-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathdemo.yml
124 lines (103 loc) · 3.76 KB
/
demo.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
---
# Basic demo of using Ansible to create a virtual machine on Pouta.csc.fi
#
# You'll need to download and source your credentials before this will work:
# https://research.csc.fi/pouta-credentials
#
- name: Create virtual machine on cPouta
hosts: localhost # The OpenStack modules run on your local machine.
connection: local
vars:
# These will need changing based on your project and pass them through environment variables
demo_security_groups: default,{{ demo_sg }} # don't add spaces here!
tasks:
- name: Create security group
os_security_group: name={{ demo_sg }}
- name: Add rule to security group to allow http from the internet
os_security_group_rule:
security_group: "{{ demo_sg }}"
protocol: tcp
port_range_min: 80
port_range_max: 80
remote_ip_prefix: 0.0.0.0/0
- name: Add rule to security group to all ssh from current system
os_security_group_rule:
security_group: "{{ demo_sg }}"
protocol: tcp
port_range_min: 22
port_range_max: 22
remote_ip_prefix: "{{ ansible_default_ipv4.address }}/32"
- name: Creates a key pair with the running users public key
os_keypair:
state: present
name: "{{ demo_key }}"
public_key_file: "{{ path_to_key }}"
- name: Create a virtual machine
register: result
os_server:
state: present
name: "{{ vm_name }}"
image: CentOS-7
flavor: standard.tiny
key_name: "{{ demo_key }}"
security_groups: "{{ demo_security_groups }}"
auto_floating_ip: yes
network: "{{ net_name }}"
timeout: 200
- name: Create a virtual machine
register: result
os_server:
state: present
name: "{{ vm_name }}"
image: CentOS-7
flavor: standard.tiny
key_name: "{{ demo_key }}"
security_groups: "{{ demo_security_groups }}"
auto_floating_ip: yes
network: "{{ net_name }}"
timeout: 200
until: (result.openstack is defined) and (result.openstack.addresses.project_2001316[1] | length > 1)
delay: 20
retries: 50
- name: Store the auto-allocated floating IP address
set_fact: floating_ip={{ result.openstack.addresses.project_2001316[1].addr }}
- name: Add new host to inventory
add_host: name={{ floating_ip }} groups=new
- name: clear ssh known_hosts
known_hosts: name={{ floating_ip }} state=absent
when: result is changed
- name: Wait for instance to be ready
wait_for: host={{ floating_ip }} port=22 search_regex=OpenSSH delay=60
- name: Configure demo host
hosts: new
remote_user: cloud-user
become: yes # sudo to root
vars:
demo_photo: kajaani.jpg
demo_greeting: "Hello from Kajaani!"
tasks:
- name: Install a webserver
yum: name=httpd state=present
- name: Deploy demo web page
template: src=templates/demo.html.j2 dest=/var/www/html/index.html owner=apache group=apache mode=0644
- name: Copy a picture of Kajaani
copy: src=resources/kajaani.jpg dest=/var/www/html/kajaani.jpg owner=apache group=apache mode=0644
- name: Install firewalld
yum: name=firewalld state=present
- name: Start firewalld
service: name=firewalld state=started enabled=yes
- name: Wait for firewalld
pause: seconds=30
- name: Configure firewalld for ssh
firewalld: service=ssh permanent=true state=enabled
notify:
- restart firewalld
- name: Configure firewalld for http
firewalld: service=http permanent=true state=enabled
notify:
- restart firewalld
- name: Start apache
service: name=httpd state=started enabled=yes
handlers:
- name: restart firewalld
service: name=firewalld state=restarted