Worker node 0 (redhat-cop#792)

* worker node 0 config ready

* worker node 0 config

ansible/configs/ansible-tower/env_vars.yml

@@ -425,24 +425,20 @@ bastion_public_dns_chomped: "bastion.{{subdomain_base}}"
 tower_run: false
 
 default_workloads:
-#  - tower-copy-ssh                                         ###Specific to babylon and dark-tower project.
   - tower-license-injector
   - cleanup-tower-default
-  - tower-settings-update
-  - tower-pip-packages
-  - tower-user-create
-  - tower-org-create
-  - tower-credential-create
-  - tower-project-create
-  - tower-inventory-create
-  - tower-job-template-create
-  - tower-babylon-job-runner
-
-# infra_workloads|:
-#   - tower-settings-update
-#   - tower-pip-packages
-#   - tower-user-create
-#   - tower-org-create
-#   - tower-project-create
-#   - tower-inventory-create
-#   - tower-job-template-create
+
+#infra_workloads:
+#  - tower-copy-ssh
+#  - tower-license-injector
+#  - cleanup-tower-default
+#  - tower-settings-update
+#  - tower-pip-packages
+#  - tower-user-create
+#  - tower-org-create
+#  - tower-credential-create
+#  - tower-project-create
+#  - tower-inventory-create
+#  - tower-job-template-create
+#  - tower-babylon-job-runner
+

ansible/configs/ansible-tower/files/cloud_providers/ec2_cloud_template.j2

@@ -307,6 +307,7 @@ Resources:
 {% endfor %}
 {% endfor %}
 
+{% if worker_instance_count > 0 %}
 {% for worker_region in target_regions %}
 {% for instance in instances_worker %}
 {% if instance['dns_loadbalancer'] | d(false) | bool
@@ -465,7 +466,7 @@ Resources:
 {% endfor %}
 {% endfor %}
 {% endfor %}
-
+{% endif %}
 
   {% if secondary_stack is not defined %}
   Route53User:

ansible/configs/ansible-tower/files/hosts_template.j2

@@ -8,7 +8,7 @@
 support1.{{chomped_zone_internal_dns}}
 
 
-{% if target_regions is defined %}
+{% if worker_instance_count > 0 and target_regions is defined %}
 {%for i_region in target_regions %}
 
 [isolated_group_{{i_region.name}}]
@@ -49,3 +49,11 @@ rabbitmq_use_long_name=true
 {% for host in groups['support'] %}
 {{ host }}  
 {% endfor %}
+
+{% if worker_instance_count > 0 and target_regions is defined %}
+
+[workers]
+{% for host in groups['workers'] %}
+{{ host }}
+{% endfor %}
+{% endif %}

ansible/configs/ansible-tower/sample_vars.yml

@@ -1,16 +1,16 @@
 ---
 cloudformation_retries: 0
 
-## Environment size
-bastion_instance_type: "t2.medium"
+# ## Environment size
+tower_instance_count: 1
+support_instance_count: 1
 tower_instance_type: "t2.medium"
-worker_instance_type: "t2.medium"
 support_instance_type: "t2.medium"
 root_filesystem_size: 20                #Size of the root filesystem
 
 # Env config basics
-env_type: ansble-tower                 # Name of config to deploy
-output_dir: /tmp                # Writable working scratch directory
+env_type: ansible-tower                 # Name of config to deploy
+output_dir: /opt/workdir               # Writable working scratch directory
 email: name@example.com                 # User info for notifications
 
 #guid: hwtest2                          # Unique string used in FQDN
@@ -24,17 +24,64 @@ own_repo_path: http://admin.example.com/repos/product
 # Cloud specfic settings - example given here for AWS
 
 cloud_provider: ec2                     # Which AgnosticD Cloud Provider to use
-aws_region: ap-southeast-2                  # AWS Region to deploy in
+aws_region: ap-southeast-2
 HostedZoneId: Z3IHLWJZOU9SRT            # You will need to change this
 key_name: ocpkey                       # Keyname must exist in AWS
 
 #Ansible Tower related vars 
 
 tower_version: 3.5.0-1                 # tower version you want to install 
-region: apac                           # region can not be with special characters in case of isolated node group
 software_to_deploy: tower              # Define tower to install tower or none to have only infra ready.
-worker: yes                            # Set yes to add isolated node group. 
-worker_instance_count: 1             # Set 0 to not to provision worker(isolated) nodes.
+
+
+
+
+
+#### Worker Node for Isolated Node group
+# worker_instance_type: "t2.medium"
+worker_instance_count: 0              # Set 0 to not to provision worker(isolated) nodes.
+
+## target_region for worker regions
+# target_regions:
+#  - name: emea
+#  - name: apac
+
+default_workloads:
+  - tower-license-injector
+  - cleanup-tower-default
+
+#infra_workloads:
+#  - tower-copy-ssh                  ;;; specific to dark-tower
+#  - tower-settings-update
+#  - tower-pip-packages
+#  - tower-user-create
+#  - tower-org-create
+#  - tower-credential-create
+#  - tower-project-create
+#  - tower-inventory-create
+#  - tower-job-template-create
+#  - tower-babylon-job-runner
+
+
+
+### tower project roles
+tower_projects:
+  - name: darktower-dev
+    description: "babylon dev project"
+    organization: "gpte"
+    scm_url: "https://github.com/redhat-gpte-devopsautomation/dark-tower.git"
+    #scm_type: 
+    #scm_credential: 
+    scm_branch:  dev
+    scm_update_on_launch: true
+
+tower_inventories:
+  - name: empty-inventory-default
+    description: "Empty inventory default"
+    organization: gpte
+    # instance_group: ""
+
+
 
 
 
@@ -54,27 +101,73 @@ worker_instance_count: 1             # Set 0 to not to provision worker(isolated
 #     "trial": true
 #   }
 
-# accounts:                                      #Define users you want to create. Set superuser: yes to make user system wide System Administrator
-#   - user: test1
-#     password: changeme
-#     email: babylon@example.com
-#     firstname: test1
-#     lastname: one
-#     superuser: yes
-#   - user: test2
-#     password: changeme
-#     email: babylon1@example.com
-#     firstname: test2
-#     lastname: two
+tower_user_accounts:                                      #Define users you want to create. Set superuser: yes to make user system wide System Administrator
+  - user: babylon
+    password: changeme
+    email: babylon@example.com
+    firstname: Baby
+    lastname: Lon
+    superuser: yes
+  - user: babylon-viewer
+    password: changeme
+    email: babylon1@example.com
+    firstname: Babylon
+    lastname: Viewer
 #   - user: test3
 #   - user: test4
 #     lastname: four
 
-# tower_organization:
-#   - name: gpte
-#   - name: BU  
 
-target_regions:
-  - name: na
-  - name: emea
-  - name: na
+tower_credentials:
+  - name: babylon-tower-credential
+    username: babylon
+    password: changeme
+    description: Babylon Tower Credential
+    organization: gpte
+    type: tower
+    state: present
+    host: localhost
+
+tower_organization:
+  - name: gpte
+  - name: BU  
+
+tower_job_templates:
+  - name: job-runner-dev
+    description: "babylon job runner"
+    job_type: run
+    #vault_credential: 
+    project: darktower-dev
+    playbook: job-runner.yml
+    become: yes
+    inventory: empty-inventory-default
+
+# Tower settings
+tower_setting_params:
+  AWX_PROOT_BASE_PATH: "/tmp"
+  AWX_PROOT_SHOW_PATHS: "'/var/lib/awx/projects/', '/tmp', '/var/lib/awx/.ssh/'"
+
+# List of virtual environment which will be created
+# restart of tower service is required
+# ansible-tower-service restart
+# https://docs.ansible.com/ansible-tower/latest/html/userguide/security.html
+tower_virtual_environment:
+  - /var/lib/awx/venv/ansible
+
+# Path of Virtual Env for update
+tower_update_venv: /var/lib/awx/venv/ansible
+
+# Pip packages with version which needs to be updated for venv
+pip_requirements:
+  - boto==2.49.0
+  - boto3==1.9.200
+  - awscli==1.16.210
+  - ansible-tower-cli==3.3.6
+
+
+key_local_path:
+    - "~/.ssh/{{key_name}}.pem"
+    - "~/.ssh/opentlc_admin_backdoor.pem"
+
+
+