diff options
Diffstat (limited to 'ansible')
-rwxr-xr-x | ansible/group_vars/all.yml | 5 | ||||
-rw-r--r-- | ansible/infrastructure.yml | 22 | ||||
-rw-r--r-- | ansible/roles/package-repository/defaults/main.yml | 2 | ||||
-rw-r--r-- | ansible/roles/package-repository/tasks/main.yml | 19 | ||||
-rw-r--r-- | ansible/roles/setup/defaults/main.yml | 3 | ||||
-rw-r--r-- | ansible/roles/setup/tasks/main.yml | 30 | ||||
-rw-r--r-- | ansible/setup.yml | 28 |
7 files changed, 61 insertions, 48 deletions
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index cd8c7f58..8e81d7f0 100755 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -59,9 +59,8 @@ certificates: # Default value is to allow redeploy redeploy_k8s_env: yes -# Distribute offline rpm repository -# Default value is to distribute rpm -deploy_rpm_repository: yes +# Distribute offline software package (rpm,apt) repository +deploy_package_repository: yes # Offline solution is deploying app specific rpm repository and requires some name # also for k8s cluster diff --git a/ansible/infrastructure.yml b/ansible/infrastructure.yml index a0bc7011..7d75dc77 100644 --- a/ansible/infrastructure.yml +++ b/ansible/infrastructure.yml @@ -1,28 +1,8 @@ --- - name: Perform common environment setup for nodes hosts: infrastructure, kubernetes - tasks: - - name: Setup resolv.conf - lineinfile: - line: "nameserver {{ hostvars[groups.infrastructure[0]].cluster_ip }}" - path: /etc/resolv.conf - state: present - insertbefore: BOF - become: yes - - name: Add application offline rpm repository - yum_repository: - name: "{{ app_name }}" - file: "{{ app_name | lower }}" - description: "{{ app_name }} offline repository" - baseurl: "{{ 'http://repo.infra-server/rhel' if 'infrastructure' not in group_names else 'file://' + app_data_path + '/pkg/rhel' }}" - gpgcheck: no - enabled: yes - when: deploy_rpm_repository - become: yes - -- name: Setup firewall - hosts: infrastructure, kubernetes roles: + - package-repository - role: firewall - name: Setup infrastructure servers diff --git a/ansible/roles/package-repository/defaults/main.yml b/ansible/roles/package-repository/defaults/main.yml new file mode 100644 index 00000000..ea5796df --- /dev/null +++ b/ansible/roles/package-repository/defaults/main.yml @@ -0,0 +1,2 @@ +--- +deploy_package_repository: true diff --git a/ansible/roles/package-repository/tasks/main.yml b/ansible/roles/package-repository/tasks/main.yml new file mode 100644 index 00000000..686310e4 --- /dev/null +++ b/ansible/roles/package-repository/tasks/main.yml @@ -0,0 +1,19 @@ +--- +- name: Setup resolv.conf for node to find package repository by name from infra + lineinfile: + line: "nameserver {{ hostvars[groups.infrastructure[0]].cluster_ip }}" + path: /etc/resolv.conf + state: present + insertbefore: BOF + become: true + +- name: Add application offline package repository + yum_repository: + name: "{{ app_name }}" + file: "{{ app_name | lower }}" + description: "{{ app_name | upper }} offline repository" + baseurl: "{{ 'http://repo.infra-server/rhel' if 'infrastructure' not in group_names else 'file://' + app_data_path + '/pkg/rhel' }}" + gpgcheck: false + enabled: true + when: deploy_package_repository + become: true diff --git a/ansible/roles/setup/defaults/main.yml b/ansible/roles/setup/defaults/main.yml new file mode 100644 index 00000000..e7e89721 --- /dev/null +++ b/ansible/roles/setup/defaults/main.yml @@ -0,0 +1,3 @@ +--- +ssh_dir: ~/.ssh +offline_ssh_key_file_name: offline_ssh_key
\ No newline at end of file diff --git a/ansible/roles/setup/tasks/main.yml b/ansible/roles/setup/tasks/main.yml new file mode 100644 index 00000000..5ffcbab9 --- /dev/null +++ b/ansible/roles/setup/tasks/main.yml @@ -0,0 +1,30 @@ +--- +- name: "Check and generate key if needed" + block: + - name: ssh dir + file: + path: "{{ ssh_dir }}" + state: directory + mode: 0700 + + - name: check ssh pub key exists + stat: + path: '{{ private_key }}.pub' + register: p + + - name: generate ssh keys + command: ssh-keygen -f {{ private_key }} -t rsa -N '' + when: not p.stat.exists + vars: + private_key: "{{ ssh_dir }}/{{ offline_ssh_key_file_name }}" + delegate_to: localhost + run_once: true + +- name: Setup authorized_keys file + authorized_key: + user: root + state: present + key: "{{ lookup('file', public_key) }}" + become: true + vars: + public_key: "{{ ssh_dir }}/{{ offline_ssh_key_file_name }}.pub" diff --git a/ansible/setup.yml b/ansible/setup.yml index ec572973..9e4f051d 100644 --- a/ansible/setup.yml +++ b/ansible/setup.yml @@ -1,26 +1,6 @@ --- -- hosts: localhost +- name: Setup nodes for installer + hosts: all gather_facts: false - tasks: - - name: "Check and generate key if needed" - block: - - stat: - path: '{{ private_key }}.pub' - register: p - - - command: ssh-keygen -f {{ private_key }} -t rsa -N '' - when: not p.stat.exists - vars: - private_key: /root/.ssh/offline_ssh_key - -- hosts: all - gather_facts: false - tasks: - - name: Setup authorized_keys file - authorized_key: - user: root - state: present - key: "{{ lookup('file', public_key) }}" - become: true - vars: - public_key: /root/.ssh/offline_ssh_key.pub + roles: + - setup |