ansible/configs/amq-messaging-foundations/README.adoc
New file @@ -0,0 +1,119 @@ = OCP Client VM (ocp-clientvm) == Running Ansible Playbook * You can run the playbook with the following arguments to overwrite the default variable values: + [source,bash] ---- # Generic Vars GUID=sborenstest5 REGION=ap-southeast-2 KEYNAME=ocpkey ENVTYPE="ocp-clientvm" CLOUDPROVIDER=ec2 HOSTZONEID='Z3IHLWJZOU9SRT' BASESUFFIX='.example.opentlc.com' # OCP Vars REPO_VERSION=3.11 OSRELEASE=3.11.16 ansible-playbook main.yml \ -e "guid=${GUID}" \ -e "env_type=${ENVTYPE}" \ -e "osrelease=${OSRELEASE}" \ -e "repo_version=${REPO_VERSION}" \ -e "docker_version=1.13.1" \ -e "cloud_provider=${CLOUDPROVIDER}" \ -e "aws_region=${REGION}" \ -e "HostedZoneId=${HOSTZONEID}" \ -e "key_name=${KEYNAME}" \ -e "subdomain_base_suffix=${BASESUFFIX}" \ -e "clientvm_instance_type=t2.large" \ -e "requirements_path=ansible/configs/ocp-clientvm/requirements_ruby.yml" \ -e "email=name@example.com" \ -e "output_dir=/tmp/output" \ -e "install_ruby=true" -e "install_3scale=true" -vvvv ---- === Satellite version ---- GUID=testclientvm1 REGION=us-east-1 KEYNAME=ocpkey ENVTYPE="ocp-clientvm" CLOUDPROVIDER=ec2 HOSTZONEID='Z186MFNM7DX4NF' BASESUFFIX='.example.opentlc.com' REPO_VERSION=3.9 DEPLOYER_REPO_PATH=`pwd` LOG_FILE=/tmp/${ENVTYPE}-${GUID}.log IPAPASS=$5 if [ "$1" = "provision" ] ; then echo "Provisioning: ${STACK_NAME}" 1>> $LOG_FILE 2>> $LOG_FILE ansible-playbook ${DEPLOYER_REPO_PATH}/main.yml \ -e "guid=${GUID}" \ -e "env_type=${ENVTYPE}" \ -e "key_name=${KEYNAME}" \ -e "cloud_provider=${CLOUDPROVIDER}" \ -e "aws_region=${REGION}" \ -e "HostedZoneId=${HOSTZONEID}" \ -e "subdomain_base_suffix=${BASESUFFIX}" \ -e "clientvm_instance_type=t2.large" \ -e "ipa_host_password=${IPAPASS}" -e "repo_method=satellite" \ -e "repo_version=${REPO_VERSION}" \ -e "email=name@example.com" \ -e "software_to_deploy=none" \ -e "osrelease=3.9.14" \ -e "docker_version=1.13.1" \ -e "ANSIBLE_REPO_PATH=${DEPLOYER_REPO_PATH}" 1>> $LOG_FILE 2>> $LOG_FILE ---- === To Delete an environment ---- REGION=us-east-1 KEYNAME=ocpkey GUID=testclientvm1 ENVTYPE="ocp-clientvm" CLOUDPROVIDER=ec2 HOSTZONEID='Z186MFNM7DX4NF' ansible-playbook ./configs/${ENVTYPE}/destroy_env.yml \ -e "guid=${GUID}" \ -e "env_type=${ENVTYPE}" \ -e "cloud_provider=${CLOUDPROVIDER}" \ -e "aws_region=${REGION}" \ -e "HostedZoneId=${HOSTZONEID}" \ -e "key_name=${KEYNAME}" \ -e "subdomain_base_suffix=${BASESUFFIX}" ---- == Example RC file Use a RC file like this one to create a ClientVM with the wrapper.sh script: ---- GUID=myclient REGION=us-east-1 KEYNAME=ocpkey ENVTYPE=ocp-clientvm HOSTZONEID='Z3IHLWJZOU9SRT' ENVTYPE_ARGS=( -e repo_version=3.9 -e osrelease=3.9.14 -e own_repo_path=http://admin.example.com/repos/ocp/3.9.14 -e docker_version=1.13.1 -e "clientvm_instance_type=t2.large" -e "subdomain_base_suffix=.example.opentlc.com" ) ---- ansible/configs/amq-messaging-foundations/default_vars.yml
New file @@ -0,0 +1,113 @@ ###### VARIABLES YOU SHOULD CONFIGURE FOR YOUR DEPLOYEMNT ###### OR PASS as "-e" args to ansible-playbook command ## guid is the deployment unique identifier, it will be appended to all tags, ## files and anything that identifies this environment from another "just like it" guid: defaultguid # Project Tag for all generated resources project_tag: "{{ env_type }}-{{ guid }}" # osrelease determines if the OCP3 or OCP4 ClientVM is installed. # osrelease >=4.0 ==> OCP 4, osrelease < 4.0 ==> OCP 3 # osrelease also determins which RHEL Repos to use # Specific tool versions can be set to override the default osrelease: '4.3.0' repo_version: '4.3' # Ruby and 3scale ToolBox gem is installed. install_ruby: false install_3scale: false # Software Versions: # Specified in ocp-client-vm role defaults. Can be overridden with specific # versions if necessary ocp_clientvm_oc_version: "{{ osrelease }}" # ocp_clientvm_oc_version: '4.3.0' # ocp_clientvm_oc_version: '3.11.154' # OpenShift 4 specific software (only installed when Client Version >= 4.0) # ocp_clientvm_odo_version: 'v1.1.0' # ocp_clientvm_helm_version: 'v3.0.0' # ocp_clientvm_tkn_version: '0.6.0' # Supplemental Software # Specified in ocp-client-vm role defaults. Can be overridden. # ocp_clientvm_maven_version: '3.6.3' # ocp_clientvm_istioctl_version: '1.1.17' # Docker version and settings docker_version: '1.13.1' docker_size: '200' # The next flag is 1 by default. If it is set to more than 1 then instead of creating # clientvm.guid.baseurl it will create clientvm{1..num_users}.guid.baseurl num_users: 1 install_bastion: true install_common: true install_opentlc_integration: true install_ipa_client: false # Install a user id 'student'. If install_student_user=true then a global variable # student_password=password needs to be provided with the password to set for the user student install_student_user: false # FTL is used for grading and solving. It will pull in the external ftl-injector role. # This might be enabled when we have solvers to run or graders for ILT # Define the FTL Injector Tag ftl_injector_tag: "v0.17.0" ftl_use_python3: true ### If you want a Key Pair name created and injected into the hosts, # set `set_env_authorized_key` to true and set the keyname in `env_authorized_key` # you can use the key used to create the environment or use your own self generated key # if you set "use_own_key" to false your PRIVATE key will be copied to the bastion. (This is {{key_name}}) use_own_key: true env_authorized_key: "{{guid}}key" key_name: "default_key_name" ansible_ssh_private_key_file: ~/.ssh/{{key_name}}.pem set_env_authorized_key: true # Is this running from Red Hat Ansible Tower tower_run: false ### Common Host settings repo_method: file # Other Options are: file, satellite and rhn # Do you want to run a full yum update update_packages: true #If using repo_method: satellite, you must set these values as well. # satellite_url: satellite.example.com # satellite_org: Sat_org_name # satellite_activationkey: "rhel7basic" # Packages to install common_packages: - unzip - bash-completion - tmux - bind-utils - wget - nano - ansible - git - vim-enhanced - httpd-tools - openldap-clients - tree # Which RHEL Repos to enable. rhel_repos: - rhel-7-server-rpms - rhel-7-server-extras-rpms - rhel-7-server-ansible-2.8-rpms cloud_tags: env_type: "{{ env_type }}" guid: "{{ guid }}" course_name: "{{ course_name | d('unknown') }}" platform: "{{ platform | d('unknown') }}" ansible/configs/amq-messaging-foundations/default_vars.yml~
New file @@ -0,0 +1,117 @@ ###### VARIABLES YOU SHOULD CONFIGURE FOR YOUR DEPLOYEMNT ###### OR PASS as "-e" args to ansible-playbook command ## guid is the deployment unique identifier, it will be appended to all tags, ## files and anything that identifies this environment from another "just like it" guid: defaultguid # Project Tag for all generated resources project_tag: "{{ env_type }}-{{ guid }}" # osrelease determines if the OCP3 or OCP4 ClientVM is installed. # osrelease >=4.0 ==> OCP 4, osrelease < 4.0 ==> OCP 3 # osrelease also determins which RHEL Repos to use # Specific tool versions can be set to override the default osrelease: '4.3.0' repo_version: '4.3' # Ruby and 3scale ToolBox gem is installed. install_ruby: false install_3scale: false # Software Versions: # Specified in ocp-client-vm role defaults. Can be overridden with specific # versions if necessary ocp_clientvm_oc_version: "{{ osrelease }}" # ocp_clientvm_oc_version: '4.3.0' # ocp_clientvm_oc_version: '3.11.154' # OpenShift 4 specific software (only installed when Client Version >= 4.0) # ocp_clientvm_odo_version: 'v1.1.0' # ocp_clientvm_helm_version: 'v3.0.0' # ocp_clientvm_tkn_version: '0.6.0' # Supplemental Software # Specified in ocp-client-vm role defaults. Can be overridden. # ocp_clientvm_maven_version: '3.6.3' # ocp_clientvm_istioctl_version: '1.1.17' # Docker version and settings docker_version: '1.13.1' docker_size: '200' # The next flag is 1 by default. If it is set to more than 1 then instead of creating # clientvm.guid.baseurl it will create clientvm{1..num_users}.guid.baseurl num_users: 1 install_bastion: true install_common: true install_opentlc_integration: true install_ipa_client: false # Install a user id 'student'. If install_student_user=true then a global variable # student_password=password needs to be provided with the password to set for the user student install_student_user: false # FTL is used for grading and solving. It will pull in the external ftl-injector role. # This might be enabled when we have solvers to run or graders for ILT # Define the FTL Injector Tag ftl_injector_tag: "v0.17.0" ftl_use_python3: true ### If you want a Key Pair name created and injected into the hosts, # set `set_env_authorized_key` to true and set the keyname in `env_authorized_key` # you can use the key used to create the environment or use your own self generated key # if you set "use_own_key" to false your PRIVATE key will be copied to the bastion. (This is {{key_name}}) use_own_key: true env_authorized_key: "{{guid}}key" key_name: "default_key_name" ansible_ssh_private_key_file: ~/.ssh/{{key_name}}.pem set_env_authorized_key: true # Is this running from Red Hat Ansible Tower tower_run: false ### Common Host settings repo_method: file # Other Options are: file, satellite and rhn # Do you want to run a full yum update update_packages: true #If using repo_method: satellite, you must set these values as well. # satellite_url: satellite.example.com # satellite_org: Sat_org_name # satellite_activationkey: "rhel7basic" # Packages to install common_packages: - unzip - bash-completion - tmux - bind-utils - wget - nano - ansible - git - vim-enhanced - httpd-tools - openldap-clients - podman - tree - qpid-dispatch-router - qpid-dispatch-tools - qpid-dispatch-console # Which RHEL Repos to enable. rhel_repos: - rhel-7-server-rpms - rhel-7-server-extras-rpms - rhel-7-server-ansible-2.8-rpms cloud_tags: env_type: "{{ env_type }}" guid: "{{ guid }}" course_name: "{{ course_name | d('unknown') }}" platform: "{{ platform | d('unknown') }}" ansible/configs/amq-messaging-foundations/default_vars_ec2.yml
New file @@ -0,0 +1,91 @@ ### AWS EC2 Environment settings ### Route 53 Zone ID (AWS) # This is the Route53 HostedZoneId where you will create your Public DNS entries # This only needs to be defined if your CF template uses route53 HostedZoneId: Z3IHLWJZOU9SRT # The region to be used, if not specified by -e in the command line aws_region: us-east-1 # The key that is used to key_name: "default_key_name" ## Networking (AWS) subdomain_base_short: "{{ guid }}" subdomain_base_suffix: ".example.opentlc.com" subdomain_base: "{{subdomain_base_short}}{{subdomain_base_suffix}}" ## Environment Sizing clientvm_instance_type: "t2.large" clientvm_instance_image: RHELAMI ###### VARIABLES YOU SHOULD ***NOT*** CONFIGURE FOR YOUR DEPLOYEMNT docker_device: /dev/xvdb ###### You can, but you usually wouldn't need to. ansible_user: ec2-user remote_user: ec2-user ### CLOUDFORMATIONS vars zone_internal_dns: "{{guid}}.internal." chomped_zone_internal_dns: "{{guid}}.internal" bastion_public_dns: "bastion.{{subdomain_base}}." bastion_public_dns_chomped: "bastion.