Minor work started for three-tier-app

readme updates

tested ocp-clientvm and three-tier-app

ansible/configs/ocp-clientvm/README.adoc

@@ -1,73 +1,34 @@
-= OCP Client VM (ocp-clientvm) Standard Config
-
-== Set up your "Secret" variables
-
-* You need to provide some credentials for deployments to work
-* Create a file called "env_secret_vars.yml" and put it in the ./ansible/configs/CONFIGNAME/ directory.
-** At this point this file *has to be created* even if no vars from it are used.
-* You can choose to provide these values as extra vars (-e "var=value") in the command line if you prefer not to keep sensitive information in a file.
-
-.Example contents of "Secret" Vars file
-----
-# ## Logon credentials for Red Hat Network
-# ## Required if using the subscription component
-# ## of this playbook.
-rhel_subscription_user: ''
-rhel_subscription_pass: ''
-#
-# ## AWS Credentials. This is required.
-aws_access_key_id: ""
-aws_secret_access_key: ""
-#
-#If using repo_method: satellite, you must set these values as well.
-satellite_url: https://satellite.example.com
-satellite_org: Sat_org_name
-satellite_activationkey: "rhel7basic"
-----
-
-== Review the Env_Type variable file
-
-* This file link:./env_vars.yml[./env_vars.yml] contains all the variables you need to define to control the deployment of your environment.
-
-
-=== IPA registration
-
-You can either provide `ipa_host_password` or a couple `ipa_kerberos_user`/`ipa_kerberos_password` to register the host to the ipa server. See link:../../roles/bastion-opentlc-ipa[roles/bastion-opentlc-ipa].
+= OCP Client VM (ocp-clientvm)
 
 == Running Ansible Playbook
 
 You can run the playbook with the following arguments to overwrite the default variable values:
 
 [source,bash]
 ----
-GUID=testclientvm1
-REGION=us-east-1
+GUID=sborenstest5
+REGION=ap-southeast-2
 KEYNAME=ocpkey
 ENVTYPE="ocp-clientvm"
 CLOUDPROVIDER=ec2
-HOSTZONEID='Z186MFNM7DX4NF'
-REPO_PATH='https://admin.example.com/repos/ocp/3.9.14/'
+HOSTZONEID='Z3IHLWJZOU9SRT'
 BASESUFFIX='.example.opentlc.com'
-REPO_VERSION=3.9
-DEPLOYER_REPO_PATH=`pwd`
-OSRELEASE=3.9.14
+REPO_VERSION=3.11
+OSRELEASE=3.11.16
 
-ansible-playbook main.yml \
+ansible-playbook ansible/main.yml \
   -e "guid=${GUID}" \
   -e "env_type=${ENVTYPE}" \
   -e "osrelease=${OSRELEASE}" \
   -e "repo_version=${REPO_VERSION}" \
   -e "docker_version=1.13.1" \
-  -e "cloud_provider=${CLOUDPROVIDER}"
+  -e "cloud_provider=${CLOUDPROVIDER}" \
   -e "aws_region=${REGION}" \
   -e "HostedZoneId=${HOSTZONEID}" \
   -e "key_name=${KEYNAME}" \
   -e "subdomain_base_suffix=${BASESUFFIX}" \
   -e "clientvm_instance_type=t2.large" \
-  -e "[email protected]" \
-  -e "software_to_deploy=none" \
-  -e "ANSIBLE_REPO_PATH=${DEPLOYER_REPO_PATH}" \
-  -e "own_repo_path=${REPO_PATH}"
+  -e "[email protected]" -e"output_dir=/opt/workdir" -e"output_dir=/opt/workdir" -e@../secret.yml -vvvv
 ----
 
 === Satellite version
@@ -147,4 +108,4 @@ ENVTYPE_ARGS=(
 -e "clientvm_instance_type=t2.large"
 -e "subdomain_base_suffix=.example.opentlc.com"
 )
-----
+----

ansible/configs/three-tier-app/README.adoc

@@ -1,38 +1,4 @@
-= generic-example config
-
-== Set up your "Secret" variables
-
-* You need to provide some credentials for deployments to work
-* Create a file called "env_secret_vars.yml" and put it in the
- ./ansible/configs/CONFIGNAME/ directory.
-** At this point this file *has to be created* even if no vars from it are used.
-* You can choose to provide these values as extra vars (-e "var=value") in the
- command line if you prefer not to keep sensitive information in a file.
-
-.Example contents of "Secret" Vars file
-----
-# ## Logon credentials for Red Hat Network
-# ## Required if using the subscription component
-# ## of this playbook.
-rhel_subscription_user: ''
-rhel_subscription_pass: ''
-#
-# ## LDAP Bind Password
-bindPassword: ''
-#
-# ## Desired admin name and password if required
-admin_user: ""
-admin_user_password: ""
-#
-# ## AWS Credentials. This is required.
-aws_access_key_id: ""
-aws_secret_access_key: ""
-#If using repo_method: satellite, you must set these values as well.
-satellite_url: https://satellite.example.com
-satellite_org: Sat_org_name
-satellite_activationkey: "rhel7basic"
-
-----
+= Three Tier App
 
