From 6571622662f9e2e1077f0aa5cd8030c5e9588eab Mon Sep 17 00:00:00 2001 From: "Gordon, Alexander" Date: Tue, 5 Oct 2021 08:42:26 +0000 Subject: [PATCH] feat: remove_server playbook --- README.md | 7 ++ create-server.yml | 2 + create-service.yml | 5 ++ remove-server.yml | 93 +++++++++++++++++++++++ roles/_digitalocean/tasks/_remove_dns.yml | 56 ++++++++++++++ roles/_digitalocean/tasks/domain.yml | 55 -------------- roles/hcloud/defaults/main.yml | 2 + roles/hcloud/tasks/_set_server_state.yml | 14 ++++ roles/hcloud/tasks/main.yml | 16 +--- 9 files changed, 183 insertions(+), 67 deletions(-) create mode 100644 remove-server.yml create mode 100644 roles/_digitalocean/tasks/_remove_dns.yml create mode 100644 roles/hcloud/tasks/_set_server_state.yml diff --git a/README.md b/README.md index bca92ca..103152d 100644 --- a/README.md +++ b/README.md @@ -54,6 +54,13 @@ Create/Start servers for stage-dev > with Poetry prefix with `poetry run` +# Remove Smardigo Service + Remove a Server, Database, Realm (keycloak) and Smardigo + ansible-playbook remove-server.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev'" + + +> with Poetry prefix with `poetry run` + # TODO IPFire diff --git a/create-server.yml b/create-server.yml index e752b06..3fde56d 100644 --- a/create-server.yml +++ b/create-server.yml @@ -82,6 +82,8 @@ roles: - role: hcloud + + ############################################################# # Setup servers for created inventory ############################################################# diff --git a/create-service.yml b/create-service.yml index e19feff..04462b0 100644 --- a/create-service.yml +++ b/create-service.yml @@ -58,6 +58,11 @@ with_items: "{{ cluster_services }}" when: item in ['connect_wordpress'] + - name: Remove hosts + hosts: "{{ stage }}-{{ tenant_id }}-{{ cluster_name }}-01" + tasks: + - meta: refresh_inventory + ############################################################# # Setup services for created inventory ############################################################# diff --git a/remove-server.yml b/remove-server.yml new file mode 100644 index 0000000..0b75655 --- /dev/null +++ b/remove-server.yml @@ -0,0 +1,93 @@ +--- + +# Parameters: +# playbook inventory +# stage := the type of the stage (e.g. dev, int, qa, prod) +# tenant_id := (unique key for the tenant, e.g. customer) +# cluster_name := (business name for the cluster, e.g. product, department ) +# cluster_size := (WIP node count for the cluster) +# cluster_services := (services to setup, e.g. ['connect', 'wordpress', ...]) +# smardigo message callback +# scope_id := (scope id of the management process) +# process_instance_id := (process instance id of the management process) +# smardigo_management_action := (smardigo management action anme of the management process) + +# Es wurde ein neues Playbook erstellt "remove_server", die für das löschen eines Servers zuständig ist. +# Es wurde eine Variable server_state initialisiert mir dem Defaultwert "present". +# Falls der Server gelöscht werden soll wird die variable in Playbook auf "absent" gesetzt +# Der Task "_set_server_state" prüft den Status und fährt den Server runter oder hoch anhand dem Wert der variable "server_state" + + + +############################################################# +# Creating inventory dynamically for given parameters +############################################################# + +- hosts: localhost + connection: local + gather_facts: false + + pre_tasks: + - name: "Check if ansible version is at least 2.10.x" + assert: + that: + - ansible_version.major >= 2 + - ansible_version.minor >= 10 + msg: "The ansible version has to be at least ({{ ansible_version.full }})" + + tasks: + - name: Add hosts + add_host: + name: "{{ stage }}-{{ tenant_id }}-{{ cluster_name }}-{{ '%02d' | format(item|int) }}" + groups: + - "stage_{{ stage }}" + - "{{ cluster_service }}" + with_sequence: start=1 end={{ cluster_size | default(1) }} + changed_when: False + +############################################################# +# Delete and DNS servers for created inventory +############################################################# + +- hosts: "stage_{{ stage }}" + serial: "{{ serial_number | default(5) }}" + gather_facts: false + + pre_tasks: + - name: "Delete server <{{ inventory_hostname }}>" + include_role: + name: hcloud + tasks_from: _set_server_state + vars: + - server_state: "absent" + + - name: "Delete DNS entry <{{ inventory_hostname }}> for <{{ domain }}>" + include_role: + name: _digitalocean + tasks_from: _remove_dns + +############################################################# +# Sending smardigo management message to process +############################################################# + +- hosts: "stage_{{ stage }}" + serial: "{{ serial_number | default(1) }}" + connection: local + gather_facts: false + run_once: true + + post_tasks: + - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>" + uri: + url: "{{ smardigo_management_url }}" + method: POST + body_format: json + body: "{{ lookup('template','smardigo-management-message.json.j2') }}" + headers: + accept: "*/*" + Content-Type: "application/json" + Smardigo-User-Token: "{{ smardigo_management_token }}" + status_code: [200] + retries: 5 + delay: 5 + delegate_to: 127.0.0.1 diff --git a/roles/_digitalocean/tasks/_remove_dns.yml b/roles/_digitalocean/tasks/_remove_dns.yml new file mode 100644 index 0000000..8cde1d1 --- /dev/null +++ b/roles/_digitalocean/tasks/_remove_dns.yml @@ -0,0 +1,56 @@ +--- + +- name: "Read DNS entry for <{{ inventory_hostname }}.{{ domain }}> from digitalocean" + uri: + url: "https://api.digitalocean.com/v2/domains/{{ domain }}/records?name={{ inventory_hostname }}.{{ domain }}" + headers: + accept: application/json + authorization: "Bearer {{ digitalocean_authentication_token }}" + return_content: yes + register: domain_records_response + delegate_to: 127.0.0.1 + become: false + tags: + - update_dns + +- name: "Save DNS entry as variable (fact)" + set_fact: + domain_records_response_json: "{{ domain_records_response.json }}" + delegate_to: 127.0.0.1 + become: false + tags: + - update_dns + +- name: "Parse DNS entry for <{{ inventory_hostname }}.{{ domain }}>" + set_fact: + domain_record: "{{ domain_records_response_json.domain_records | json_query(jmesquery) | first | default({'name': '-', 'ip': '-'}) }}" + vars: + jmesquery: '[*].{id: id, name: name, ip: data}' + delegate_to: 127.0.0.1 + become: false + tags: + - update_dns + +- name: Print DNS entry for <{{ inventory_hostname }}.{{ domain }}> + debug: + msg: "{{ domain_record }}" + delegate_to: 127.0.0.1 + become: false + tags: + - update_dns + +- name: "Delete DNS entry <{{ inventory_hostname }}> for <{{ domain }}>" + uri: + method: DELETE + url: "https://api.digitalocean.com/v2/domains/{{ domain }}/records/{{ domain_record.id }}" + headers: + authorization: Bearer {{ digitalocean_authentication_token }} + return_content: yes + status_code: 204 + when: + domain_record.ip != '-' + and inventory_hostname != domain_record.ip + delegate_to: 127.0.0.1 + become: false + tags: + - update_dns diff --git a/roles/_digitalocean/tasks/domain.yml b/roles/_digitalocean/tasks/domain.yml index 3817fc9..37ac373 100644 --- a/roles/_digitalocean/tasks/domain.yml +++ b/roles/_digitalocean/tasks/domain.yml @@ -1,60 +1,5 @@ --- -- name: Read DNS entry for {{ record_name }}.{{ domain }} from digitalocean - uri: - url: "https://api.digitalocean.com/v2/domains/{{ domain }}/records?name={{ record_name }}.{{ domain }}" - headers: - accept: application/json - authorization: Bearer {{ digitalocean_authentication_token }} - return_content: yes - register: domain_records_response - delegate_to: 127.0.0.1 - become: false - tags: - - update_dns - -- name: Save DNS entry as variable (fact) - set_fact: - domain_records_response_json: "{{ domain_records_response.json }}" - delegate_to: 127.0.0.1 - become: false - tags: - - update_dns - -- name: Parse DNS entry for {{ record_name }}.{{ domain }} - set_fact: - domain_record: "{{ domain_records_response_json.domain_records | json_query(jmesquery) | first | default({'name': '-', 'ip': '-'}) }}" - vars: - jmesquery: '[*].{id: id, name: name, ip: data}' - delegate_to: 127.0.0.1 - become: false - tags: - - update_dns - -- name: Print DNS entry for {{ record_name }}.{{ domain }} - debug: - msg: "{{ domain_record }}" - delegate_to: 127.0.0.1 - become: false - tags: - - update_dns - -- name: Delete DNS entry for <{{ record_data }}:{{ record_name }}> if necessary - uri: - method: DELETE - url: "https://api.digitalocean.com/v2/domains/{{ domain }}/records/{{ domain_record.id }}" - headers: - authorization: Bearer {{ digitalocean_authentication_token }} - return_content: yes - status_code: 204 - when: - domain_record.ip != '-' - and record_data != domain_record.ip - delegate_to: 127.0.0.1 - become: false - tags: - - update_dns - - name: Create DNS entry for <{{ record_name }}> if necessary uri: method: POST diff --git a/roles/hcloud/defaults/main.yml b/roles/hcloud/defaults/main.yml index ed97d53..2c29f1f 100644 --- a/roles/hcloud/defaults/main.yml +++ b/roles/hcloud/defaults/main.yml @@ -1 +1,3 @@ --- + +server_state: "present" diff --git a/roles/hcloud/tasks/_set_server_state.yml b/roles/hcloud/tasks/_set_server_state.yml new file mode 100644 index 0000000..a459402 --- /dev/null +++ b/roles/hcloud/tasks/_set_server_state.yml @@ -0,0 +1,14 @@ +--- + +- name: "Checking state for server <{{ inventory_hostname }}> is <{{ server_state }}>" + hetzner.hcloud.hcloud_server: + api_token: "{{ hetzner_authentication_token }}" + name: "{{ inventory_hostname }}" + server_type: "{{ hetzner_server_type }}" + image: "{{ hetzner_server_image }}" + ssh_keys: "{{ hetzner_ssh_keys }}" + labels: "{{ hetzner_server_labels }}" + location: nbg1 + state: "{{ server_state }}" + delegate_to: 127.0.0.1 + become: false \ No newline at end of file diff --git a/roles/hcloud/tasks/main.yml b/roles/hcloud/tasks/main.yml index 54ff459..82ad5bc 100644 --- a/roles/hcloud/tasks/main.yml +++ b/roles/hcloud/tasks/main.yml @@ -4,18 +4,10 @@ ### update_dns ### update_networks -- name: "Checking present state for server {{ inventory_hostname }}" - hetzner.hcloud.hcloud_server: - api_token: "{{ hetzner_authentication_token }}" - name: "{{ inventory_hostname }}" - server_type: "{{ hetzner_server_type }}" - image: "{{ hetzner_server_image }}" - ssh_keys: "{{ hetzner_ssh_keys }}" - labels: "{{ hetzner_server_labels }}" - location: nbg1 - state: present - delegate_to: 127.0.0.1 - become: false +- name: "Checking state of server for <{{ inventory_hostname }}>" + include_role: + name: hcloud + tasks_from: _set_server_state - name: "Gathering current server infos from hetzner" hcloud_server_info: