region_final|d(aws_region) | default(region) | default('us-east-1')}}"
|
filters:
|
instance-state-name: running
|
"tag:Workshop": "{{ guid }}"
|
register: ec2_facts
|
|
- name: print our new instances
|
debug:
|
msg: "instance short name is: {{ item.tags.short_name }}"
|
# var: item
|
with_items: "{{ ec2_facts['instances'] }}"
|
verbosity: 2
|
|
- name: print our bastion when found
|
debug:
|
msg: "found BASTION {{ item.id }}"
|
when: item.tags.short_name == 'ansible'
|
with_items: "{{ ec2_facts['instances'] }}"
|
verbosity: 2
|
|
- name: Ensure Project and AnsibleGroup tags are present on all resources
|
ec2_tag:
|
region: "{{ aws_region_final|d(aws_region) | default(region) | default('us-east-1') }}"
|
resource: "{{ item.id }}"
|
state: present
|
tags:
|
Project: "{{ env_type }}-{{ guid }}"
|
AnsibleGroup: "all"
|
with_items: "{{ ec2_facts['instances'] }}"
|
|
- name: tag bastion hosts with the bastion group tag
|
ec2_tag:
|
region: "{{ aws_region_final | d(aws_region) | d(region) | d('us-east-1') }}"
|
resource: "{{ item.id }}"
|
state: present
|
tags:
|
Project: "{{ env_type }}-{{ guid }}"
|
AnsibleGroup: "bastions"
|
when: item.tags.short_name == 'ansible'
|
with_items: "{{ec2_facts['instances']}}"
|
|
- name: Run infra-ec2-create-inventory Role
|
include_role:
|
name: "{{ ANSIBLE_REPO_PATH }}/roles-infra/infra-ec2-create-inventory"
|
|
- name: Run Common SSH Config Generator Role
|
include_role:
|
name: "{{ANSIBLE_REPO_PATH}}/roles-infra/infra-common-ssh-config-generate"
|
|
- name: ssh workaround thing
|
hosts: all
|
connection: local
|
become: false
|
vars_files:
|
- "./env_vars.yml"
|
- "./env_secret_vars.yml"
|
tags:
|
- step002
|
- post_infrastructure
|
tasks:
|
|
- name: set facts for remote access
|
set_fact:
|
ansible_ssh_extra_args: "{{ ansible_ssh_extra_args|d() }} -F {{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf"
|
