diff --git a/OpenShift-Lab-Ansible-Playbook/.gitignore b/OpenShift-Lab-Ansible-Playbook/.gitignore deleted file mode 100644 index 7a0299c..0000000 --- a/OpenShift-Lab-Ansible-Playbook/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -admin.pub -site.retry diff --git a/OpenShift-Lab-Ansible-Playbook/LICENSE b/OpenShift-Lab-Ansible-Playbook/LICENSE deleted file mode 100644 index 3153fe0..0000000 --- a/OpenShift-Lab-Ansible-Playbook/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2016 Nicolas MASSE - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/OpenShift-Lab-Ansible-Playbook/README.md b/OpenShift-Lab-Ansible-Playbook/README.md index 88e6e14..d343d8f 100644 --- a/OpenShift-Lab-Ansible-Playbook/README.md +++ b/OpenShift-Lab-Ansible-Playbook/README.md @@ -1,15 +1,3 @@ -# OpenShift-Lab-Ansible-Playbook -This project is the Ansible Playbook to install OpenShift in a Lab Environment. += MOVED -## Preparation work - -1. Edit group_vars/lab and change all passwords and DNS names (search for "changeme") -2. Edit hosts-lab to target your Virtual Machines - -## Installation - -‘‘‘ -./ansible bootstrap master1.openshift.test node1.openshift.test node2.openshift.test nodeinfra1.openshift.test admin.openshift.test -./ansible play -./ansible run nodes "uptime -p" -’’’ +The OpenShift Playbooks moved to https://github.com/nmasse-itix/OpenShift-Lab diff --git a/OpenShift-Lab-Ansible-Playbook/ansible b/OpenShift-Lab-Ansible-Playbook/ansible deleted file mode 100755 index 52f5120..0000000 --- a/OpenShift-Lab-Ansible-Playbook/ansible +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -options="" -ssh_key="$HOME/.ssh/id_rsa" -user="root" -inventory="lab" - -# Export our base directory so that any script launched localy can refer to it -BASEDIR="$(dirname $0)" -BASEDIR="$(python -c 'import os.path; import sys; print os.path.abspath(sys.argv[1])' "$BASEDIR")" -export BASEDIR - -target="$1" -shift -case "$target" in - "") - echo "No target specified. Please specify an inventory or 'bootstrap' !" - exit 1 - ;; - - "bootstrap") - if [ -z "$1" ]; then - echo "Please specify the target host !" - exit 1 - fi - echo "Bootstraping $@..." - echo - echo -n "Please enter the initial $user password: " - read -s password - echo - if [ -z "$RHN_LOGIN" ]; then - echo -n "Please enter your RHN login: " - read rhn_login - export RHN_LOGIN="$rhn_login" - fi - if [ -z "$RHN_PASSWORD" ]; then - echo -n "Please enter your RHN password: " - read -s rhn_password - export RHN_PASSWORD="$rhn_password" - fi - if [ -z "$RHN_POOLID" ]; then - echo -n "Please enter your RHN Pool ID: " - read rhn_poolid - export RHN_POOLID="$rhn_poolid" - fi - echo - echo - for host; do - echo "Connecting to $host to register the SSH Host Key !" - LC_ALL=C sshpass -p "$password" ssh -i $ssh_key -o StrictHostKeyChecking=no "$user@$host" /bin/true - done - auth="" - if [ -n "$password" ]; then - auth="ansible_ssh_pass=$password" - else - auth="ansible_ssh_private_key_file=$ssh_key" - fi - echo "[$target]" > "./hosts-$target" - for host; do - echo -e "$host ansible_ssh_user=$user $auth" - done >> "./hosts-$target" - - ansible-playbook -i "./hosts-$target" $options site.yml - - rm -f "./hosts-$target" - ;; - "play") - ansible-playbook -i "./hosts-$inventory" $options "$@" site.yml - ;; - "run") - group="$1" - cmd="$2" - - ansible "$group" -i "./hosts-$inventory" -a "$cmd" - ;; - *) - echo "Usage: $0 {bootstrap|run} [options]" - exit 1 - ;; -esac diff --git a/OpenShift-Lab-Ansible-Playbook/group_vars/all b/OpenShift-Lab-Ansible-Playbook/group_vars/all deleted file mode 100644 index 5768d69..0000000 --- a/OpenShift-Lab-Ansible-Playbook/group_vars/all +++ /dev/null @@ -1,7 +0,0 @@ ---- - timezone: Europe/Paris - ansible_python_interpreter: /usr/bin/python2 - ansible_ssh_user: redhat - ansible_ssh_private_key_file: "{{ lookup('env','HOME') }}/.ssh/id_rsa" - ansible_ssh_public_key: "{{ lookup('file', ansible_ssh_private_key_file + '.pub' ) }}" - ansible_connection: ssh diff --git a/OpenShift-Lab-Ansible-Playbook/group_vars/lab b/OpenShift-Lab-Ansible-Playbook/group_vars/lab deleted file mode 100644 index fcc2605..0000000 --- a/OpenShift-Lab-Ansible-Playbook/group_vars/lab +++ /dev/null @@ -1,5 +0,0 @@ ---- - openshift_cluster_dns: app.openshift.test - dns_suffix: openshift.test - openshift_version: 3.4 - router_stats_password: redhat diff --git a/OpenShift-Lab-Ansible-Playbook/hosts-lab b/OpenShift-Lab-Ansible-Playbook/hosts-lab deleted file mode 100644 index 84ea83e..0000000 --- a/OpenShift-Lab-Ansible-Playbook/hosts-lab +++ /dev/null @@ -1,17 +0,0 @@ -[lab] -master1.openshift.test -nodeinfra1.openshift.test -node1.openshift.test -node2.openshift.test -admin.openshift.test - -[admin] -admin.openshift.test - -[nodes] -nodeinfra1.openshift.test onlyforinfra=1 region=infra zone=infranodes -node1.openshift.test region=primary zone=east -node2.openshift.test region=primary zone=west - -[masters] -master1.openshift.test region=infra diff --git a/OpenShift-Lab-Ansible-Playbook/roles/base/handlers/main.yml b/OpenShift-Lab-Ansible-Playbook/roles/base/handlers/main.yml deleted file mode 100644 index 244c473..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/base/handlers/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - - - name: restart sshd - service: name=sshd state=reloaded - - - name: update hostname - command: hostname {{ inventory_hostname_short }} diff --git a/OpenShift-Lab-Ansible-Playbook/roles/base/tasks/main.yml b/OpenShift-Lab-Ansible-Playbook/roles/base/tasks/main.yml deleted file mode 100644 index d43142c..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/base/tasks/main.yml +++ /dev/null @@ -1,94 +0,0 @@ ---- - - name: This module has only been tested on RHEL 7.3 x64 - assert: - that: - - "ansible_userspace_bits == '64'" - - "ansible_os_family == 'RedHat'" - - "ansible_distribution_version == '7.3'" - - - name: Tell SSHD not to use DNS - lineinfile: dest=/etc/ssh/sshd_config regexp="^#* *UseDNS +" line="UseDNS no" - notify: restart sshd - tags: config - - - name: Tell SSHD to forbid root accesses - lineinfile: dest=/etc/ssh/sshd_config regexp="^#* *PermitRootLogin +" line="PermitRootLogin no" - notify: restart sshd - tags: config - - - name: Tell SSHD to forbid password accesses - lineinfile: dest=/etc/ssh/sshd_config regexp="^#* *PasswordAuthentication +" line="PasswordAuthentication no" - notify: restart sshd - tags: config - - - name: Install VIM - yum: name=vim-enhanced state=installed - - - name: Install Open-VM tools - yum: name=open-vm-tools state=installed - - - name: Install Screen - yum: name=screen state=installed - - - name: Install unzip - yum: name=unzip state=installed - - - name: Install tcpdump - yum: name=tcpdump state=installed - - - name: Install telnet - yum: name=telnet state=installed - - - name: Install strace - yum: name=strace state=installed - - - name: Install man-pages - yum: name=man-pages state=installed - - - name: Install man - yum: name=man state=installed - - - name: Install iptraf - yum: name=iptraf state=installed - - - name: Install wget - yum: name=wget state=installed - - - name: Fix /etc/environment to include PATH - lineinfile: dest=/etc/environment regexp="^PATH=" line="PATH=/bin:/usr/bin:/sbin:/usr/sbin" - tags: config - - - name: Persist the hostname - lineinfile: dest=/etc/sysconfig/network regexp="^HOSTNAME=" line="HOSTNAME={{ inventory_hostname_short }}" - notify: update hostname - tags: - - config - - dns - - - name: Set the hostname - command: hostnamectl set-hostname {{ inventory_hostname_short }} --static - tags: - - config - - dns - - - name: Edit /etc/hosts - template: src=etc_hosts dest=/etc/hosts owner=root group=root mode=0644 - tags: - - config - - dns - - - name: Ensure consistent locale across systems (1/2) - lineinfile: dest=/etc/locale.conf regexp="^LANG=" line="LANG=en_US.utf8" - - - name: Ensure consistent locale across systems (2/2) - lineinfile: dest=/etc/locale.conf line="LC_CTYPE=en_US.utf8" - - - name: Install the OpenSSH clients - yum: name=openssh-clients state=installed - - - name: Install the custom banner script - template: src=rc.local dest=/usr/local/etc/rc.local mode=0755 - tags: config - - - name: Run the custom banner script at startup - lineinfile: dest=/etc/rc.d/rc.local line="/usr/local/etc/rc.local" state=present insertafter=EOF diff --git a/OpenShift-Lab-Ansible-Playbook/roles/base/templates/etc_hostname b/OpenShift-Lab-Ansible-Playbook/roles/base/templates/etc_hostname deleted file mode 100644 index 68fd234..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/base/templates/etc_hostname +++ /dev/null @@ -1 +0,0 @@ -{{ inventory_hostname_short }} diff --git a/OpenShift-Lab-Ansible-Playbook/roles/base/templates/etc_hosts b/OpenShift-Lab-Ansible-Playbook/roles/base/templates/etc_hosts deleted file mode 100644 index c2d3458..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/base/templates/etc_hosts +++ /dev/null @@ -1,13 +0,0 @@ -# {{ ansible_managed }} -# -# /etc/hosts: static lookup table for host names -# - -# -127.0.0.1 localhost.localdomain localhost - -# This is a requirement from the OpenShift installer -{{ ansible_default_ipv4['address'] }} {{ inventory_hostname }} {{ inventory_hostname_short }} - - -# End of file diff --git a/OpenShift-Lab-Ansible-Playbook/roles/base/templates/ifcfg-ethX b/OpenShift-Lab-Ansible-Playbook/roles/base/templates/ifcfg-ethX deleted file mode 100644 index ff3dc7e..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/base/templates/ifcfg-ethX +++ /dev/null @@ -1,15 +0,0 @@ -DEVICE={{ item }} -TYPE=Ethernet -ONBOOT=yes -BOOTPROTO=dhcp -USERCTL=no -PEERDNS=yes -IPV6INIT=no -DHCP_HOSTNAME={{ shortname }} - -## Static configuration sample. -## Gateway to be configured in /etc/sysconfig/network. -## -# BOOTPROTO=static -# IPADDR=192.168.38.179 -# NETMASK=255.255.255.0 diff --git a/OpenShift-Lab-Ansible-Playbook/roles/base/templates/local.repo b/OpenShift-Lab-Ansible-Playbook/roles/base/templates/local.repo deleted file mode 100644 index 397ccef..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/base/templates/local.repo +++ /dev/null @@ -1,5 +0,0 @@ -[localrepo] -name=Demo Local Repository -baseurl=file://{{ sources_dir }}/rpms -enabled=1 -gpgcheck=0 diff --git a/OpenShift-Lab-Ansible-Playbook/roles/base/templates/rc.local b/OpenShift-Lab-Ansible-Playbook/roles/base/templates/rc.local deleted file mode 100644 index 91d2654..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/base/templates/rc.local +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -sed -ri 's/^(eth[0-9]: .*|)$//g; T; d' /etc/issue -echo >> /etc/issue -ip addr show scope global |sed -r 's/^.*inet ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\/[0-9]+ brd .* (eth[0-9])$/\2: \1/g; t; d' >> /etc/issue -echo >> /etc/issue diff --git a/OpenShift-Lab-Ansible-Playbook/roles/bootstrap/tasks/main.yml b/OpenShift-Lab-Ansible-Playbook/roles/bootstrap/tasks/main.yml deleted file mode 100644 index aea1ef2..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/bootstrap/tasks/main.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- - - - name: This module has only been tested on RHEL and CentOS - assert: - that: - - "ansible_os_family == 'RedHat' or ansible_os_family == 'CentOS'" - - - name: Create user RedHat - user: name=redhat group=users groups=users,wheel state=present comment="RedHat privileged user" password="*" - tags: - - bootstrap - - user - - - name: Set SSH key for root - authorized_key: user=root key="{{ ansible_ssh_public_key }}" manage_dir=yes - tags: - - bootstrap - - user - - - name: Set SSH key for user RedHat - authorized_key: user=redhat key="{{ ansible_ssh_public_key }}" manage_dir=yes - tags: - - bootstrap - - user - - - name: Configure SUDO - template: src=sudoers dest=/etc/sudoers owner=root group=root mode=0440 validate="/usr/sbin/visudo -cf %s" - tags: - - bootstrap - - config diff --git a/OpenShift-Lab-Ansible-Playbook/roles/bootstrap/templates/sudoers b/OpenShift-Lab-Ansible-Playbook/roles/bootstrap/templates/sudoers deleted file mode 100644 index 697aecc..