gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1,136 Commits
10 Branches
0 Tags
12 MiB
Jinja 85.6%
Python 7.7%
Groovy 3.6%
Shell 1.6%
Dockerfile 0.9%
Other 0.6%
 
 
 
 
 
 
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '12f4eb5ad4'
${ noResults }
Go to file
Michael Haehnel 12f4eb5ad4
NOTICKET: Remove obsolete qanso stage 		1 year ago
ansible-builder chore: added tar to awx ee image 2 years ago
group_vars NOTICKET: Remove obsolete qanso stage 1 year ago
host_vars Add ssh keys 2 years ago
inventory_plugins Dev 1143 ssp stage 2 years ago
kubespray@08467ad6b3 DEV-1080 Change default Kibana hostname to k8s hosted service 2 years ago
library DEV-1213 Add external (sub)domain oes.netgo.de 2 years ago
roles NOTICKET: Remove obsolete qanso stage 1 year ago
scripts chore: management update to 11.1 2 years ago
smardigo adjusted timing for backup 2 years ago
tasks DEV-1309 Hotfix 2 years ago
templates NOTICKET: Remove obsolete qanso stage 1 year ago
users NOTICKET: Add User and pubkey for Sebastian SChroeder #2 1 year ago
.gitignore DEV-1197 Open hcloud fw port tcp/443 for prodnso-nsointern-nsoprod-01 2 years ago
.gitlab-ci.yml NOTICKET: Remove obsolete qanso stage 1 year ago
.gitmodules Feature/dev 927 3 years ago
README.md Dev-997: provisioning galaxy role 3 years ago
ansible-lint.cfg chore: ansible linter 3 years ago
ansible.cfg Feature/dev 930 3 years ago
awx.yml DEV-1028 extracted constraint checks into own task 3 years ago
create-remote-database-backup.yml DEV-1114 rename stage: dev to devnso 3 years ago
elastic-certs.sh DEV-1114 rename stage: dev to devnso 3 years ago
evil-remove-server.yml bugfix: constraint checks 3 years ago
galaxy-requirements.yml Update Ansible collection docker 2 years ago
gitlab-mirrors.yml DEV-1114 rename stage: dev to devnso 3 years ago
gitlab.clone.k8s-clusters.sh NOTICKET: Remove obsolete qanso stage 1 year ago
gitlab.clone.roles.sh DEV-999: alle rollen innerhalb von setup ausgelagert 3 years ago
hcloud_firewall.yml DEV-1161 added cockpit vm to demostage 2 years ago
hetzner_ssh_keys.yml DEV-837 k8s bootstrap: added creation of load balancer and dns record 3 years ago
initialize-stage.yml chore: management update to 11.1 2 years ago
kubernetes.yml bugfix: constraint checks 3 years ago
patchday.yml FIX: Upgrade to docker-compose_v2 in patchday.yml 2 years ago
pip-requirements Feature/dev 829 - ansible version updaten 3 years ago
pmci-callback.yml Bugfix/MPMXKD-23 2 years ago
pmci-database-backup-create.yml Bugfix/MPMXKD-23 2 years ago
pmci-database-backup-import.yml Bugfix/MPMXKD-23 2 years ago
pmci-database-backup-restore.yml Bugfix/MPMXKD-23 2 years ago
pmci-database-create.yml Bugfix/MPMXKD-23 2 years ago
pmci-database-delete.yml Bugfix/MPMXKD-23 2 years ago
pmci-empty-playbook.yml Bugfix/MPMXKD-23 2 years ago
pmci-inventory-cluster.yml Bugfix/MPMXKD-23 2 years ago
pmci-inventory-database.yml Bugfix/MPMXKD-23 2 years ago
pmci-kibana-create-objects.yml Bugfix/MPMXKD-23 2 years ago
pmci-monitoring-update.yml Bugfix/MPMXKD-23 2 years ago
pmci-realm-client-create.yml Bugfix/MPMXKD-23 2 years ago
pmci-realm-client-delete.yml Bugfix/MPMXKD-23 2 years ago
pmci-server-create.yml Bugfix/MPMXKD-23 2 years ago
pmci-server-delete.yml Bugfix/MPMXKD-23 2 years ago
pmci-service-create.yml Bugfix/MPMXKD-23 2 years ago
pmci-service-delete.yml Bugfix/MPMXKD-23 2 years ago
pmci-service-state-update.yml Bugfix/MPMXKD-23 2 years ago
pmci-tenant-change.yml bugfixes and cleanup 2 years ago
pmci-tenant-create.yml bugfix: regressions after management update 2 years ago
pmci-tenant-delete.yml bugfix: regressions after management update 2 years ago
pmci-tenant-sync.yml bugfixes and cleanup 2 years ago
poetry.lock Feature/dev 927 3 years ago
provisioning.yml chore: added k8s node for prodnso 2 years ago
pyproject.toml Feature/dev 927 3 years ago
restore-remote-database-backup.yml DEV-1114 Fixing postgres shared host variables 3 years ago
setup.yml DEV-895 dedizierter s3 user 2 years ago
smardigo.yml feat: removed prodnso-mpmx-iaas-01 and the role for mpmx 1 year ago
stage-demompmx chore: consolidation 2 years ago
stage-demompmx-netgo-hcloud.yml DEV-1271 Change Hetzner API keys for dynamic inventories 2 years ago
stage-devnso feature: migrated connect-data into k8s 2 years ago
stage-devnso-netgo-hcloud.yml DEV-1271 Change Hetzner API keys for dynamic inventories 2 years ago
stage-devssp Dev 1143 ssp stage 2 years ago
stage-devssp-netgo-hcloud.yml DEV-1271 Change Hetzner API keys for dynamic inventories 2 years ago
stage-digitalocean DEV-0000 rework blackbox exporter 2 years ago
stage-prodnso feat: removed prodnso-mpmx-iaas-01 and the role for mpmx 1 year ago
stage-prodnso-netgo-hcloud.yml DEV-1271 Change Hetzner API keys for dynamic inventories 2 years ago
stage-prodwork01 DEV-895 dedizierter s3 user 2 years ago
stage-prodwork01-netgo-hcloud.yml DEV-1271 Change Hetzner API keys for dynamic inventories 2 years ago
update-docker-image.yml DEV-1114 rename stage: dev to devnso 3 years ago
update-ssh-config-file.yml DEV-1114 rename stage: dev to devnso 3 years ago
upload-database-dump.yml Bugfix/MPMXKD-23 2 years ago
vpn.yml DEV-1008 added wireguard vpn 3 years ago

