new config for satellite 6.9 hackfest (#3495)

* new config for satellite 6.9 hackfest * update README Co-authored-by: Wilson Harris <Wilson@walrus.attlocal.net>
redhat-cop · Mar 5, 2021 · f6051f5 · f6051f5
1 parent 15947cb
commit f6051f5
Show file tree

Hide file tree

Showing 16 changed files with 842 additions and 0 deletions.
diff --git a/ansible/configs/satellite-hackfest/README.adoc b/ansible/configs/satellite-hackfest/README.adoc
@@ -0,0 +1,160 @@
+:config: satellite-hackfest
+:author1: Wilson Harris (wilson-walrus) <wharris@redhat.com>
+:team: GPTE DevOps & Automation
+
+Config Name: {config}
+=====================
+
+The {config} config deploys control, satellite, sat-69, el7-server, el8-server, and a idm-server on OpenStack cloud providers.
+
+
+Requirements
+------------
+
+* Following are the requirements:
+. Yum repositories are required for all hosts except the "satellite" host.
+. OSP credentials are required. 
+. openstacksdk and apypie python modules required.
+
+Config Variables
+----------------
+
+. Cloud specfic settings related variables.
++
+[cols="4",options="header"]
+|===
+|*Variable* | *State* | *Default* |*Description*
+| env_type: "string"| Required | None| Name of the config (satellite-hackfest)
+| output_dir: "path string" |Required | /tmp/workdir | Writable working scratch directory
+| email: "string" | Required | smart-management@example.com | User info for notifications
+| guid: "string" | Reqired |defaultguid |Unique identifier
+| cloud_provider: "string" |Required   | osp      | Which AgnosticD Cloud Provider to use
+|rhel_repos: [list] |Required | Default  | List for rhel repos
+|===
+
+Example variables and values
+----------------------------
+
+. Sample of sample_osp_vars.yml
++
+[source=text]
+----
+[user@desktop ~]$ cd agnosticd/ansible
+[user@desktop ~]$ cat ./configs/smart-management/sample_osp_vars.yml
+guid: defaultguid
+osp_cluster_dns_zone: red.osp.opentlc.com
+admin_user: opentlc-mgr
+student_name: student
+student_password: "changeme"
+tower_version: "3.6.4-1"
+software_to_deploy: tower            
+tower_infra_workloads:
+  - tower-org-create
+tower_organization:
+  - name: gpte
+configure_satellite: true
+satellite_version: 6.7
+satellite_infra_workloads:
+  - satellite-manage-organization
+  - satellite-manage-manifest
+org: gpte
+org_label: gpte
+org_description: "Global Partner Training and Enablement"
+----
++
+[NOTE]
+For reference  link:sample_vars_osp.yml[click] here.  
+
+. Sample of secrets.yml
++
+[source=text]
+----
+[user@desktop ~]$ cat ~/secrets.yml
+osp_auth_url: http://x.x.x.x:5000/v3
+osp_auth_username: admin
+osp_auth_password: "xxxxxxxxxxxxxxxxxxxxxxxxx"
+osp_auth_project_domain: "default"
+osp_auth_user_domain: "default"
+osp_cluster_dns_zone: xxxxxxx.osp.opentlc.com
+ddns_key_name: xxxxxxxxxxxxx
+ddns_key_secret: "xxxxxxxxxxxxxxxxxxxxxx"
+own_repo_path: http://some.yum.com/repos/
+satellite_manifest:
+  type: file
+  path: ~/manifest_satellite-infrastructure-may-2020.zip
+tower_license: >
+  {
+    "subscription_name": "Ansible Tower by Red Hat, Standard (50 Managed Nodes)", 
+    "eula_accepted": true, 
+    "instance_count": 50, 
+    "trial": false, 
+    "contact_email": "ankay@redhat.com", 
+    "company_name": "Red Hat, Inc", 
+    "license_type": "enterprise", 
+    "contact_name": "Tony Kay", 
+    "license_date": 1640926800, 
+    "license_key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+  }
+----
+
+
+Tags
+---
+. List of tags used in {config} config-
++
+[cols="2",options="header"]
+|===
+| Tag | Description 
+|install_satellite |Consistent tag for all satellite installation roles
+|configure_satellite |Consistent tag for all satellite configuration roles
+|install-tower | Consistent tag for all tower installation tasks
+|tower-cli |  Consistent tag for all tower-cli tasks
+|===
+
+. Examples how to use tags
++
+----
+## Tagged jobs
+[user@desktop ~]$ ansible-playbook playbook.yml --tags configure_satellite
+
+## Skip tagged jobs
+[user@desktop ~]$ ansible-playbook playbook.yml --skip-tags install_satellite,install-tower
+----
+
+Examples, How to use config 
+---------------------------
+
+. How to deploy {config} config.
++
+[source=text]
+----
+[user@desktop ~]$ cd agnosticd/ansible
+[user@desktop ~]$ ansible-playbook  main.yml \
+  -e @./configs/smart-management/sample_vars_osp.yml \
+  -e @~/secrets.yml \
+  -e guid=<Alphanum>  
+----
+
+. How to destroy deployed environment 
++
+[source=text]
+----
+[user@desktop ~]$ cd agnosticd/ansible
+[user@desktop ~]$ ansible-playbook  ./configs/smart-management/destroy.yml \
+  -e @./configs/smart-management/sample_vars_osp.yml \
+  -e @~/secrets.yml \
+  -e guid=defaultguid 
+----
+
+Author Information
+------------------
+
+* Author/owner:
+** {author1}
+
+* Alternative Contacts:
+** {author2}
+** {author3}
+
+* Team:
+** {team}
diff --git a/ansible/configs/satellite-hackfest/default_vars.yml b/ansible/configs/satellite-hackfest/default_vars.yml
@@ -0,0 +1,54 @@
+---
+
+env_type: satellite-hackfest
+output_dir: /tmp/workdir                # Writable working scratch directory
+email: "{{env_type}}@example.com"
+guid: defaultguid
+
+deploy_local_ssh_config_location: "{{output_dir}}/"
+
+key_name: ocpkey                        # Keyname must exist in AWS
+use_own_key: true
+env_authorized_key: "{{guid}}key"
+set_env_authorized_key: true
+default_key_name: ~/.ssh/{{key_name}}.pem
+
+install_bastion: true
+install_common: true
+install_ipa_client: false
+
+install_student_user: true
+
+tower_run: false
+
+update_packages: true
+
+project_tag: "{{ env_type }}-{{ guid }}"
+
+# ##### Repos for satellite 6.7 ###########
+# satellite_repos:
+#   - rhel-7-server-rpms
+#   - rhel-7-server-satellite-6.7-rpms
+#   - rhel-7-server-satellite-maintenance-6-rpms
+#   - rhel-7-server-satellite-capsule-6.7-rpms
+#   - rhel-7-server-satellite-tools-6.7-rpms
+#   - rhel-server-rhscl-7-rpms
+#   - rhel-7-server-ansible-2.9-rpms
+
+# ####### RHEL repos ###########
+# rhel_repos:
+#   - rhel-7-server-rpms
+#   - rhel-server-rhscl-7-rpms
+#   - rhel-7-server-extras-rpms
+
+common_packages:
+  - python2
+  - unzip
+  - bash-completion
+  - tmux
+  - bind-utils
+  - wget
+  - git
+  - vim-enhanced
+  - at
+  - ansible
diff --git a/ansible/configs/satellite-hackfest/default_vars_osp.yml b/ansible/configs/satellite-hackfest/default_vars_osp.yml
@@ -0,0 +1,179 @@
+---
+################################################################################
+### OSP Environment variables
+################################################################################
+
+cloud_provider: osp
+ansible_user: cloud-user
+remote_user: cloud-user
+
+use_dynamic_dns: true
+osp_project_create: true
+install_student_user: true
+
+####  Instance flavor  ##################################
+instance_type: 2c4g30d
+bastion_instance_type: 2c2g30d
+satellite_instance_type: 8c32g100d
+sat_69_instance_type: 8c16g100d
+
+####  Image id        ###################################
+image: rhel-server-7.8
+el8_image: rhel-8.3
+
+quota_fip: 7
+quota_volumes_gigs: 600
+
+##### Security Groups ###################################
+security_groups:
+  - name: SatelliteSG
+    rules:
+      - name: SatHTTPSPorts
+        description: "HTTPS Public"
+        from_port: 443
+        to_port: 443
+        protocol: tcp
+        cidr: "0.0.0.0/0"
+        rule_type: Ingress
+
+  - name: HostSG
+    rules:
+      - name: FromHostsgTCP
+        description: "Allow everything from HostSG nodes"
+        from_port: 1
+        to_port: 65535
+        protocol: tcp
+        from_group: HostSG
+        rule_type: Ingress
+
+      - name: FromHostsgUDP
+        description: "Allow everything from HostSG nodes"
+        from_port: 1
+        to_port: 65535
+        protocol: udp