{{subdomain_base}}" vpcid_name_tag: "{{subdomain_base}}" az_1_name: "{{ aws_region }}a" az_2_name: "{{ aws_region }}b" subnet_private_1_cidr_block: "192.168.2.0/24" subnet_private_1_az: "{{ az_2_name }}" subnet_private_1_name_tag: "{{subdomain_base}}-private" subnet_private_2_cidr_block: "192.168.1.0/24" subnet_private_2_az: "{{ az_1_name }}" subnet_private_2_name_tag: "{{subdomain_base}}-private" subnet_public_1_cidr_block: "192.168.10.0/24" subnet_public_1_az: "{{ az_1_name }}" subnet_public_1_name_tag: "{{subdomain_base}}-public" subnet_public_2_cidr_block: "192.168.20.0/24" subnet_public_2_az: "{{ az_2_name }}" subnet_public_2_name_tag: "{{subdomain_base}}-public" dopt_domain_name: "{{ aws_region }}.compute.internal" rtb_public_name_tag: "{{subdomain_base}}-public" rtb_private_name_tag: "{{subdomain_base}}-private" cf_template_description: "{{ env_type }}-{{ guid }} template " cloudformation_retries: 2 ocp_report: false rootfs_size_clientvm: 200 instances: - name: "clientvm" count: "{{ num_users }}" public_dns: true floating_ip: true image_id: "{{ clientvm_instance_image }}" flavor: ec2: "{{ clientvm_instance_type }}" tags: - key: "AnsibleGroup" value: "bastions" - key: "ostype" value: "linux" rootfs_size: "{{ rootfs_size_clientvm }}" volumes: - device_name: "{{docker_device}}" volume_size: "{{ docker_size }}" volume_type: gp2 security_groups: - BastionSG ansible/configs/amq-messaging-foundations/default_vars_osp.yml
New file @@ -0,0 +1,129 @@ # The type of cloud provider this will be deployed to cloud_provider: osp # Authenication credentials for OpenStack in order to create the things. # These should be included with your secrets, but are listed here for reference # osp_auth_url: # osp_auth_username: # osp_auth_password: # osp_auth_cloud: # osp_auth_project_domain: #usually set to "default" # osp_auth_user_domain: #usually set to "default" # This is an account that must exist in OpenStack. # It is used to create projects, access, Heat templates admin_user: opentlc-mgr # This is the user that Ansible will use to connect to the nodes it is # configuring from the admin/control host ansible_user: cloud-user remote_user: cloud-user # The domain that you want to add DNS entries to osp_cluster_dns_zone: blue.osp.opentlc.com # The dynamic DNS server you will add entries to. # NOTE: This is only applicable when {{ use_dynamic_dns}} is true osp_cluster_dns_server: ddns01.opentlc.com # Whether to wait for an ack from the DNS servers before continuing wait_for_dns: true # Authenticaion for DDNS, Must be set in secrets # ddns_key_name: # ddns_secret_name: # Set this to true if you want a FIPs provisioned for an OpenShift on OpenStack install # This will provision an API and Ingress FIP openshift_fip_provision: True # This requires DDNS or other DNS solution configured # If enabled, it will add DNS entries for the API and Ingress FIPs openshift_fip_dns: True # The external network in OpenStack where the floating IPs (FIPs) come from provider_network: external # Instance type & image clientvm_instance_type: "2c2g30d" clientvm_instance_image: rhel-server-7.7-update-2 rootfs_size_clientvm: 200 # Docker Root Device docker_device: /dev/vdb # See cloud_providers/osp_default_vars.yml # See roles/infra-osp-project-create/defaults/main.yml # Set this to true if you need to create a new project in OpenStack # This should almost always be set to true for OpenShift installations # If it is set to false, the {{ osp_project_name }} must already exist and # should be able to run whatever you are deploying osp_project_create: true # The name of the project that will be created in OpenStack for the user osp_project_name: "{{ guid }}-project" # A list of the private networks and subnets to create in the project # You can create as many as you want, but at least one is required. # Use the name of the networks where appropriate in the instance list networks: - name: ocp shared: "false" subnet_cidr: 192.168.47.0/24 gateway_ip: 192.168.47.1 allocation_start: 192.168.47.10 allocation_end: 192.168.47.254 dns_nameservers: [] create_router: true # If osp_project_create is set to yes, define those: # Quotas to set for new project that is created quota_num_instances: 1 quota_num_cores: 4 quota_memory: 4096 # in MB quota_num_volumes: 3 quota_volumes_gigs: 500 quota_fip: 1 quota_sg: 5 # Instances to be provisioned in new project # Provide these as a list. # Each instance type can have any number of replicas deployed with the same # configuration. # Metadata in OpenStack is equivelent to tags in AWS # These instances will be created with Cinder persistent volumes instances: - name: clientvm count: 1 unique: yes alt_name: bastion image_id: "{{ clientvm_instance_image }}" floating_ip: yes flavor: osp: "{{ clientvm_instance_type }}" metadata: - AnsibleGroup: "bastions,clientvms" - function: clientvm - user: "{{ student_name }}" - project: "{{ project_tag }}" - ostype: linux - Purpose: "{{ purpose }}" rootfs_size: "{{ rootfs_size_clientvm }}" network: ocp security_groups: - clientvm_sg # Security groups and associated rules. This will be provided #when the Heat template is generated separate groups and rules security_groups: - name: clientvm_sg description: Client VM security group allows basic icmp and SSH ingress and egress to * rules: - protocol: icmp direction: ingress - protocol: tcp direction: ingress port_range_min: 22 port_range_max: 22 remote_ip_prefix: 0.0.0.0/0 ansible/configs/amq-messaging-foundations/destroy_env.yml
New file @@ -0,0 +1,2 @@ --- - import_playbook: "../../cloud_providers/{{ cloud_provider }}_destroy_env.yml" ansible/configs/amq-messaging-foundations/files/cloud_providers/ec2_cloud_template.j2
