Last active
November 21, 2018 23:15
-
-
Save remoteur/e3a5a354f9206983fa2cc41911e639be to your computer and use it in GitHub Desktop.
infrared infrastructure
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: infra | |
| prefix: null | |
| cpu: "2" | |
| cpumodel: "host-passthrough" | |
| memory: "8192" | |
| swap: "0" | |
| deploy_os: true | |
| os: | |
| type: "linux" | |
| variant: "rhel7" | |
| disks: | |
| disk1: | |
| import_url: null | |
| path: null | |
| dev: "/dev/vda" | |
| size: "15G" | |
| cache: "unsafe" | |
| preallocation: "metadata" | |
| disk2: | |
| import_url: null | |
| path: null | |
| dev: /dev/vdb | |
| size: "16G" | |
| cache: "unsafe" | |
| preallocation: "metadata" | |
| interfaces: null | |
| groups: | |
| - infra |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| networks: | |
| net1: | |
| name: "internal" | |
| ip_address: "172.16.0.1" | |
| netmask: "255.255.255.0" | |
| forward: nat | |
| dhcp: | |
| range: | |
| start: "172.16.0.2" | |
| end: "172.16.0.100" | |
| subnet_cidr: "172.16.0.0/24" | |
| subnet_gateway: "172.16.0.1" | |
| net2: | |
| name: "external" | |
| ip_address: "10.0.0.1" | |
| netmask: "255.255.255.0" | |
| forward: nat | |
| dhcp: | |
| range: | |
| start: "10.0.0.2" | |
| end: "10.0.0.100" | |
| subnet_cidr: "10.0.0.0/24" | |
| subnet_gateway: "10.0.0.1" | |
| nodes: | |
| default: | |
| interfaces: | |
| - network: "internal" | |
| external_network: | |
| network: "internal" | |
| loadbalancer: | |
| interfaces: | |
| - network: "external" | |
| - network: "internal" | |
| external_network: | |
| network: "external" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: loadbalancer | |
| prefix: null | |
| cpu: "2" | |
| cpumodel: "host-passthrough" | |
| memory: "2048" | |
| swap: "0" | |
| deploy_os: true | |
| os: | |
| type: "linux" | |
| variant: "rhel7" | |
| disks: | |
| disk1: | |
| import_url: null | |
| path: null | |
| dev: "/dev/vda" | |
| size: "20G" | |
| cache: "unsafe" | |
| preallocation: "metadata" | |
| interfaces: null | |
| groups: | |
| - loadbalancer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: management | |
| prefix: null | |
| cpu: "2" | |
| cpumodel: "host-passthrough" | |
| memory: "2048" | |
| swap: "0" | |
| deploy_os: true | |
| os: | |
| type: "linux" | |
| variant: "rhel7" | |
| disks: | |
| disk1: | |
| import_url: null | |
| path: null | |
| dev: "/dev/vda" | |
| size: "15G" | |
| cache: "unsafe" | |
| preallocation: "metadata" | |
| # infraces and external_network dicts were moved to network file. | |
| interfaces: null | |
| groups: | |
| - management |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: master | |
| prefix: null | |
| cpu: "4" | |
| cpumodel: "host-passthrough" | |
| memory: "8192" | |
| swap: "0" | |
| deploy_os: true | |
| os: | |
| type: "linux" | |
| variant: "rhel7" | |
| disks: | |
| disk1: | |
| import_url: null | |
| path: null | |
| dev: "/dev/vda" | |
| size: "50G" | |
| cache: "unsafe" | |
| preallocation: "metadata" | |
| interfaces: null | |
| groups: | |
| - master |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| HOST=$HOST | |
| SSH_HOST_KEY="~/.ssh/id_rsa" | |
| IMAGE='http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2' | |
| TOPOLOGY_NODES='master:3,infra:2,worker:2,loadbalancer:1,management:1' | |
| TOPOLOGY_NETWORKS='internal_external' | |
| VM_SSH_USERNAME='marius' | |
| infrared virsh \ | |
| --host-address $HOST \ | |
| --host-key $SSH_HOST_KEY \ | |
| --cleanup yes | |
| infrared virsh \ | |
| --topology-username $VM_SSH_USERNAME \ | |
| --host-memory-overcommit yes \ | |
| --topology-nodes $TOPOLOGY_NODES \ | |
| --host-address $HOST \ | |
| --host-key $SSH_HOST_KEY \ | |
| --topology-network $TOPOLOGY_NETWORKS \ | |
| --image-url $IMAGE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create an OSEv3 group that contains the master, nodes, etcd, and lb groups. | |
| # The lb group lets Ansible configure HAProxy as the load balancing solution. | |
| # Comment lb out if your load balancer is pre-configured. | |
| [OSEv3:children] | |
| masters | |
| nodes | |
| etcd | |
| lb | |
| # Set variables common for all OSEv3 hosts | |
| [OSEv3:vars] | |
| ansible_ssh_user=root | |
| openshift_deployment_type=origin | |
| # uncomment the following to enable htpasswd authentication; defaults to AllowAllPasswordIdentityProvider | |
| #openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}] | |
| # Native high availability cluster method with optional load balancer. | |
