VDI-1712

* Update ConfigureRemoteForAnsible.ps1 Ansible enablement PowerShell script for Windows systems * Add "linux-nodes" Swarm label to Linux systems * Add "windows-nodes" Swarm label to Windows systems * Modify playbooks that deploy node-exporter and cadvisor to only Linux Swarm nodes
HewlettPackard · Dec 3, 2018 · e3027bd · e3027bd
1 parent 3b36f7a
commit e3027bd
Show file tree

Hide file tree

Showing 5 changed files with 38 additions and 0 deletions.
diff --git a/files/windows/ConfigureRemotingForAnsible.ps1 b/files/windows/ConfigureRemotingForAnsible.ps1
@@ -50,6 +50,7 @@
 # Version 1.6 - 2017-04-18
 # Version 1.7 - 2017-11-23
 # Version 1.8 - 2018-02-23
+# Version 1.9 - 2018-09-21
 
 # Support -Verbose option
 [CmdletBinding()]
@@ -293,6 +294,20 @@ Else
     Write-Verbose "PS Remoting is already enabled."
 }
 
+# Ensure LocalAccountTokenFilterPolicy is set to 1
+# https://github.com/ansible/ansible/issues/42978
+$token_path = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System"
+$token_prop_name = "LocalAccountTokenFilterPolicy"
+$token_key = Get-Item -Path $token_path
+$token_value = $token_key.GetValue($token_prop_name, $null)
+if ($token_value -ne 1) {
+    Write-Verbose "Setting LocalAccountTOkenFilterPolicy to 1"
+    if ($null -ne $token_value) {
+        Remove-ItemProperty -Path $token_path -Name $token_prop_name
+    }
+    New-ItemProperty -Path $token_path -Name $token_prop_name -Value 1 -PropertyType DWORD > $null
+}
+
 # Make sure there is a SSL listener.
 $listeners = Get-ChildItem WSMan:\localhost\Listener
 If (!($listeners | Where {$_.Keys -like "TRANSPORT=HTTPS"}))

diff --git a/monitoring/docker-compose.yml.j2 b/monitoring/docker-compose.yml.j2
@@ -26,6 +26,7 @@ services:
       placement:
         constraints:
         - node.labels.com.docker.ucp.orchestrator.swarm==true
+        - node.labels.linux-node==true
       resources:
         limits:
           cpus: '0.20'
@@ -61,6 +62,7 @@ services:
       placement:
         constraints:
         - node.labels.com.docker.ucp.orchestrator.swarm==true
+        - node.labels.linux-node==true
       resources:
         limits:
           cpus: '0.20'

diff --git a/playbooks/roles/ucp/tasks/main.yml b/playbooks/roles/ucp/tasks/main.yml
@@ -127,3 +127,10 @@
 
     - debug: msg="Availability={{resp.json.Spec.Availability}} Role={{resp.json.Spec.Role}} State={{resp.json.Status.State}}"
       when: _debug is defined
+
+#
+# Add custom label to Linux nodes
+#
+    - name: Add Label to Linux Nodes
+      command: "docker node update --label-add linux-node=true {{ inventory_hostname }}.{{ domain_name }}"
+      delegate_to: "{{ ucp_instance }}"
diff --git a/playbooks/roles/windows_worker/tasks/main.yml b/playbooks/roles/windows_worker/tasks/main.yml
@@ -122,3 +122,10 @@
       when: orchestrator is defined and orchestrator == "swarm"
       delegate_to: "{{ ucp_instance }}"
 
+#
+# Add custom label to Windows nodes
+#
+    - name: Add Label to Windows Node
+      command: "docker node update --label-add windows-node=true {{ inventory_hostname }}"
+      delegate_to: "{{ ucp_instance }}"
+
diff --git a/playbooks/roles/worker/tasks/main.yml b/playbooks/roles/worker/tasks/main.yml
@@ -139,3 +139,10 @@
       when: orchestrator is defined and orchestrator == "swarm"
       delegate_to: "{{ ucp_instance }}"
 
+#
+# Add custom label to Linux nodes
+#
+    - name: Add Label to Linux Nodes
+      command: "docker node update --label-add linux-node=true {{ inventory_hostname }}.{{ domain_name }}"
+      delegate_to: "{{ ucp_instance }}"
+