New file @@ -0,0 +1,443 @@ #jinja2: lstrip_blocks: True --- AWSTemplateFormatVersion: "2010-09-09" Mappings: RegionMapping: us-east-1: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-6871a115 {% else %} RHELAMI: ami-c998b6b2 {% endif %} us-east-2: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-03291866 {% else %} RHELAMI: ami-cfdafaaa {% endif %} us-west-1: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-18726478 {% else %} RHELAMI: ami-66eec506 {% endif %} us-west-2: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-223f945a {% else %} RHELAMI: ami-9fa343e7 {% endif %} eu-west-1: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-7c491f05 {% else %} RHELAMI: ami-bb9a6bc2 {% endif %} eu-central-1: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-c86c3f23 {% else %} RHELAMI: ami-d74be5b8 {% endif %} ap-northeast-1: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-6b0d5f0d {% else %} RHELAMI: ami-30ef0556 {% endif %} ap-northeast-2: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-3eee4150 {% else %} RHELAMI: ami-0f5a8361 {% endif %} ap-southeast-1: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-76144b0a {% else %} RHELAMI: ami-10bb2373 {% endif %} ap-southeast-2: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-67589505 {% else %} RHELAMI: ami-ccecf5af {% endif %} ap-south-1: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-5b673c34 {% else %} RHELAMI: ami-cdbdd7a2 {% endif %} sa-east-1: {% if osrelease is version_compare('3.9.25', '>=') %} RHELAMI: ami-b0b7e3dc {% else %} RHELAMI: ami-a789ffcb {% endif %} DNSMapping: us-east-1: domain: "us-east-1.compute.internal" us-west-1: domain: "us-west-1.compute.internal" us-west-2: domain: "us-west-2.compute.internal" eu-west-1: domain: "eu-west-1.compute.internal" eu-central-1: domain: "eu-central-1.compute.internal" ap-northeast-1: domain: "ap-northeast-1.compute.internal" ap-northeast-2: domain: "ap-northeast-2.compute.internal" ap-southeast-1: domain: "ap-southeast-1.compute.internal" ap-southeast-2: domain: "ap-southeast-2.compute.internal" sa-east-1: domain: "sa-east-1.compute.internal" ap-south-1: domain: "ap-south-1.compute.internal" Resources: Vpc: Type: "AWS::EC2::VPC" Properties: CidrBlock: "192.168.0.0/16" EnableDnsSupport: true EnableDnsHostnames: true Tags: - Key: Name Value: "{{vpcid_name_tag}}" - Key: Hostlication Value: Ref: "AWS::StackId" VpcInternetGateway: Type: "AWS::EC2::InternetGateway" VpcGA: Type: "AWS::EC2::VPCGatewayAttachment" Properties: InternetGatewayId: Ref: VpcInternetGateway VpcId: Ref: Vpc VpcRouteTable: Type: "AWS::EC2::RouteTable" Properties: VpcId: Ref: Vpc VPCRouteInternetGateway: DependsOn: VpcGA Type: "AWS::EC2::Route" Properties: GatewayId: Ref: VpcInternetGateway DestinationCidrBlock: "0.0.0.0/0" RouteTableId: Ref: VpcRouteTable PublicSubnet: Type: "AWS::EC2::Subnet" DependsOn: - Vpc Properties: CidrBlock: "192.168.0.0/24" Tags: - Key: Name Value: "{{project_tag}}" - Key: Hostlication Value: Ref: "AWS::StackId" MapPublicIpOnLaunch: true VpcId: Ref: Vpc PublicSubnetRTA: Type: "AWS::EC2::SubnetRouteTableAssociation" Properties: RouteTableId: Ref: VpcRouteTable SubnetId: Ref: PublicSubnet HostSG: Type: "AWS::EC2::SecurityGroup" Properties: GroupDescription: Host VpcId: Ref: Vpc Tags: - Key: Name Value: host_sg HostUDPPorts: Type: "AWS::EC2::SecurityGroupIngress" Properties: GroupId: Fn::GetAtt: - HostSG - GroupId IpProtocol: udp FromPort: 60000 ToPort: 60003 CidrIp: "0.0.0.0/0" HostTCPPortsSSH: Type: "AWS::EC2::SecurityGroupIngress" Properties: GroupId: Fn::GetAtt: - HostSG - GroupId IpProtocol: tcp FromPort: 22 ToPort: 22 CidrIp: "0.0.0.0/0" HostTCPPortsHTTP: Type: "AWS::EC2::SecurityGroupIngress" Properties: GroupId: Fn::GetAtt: - HostSG - GroupId IpProtocol: tcp FromPort: 80 ToPort: 80 CidrIp: "0.0.0.0/0" HostTCPPortsHTTPS: Type: "AWS::EC2::SecurityGroupIngress" Properties: GroupId: Fn::GetAtt: - HostSG - GroupId IpProtocol: tcp FromPort: 443 ToPort: 443 CidrIp: "0.0.0.0/0" zoneinternalidns: Type: "AWS::Route53::HostedZone" Properties: Name: "{{ zone_internal_dns }}" VPCs: - VPCId: Ref: Vpc VPCRegion: Ref: "AWS::Region" HostedZoneConfig: Comment: "Created By ansible agnostic deployer" {% if num_users|d(1)|int > 1 %} {% for c in range(1,num_users|int+1) %} clientvm{{loop.index}}: Type: "AWS::EC2::Instance" Properties: {% if custom_image is defined %} ImageId: {{ custom_image.image_id }} {% else %} ImageId: Fn::FindInMap: - RegionMapping - Ref: AWS::Region {% if 'image_id' in instances[0] %} - {{ instances[0].image_id }} {% else %} - 'RHELAMI' {% endif %} {% endif %} InstanceType: "{{instances[0]['flavor'][cloud_provider]}}" KeyName: "{{instances[0]['key_name'] | default(key_name)}}" SecurityGroupIds: - "Fn::GetAtt": - HostSG - GroupId SubnetId: Ref: PublicSubnet Tags: - Key: Name Value: clientvm{{loop.index}} - Key: internaldns Value: clientvm{{loop.index}}.{{chomped_zone_internal_dns}} - Key: "owner" Value: "{{ email | default('unknownuser') }}" - Key: "Project" Value: "{{project_tag}}" - Key: "{{project_tag}}" Value: "{{ instances[0]['name'] }}" {% for tag in instances[0]['tags'] %} - Key: {{tag['key']}} Value: {{tag['value']}} {% endfor %} BlockDeviceMappings: - DeviceName: "/dev/sda1" Ebs: VolumeSize: {{ instances[0]['rootfs_size'] | default('50') }} {% for vol in instances[0]['volumes']|default([]) %} - DeviceName: "{{ vol['device_name'] }}" Ebs: VolumeType: "{{ vol['volume_type'] | d('gp2') }}" VolumeSize: "{{ vol['volume_size'] | d('20') }}" {% endfor %} clientvm{{loop.index}}InternalDNS: Type: "AWS::Route53::RecordSetGroup" Properties: HostedZoneId: Ref: zoneinternalidns RecordSets: - Name: "clientvm{{loop.index}}.{{zone_internal_dns}}" Type: A TTL: 10 ResourceRecords: - "Fn::GetAtt": - clientvm{{loop.index}} - PrivateIp - Name: "bastion{{loop.index}}.{{zone_internal_dns}}" Type: A TTL: 10 ResourceRecords: - "Fn::GetAtt": - clientvm{{loop.index}} - PrivateIp clientvm{{loop.index}}EIP: Type: "AWS::EC2::EIP" DependsOn: - VpcGA Properties: InstanceId: Ref: clientvm{{loop.index}} clientvm{{loop.index}}PublicDNS: Type: "AWS::Route53::RecordSetGroup" DependsOn: - clientvm{{loop.index}}EIP Properties: HostedZoneId: {{HostedZoneId}} RecordSets: - Name: "clientvm{{loop.index}}.{{subdomain_base}}." Type: A TTL: 10 ResourceRecords: - "Fn::GetAtt": - clientvm{{loop.index}} - PublicIp - Name: "bastion{{loop.index}}.