Permalink
Fetching contributors…
Cannot retrieve contributors at this time
134 lines (118 sloc) 4.33 KB
---
- name: Deploy the DNS servers
hosts: localhost
connection: local
become: no
gather_facts: no
vars:
stack_name: dns-service
domain_name: example.com
flavor: m1.small
slave_count: 3
slave_server_group_policies: ['anti-affinity']
contact: admin@{{ domain_name }}
tasks:
- name: Check whether the stack exists already
command: "openstack stack show {{ stack_name }}"
ignore_errors: yes
register: stack_check
- name: Create the Heat Stack
os_stack:
name: "{{ stack_name }}"
template: heat/dns_service.yaml
parameters:
domain_name: "{{ domain_name }}"
external_network: "{{ external_network }}"
ssh_key_name: "{{ ssh_key_name }}"
dns_forwarders: "{{ dns_forwarders }}"
image: "{{ image }}"
flavor: "{{ flavor }}"
slave_count: "{{ slave_count }}"
slave_server_group_policies: "{{ slave_server_group_policies }}"
register: stack_output
when: stack_check.rc != 0
- name: Register stack output
command: >
openstack stack output show -f value -c output_value
{{ stack_name }} ip_address
register: stack_output_raw
- set_fact:
# Need "safe" to create an Ansible safe dictionary object.
stack_output: "{{ stack_output_raw.stdout|safe }}"
- name: Add the master to the inventory
add_host:
name: "{{ stack_output.master.address }}"
groups: masters,bind
zone: "{{ domain_name }}"
domain_name: "{{ domain_name }}"
masters: [" {{ stack_output.master.name }} "]
forwarders: "{{ dns_forwarders }}"
contact: "{{ contact }}"
nameservers: "{{ [stack_output.master] + stack_output.slaves }}"
ansible_user: "{{ ssh_user }}"
- name: Add the slaves to the inventory
add_host:
name: "{{ item.address }}"
groups: slaves,bind
zone: "{{ domain_name }}"
domain_name: "{{ domain_name }}"
masters: ["{{ stack_output.master.name }}"]
forwarders: "{{ dns_forwarders }}"
contact: "{{ contact }}"
nameservers: "{{ [stack_output.master] + stack_output.slaves }}"
ansible_user: "{{ ssh_user }}"
with_items: "{{ stack_output.slaves }}"
- name: Wait for the deployed servers
wait_for:
host: "{{ item }}"
port: 22
with_items: "{{ groups['all'] }}"
# NOTE(shadower): This is necessary until we switch to Ansible 2.3,
# which has the `wait_for_connection` module for this exact purpose.
# https://docs.ansible.com/ansible/wait_for_connection_module.html
- name: Verify the servers can be SSHd into
command: >
{{ansible_ssh_executable}} {{ansible_ssh_common_args}}
{% if ansible_ssh_private_key_file|default(None) %}
-i {{ ansible_ssh_private_key_file }}
{% endif %}
-oBatchMode=yes
-o 'StrictHostKeyChecking no' -o 'UserKnownHostsFile /dev/null'
-p {{ansible_port|default(22)}} {{ssh_user}}@{{ item }} /bin/true
register: result
retries: 10
delay: 1
until: result.rc == 0
with_items: "{{ groups['all'] }}"
- hosts: all
become: true
tasks:
- name: Install Satellite CA certificate
yum:
name: "http://{{ rhsm_satellite }}/pub/katello-ca-consumer-latest.noarch.rpm"
state: present
when: rhsm_satellite | default
- name: Subscribe to Satellite with activation key and auto-attach
redhat_subscription:
autosubscribe: true
server_hostname: "{{ rhsm_satellite | default(None) }}"
org_id: "{{ rhsm_org_id | default(None) }}"
activationkey: "{{ rhsm_activation_key }}"
when: rhsm_activation_key | default
- name: Subscribe to RHSM and auto-attach
redhat_subscription:
username: "{{ rhn_username | default(None) }}"
password: "{{ rhn_password | default(None) }}"
autosubscribe: true
server_hostname: "{{ rhsm_satellite | default(None) }}"
org_id: "{{ rhsm_org_id | default(None) }}"
when: rhn_username|default and rhn_password|default and rhn_pool|default == ""
- name: Subscribe to RHSM and attach a pool
redhat_subscription:
username: "{{ rhn_username }}"
password: "{{ rhn_password }}"
pool_ids: ["{{ rhn_pool }}"]
server_hostname: "{{ rhsm_satellite|default(None) }}"
org_id: "{{ rhsm_org_id|default(None) }}"
when: rhn_username|default and rhn_password|default and rhn_pool|default
- include: ansible/bind-server.yml