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/bootstrap/templates/sudoers +++ /dev/null @@ -1,3 +0,0 @@ -# {{ ansible_managed }} -%wheel ALL=(ALL) NOPASSWD: ALL -root ALL=(ALL) NOPASSWD: ALL diff --git a/OpenShift-Lab-Ansible-Playbook/roles/docker/tasks/main.yml b/OpenShift-Lab-Ansible-Playbook/roles/docker/tasks/main.yml deleted file mode 100644 index 8f820f4..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/docker/tasks/main.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- - - - name: Install Docker - yum: name=docker state=installed - tags: rpm - - - name: Enable insecure registries - lineinfile: state=present dest=/etc/sysconfig/docker regexp="^INSECURE_REGISTRY=" line="INSECURE_REGISTRY='--insecure-registry 172.30.0.0/16'" insertafter="^# INSECURE_REGISTRY=" - -# -# TODO : On the master nodes only ? -# - - - name: Check if sdb is empty - command: sfdisk -d /dev/sdb - register: sfdisk - failed_when: sfdisk.stdout != "" or sfdisk.stderr != "" # sdb is empty - tags: storage - - - name: Configure docker-storage-setup - template: dest=/etc/sysconfig/docker-storage-setup src=docker-storage-setup - tags: storage - - - name: Run docker-storage-setup - command: docker-storage-setup - tags: storage - - - name: Start Docker - service: name=docker state=started enabled=yes diff --git a/OpenShift-Lab-Ansible-Playbook/roles/docker/templates/docker-storage-setup b/OpenShift-Lab-Ansible-Playbook/roles/docker/templates/docker-storage-setup deleted file mode 100644 index 70c3e8e..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/docker/templates/docker-storage-setup +++ /dev/null @@ -1,4 +0,0 @@ -STORAGE_DRIVER=devicemapper -CONTAINER_THINPOOL=docker-lv1 -DEVS=/dev/sdb -VG=docker diff --git a/OpenShift-Lab-Ansible-Playbook/roles/docker/templates/sdb-partitions b/OpenShift-Lab-Ansible-Playbook/roles/docker/templates/sdb-partitions deleted file mode 100644 index 22b40e2..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/docker/templates/sdb-partitions +++ /dev/null @@ -1,7 +0,0 @@ -label: dos -unit: sectors - -start= 2048, size= 41940992, Id=8e -start= 0, size= 0, Id= 0 -start= 0, size= 0, Id= 0 -start= 0, size= 0, Id= 0 diff --git a/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/tasks/main.yml b/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/tasks/main.yml deleted file mode 100644 index 326af73..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/tasks/main.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- - - - name: Install dnsmasq - yum: name=dnsmasq state=installed - when: "'admin' in group_names" # Only on admin server - tags: rpm - - - name: Set dnsmasq config - template: src=dnsmasq.conf dest=/etc/dnsmasq.conf - when: "'admin' in group_names" # Only on admin server - tags: config - - - name: Generate an /etc/hosts with all hosts - template: dest=/etc/hosts.dnsmasq src=hosts - when: "'admin' in group_names" # Only on admin server - tags: config - - - name: Make sure dnsmasq daemon is enabled and started - service: name=dnsmasq state=started enabled=yes - when: "'admin' in group_names" # Only on admin server - tags: config - - - name: Add an iptable rule to allow DNS queries from other hosts - lineinfile: dest=/etc/sysconfig/iptables line="-A INPUT -p udp --dport 53 -j ACCEPT" insertafter="-A INPUT -i lo -j ACCEPT" - when: "'admin' in group_names" # Only on admin server - tags: iptables - - - name: Restart iptables - service: name=iptables enabled=yes state=restarted - when: "'admin' in group_names" # Only on admin server - tags: iptables - - - name: Fix the /etc/resolv.conf of other hosts - template: dest=/etc/resolv.conf src=resolv.conf - when: "'admin' not in group_names" # On all other nodes - tags: config diff --git a/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/templates/dnsmasq.conf b/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/templates/dnsmasq.conf deleted file mode 100644 index 5200eef..