| # If no lb group is defined installer assumes that a load balancer has | |
| # been preconfigured. For installation the value of | |
| # openshift_master_cluster_hostname must resolve to the load balancer | |
| # or to one or all of the masters defined in the inventory if no load | |
| # balancer is present. | |
| openshift_master_cluster_method=native | |
| openshift_master_cluster_hostname=oc-internal.domain.local | |
| openshift_master_cluster_public_hostname=oc-external.domain.local | |
| # host group for masters | |
| [masters] | |
| master-0.domain.local | |
| master-1.domain.local | |
| master-2.domain.local | |
| # host group for etcd | |
| [etcd] | |
| master-0.domain.local | |
| master-1.domain.local | |
| master-2.domain.local | |
| # Specify load balancer host | |
| [lb] | |
| lb-0.domain.local | |
| # host group for nodes, includes region info | |
| [nodes] | |
| master-[0:2].domain.local openshift_node_group_name='node-config-master' | |
| worker-[0:2].domain.local openshift_node_group_name='node-config-compute' | |
| infra-[0:2].domain.local openshift_node_group_name='node-config-infra' | |
| [oo_all_hosts:children] | |
| masters | |
| nodes | |
| etcd | |
| lb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: Bootstrap management node | |
| hosts: management | |
| tasks: | |
| - name: check existing keypair | |
| stat: | |
| path: "~/.ssh/id_rsa.pub" | |
| register: keypair_result | |
| - name: generate keypair if not present | |
| shell: "ssh-keygen -f ~/.ssh/id_rsa -t rsa -N ''" | |
| when: keypair_result.stat.exists == False | |
| - name: register public key | |
| shell: "cat ~/.ssh/id_rsa.pub" | |
| register: tester_key | |
| - name: transfer public key to non-management nodes authorized_keys | |
| become: true | |
| copy: | |
| dest: /root/.ssh/authorized_keys | |
| content: "{{ tester_key.stdout }}" | |
| delegate_to: "{{ item }}" | |
| with_items: | |
| - "{{ groups['master'] }}" | |
| - "{{ groups['infra'] }}" | |
| - "{{ groups['worker'] }}" | |
| - name: Set up hostnames | |
| hosts: all:!localhost | |
| become: true | |
| vars: | |
| domain: "domain.local" | |
| openshift_external_hostname: "oc-external" | |
| openshift_internal_hostname: "oc-internal" | |
| tasks: | |
| - name: set hostname | |
| hostname: | |
| name: "{{ inventory_hostname }}.{{ domain }}" | |
| - name: update /etc/hosts with internal network details | |
| lineinfile: | |
| dest: /etc/hosts | |
| line: "{% if 'loadbalancer' in item %}{{ hostvars[item].ansible_eth1.ipv4.address }}{% else %}{{ hostvars[item].ansible_eth0.ipv4.address }}{% endif %} \ | |
| {{ item }}.{{ domain }} {{ item }}" | |
| regexp: ".*{{ item }}$" | |
| state: present | |
| with_items: "{{ groups.all | difference(['localhost']) | difference(['hypervisor']) }}" | |
| - name: update /etc/hosts with loadbalancer external ip details | |
| lineinfile: | |
| dest: /etc/hosts | |
| line: "{{ hostvars['loadbalancer-0'].ansible_eth0.ipv4.address }} \ | |
| {{ openshift_external_hostname }}.{{ domain }} {{ openshift_external_hostname }}" | |
| regexp: ".*{{ openshift_external_hostname }}$" | |
| state: present | |
| - name: update /etc/hosts with loadbalancer internal ip details | |
| lineinfile: | |
| dest: /etc/hosts | |
| line: "{{ hostvars['loadbalancer-0'].ansible_eth1.ipv4.address }} \ | |
| {{ openshift_internal_hostname }}.{{ domain }} {{ openshift_internal_hostname }}" | |
| regexp: ".*{{ openshift_internal_hostname }}$" | |
| state: present | |
| - name: Set up OCP 3.11 repo | |
| hosts: all:!localhost:!hypervisor | |
| become: true | |
| tasks: | |
| - name: set up OCP 3.11 repo | |
| copy: | |
| content: | | |
| [ocp-3.11] | |
| name=OpenShift 3.11 | |
| baseurl=https://cbs.centos.org/repos/paas7-openshift-origin311-testing/$basearch//os/ | |
| enabled=1 | |
| gpgcheck=0 | |
| dest: /etc/yum.repos.d/ocp.repo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: worker | |
| prefix: null | |
| cpu: "4" | |
| cpumodel: "host-passthrough" | |
| memory: "8192" | |
| swap: "0" | |
| deploy_os: true | |
| os: | |
| type: "linux" | |
| variant: "rhel7" | |
| disks: | |
| disk1: | |
| import_url: null | |
| path: null | |
| dev: "/dev/vda" | |
| size: "15G" | |
| cache: "unsafe" | |
| preallocation: "metadata" | |
| disk2: | |
| import_url: null | |
| path: null | |
| dev: /dev/vdb | |
| size: "16G" | |
| cache: "unsafe" | |
| preallocation: "metadata" | |
| interfaces: null | |
| groups: | |
| - worker |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment