ansible/configs/ocp-clientvm/README.adoc
@@ -1,5 +1,10 @@ = OCP Client VM (ocp-clientvm) This config will deploy a simple RHEL VM to multiple cloud providers. You can choose the cloud provider by passing in the `cloud_provider` var. You can choose the version of RHEL by specifying the `clientvm_instance_image` var. Other things and tools will be installed as well, which may make your life easier. == Running Ansible Playbook * You can run the playbook with the following arguments to overwrite the default variable values: ansible/configs/ocp-clientvm/default_vars.yml
@@ -19,7 +19,6 @@ install_ruby: false install_3scale: false # Software Versions: # Specified in ocp-client-vm role defaults. Can be overridden with specific # versions if necessary @@ -84,7 +83,9 @@ tower_run: false ### Common Host settings repo_method: file # Other Options are: file, satellite and rhn # If you are doing RHEL 8 client VM, you must use the satellite method # Other Options are: file, satellite, and rhn repo_method: file # Do you want to run a full yum update update_packages: true @@ -94,7 +95,12 @@ # satellite_org: Sat_org_name # satellite_activationkey: "rhel7basic" # Packages to install # If you are doing RHEL 8, you must set these values # satellite_url # satellite_key # satellite_cert # Packages to install for RHEL 7 common_packages: - unzip - bash-completion @@ -110,7 +116,23 @@ - podman - tree # Which RHEL Repos to enable. # Packages to install for RHEL 8 common_packages_el8: - python3 - unzip - bash-completion - tmux - bind-utils - wget - nano - git - vim-enhanced - httpd-tools - openldap-clients - podman - tree # Which RHEL Repos to enable on RHEL 7. rhel_repos: - rhel-7-server-rpms - rhel-7-server-extras-rpms ansible/configs/ocp-clientvm/default_vars_ec2.yml
@@ -74,7 +74,7 @@ count: "{{ num_users }}" public_dns: true floating_ip: true image_id: "{{ clientvm_instance_image }}" image: "{{ clientvm_instance_image }}" flavor: ec2: "{{ clientvm_instance_type }}" tags: @@ -83,9 +83,5 @@ - key: "ostype" value: "linux" rootfs_size: "{{ rootfs_size_clientvm }}" volumes: - device_name: "{{docker_device}}" volume_size: "{{ docker_size }}" volume_type: gp2 security_groups: - BastionSG ansible/configs/ocp-clientvm/default_vars_osp.yml
@@ -20,11 +20,11 @@ remote_user: cloud-user # The domain that you want to add DNS entries to osp_cluster_dns_zone: blue.osp.opentlc.com osp_cluster_dns_zone: FROMSECRET # The dynamic DNS server you will add entries to. # NOTE: This is only applicable when {{ use_dynamic_dns}} is true osp_cluster_dns_server: ddns01.opentlc.com osp_cluster_dns_server: FROMSECRET # Whether to wait for an ack from the DNS servers before continuing wait_for_dns: true @@ -34,24 +34,14 @@ # ddns_key_algorithm: # default value set to: "hmac-md5" # ddns_secret_name: # Set this to true if you want a FIPs provisioned for an OpenShift on OpenStack install # This will provision an API and Ingress FIP openshift_fip_provision: True # This requires DDNS or other DNS solution configured # If enabled, it will add DNS entries for the API and Ingress FIPs openshift_fip_dns: True # The external network in OpenStack where the floating IPs (FIPs) come from provider_network: external # Instance type & image clientvm_instance_type: "2c2g30d" clientvm_instance_image: rhel-server-7.7-update-2 rootfs_size_clientvm: 200 # Docker Root Device docker_device: /dev/vdb # Considering using image ID for this since multiple images can be named identically clientvm_instance_image: rhel-8.1 rootfs_size_clientvm: 100 # See cloud_providers/osp_default_vars.yml # See roles/infra-osp-project-create/defaults/main.yml ansible/configs/ocp-clientvm/files/cloud_providers/ec2_cloud_template.j2
File was deleted ansible/configs/ocp-clientvm/files/hosts_template.j2
File was deleted ansible/configs/ocp-clientvm/files/repos_template.j2