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/templates/dnsmasq.conf +++ /dev/null @@ -1,28 +0,0 @@ -# {{ ansible_managed }} - -domain-needed -bogus-priv -expand-hosts -log-queries -local-ttl=60 - -# Do not read the default /etc/hosts -no-hosts - -# But read this one... -addn-hosts=/etc/hosts.dnsmasq - -# Default suffix for all machines -domain={{ dns_suffix }} - -# -# Wildcard DNS entries (see openshift_cluster_dns variable) -# -# note: will generate something like this : -# address=/app.openshift.test/192.168.23.20 -# -{% for item in groups['nodes'] %} -{% if 'onlyforinfra' in hostvars[item] %} -address=/{{openshift_cluster_dns}}/{{ hostvars[item]['ansible_default_ipv4']['address'] }} -{% endif %} -{% endfor %} diff --git a/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/templates/hosts b/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/templates/hosts deleted file mode 100644 index 52b6417..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/templates/hosts +++ /dev/null @@ -1,5 +0,0 @@ -# {{ ansible_managed }} - -{% for item in groups['lab'] %} -{{ hostvars[item]['ansible_default_ipv4']['address'] }} {{ hostvars[item]['inventory_hostname']}} {{ hostvars[item]['inventory_hostname_short']}} -{% endfor %} diff --git a/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/templates/resolv.conf b/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/templates/resolv.conf deleted file mode 100644 index 755fce8..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/name-resolution/templates/resolv.conf +++ /dev/null @@ -1,4 +0,0 @@ -search {{ dns_suffix }} -{% for item in groups['admin'] %} -nameserver {{ hostvars[item]['ansible_default_ipv4']['address'] }} -{% endfor %} diff --git a/OpenShift-Lab-Ansible-Playbook/roles/nfs/tasks/main.yml b/OpenShift-Lab-Ansible-Playbook/roles/nfs/tasks/main.yml deleted file mode 100644 index 0b10c39..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/nfs/tasks/main.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- - - - name: Make sure nfs-utils is installed - yum: name=nfs-utils state=installed - - - name: set virt_use_nfs to 1 - command: setsebool -P virt_use_nfs 1 - - - name: Create a directory for NFS storage - file: path=/openshift-storage state=directory owner=nfsnobody group=nfsnobody mode=0777 - - - name: Fill /etc/exports - template: dest=/etc/exports src=exports - - - name: Start nfs-server - service: name=nfs-server state=started enabled=yes - - - name: Add an iptable rule to allow port 2049 (tcp) from other hosts - lineinfile: dest=/etc/sysconfig/iptables regexp="^-A INPUT -p tcp .*--dport 2049" line="-A INPUT -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT" insertafter="-A INPUT -i lo -j ACCEPT" - tags: iptables - - - name: Add an iptable rule to allow port 2049 (udp) from other hosts - lineinfile: dest=/etc/sysconfig/iptables line="-A INPUT -p udp --dport 2049 -j ACCEPT" insertafter="-A INPUT -i lo -j ACCEPT" - tags: iptables - - - name: Add an iptable rule to allow port 111 (tcp) from other hosts - lineinfile: dest=/etc/sysconfig/iptables regexp="^-A INPUT -p tcp .*--dport 111" line="-A INPUT -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT" insertafter="-A INPUT -i lo -j ACCEPT" - tags: iptables - - - name: Add an iptable rule to allow port 111 (udp) from other hosts - lineinfile: dest=/etc/sysconfig/iptables line="-A INPUT -p udp --dport 111 -j ACCEPT" insertafter="-A INPUT -i lo -j ACCEPT" - tags: iptables - - - name: Restart iptables - service: name=iptables enabled=yes state=restarted - tags: iptables diff --git a/OpenShift-Lab-Ansible-Playbook/roles/nfs/templates/exports b/OpenShift-Lab-Ansible-Playbook/roles/nfs/templates/exports deleted file mode 100644 index 715e2d7..