README.md

Prepare ansible Installation

Install needed python pip packages

pip3 install -r pip-requirements

Install needed ansible collections / roles

ansible-galaxy install -r galaxy-requirements.yml -f

Setup

Create/Start servers for stage-dev

ansible-playbook -i stage-dev provisioning.yml --vault-password-file ~/vault-pass
ansible-playbook -i stage-dev start.yml --vault-password-file ~/vault-pass
ansible-playbook -i stage-dev stop.yml --vault-password-file ~/vault-pass

with Poetry prefix with poetry run

Provisioning

ansible-playbook -i stage-dev setup.yml --vault-password-file ~/vault-pass -u root
ansible-playbook dynamic-provisioning.yml  --vault-password-file ~/vault-pass -e "stage=dev name=test node=01 service=connect"

with Poetry prefix with poetry run

Setup Smardigo Service

Setup/Configure a Server, Database, Realm (keycloak) and Smardigo
ansible-playbook create-server.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev'"
ansible-playbook create-database.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev'"
ansible-playbook create-realm.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev' current_realm_name='sken' current_realm_display_name='S-K-E-N'"
ansible-playbook create-service.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev' current_realm_name='sken' current_realm_display_name='S-K-E-N'"

with Poetry prefix with poetry run

Remove Smardigo Service

Remove a Server, Database, Realm (keycloak) and Smardigo
ansible-playbook remove-server.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev'"

with Poetry prefix with poetry run

ansible-builder

AWX is used in smardigo setup do execute several playbooks due to user interaction within smardigo product. To finish ansible runs successfully we have to make sure every ansible dependency(ansible collection/role or pip package) is installed. therefore ansible-builder gave us the opportunity to configure the needed environment to exec plays successfully.

before every git-merge depending on changes concerning new ansible collections/roles and/or new pip-packages, please run the following:

cd ansible-builder/
ansible-builder build --tag dev-harbor-01.smardigo.digital/awx/awx-custom-ee --container-runtime docker

hopefully it will result in e.g.:

cd ansible-builder/
ATTENTION: to get more information plz set --verbosity 3	
ansible-builder build --tag awx-custom-ee:latest --container-runtime docker
Running command:
  docker build -f context/Dockerfile -t awx-custom-ee:latest context

Complete! The build context can be found at: /home/friedrich/sandbox/netgo_stuff/hetzner-ansible/ansible-builder/context

real	2m56,131s
user	0m0,208s
sys	0m0,102s`

you can start the docker container locally with e.g. : docker run -it --rm --mount type=bind,source="$(pwd)"/,target=/gitrepo/ awx-custom-ee:latest /bin/bash

after it, you are able to exec some ansbible-runs like: (please solve dependencies before starting to docker container) cd /gitrepo ansible-playbook -i stage-digitalocean external_monitoring.yml --ask-vault-password -u root --private-key sshkey_pw_less

export HETZNER_LABEL_SELECTOR='stage=dev'
ansible-playbook -i stage-netgo-hcloud.yml -l redis smardigo.yml --ask-vault-password  -u root --private-key sshkey_pw_less

if everything works fine, plz push the created docker container with:

docker login dev-harbor-01.smardigo.digital
docker tag XXXXXXXX dev-harbor-01.smardigo.digital/awx/awx-custom-ee:latest
docker push dev-harbor-01.smardigo.digital/awx/awx-custom-ee

TODO

Prometheus (Grafana) docker exec -i dev-prometheus-01-grafana sh -c 'grafana-cli plugins install grafana-piechart-panel' docker restart dev-prometheus-01-grafana