@@ -1,4 +1,33 @@ # RHEL Repos {% if ansible_distribution_major_version == "8" %} # RHEL 8 Repos [rhel8baseos] name=rhel8-baseos baseurl=https://{{ satellite_url }}/pulp/repos/Red_Hat_GPTE/Library/content/dist/rhel8/8/x86_64/baseos/os/ enabled=1 sslverify=1 sslclientkey=/etc/pki/tls/Red_GPTE.key sslclientcert=/etc/pki/tls/Red_GPTE.pem [rhel8appstream] name=rhel8-appstream baseurl=https://{{ satellite_url }}/pulp/repos/Red_Hat_GPTE/Library/content/dist/rhel8/8/x86_64/appstream/os/ enabled=1 sslverify=1 sslclientkey=/etc/pki/tls/Red_GPTE.key sslclientcert=/etc/pki/tls/Red_GPTE.pem [rhel8ansible] name=rhel8-ansible-2.8 baseurl=https://{{ satellite_url }}/pulp/repos/Red_Hat_GPTE/Library/content/dist/layered/rhel8/x86_64/ansible/2.8/os/ enabled=1 sslverify=1 sslclientkey=/etc/pki/tls/Red_GPTE.key sslclientcert=/etc/pki/tls/Red_GPTE.pem {% endif %} {% if ansible_distribution_major_version == "7" %} # RHEL 7 Repos {% if rhel_repos is defined %} {% for i in range(0,rhel_repos|length) %} @@ -15,4 +44,5 @@ baseurl={{own_repo_path}}/rhel-7-server-rpms enabled=1 gpgcheck=0 {% endif %} {% endif %} ansible/configs/ocp-clientvm/pre_software.yml
@@ -31,7 +31,7 @@ hosts: - all:!windows become: true gather_facts: False gather_facts: True tags: - step004 - common_tasks ansible/configs/ocp-clientvm/software.yml
@@ -12,8 +12,8 @@ gather_facts: false become: true tasks: - name: Set up Client VM for OCP 3 include_role: - name: Set up Client VM for OCP import_role: name: "ocp-client-vm" - name: Software flight-check ansible/roles/bastion-lite/tasks/main.yml
@@ -31,14 +31,14 @@ tags: - copy_sshconfig_file - name: Install python-requests ignore_errors: yes become: true yum: name: - python-requests when: not hostvars.localhost.skip_packer_tasks | d(false) tags: packer # - name: Install python-requests # ignore_errors: yes # become: true # yum: # name: # - python-requests # when: not hostvars.localhost.skip_packer_tasks | d(false) # tags: packer - name: Stat /etc/sysconfig/iptables stat: @@ -56,6 +56,7 @@ vars: student_login: "{{ student_name }}" use_python3: "{{ ftl_use_python3 | default(true) }}" - name: Ensure system Python3 has selinux library installed when: ftl_use_python3 | d(true) | bool pip: ansible/roles/common/defaults/main.yml
@@ -3,13 +3,23 @@ common_install_basic_packages_retries: 10 common_packages: - python - unzip - bash-completion - tmux - bind-utils - wget - ansible - git - vim-enhanced - yum-utils - python - unzip - bash-completion - tmux - bind-utils - wget - ansible - git - vim-enhanced - yum-utils common_packages_el8: - python3 - unzip - bash-completion - tmux - bind-utils - wget - vim-enhanced - git ansible/roles/common/files/host_ssh_config.j2
File was deleted ansible/roles/common/tasks/main.yml
@@ -40,9 +40,20 @@ - 'virtual' ######################## Install Basic Packages - name: Install Basic Packages import_tasks: ./packages.yml when: not hostvars.localhost.skip_packer_tasks | d(false) - name: Install common packages for RHEL 7 import_tasks: ./packages_el7.yml when: - ansible_distribution_major_version == "7" - not hostvars.localhost.skip_packer_tasks | d(false) tags: - install_basic_packages - packer - name: Install common packages for RHEL 8 import_tasks: ./packages_el8.yml when: - ansible_distribution_major_version == "8" - not hostvars.localhost.skip_packer_tasks | d(false) tags: - install_basic_packages - packer ansible/roles/common/tasks/packages_el7.yml
File was renamed from ansible/roles/common/tasks/packages.yml @@ -1,10 +1,10 @@ #vim: set ft=ansible: --- ######################### Install Basic Packages - name: install basic packages - name: install common packages for RHEL 7 yum: state: present name: "{{common_packages}}" name: "{{ common_packages }}" register: yumr until: yumr is succeeded retries: "{{ common_install_basic_packages_retries }}" ansible/roles/common/tasks/packages_el8.yml
New file @@ -0,0 +1,18 @@ #vim: set ft=ansible: --- ######################### Install Basic Packages - name: install common packages for RHEL 8 yum: state: present name: "{{ common_packages_el8 }}" register: yumr until: yumr is succeeded retries: "{{ common_install_basic_packages_retries }}" delay: 10 #any_errors_fatal: true tags: - install_common_packages - name: Set up python alternatives for convenience command: alternatives --set python /usr/bin/python3 when: "'python3' in common_packages_el8" ansible/roles/common/tasks/use_own_repos.yml
