ansible playbooks

Rocket-Search · Apr 8, 2024 · 80193d2 · 80193d2
1 parent 15eb207
commit 80193d2
Show file tree

Hide file tree

Showing 39 changed files with 899 additions and 0 deletions.
diff --git a/create_and_config_vm_ansible_playbooks/ee/ee-default-rhel9/bindep.txt b/create_and_config_vm_ansible_playbooks/ee/ee-default-rhel9/bindep.txt
@@ -0,0 +1 @@
+tar
diff --git a/create_and_config_vm_ansible_playbooks/ee/ee-default-rhel9/execution-environment.yml b/create_and_config_vm_ansible_playbooks/ee/ee-default-rhel9/execution-environment.yml
@@ -0,0 +1,21 @@
+---
+version: 1
+
+build_arg_defaults:
+  ANSIBLE_GALAXY_CLI_COLLECTION_OPTS: '-c'
+  EE_BASE_IMAGE: 'registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel9'
+
+
+ansible_config: '/etc/ansible/ansible.cfg'
+
+dependencies:
+  galaxy: requirements.yaml
+  python: requirements.txt
+  system: bindep.txt
+
+additional_build_steps:
+  prepend: |
+    RUN rm -rf /etc/rhsm-host
+    RUN rm -rf /etc/pki/entitlement-host
+    RUN rm -f /etc/yum.repos.d/redhat.repo
+    RUN microdnf clean all
diff --git a/create_and_config_vm_ansible_playbooks/ee/ee-default-rhel9/requirements.txt b/create_and_config_vm_ansible_playbooks/ee/ee-default-rhel9/requirements.txt
diff --git a/create_and_config_vm_ansible_playbooks/ee/ee-default-rhel9/requirements.yaml b/create_and_config_vm_ansible_playbooks/ee/ee-default-rhel9/requirements.yaml
@@ -0,0 +1,23 @@
+---
+collections:
+ - name: ansible.controller
+ - name: ansible.posix
+ - name: community.general
+ - name: nutanix.ncp
+ - name: redhat.rhel_system_roles
+ - name: redhat.satellite
+ - name: vmware.vmware_rest
+ - name: ansible.netcommon
+ - name: ansible.network  
+ - name: ansible.utils
+ - name: arista.eos
+ - name: awx.awx
+ - name: cisco.ios
+ - name: cisco.iosxr
+ - name: cisco.nxos
+ - name: frr.frr
+ - name: junipernetworks.junos
+ - name: openvswitch.openvswitch
+ - name: theforeman.foreman
+ - name: vyos.vyos
+ - name: kubernetes.core
diff --git a/create_and_config_vm_ansible_playbooks/playbooks/pb-deploy-host.yaml b/create_and_config_vm_ansible_playbooks/playbooks/pb-deploy-host.yaml
@@ -0,0 +1,51 @@
+---
+- name: "### PB: Deploy Host ###"
+  hosts: "{{ esx_host_fqdn }}"
+
+  roles: 
+    - role: ../roles/deploy-host
+
+  post_tasks:
+    - debug:
+        var: ip_address_2
+
+
+  tasks:
+    - name: save ip temp to disk on ESX
+      ansible.builtin.shell: echo '{{ ip_address_2 }}' > /tmp/file_one
+
+- name: Running on the Ansible server
+  hosts: localhost
+  gather_facts: true
+  become: true
+
+  tasks:
+    - name: Test create local file
+      ansible.builtin.shell: echo "Hello" > /tmp/hello.txt
+    - name: scp file from esx
+      ansible.builtin.shell: sftp -r -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "{{ esx_host_fqdn }}":/tmp/file_one /tmp/
+      async: 60
+      poll: 1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/create_and_config_vm_ansible_playbooks/playbooks/pb-dnf_update_system.yaml b/create_and_config_vm_ansible_playbooks/playbooks/pb-dnf_update_system.yaml
@@ -0,0 +1,8 @@
+---
+- name: " ### PLAYBOOK: DNF Update System ### "
+  hosts: "{{ vm_name_fqdn }}"
+  gather_facts: false
+  become: true
+
+  roles:
+    - role: ../roles/dnf_update_system