 == Review the Env_Type variable file
 
@@ -47,18 +13,14 @@ You can run the playbook with the following arguments to overwrite the default v
 ----
 REGION=ap-southeast-2
 KEYNAME=ocpkey
-GUID=tonyshatest1
+GUID=praktest2
 ENVTYPE="three-tier-app"
 CLOUDPROVIDER=ec2
 HOSTZONEID='Z3IHLWJZOU9SRT'
-REPO_PATH='https://admin.example.com/repos/ocp/3.6/'
-
 BASESUFFIX='.example.opentlc.com'
-DEPLOYER_REPO_PATH=`pwd`
 
 ansible-playbook \
-     ${DEPLOYER_REPO_PATH}/main.yml  \
-    -e "ANSIBLE_REPO_PATH=${DEPLOYER_REPO_PATH}" \
+     ansible/main.yml  \
       -e "guid=${GUID}" \
       -e "env_type=${ENVTYPE}" \
       -e "key_name=${KEYNAME}" \
@@ -67,9 +29,8 @@ ansible-playbook \
         -e "aws_region=${REGION}" \
         -e "HostedZoneId=${HOSTZONEID}" \
         -e "[email protected]" \
-      -e "install_ipa_client=false" \
-      -e "repo_method=file" -e "own_repo_path=${REPO_PATH}" -e "repo_version=${REPO_VERSION}" \
-      -e "software_to_deploy=none"
+        -e "output_dir=/opt/workdir" \
+         -e@../secret.yml -vv
 
 
 
@@ -80,13 +41,13 @@ ansible-playbook \
 ----
 
 REGION=ap-southeast-2
-GUID=devgenericdemo1
+KEYNAME=ocpkey
+GUID=praktest1
 ENVTYPE="three-tier-app"
 CLOUDPROVIDER=ec2
-#To Destroy an Env
-ansible-playbook ./configs/${ENVTYPE}/destroy_env.yml \
-    -e "ANSIBLE_REPO_PATH=${DEPLOYER_REPO_PATH}" \
+
+ansible-playbook ./ansible/configs/${ENVTYPE}/destroy_env.yml \
  -e "guid=${GUID}" -e "env_type=${ENVTYPE}"  -e "cloud_provider=${CLOUDPROVIDER}" -e "aws_region=${REGION}"  \
- -e "HostedZoneId=${HOSTZONEID}"  -e "key_name=${KEYNAME}"  -e "subdomain_base_suffix=${BASESUFFIX}"
+ -e "key_name=${KEYNAME}"  -e "subdomain_base_suffix=${BASESUFFIX}"    -e@../secret.yml -vv
 
 ----

ansible/configs/three-tier-app/env_vars.yml

@@ -18,7 +18,7 @@
 
 repo_method: file # Other Options are: file, satellite and rhn
 
-
+install_ipa_client: false
 # Do you want to run a full yum update
 update_packages: false
 #If using repo_method: satellite, you must set these values as well.
@@ -54,7 +54,7 @@ set_env_authorized_key: true
 
 # Is this running from Red Hat Ansible Tower
 tower_run: false
-### Azure 
+### Azure
 
 # Create a dedicated resourceGroup for this deployment
 az_destroy_method: resource_group
@@ -112,7 +112,7 @@ instances:
       - key: "ostype"
         value: "linux"
       - key: "instance_filter"
-        value: "{{ env_type }}-{{ email }}" 
+        value: "{{ env_type }}-{{ email }}"
     rootfs_size: "{{ rootfs_size_bastion }}"
 
   - name: "frontend"
@@ -160,7 +160,7 @@ instances:
       - key: "ostype"
         value: "rhel"
       - key: "instance_filter"
-        value: "{{ env_type }}-{{ email }}" 
+        value: "{{ env_type }}-{{ email }}"
     key_name: "{{key_name}}"
 
   - name: "support"

ansible/main.yml

@@ -71,7 +71,7 @@
     - step004
     - deploy_software
 
-- import_playbook: "./software_playbooks/{{ software_to_deploy }}.yml"
+- import_playbook: "./software_playbooks/{{ software_to_deploy | d('none')}}.yml"
   tags:
     - step004
     - deploy_software

ansible/roles/common/tasks/use_own_repos.yml

@@ -18,10 +18,11 @@
     - configure_repos
     - remove_existing_repos
 
-
+## SB: ROLE_IMPROVE_TASK this needs to be passed as a variable and/or set as a default for the role
+## Needs to be validated
 - name: create open.repo template on host
   template:
-    src: "{{ ANSIBLE_REPO_PATH | default('.') }}/configs/{{ env_type }}/files/repos_template.j2"
+    src: "./files/repos_template.j2" ## This currently assumes that the file is in the location the config is in
     dest: /etc/yum.repos.d/open_{{ env_type }}.repo
   tags:
    - create_open_repo_template

ansible/roles/host-ocp-provisioner/tasks/main.yml

@@ -62,9 +62,12 @@
         - admin_password_hash is not defined
         - htpasswd_line is succeeded
 
