Created
January 31, 2024 15:45
-
-
Save gonoph/88a2c286076a67ac3b61f753485ca724 to your computer and use it in GitHub Desktop.
Satellite registration playbook example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# vim: ts=2 sw=2 ai expandtab | |
- name: Register to Satellite | |
hosts: "{{ workflow_hosts | default('all') }}" | |
connection: smart | |
gather_facts: true | |
become: true | |
vars_files: | |
- satellite_credentials.yml | |
vars: | |
foreman_user: root | |
tasks: | |
- assert: | |
that: | |
- ansible_distribution == "RedHat" | |
fail_msg: "System can not be registered to Satellite" | |
success_msg: "System will be registered" | |
- name: test if system is registered | |
command: subscription-manager identity | |
register: registration | |
failed_when: false | |
changed_when: | |
- registration.rc != 0 | |
- name: Find org and location id | |
theforeman.foreman.organization_info: | |
username: "{{ satellite_username }}" | |
password: "{{ satellite_password }}" | |
server_url: "https://{{ satellite_url }}" | |
name: "{{ satellite_org }}" | |
validate_certs: false | |
register: orgdata | |
delegate_to: localhost | |
when: registration is changed | |
become: false | |
- name: extract location id | |
set_fact: | |
locdata: "{{ orgdata.organization.locations | selectattr('name', 'eq', satellite_location) | last }}" | |
orgdata: "{{ orgdata.organization }}" | |
when: registration is changed | |
- debug: | |
var: tmp | |
vars: | |
tmp: | |
locid: "{{ locdata.id }}" | |
orgid: "{{ orgdata.id }}" | |
when: registration is changed | |
- assert: | |
that: | |
- locdata and orgdata | |
- "'id' in locdata" | |
- "'id' in orgdata" | |
- locdata.id and orgdata.id | |
when: registration is changed | |
- name: extract registration script | |
ansible.builtin.uri: | |
url: "https://{{ satellite_url }}/api/registration_commands" | |
return_content: true | |
body_format: json | |
user: "{{ satellite_username }}" | |
password: "{{ satellite_password }}" | |
method: POST | |
force_basic_auth: true | |
validate_certs: false | |
body: | |
location_id: "{{ locdata.id }}" | |
organization_id: "{{ orgdata.id }}" | |
registration_command: | |
location_id: "{{ locdata.id }}" | |
organization_id: "{{ orgdata.id }}" | |
setup_insights: 1 | |
setup_remote_execution: 1 | |
jwt_expiration: 1 | |
insecure: 1 | |
activation_key: "{{ satellite_activation_key }}" | |
register: regcmd | |
delegate_to: localhost | |
when: registration is changed | |
become: false | |
- debug: | |
var: regcmd.json.registration_command | |
when: registration is changed | |
- name: Write satellite registration | |
ansible.builtin.copy: | |
dest: /root/register.sh | |
content: | | |
#!/bin/bash | |
{{ regcmd.json.registration_command }} | |
mode: '0755' | |
owner: root | |
group: root | |
when: registration is changed | |
- name: run registration | |
command: /root/register.sh | |
when: registration is changed | |
- name: add foreman sshkey to foreman_user | |
ansible.posix.authorized_key: | |
user: "{{ foreman_user }}" | |
state: present | |
key: "https://{{ satellite_url }}:9090/ssh/pubkey" | |
- name: add hosts to satellite inventory variable | |
set_stats: | |
data: | |
workflow_hosts: "{{ ansible_play_hosts }}" | |
run_once: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# make sure to encrypt this with "ansible-vault encrypt satellite_credentials.yml" | |
satellite_username: admin | |
satellite_password: secret_password |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment