forked from RedHatSatellite/satellite-clone
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.yml
248 lines (204 loc) · 9.48 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
---
- include: pre_install_check.yml
when: run_pre_install_check
- name: check satellite version from the config files
command: tar zxf {{ backup_dir }}/config_files.tar.gz etc/foreman-installer/scenarios.d/satellite-answers.yaml --to-stdout
register: satellite_answers
ignore_errors: true
no_log: true
- name: setting fact - satellite_answers
set_fact:
clone_satellite_answers: "{{ (satellite_answers.rc | int) == 0 }}"
cacheable: true
- name: set satellite_version to 6.2 if satellite_answers.yaml exists
set_fact:
satellite_version: 6.2
cacheable: true
when: clone_satellite_answers
- name: set satellite_version to 6.1 if satellite_answers.yaml does not exist
set_fact:
satellite_version: 6.1
cacheable: true
when: not clone_satellite_answers
- include: backup_check.yml
# Identify hostname from backup config file
- name: Identify the hostname from the backup config tar file
shell: tar zxf {{ backup_dir }}/config_files.tar.gz etc/foreman-proxy/settings.yml --to-stdout | grep foreman_url |sed 's#.*/##'
register: backup_hostname
- name: setting fact - hostname
set_fact:
hostname: "{{ backup_hostname.stdout }}"
cacheable: true
- name: Check that the hostname is not none
fail: msg="Unable to derive Satellite hostname from the backup config file - value ({{ hostname }}) doesn't look right"
when: backup_hostname.stderr
- name: Check that mandatory variables are updated
fail: msg="Please update the variables in /etc/satellite-clone/satellite-clone-vars.yml"
when: ((activationkey == "changeme") or (org == "changeme")) and register_to_portal
# Register/subscribe the VM
- name: register host
command: subscription-manager register --force --activationkey={{ activationkey }} --org {{ org }}
when: register_to_portal
- name: disable all repos
command: subscription-manager repos --disable "*"
when: register_to_portal
- name: Enable required repos
command: subscription-manager repos --enable rhel-{{ ansible_distribution_major_version }}-server-rpms --enable rhel-server-rhscl-{{ ansible_distribution_major_version }}-rpms --enable rhel-{{ ansible_distribution_major_version }}-server-satellite-{{ satellite_version }}-rpms
when: register_to_portal
# Install libselinux package
- name: Ensure libselinux-python package is present (required by ansible)
yum: name=libselinux-python state=latest
# Remove EPEL as it causes problems for the Satellite installer
- name: Remove epel
yum_repository:
name: epel
state: absent
- name: Clean yum info
command: yum clean all
# turn off firewall
- name: turn off firewalld - rhel7
service: name=firewalld enabled=no state=stopped
when: ansible_distribution_major_version == "7" and disable_firewall
- name: turn off firewall - rhel6
command: "{{ item }}"
when: ansible_distribution_major_version == "6" and disable_firewall
with_items:
- service iptables stop
- chkconfig iptables off
# Update hostname
- name: set host_name
hostname: name={{ hostname }}
- name: check /etc/hostname
lineinfile: dest=/etc/hostname line={{ hostname }}
when: ansible_distribution_major_version == "7"
- name: create /etc/hosts
template: src=hosts.j2 dest=/etc/hosts
# Install Satellite packages
- name: Install Satellite 6.1 packages
yum: name=katello state=latest
when: satellite_version == 6.1
- name: Install Satellite 6.2 packages
yum: name=satellite state=latest
when: satellite_version == 6.2
# The postgres user is created after installing postgresql packages, so
# we perform this owner/group change at this point rather than earlier
- name: change owner of backup directory to postgres
file:
path: "{{ backup_dir }}"
owner: postgres
group: postgres
recurse: yes
- name: test foreman.dump file is readable by postgres user
command: "test -r {{ backup_dir }}/foreman.dump"
become: yes
become_user: postgres
register: access_foreman_dump
ignore_errors: yes
when: foreman_dump.stat.exists
- name: setting fact - access_foreman_dump
set_fact:
clone_access_foreman_dump: "{{ access_foreman_dump | failed }}"
cacheable: true
- name: test candlepin.dump file is readable by postgres user
command: "test -r {{ backup_dir }}/candlepin.dump"
become: yes
become_user: postgres
register: access_candlepin_dump
ignore_errors: yes
when: candlepin_dump.stat.exists
- name: setting fact - access_candlepin_dump
set_fact:
clone_access_candlepin_dump: "{{ access_candlepin_dump | failed }}"
cacheable: true
- name: fail if postgres user doesn't have access to files
fail:
msg: >
The postgres user does not have access to the files in {{ backup_dir }}.
Please move the backup directory to a different directory with the correct
permissions. Avoid using /root.
when: foreman_dump and candlepin_dump and (clone_access_foreman_dump or clone_access_candlepin_dump)
# Workaround for Issue #72 - satellite-clone playbook fails if /etc/katello-installer isn't present.
- name: Create /etc/katello-installer folder
file: path=/etc/katello-installer state=directory mode=0755
when: satellite_version == 6.2
# Restore Config
- name: untar config files (for cloning only)
command: tar --selinux --overwrite -xf {{ backup_dir }}/config_files.tar.gz -C /
when: not rhel_migration
- name: untar config files (for migration only)
# rhel7's /etc/httpd/conf.d/passenger.conf is not backward compatible with rhel6
command: tar --selinux --overwrite -xf {{ backup_dir }}/config_files.tar.gz --exclude=etc/httpd/conf.d/passenger.conf -C /
when: rhel_migration
- name: Restore selinux context on the filesystem
command: restorecon -R /
when: restorecon
# Run Satellite installer
- name: run Satellite 6.1 installer
command: katello-installer --capsule-dns false --capsule-dhcp false --capsule-tftp false
when: satellite_version == 6.1
- name: run Satellite 6.2 installer
command: satellite-installer --scenario satellite --foreman-proxy-dns false --foreman-proxy-dhcp false --foreman-proxy-tftp false
when: satellite_version == 6.2
- block:
# restore backup data
- include: restore.yml
- name: Restart katello-service
command: katello-service start
# We don't use pause module here because it displays a prompt
# to use ctrl+c which would break out of a production script.
- name: Wait for foreman-tasks service to start
command: sleep 300
- name: Get candlepin credentials
command: sed -n -e 's/^.*myDS.password=//p' /etc/candlepin/candlepin.conf
register: candlepin_password
- set_fact:
clone_candlepin_password: "{{ candlepin_password.stdout }}"
cacheable: true
- name: Migrate candlepin db
command: "/usr/share/candlepin/cpdb --update -p {{ clone_candlepin_password }}"
- name: Cleanup paused tasks
command: foreman-rake foreman_tasks:cleanup TASK_SEARCH='label ~ *' STATES='paused' VERBOSE=true AFTER='0h' VERBOSE=true
when: satellite_version == 6.2
- name: Run installer upgrade (satellite 6.2 only)
command: satellite-installer --upgrade
when: satellite_version == 6.2
- name: Test Satellite
command: hammer ping
- name: Reset admin password
command: foreman-rake permissions:reset password=changeme
- name: update katello assets
file: src=/opt/rh/ruby193/root/usr/share/gems/gems/katello-2.2.0.93/public/assets/katello dest=/usr/share/foreman/public/assets/katello
when: satellite_version == 6.1
- name: update katello bastion assets
file: src=/opt/rh/ruby193/root/usr/share/gems/gems/katello-2.2.0.93/public/assets/bastion_katello dest=/usr/share/foreman/public/assets/bastion_katello
when: satellite_version == 6.1
- include: reset_pulp_data.yml
when: not clone_pulp_data_exists and not online_backup
- name: Run katello reindex for satellite 6.1 - Note that this might take hours
command: foreman-rake katello:reindex --trace
when: run_katello_reindex or not clone_pulp_data_exists and satellite_version == 6.1
- name: Run katello reimport for satellite 6.2 - Note that this might take hours
command: foreman-rake katello:reimport --trace
when: run_katello_reindex or not clone_pulp_data_exists and satellite_version == 6.2
- name: Disassociate capsules with lifecycle environments (to avoid the cloned Satellite server talking with live capsules)
script: disassociate_capsules.rb
register: disassociate_capsules
- name: set fact - disassociate_capsules
set_fact:
clone_disassociate_capsules: "{{ disassociate_capsules.stdout }}"
cacheable: true
- name: copy disassociate_capsules.rb output
local_action: copy content={{ clone_disassociate_capsules }} dest={{ playbook_dir }}/logs/reassociate_capsules.txt
- debug:
msg: "****NOTE**** Your Satellite's hostname is updated to match the original Satellite
****NOTE**** Your Satellite's password is updated to changeme"
rescue:
# After the installer runs, if there is an error, we want to disassociate capsules from lifecycle environments.
# This is to prevent the clone trying to sync with existing original capsules. We do this with SQL in case
# hammer is not able to execute a command.
- name: Disassociate capsules from lifecycle environments to avoid communication with production capsules
command: psql foreman -c "delete from katello_capsule_lifecycle_environments where capsule_id in (select smart_proxy_id from features_smart_proxies where feature_id = (select id from features where features.name = 'Pulp Node'));"
become_user: postgres
become: true
- fail:
msg: "Something went wrong! Please check the output above for more information."