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/nfs/templates/exports +++ /dev/null @@ -1 +0,0 @@ -/openshift-storage *(rw,all_squash) diff --git a/OpenShift-Lab-Ansible-Playbook/roles/openshift-install/tasks/main.yml b/OpenShift-Lab-Ansible-Playbook/roles/openshift-install/tasks/main.yml deleted file mode 100644 index 7b7a7c1..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/openshift-install/tasks/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - - - name: Fill-in the ansible inventory file on the admin server - template: src=ansible-hosts dest=/etc/ansible/hosts - - - name: Run the OpenShift installation playbook - fail: msg="run 'ansible-playbook /usr/share/ansible/openshift-ansible/playbooks/byo/config.yml' on the admin node" diff --git a/OpenShift-Lab-Ansible-Playbook/roles/openshift-install/templates/ansible-hosts b/OpenShift-Lab-Ansible-Playbook/roles/openshift-install/templates/ansible-hosts deleted file mode 100644 index 5984d18..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/openshift-install/templates/ansible-hosts +++ /dev/null @@ -1,55 +0,0 @@ -[OSEv3:children] -masters -nodes -nfs - -[OSEv3:vars] -ansible_ssh_user=redhat -ansible_become=yes # Use SUDO -deployment_type=openshift-enterprise -openshift_release={{ openshift_version }} - -openshift_master_cluster_method=native -openshift_master_cluster_hostname={{ hostvars[groups['masters'][0]]['inventory_hostname'] }} -openshift_master_cluster_public_hostname={{ hostvars[groups['masters'][0]]['inventory_hostname'] }} - -os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant' - -openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}] -#openshift_master_htpasswd_users={'andrew': '$apr1$cHkRDw5u$eU/ENgeCdo/ADmHF7SZhP/', 'marina': '$apr1$cHkRDw5u$eU/ENgeCdo/ADmHF7SZhP/' - -# default project node selector -osm_default_node_selector='region=primary' -openshift_hosted_router_selector='region=infra' -openshift_hosted_router_replicas=1 -#openshift_hosted_router_certificate={"certfile": "/path/to/router.crt", "keyfile": "/path/to/router.key", "cafile": "/path/to/router-ca.crt"} -openshift_hosted_registry_selector='region=infra' -openshift_hosted_registry_replicas=1 - -openshift_master_default_subdomain={{ openshift_cluster_dns }} - -#openshift_use_dnsmasq=False -#openshift_node_dnsmasq_additional_config_file=/home/bob/ose-dnsmasq.conf - -openshift_hosted_registry_storage_kind=nfs -openshift_hosted_registry_storage_access_modes=['ReadWriteMany'] -openshift_hosted_registry_storage_host={{ hostvars[groups['admin'][0]]['inventory_hostname'] }} -openshift_hosted_registry_storage_nfs_directory=/openshift-storage -openshift_hosted_registry_storage_volume_name=registry -openshift_hosted_registry_storage_volume_size=5Gi - -[nfs] -{{ hostvars[groups['admin'][0]]['inventory_hostname'] }} - -[masters] -{% for item in groups['masters'] %} -{{ hostvars[item]['inventory_hostname'] }} openshift_hostname={{ hostvars[item]['inventory_hostname'] }} openshift_public_hostname={{ hostvars[item]['inventory_hostname'] }} -{% endfor %} - -[nodes] -{% for item in groups['masters'] %} -{{ hostvars[item]['inventory_hostname'] }} openshift_hostname={{ hostvars[item]['inventory_hostname'] }} openshift_public_hostname={{ hostvars[item]['inventory_hostname'] }} openshift_node_labels="{'region': '{{ hostvars[item]['region'] }}'}" -{% endfor %} -{% for item in groups['nodes'] %} -{{ hostvars[item]['inventory_hostname'] }} openshift_hostname={{ hostvars[item]['inventory_hostname'] }} openshift_public_hostname={{ hostvars[item]['inventory_hostname'] }} openshift_node_labels="{'region': '{{ hostvars[item]['region'] }}', 'zone': '{{ hostvars[item]['zone'] }}'}" -{% endfor %} diff --git a/OpenShift-Lab-Ansible-Playbook/roles/openshift-postinstall/tasks/main.yml b/OpenShift-Lab-Ansible-Playbook/roles/openshift-postinstall/tasks/main.yml deleted file mode 100644 index 623e583..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/openshift-postinstall/tasks/main.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- - - - name: Make sure infra pods runs in the infra region - become: no - command: oc annotate namespace default openshift.io/node-selector='region=infra' --overwrite - - - name: Make sure the httpd-tools package is installed (we need htpasswd) - yum: name=httpd-tools state=installed - - - name: Create a few test users - command: htpasswd -b /etc/origin/master/htpasswd {{ item.login }} {{ item.password }} - with_items: - - { login: andrew, password: andrew } - - { login: marina, password: marina } - - - name: Recreate the default router certificate - command: oadm ca create-server-cert --signer-cert=/etc/origin/master/ca.crt --signer-key=/etc/origin/master/ca.key --signer-serial=/etc/origin/master/ca.serial.txt --hostnames='*.{{ openshift_cluster_dns }}' --cert=/home/{{ ansible_ssh_user }}/cloudapps.crt --key=/home/{{ ansible_ssh_user }}/cloudapps.key - - - name: Build the certificate + key bundle - shell: cat /home/{{ ansible_ssh_user }}/cloudapps.crt /home/{{ ansible_ssh_user }}/cloudapps.key /etc/origin/master/ca.crt > /home/{{ ansible_ssh_user }}/cloudapps.pem - - - name: Destroy the existing router - command: oc delete dc/router svc/router - become: no - - - name: Deploy the new router - command: oadm router customrouter --replicas=1 --default-cert=/home/{{ ansible_ssh_user }}/cloudapps.pem --service-account=router --stats-password='{{ router_stats_password }}' - become: no - - - name: Ship the PV creation script - template: src=create-pv.sh dest=/home/{{ ansible_ssh_user }}/create-pv.sh mode=0755 - become: no - - - name: Run the PV creation script - command: /home/{{ ansible_ssh_user }}/create-pv.sh - become: no diff --git a/OpenShift-Lab-Ansible-Playbook/roles/openshift-postinstall/templates/create-pv.sh b/OpenShift-Lab-Ansible-Playbook/roles/openshift-postinstall/templates/create-pv.sh deleted file mode 100644 index 5204af4..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/openshift-postinstall/templates/create-pv.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/sh - -mkdir -p "$HOME/pvs/" - -for size in 1Gi 5Gi 10Gi; do - for volume in pv{1..25} ; do - cat << EOF > $HOME/pvs/pv-${size}-${volume}.json -{ - "apiVersion": "v1", - "kind": "PersistentVolume", - "metadata": { - "name": "${volume}" - }, - "spec": { - "capacity": { - "storage": "${size}" - }, - "accessModes": [ "ReadWriteOnce" ], - "nfs": { - "path": "/openshift-storage/pv-${size}-${volume}", - "server": "{{ hostvars[groups['admin'][0]]['ansible_default_ipv4']['address'] }}" - }, - "persistentVolumeReclaimPolicy": "Recycle" - } -} -EOF - done -done diff --git a/OpenShift-Lab-Ansible-Playbook/roles/openshift-prereq/tasks/main.yml b/OpenShift-Lab-Ansible-Playbook/roles/openshift-prereq/tasks/main.yml deleted file mode 100644 index 9863de9..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/openshift-prereq/tasks/main.yml +++ /dev/null @@ -1,103 +0,0 @@ ---- - - - name: This module has only been tested on RHEL 7.3 x64 - assert: - that: - - "ansible_userspace_bits == '64'" - - "ansible_os_family == 'RedHat'" - - "ansible_distribution_version == '7.3'" - - - name: First, disable any repos (using subscription-manager) - command: subscription-manager repos --disable="*" - tags: rpm - - - name: Make sure mandatory repos are enabled - command: subscription-manager repos --enable {{ item }} - with_items: - - rhel-7-server-rpms - - rhel-7-server-optional-rpms - - rhel-7-server-extras-rpms - - rhel-7-server-ose-{{ openshift_version }}-rpms - tags: rpm - - - name: Install wget - yum: name=wget state=installed - when: "'admin' in group_names" # Only on admin server - tags: rpm - - - name: Install bridge-utils - yum: name=bridge-utils state=installed - when: "'admin' in group_names" # Only on admin server - tags: rpm - - - name: Install nfs-utils - yum: name=nfs-utils state=installed - tags: rpm - - - name: Install bash-completion - yum: name=bash-completion state=installed - when: "'admin' in group_names or 'masters' in group_names" # Only on admin or