ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge of RedHatGov/product-demos (#56)

Browse Source 
Co-authored-by: MKletz <michael.kletz.27@gmail.com>
Co-authored-by: Ajay Chenampara <ajay.chenampara@gmail.com>
Co-authored-by: dlemons-redhat <69318976+dlemons-redhat@users.noreply.github.com>
Co-authored-by: Nicolas Leiva <nicolasleiva@gmail.com>
Co-authored-by: benblasco <42140583+benblasco@users.noreply.github.com>
Co-authored-by: Benjamin Blasco <bblasco@redhat.com>
Co-authored-by: calvingsmith <4283930+calvingsmith@users.noreply.github.com>
Co-authored-by: Calvin Smith <calvingsmith@users.noreply.github.com>
Co-authored-by: Hicham Mourad <43329991+HichamMourad@users.noreply.github.com>
This commit is contained in:
willtome
2023-03-17 09:07:02 -04:00
committed by GitHub
parent 8acff9c9b1
commit c18a206499
279 changed files with 5191 additions and 4649 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
cloud/aws_key.yml Normal file
View File

@@ -0,0 +1,25 @@
---
- name: Create AWS keypair
hosts: localhost
vars:
aws_key_name: aws-test-key
aws_keypair_owner: undef
tasks:
- name: Fail if variables not defined
ansible.builtin.assert:
that:
- aws_key_name is defined
- aws_region is defined
- aws_public_key is defined
- aws_keypair_owner is defined
fail_msg: "Required variables not set"
- name: Create AWS keypair
amazon.aws.ec2_key:
name: "{{ aws_key_name }}"
region: "{{ aws_region }}"
key_material: "{{ aws_public_key }}"
state: present
tags:
owner: "{{ aws_keypair_owner }}"

2
cloud/blueprints/rhel7.yml
View File

@@ -4,4 +4,4 @@ vm_providers:
aws_image_owners: 309956199498
aws_instance_size: t2.medium
aws_image_architecture: x86_64
aws_image_filter: 'RHEL-7.9_HVM*'
aws_image_filter: 'RHEL-7.9_HVM*'

2
cloud/blueprints/rhel8.yml
View File

@@ -4,4 +4,4 @@ vm_providers:
aws_image_owners: 309956199498
aws_instance_size: t3.micro
aws_image_architecture: x86_64
aws_image_filter: 'RHEL-8*HVM-*Hourly*'
aws_image_filter: 'RHEL-8*HVM-*Hourly*'

7
cloud/blueprints/rhel9.yml Normal file
View File

@@ -0,0 +1,7 @@
---
vm_providers:
- aws
aws_image_owners: 309956199498
aws_instance_size: t3.micro
aws_image_architecture: x86_64
aws_image_filter: 'RHEL-9*HVM-*Hourly*'

6
cloud/blueprints/windows.yml
View File

@@ -1,7 +1,7 @@
---
vm_blueprint_providers:
- aws
- azure
- aws
- azure
aws_image_filter: 'Windows_Server-2019-English-Core-Base*'
aws_instance_size: t3.medium
aws_userdata_template: aws_windows_userdata
@@ -11,4 +11,4 @@ az_vm_image:
offer: WindowsServer
publisher: MicrosoftWindowsServer
sku: 2022-Datacenter
version: latest
version: latest

2
cloud/blueprints/windows_core.yml
View File

@@ -3,4 +3,4 @@ vm_blueprint_providers:
- aws
aws_image_filter: 'Windows_Server-2019-English-Core-Base*'
aws_instance_size: t3.medium
aws_userdata_template: aws_windows_userdata
aws_userdata_template: aws_windows_userdata

2
cloud/blueprints/windows_full.yml
View File

@@ -3,4 +3,4 @@ vm_blueprint_providers:
- aws
aws_image_filter: 'Windows_Server-2019-English-Full-Base*'
aws_instance_size: t3.medium
aws_userdata_template: aws_windows_userdata
aws_userdata_template: aws_windows_userdata

9
cloud/create_infra.yml
View File

@@ -1,11 +1,12 @@
---
- name: Create Cloud Infra
hosts: localhost
gather_facts: no
gather_facts: false
vars:
infra_provider: undef
aws_public_key: undef
tasks:
- include_role:
name: "demo.cloud.{{ infra_provider }}"
tasks_from: create_infra
- name: Include provider role
ansible.builtin.include_role:
name: "demo.cloud.{{ infra_provider }}"
tasks_from: create_infra

26
cloud/create_vm.yml
View File

@@ -1,7 +1,7 @@
---
- name: Create Cloud Infra
hosts: localhost
gather_facts: no
gather_facts: false
vars:
vm_name: undef
vm_owner: undef
@@ -9,17 +9,17 @@
vm_blueprint: undef
tasks:
- name: "Importing {{ vm_blueprint | upper }} Blueprint"
include_vars:
file: "blueprints/{{ vm_blueprint }}.yml"
- name: "Importing {{ vm_blueprint | upper }}"
ansible.builtin.include_vars:
file: "blueprints/{{ vm_blueprint }}.yml"
- name: "Check Provider Compatibility"
assert:
that: "'{{ vm_provider }}' in {{ vm_blueprint_providers }}"
fail_msg: "{{ vm_blueprint | upper }} is not available for {{ vm_provider | upper }}"
when: "vm_blueprint_providers is defined"
- name: "Check Provider Compatibility"
ansible.builtin.assert:
that: "'{{ vm_provider }}' in {{ vm_blueprint_providers }}"
fail_msg: "{{ vm_blueprint | upper }} is not available for {{ vm_provider | upper }}"
when: "vm_blueprint_providers is defined"
- name: "Building {{ vm_blueprint | upper }} in {{ vm_provider | upper }}"
include_role:
name: "demo.cloud.{{ vm_provider }}"
tasks_from: create_vm
- name: "Building {{ vm_blueprint | upper }}"
ansible.builtin.include_role:
name: "demo.cloud.{{ vm_provider }}"
tasks_from: create_vm

125
cloud/create_vpc.yml Normal file
View File

@@ -0,0 +1,125 @@
---
- name: Create Cloud Infra
hosts: localhost
gather_facts: false
vars:
aws_vpc_name: aws-test-vpc
aws_owner_tag: default
aws_purpose_tag: ansible_demo
aws_tenancy: default
aws_vpc_cidr_block: 10.0.0.0/16
aws_subnet_cidr: 10.0.1.0/24
aws_region: us-east-1
aws_sg_name: aws-test-sg
aws_subnet_name: aws-test-subnet
aws_rt_name: aws-test-rt
tasks:
- name: Create VPC
amazon.aws.ec2_vpc_net:
state: present
name: "{{ aws_vpc_name }}"
cidr_block: "{{ aws_vpc_cidr_block }}"
tenancy: "{{ aws_tenancy }}"
region: "{{ aws_region }}"
tags:
owner: "{{ aws_owner_tag }}"
purpose: "{{ aws_purpose_tag }}"
register: aws_vpc
- name: Create internet gateway
amazon.aws.ec2_vpc_igw:
state: present
vpc_id: "{{ aws_vpc.vpc.id }}"
region: "{{ aws_region }}"
tags:
Name: "{{ aws_vpc_name }}"
owner: "{{ aws_owner_tag }}"
purpose: "{{ aws_purpose_tag }}"
register: aws_gateway
- name: Create security group internal
amazon.aws.ec2_security_group:
state: present
name: "{{ aws_sg_name }}"
region: "{{ aws_region }}"
description: Inbound WinRM and RDP, http for demo servers and internal AD ports
rules:
- proto: tcp
ports:
- 80 # HTTP
- 443 # HTTPS
- 22 # SSH
- 5986 # WinRM
- 3389 # RDP
- 9090 # Cockpit
cidr_ip: 0.0.0.0/0
- proto: icmp
to_port: -1
from_port: -1
cidr_ip: 0.0.0.0/0
- proto: tcp
ports:
- 80 # HTTP
- 5986 # WinRM
- 3389 # RDP
- 53 # DNS
- 88 # Kerberos Authentication
- 135 # RPC
- 139 # Netlogon
- 389 # LDAP
- 445 # SMB
- 464 # Kerberos Authentication
- 5432 # PostgreSQL
- 636 # LDAPS (LDAP over TLS)
- 873 # Rsync
- 3268-3269 # Global Catalog
- 1024-65535 # Ephemeral RPC ports
cidr_ip: "{{ aws_vpc_cidr_block }}"
- proto: udp
ports:
- 53 # DNS
- 88 # Kerberos Authentication
- 123 # NTP
- 137-138 # Netlogon
- 389 # LDAP
- 445 # SMB
- 464 # Kerberos Authentication
- 1024-65535 # Ephemeral RPC ports
cidr_ip: "{{ aws_vpc_cidr_block }}"
rules_egress:
- proto: -1
cidr_ip: 0.0.0.0/0
vpc_id: "{{ aws_vpc.vpc.id }}"
tags:
Name: "{{ aws_sg_name }}"
owner: "{{ aws_owner_tag }}"
purpose: "{{ aws_purpose_tag }}"
- name: Create a subnet on the VPC
amazon.aws.ec2_vpc_subnet:
state: present
vpc_id: "{{ aws_vpc.vpc.id }}"
cidr: "{{ aws_subnet_cidr }}"
region: "{{ aws_region }}"
map_public: true
tags:
Name: "{{ aws_subnet_name }}"
owner: "{{ aws_owner_tag }}"
purpose: "{{ aws_purpose_tag }}"
register: aws_subnet
- name: Create a subnet route table
amazon.aws.ec2_vpc_route_table:
state: present
vpc_id: "{{ aws_vpc.vpc.id }}"
region: "{{ aws_region }}"
subnets:
- "{{ aws_subnet.subnet.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: "{{ aws_gateway.gateway_id }}"
tags:
Name: "{{ aws_rt_name }}"
owner: "{{ aws_owner_tag }}"
purpose: "{{ aws_purpose_tag }}"

