ansible/configs/ansible-tower/env_vars.yml | ●●●●● patch | view | raw | blame | history | |
ansible/configs/ansible-tower/files/cloud_providers/ec2_cloud_template.j2 | ●●●●● patch | view | raw | blame | history | |
ansible/configs/ansible-tower/files/hosts_template.j2 | ●●●●● patch | view | raw | blame | history | |
ansible/configs/ansible-tower/files/tower_template_inventory.j2 | ●●●●● patch | view | raw | blame | history | |
ansible/configs/ansible-tower/sample_vars.yml | ●●●●● patch | view | raw | blame | history | |
ansible/configs/ansible-tower/sample_vars_babylon.yml | ●●●●● patch | view | raw | blame | history | |
ansible/configs/ansible-tower/tower_workloads.yml | ●●●●● patch | view | raw | blame | history | |
ansible/configs/ansible-tower/tower_workloads_workaround.yml | ●●●●● patch | view | raw | blame | history | |
ansible/roles/tower-project-create/tasks/main.yml | ●●●●● patch | view | raw | blame | history |
ansible/configs/ansible-tower/env_vars.yml
@@ -425,24 +425,20 @@ tower_run: false default_workloads: # - tower-copy-ssh ###Specific to babylon and dark-tower project. - tower-license-injector - cleanup-tower-default - tower-settings-update - tower-pip-packages - tower-user-create - tower-org-create - tower-credential-create - tower-project-create - tower-inventory-create - tower-job-template-create - tower-babylon-job-runner # infra_workloads|: # - tower-settings-update # - tower-pip-packages # - tower-user-create # - tower-org-create # - tower-project-create # - tower-inventory-create # - tower-job-template-create #infra_workloads: # - tower-copy-ssh # - tower-license-injector # - cleanup-tower-default # - tower-settings-update # - tower-pip-packages # - tower-user-create # - tower-org-create # - tower-credential-create # - tower-project-create # - tower-inventory-create # - tower-job-template-create # - tower-babylon-job-runner ansible/configs/ansible-tower/files/cloud_providers/ec2_cloud_template.j2
@@ -307,6 +307,7 @@ {% endfor %} {% endfor %} {% if worker_instance_count > 0 %} {% for worker_region in target_regions %} {% for instance in instances_worker %} {% if instance['dns_loadbalancer'] | d(false) | bool @@ -465,7 +466,7 @@ {% endfor %} {% endfor %} {% endfor %} {% endif %} {% if secondary_stack is not defined %} Route53User: ansible/configs/ansible-tower/files/hosts_template.j2
@@ -8,7 +8,7 @@ support1.{{chomped_zone_internal_dns}} {% if target_regions is defined %} {% if worker_instance_count > 0 and target_regions is defined %} {%for i_region in target_regions %} [isolated_group_{{i_region.name}}] @@ -49,3 +49,11 @@ {% for host in groups['support'] %} {{ host }} {% endfor %} {% if worker_instance_count > 0 and target_regions is defined %} [workers] {% for host in groups['workers'] %} {{ host }} {% endfor %} {% endif %} ansible/configs/ansible-tower/files/tower_template_inventory.j2
File was deleted ansible/configs/ansible-tower/sample_vars.yml
@@ -1,16 +1,16 @@ --- cloudformation_retries: 0 ## Environment size bastion_instance_type: "t2.medium" # ## Environment size tower_instance_count: 1 support_instance_count: 1 tower_instance_type: "t2.medium" worker_instance_type: "t2.medium" support_instance_type: "t2.medium" root_filesystem_size: 20 #Size of the root filesystem # Env config basics env_type: ansble-tower # Name of config to deploy output_dir: /tmp # Writable working scratch directory env_type: ansible-tower # Name of config to deploy output_dir: /opt/workdir # Writable working scratch directory email: name@example.com # User info for notifications #guid: hwtest2 # Unique string used in FQDN @@ -24,17 +24,64 @@ # Cloud specfic settings - example given here for AWS cloud_provider: ec2 # Which AgnosticD Cloud Provider to use aws_region: ap-southeast-2 # AWS Region to deploy in aws_region: ap-southeast-2 HostedZoneId: Z3IHLWJZOU9SRT # You will need to change this key_name: ocpkey # Keyname must exist in AWS #Ansible Tower related vars tower_version: 3.5.0-1 # tower version you want to install region: apac # region can not be with special characters in case of isolated node group software_to_deploy: tower # Define tower to install tower or none to have only infra ready. worker: yes # Set yes to add isolated node group. worker_instance_count: 1 # Set 0 to not to provision worker(isolated) nodes. #### Worker Node for Isolated Node group # worker_instance_type: "t2.medium" worker_instance_count: 0 # Set 0 to not to provision worker(isolated) nodes. ## target_region for worker regions # target_regions: # - name: emea # - name: apac default_workloads: - tower-license-injector - cleanup-tower-default #infra_workloads: # - tower-copy-ssh ;;; specific to dark-tower # - tower-settings-update # - tower-pip-packages # - tower-user-create # - tower-org-create # - tower-credential-create # - tower-project-create # - tower-inventory-create # - tower-job-template-create # - tower-babylon-job-runner ### tower project roles tower_projects: - name: darktower-dev description: "babylon dev project" organization: "gpte" scm_url: "https://github.com/redhat-gpte-devopsautomation/dark-tower.git" #scm_type: #scm_credential: scm_branch: dev scm_update_on_launch: true tower_inventories: - name: empty-inventory-default description: "Empty inventory default" organization: gpte # instance_group: "" @@ -54,27 +101,73 @@ # "trial": true # } # accounts: #Define users you want to create. Set superuser: yes to make user system wide System Administrator # - user: test1 # password: changeme # email: babylon@example.com # firstname: test1 # lastname: one # superuser: yes # - user: test2 # password: changeme # email: babylon1@example.com # firstname: test2 # lastname: two tower_user_accounts: #Define users you want to create. Set superuser: yes to make user system wide System Administrator - user: babylon password: changeme email: babylon@example.com firstname: Baby lastname: Lon superuser: yes - user: babylon-viewer password: changeme email: babylon1@example.com firstname: Babylon lastname: Viewer # - user: test3 # - user: test4 # lastname: four # tower_organization: # - name: gpte # - name: BU target_regions: - name: na - name: emea - name: na tower_credentials: - name: babylon-tower-credential username: babylon password: changeme description: Babylon Tower Credential organization: gpte type: tower state: present host: localhost tower_organization: - name: gpte - name: BU tower_job_templates: - name: job-runner-dev description: "babylon job runner" job_type: run #vault_credential: project: darktower-dev playbook: job-runner.yml become: yes inventory: empty-inventory-default # Tower settings tower_setting_params: AWX_PROOT_BASE_PATH: "/tmp" AWX_PROOT_SHOW_PATHS: "'/var/lib/awx/projects/', '/tmp', '/var/lib/awx/.ssh/'" # List of virtual environment which will be created # restart of tower service is required # ansible-tower-service restart # https://docs.ansible.com/ansible-tower/latest/html/userguide/security.html tower_virtual_environment: - /var/lib/awx/venv/ansible # Path of Virtual Env for update tower_update_venv: /var/lib/awx/venv/ansible # Pip packages with version which needs to be updated for venv pip_requirements: - boto==2.49.0 - boto3==1.9.200 - awscli==1.16.210 - ansible-tower-cli==3.3.6 key_local_path: - "~/.ssh/{{key_name}}.pem" - "~/.ssh/opentlc_admin_backdoor.pem" ansible/configs/ansible-tower/sample_vars_babylon.yml
@@ -2,10 +2,10 @@ cloudformation_retries: 0 # ## Environment size # bastion_instance_type: "t2.medium" # tower_instance_type: "t2.medium" # worker_instance_type: "t2.medium" # support_instance_type: "t2.medium" tower_instance_count: 1 support_instance_count: 1 tower_instance_type: "t2.medium" support_instance_type: "t2.medium" root_filesystem_size: 20 #Size of the root filesystem # Env config basics @@ -24,18 +24,63 @@ # Cloud specfic settings - example given here for AWS cloud_provider: ec2 # Which AgnosticD Cloud Provider to use aws_region: ap-southeast-2 # AWS Region to deploy in aws_region: ap-southeast-2 HostedZoneId: Z3IHLWJZOU9SRT # You will need to change this key_name: ocpkey # Keyname must exist in AWS #Ansible Tower related vars tower_version: 3.5.0-1 # tower version you want to install region: apac # region can not be with special characters in case of isolated node group software_to_deploy: tower # Define tower to install tower or none to have only infra ready. tower_instance_count: 1 support_instance_count: 1 worker_instance_count: 1 # Set 0 to not to provision worker(isolated) nodes. #### Worker Node for Isolated Node group # worker_instance_type: "t2.medium" worker_instance_count: 0 # Set 0 to not to provision worker(isolated) nodes. ## target_region for worker regions # target_regions: # - name: emea # - name: apac default_workloads: - tower-license-injector - cleanup-tower-default infra_workloads: - tower-copy-ssh ## specific to dark-tower - tower-settings-update - tower-pip-packages - tower-user-create - tower-org-create - tower-credential-create - tower-project-create - tower-inventory-create - tower-job-template-create - tower-babylon-job-runner ### tower project roles tower_projects: - name: darktower-dev description: "babylon dev project" organization: "gpte" scm_url: "https://github.com/redhat-gpte-devopsautomation/dark-tower.git" #scm_type: #scm_credential: scm_branch: dev scm_update_on_launch: true tower_inventories: - name: empty-inventory-default description: "Empty inventory default" organization: gpte # instance_group: "" @@ -56,7 +101,6 @@ # "trial": true # } tower_user_accounts: #Define users you want to create. Set superuser: yes to make user system wide System Administrator - user: babylon password: changeme @@ -69,51 +113,10 @@ email: babylon1@example.com firstname: Babylon lastname: Viewer # - user: test3 # - user: test4 # lastname: four tower_organization: - name: gpte target_regions: - name: emea - name: apac ### tower project roles tower_projects: - name: darktower-dev description: "babylon dev project" organization: "gpte" scm_url: "https://github.com/redhat-gpte-devopsautomation/dark-tower.git" #scm_type: #scm_credential: scm_branch: dev scm_update_on_launch: false tower_inventories: - name: empty-inventory-emea description: emea organization: gpte instance_group: emea - name: empty-inventory-apac description: apac organization: gpte instance_group: apac - name: empty-inventory description: "Empty inventory" organization: gpte # instance_group: "" tower_job_templates: - name: job-runner-dev description: "babylon job runner dev" job_type: run #vault_credential: project: darktower-dev playbook: job-runner.yml inventory: empty-inventory become: yes tower_credentials: - name: babylon-tower-credential @@ -125,10 +128,24 @@ state: present host: localhost tower_organization: - name: gpte - name: BU tower_job_templates: - name: job-runner-dev description: "babylon job runner" job_type: run #vault_credential: project: darktower-dev playbook: job-runner.yml become: yes inventory: empty-inventory-default # Tower settings tower_setting_params: AWX_PROOT_BASE_PATH: "/tmp" AWX_PROOT_SHOW_PATHS: "'/var/lib/awx/projects/', '/tmp'" AWX_PROOT_SHOW_PATHS: "'/var/lib/awx/projects/', '/tmp', '/var/lib/awx/.ssh/'" # List of virtual environment which will be created # restart of tower service is required @@ -136,7 +153,9 @@ # https://docs.ansible.com/ansible-tower/latest/html/userguide/security.html tower_virtual_environment: - /var/lib/awx/venv/ansible - /var/lib/awx/venv/test1 # Path of Virtual Env for update tower_update_venv: /var/lib/awx/venv/ansible # Pip packages with version which needs to be updated for venv pip_requirements: @@ -146,20 +165,9 @@ - ansible-tower-cli==3.3.6 # Tower settings tower_setting_params: AWX_PROOT_BASE_PATH: "/tmp" AWX_PROOT_SHOW_PATHS: "'/var/lib/awx/projects/', '/tmp'" # List of virtual environment which will be created (WIP) # tower_virtual_environment: # - /var/lib/awx/venv/ansible # - /var/lib/awx/venv/test1 # Path of Virtual Env for update tower_update_venv: /var/lib/awx/venv/ansible key_local_path: - "~/.ssh/{{key_name}}.pem" - "~/.ssh/opentlc_admin_backdoor.pem" ansible/configs/ansible-tower/tower_workloads.yml
@@ -31,25 +31,20 @@ - name: Install tower-infra workloads when: - infra_workloads|d("")|length > 0 - infra_workloads | d("") | length > 0 tags: - infra_workloads - infra_workloads block: - name: Check if admin_user is set fail: msg: admin_user must be set for tower-infra workloads when: - not admin_user is defined or admin_user|length == 0 - name: Install tower-infra-workloads when: - infra_workloads|d("")|length >0 - infra_workloads | d("") | length >0 block: - name: Deploy tower-infra workloads include_role: name: "{{ workload_loop_var }}" vars: tower_username: admin ACTION: "provision" loop: "{{ infra_workloads.split(',')|list }}" tower_username: "admin" loop: "{{ infra_workloads }}" loop_control: loop_var: workload_loop_var ansible/configs/ansible-tower/tower_workloads_workaround.yml
File was deleted ansible/roles/tower-project-create/tasks/main.yml
@@ -16,4 +16,8 @@ loop: "{{ tower_projects }}" tags: - tower-project-create - name: sleep to update wait_for: timeout: 40 tags: - tower-project-create