master server - tags: rpm - - - name: Install NetworkManager - yum: name=NetworkManager state=installed - tags: rpm - - - name: Install GIT - yum: name=git state=installed - when: "'admin' in group_names" # Only on admin server - tags: rpm - - - name: Install net-tools - yum: name=net-tools state=installed - tags: rpm - - - name: Install bind-utils - yum: name=bind-utils state=installed - tags: rpm - - - name: Install iptables-services - yum: name=iptables-services state=installed - tags: rpm - - - name: Disable firewalld - service: name=firewalld state=stopped enabled=no - - - name: Enable iptables - service: name=iptables state=started enabled=yes - - - name: Check for existing SSH Private Key on the admin server - stat: path=/home/{{ ansible_ssh_user }}/.ssh/id_rsa - register: key - when: "'admin' in group_names" # Only on admin server - tags: ssh-key - - - name: Generate an SSH Private Key on the admin server - command: ssh-keygen -t rsa -b 2048 -f /home/{{ ansible_ssh_user }}/.ssh/id_rsa -q -N '' - become_user: "{{ ansible_ssh_user }}" - when: "'admin' in group_names and key.stat.exists == False" # Only on admin server and if key does not exists - tags: ssh-key - - - name: Fetch the SSH Public Key of the admin server - fetch: src=/home/{{ ansible_ssh_user }}/.ssh/id_rsa.pub dest="{{ basedir }}/admin.pub" flat=yes - when: "'admin' in group_names" # Only on admin server - tags: ssh-key - - - name: Add SSH Public key of the admin server to the authorized_keys of each server (including the admin server) - authorized_key: - key: "{{ lookup('file', basedir + '/admin.pub' ) }}" - user: "{{ ansible_ssh_user }}" - state: present - tags: ssh-key - - - name: pre-authorize all ssh keys of the other machines - command: ssh -o StrictHostKeyChecking=no {{ item }} /bin/true - become: no # need to run the ssh command as user "redhat" - with_items: "{{ groups['lab'] }}" - when: "'admin' in group_names" # Only on admin server - tags: ssh-key - - - name: Install atomic-openshift-utils (only on the admin node) - yum: name=atomic-openshift-utils state=installed - when: "'admin' in group_names" # Only on admin server - tags: rpm diff --git a/OpenShift-Lab-Ansible-Playbook/roles/register-rhn/tasks/main.yml b/OpenShift-Lab-Ansible-Playbook/roles/register-rhn/tasks/main.yml deleted file mode 100644 index a430b16..0000000 --- a/OpenShift-Lab-Ansible-Playbook/roles/register-rhn/tasks/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- - - name: This module should only work on RHEL - assert: - that: - - "ansible_os_family == 'RedHat'" - - - name: Register this system on RHN - redhat_subscription: - state: present - username: "{{ lookup('env','RHN_LOGIN') }}" - password: "{{ lookup('env','RHN_PASSWORD') }}" - consumer_name: "{{ inventory_hostname }}" - autosubscribe: false - tags: rhn - -# -# To know which Pool ID you can use, run the following command on a registered host : -# -# sudo subscription-manager list --available --matches '*OpenShift*' -# - - name: Attach the correct pool id to the new subscription - command: subscription-manager attach --pool={{ lookup('env','RHN_POOLID') }} - tags: rhn diff --git a/OpenShift-Lab-Ansible-Playbook/site.yml b/OpenShift-Lab-Ansible-Playbook/site.yml deleted file mode 100644 index fdba5a7..0000000 --- a/OpenShift-Lab-Ansible-Playbook/site.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- - - - name: Bootstrap one or more RHEL7 nodes - hosts: bootstrap - become: no - roles: - - bootstrap - - register-rhn - - - name: Install the required package for an OpenShift Lab - hosts: lab - become: yes - vars: - - basedir: "{{ lookup('env', 'BASEDIR') }}" - roles: - - { role: base } - - { role: openshift-prereq } - - { role: name-resolution } - - { role: docker, when: "'admin' not in group_names" } - - { role: nfs, when: "'admin' in group_names" } - - { role: openshift-install, when: "'admin' in group_names" } - - { role: openshift-postinstall, when: "'masters' in group_names" }