+        from_group: HostSG
+        rule_type: Ingress
+
+
+####   Environment Instances   ###################################
+instances:
+  - name: "control"
+    count: 1
+    unique: true
+    public_dns: true
+    dns_loadbalancer: true
+    floating_ip: true
+    image_id: "{{ bastion_instance_image | default(image) }}"
+    flavor:
+      osp: "{{ bastion_instance_type | default(instance_type) }}"
+    security_groups:
+      - BastionSG
+      - DefaultSG
+    tags:
+      - key: "AnsibleGroup"
+        value: "bastions"
+      - key: "ostype"
+        value: "linux"
+      - key: "instance_filter"
+        value: "{{ env_type }}-{{ email }}"
+
+  - name: "satellite"
+    count: "{{ satellite_instance_count | default(1) }}"
+    public_dns: true
+    floating_ip: true
+    image_id: "{{ satellite_instance_image | default(image)  }}"
+    flavor:
+      osp: "{{ satellite_instance_type | default(instance_type) }}"
+    rootfs_size: "{{ satellite_rootfs_size | default('200') }}"
+    security_groups:
+      - SatelliteSG
+      - DefaultSG
+      - HostSG
+    tags:
+      - key: "AnsibleGroup"
+        value: "satellites"
+      - key: "ostype"
+        value: "linux"
+      - key: "instance_filter"
+        value: "{{ env_type }}-{{ email }}"
+
+  - name: "sat-69"
+    count: "{{ sat_69_instance_count | default(1)  }}"
+    public_dns: true
+    floating_ip: false 
+    image_id: "{{ sat_69_instance_image | default(image) }}"
+    flavor:    
+      osp: "{{ sat_69_instance_type | default(instance_type) }}"
+    rootfs_size: "{{ sat_69_rootfs_size | default('200') }}"
+    security_groups: 
+      - DefaultSG
+      - HostSG
+      - SatelliteSG
+    tags:      
+      - key: "AnsibleGroup"
+        value: "pre_satellites"
+      - key: "ostype"  
+        value: "linux" 
+      - key: "instance_filter"
+        value: "{{ env_type }}-{{ email }}"
+
+  - name: "el8-server"
+    count: "{{ node_instance_count | default(1)  }}"
+    public_dns: false
+    floating_ip: false
+    image_id: "{{ node_instance_image | default(el8_image) }}"
+    flavor:
+      osp: "{{ node_instance_type | default(instance_type) }}"
+    security_groups:
+      - DefaultSG
+      - HostSG
+    tags:
+      - key: "AnsibleGroup"
+        value: "el8_nodes"
+      - key: "ostype"
+        value: "linux"
+      - key: "instance_filter"
+        value: "{{ env_type }}-{{ email }}"
+
+  - name: "el7-server"
+    count: "{{ node_instance_count | default(1)  }}"
+    public_dns: false
+    floating_ip: false
+    image_id: "{{ node_instance_image | default(image) }}"
+    flavor:
+      osp: "{{ node_instance_type | default(instance_type) }}"
+    security_groups:
+      - DefaultSG
+      - HostSG
+    tags:
+      - key: "AnsibleGroup"
+        value: "nodes"
+      - key: "ostype"
+        value: "linux"
+      - key: "instance_filter"
+        value: "{{ env_type }}-{{ email }}"
+
+  - name: "idm-server"
+    count: "{{ node_instance_count | default(1)  }}"
+    public_dns: false
+    floating_ip: false
+    image_id: "{{ node_instance_image | default(el8_image) }}"
+    flavor:
+      osp: "{{ node_instance_type | default(instance_type) }}"
+    security_groups:
+      - DefaultSG
+      - HostSG  
+    tags:
+      - key: "AnsibleGroup"
+        value: "el8_nodes"
+      - key: "ostype"
+        value: "linux"
+      - key: "instance_filter"
+        value: "{{ env_type }}-{{ email }}"
+
+#### Inventory Groups for Hosts File ##################################
+inventory_groups:
+  - nodes
+  - el8_nodes
+  - satellites
+  - pre_satellites