diff --git a/group_vars/all/ovirt.yaml b/group_vars/all/ovirt.yaml index 62c6ba7..c087539 100644 --- a/group_vars/all/ovirt.yaml +++ b/group_vars/all/ovirt.yaml @@ -1,11 +1,11 @@ ovirt: username: vale@internal ca_file: /etc/pki/ovirt-engine/ca.pem - password: + password: valevale data_center: Default cluster: Default - host: ovirt.righini.local - engine: ovengine.righini.local + host: ovirt01 + engine: ovengine01.seeweb.local storage: interface: virtio storage_domain: 2t_2 @@ -16,7 +16,7 @@ ovirt: network: vlan19 internal: interface: virtio - profile: vlan_1 - network: vlan_1 - host_interface: ens786f1 #Insert oVirt host interface name - vlan_tag: 1 \ No newline at end of file + profile: vlan_2 + network: vlan_2 + host_interface: eno2 #Insert oVirt host interface name + vlan_tag: 2 \ No newline at end of file diff --git a/group_vars/all/vars.yaml b/group_vars/all/vars.yaml index 64d88fd..6e5b323 100644 --- a/group_vars/all/vars.yaml +++ b/group_vars/all/vars.yaml @@ -2,8 +2,8 @@ networking: internal_network: 172.27.4.0 internal_network_ip: 172.27.4.1 internal_network_netmask: 255.255.255.0 - external_dns: 172.16.0.2 - domain_name: example1.net + external_dns: 172.25.0.31 + domain_name: example2.seeweb dhcp: timezone: "Europe/Rome" @@ -31,11 +31,11 @@ firewall_public_ha_proxy_port: ocp: user: vale - pass: + pass: toor reserved_ip: api: 172.27.4.2 apps: 172.27.4.3 - cluster_name: ocp1 - pull_secret: '' + cluster_name: ocp + pull_secret: '{"auths":{"cloud.openshift.com":{"auth":"b3BlbnNoaWZ0LXJlbGVhc2UtZGV2K3ZhbGV1YmUxZWRnczVvdHppeGlxYnJtbjNuamR0YXp3dHc6SUQxNFJOTUEyOVM4S1JMNFI3R0IzWTYxVVpRNjhOUzg4T0pXTU9KWEVJNkVCUlJSRENLVktBVUZHTklVVU8wSA==","email":"vuberti@extraordy.com"},"quay.io":{"auth":"b3BlbnNoaWZ0LXJlbGVhc2UtZGV2K3ZhbGV1YmUxZWRnczVvdHppeGlxYnJtbjNuamR0YXp3dHc6SUQxNFJOTUEyOVM4S1JMNFI3R0IzWTYxVVpRNjhOUzg4T0pXTU9KWEVJNkVCUlJSRENLVktBVUZHTklVVU8wSA==","email":"vuberti@extraordy.com"},"registry.connect.redhat.com":{"auth":"NTE0OTI0MTl8dWhjLTFFRGdzNU90ekl4SXFCUm1OM05qZHRBWnd0dzpleUpoYkdjaU9pSlNVelV4TWlKOS5leUp6ZFdJaU9pSTJaR1ExWm1JNU1UQmtaVGMwWkdJMU9EZGlNREUxTWpnek5EUXhOekJrTVNKOS52SW1Vak9LRy1heTYxc2FKNmlvaEltR1Y3NFdfNms4R25YUV9yMkNSdFVIYnlGODVQRkQyLUszZ3FsOXU1d3AxSWFfbDlPaDRJLTBTQ1hPQTZBdjN4TnVZTVlIeHZoVS1GanViVGYzQ1FvWGdkZzc1R3VWS1ZiRTZHb1RYZTliZUFqaXdtRFRmc1VGa2k5ZHd6RkVoUUtZang0VXYzc1puZy1hQk1kSVB3cVNoZHltU0k5MFlaSmJpdE5xUmd2NEV0YW9nWFZ3OVN2WmJXQ2dXNW1zZTlSMnpxM2tGZ2FjYkwwT1lMQmFtTFhxVG9BT0JRWDNJMDZNTTR3eDNsOU1VOTBZaDYxQll2VHVqcmJSd05NWFVPdEpmaW54VEFCbUhfaVBPYXMyRlhuX2xuNlJJaEQxaTBjVm1CWXctN3E1OG9xODRROFg5M2ZQZFhhLVRwcEpDLTNhaDR1aTJOakIwY0hLNVFKa2k4ZTE3ck1BdVhwdkVKTHVVM0FFazh1Y2hEbnhhTmE1UVk4UF85blp1dWZYZUNGZHVWXzRoNHdwMjJWN3dKZklSdnhlTjVuSmEzREFTQWdTb1h2VHFQSjQwcmpCZWxqQmdsMkpyeFdsb2hldnpfNUdFMEE3dTZwbGh4RjFMamlqY1ZuSDZBWi1vc3lTSWxqY244NVl1bk15blJ1cnBqd1gwOFZFNUpnMkVLclZKNTB6UURSQk1EM2RkTGw0c1BEbVJIY1dlMVRGYXhRZUlfSDlBd2QydUkxR05RclkyU0ZONWp4ZmEyaTliT0VEclFKTktZQ1RMY0NlT1pwSFJyeWJzdE8zU0IzODBoVXByaVdlNGZYOVJweWFwRE1JeXU0dmstOU9vYXBwelQyMUs1ZW9EWUFoLVBnMjZ3YVBzTEh5R0xqSQ==","email":"vuberti@extraordy.com"},"registry.redhat.io":{"auth":"NTE0OTI0MTl8dWhjLTFFRGdzNU90ekl4SXFCUm1OM05qZHRBWnd0dzpleUpoYkdjaU9pSlNVelV4TWlKOS5leUp6ZFdJaU9pSTJaR1ExWm1JNU1UQmtaVGMwWkdJMU9EZGlNREUxTWpnek5EUXhOekJrTVNKOS52SW1Vak9LRy1heTYxc2FKNmlvaEltR1Y3NFdfNms4R25YUV9yMkNSdFVIYnlGODVQRkQyLUszZ3FsOXU1d3AxSWFfbDlPaDRJLTBTQ1hPQTZBdjN4TnVZTVlIeHZoVS1GanViVGYzQ1FvWGdkZzc1R3VWS1ZiRTZHb1RYZTliZUFqaXdtRFRmc1VGa2k5ZHd6RkVoUUtZang0VXYzc1puZy1hQk1kSVB3cVNoZHltU0k5MFlaSmJpdE5xUmd2NEV0YW9nWFZ3OVN2WmJXQ2dXNW1zZTlSMnpxM2tGZ2FjYkwwT1lMQmFtTFhxVG9BT0JRWDNJMDZNTTR3eDNsOU1VOTBZaDYxQll2VHVqcmJSd05NWFVPdEpmaW54VEFCbUhfaVBPYXMyRlhuX2xuNlJJaEQxaTBjVm1CWXctN3E1OG9xODRROFg5M2ZQZFhhLVRwcEpDLTNhaDR1aTJOakIwY0hLNVFKa2k4ZTE3ck1BdVhwdkVKTHVVM0FFazh1Y2hEbnhhTmE1UVk4UF85blp1dWZYZUNGZHVWXzRoNHdwMjJWN3dKZklSdnhlTjVuSmEzREFTQWdTb1h2VHFQSjQwcmpCZWxqQmdsMkpyeFdsb2hldnpfNUdFMEE3dTZwbGh4RjFMamlqY1ZuSDZBWi1vc3lTSWxqY244NVl1bk15blJ1cnBqd1gwOFZFNUpnMkVLclZKNTB6UURSQk1EM2RkTGw0c1BEbVJIY1dlMVRGYXhRZUlfSDlBd2QydUkxR05RclkyU0ZONWp4ZmEyaTliT0VEclFKTktZQ1RMY0NlT1pwSFJyeWJzdE8zU0IzODBoVXByaVdlNGZYOVJweWFwRE1JeXU0dmstOU9vYXBwelQyMUs1ZW9EWUFoLVBnMjZ3YVBzTEh5R0xqSQ==","email":"vuberti@extraordy.com"}}}' diff --git a/include/007_bastion_services.yaml b/include/007_bastion_services.yaml index 8d14f0f..386ae14 100644 --- a/include/007_bastion_services.yaml +++ b/include/007_bastion_services.yaml @@ -28,7 +28,7 @@ dest: /etc/haproxy/haproxy.cfg - name: Configure {{ ansible_local.external_connection.conname }} to use {{ networking.internal_network_ip }} as DNS server - command: nmcli con mod '{{ ansible_local.external_connection.conname }}' ipv4.dns "{{ networking.internal_network_ip }}" + command: nmcli con mod '{{ ansible_local.external_connection.conname }}' ipv4.dns "{{ networking.internal_network_ip }}" autoconnect yes - name: Refreshing {{ ansible_local.external_connection.conname }} shell: nmcli con down "{{ ansible_local.external_connection.conname }}"; nmcli con up "{{ ansible_local.external_connection.conname }}" diff --git a/include/008_install_ocp_utilis.yaml b/include/008_install_ocp_utilis.yaml index 9c8c891..8e46d33 100644 --- a/include/008_install_ocp_utilis.yaml +++ b/include/008_install_ocp_utilis.yaml @@ -60,10 +60,15 @@ - debug: msg: "{{ hostvars['DUMMY'].vnicProfileID }}" + - name: Creating install dir + file: + path: /root/install + state: directory + - name: Creating install-config.yaml template: src: ../templates/install-config.j2 - dest: /root/install-config.yaml + dest: /root/install/install-config.yaml - name: Extract and install ovirt CA shell: "{{ item }}" @@ -106,12 +111,12 @@ loop: - https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest/openshift-install-linux.tar.gz - https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest/openshift-client-linux.tar.gz - + retries: 10 - name: Waiting for install to complete (TAKE A COFFEE) - command: openshift-install create cluster --dir /root + command: openshift-install create cluster --dir /root/install #retries: 2000 #delay: 30 #register: result diff --git a/include/010_add_default_admin_user.yaml b/include/010_add_default_admin_user.yaml index c0e7862..bf8d19b 100644 --- a/include/010_add_default_admin_user.yaml +++ b/include/010_add_default_admin_user.yaml @@ -21,7 +21,7 @@ - name: Creating yaml configuration for htpasswd identity provider template: src: ../templates/htpasswd_provider.j2 - dest: "/root/htpasswd_provider.yaml" + dest: "/root/install/htpasswd_provider.yaml" - template: src: ../templates/ocp_user_script.j2 @@ -63,7 +63,7 @@ - name: Try to login with admin command: > /usr/bin/oc login -u {{ ocp.user }} -p {{ ocp.pass }} - https://api.{{ ocp.cluster_name }}.{{ networking.domain_name }}:6443 --config /root/auth/kubeconfig + https://api.{{ ocp.cluster_name }}.{{ networking.domain_name }}:6443 --kubeconfig /root/install/auth/kubeconfig retries: 30 register: command until: command.rc == 0 \ No newline at end of file diff --git a/inventory b/inventory index 9324ebe..632948a 100644 --- a/inventory +++ b/inventory @@ -1,5 +1,5 @@ [ovirt_engine] -ovengine.righini.local +ovengine01.seeweb.local [bastion] -bastion.example1.net \ No newline at end of file +bastion.example.seeweb \ No newline at end of file diff --git a/templates/dnsmasq.j2 b/templates/dnsmasq.j2 index 39260c1..373cf96 100644 --- a/templates/dnsmasq.j2 +++ b/templates/dnsmasq.j2 @@ -3,6 +3,9 @@ server={{ networking.external_dns }} ## External dns end ## +address=/ovengine01.seeweb.local/172.25.0.36 + + ## Required fqdn and wildcard for OCP ## address=/{{ 'api.' + ocp.cluster_name + '.' + networking.domain_name }}/{{ ocp.reserved_ip.api }} address=/{{ 'apps.' + ocp.cluster_name + '.' + networking.domain_name }}/{{ ocp.reserved_ip.apps }} diff --git a/templates/ocp_user_script.j2 b/templates/ocp_user_script.j2 index 43af174..6498182 100644 --- a/templates/ocp_user_script.j2 +++ b/templates/ocp_user_script.j2 @@ -1,6 +1,8 @@ #!/bin/bash -export KUBECONFIG=/root/auth/kubeconfig +export KUBECONFIG=/root/install/auth/kubeconfig htpasswd -c -B -b /tmp/user.htpasswd {{ ocp.user }} {{ ocp.pass }} +htpasswd -B -b /tmp/user.htpasswd marco balu /usr/bin/oc create secret generic htpass-secret --from-file=htpasswd=/tmp/user.htpasswd -n openshift-config -/usr/bin/oc apply -f /root/htpasswd_provider.yaml -/usr/bin/oc adm policy add-cluster-role-to-user cluster-admin {{ ocp.user }} \ No newline at end of file +/usr/bin/oc apply -f /root/install/htpasswd_provider.yaml +/usr/bin/oc adm policy add-cluster-role-to-user cluster-admin {{ ocp.user }} +/usr/bin/oc adm policy add-cluster-role-to-user cluster-admin marco \ No newline at end of file