19
cloud/destroy_vm.yml
View File

@@ -1,19 +0,0 @@
---
- hosts: "{{ HOSTS }}"
gather_facts: no
tasks:
- name: list systems to be destroyed
debug:
msg: "{{ inventory_hostname }}"
- name: pause for review...
pause:
seconds: 30
prompt: "Systems listed above will be DESTROYED in 30 seconds. Cancel the job to Abort."
- name: destroy vm
include_role:
name: "demo.cloud.aws"
tasks_from: destroy_vm
when: "'cloud_aws' in group_names or 'cloud_azure' in group_names"

399
cloud/setup.yml
View File

@@ -1,12 +1,27 @@
---
user_message:
- Update AWS credential with Access and Secret key
- Update Workshop Credential with password used to login to Controller
controller_components:
- execution_environments
- projects
- credentials
- inventory_sources
- groups
- job_templates
- workflow_job_templates
controller_execution_environments:
- name: Cloud Services Execution Environment
image: quay.io/scottharwell/cloud-ee:latest
controller_projects:
- name: Ansible Cloud Content Lab - AWS
organization: Default
scm_type: git
wait: true
# scm_url: https://github.com/ansible-content-lab/aws.infrastructure_config_demos.git
scm_url: https://github.com/willtome/aws.infrastructure_config_demos.git
default_environment: Cloud Services Execution Environment
controller_credentials:
- name: AWS
@@ -17,12 +32,12 @@ controller_credentials:
username: REPLACEME
password: REPLACEME
#- name: Azure
# credential_type: Microsoft Azure Resource Manager
# organization: Default
# update_secrets: false
# inputs:
# subscription: REPLACEME
# - name: Azure
# credential_type: Microsoft Azure Resource Manager
# organization: Default
# update_secrets: false
# inputs:
# subscription: REPLACEME
controller_inventory_sources:
- name: AWS Inventory
@@ -36,72 +51,142 @@ controller_inventory_sources:
- tag:Name
compose:
ansible_host: public_ip_address
ansible_user: 'ec2-user'
groups:
cloud_aws: true
os_linux: tags.blueprint.startswith('rhel')
keyed_groups:
- key: platform
prefix: os
- key: tags.blueprint
prefix: blueprint
- key: tags.owner
prefix: owner
#- name: Azure Inventory
# organization: Default
# source: azure_rm
# inventory: Workshop Inventory
# credential: Azure
# execution_environment: Ansible Engine 2.9 execution environment
# overwrite: true
# source_vars:
# hostnames:
# - tags.Name
# - default
# keyed_groups:
# - key: os_profile.system
# prefix: os
# conditional_groups:
# cloud_azure: true
# - name: Azure Inventory
# organization: Default
# source: azure_rm
# inventory: Workshop Inventory
# credential: Azure
# execution_environment: Ansible Engine 2.9 execution environment
# overwrite: true
# source_vars:
# hostnames:
# - tags.Name
# - default
# keyed_groups:
# - key: os_profile.system
# prefix: os
# conditional_groups:
# cloud_azure: true
controller_groups:
- name: cloud_aws
inventory: Workshop Inventory
variables:
ansible_user: ec2-user
controller_templates:
- name: Cloud / Create Infra
- name: Cloud / AWS / Create Peer Infrastructure
job_type: run
organization: Default
credentials:
- AWS
#- Azure
project: Ansible official demo project
playbook: cloud/create_infra.yml
- AWS
project: Ansible Cloud Content Lab - AWS
playbook: playbook_create_peer_network.yml
inventory: Workshop Inventory
execution_environment: Default execution environment
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
extra_vars:
aws_region: us-east-1
dmz_ssh_key_name: aws-test-key
priv_network_ssh_key_name: aws-test-key
- name: Cloud / AWS / Delete Peer Infrastructure
job_type: run
organization: Default
credentials:
- AWS
project: Ansible Cloud Content Lab - AWS
playbook: playbook_delete_peer_network.yml
inventory: Workshop Inventory
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
extra_vars:
aws_region: us-east-1
- name: Cloud / AWS / Create Transit Infrastructure
job_type: run
organization: Default
credentials:
- AWS
project: Ansible Cloud Content Lab - AWS
playbook: playbook_create_transit_network.yml
inventory: Workshop Inventory
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
extra_vars:
aws_region: us-east-1
dmz_ssh_key_name: aws-test-key
priv_network_ssh_key_name: aws-test-key
- name: Cloud / AWS / Delete Transit Infrastructure
job_type: run
organization: Default
credentials:
- AWS
project: Ansible Cloud Content Lab - AWS
playbook: playbook_delete_transit_network.yml
inventory: Workshop Inventory
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
extra_vars:
aws_region: us-east-1
- name: Cloud / AWS / Create VPC
job_type: run
organization: Default
credentials:
- AWS
project: Ansible official demo project
playbook: cloud/create_vpc.yml
inventory: Workshop Inventory
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
survey_enabled: true
extra_vars:
aws_region: us-east-2
aws_region: us-east-1
survey:
name: ''
description: ''
spec:
- question_name: Infra Provider
type: multiplechoice
variable: infra_provider
- question_name: Owner
type: text
variable: aws_owner_tag
required: true
choices:
- aws
#- azure
- question_name: AWS Public Key (only required for aws provider)
type: textarea
required: false
variable: aws_public_key
- name: Cloud / Create VM
- name: Cloud / AWS / Create VM
job_type: run
organization: Default
credentials:
- AWS
#- Azure
- Workshop Credential
project: Ansible official demo project
playbook: cloud/create_vm.yml
credentials:
- AWS
- Workshop Credential
project: Ansible Cloud Content Lab - AWS
playbook: playbook_create_vm.yml
inventory: Workshop Inventory
execution_environment: Default execution environment
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
survey_enabled: true
allow_simultaneous: true
extra_vars:
aws_region: us-east-2
aws_region: us-east-1
aws_keypair_name: aws-test-key
survey:
name: ''
description: ''
@@ -114,42 +199,226 @@ controller_templates:
type: text
variable: vm_owner
required: true
- question_name: Provider
- question_name: Deployment
type: text
variable: vm_deployment
required: true
- question_name: Environment
type: multiplechoice
variable: vm_provider
variable: vm_environment
required: true
choices:
- aws
#- azure
- Dev
- QA
- Prod
- question_name: Blueprint
type: multiplechoice
variable: vm_blueprint
required: true
choices: #"{{ lookup('fileglob', 'blueprints/*.yml') | regex_replace(',','\n') | regex_findall('.*/(.*)(?=.yml)') | list }}"
choices:
- windows_core
- windows_full
- rhel9
- rhel8
- rhel7
- name: Cloud / Destroy VM
- question_name: Subnet
type: text
variable: aws_vpc_subnet_name
required: true
default: aws-test-subnet
- question_name: Security Group
type: text
variable: aws_securitygroup_name
required: true
default: aws-test-sg
- name: Cloud / AWS / Delete VM
job_type: run
organization: Default
credentials:
- AWS
#- Azure
- Workshop Credential
project: Ansible official demo project
playbook: cloud/destroy_vm.yml
credentials:
- AWS
- Workshop Credential
project: Ansible Cloud Content Lab - AWS
playbook: playbook_delete_inventory_vm.yml
inventory: Workshop Inventory
execution_environment: Default execution environment
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
survey_enabled: true
extra_vars:
aws_region: us-east-2
aws_region: us-east-1
survey:
name: ''
description: ''
spec:
- question_name: Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- name: Cloud / AWS / VPC Report
job_type: run
organization: Default
credentials:
- AWS
project: Ansible Cloud Content Lab - AWS
playbook: playbook_create_reports.yml
inventory: Workshop Inventory
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
extra_vars:
aws_region: us-east-1
aws_report: vpc
- name: Cloud / AWS / Tags Report
job_type: run
organization: Default
credentials:
- AWS
project: Ansible Cloud Content Lab - AWS
playbook: playbook_create_reports.yml
inventory: Workshop Inventory
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
extra_vars:
aws_region: us-east-1
aws_report: tags
- name: Cloud / AWS / Create Keypair
job_type: run
organization: Default
credentials:
- AWS
project: Ansible official demo project
playbook: cloud/aws_key.yml
inventory: Workshop Inventory
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
survey_enabled: true
extra_vars:
aws_region: us-east-1
survey:
name: ''
description: ''
spec:
- question_name: Keypair Name
type: text
variable: aws_key_name
required: true
default: aws-test-key
- question_name: Keypair Public Key
type: textarea
variable: aws_public_key
required: true
- question_name: Owner
type: text
variable: aws_keypair_owner
required: true
controller_workflows:
- name: Deploy Cloud Stack in AWS
description: A workflow to deploy a cloud stack
organization: Default
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
extra_vars:
vm_deployment: cloud_stack
survey_enabled: true
survey:
name: ''
description: ''
spec:
- question_name: Owner
type: text
variable: aws_owner_tag
required: true
- question_name: Environment
type: multiplechoice
variable: vm_environment
required: true
choices:
- Dev
- QA
- Prod
- question_name: Keypair Public Key
type: textarea
variable: aws_public_key
required: true
- question_name: Email
type: text
variable: email
required: true
simplified_workflow_nodes:
- identifier: Create Keypair
unified_job_template: Cloud / AWS / Create Keypair
extra_data:
aws_keypair_owner: !unsafe "{{ aws_owner_tag }}"
success_nodes:
- VPC Report
failure_nodes:
- Ticket - Keypair Failed
- identifier: Create VPC
unified_job_template: Cloud / AWS / Create VPC
success_nodes:
- VPC Report
failure_nodes:
- Ticket - VPC Failed
- identifier: Ticket - Keypair Failed
unified_job_template: 'SUBMIT FEEDBACK'
extra_data:
feedback: Failed to create AWS keypair
- identifier: VPC Report
unified_job_template: Cloud / AWS / VPC Report
all_parents_must_converge: true
success_nodes:
- Deploy Windows Blueprint
- Deploy RHEL8 Blueprint
- Deploy RHEL9 Blueprint
- identifier: Deploy Windows Blueprint
unified_job_template: Cloud / AWS / Create VM
extra_data:
vm_name: aws_win
vm_blueprint: windows_full
vm_owner: !unsafe "{{ aws_owner_tag }}"
success_nodes:
- Update Inventory
failure_nodes:
- Ticket - Instance Failed
- identifier: Deploy RHEL8 Blueprint
unified_job_template: Cloud / AWS / Create VM
extra_data:
vm_name: aws_rhel8
vm_blueprint: rhel8
vm_owner: !unsafe "{{ aws_owner_tag }}"
success_nodes:
- Update Inventory
failure_nodes:
- Ticket - Instance Failed
- identifier: Deploy RHEL9 Blueprint
unified_job_template: Cloud / AWS / Create VM
extra_data:
vm_name: aws_rhel9
vm_blueprint: rhel9
vm_owner: !unsafe "{{ aws_owner_tag }}"
success_nodes:
- Update Inventory
failure_nodes:
- Ticket - Instance Failed
- identifier: Ticket - VPC Failed
unified_job_template: 'SUBMIT FEEDBACK'
extra_data:
feedback: Failed to create AWS VPC
- identifier: Update Inventory
unified_job_template: AWS Inventory
success_nodes:
- Tag Report
- identifier: Ticket - Instance Failed
unified_job_template: 'SUBMIT FEEDBACK'
extra_data:
feedback: Failed to create AWS instance
- identifier: Tag Report
unified_job_template: Cloud / AWS / Tags Report