diff --git a/create_and_config_vm_ansible_playbooks/playbooks/pb-glpi_create_asset.yaml b/create_and_config_vm_ansible_playbooks/playbooks/pb-glpi_create_asset.yaml
@@ -0,0 +1,8 @@
+---
+- name: "### PB: glpi create asste###"
+  hosts: localhost
+  gather_facts: true
+  become: true
+
+  roles: 
+    - role: ../roles/glpi_create_asset
diff --git a/create_and_config_vm_ansible_playbooks/playbooks/pb-icinga_config.yaml b/create_and_config_vm_ansible_playbooks/playbooks/pb-icinga_config.yaml
@@ -0,0 +1,24 @@
+---
+- name: "### PB: Foreman Repo Sync###"
+  hosts: "{{ vm_name_fqdn }}"
+  gather_facts: true
+  become: true
+
+  vars:
+    network:
+      username: '{{ lookup("env", "ANSIBLE_NET_USERNAME") }}'
+      password: '{{ lookup("env", "ANSIBLE_NET_PASSWORD") }}'
+
+  roles: 
+    - role: ../roles/icinga_config
+
+- hosts: icinga
+  gather_facts: true
+  become: true
+
+  tasks:
+
+    - name: "per api hinzufuegen"
+      ansible.builtin.include_tasks:
+        file: ../roles/icinga_config/tasks/tsk-icinga_api_server_config.yaml
+
diff --git a/create_and_config_vm_ansible_playbooks/playbooks/pb-join_ad_domain.yaml b/create_and_config_vm_ansible_playbooks/playbooks/pb-join_ad_domain.yaml
@@ -0,0 +1,8 @@
+---
+- name: "### PB: Join AD###"
+  hosts: "{{ vm_name_fqdn }}"
+  gather_facts: false
+  become: true
+
+  roles: 
+    - role: ../roles/join_ad_domain
diff --git a/create_and_config_vm_ansible_playbooks/playbooks/pb-openscap.yaml b/create_and_config_vm_ansible_playbooks/playbooks/pb-openscap.yaml
@@ -0,0 +1,10 @@
+---
+- name: "### PB: openSCAP Host ###"
+  hosts: "{{ vm_name_fqdn }}"
+  gather_facts: true
+  become: true
+
+  roles: 
+    - role: ../roles/openscap
+
+
diff --git a/create_and_config_vm_ansible_playbooks/playbooks/pb-register-foreman.yaml b/create_and_config_vm_ansible_playbooks/playbooks/pb-register-foreman.yaml
@@ -0,0 +1,6 @@
+---
+- name: " ### PLAYBOOK: SET SSH KEY ### "
+  hosts: "{{ vm_name_fqdn }}"
+
+  roles: 
+    - role: ../roles/register-foreman
diff --git a/create_and_config_vm_ansible_playbooks/playbooks/pb-register-host-in-aap.yaml b/create_and_config_vm_ansible_playbooks/playbooks/pb-register-host-in-aap.yaml
@@ -0,0 +1,16 @@
+---
+- name: "### PB: Add Host to Inventory for Deployment ###"
+  hosts: localhost
+  gather_facts: true
+  become: true
+
+  vars:
+    ip: "keine IP_1"
+    ip_2: "keine IP_2"
+
+
+  roles: 
+      - role: ../roles/register-host-in-aap
+
+
+
diff --git a/create_and_config_vm_ansible_playbooks/playbooks/pb-set-ip-name-etc.yaml b/create_and_config_vm_ansible_playbooks/playbooks/pb-set-ip-name-etc.yaml
@@ -0,0 +1,31 @@
+---
+- name: " ### PLAYBOOK: SET SSH KEY ### "
+  hosts: "{{ vm_name_fqdn }}"
+  gather_facts: true
+  become: true
+
+  roles:
+    - role: ../roles/set-ip-name-etc
+
+- name: Running on the Ansible server
+  hosts: aap
+
+  tasks:
+    - name: IP variable_2
+    - debug:
+        msg: "IP variable_2: {{ ip_address }}"
+
+  tasks:
+    - name: change IP in AAP
+      ansible.controller.host:
+        controller_host: aap.moore.corp
+        controller_password: <aap pw>
+        controller_username: <aap user>
+        name: "{{ vm_name_fqdn }}"
+        description: Host "{{ vm_name_fqdn }}" added from AAP via Automation Task.
+        inventory: VM_Inventory
+        enabled: true
+        state: present
+        variables:
+          ansible_host: "{{ ip_address }}"
+
diff --git a/create_and_config_vm_ansible_playbooks/playbooks/pb-set-ssh-key.yaml b/create_and_config_vm_ansible_playbooks/playbooks/pb-set-ssh-key.yaml
@@ -0,0 +1,8 @@
+---
+- name: " ### PLAYBOOK: SET SSH KEY ### "
+  hosts: "{{ vm_name_fqdn }}"
+  gather_facts: true
+  become: true
+
+  roles: 
+    - role: ../roles/set-ssh-key
diff --git a/create_and_config_vm_ansible_playbooks/roles/deploy-host/tasks/main.yaml b/create_and_config_vm_ansible_playbooks/roles/deploy-host/tasks/main.yaml
@@ -0,0 +1,8 @@
+---
+- name: Include nutanix tasks
+  ansible.builtin.include_tasks: tsk-create-host-xen.yaml
+  when: host_vz_platform == "xen"
+
+- name: Include vmware tasks
+  ansible.builtin.include_tasks: tsk-create-host-vmware.yaml
+  when: host_vz_platform == "vmware"
diff --git a/create_and_config_vm_ansible_playbooks/roles/deploy-host/tasks/tsk-create-host-vmware.yaml b/create_and_config_vm_ansible_playbooks/roles/deploy-host/tasks/tsk-create-host-vmware.yaml
@@ -0,0 +1,26 @@
+---
+- name: "###deploy vm from template, register and start VM (wait for question timeout)###"
+  ansible.builtin.shell: |
+    cd /vmfs/volumes/"{{ datastore }}"
+    mkdir "{{ vm_name_fqdn }}"
+    vmkfstools -i /vmfs/volumes/datastore3/"{{ lnx_vers }}"_template/"{{ lnx_vers }}"_template.vmdk /vmfs/volumes/"{{ datastore }}"/"{{ vm_name_fqdn }}"/"{{ lnx_vers }}"_template.vmdk -d thin
+    cp -frv /vmfs/volumes/datastore3/"{{ lnx_vers }}"_template/"{{ lnx_vers }}"_template.vmx /vmfs/volumes/"{{ datastore }}"/"{{ vm_name_fqdn }}"/
+    sed 's/displayName = "'{{ lnx_vers }}'_template"/displayName = "{{ vm_name_fqdn }}"/' -i /vmfs/volumes/"{{ datastore }}"/"{{ vm_name_fqdn }}"/'{{ lnx_vers }}'_template.vmx
+    vim-cmd solo/registervm /vmfs/volumes/"{{ datastore }}"/"{{ vm_name_fqdn }}"/'{{ lnx_vers }}'_template.vmx
+    vim-cmd vmsvc/getallvms | grep "{{ vm_name_fqdn }}" | awk -F " " '{print $1}' | xargs -I % vim-cmd vmsvc/power.on %
+
+- name: "###Prüfen und warten ob IP vergeben wird###"
+  ansible.builtin.shell: |
+    vim-cmd vmsvc/getallvms | grep "{{ vm_name_fqdn }}" | awk -F " " '{print $1}' | xargs -I % vim-cmd vmsvc/get.guest % | grep ipAddress | head -n 1 | awk -F "\"" '{print $2}'
+  register: command_output
+  until: command_output.stdout != ""
+  retries: 100
+  delay: 10
+
+- name: "set output variable to new variable# Extern übergeben Var. haben vorang vor set_fact ????"
+  ansible.builtin.set_fact:
+    ip_address_2: "{{ command_output.stdout }}"
+    cacheable: yes
+
+- debug:
+    msg: "IP variable_2: {{ ip_address_2 }}"
diff --git a/create_and_config_vm_ansible_playbooks/roles/dnf_update_system/tasks/main.yaml b/create_and_config_vm_ansible_playbooks/roles/dnf_update_system/tasks/main.yaml
@@ -0,0 +1,4 @@
+---
+- include_tasks: tsk-dnf_update_system.yaml
+  when: lnx_vers == "rhel_92"
+
diff --git a/..._and_config_vm_ansible_playbooks/roles/dnf_update_system/tasks/tsk-dnf_update_system.yaml b/..._and_config_vm_ansible_playbooks/roles/dnf_update_system/tasks/tsk-dnf_update_system.yaml
@@ -0,0 +1,15 @@
+---
+- name: "### dnf update system ###"
+  ansible.builtin.dnf:
+    name: "*"
+    state: latest
+    update_cache: true
+
+- name: "### reboot host and wait for it to restart"
+  reboot:
+    msg: "Reboot initiated by Ansible"
+    connect_timeout: 5
+    reboot_timeout: 600
+    pre_reboot_delay: 0
+    post_reboot_delay: 30
+    test_command: whoami
diff --git a/create_and_config_vm_ansible_playbooks/roles/glpi_create_asset/tasks/main.yaml b/create_and_config_vm_ansible_playbooks/roles/glpi_create_asset/tasks/main.yaml
@@ -0,0 +1,3 @@
+---
+- name: create glpi asset
+  ansible.builtin.include_tasks: tsk-glpi_create_asset.yaml
diff --git a/..._and_config_vm_ansible_playbooks/roles/glpi_create_asset/tasks/tsk-glpi_create_asset.yaml b/..._and_config_vm_ansible_playbooks/roles/glpi_create_asset/tasks/tsk-glpi_create_asset.yaml
@@ -0,0 +1,61 @@
+---
+- name: "create glpi paylod json file"
+  ansible.builtin.file:
+    path: "/tmp/{{ vm_name_fqdn }}_glpi_asset.json"
+    state: touch
+
+- name: "edit entry glpi payload json file"
+  vars:
+    __uuid: "{{ '%032x' % ((2**128) | random) }}"
+    uuid: "{{ __uuid[0:8] }}-{{ __uuid[8:12] }}-{{ __uuid[12:16] }}-{{ __uuid[16:20] }}-{{ __uuid[20:32] }}"
+  ansible.builtin.shell: |
+      cat > /tmp/{{ vm_name_fqdn }}_glpi_asset.json << EOF
+      {
+        "input": [
+          {
+            "name": "{{ vm_name_fqdn }}",
+            "uuid": "{{ uuid }}",
+            "serial": "100$RANDOM",
+            "locations_id": "1",
+            "states_id": "1",
+            "comment": "KOMMENTAR",
+            "users_id_tech": "2",
+            "groups_id_tech": "4",
+            "networks_id": "1",
+            "computertypes_id": "1",
+            "manufacturers_id": "1",
+            "computermodels_id": "1"
+          }
+        ]
+      }
+
+
+- name: "get session token"
+  ansible.builtin.shell: |
+    curl -s -u glpi:glpi -X POST -H 'Content-Type: application/json' -H 'App-Token: luOXOTaXCvrAhRndg0p4O0YFFKssiT6ppDDCH2jF' 'http://172.17.190.52/apirest.php/initSession' | grep session_token | awk -F '\"' '{print $4}'
+    #curl -s -u glpi:glpi -X POST -H 'Content-Type: application/json' -H 'App-Token: luOXOTaXCvrAhRndg0p4O0YFFKssiT6ppDDCH2jF' 'http://172.17.190.52/apirest.php/initSession' | jq | grep session_token | awk -F '\"' '{print $4}'
+  register: session_token
+
+- name: "Debug Function Check 2 Vars uebergabe. nur stdout in die variable schreiben"
+  ansible.builtin.set_fact:
+    var_2: "{{ session_token.stdout }}"
+    cacheable: yes
+
+- debug:
+    msg: "variable_2: {{ var_2 }}"
+
+- name: "send payload"
+  ansible.builtin.shell: |
+    curl -s -u glpi:glpi -X POST -H 'Content-Type: application/json' -H 'App-Token: luOXOTaXCvrAhRndg0p4O0YFFKssiT6ppDDCH2jF' -H 'Session-Token: {{ var_2 }}' -d @/tmp/{{ vm_name_fqdn }}_glpi_asset.json 'http://172.17.190.52/apirest.php/Computer'
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/create_and_config_vm_ansible_playbooks/roles/icinga_config/tasks/main.yaml b/create_and_config_vm_ansible_playbooks/roles/icinga_config/tasks/main.yaml
@@ -0,0 +1,3 @@
+---
+- name: create client config
+  ansible.builtin.include_tasks: tsk-icinga_config.yaml
diff --git a/...d_config_vm_ansible_playbooks/roles/icinga_config/tasks/tsk-icinga_api_server_config.yaml b/...d_config_vm_ansible_playbooks/roles/icinga_config/tasks/tsk-icinga_api_server_config.yaml
@@ -0,0 +1,18 @@
+---
+- name: "delete old host with same hostname"
+  ansible.builtin.shell: |
+    curl -k -s -u root:04c7b4aa85227dc8 -H 'Accept: application/json' -X DELETE 'https://localhost:5665/v1/objects/hosts/{{ vm_name_fqdn }}?cascade=1'
+
+- name: set downtime to host
+  ansible.builtin.uri:
+    url: https://localhost:5665/v1/objects/hosts/{{ vm_name_fqdn }}
+    user: <api user>
+    password: <PW>
+    validate_certs: false
+    method: PUT
+    body_format: json
+    headers:
+      Accept: "application/json"
+    status_code: 200
+    body: 
+       '{"templates": [ "{{ icinga_check_template }}" ],"attrs": { "address": "{{ ip_address }}", "vars.os" : "{{ icinga_check_template }}", "vars.host_ssh_native" : "{{ ip_address }}" }}'