Ansible Tower Homework Lab Instruction
Prerequisites
First deploy the following environments through the OpenTLC lab.
-
Ansible Advanced - Homework
-
Ansible Advanced - OpenStack
|
Note
|
The OpenTLC lab has limits that only 3 labs can be deployed. This homework deploys 3 labs finally, so remove all the labs in advance if you’ve already had any. |
-
Connect to the workstation host for Ansible Advanced - Homework.
HOMEWORK_GUID=<Ansible Tower Homework GUID from mail>
OPENTLC_USERNAME=<Your OpenTLC user name>
ssh ${OPENTLC_USERNAME}@bastion.${HOMEWORK_GUID}.example.opentlc.com
scp ~/.ssh/<OPENTLC_KEY> ${OPENTLC_USERNAME}@bastion.${HOMEWORK_GUID}.example.opentlc.com:/tmp/mykey.pem|
Note
|
Specify ~/.ssh/<OPENTLC_KEY> with your OpenTLC ssh key file.
|
-
Set up credentials and variables for the playbook.
sudo -i
mv /tmp/mykey.pem ~/.ssh/
echo "OSP_GUID=<OpenStack GUID from mail>" >> ~/.bashrc
source ~/.bashrc
OPENTLC_USERNAME=<Your OpenTLC user name>-
Set up the workstation host for Ansible Advanced - OpenStack.
git clone https://github.com/hashnao/ansible_advance_homework.git
cd ansible_advance_homework/
sed -i "s/OSP_GUID/${OSP_GUID}/" ssh.cfg
ansible-playbook qa-setup-workstation.yml \
-e OSP_GUID=${OSP_GUID} \
--ask-vault-pass \
--private-key=/root/.ssh/mykey.pem \
-u ${OPENTLC_USERNAME}|
Note
|
Enter the vault password that encrypts keystone_password.
|
Vault password:Configuring Ansible Tower
-
Create a credential file for OpenTLC.
ansible-vault create /tmp/opentlc.yml|
Note
|
Enter your OpenTLC ID and password as the prompt appears. |
opentlc_username: <OpenTLC user name> opentlc_password: <OpenTLC password>
-
Remove unnecessary line in the key file.
vi /root/.ssh/openstack.pem-
Create Ansible Tower job templates.
cat >> ~/.bashrc << EOF
export GITHUB_REPO=https://github.com/hashnao/ansible_advance_homework.git
export REGION=us-east-1
export RH_MAIL_ID=<your mail id for dynamic inventory tag>
export TOWER_GUID=<Ansible Tower Homework GUID from mail>"
EOF
source ~/.bashrc
ansible-playbook setup-tower.yml \
-e TOWER_GUID=${TOWER_GUID} \
-e OSP_GUID=${OSP_GUID} \
-e REGION_NAME=${REGION} \
-e EMAIL=${RH_MAIL_ID} \
-e github_repo=${GITHUB_REPO} \
-e @/tmp/opentlc.yml \
--ask-vault-passRunning a workflow template on Ansible Tower
-
Log in to the Ansible Tower Console
-
Click [Templates] and click job launching button to start cicd workflow template.
-
Verify all the templates succeed.
Manual deployment
This section describes about manually running the playbooks for debugging, verifying, or other purposes.
Provisioning QA Environment
-
Connect to the workstation host for Ansible Advanced - Homework.
HOMEWORK_GUID=<Ansible Tower Homework GUID from mail>
OPENTLC_USERNAME=<Your OpenTLC user name>
ssh ${OPENTLC_USERNAME}@bastion.${HOMEWORK_GUID}.example.opentlc.com
scp ~/.ssh/<OPENTLC_KEY> ${OPENTLC_USERNAME}@bastion.${HOMEWORK_GUID}.example.opentlc.com:/tmp/mykey.pem|
Note
|
Specify ~/.ssh/<OPENTLC_KEY> with your OpenTLC ssh key file.
|
-
Set up the workstation host for Ansible Advanced - OpenStack.
sudo -i
mv /tmp/mykey.pem ~/.ssh/
echo "OSP_GUID=<OpenStack GUID from mail>" >> ~/.bashrc
. ~/.bashrc
OPENTLC_USERNAME=<Your OpenTLC user name>
git clone https://github.com/hashnao/ansible_advance_homework.git
cd ansible_advance_homework/
sed -i "s/OSP_GUID/${OSP_GUID}/" ssh.cfg
ansible-playbook qa-setup-workstation.yml \
-e OSP_GUID=${OSP_GUID} \
--ask-vault-pass \
--private-key=/root/.ssh/mykey.pem \
-u ${OPENTLC_USERNAME}|
Note
|
Enter the vault password that encrypts keystone_password.
|
Vault password:-
Provision instances for QA Environment on Ansible Advanced - OpenStack.
ansible-playbook qa-setup-instances.yml -e OSP_GUID=${OSP_GUID}-
Install the 3-tier applications.
ansible-playbook qa-3tier-setup.yml-
run a smoke test on the QA environment for the three-tier application
ansible-playbook qa-smoke-test.yml|
Note
|
If the smoke test fails and you need to re-create the QA Environment, you can delete the instances by running the folloing playbook. |
ansible-playbook qa-clean-instances.yml -e OSP_GUID=${OSP_GUID}Provisioning Production Environment
-
Create a credential file for OpenTLC.
ansible-vault create /tmp/opentlc.yml|
Note
|
Enter your OpenTLC ID and password as the prompt appears. |
opentlc_username: <OpenTLC user name> opentlc_password: <OpenTLC password>
ansible-playbook prod-setup-instances.yml \
-e @/tmp/opentlc.yml \
--ask-vault-passDescription of Ansible Playbooks
| Files | Description |
|---|---|
|
configures workstation for OpenStack, creates prerequisite resources, and installs isolated node for Ansible Tower. |
|
creates instances for QA Environment. |
|
removes instances for QA Environment. |
|
runs smoke test for QA Environment. |
|
installs the 3-tier application for QA environment. |
|
removes the 3-tier application for QA environment. |
|
creates instances for production environment. |
|
installs the 3-tier application for production environment. |
|
runs smoke test for production environment. |
|
creates Ansible Tower job templates and workflows. |
|
fetches key.pem from bastion and creates machine credential to connect to instances. |
|
checks ssh connection with instances. |
| File or directory | Description |
|---|---|
|
configures yum repository and installs base packages. |
|
installs Tomcat. |
|
installs PostgreSQL. |
|
installs HAProxy. |
|
sets up workstation for OpenStack, creates prerequisite objects including network, ssh keypair, security groups. |
|
provisions instances on OpenStack for 3-tier applications. |
|
removes instances on OpenStack. |
|
generates in-memory inventory for instances on OpenStack. |
|
creates Ansible Tower job templates and workflows. |
|
contains the variables for Ansible Tower. DO NOT make any changes in the file. |
`roles/config-tower/tasks/ec2_dynamic.yml |
creates Dynamic inventory in Ansible tower. Use |
`roles/config-tower/tasks/job_template.yml |
creates job templates. |
`roles/config-tower/tasks/workflow_template.yml |
creates workflow based on |
`roles/config-tower/tasks/post-config-tower.yml |
sets up project, inventories, or credentials. |