{{subdomain_base}}." Type: A TTL: 10 ResourceRecords: - "Fn::GetAtt": - clientvm{{loop.index}} - PublicIp {% endfor %} {% else %} clientvm: Type: "AWS::EC2::Instance" Properties: {% if custom_image is defined %} ImageId: {{ custom_image.image_id }} {% else %} ImageId: Fn::FindInMap: - RegionMapping - Ref: AWS::Region - 'RHELAMI' {% endif %} InstanceType: "{{instances[0]['flavor'][cloud_provider]}}" KeyName: "{{instances[0]['key_name'] | default(key_name)}}" SecurityGroupIds: - "Fn::GetAtt": - HostSG - GroupId SubnetId: Ref: PublicSubnet Tags: - Key: Name Value: clientvm - Key: internaldns Value: clientvm.{{chomped_zone_internal_dns}} - Key: "owner" Value: "{{ email | default('unknownuser') }}" - Key: "Project" Value: "{{project_tag}}" - Key: "{{project_tag}}" Value: "{{ instances[0]['name'] }}" {% for tag in instances[0]['tags'] %} - Key: {{tag['key']}} Value: {{tag['value']}} {% endfor %} BlockDeviceMappings: - DeviceName: "/dev/sda1" Ebs: VolumeSize: {{ instances[0]['rootfs_size'] | default('50') }} {% for vol in instances[0]['volumes']|default([]) %} - DeviceName: "{{ vol['device_name'] }}" Ebs: VolumeType: "{{ vol['volume_type'] | d('gp2') }}" VolumeSize: "{{ vol['volume_size'] | d('20') }}" {% endfor %} clientvmInternalDNS: Type: "AWS::Route53::RecordSetGroup" Properties: HostedZoneId: Ref: zoneinternalidns RecordSets: - Name: "clientvm.{{zone_internal_dns}}" Type: A TTL: 10 ResourceRecords: - "Fn::GetAtt": - clientvm - PrivateIp - Name: "bastion.{{zone_internal_dns}}" Type: A TTL: 10 ResourceRecords: - "Fn::GetAtt": - clientvm - PrivateIp clientvmEIP: Type: "AWS::EC2::EIP" DependsOn: - VpcGA Properties: InstanceId: Ref: clientvm clientvmPublicDNS: Type: "AWS::Route53::RecordSetGroup" DependsOn: - clientvmEIP Properties: HostedZoneId: {{HostedZoneId}} RecordSets: - Name: "clientvm.{{subdomain_base}}." Type: A TTL: 10 ResourceRecords: - "Fn::GetAtt": - clientvm - PublicIp - Name: "bastion.{{subdomain_base}}." Type: A TTL: 10 ResourceRecords: - "Fn::GetAtt": - clientvm - PublicIp {% endif %} Outputs: Route53internalzoneOutput: Description: The ID of the internal route 53 zone Value: Ref: zoneinternalidns ansible/configs/amq-messaging-foundations/files/hosts_template.j2
New file @@ -0,0 +1,5 @@ ########################################################################### ### ClientVM Hosts ### Dummy file ########################################################################### ansible/configs/amq-messaging-foundations/files/repos_template.j2
New file @@ -0,0 +1,26 @@ # RHEL Repos {% if rhel_repos is defined %} {% for i in range(0,rhel_repos|length) %} [{{ rhel_repos[i] }}] name={{ rhel_repos[i] }} baseurl={{own_repo_path}}/{{ rhel_repos[i] }} enabled=1 gpgcheck=0 {% endfor %} {% else %} [rhel-7-server-rpms] name=Red Hat Enterprise Linux 7 baseurl={{own_repo_path}}/rhel-7-server-rpms enabled=1 gpgcheck=0 {% endif %} [epel] name=Extra Packages for Enterprise Linux 7 - $basearch baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch mirrorlist=http://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch failovermethod=priority enabled=1 gpgcheck=0 ansible/configs/amq-messaging-foundations/post_infra.yml
New file @@ -0,0 +1,24 @@ - name: Step 002 Post Infrastructure hosts: localhost connection: local become: false tags: - step002 - post_infrastructure tasks: - name: Job Template to launch a Job Template with update on launch inventory set when: tower_run == 'true' uri: url: "https://{{ ansible_tower_ip }}/api/v1/job_templates/{{ job_template_id }}/launch/" method: POST user: "{{tower_admin}}" password: "{{tower_admin_password}}" body: extra_vars: guid: "{{guid}}" ipa_host_password: "{{ipa_host_password}}" body_format: json validate_certs: False HEADER_Content-Type: "application/json" status_code: 200, 201 ansible/configs/amq-messaging-foundations/post_software.yml
New file @@ -0,0 +1,19 @@ --- - name: Step 00xxxxx post software hosts: bastions become: yes gather_facts: False tasks: - debug: msg: "Post-Software Steps starting" - name: PostSoftware flight-check hosts: localhost connection: local gather_facts: false become: false tags: - post_flight_check tasks: - debug: msg: "Post-Software checks completed successfully" ansible/configs/amq-messaging-foundations/pre_infra.yml
New file @@ -0,0 +1,12 @@ --- - name: Step 000 Pre Infrastructure hosts: localhost connection: local become: false gather_facts: false tags: - step001 - pre_infrastructure tasks: - debug: msg: "Step 000 Pre Infrastructure - Dummy action" ansible/configs/amq-messaging-foundations/pre_software.yml
New file @@ -0,0 +1,89 @@ --- - name: Step 003 - Create env key hosts: localhost connection: local gather_facts: false become: false tags: - step003 - generate_env_keys tasks: - name: Generate SSH keys shell: ssh-keygen -b 2048 -t rsa -f "{{output_dir}}/{{env_authorized_key}}" -q -N "" args: creates: "{{output_dir}}/{{env_authorized_key}}" when: set_env_authorized_key | bool - name: fix permission file: path: "{{output_dir}}/{{env_authorized_key}}" mode: 0400 when: set_env_authorized_key | bool - name: Generate SSH pub key shell: ssh-keygen -y -f "{{output_dir}}//{{env_authorized_key}}" > "{{output_dir}}/{{env_authorized_key}}.pub" args: creates: "{{output_dir}}/{{env_authorized_key}}.pub" when: set_env_authorized_key | bool # Cloudformation template or equivalent should tag all hosts with Project:{{ env_type }}-{{ guid }} - name: Configure all hosts with Repositories, Common Files and Set environment key hosts: - all:!windows become: true gather_facts: False tags: - step004 - common_tasks roles: - { role: "set-repositories", when: 'repo_method is defined' } - { role: "common", when: 'install_common | bool' } - { role: "set_env_authorized_key", when: 'set_env_authorized_key | bool' } - name: Configuring Bastion Hosts hosts: bastions become: true tags: - step004 - bastion_tasks roles: - { role: "bastion-lite", when: 'install_bastion | bool' } - { role: "bastion-student-user", when: 'install_student_user | bool' } - { role: "bastion-opentlc-ipa", when: 'install_ipa_client | bool' } - name: Configuring Ruby on Bastion Hosts hosts: bastions become: true gather_facts: False tasks: - when: (install_ruby | bool) or (install_3scale | bool) include_role: name: ruby vars: rvm1_rubies: ['ruby-2.6.3'] rvm1_install_flags: '--auto-dotfiles' # Remove --user-install from defaults rvm1_install_path: /usr/local/rvm # Set to system location rvm1_user: root # Need root account to access system location tags: - step004 - ruby_tasks - name: Configuring 3scale toolbox hosts: bastions become: true tags: - step004 - 3scale_toolbox_tasks roles: - { role: "bastion-3scale", when: 'install_3scale | bool' } - name: PreSoftware flight-check hosts: localhost connection: local gather_facts: false become: false tags: - flight_check tasks: - debug: msg: "Pre-Software checks completed successfully" ansible/configs/amq-messaging-foundations/requirements-ruby.yml