File was deleted ansible/roles/ocp-client-vm/tasks/main.yml
@@ -27,6 +27,22 @@ name: users state: present - when: - student_name is defined - student_name != '' name: Add user to docker and users groups become: yes user: name: "{{ student_name }}" append: yes groups: docker,users - name: Enable and Start Docker service: name: docker state: started enabled: yes - name: Install OpenShift Client VM packages for RHEL 8 when: ansible_distribution_major_version == "8" yum: @@ -37,22 +53,6 @@ - podman - skopeo - buildah - when: - student_name is defined - student_name != '' name: Add user to docker and users groups become: yes user: name: "{{ student_name }}" append: yes groups: docker,users - name: Enable and Start Docker service: name: docker state: started enabled: yes - name: Get the OpenShift CLI for OCP 3 become: yes ansible/roles/set-repositories/tasks/main.yml
@@ -8,13 +8,13 @@ - packer block: - name: Configure Satellite Subscription import_tasks: ./satellite-repos.yml include_tasks: ./satellite-repos.yml when: repo_method == "satellite" - name: Configure RHN Subscription import_tasks: ./rhn-repos.yml include_tasks: ./rhn-repos.yml when: repo_method == "rhn" - name: Configure Repository File import_tasks: ./file-repos.yml include_tasks: ./file-repos.yml when: repo_method == "file" ansible/roles/set-repositories/tasks/satellite-repos.yml
@@ -1,11 +1,4 @@ --- # vim: set ft=ansible: # To use this method you need to set these variables (perhaps in env_secret_vars.yml) # # satellite_url: 'your.satellite.host.without.http.or.https.prefix' # satellite_org: 'your_Org_name' # satellite_activationkey: "activation_key_id_name" - name: Remove rh-amazon-rhui-client package tags: packer package: @@ -27,7 +20,6 @@ validate_certs: no - name: Install Cert # use rpm here to avoid issue when yum is broken (chicken&egg) command: "rpm -Uvh /root/katello-ca-consumer-latest.noarch.rpm" args: warn: no @@ -37,26 +29,32 @@ name: /root/katello-ca-consumer-latest.noarch.rpm state: absent - name: list current repository files command: "ls -1 /etc/yum.repos.d/" register: repodircontents changed_when: false tags: - configure_repos - remove_existing_repos - name: remove current repository files file: path: /etc/yum.repos.d/{{ item }} state: absent # TODO: use with_fileglob here with_items: "{{ repodircontents.stdout_lines }}" ignore_errors: true tags: - configure_repos - remove_existing_repos - name: Register with activation-key when: satellite_activationkey is defined redhat_subscription: state: present server_hostname: "{{satellite_url}}" activationkey: "{{satellite_activationkey}}" org_id: "{{satellite_org}}" # - name: Enable Repositories # command: subscription-manager repos --enable=rhel-7-server-satellite-tools-6.3-rpms # - name: Install Katello Agent # yum: # name: katello-agent # state: latest # - name: Start Katello Agent # service: # name: goferd # state: started # enabled: yes server_hostname: "{{ satellite_url }}" activationkey: "{{ satellite_activationkey }}" org_id: "{{ satellite_org }}" - name: Enable repos for RHEL rhsm_repository: @@ -64,10 +62,50 @@ state: enabled with_items: - '{{ rhel_repos }}' when: not use_content_view when: - not use_content_view - rhel_repos is defined - name: Enable repos rhsm_repository: name: "*" state: enabled when: use_content_view when: - use_content_view - satellite_activationkey is defined - name: Set up repos to access Satellite using cert when: - satellite_key is defined - satellite_cert is defined block: - name: Create the certificate and key files file: state: touch path: "{{ item }}" loop: - "/etc/pki/tls/Red_GPTE.key" - "/etc/pki/tls/Red_GPTE.pem" - name: Add certificate and key content copy: dest: "{{ item.file }}" content: "{{ item.contents }}" loop: - {file: "/etc/pki/tls/Red_GPTE.key", contents: "{{ satellite_key }}"} - {file: "/etc/pki/tls/Red_GPTE.pem", contents: "{{ satellite_cert }}"} - name: create open.repo template on host template: src: "./files/repos_template.j2" dest: /etc/yum.repos.d/open_{{ env_type }}.repo tags: - create_open_repo_template - name: clean repositories command: "yum clean all" args: warn: false tags: - configure_repos - run_yum_repolist