gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
268 Commits
10 Branches
0 Tags
12 MiB
Jinja 85.6%
Python 7.7%
Groovy 3.6%
Shell 1.6%
Dockerfile 0.9%
Other 0.6%
 
 
 
 
 
 
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '00aacf90c6'
${ noResults }
Go to file
friedrich goerz 00aacf90c6 DEV-280: added wait_for task to to fix broken smardigo-step 'create-server' 4 years ago
ansible-builder DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check 4 years ago
docker/dregsy DEV-173: review/regression/cleanup: connect + wordpress 4 years ago
group_vars DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check 4 years ago
host_vars feat: split management setup into own role (dev) 4 years ago
inventory_plugins bugfix: missing renaming 4 years ago
kubespray@eeeca4a1d0 feat: added hetzner csi plugin 4 years ago
roles DEV-280: added wait_for task to to fix broken smardigo-step 'create-server' 4 years ago
scripts feat: complete qa setup up to smardigo management 4 years ago
smardigo feat: new playbook to manipulate services from portal 4 years ago
tasks DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check 4 years ago
templates DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check 4 years ago
users DEV-220: ssh-key got lost due to abolishing windows... key rotated 4 years ago
.gitignore chore: add kubespray to .gitignore 4 years ago
.gitlab-ci.yml Update .gitlab-ci.yml 4 years ago
.gitmodules kubespray: v2.17.0 -> v2.17.1 4 years ago
README.md DEV-267: added missing dependency roles - found with ansible-lint 4 years ago
ansible.cfg DEV-222 kubernetes setup with ansible 4 years ago
create-database-backup.yml feat: added backups to smardigo portal 4 years ago
create-database.yml DEV-244 feat: added power dns to stage dev 4 years ago
create-realm.yml SMARCH-106: added stuff for multi tenant setup 4 years ago
create-server.yml SMARCH-106: added stuff for multi tenant setup 4 years ago
create-service.yml feat: added backups to smardigo portal 4 years ago
elastic-certs.sh SMARCH-92: split elastic stack services for qa 4 years ago
evil-remove-server.yml DEV-254: added backup/restore playbooks 4 years ago
external_monitoring.yml DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check 4 years ago
galaxy-requirements.yml DEV-267: added missing dependency roles - found with ansible-lint 4 years ago
hcloud_firewall.yml DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check 4 years ago
import-database.yml bugfix: added ansible_ssh_host to smardigo playbooks 4 years ago
info.yml feat: prometheus now uses stage_server_infos (auto discover task) 4 years ago
kubernetes.yml bugfix: missing renaming 4 years ago
pip-requirements DEV-267: added missing dependency roles - found with ansible-lint 4 years ago
poetry.lock Updated cryptography (3.4.7 -> 3.4.8), ansible-core (2.11.3 -> 2.11.4), ansible (4.3.0 -> 4.4.0), hcloud (1.13.0 -> 1.16.0) 4 years ago
provisioning.yml DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check 4 years ago
pyproject.toml feature/postgresql-cluster 4 years ago
remove-database.yml DEV-244 feat: added power dns to stage dev 4 years ago
remove-realm.yml cleanup: consolidation 4 years ago
remove-server.yml chore: removed mighty server removal 4 years ago
remove-service.yml bugfix: deleting dns entries for service wordpress 4 years ago
restore-database-backup.yml feat: added backups to smardigo portal 4 years ago
setup.yml feat: added tag upgrade to playbook setup 4 years ago
smardigo.yml DEV-244 feat: added power dns to stage dev 4 years ago
stage-dev DEV-244 feat: added power dns to stage dev 4 years ago
stage-digitalocean DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check 4 years ago
stage-netgo-hcloud.yml DEV-231: Pagination für dynamisches Inventory fehlt 4 years ago
stage-qa DEV-244 feat: added power dns to stage dev 4 years ago
update-monitoring.yml bugfix/cleanup 4 years ago
update-service-state.yml feat: new playbook to manipulate services from portal 4 years ago
update-ssh-config-file.yml feat: added parameter to local ssh config update 4 years ago
upload-database-dumb.yml bugfix: added ansible_ssh_host to smardigo playbooks 4 years ago

