initial working version of windows-ad for ans-tower-lab
| | |
| | | ### Common Host settings |
| | | |
| | | repo_method: file # Other Options are: file, satellite and rhn |
| | | |
| | | windows_password: 'jVMijRwLbI02gFCo2xkjlZ9lxEA7bm7zgg==' |
| | | |
| | | # Do you want to run a full yum update |
| | | update_packages: false |
| | |
| | | #tower_public_dns: "tower.{{subdomain_base}}." |
| | | bastion_public_dns: "bastion.{{subdomain_base}}." |
| | | bastion_public_dns_chomped: "bastion.{{subdomain_base}}" |
| | | |
| | | activedirectory_public_dns: "ad.{{subdomain_base}}." |
| | | activedirectory_public_dns_chomped: "ad.{{subdomain_base}}" |
| | | |
| | | vpcid_cidr_block: "192.168.0.0/16" |
| | | vpcid_name_tag: "{{subdomain_base}}" |
| | | |
| | |
| | | "RHELAMI": "ami-2c95344f", "WIN2012R2AMI": "ami-7644d315" |
| | | }, |
| | | "ap-southeast-2": { |
| | | "RHELAMI": "ami-39ac915a", "WIN2012R2AMI": "ami-468f9225" |
| | | "RHELAMI": "ami-39ac915a", "WIN2012R2AMI": "ami-46f1e925" |
| | | }, |
| | | "sa-east-1": { |
| | | "RHELAMI": "ami-7de77b11", "WIN2012R2AMI": "ami-c8285ca4" |
| | |
| | | "HostedZoneConfig": { |
| | | "Comment": "Created By ansible agnostic deployer" |
| | | } |
| | | } |
| | | }, |
| | | "WindowsDNS": { |
| | | "Type": "AWS::Route53::RecordSetGroup", |
| | | "DependsOn": [ "Windows1EIP" ], |
| | | "Properties": { |
| | | "HostedZoneId": "{{HostedZoneId}}", |
| | | "RecordSets": [ |
| | | { |
| | | "Name": "{{activedirectory_public_dns}}", |
| | | "Type": "A", |
| | | "TTL": "10", |
| | | "ResourceRecords": [ |
| | | { |
| | | "Fn::GetAtt": [ |
| | | "windows1", |
| | | "PublicIp" |
| | | ] |
| | | } |
| | | ] |
| | | } |
| | | ] |
| | | } |
| | | }, |
| | | "BastionDNS": { |
| | |
| | | } |
| | | |
| | | }, |
| | | |
| | | "Windows{{loop.index}}EIP" : { |
| | | "Type" : "AWS::EC2::EIP", |
| | | "DependsOn": [ "windows{{loop.index}}" ], |
| | | "Properties" : { |
| | | "InstanceId" : { "Ref" : "windows{{loop.index}}" } |
| | | }}, |
| | | "windows{{loop.index}}DNS": { |
| | | "Type": "AWS::Route53::RecordSetGroup", |
| | | "Properties": { |
| | |
| | | - name: set_fact windows_password (just generated) |
| | | set_fact: |
| | | generated_windows_password: "{{ password_gen_r.stdout }}" |
| | | windows_password: "{{ password_gen_r.stdout }}" |
| | | when: not passwordfile.stat.exists |
| | | |
| | | - name: set_fact windows_password (previously generated) |
| | |
| | | |
| | | - name: Place Tower License from env_secret_vars on bastion |
| | | hosts: "{{ ('tag_' ~ env_type ~ '_' ~ guid ~ '_bastion') | replace('-', '_') }}" |
| | | become: yes |
| | | vars_files: |
| | | - "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_vars.yml" |
| | | - "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_secret_vars.yml" |
| | |
| | | - place_tower_license_file |
| | | tasks: |
| | | - blockinfile: |
| | | create: yes |
| | | path: /root/tower_license.txt |
| | | block: "{{tower_license}}" |
| | | when: tower_license is defined |
| | |
| | | |
| | | # TODO: should take pool ids from a var |
| | | - name: get product pool id |
| | | shell: /usr/bin/subscription-manager list --all --available --matches="*OpenShift Container Platform*" | awk '/Pool ID/ {print $3}' | head -1 |
| | | shell: /usr/bin/subscription-manager list --all --available --matches="*{{rhn_pool_id_string}}*" | awk '/Pool ID/ {print $3}' | head -1 |
| | | # command: subscription-manager list --all --available --matches="OpenShift Container Platform" | awk '/Pool ID/ {print $3}' | head -1 |
| | | register: pool_id |
| | | until: pool_id | succeeded |
| | |
| | | --- |
| | | ad_domain_name: "{{ ec2_tag_internaldns }}" |
| | | #ad_domain_name: "{{ ec2_tag_internaldns }}" |
| | | ad_domain_name: "{{activedirectory_public_dns_chomped}}" |
| | | ad_safe_mode_password: "{{ windows_password | default(generated_windows_password) }}" |
| | | ad_admin_user: "admin@{{ ad_domain_name}}" |
| | | ad_admin_password: "{{ windows_password | default(generated_windows_password) }}" |
| | |
| | | include_management_tools: yes |
| | | include_sub_features: yes |
| | | |
| | | - name: Promote to domain controller |
| | | win_domain_controller: |
| | | |
| | | - name: Setup Active Directory Controller |
| | | win_domain: |
| | | dns_domain_name: "{{ ad_domain_name }}" |
| | | safe_mode_password: "{{ ad_safe_mode_password }}" |
| | | domain_admin_user: "{{ ad_admin_user }}" |
| | | domain_admin_password: "{{ ad_admin_password }}" |
| | | state: domain_controller |
| | | register: result |
| | | safe_mode_password: "{{ windows_password }}" |
| | | register: active_directory_controllers |
| | | |
| | | - name: reboot once DC created |
| | | win_reboot: |
| | | when: active_directory_controllers.reboot_required |
| | | |
| | | - name: List DCs in domain |
| | | win_shell: "nltest /dclist:{{ ad_domain_name }}" |
| | | register: domain_list |
| | | |
| | | - debug: |
| | | var: domain_list |
| | |
| | | --- |
| | | # pip install pywinrm |
| | | |
| | | |
| | | - include: sshd.yml |
| | | when: install_win_ssh | bool |
| | | |
| | | - win_shell: "systeminfo | findstr /C:OS" |
| | | register: windows_system_info |
| | | |
| | | - debug: |
| | | var: windows_system_info |