Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
13 changed files
with
354 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,2 @@ | ||
__version__ = '0.14' | ||
__version__ = '0.15' | ||
__author__ = 'Tiziano Perrucci' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,127 @@ | ||
#!/usr/bin/env python | ||
|
||
#################################################################################### | ||
### | ||
### Get EC2 instances inventory under ELB | ||
### ===================================== | ||
### | ||
### Generates inventory that Ansible can understand by making API request to | ||
### AWS EC2 using the Boto library. | ||
### | ||
#################################################################################### | ||
|
||
import sys | ||
import os | ||
from boto import boto | ||
from optparse import OptionParser | ||
try: | ||
import json | ||
except: | ||
import simplejson as json | ||
|
||
|
||
AWS_ACCESS_KEY_ID = os.getenv('AWS_ACCESS_KEY_ID', '') | ||
AWS_SECRET_ACCESS_KEY = os.getenv('AWS_SECRET_ACCESS_KEY', '') | ||
ELB_NAME = os.getenv('ELB_NAME', '') | ||
HOSTS_NAME = os.getenv('HOSTS_NAME', '') | ||
|
||
|
||
# Log an error to stderr and quit | ||
def error(err_msg, err_operation=None): | ||
if err_operation: | ||
err_msg = 'Error {err_operation}: "{err_msg}"\n'.format(err_msg=err_msg, err_operation=err_operation) | ||
else: | ||
err_msg = 'Error: {err_msg}\n'.format(err_msg=err_msg) | ||
sys.stderr.write(err_msg) | ||
sys.exit(1) | ||
|
||
# Get instance info | ||
def get_instance_info(instances): | ||
# Init ELB instance list | ||
info = [] | ||
# Walk through the instance list | ||
for instance in instances: | ||
# Get instance info | ||
try: | ||
ec2_instance = ec2_conn.get_only_instances(instance.id) | ||
for i in ec2_instance: | ||
# Append instance info to the list | ||
info.append(i.ip_address) | ||
# Walk through instance info | ||
except boto.exception.BotoServerError as e: | ||
error("%s (%s)" % (e.message, e.error_code) , "fetching ELB instance properties") | ||
# Return info | ||
return info | ||
|
||
# Get full instance list under each ELB | ||
def get_elb_list(): | ||
# Init function return dictionary | ||
elb_result = {} | ||
# Walk through the ELB list | ||
try: | ||
for elb in elb_conn.get_all_load_balancers(): | ||
# Add list as a value to ELB name | ||
elb_result[elb.name] = get_instance_info(elb.instances) | ||
except boto.exception.BotoServerError as e: | ||
error("%s (%s)" % (e.message, e.error_code) , "fetching ELB list") | ||
# Return here | ||
return elb_result | ||
|
||
# Get full instance list under particular ELB | ||
def get_elb_info(elb_name): | ||
# Init function return dictionary | ||
elb_result = [] | ||
# Get ELB info | ||
try: | ||
elb = elb_conn.get_all_load_balancers(elb_name) | ||
for i in elb: | ||
# Add list as a value to ELB name | ||
elb_result = get_instance_info(i.instances) | ||
except boto.exception.BotoServerError as e: | ||
error("%s (%s)" % (e.message, e.error_code) , "fetching instances under ELB") | ||
|
||
return elb_result | ||
|
||
### Start the ball | ||
# Parse the options | ||
parser = OptionParser(usage="%prog [options] --list | --host <AWS ELB>") | ||
parser.add_option('--list', default=False, dest="list", action="store_true", help="Produce a JSON consumable grouping of instances under ELB") | ||
parser.add_option('--host', default=None, dest="elb", help="Generate additional host specific details for given host for Ansible") | ||
