-
Notifications
You must be signed in to change notification settings - Fork 7
/
tqd.yml
122 lines (114 loc) · 5.47 KB
/
tqd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# Copyright (c) 2016 Intel Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
---
- hosts: localhost
vars:
bosh_vms_output_pattern: '^\| (?P<vm>.*) \| (?P<state>.*) \| (?P<az>.*) \| (?P<vm_type>.*) \| (?P<ips>.*) \| (?P<cid>.*) \| (?P<agent_id>.*) \| (?P<ressurection>.*) \|$'
docker_broker_manifest: "{{ ansible_env['HOME'] }}/docker-broker.yml"
tasks:
- name: Return detailed VM information
shell: source /usr/local/rvm/scripts/rvm && bosh --no-color -n vms docker-broker --detail
args:
executable: /bin/bash
register: shell_result
- name: Get the IP of the Docker Broker VM
set_fact: broker_0_ip={{ item | regex_replace(bosh_vms_output_pattern, '\\g<ips>') }}
when: "{{ item | search('broker/0') }}"
with_items: "{{ shell_result.stdout_lines }}"
- include: create-inventory.yml
- include: site.yml
vars:
broker_0_ip: "{{ hostvars['localhost'][\"broker_0_ip\"] }}"
- include: kerberos-token.yml
- hosts: localhost
vars:
bosh_deployments:
- "{{ ansible_env['HOME'] }}/cf.yml"
- "{{ ansible_env['HOME'] }}/docker-broker.yml"
dns:
- "{{ hostvars['cdh-master-0.node.envname.consul']['ansible_ssh_host'] }}"
- "{{ hostvars['cdh-master-1.node.envname.consul']['ansible_ssh_host'] }}"
- "{{ hostvars['cdh-master-2.node.envname.consul']['ansible_ssh_host'] }}"
pre_tasks:
- replace: dest={{ item }} regexp='dns:\ \[.*\]'
replace="dns":" [{{ dns | join(',') }}]"
register: replace_result
with_items: "{{ bosh_deployments }}"
- shell: source /usr/local/rvm/scripts/rvm && bosh --no-color -n -d {{ item }} deploy
args:
executable: /bin/bash
with_items: "{{ bosh_deployments }}"
when: "{{ replace_result.changed }}"
roles:
- role: resolv_conf
resolv_conf_nameservers: "{{ dns }}"
resolv_conf_search:
- service.consul
- node.consul
post_tasks:
- shell: source /usr/local/rvm/scripts/rvm && {{ item }}
register: shell_result
failed_when: shell_result.rc != 0 and not shell_result.stdout | search('(already exists)|(no new users given)')
with_items:
- uaac target https://uaa.{{ cf_domain }}/ --skip-ssl-validation
- uaac token client get admin -s {{ cf_password }}
- uaac member add console.admin admin
- uaac client update cf --scope cloud_controller.admin,cloud_controller.read,cloud_controller.write,doppler.firehose,openid,password.write,scim.read,scim.write,console.admin
args:
executable: /bin/bash
- hosts: localhost
vars:
aws_cli_version: 1.10.34
bosh_vms_output_pattern: '^\| (?P<vm>.*) \| (?P<state>.*) \| (?P<az>.*) \| (?P<vm_type>.*) \| (?P<ips>.*) \| (?P<cid>.*) \| (?P<agent_id>.*) \| (?P<ressurection>.*) \|$'
docker_broker_manifest: "{{ ansible_env['HOME'] }}/docker-broker.yml"
tasks:
- name: Install the AWS CLI
pip: name=awscli version={{ aws_cli_version }}
when: "{{ provider == 'aws' }}"
- name: Return detailed VM information
shell: source /usr/local/rvm/scripts/rvm && bosh --no-color -n vms docker-broker --detail
args:
executable: /bin/bash
register: shell_result
- name: Get the Cloud ID of the Docker Broker VM
set_fact: broker_0_cid={{ item | regex_replace(bosh_vms_output_pattern, '\\g<cid>') }}
when: "{{ item | search('broker/0') }}"
with_items: "{{ shell_result.stdout_lines }}"
- shell: aws --output text --region {{ region }} ec2 describe-route-tables --filters 'Name=tag:aws:cloudformation:stack-name,Values={{ stack }}' 'Name=tag:aws:cloudformation:logical-id,Values=PrivateRouteTable'
register: shell_result
when: "{{ provider == 'aws' }}"
- set_fact: private_route_table_id={{ shell_result.stdout_lines[0] | regex_replace('^ROUTETABLES\t([a-z0-9-]+)\t([a-z0-9-]+)', '\\1') }}
when: "{{ provider == 'aws' }}"
- shell: "{{ item }}"
with_items:
- aws --region {{ region }} ec2 replace-route --route-table-id {{ private_route_table_id }} --destination-cidr-block 172.17.0.0/16 --instance-id {{ broker_0_cid }}
- aws --region {{ region }} ec2 modify-instance-attribute --instance-id {{ broker_0_cid }} --no-source-dest-check
when: "{{ provider == 'aws' }}"
- name: Register Docker subnet_id on OpenStack
shell: neutron --insecure --os-cloud TAP net-show {{ docker_subnet_id }} -c subnets -f value
register: subnet_id
when: "{{ provider == 'openstack' }}"
- name: Register Docker port_id on OpenStack
shell: >-
neutron --insecure --os-cloud TAP port-list |
grep "{{ subnet_id.stdout }}.*10.0.4.4" | cut -d ' ' -f2
register: port_id
when: "{{ provider == 'openstack' }}"
- name: Allow 172.17.0.0/16 on Doker port
shell: >-
neutron --insecure --os-cloud TAP port-update {{ port_id.stdout }} --allowed-address-pairs
type=dict list=true ip_address=10.0.4.4/24 ip_address=172.17.0.0/16
when: "{{ provider == 'openstack' }}"
# vi:et:sw=2 ts=2 sts=2 ft=ansible