+## SB: ROLE_IMPROVE_TASK this needs to be passed as a variable and/or set as a default for the role
+## Needs to be validated
+## Role is called from Software_playbooks
     - name: Generate htpasswd file
       template:
-        src: "{{ ANSIBLE_REPO_PATH | default('.') }}/configs/{{env_type}}/files/htpasswd.openshift"
+        src: "../configs/{{env_type}}/files/htpasswd.openshift"
         dest: /root/htpasswd.openshift
 
 - name: Install Host packages for releases before 3.10

ansible/roles/infra-ec2-template-generate/tasks/locate_template.yml

@@ -1,15 +1,24 @@
 ---
+
 - name: Check if template exists for the environment
   stat:
-    path: "{{ANSIBLE_REPO_PATH | default('.')}}/configs/{{ env_type }}/files/cloud_providers/{{cloud_provider}}_cloud_template.j2"
+    path: "../configs/{{ env_type }}/files/cloud_providers/{{cloud_provider}}_cloud_template.j2"
   register: stat_local_template
 
+
+### This is an ugly workaround for the REPO_DIR_PATH removal process, in future, locate_template should possisbly be moved out of the role and into the config.
+### Adde "../" before config name
 - name: Use CloudFormation template from the environment
   set_fact:
-    cloudformation_template_src: "{{ANSIBLE_REPO_PATH | default('.')}}/configs/{{ env_type }}/files/cloud_providers/{{cloud_provider}}_cloud_template.j2"
+    cloudformation_template_src: "../configs/{{ env_type }}/files/cloud_providers/{{cloud_provider}}_cloud_template.j2"
   when: stat_local_template.stat.exists
 
+
 - name: Use the default CloudFormation template
   set_fact:
     cloudformation_template_src: "templates/cloud_template.j2"
   when: not stat_local_template.stat.exists
+
+- name: Print cloudformation_template_src
+  debug:
+    var: cloudformation_template_src

ansible/roles/ocp-client-vm/README.md

@@ -50,9 +50,7 @@ WORKLOAD="ocp-client-vm"
 ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \
                  -e"ansible_ssh_private_key_file=~/.ssh/${SSH_PRIVATE_KEY}" \
                  -e"ansible_ssh_user=${SSH_USERNAME}" \
-                    -e"ANSIBLE_REPO_PATH | default('.')=`pwd`" \
                     -e"ocp_workload=${WORKLOAD}" \
                     -e"ACTION=create"
 
 ----
-

ansible/roles/ocp-client-vm/tasks/packages.yml

@@ -40,6 +40,7 @@
 # TODO: use the copy module here
 - name: Move maven to /usr/local
   command: mv -f /root/apache-maven-3.5.4 /usr/local
+  ignore_errors: true
   tags:
   - install_openshift_client_vm_packages
 

ansible/roles/ocp-workload-3scale-demo/readme.adoc

@@ -79,7 +79,7 @@ bastion.cluster4.openshift.opentlc.com
   tags:
     - step007
   roles:
-    - { role: "{{ ANSIBLE_REPO_PATH }}/roles/{{ocp_workload}}", when: 'ocp_workload is defined' }
+    - { role: "{{ocp_workload}}", when: 'ocp_workload is defined' }
 
 ----
 NOTE: You might want to change `hosts: all` to fit your requirements
@@ -96,7 +96,7 @@ GUID=0418
 ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \
                  -e"ansible_ssh_private_key_file=~/.ssh/id_rsa" \
                  -e"ansible_ssh_user=opentlc-mgr" \
-                    -e"ANSIBLE_REPO_PATH=`pwd`" \
+
                     -e"ocp_username=${OCP_USERNAME}" \
                     -e"ocp_workload=${WORKLOAD}" \
                     -e"guid=${GUID}" \
@@ -117,7 +117,7 @@ GUID=3005
 ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \
                  -e"ansible_ssh_private_key_file=~/.ssh/id_rsa" \
                     -e"ansible_ssh_user=opentlc-mgr" \
-                    -e"ANSIBLE_REPO_PATH=`pwd`" \
+
                     -e"ocp_username=${OCP_USERNAME}" \
                     -e"ocp_workload=${WORKLOAD}" \
                     -e"guid=${GUID}" \