(options, args) = parser.parse_args() | ||
|
||
# Check if we have options and print help | ||
if not options.list and not options.elb: | ||
parser.print_help() | ||
sys.exit(0) | ||
|
||
|
||
# Try to connect to AWS | ||
try: | ||
elb_conn = boto.connect_elb() | ||
except boto.exception.BotoServerError as e: | ||
error("%s (%s)" % (e.message, e.error_code) , "connecting to ELB") | ||
|
||
try: | ||
ec2_conn = boto.connect_ec2() | ||
except boto.exception.BotoServerError as e: | ||
error("%s (%s)" % (e.message, e.error_code) , "connecting to EC2") | ||
|
||
# Get instance details under all ELB | ||
if ELB_NAME == '': | ||
if options.list: | ||
elb_list = get_elb_list() | ||
print json.dumps(elb_list) | ||
sys.exit(0) | ||
|
||
# Get instance details under particular ELB | ||
elif options.elb: | ||
elb_info = get_elb_info(options.elb) | ||
print json.dumps(elb_info) | ||
sys.exit(0) | ||
else: | ||
elb_info = get_elb_info(ELB_NAME) | ||
elb_hosts = elb_info | ||
host_group = {HOSTS_NAME: {}} | ||
host_group[HOSTS_NAME]['hosts'] = elb_hosts | ||
print json.dumps(host_group) | ||
sys.exit(0) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
#!/usr/bin/python | ||
# -*- coding: utf-8 -*- | ||
|
||
# [..] various imports | ||
|
||
# this line must be written exactly that way, | ||
# as Ansible will replace it with the "imported" code | ||
from ansible.module_utils.basic import * | ||
|
||
ANSIBLE_HASHI_VAULT_ADDR = 'http://127.0.0.1:8200' | ||
|
||
if os.getenv('VAULT_ADDR') is not None: | ||
ANSIBLE_HASHI_VAULT_ADDR = os.environ['VAULT_ADDR'] | ||
|
||
|
||
class HashiVaultFile: | ||
def __init__(self, **kwargs): | ||
try: | ||
import hvac | ||
except ImportError: | ||
raise Exception("Please pip install hvac to use this module") | ||
|
||
self.url = kwargs.pop('url') | ||
self.secret = kwargs.pop('secret') | ||
self.token = kwargs.pop('token') | ||
|
||
self.client = hvac.Client(url=self.url, token=self.token) | ||
|
||
if self.client.is_authenticated(): | ||
pass | ||
else: | ||
raise Exception("Invalid Hashicorp Vault Token Specified") | ||
|
||
def get(self): | ||
data = self.client.read(self.secret) | ||
if data is None: | ||
raise Exception("The secret %s doesn't seem to exist" % self.secret) | ||
else: | ||
return data['data']['value'] | ||
|
||
|
||
if __name__ == '__main__': | ||
global module | ||
module = AnsibleModule( | ||
argument_spec={ | ||
'secret': {'required': True, 'type': 'str'}, | ||
'dest': {'required': True, 'type': 'str'}, | ||
'token': {'required': False, 'type': 'str'}, | ||
}, | ||
supports_check_mode=False | ||
) | ||
|
||
args = module.params | ||
|
||
args['url'] = ANSIBLE_HASHI_VAULT_ADDR | ||
try: | ||
vault_conn = HashiVaultFile(**args) | ||
value = vault_conn.get() | ||
|
||
dest_file = os.path.abspath(args['dest']) | ||
|
||
text_file = open(dest_file, "w") | ||
text_file.write(value) | ||
text_file.close() | ||
|
||
module.exit_json(changed=True, file=dest_file) | ||
except Exception, e: | ||
module.fail_json(msg=str(e)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
# (c) 2015, Jonathan Davila <jdavila(at)ansible.com> | ||
# | ||
# This file is part of Ansible | ||
# | ||
# Ansible is free software: you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License as published by | ||
# the Free Software Foundation, either version 3 of the License, or | ||
# (at your option) any later version. | ||
# | ||
# Ansible is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# GNU General Public License for more details. | ||
# | ||
# You should have received a copy of the GNU General Public License | ||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>. | ||
# | ||
# USAGE: {{ lookup('hashi_vault', 'secret=secret/hello token=c975b780-d1be-8016-866b-01d0f9b688a5 url=http://myvault:8200')}} | ||
# | ||
# You can skip setting the url if you set the VAULT_ADDR environment variable | ||
# or if you want it to default to localhost:8200 | ||
# | ||
# NOTE: Due to a current limitation in the HVAC library there won't | ||
# necessarily be an error if a bad endpoint is specified. | ||
# | ||
# Requires hvac library. Install with pip. | ||
# | ||
|
||
from __future__ import (absolute_import, division, print_function) | ||
__metaclass__ = type | ||
|
||
import os | ||
|
||
from ansible.errors import * | ||
|
||
ANSIBLE_HASHI_VAULT_ADDR = 'http://127.0.0.1:8200' | ||
|
||
if os.getenv('VAULT_ADDR') is not None: | ||
ANSIBLE_HASHI_VAULT_ADDR = os.environ['VAULT_ADDR'] | ||
|
||
|
||
class HashiVaultLookup: | ||
def __init__(self, **kwargs): | ||
try: | ||
import hvac | ||
except ImportError: | ||
AnsibleError("Please pip install hvac to use this module") | ||
|
||
self.url = kwargs.pop('url') | ||
self.secret = kwargs.pop('secret') | ||
self.token = kwargs.pop('token') | ||
|
||
self.client = hvac.Client(url=self.url, token=self.token) | ||
|
||
if self.client.is_authenticated(): | ||
pass | ||
else: | ||
raise AnsibleError("Invalid Hashicorp Vault Token Specified") | ||
|
||
def get(self): | ||
data = self.client.read(self.secret) | ||
if data is None: | ||
raise AnsibleError("The secret %s doesn't seem to exist" % self.secret) | ||
else: | ||
return data['data']['value'] | ||
|
||
|
||
class LookupModule(object): | ||
def __init__(self, basedir=None, **kwargs): | ||
pass | ||
|
||
def run(self, terms, inject=None, **kwargs): | ||
vault_args = terms.split(' ') | ||
vault_dict = {} | ||
ret = [] | ||
|
||
for param in vault_args: | ||
key, value = param.split('|') | ||
vault_dict[key] = value | ||
|
||
vault_conn = HashiVaultLookup(**vault_dict) | ||
value = vault_conn.get() | ||
ret.append(value) | ||
|
||
if 'write_to_file' in vault_dict.keys(): | ||
text_file = open(vault_dict['write_to_file'], "w") | ||
text_file.write(value) | ||
text_file.close() | ||
|
||
return ret |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
--- | ||
# Parameters: | ||
# prudentia_dir (provided) | ||
|
||
- name: MongoDB | Check if is present | ||
command: test -x /usr/bin/mongo | ||
when: ansible_system == "Linux" | ||
ignore_errors: yes | ||
register: mongo_present | ||
tags: mongodb3 | ||
|
||
- name: MongoDB | Add GPG key to apt keyring | ||
apt_key: id=7F0CEB10 url=http://docs.mongodb.org/10gen-gpg-key.asc | ||
sudo: yes | ||
tags: mongodb3 | ||
|
||
- name: MongoDB | Add Debian apt repository | ||
apt_repository: repo="deb http://repo.mongodb.org/apt/ubuntu {{ ansible_distribution_release }}/mongodb-org/3.0 multiverse" | ||
when: ansible_os_family == "Debian" and mongo_present|failed | ||
tags: mongodb3 | ||
sudo: yes | ||
|
||
- name: MongoDB | Install | ||
apt: update-cache=yes force=yes state=present pkg=mongodb-org | ||
when: ansible_os_family == "Debian" and mongo_present|failed | ||
sudo: yes | ||
tags: mongodb3 |
Oops, something went wrong.