README.md

Prepare ansible Installation

Install needed python pip packages

pip3 install -r pip-requirements

Install needed ansible collections / roles

ansible-galaxy install -r galaxy-requirements.yml

Setup

Create/Start servers for stage-dev

ansible-playbook -i stage-dev provisioning.yml --vault-password-file ~/vault-pass
ansible-playbook -i stage-dev start.yml --vault-password-file ~/vault-pass
ansible-playbook -i stage-dev stop.yml --vault-password-file ~/vault-pass

with Poetry prefix with poetry run

Provisioning

ansible-playbook -i stage-dev setup.yml --vault-password-file ~/vault-pass -u root
ansible-playbook dynamic-provisioning.yml  --vault-password-file ~/vault-pass -e "stage=dev name=test node=01 service=connect"

with Poetry prefix with poetry run

Setup Smardigo Service

Setup/Configure a Server, Database, Realm (keycloak) and Smardigo
ansible-playbook create-server.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev'"
ansible-playbook create-database.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev'"
ansible-playbook create-realm.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev' current_realm_name='sken' current_realm_display_name='S-K-E-N'"
ansible-playbook create-service.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev' current_realm_name='sken' current_realm_display_name='S-K-E-N'"

with Poetry prefix with poetry run

Remove Smardigo Service

Remove a Server, Database, Realm (keycloak) and Smardigo
ansible-playbook remove-server.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev'"

with Poetry prefix with poetry run

ansible-builder

AWX is used in smardigo setup do execute several playbooks due to user interaction within smardigo product. To finish ansible runs successfully we have to make sure every ansible dependency(ansible collection/role or pip package) is installed. therefore ansible-builder gave us the opportunity to configure the needed environment to exec plays successfully.

before every git-merge depending on changes concerning new ansible collections/roles and/or new pip-packages, please run the following:

cd ansible-builder/
ansible-builder build --tag awx-custom-ee:latest --container-runtime docker

hopefully it will result in e.g.:

cd ansible-builder/
ATTENTION: to get more information plz set --verbosity 3	
ansible-builder build --tag awx-custom-ee:latest --container-runtime docker
Running command:
  docker build -f context/Dockerfile -t awx-custom-ee:latest context

Complete! The build context can be found at: /home/friedrich/sandbox/netgo_stuff/hetzner-ansible/ansible-builder/context

real	2m56,131s
user	0m0,208s
sys	0m0,102s`

you can start the docker container locally with e.g. : docker run -it --rm --mount type=bind,source="$(pwd)"/,target=/gitrepo/ awx-custom-ee:latest /bin/bash

after it, you are able to exec some ansbible-runs like: (please solve dependencies before starting to docker container) cd /gitrepo ansible-playbook -i stage-digitalocean external_monitoring.yml --ask-vault-password -u root --private-key sshkey_pw_less

export HETZNER_LABEL_SELECTOR='stage=dev'
ansible-playbook -i stage-netgo-hcloud.yml -l redis smardigo.yml --ask-vault-password  -u root --private-key sshkey_pw_less

if everything works fine, plz push the created docker container with:

docker login dev-docker-registry-01.smardigo.digital
docker tag XXXXXXXX dev-docker-registry-01.smardigo.digital/awx/awx-custom-ee:latest
docker push dev-docker-registry-01.smardigo.digital/awx/awx-custom-ee

TODO

IPFire 149.233.6.129 - eShelter 212.121.131.106 - Siemensdamm

Prometheus curl -X POST https://{{ prometheus-url }}/-/reload

Prometheus (Grafana) docker exec -i df4d6b176f5e sh -c 'grafana-cli plugins install grafana-piechart-panel' docker restart df4d6b176f5e

AWX -> /etc/kubernetes/k9s wget https://github.com/derailed/k9s/releases/download/v0.24.14/k9s_Linux_x86_64.tar.gz tar -xzf k9s_*.tar.gz -C . ln -s /etc/kubernetes/k9s/k9s /usr/bin/k9s kubectl taint nodes --all node-role.kubernetes.io/master-

Wordpress Database Dump ansible-playbook upload-database-dumb.yml -e "cluster_services_str='connect,connect_wordpress' stage='dev' upload_file="smardigo/wordpress_portal.sql.gz""