New file @@ -0,0 +1,6 @@ --- # External role to setup RVM and Ruby - src: rvm.ruby name: ruby version: v2.1.2 ansible/configs/amq-messaging-foundations/requirements.yml
New file @@ -0,0 +1,6 @@ --- # External role to setup grader host virtualenv and FTL grading infra - src: https://github.com/redhat-gpte-devopsautomation/ftl-injector name: ftl-injector version: v0.17.0 ansible/configs/amq-messaging-foundations/sample_vars
New file @@ -0,0 +1,14 @@ env_type: amq-messaging-foundations # Name of config to deploy output_dir: /opt/workdir # Writable working scratch directory email: name@example.com # User info for notifications guid: test01 # Unique string used in FQDN subdomain_base_suffix: .example.opentlc.com # Your domain used in FQDN # Cloud specfic settings - example given here for AWS cloud_provider: ec2 # Which AgnosticD Cloud Provider to use aws_region: us-west-1 # AWS Region to deploy in HostedZoneId: Z3IHLWJZOU9SRT # You will need to change this key_name: ocpkey # Keyname must exist in AWS software_to_deploy: none ansible/configs/amq-messaging-foundations/software.yml
New file @@ -0,0 +1,28 @@ --- - name: Step 00xxxxx software hosts: localhost gather_facts: False become: false tasks: - debug: msg: "Software tasks started" - name: Set up ClientVM hosts: bastions gather_facts: false become: true tasks: - name: Set up Client VM for AMQ messaging foundations include_role: name: "amq-client-vm" - name: Software flight-check hosts: localhost connection: local gather_facts: false become: false tags: - post_flight_check tasks: - debug: msg: "Software checks completed successfully" ansible/configs/amq-messaging-foundations/software.yml~
New file @@ -0,0 +1,28 @@ --- - name: Step 00xxxxx software hosts: localhost gather_facts: False become: false tasks: - debug: msg: "Software tasks started" - name: Set up ClientVM hosts: bastions gather_facts: false become: true tasks: - name: Set up Client VM for OCP 3 include_role: name: "ocp-client-vm" - name: Software flight-check hosts: localhost connection: local gather_facts: false become: false tags: - post_flight_check tasks: - debug: msg: "Software checks completed successfully" ansible/roles/amq-client-vm/README.md
New file @@ -0,0 +1,56 @@ Role Name ========= A brief description of the role goes here. Requirements ------------ Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. Role Variables -------------- A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. Dependencies ------------ A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. Example Playbook ---------------- Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - hosts: servers roles: - { role: username.rolename, x: 42 } License ------- BSD Author Information ------------------ An optional section for the role authors to include contact information, or a website (HTML is not allowed). ---- HOST_GUID=dev39 TARGET_HOST="bastion.$HOST_GUID.openshift.opentlc.com" SSH_USERNAME="xxxx" SSH_PRIVATE_KEY="xxxx" WORKLOAD="ocp-client-vm" # a TARGET_HOST is specified in the command line, without using an inventory file ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ -e"ansible_ssh_private_key_file=~/.ssh/${SSH_PRIVATE_KEY}" \ -e"ansible_user=${SSH_USERNAME}" \ -e"ocp_workload=${WORKLOAD}" \ -e"ACTION=create" ---- ansible/roles/amq-client-vm/defaults/main.yml
New file @@ -0,0 +1,9 @@ # Software Version defaults ocp_clientvm_oc_version: '4.3.1' ocp_clientvm_odo_version: 'v1.1.0' ocp_clientvm_helm_version: 'v3.0.0' ocp_clientvm_tkn_version: '0.7.1' ocp_clientvm_kn_version: 'v0.12.0' ocp_clientvm_istioctl_version: '1.1.17' ocp_clientvm_maven_version: '3.6.3' ansible/roles/amq-client-vm/files/bash_profile
New file @@ -0,0 +1,11 @@ # .bash_profile # Get the aliases and functions if [ -f ~/.bashrc ]; then . ~/.bashrc fi # User specific environment and startup programs export PATH=$PATH:$HOME/bin:/usr/local/bin:/usr/local/maven/bin export GUID=`hostname | awk -F. '{print $2}'` ansible/roles/amq-client-vm/files/bashrc
New file @@ -0,0 +1,24 @@ # .bashrc # User specific aliases and functions alias rm='rm -i' alias cp='cp -i' alias mv='mv -i' alias ls='ls -F' alias ll='ls -lF' alias la='ls -aF' alias ge="oc get events --sort-by='{.lastTimestamp}'" # Source global definitions if [ -f /etc/bashrc ]; then . /etc/bashrc fi # Set up Bash Git Prompt if [ -f "$HOME/.bash-git-prompt/gitprompt.sh" ]; then GIT_PROMPT_THEME=Evermeet GIT_PROMPT_SHOW_CHANGED_FILES_COUNT=1 GIT_PROMPT_ONLY_IN_REPO=0 source "$HOME/.bash-git-prompt/gitprompt.sh" fi ansible/roles/amq-client-vm/tasks/main.yml
New file @@ -0,0 +1,205 @@ --- - name: Install Openshift AMQ messaging foundations yum: state: present name: - java-1.8.0-openjdk-devel - java-11-openjdk-devel - docker - python-websockify - qpid-dispatch-router - qpid-dispatch-tools - qpid-dispatch-console tags: - install_amq_client_vm_packages - name: Create docker group become: yes group: name: docker state: present - name: Create users group become: yes group: name: users state: present - when: - student_name is defined - student_name != '' name: Add user to docker and users groups become: yes user: name: "{{ student_name }}" append: yes groups: docker,users - name: Enable and Start Docker service: name: docker state: started enabled: yes - name: Get the OpenShift CLI for OCP 3 become: yes when: ocp_clientvm_oc_version is version_compare('4.0', '<') unarchive: src: "https://mirror.openshift.com/pub/openshift-v3/clients/{{ ocp_clientvm_oc_version }}/linux/oc.tar.gz" remote_src: yes dest: /usr/local/sbin mode: 0775 owner: root group: root - name: Get Command Line Tools for OpenShift 4 when: ocp_clientvm_oc_version is version_compare('4.0', '>=') block: - name: Get the OpenShift CLI for OCP 4 become: yes unarchive: src: "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/{{ ocp_clientvm_oc_version }}/openshift-client-linux-{{ ocp_clientvm_oc_version }}.tar.gz" remote_src: yes dest: /usr/local/sbin mode: 0775 owner: root group: root - name: Create OpenShift Bash completion file become: yes shell: /usr/local/sbin/oc completion bash >/etc/bash_completion.d/openshift - name: Create /usr/local/maven directory file: path: /usr/local/maven state: directory owner: root group: root mode: 0775 - name: Download and unarchive Maven Distribution unarchive: src: "https://gpte-public.s3.amazonaws.com/apache-maven-{{ ocp_clientvm_maven_version }}-bin.tar.gz" remote_src: yes dest: /usr/local/maven owner: root group: root extra_opts: - --strip=1 register: r_geturl retries: 5 delay: 20 until: r_geturl is succeeded tags: - install_openshift_client_vm_packages - name: Download jq-linux64 get_url: url: https://gpte-public.s3.amazonaws.com/jq-linux64 dest: /usr/local/sbin/jq mode: 0775 ignore_errors: true tags: - install_openshift_client_vm_packages - name: Install bash-git-prompt git: repo: https://github.com/magicmonty/bash-git-prompt.git dest: "{{ item }}/.bash-git-prompt" clone: yes loop: - "/root" - "/home/{{remote_user}}" - "/etc/skel" tags: - install_bash_customization - name: Change ownership of bash-git-prompt file: path: "{{ item.directory }}/.bash-git-prompt" owner: "{{ item.user }}" group: "{{ item.group }}" recurse: yes loop: - { directory: "/root", user: "root", group: "root" } - { directory: "/home/{{remote_user}}", user: "{{remote_user}}", group: "{{remote_user}}" } - { directory: "/etc/skel", user: "root", group: "root" } tags: - install_bash_customization - name: Install .bashrc copy: src: ../files/bashrc dest: "{{ item.directory }}/.bashrc" mode: 0644 owner: "{{ item.user }}" group: "{{ item.group }}" loop: - { directory: "/root", user: "root", group: "root" } - { directory: "/home/{{remote_user}}", user: "{{remote_user}}", group: "{{remote_user}}" } - { directory: "/etc/skel", user: "root", group: "root" } tags: - install_bash_customization - name: Install .bash_profile copy: src: ../files/bash_profile dest: "{{ item.directory }}/.bash_profile" mode: 0644 owner: "{{ item.user }}" group: "{{ item.group }}" loop: - { directory: "/root", user: "root", group: "root" } - { directory: "/home/{{remote_user}}", user: "{{remote_user}}", group: "{{remote_user}}" } - { directory: "/etc/skel", user: "root", group: "root" } tags: - install_bash_customization - name: Install everything for student user when: install_student_user|d(False)|bool block: - name: Install bash-git-prompt for lab-user git: repo: https://github.com/magicmonty/bash-git-prompt.git dest: "{{ item }}/.bash-git-prompt" clone: yes with_items: - "/home/lab-user" tags: - install_bash_customization - name: Change ownership of bash-git-prompt for lab-user file: path: "{{ item.directory }}/.bash-git-prompt" owner: "{{ item.user }}" group: "{{ item.group }}" recurse: yes loop: - { directory: "/home/lab-user", user: "lab-user", group: "users" } tags: - install_bash_customization - name: Install .bashrc for lab-user copy: src: ../files/bashrc dest: "{{ item.directory }}/.bashrc" mode: 0644 owner: "{{ item.user }}" group: "{{ item.group }}" loop: - { directory: "/home/lab-user", user: "lab-user", group: "users" } tags: - install_bash_customization - name: Install .bash_profile for lab-user copy: src: ../files/bash_profile dest: "{{ item.directory }}/.bash_profile" mode: 0644 owner: "{{ item.user }}" group: "{{ item.group }}" loop: - { directory: "/home/lab-user", user: "lab-user", group: "users" } tags: - install_bash_customization ansible/roles/amq-client-vm/tasks/main.yml~
New file @@ -0,0 +1,300 @@ --- - name: Install Openshift Client VM packages yum: state: present name: - java-1.8.0-openjdk-devel - java-11-openjdk-devel - docker - podman - skopeo - buildah tags: - install_openshift_client_vm_packages - name: Create docker group become: yes group: name: docker state: present - name: Create users group become: yes group: name: users state: present - when: - student_name is defined - student_name != '' name: Add user to docker and users groups become: yes user: name: "{{ student_name }}" append: yes groups: docker,users - name: Enable and Start Docker service: name: docker state: started enabled: yes - name: Get the OpenShift CLI for OCP 3 become: yes when: ocp_clientvm_oc_version is version_compare('4.0', '<') unarchive: src: "https://mirror.openshift.com/pub/openshift-v3/clients/{{ ocp_clientvm_oc_version }}/linux/oc.tar.gz" remote_src: yes dest: /usr/local/sbin mode: 0775 owner: root group: root - name: Get Command Line Tools for OpenShift 4 when: ocp_clientvm_oc_version is version_compare('4.0', '>=') block: - name: Get the OpenShift CLI for OCP 4 become: yes unarchive: src: "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/{{ ocp_clientvm_oc_version }}/openshift-client-linux-{{ ocp_clientvm_oc_version }}.tar.gz" remote_src: yes dest: /usr/local/sbin mode: 0775 owner: root group: root - name: Download OpenShift Do (odo) get_url: url: "https://mirror.openshift.com/pub/openshift-v4/clients/odo/{{ ocp_clientvm_odo_version }}/odo-linux-amd64" dest: /usr/local/sbin/odo owner: root group: root mode: 0775 ignore_errors: true tags: - install_openshift_client_vm_packages - name: Download OpenShift Helm 3 get_url: url: "https://mirror.openshift.com/pub/openshift-v4/clients/helm/{{ ocp_clientvm_helm_version }}/helm-linux-amd64" dest: /usr/local/sbin/helm owner: root group: root mode: 0775 ignore_errors: true tags: - install_openshift_client_vm_packages - name: Download Tekton CLI (tkn) unarchive: src: "https://github.com/tektoncd/cli/releases/download/v{{ ocp_clientvm_tkn_version }}/tkn_{{ ocp_clientvm_tkn_version }}_Linux_x86_64.tar.gz" remote_src: yes dest: /usr/local/sbin mode: 0775 owner: root group: root ignore_errors: true tags: - install_openshift_client_vm_packages - name: Download KNative CLI (kn) get_url: url: "https://github.com/knative/client/releases/download/{{ ocp_clientvm_kn_version }}/kn-linux-amd64" dest: /usr/local/sbin/kn owner: root group: root mode: 0775 ignore_errors: true tags: - install_openshift_client_vm_packages - name: Create OpenShift Bash completion file become: yes shell: /usr/local/sbin/oc completion bash >/etc/bash_completion.d/openshift - name: Install S2I Executable unarchive: src: https://github.com/openshift/source-to-image/releases/download/v1.2.0/source-to-image-v1.2.0-2a579ecd-linux-amd64.tar.gz remote_src: yes dest: /usr/local/sbin owner: root group: root mode: 0755 extra_opts: - --strip=1 ignore_errors: true - name: Get community istioctl utility get_url: url: "https://github.com/istio/istio/releases/download/{{ ocp_clientvm_istioctl_version }}/istio-{{ ocp_clientvm_istioctl_version }}-linux.tar.gz" dest: "/tmp/istio-{{ ocp_clientvm_istioctl_version }}-linux.tar.gz" register: r_geturl retries: 5 delay: 20 until: r_geturl is succeeded tags: - install_openshift_client_vm_packages - name: Unarchive file unarchive: remote_src: yes src: "/tmp/istio-{{ ocp_clientvm_istioctl_version }}-linux.tar.gz" dest: /tmp/ tags: - install_openshift_client_vm_packages - name: Move istioctl to /usr/local/sbin copy: remote_src: yes src: "/tmp/istio-{{ ocp_clientvm_istioctl_version }}/bin/istioctl" dest: /usr/local/sbin/istioctl group: root owner: root mode: 0755 tags: - install_openshift_client_vm_packages - name: Cleanup Temp Directory file: dest: "/tmp/istio-{{ ocp_clientvm_istioctl_version }}" state: absent tags: - install_openshift_client_vm_packages - name: Cleanup downloaded file file: dest: "/tmp/istio-{{ ocp_clientvm_istioctl_version }}-linux.tar.gz" state: absent tags: - install_openshift_client_vm_packages - name: Create /usr/local/maven directory file: path: /usr/local/maven state: directory owner: root group: root mode: 0775 - name: Download and unarchive Maven Distribution unarchive: src: "https://gpte-public.s3.amazonaws.com/apache-maven-{{ ocp_clientvm_maven_version }}-bin.tar.gz" remote_src: yes dest: /usr/local/maven owner: root group: root extra_opts: - --strip=1 register: r_geturl retries: 5 delay: 20 until: r_geturl is succeeded tags: - install_openshift_client_vm_packages - name: Download jq-linux64 get_url: url: https://gpte-public.s3.amazonaws.com/jq-linux64 dest: /usr/local/sbin/jq mode: 0775 ignore_errors: true tags: - install_openshift_client_vm_packages - name: Install bash-git-prompt git: repo: https://github.com/magicmonty/bash-git-prompt.git dest: "{{ item }}/.bash-git-prompt" clone: yes loop: - "/root" - "/home/{{remote_user}}" - "/etc/skel" tags: - install_bash_customization - name: Change ownership of bash-git-prompt file: path: "{{ item.directory }}/.bash-git-prompt" owner: "{{ item.user }}" group: "{{ item.group }}" recurse: yes loop: - { directory: "/root", user: "root", group: "root" } - { directory: "/home/{{remote_user}}", user: "{{remote_user}}", group: "{{remote_user}}" } - { directory: "/etc/skel", user: "root", group: "root" } tags: - install_bash_customization - name: Install .bashrc copy: src: ../files/bashrc dest: "{{ item.directory }}/.bashrc" mode: 0644 owner: "{{ item.user }}" group: "{{ item.group }}" loop: - { directory: "/root", user: "root", group: "root" } - { directory: "/home/{{remote_user}}", user: "{{remote_user}}", group: "{{remote_user}}" } - { directory: "/etc/skel", user: "root", group: "root" } tags: - install_bash_customization - name: Install .bash_profile copy: src: ../files/bash_profile dest: "{{ item.directory }}/.bash_profile" mode: 0644 owner: "{{ item.user }}" group: "{{ item.group }}" loop: - { directory: "/root", user: "root", group: "root" } - { directory: "/home/{{remote_user}}", user: "{{remote_user}}", group: "{{remote_user}}" } - { directory: "/etc/skel", user: "root", group: "root" } tags: - install_bash_customization - name: Install everything for student user when: install_student_user|d(False)|bool block: - name: Install bash-git-prompt for lab-user git: repo: https://github.com/magicmonty/bash-git-prompt.git dest: "{{ item }}/.bash-git-prompt" clone: yes with_items: - "/home/lab-user" tags: - install_bash_customization - name: Change ownership of bash-git-prompt for lab-user file: path: "{{ item.directory }}/.bash-git-prompt" owner: "{{ item.user }}" group: "{{ item.group }}" recurse: yes loop: - { directory: "/home/lab-user", user: "lab-user", group: "users" } tags: - install_bash_customization - name: Install .bashrc for lab-user copy: src: ../files/bashrc dest: "{{ item.directory }}/.bashrc" mode: 0644 owner: "{{ item.user }}" group: "{{ item.group }}" loop: - { directory: "/home/lab-user", user: "lab-user", group: "users" } tags: - install_bash_customization - name: Install .bash_profile for lab-user copy: src: ../files/bash_profile dest: "{{ item.directory }}/.bash_profile" mode: 0644 owner: "{{ item.user }}" group: "{{ item.group }}" loop: - { directory: "/home/lab-user", user: "lab-user", group: "users" } tags: - install_bash_customization