Merge pull request 'Update Ceph infrastructure' (#12) from ceph_vexx into main

Reviewed-on: felcloud/ansible_env_staging#12 Reviewed-by: safouenebg <safouene@felcloud.tn>
2024-05-23 09:41:46 +00:00 · 2024-05-23 09:41:46 +00:00 · 63030e0b95
commit 63030e0b95
parent d002871584 b6931523d2
4 changed files with 258 additions and 0 deletions
--- a/ceph_vexx.sh
+++ b/ceph_vexx.sh
@ -0,0 +1,5 @@
+#!/bin/bash
+export OS_CLOUD="vexxhost_sjc1"
+export PULUMI_STACK="staging"
+export PULUMI_SUB_STACK="ceph_vexx"
+export PULUMI_CONFIG_PASSPHRASE_FILE="/etc/ansible/pulumi_passphrase"
--- a/group_vars/ceph_vexx
+++ b/group_vars/ceph_vexx
@ -0,0 +1,14 @@
+---
+
+# linux users
+users:
+  - name: emine
+    group: emine
+    groups: sudo
+    shell: '/bin/bash'
+    ssh_pub_keys:
+      - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQx/ruuz9HUmS44qSMckfpO/Gk6HukIEUO1DfxxiynMMPp6wsWSz799AgeIsu19qfG1T42hMBy1OoBKIJ91YCOKD43zHu5XoleHKZo2kXHHFsQdtZAm4WcRDMzDsbz5gNEboqKStD4bJ+74GORpnVTpypVWX8f2yahTheb38qRpAwmYOCviL4cak2d6RgVi5eWyvGsVJmcd//7301Dg2FH8l+CmSuRKRY6f27fwqvZUsWx8ZJI0z18q8IHAdqyt67WmY6dLYV+8vQLGAo50ElKPTxrIUnOUmiZZI9oaoqemH7hdiSYMUnp/26Ob0xPafcHsJT1+mqS8H3DDMJf5jsEPwSdR+3pnIMm8vwKW6PJVRZPO5p/lugza0XbPTwKWlZeb6poVs1I2pwScedPgVnLMRuWA4rtEamarPlQ2QZS04+2J3TvuOMcHI0vM/T269bTEOk7UghKz5Km3YYPrQVi728zitAc4BOzk5cxJ4GnO+ttEIHWnZT9Vn/slEHNy3NYnB1hX5a5++/fE1xC9KIBLWqiXONDHyPdsoYqrmtkc82rxkyMtwppY9vvAbkWwrSGSiGM7t/EceB2ZlC8EmzNc1tvDaYDmgGEFMDtsOBO6qNVKjxvP8fYdQgzaasarwcbCYG9VgwhEyUJVYM7s9I+VPZhkXI5ZEjXJ0uIHcbU+w== dell-xps'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINgHtvs8XWPr9T1fjhO633kR9ULro0gpnjBc+gFmrI5I emine@felcloud.io'
+
+# ceph
+ceph_public_network: "172.39.15.0/24"
--- a/infra/ceph_vexx.json
+++ b/infra/ceph_vexx.json
@ -0,0 +1,225 @@
+{ 
+  "application_name": "ceph_vexx",
+  "bastion_to_use": "ceph_vexx",
+  "network": [{
+	  "name": "ceph_network",
+	  "bastion_access": "yes",
+	  "subnet": {
+		     "name":"ceph_network_subnet",
+		     "ip_version": 4,
+		     "cidr": "172.39.15.0/24",
+		     "dns_servers": ["8.8.8.8"],
+		     "linked_router": [{"router_name": "ceph_router"}]
+                  },
+          "port": [
+          ]
+  }],
+  "router": [{
+          "router_name": "ceph_router",
+	  "router_external_gateway": "0048fce6-c715-4106-a810-473620326cb0",
+	  "linked_subnets": [{
+		  "router_interface_name": "ceph_router_interface",
+		  "subnet_name": "ceph_network_subnet"}]
+  }],
+  "security_group":[
+    {
+      "name": "all_open",
+      "description": "Emine DEV environment is security group",
+      "rules": [
+        {
+          "name": "Ingress_ssh",
+          "description": "ssh traffic",
+          "direction": "ingress",
+          "port_range_max": 22,
+          "port_range_min": 22,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_http",
+          "description": "http traffic",
+          "direction": "ingress",
+          "port_range_max": 80,
+          "port_range_min": 80,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_https",
+          "description": "https traffic",
+          "direction": "ingress",
+          "port_range_max": 443,
+          "port_range_min": 443,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_squid",
+          "description": "Squid Proxy traffic",
+          "direction": "ingress",
+          "port_range_max": 3128,
+          "port_range_min": 3128,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_ping",
+          "description": "icmp traffic",
+          "direction": "ingress",
+          "port_range_max": 0,
+          "port_range_min": 0,
+          "protocol": "icmp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_nosqlclient",
+          "description": "nosqlclient traffic",
+          "direction": "ingress",
+          "port_range_max": 3000,
+          "port_range_min": 3000,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_nexus",
+          "description": "nexus repository traffic",
+          "direction": "ingress",
+          "port_range_max": 8081,
+          "port_range_min": 8081,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_nexus_docker_registry",
+          "description": "nexus repository traffic",
+          "direction": "ingress",
+          "port_range_max": 8082,
+          "port_range_min": 8082,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_ceph_osds",
+          "description": "Ceph OSDs traffic",
+          "direction": "ingress",
+          "port_range_max": 7300,
+          "port_range_min": 6800,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_ceph_mons",
+          "description": "Ceph Mons and Client traffic",
+          "direction": "ingress",
+          "port_range_max": 3300,
+          "port_range_min": 3300,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_ceph_mons_backup",
+          "description": "Ceph Mons and Client traffic",
+          "direction": "ingress",
+          "port_range_max": 6789,
+          "port_range_min": 6789,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        },
+        {
+          "name": "Ingress_mongodb",
+          "description": "mongodb traffic",
+          "direction": "ingress",
+          "port_range_max": 27017,
+          "port_range_min": 27017,
+          "protocol": "tcp",
+          "remote_ip_prefix": "0.0.0.0/0"
+        }
+      ]
+    }
+  ],
+  "instance": [{
+	 "name": "stg-cephmon-00",
+	 "az": "nova",
+	 "flavor": "v3-starter-1",
+	 "image": "Ubuntu 22.04 - Cloud Image",
+	 "keypair": "dell XPS",
+	 "security_group": ["all_open"],
+	 "inventory_group": "mons",
+	 "network": [{"name": "ceph_network"}]
+        },
+        {
+	 "name": "stg-cephmon-01",
+	 "az": "nova",
+	 "flavor": "v3-starter-1",
+	 "image": "Ubuntu 22.04 - Cloud Image",
+	 "keypair": "dell XPS",
+	 "security_group": ["all_open"],
+	 "inventory_group": "mons",
+	 "network": [{"name": "ceph_network"}]
+	},
+        {
+	 "name": "stg-cephmon-02",
+	 "az": "nova",
+	 "flavor": "v3-starter-1",
+	 "image": "Ubuntu 22.04 - Cloud Image",
+	 "keypair": "dell XPS",
+	 "security_group": ["all_open"],
+	 "inventory_group": "mons",
+	 "network": [{"name": "ceph_network"}]
+	},
+        {
+	 "name": "stg-cephosd-00",
+	 "az": "nova",
+	 "flavor": "v3-starter-1",
+	 "image": "Ubuntu 22.04 - Cloud Image",
+	 "keypair": "dell XPS",
+	 "security_group": ["all_open"],
+	 "inventory_group": "osds",
+	 "network": [{"name": "ceph_network"}],
+	 "volume": ["osd-00"]
+	},
+        {
+	 "name": "stg-cephosd-01",
+	 "az": "nova",
+	 "flavor": "v3-starter-1",
+	 "image": "Ubuntu 22.04 - Cloud Image",
+	 "keypair": "dell XPS",
+	 "security_group": ["all_open"],
+	 "inventory_group": "osds",
+	 "network": [{"name": "ceph_network"}],
+	 "volume": ["osd-01"]
+	},
+        {
+	 "name": "stg-cephosd-02",
+	 "az": "nova",
+	 "flavor": "v3-starter-1",
+	 "image": "Ubuntu 22.04 - Cloud Image",
+	 "keypair": "dell XPS",
+	 "security_group": ["all_open"],
+	 "inventory_group": "osds",
+	 "network": [{"name": "ceph_network"}],
+	 "volume": ["osd-02"]
+	},
+        {
+	 "name": "stg-ceph-bastion-00",
+	 "az": "nova",
+	 "flavor": "v3-starter-1",
+	 "image": "Ubuntu 22.04 - Cloud Image",
+	 "keypair": "dell XPS",
+	 "security_group": ["all_open"],
+	 "inventory_group": "ceph_vexx_bastion",
+	 "network": [{
+		 "name": "ceph_network",
+		 "fip": {
+			 "name": "fip_bastion",
+			 "pool": "public"
+		 }
+	 }]
+	}
+  ],
+  "volume": [
+	  {"name": "osd-00", "description": "Ceph OSD 0", "size": 50, "availability_zone": "nova", "volume_type": "rbd"},
+	  {"name": "osd-01", "description": "Ceph OSD 1", "size": 50, "availability_zone": "nova", "volume_type": "rbd"},
+	  {"name": "osd-02", "description": "Ceph OSD 2", "size": 50, "availability_zone": "nova", "volume_type": "rbd"}
+  ]
+}
--- a/requirements.yml
+++ b/requirements.yml
@ -4,38 +4,52 @@
  version: 0.0.4
  scm: git
  accept_hostkey: yes
+  name: base

 - src: git@git.felcloud.io:felcloud/ansible_roles_ssh.git
  version: 0.0.1
  scm: git
  accept_hostkey: yes
+  name: ssh

 - src: git@git.felcloud.io:felcloud/ansible_roles_haproxy.git
  version: 0.0.1
  scm: git
  accept_hostkey: yes
+  name: haproxy

 - src: git@git.felcloud.io:felcloud/ansible_roles_keepalived.git
  version: 0.0.1
  scm: git
  accept_hostkey: yes
+  name: keepalived

 - src: git@git.felcloud.io:felcloud/ansible_roles_docker.git
  version: 0.0.1
  scm: git
  accept_hostkey: yes
+  name: docker

 - src: git@git.felcloud.io:felcloud/ansible_roles_console.git
  version: 0.0.6
  scm: git
  accept_hostkey: yes
+  name: console

 - src: git@git.felcloud.io:felcloud/ansible_roles_mongodb.git
  version: 0.0.1
  scm: git
  accept_hostkey: yes
+  name: mongodb

 - src: git@git.felcloud.io:felcloud/ansible_roles_nexus.git
  version: 0.0.1
  scm: git
  accept_hostkey: yes
+  name: nexus
+
+- src: git@git.felcloud.io:felcloud/ansible_roles_ceph-init.git
+  version: main
+  scm: git
+  accept_hostkey: yes
+  name: ceph-init