-
Notifications
You must be signed in to change notification settings - Fork 2
/
rhpds_bastion_setup.yaml
executable file
·96 lines (90 loc) · 3.88 KB
/
rhpds_bastion_setup.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#!/usr/bin/env ansible-playbook
---
- name: "RHPDS: Bastion Setup"
hosts: localhost
connection: local
gather_facts: True
vars_files:
- configuration.yaml
- credentials.yaml
vars:
cloudforms_api_url: "{{ rhpds_api_url }}"
pre_tasks:
- name: "Parameter: username"
fail: msg="username is not defined or is empty"
when: username is not defined or username is none
tags: [ always ]
- name: "Parameter: password"
fail: msg="password is not defined or is empty"
when: password is not defined or password is none
tags: [ always ]
roles:
- role: cloudforms_login
- role: cloudforms_check_existing_service
- role: cloudforms_fetch_custom_attributes_rhpds
- role: bastion_init
- name: Updating .ssh/config to easy access
hosts: personal_hosts,localhost
gather_facts: True
vars:
target_host_name: "{{ hostvars['localhost']['target_host_name'] }}"
roles:
- role: bastion_ssh_config
bastion_pattern: "bastion\\.[0-9a-z]{1,4}\\.sandbox\\d{1,4}\\.opentlc.com"
- name: Setting up bastion
hosts: openshift_bastion
gather_facts: True
become: True
vars:
client_directory: "{{ ansible_env.HOME }}/k8s/client"
runtime_directory: "{{ ansible_env.HOME }}/k8s/runtime"
vars_files:
- credentials.yaml
pre_tasks:
- name: Inserting public key into /root/.ssh/authorized_keys
copy: dest=/root/.ssh/authorized_keys content={{ hostvars['localhost']['public_key'] }}
roles:
- install_epel_release
# - install_docker_ce
- install_dotnet
# - install_git2
# - role: variables
# # env: "JAVA_HOME={{ runtime_directory }}/java MAVEN_HOME={{ client_directory }}/maven GRADLE_HOME={{ client_directory }}/gradle"
# env: "GRADLE_HOME={{ client_directory }}/gradle"
# executable_directory: "${JAVA_HOME}/bin:${MAVEN_HOME}/bin:${GRADLE_HOME}/bin"
# tags: [ java, maven, gradle ]
# Java and Maven is disabled as Oracle change the authentication mechanism to download Java
# - role: install_fetch_targz
# download_page: "https://www.oracle.com/java/technologies/javase/javase-jdk8-downloads.html"
# download_suffix: "http://download.oracle.com/otn-pub/java/jdk/"
# download_pattern: "(8u\\d{3}-.{3}\\/.{32}\\/jdk-8u\\d{3}-linux-x64.tar.gz)"
# application: "java"
# headers: {"Cookie":"oraclelicense=accept-securebackup-cookie"}
# directory: "{{ runtime_directory }}"
# tags: [ java ]
# - role: install_fetch_targz
# download_page: "http://maven.apache.org/download.cgi"
# download_suffix: "http://mirror.nbtelecom.com.br/apache/maven/"
# download_pattern: "maven-\\d\/\\d.\\d.\\d\/binaries\/(apache-maven-\\d.\\d.\\d-bin.tar.gz)"
# application: "maven"
# directory: "{{ client_directory }}"
# tags: [ maven ]
# - role: install_targz
# application: "gradle"
# extension: "zip"
# directory: "{{ client_directory }}"
# url: "https://downloads.gradle-dn.com/distributions/gradle-6.3-bin.zip"
# tags: [ gradle ]
tasks:
- name: Installing "screen" for background tasks
dnf: name="screen" state=present
- name: "Cloning scripts to handle OSSM daily operations"
git: repo=https://github.com/maltron/k8scripts.git dest=/root/k8scripts
- name: "Cloning Basic Application for Service Mesh: 3Services"
git: repo=https://github.com/maltron/3services.git dest=/root/3services
- name: Running 3services application in the background
hosts: localhost
gather_facts: false
tasks:
- name: "Running a sample application on Service Mesh in the background: screen -x"
command: "ssh -o StrictHostKeyChecking=no bastion \"screen -dmS one bash -c 'cd /root/3services; ../k8scripts/ossm/ossm_new_project.sh one; scripts/deploy.sh; oc expose service/microservice-a; scripts/loop_microservice-a.sh'\""