You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Go to file

Sven Ketelsen 70af623ba4 feat: elastic - activated syslog and authlog - filebeat will now ship syslog {{ inventory_hostname }}-syslog-... - filebeat will now ship authlog {{ inventory_hostname }}-authlog-... - updated filebeat/logstash to "7.16.3"		4 years ago
ansible-builder	feat: consolidation for harbor	4 years ago
docker/dregsy	feat: consolidation for harbor	4 years ago
group_vars	bugfix: disabled blackbox exporter for connect management	4 years ago
host_vars	DEV-277 feat: added stage for external usage	4 years ago
inventory_plugins	bugfix: missing renaming	4 years ago
kubespray@eeeca4a1d0	feat: added hetzner csi plugin	4 years ago
library	bugfix: connect-wordpress orchestration	4 years ago
roles	feat: elastic - activated syslog and authlog	4 years ago
scripts	feat: consolidation for harbor	4 years ago
smardigo	bugfix: fixed some state problems within process modell	4 years ago
tasks	Feature/dev 316 3rd	4 years ago
templates	feat: elastic - activated syslog and authlog	4 years ago
users	DEV-220: ssh-key got lost due to abolishing windows... key rotated	4 years ago
.gitignore	chore: added xvars-*.yml to gitignore	4 years ago
.gitlab-ci.yml	chore: deactivated gitlab-ci ansible-lint	4 years ago
.gitmodules	kubespray: v2.17.0 -> v2.17.1	4 years ago
README.md	feat: consolidation for harbor	4 years ago
ansible-lint.cfg	Feature/dev 316 3rd	4 years ago
ansible.cfg	DEV-298: added hacky shell script to make harbor upgrade a little bit easier	4 years ago
create-database-backup.yml	Feature/dev 316 3rd	4 years ago
create-database.yml	Feature/dev 316 3rd	4 years ago
create-kibana-objects.yml	Feature/dev 316 3rd	4 years ago
create-realm.yml	Feature/dev 316 3rd	4 years ago
create-server.yml	Feature/dev 316 3rd	4 years ago
create-service.yml	Feature/dev 316 3rd	4 years ago
elastic-certs.sh	SMARCH-92: split elastic stack services for qa	4 years ago
evil-remove-server.yml	Feature/dev 316 3rd	4 years ago
external_monitoring.yml	DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check	4 years ago
galaxy-requirements.yml	Feature/dev 316 3rd	4 years ago
hcloud_firewall.yml	DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check	4 years ago
import-database.yml	Feature/dev 316 3rd	4 years ago
info.yml	feat: prometheus now uses stage_server_infos (auto discover task)	4 years ago
kubernetes.yml	bugfix: missing renaming	4 years ago
pip-requirements	Feature/dev 316 3rd	4 years ago
poetry.lock	Updated cryptography (3.4.7 -> 3.4.8), ansible-core (2.11.3 -> 2.11.4), ansible (4.3.0 -> 4.4.0), hcloud (1.13.0 -> 1.16.0)	4 years ago
provisioning.yml	Feature/dev 316 3rd	4 years ago
pyproject.toml	feature/postgresql-cluster	4 years ago
remove-database.yml	Feature/dev 316 3rd	4 years ago
remove-realm.yml	Feature/dev 316 3rd	4 years ago
remove-server.yml	Feature/dev 316 3rd	4 years ago
remove-service.yml	Feature/dev 316 3rd	4 years ago
restore-database-backup.yml	Feature/dev 316 3rd	4 years ago
setup.yml	Feature/dev 316 3rd	4 years ago
smardigo.yml	DEV-244 feat: added power dns to stage dev	4 years ago
stage-dev	feat: consolidation for harbor	4 years ago
stage-digitalocean	DEV-253: digitalocean stuff - add droplet but not idempotentgit branch git branch plz check	4 years ago
stage-ext	DEV-277 feat: added stage for external usage	4 years ago
stage-netgo-hcloud.yml	DEV-231: Pagination für dynamisches Inventory fehlt	4 years ago
stage-qa	feat: consolidation for harbor	4 years ago
update-monitoring.yml	cleanup: extend description	4 years ago
update-service-state.yml	Feature/dev 316 3rd	4 years ago
update-ssh-config-file.yml	feat: added parameter to local ssh config update	4 years ago
upload-database-dumb.yml	Feature/dev 316 3rd	4 years ago

README.md

Prepare ansible Installation

Install needed python pip packages

pip3 install -r pip-requirements

Install needed ansible collections / roles

ansible-galaxy install -r galaxy-requirements.yml

Setup

Create/Start servers for stage-dev

ansible-playbook -i stage-dev provisioning.yml --vault-password-file ~/vault-pass
ansible-playbook -i stage-dev start.yml --vault-password-file ~/vault-pass
ansible-playbook -i stage-dev stop.yml --vault-password-file ~/vault-pass

with Poetry prefix with poetry run

Provisioning

ansible-playbook -i stage-dev setup.yml --vault-password-file ~/vault-pass -u root
ansible-playbook dynamic-provisioning.yml  --vault-password-file ~/vault-pass -e "stage=dev name=test node=01 service=connect"

with Poetry prefix with poetry run

Setup Smardigo Service

Setup/Configure a Server, Database, Realm (keycloak) and Smardigo
ansible-playbook create-server.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev'"
ansible-playbook create-database.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev'"
ansible-playbook create-realm.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev' current_realm_name='sken' current_realm_display_name='S-K-E-N'"
ansible-playbook create-service.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev' current_realm_name='sken' current_realm_display_name='S-K-E-N'"

with Poetry prefix with poetry run

Remove Smardigo Service

Remove a Server, Database, Realm (keycloak) and Smardigo
ansible-playbook remove-server.yml -e "stage='dev' tenant_id='sken' cluster_name='test01' cluster_size='1' cluster_service='connect' stage='dev'"

with Poetry prefix with poetry run

ansible-builder

AWX is used in smardigo setup do execute several playbooks due to user interaction within smardigo product. To finish ansible runs successfully we have to make sure every ansible dependency(ansible collection/role or pip package) is installed. therefore ansible-builder gave us the opportunity to configure the needed environment to exec plays successfully.

before every git-merge depending on changes concerning new ansible collections/roles and/or new pip-packages, please run the following:

cd ansible-builder/
ansible-builder build --tag awx-custom-ee:latest --container-runtime docker

hopefully it will result in e.g.:

cd ansible-builder/
ATTENTION: to get more information plz set --verbosity 3	
ansible-builder build --tag awx-custom-ee:latest --container-runtime docker
Running command:
  docker build -f context/Dockerfile -t awx-custom-ee:latest context

Complete! The build context can be found at: /home/friedrich/sandbox/netgo_stuff/hetzner-ansible/ansible-builder/context

real	2m56,131s
user	0m0,208s
sys	0m0,102s`

you can start the docker container locally with e.g. : docker run -it --rm --mount type=bind,source="$(pwd)"/,target=/gitrepo/ awx-custom-ee:latest /bin/bash

after it, you are able to exec some ansbible-runs like: (please solve dependencies before starting to docker container) cd /gitrepo ansible-playbook -i stage-digitalocean external_monitoring.yml --ask-vault-password -u root --private-key sshkey_pw_less

export HETZNER_LABEL_SELECTOR='stage=dev'
ansible-playbook -i stage-netgo-hcloud.yml -l redis smardigo.yml --ask-vault-password  -u root --private-key sshkey_pw_less

if everything works fine, plz push the created docker container with:

docker login dev-harbor-01.smardigo.digital
docker tag XXXXXXXX dev-harbor-01.smardigo.digital/awx/awx-custom-ee:latest
docker push dev-harbor-01.smardigo.digital/awx/awx-custom-ee

TODO

IPFire 149.233.6.129 - eShelter 212.121.131.106 - Siemensdamm

Prometheus curl -X POST https://{{ prometheus-url }}/-/reload

Prometheus (Grafana) docker exec -i dev-prometheus-01-grafana sh -c 'grafana-cli plugins install grafana-piechart-panel' docker restart dev-prometheus-01-grafana

AWX -> /etc/kubernetes/k9s wget https://github.com/derailed/k9s/releases/download/v0.24.14/k9s_Linux_x86_64.tar.gz tar -xzf k9s_*.tar.gz -C . ln -s /etc/kubernetes/k9s/k9s /usr/bin/k9s kubectl taint nodes --all node-role.kubernetes.io/master-