From ebd6761fea502bb83a65967513daa4fc3a4cf83a Mon Sep 17 00:00:00 2001 From: Mohamed Emine IBRAHIM Date: Wed, 13 Jul 2022 15:29:50 +0100 Subject: [PATCH] [Update] update environment --- billing.sh | 5 - console.sh | 5 + group_vars/all | 90 +++++++++- group_vars/console_database | 21 +++ group_vars/console_web | 30 ++++ group_vars/k8scontrol | 18 -- host_vars/prd-k8sctl-01 | 10 -- host_vars/{prd-k8sctl-00 => stg-bilweb-00} | 4 +- host_vars/{prd-k8sctl-02 => stg-bilweb-01} | 4 +- infra/billing.json | 20 --- infra/console.json | 185 +++++++++++++++++++++ infra/kubernetes.json | 21 --- infra/openstack.json | 39 ----- inventory | 53 +++--- kubernetes.sh | 5 - openstack.sh | 5 - pulumi_passphrase | 12 +- requirements.yml | 20 +-- 18 files changed, 365 insertions(+), 182 deletions(-) delete mode 100755 billing.sh create mode 100755 console.sh create mode 100644 group_vars/console_database create mode 100644 group_vars/console_web delete mode 100644 group_vars/k8scontrol delete mode 100644 host_vars/prd-k8sctl-01 rename host_vars/{prd-k8sctl-00 => stg-bilweb-00} (51%) rename host_vars/{prd-k8sctl-02 => stg-bilweb-01} (51%) delete mode 100644 infra/billing.json create mode 100644 infra/console.json delete mode 100644 infra/kubernetes.json delete mode 100644 infra/openstack.json delete mode 100755 kubernetes.sh delete mode 100755 openstack.sh diff --git a/billing.sh b/billing.sh deleted file mode 100755 index 6964c5f..0000000 --- a/billing.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -export OS_CLOUD="felcloud_cli" -export PULUMI_STACK="staging" -export PULUMI_SUB_STACK="billing" -export PULUMI_CONFIG_PASSPHRASE_FILE="$PWD/env.d/$PULUMI_STACK/pulumi_passphrase" diff --git a/console.sh b/console.sh new file mode 100755 index 0000000..685afb6 --- /dev/null +++ b/console.sh @@ -0,0 +1,5 @@ +#!/bin/bash +export OS_CLOUD="felcloud_staging" +export PULUMI_STACK="felcloud_staging" +export PULUMI_SUB_STACK="console" +export PULUMI_CONFIG_PASSPHRASE_FILE="$PWD/env.d/$PULUMI_STACK/pulumi_passphrase" diff --git a/group_vars/all b/group_vars/all index 6df8323..f62b781 100644 --- a/group_vars/all +++ b/group_vars/all @@ -1,6 +1,6 @@ --- -env: staging +env: "{{ lookup('env', 'PULUMI_STACK') }}" application: "{{ lookup('env', 'PULUMI_SUB_STACK') }}" bastion_group_name: "{{ application }}_bastion" @@ -13,7 +13,93 @@ infrastructure_file_path: "{{ inventory_dir }}/infra/{{ application }}.json" # proxy proxy_user: "felcloud" -proxy_passwd: "ijo7mgHEWjytM" +proxy_passwd: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 30353938636561343133303061303336653130383363646430616536326131393766646239393530 + 3761626633393637396436386135663034616531663135390a666134363539366465393364306230 + 38656537373438353737323430623462616332373835663837366434343739383765336361326331 + 3330643466643730660a636236376133323730336561643532393130646639386263623263323339 + 6563 proxy_hostname: "{{ groups[bastion_group_name] | first }}" proxy_ip: "{{ hostvars[proxy_hostname].ansible_host }}" proxy_port: 3128 + +# linux users +users: + - name: baha + group: baha + groups: sudo + shell: '/bin/bash' + ssh_pub_keys: + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDaKdKinHqJ5bn9TqCULDEhAcSm9mbcHirRVzFNIPtGc4oPS5oc7WCtGgdv4J5YyWxEoe4Z42VpqDRHxuwdlprZYrfCVgDz5hQNiC8KQuusNFkfgjBPGH2dOvRJusIAclr2wEPUKMDh9MAlJ8NegUg/3uVs2ngXIyag6fronqzIDVCW89WqTi1EGnU69/bbXjPx2so4OYPvumSrxHYf438nR/3cRK8mXbSw43LN7xr0rgzclhZuTlXVrc2jichqI2jNJ7wmH0eQoLyf0E/ncXRR5xFdW1/rFQqQnueA0006dvqlgqsvaNPnFnFyfSpaGdZN4wj2hE2XZ+JkGeAjKswVAZHIst7xslCSZChQFAqHIs2ddtTsrd+tF1WVqpKu2MgjEwhKhu6KoKDW1D5s3Mb5CZcPANz9jyKCBKsKw++MJx74eP3LFdFFCjD6fgjT5Qi6BkhSkYWel6kP5joHNU8R+ZFX2cMUC+ZuEJIuGUMCv9q5ir/Ueh6tMJNolbNWRIs= baha@DESKTOP-AN6NC1O' + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGnJJk9lvPOmJZxfpb+0k84mWA7jpBKapxtE02qwRDVQ5b6ZBCH5lr9eBU1XTppu7FXew/+VkQaf6pp8c4yCoY01QIFei+ilw+RncN92vzAVPzBPcPACPNjrvsD5pUIRxRMU21fIopQhGY+baK/rw/Gqfa8fyRK5cR07mvJ/jZQIPlOBr9pBf/mmzNCaRyo0kZb199X/VpWo8RhTNpfmx7pEvD1pSnqeMlPO7GlSqVfMSSKIUeCFW/Ne6Bwk73dOXZPLdo3qa5/6dZmoRf3V7QCbSXfxy9RQVKsjSzsxMc59XF2gr6vY8qAUnfoLhxpF4LwVi1mDQanwD7yYZ41tsP6Su1/R1qLCfEeE6rJCxAjHIc/OqeqznBp0Dxbu7Xhmy38U5iX9X70Wrv5JB77giUtf2i/OnDGtZ9n27Hm9U+n1l3CLmcYePEarD/7nOrzk2BVlih63r+ejRlTou9mwC+L7W2L8y5qhWTRVmLcvPRindxApPzL8nCWe8INlzXb6G6zY0T1f0tabh9DSeoQ67OYPjQUMJVYo3rSbQHzh6tOjin5yrBF46HQWJpwKPKxPGOPuLT84WzdmnX02MUmfy3vGBf7bVO+ViVgQPRvcgt2gKUUufWNuPOwmPKK1aSnF3KQy7u+8Vi3p/iGx8mGKIpt8J0g6C5s3WI7crFuVkuFw== baha@felcloud.tn' + git_user: "baha" + git_token: "glpat-68xbQazGGWFUpunNZk7y" + console_port: 9090 + console_url: "baha-dev.felcloud.io" + +# console +# console staging +console_repo: "git.felcloud.io/billing/billing_website.git" +console_branch: "dev" +console_image_name: "nexus.felcloud.io/felcloud/console" +console_version: 0.1.2 + +# console database +console_database_name: "billing" +console_database_user: "billingW" +console_database_passwd: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 34646331363564376132633734303661376433386139306438623462386633376635343664663637 + 6465363736346437333965333836643862386565616230330a646333373934343761393932383765 + 66616166663061666563363534646464313430383363613164653337663565333337303334646366 + 3338666262346263650a623037626165363730386462633331393438326131656638626430383939 + 62633637303662666366313236366461613362343961333865646465326532613432393436363335 + 3731366461653937613133383834666632633231646664623363 +console_database_url: "{{ groups['console_database'][0] }}:27017,{{ groups['console_database'][1] }}:27017,{{ groups['console_database'][2] }}:27017" + +# Keycloak +identity_provider_url: "https://identity.felcloud.io/auth/realms" +keycloak_password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 65666165663930386564336335613430336537663837306261613439383865333635346163303034 + 3137366531316463346561383361643338613065356132340a363462666162666130396237336330 + 65356330333164333532353263653836383132653632666430383831343438666565333539646231 + 6431376161663439320a613963396263333862373932376631366334666266666137316631383530 + 66366237303837323966663630393438373962326234396335396134346233383531 +keycloak_client_secret_key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 62656131303833613863613264373364633065396237636534393038633862666239313238303864 + 3834626239383435376361663366613462633361613261350a616238346138626233366366383964 + 37663763396266363133396536383039363839346265613461393032663235626133663661343466 + 3633316339656163610a343963343236336465663761373066373133653830313136326632663638 + 66653039636561383761616533356135613732373665643831333765353134326266646231353137 + 6137373234303337636333373763306535303663393137663738 +keycloak_admin_client_secret_key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 62343461316462633865316334376235346234643936396137383964626136636261633865323935 + 3635366438376430356439386534333635326432643939360a386433386331303735393764646261 + 38383034333534303139363939353561303837383334303465646262353861623932333137353636 + 3035383366373131360a356636373535313164316331623632623832356262326565346461633264 + 36633763613132316335336561653338353362313865316661383933383134386439323632366238 + 3930306135383036623661363134343738626162386635313632 + +smtp_host: "mail.felcloud.io" +smtp_port: 465 +smtp_local_host: "{{ ansible_host }}" +smtp_local_port: 587 +smtp_user: noreply@felcloud.io +smtp_passwd: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 62623530623063393036386339343038303464643962363736383531636461613439316462313437 + 3931303536323666333038633432346162633231623039610a643961323934633238303636643435 + 31663635326230393330356561636266626534623962313063393764626237393765653732396464 + 3064626333393432380a616563646564383934333938613235653735303339613230323937303731 + 37613930656565306266623537333661613266636365373038663636666439626437 + +# docker registry +felcloud_docker_registry: "nexus.felcloud.io/felcloud" + +# mongodb global +mongodb_replicaset_name: "rs0" +mongodb_script_local_config_path: "mongo-scripts" diff --git a/group_vars/console_database b/group_vars/console_database new file mode 100644 index 0000000..32459ec --- /dev/null +++ b/group_vars/console_database @@ -0,0 +1,21 @@ +--- + +mongodb_root_user: root +mongodb_root_passwd: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 34333139613963386461663666616630336663613631643638626665623137323332323465326632 + 3531313966376633636235373531376534643234306339370a373239393364633663366431386138 + 36663132656663393664316561306262623236326361623935613430346138353731656565396261 + 6564336464303531620a643062623464623634623565366230326531643162323034333635393966 + 37343234643931666635636637396363333432643032333536396538303832346634 +mongodb_init_database: "admin" + +nosqlclient_user: nosqlclient +nosqlclient_passwd: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 34323766623465326261326662316230376633366362373938383966613237616232323433613532 + 6165643266333164386330646131396562326262626431320a663437656134633663396137356261 + 35633230633732663566306363326635336633303965343538633836303662386638363535343635 + 3737663437303932610a656434383436626264326566636336396130666265353039313165656331 + 3564 +nosqlclient_database: "nosqlclient" diff --git a/group_vars/console_web b/group_vars/console_web new file mode 100644 index 0000000..3d94b30 --- /dev/null +++ b/group_vars/console_web @@ -0,0 +1,30 @@ +--- + +haproxy_local_config_path: "reverse-proxy/haproxy.cfg" +haproxy_list_tls: + - wildcard.felcloud.io +haproxy_nbproc: 1 +public_vip_address: + - "{{ vip_console.all_fixed_ips | first }}" +haproxy_first_tls: "/etc/haproxy/tls/wildcard.felcloud.io.pem" +default_backend: "baha_console" +haproxy: + backends: + - name: nosql + frontend: "console-dev-db.felcloud.io" + servers: + - "acl draw-auth http_auth(basic-auth-list)" + - "http-request auth realm draw unless draw-auth" + - "server {{ groups['console_database'][0] }} {{ hostvars[groups['console_database'][0]]['ansible_host'] }}:3000" + - name: nexus + frontend: "nexus-dev.felcloud.io" + servers: + - "server {{ groups['nexus'][0] }} {{ hostvars[groups['nexus'][0]]['ansible_host'] }}:8081" + - name: nexus_docker_registry + frontend: "nexus.felcloud.io" + servers: + - "server {{ groups['nexus'][0] }} {{ hostvars[groups['nexus'][0]]['ansible_host'] }}:8082" + - name: baha_console + frontend: "baha-dev.felcloud.io" + servers: + - "server {{ groups['console_web'][0] }} {{ hostvars[groups['console_web'][0]]['ansible_host'] }}:9090" diff --git a/group_vars/k8scontrol b/group_vars/k8scontrol deleted file mode 100644 index a0154ce..0000000 --- a/group_vars/k8scontrol +++ /dev/null @@ -1,18 +0,0 @@ ---- - -haproxy_local_config_path: "reverse-proxy/haproxy.cfg" -haproxy_list_tls: - - wildcard.felcloud.io -haproxy_nbproc: 1 -public_vip_address: - - "{{ vip_k8s.all_fixed_ips | first }}" -haproxy_first_tls: "/etc/haproxy/tls/wildcard.felcloud.io.pem" -default_backend: "kubernetes" -haproxy: - backends: - - name: kubernetes - frontend: "k8s.felcloud.io" - servers: - - "server {{ groups['k8scontrol'][0] }} {{ hostvars[groups['k8scontrol'][0]]['ansible_host'] }}:6443" - - "server {{ groups['k8scontrol'][1] }} {{ hostvars[groups['k8scontrol'][1]]['ansible_host'] }}:6443" - - "server {{ groups['k8scontrol'][2] }} {{ hostvars[groups['k8scontrol'][2]]['ansible_host'] }}:6443" diff --git a/host_vars/prd-k8sctl-01 b/host_vars/prd-k8sctl-01 deleted file mode 100644 index d4d8026..0000000 --- a/host_vars/prd-k8sctl-01 +++ /dev/null @@ -1,10 +0,0 @@ ---- - -vrrp_instances: - - name: "vip_k8s" - state: "BACKUP" - interface: "ens3" - id: 53 - passwd: "yZnCOEa74TMgs" - vip: "{{ vip_k8s.all_fixed_ips | first }}/{{ vip_network_cidr.split('/')[1] }}" - priority: 150 diff --git a/host_vars/prd-k8sctl-00 b/host_vars/stg-bilweb-00 similarity index 51% rename from host_vars/prd-k8sctl-00 rename to host_vars/stg-bilweb-00 index 27c8fdd..bcd0c23 100644 --- a/host_vars/prd-k8sctl-00 +++ b/host_vars/stg-bilweb-00 @@ -1,10 +1,10 @@ --- vrrp_instances: - - name: "vip_k8s" + - name: "vip_console" state: "MASTER" interface: "ens3" id: 53 passwd: "yZnCOEa74TMgs" - vip: "{{ vip_k8s.all_fixed_ips | first }}/{{ vip_network_cidr.split('/')[1] }}" + vip: "{{ vip_console.all_fixed_ips | first }}/{{ vip_network_cidr.split('/')[1] }}" priority: 200 diff --git a/host_vars/prd-k8sctl-02 b/host_vars/stg-bilweb-01 similarity index 51% rename from host_vars/prd-k8sctl-02 rename to host_vars/stg-bilweb-01 index 80bfe16..73ae0de 100644 --- a/host_vars/prd-k8sctl-02 +++ b/host_vars/stg-bilweb-01 @@ -1,10 +1,10 @@ --- vrrp_instances: - - name: "vip_k8s" + - name: "vip_console" state: "BACKUP" interface: "ens3" id: 53 passwd: "yZnCOEa74TMgs" - vip: "{{ vip_k8s.all_fixed_ips | first }}/{{ vip_network_cidr.split('/')[1] }}" + vip: "{{ vip_console.all_fixed_ips | first }}/{{ vip_network_cidr.split('/')[1] }}" priority: 150 diff --git a/infra/billing.json b/infra/billing.json deleted file mode 100644 index c238cb7..0000000 --- a/infra/billing.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "application_name": "billing", - "INTERNET_Network_ID": "e8d04c1f-0b49-4e87-a1f3-bea618782c90", - "router": [ - {"router_name": "billing_router", "router_external_gateway": "e8d04c1f-0b49-4e87-a1f3-bea618782c90", "linked_subnets": [{"router_interface_name": "billing_admin_interface", "subnet_name": "admin_billing_subnet"}] } - ], - "network": [ - {"name": "admin_billing", "bastion_access": "yes", "subnet": {"name":"admin_billing_subnet", "ip_version": 4, "cidr": "172.50.0.0/16", "dns_servers": ["8.8.8.8"], "linked_router": [{"router_name": "billing_router"}]}} - ], - "instance": [ - {"name": "prd-bildat-00", "az": "UK_London", "flavor": "Atto.L", "inventory_group": "bildat","network": [{"name": "admin_billing"}]}, - {"name": "prd-bildat-01", "az": "FR_Roubaix", "flavor": "Atto.L", "inventory_group": "bildat","network": [{"name": "admin_billing"}]}, - {"name": "prd-bildat-02", "az": "UK_London", "flavor": "Atto.L", "inventory_group": "bildat","network": [{"name": "admin_billing"}]}, - {"name": "prd-bilweb-00", "az": "UK_London", "flavor": "Atto.S", "inventory_group": "bilweb","network": [{"name": "admin_billing"}]}, - {"name": "prd-bilweb-01", "az": "FR_Roubaix", "flavor": "Atto.S", "inventory_group": "bilweb","network": [{"name": "admin_billing"}]}, - {"name": "prd-bilbas-00", "az": "UK_London", "flavor": "Atto.S", "inventory_group": "billing_bastion","fip": [{"floatingip": "fip_bil_bas", "pool": "INTERNET", "bastion_access": "yes"}], "network": [{"name": "admin_billing"}]} - ], - "volume": [ - ] -} diff --git a/infra/console.json b/infra/console.json new file mode 100644 index 0000000..74b4970 --- /dev/null +++ b/infra/console.json @@ -0,0 +1,185 @@ +{ + "application_name": "console", + "INTERNET_Network_ID": "e8d04c1f-0b49-4e87-a1f3-bea618782c90", + "network": [{ + "name": "admin_console", + "bastion_access": "yes", + "subnet": { + "name":"admin_console_subnet", + "ip_version": 4, + "cidr": "172.53.0.0/16", + "dns_servers": ["8.8.8.8"], + "linked_router": [{"router_name": "console_router"}] + }, + "port": [{ + "name": "vip_console", + "fip_pool": "INTERNET" + }] + }], + "router": [{ + "router_name": "console_router", + "router_external_gateway": "e8d04c1f-0b49-4e87-a1f3-bea618782c90", + "linked_subnets": [{ + "router_interface_name": "console_admin_interface", + "subnet_name": "admin_console_subnet"}] + }], + "security_group": [{ + "name": "secgroup_console", + "description": "Console DEV environment is security group", + "rules": [ + {"name": "Ingress_ssh", + "description": "ssh traffic", + "direction": "ingress", + "port_range_max": 22, + "port_range_min": 22, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0"}, + {"name": "Ingress_http", + "description": "http traffic", + "direction": "ingress", + "port_range_max": 80, + "port_range_min": 80, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0"}, + {"name": "Ingress_https", + "description": "https traffic", + "direction": "ingress", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0"}, + {"name": "Ingress_squid", + "description": "Squid Proxy traffic", + "direction": "ingress", + "port_range_max": 3128, + "port_range_min": 3128, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0"}, + {"name": "Ingress_ping", + "description": "icmp traffic", + "direction": "ingress", + "port_range_max": 0, + "port_range_min": 0, + "protocol": "icmp", + "remote_ip_prefix": "0.0.0.0/0"}, + {"name": "Ingress_nosqlclient", + "description": "nosqlclient traffic", + "direction": "ingress", + "port_range_max": 3000, + "port_range_min": 3000, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0"}, + {"name": "Ingress_nexus", + "description": "nexus repository traffic", + "direction": "ingress", + "port_range_max": 8081, + "port_range_min": 8081, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0"}, + {"name": "Ingress_nexus_docker_registry", + "description": "nexus repository traffic", + "direction": "ingress", + "port_range_max": 8082, + "port_range_min": 8082, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0"}, + {"name": "Ingress_mongodb", + "description": "mongodb traffic", + "direction": "ingress", + "port_range_max": 27017, + "port_range_min": 27017, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0"} + ] + }], + "instance": [{ + "name": "stg-bilweb-00", + "az": "UK_London", + "flavor": "Atto.L", + "image": "Ubuntu 20.04 LTS - Focal", + "keypair": "dell XPS", + "security_group": ["secgroup_console"], + "inventory_group": "console_web", + "network": [{"name": "admin_console"}] + }, + { + "name": "stg-bilweb-01", + "az": "UK_London", + "flavor": "Atto.L", + "image": "Ubuntu 20.04 LTS - Focal", + "keypair": "dell XPS", + "security_group": ["secgroup_console"], + "inventory_group": "console_web", + "network": [{"name": "admin_console"}] + }, + { + "name": "stg-billdb-00", + "az": "FR_Roubaix", + "flavor": "Femto.L", + "image": "Ubuntu 20.04 LTS - Focal", + "keypair": "dell XPS", + "security_group": ["secgroup_console"], + "inventory_group": "console_database", + "network": [{"name": "admin_console"}] + }, + { + "name": "stg-billdb-01", + "az": "UK_London", + "flavor": "Femto.L", + "image": "Ubuntu 20.04 LTS - Focal", + "keypair": "dell XPS", + "security_group": ["secgroup_console"], + "inventory_group": "console_database", + "network": [{"name": "admin_console"}] + }, + { + "name": "stg-billdb-02", + "az": "UK_London", + "flavor": "Femto.L", + "image": "Ubuntu 20.04 LTS - Focal", + "keypair": "dell XPS", + "security_group": ["secgroup_console"], + "inventory_group": "console_database", + "network": [{"name": "admin_console"}] + }, + { + "name": "stg-bilrep-00", + "az": "UK_London", + "flavor": "RAM.S", + "image": "Ubuntu 20.04 LTS - Focal", + "keypair": "dell XPS", + "security_group": ["secgroup_console"], + "inventory_group": "nexus", + "network": [{"name": "admin_console"}], + "volume": ["nexus_repository"] + }, + { + "name": "stg-conbld-00", + "az": "UK_London", + "flavor": "Atto.M", + "image": "Ubuntu 20.04 LTS - Focal", + "keypair": "dell XPS", + "security_group": ["secgroup_console"], + "inventory_group": "container_biuld", + "network": [{"name": "admin_console"}] + }, + { + "name": "stg-bilbas-00", + "az": "UK_London", + "flavor": "Atto.S", + "image": "Ubuntu 20.04 LTS - Focal", + "keypair": "dell XPS", + "security_group": ["secgroup_console"], + "inventory_group": "console_bastion", + "network": [{"name": "admin_console"}], + "fip": [{ + "floatingip": "fip_console", + "pool": "INTERNET", + "bastion_access": "yes" + }] + } + ], + "volume": [ + {"name": "nexus_repository", "description": "Nexus volume", "size": 300, "availability_zone": "UK_London", "volume_type": "HDD SATA"} + ] +} diff --git a/infra/kubernetes.json b/infra/kubernetes.json deleted file mode 100644 index d86e1e9..0000000 --- a/infra/kubernetes.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "application_name": "kubernetes", - "INTERNET_Network_ID": "e8d04c1f-0b49-4e87-a1f3-bea618782c90", - "router": [ - {"router_name": "k8s_router", "router_external_gateway": "e8d04c1f-0b49-4e87-a1f3-bea618782c90", "linked_subnets": [{"router_interface_name": "k8s_admin_interface", "subnet_name": "k8s_admin_subnet"}] } - ], - "network": [ - {"name": "kubernetes", "bastion_access": "yes", "subnet": {"name":"k8s_admin_subnet", "ip_version": 4, "cidr": "172.129.0.0/16", "dns_servers": ["8.8.8.8"], "linked_router": [{"router_name": "k8s_router"}]}, "port": [{"name": "vip_k8s", "fip_pool": "INTERNET"}]} - ], - "instance": [ - {"name": "prd-k8sctl-00", "az": "UK_London", "flavor": "Atto.M", "inventory_group": "k8scontrol", "network": [{"name": "kubernetes", "allowed_address_pairs": ["vip_k8s"] }]}, - {"name": "prd-k8sctl-01", "az": "FR_Roubaix", "flavor": "Atto.M", "inventory_group": "k8scontrol", "network": [{"name": "kubernetes", "allowed_address_pairs": ["vip_k8s"] }]}, - {"name": "prd-k8sctl-02", "az": "UK_London", "flavor": "Atto.M", "inventory_group": "k8scontrol", "network": [{"name": "kubernetes", "allowed_address_pairs": ["vip_k8s"] }]}, - {"name": "prd-k8swrk-00", "az": "UK_London", "flavor": "Atto.L", "inventory_group": "k8sworker", "network": [{"name": "kubernetes"}]}, - {"name": "prd-k8swrk-01", "az": "FR_Roubaix", "flavor": "Atto.L", "inventory_group": "k8sworker", "network": [{"name": "kubernetes"}]}, - {"name": "prd-k8swrk-02", "az": "UK_London", "flavor": "Atto.L", "inventory_group": "k8sworker", "network": [{"name": "kubernetes"}]}, - {"name": "prd-k8sbas-00", "az": "UK_London", "flavor": "Atto.S", "inventory_group": "kubernetes_bastion","fip": [{"floatingip": "fip_k8sbas", "pool": "INTERNET", "bastion_access": "yes"}], "network": [{"name": "kubernetes"}]} - ], - "volume": [ - ] -} diff --git a/infra/openstack.json b/infra/openstack.json deleted file mode 100644 index d4795cb..0000000 --- a/infra/openstack.json +++ /dev/null @@ -1,39 +0,0 @@ -{ - "application_name": "openstack", - "INTERNET_Network_ID": "e8d04c1f-0b49-4e87-a1f3-bea618782c90", - "router": [ - {"router_name": "openstack_router", "router_external_gateway": "e8d04c1f-0b49-4e87-a1f3-bea618782c90", "linked_subnets": [{"router_interface_name": "openstack_admin_interface", "subnet_name": "admin_subnet"}]} - ], - "network": [ - {"name": "admin_openstack", "bastion_access": "yes", "subnet": {"name":"admin_subnet", "ip_version": 4, "cidr": "172.30.0.0/16", "dns_servers": ["8.8.8.8"], "linked_router": [{"router_name": "openstack_router"}]}}, - {"name": "public", "subnet": {"name":"public_subnet", "ip_version": 4, "cidr": "172.31.0.0/16"}}, - {"name": "storage", "subnet": {"name":"storage_subnet", "ip_version": 4, "cidr": "172.32.0.0/16"}}, - {"name": "storage_replication", "subnet": {"name":"storep_subnet", "ip_version": 4, "cidr": "172.33.0.0/16"}} - ], - "instance": [ - {"name": "prd-ctl-00", "az": "FR_Roubaix", "flavor": "Atto.L", "inventory_group": "ctl","network": [{"name": "admin_openstack"}, {"name": "storage"}]}, - {"name": "prd-ctl-01", "az": "FR_Roubaix", "flavor": "Atto.L", "inventory_group": "ctl","network": [{"name": "admin_openstack"}, {"name": "storage"}]}, - {"name": "prd-ctl-02", "az": "UK_London", "flavor": "Atto.L", "inventory_group": "ctl","network": [{"name": "admin_openstack"}, {"name": "storage"}]}, - {"name": "prd-dep-00", "az": "FR_Roubaix", "flavor": "Atto.S", "inventory_group": "openstack_bastion","fip": [{"floatingip": "fip_deploy", "pool": "INTERNET", "bastion_access": "yes"}], "network": [{"name": "admin_openstack"}, {"name": "storage"}]}, - {"name": "prd-sto-00", "az": "FR_Roubaix", "flavor": "Atto.S", "inventory_group": "osds","network": [{"name": "admin_openstack"}, {"name": "storage"}, {"name": "storage_replication"}], "volume": ["osd00", "osd01"]}, - {"name": "prd-sto-01", "az": "FR_Roubaix", "flavor": "Atto.S", "inventory_group": "osds","network": [{"name": "admin_openstack"}, {"name": "storage"}, {"name": "storage_replication"}], "volume": ["osd02", "osd03"]}, - {"name": "prd-sto-02", "az": "FR_Roubaix", "flavor": "Atto.S", "inventory_group": "osds","network": [{"name": "admin_openstack"}, {"name": "storage"}, {"name": "storage_replication"}], "volume": ["osd04", "osd05"]}, - {"name": "prd-sto-03", "az": "UK_London", "flavor": "Atto.S", "inventory_group": "osds","network": [{"name": "admin_openstack"}, {"name": "storage"}, {"name": "storage_replication"}], "volume": ["osd06", "osd07"]}, - {"name": "prd-sto-04", "az": "UK_London", "flavor": "Atto.S", "inventory_group": "osds","network": [{"name": "admin_openstack"}, {"name": "storage"}, {"name": "storage_replication"}], "volume": ["osd08", "osd09"]}, - {"name": "prd-sto-05", "az": "UK_London", "flavor": "Atto.S", "inventory_group": "osds","network": [{"name": "admin_openstack"}, {"name": "storage"}, {"name": "storage_replication"}], "volume": ["osd10", "osd11"]} - ], - "volume": [ - {"name": "osd00", "description": "Ceph OSD", "size": 50, "availability_zone": "FR_Roubaix", "volume_type": "HDD SATA"}, - {"name": "osd01", "description": "Ceph OSD", "size": 50, "availability_zone": "FR_Roubaix", "volume_type": "HDD SATA"}, - {"name": "osd02", "description": "Ceph OSD", "size": 50, "availability_zone": "FR_Roubaix", "volume_type": "HDD SATA"}, - {"name": "osd03", "description": "Ceph OSD", "size": 50, "availability_zone": "FR_Roubaix", "volume_type": "HDD SATA"}, - {"name": "osd04", "description": "Ceph OSD", "size": 50, "availability_zone": "FR_Roubaix", "volume_type": "HDD SATA"}, - {"name": "osd05", "description": "Ceph OSD", "size": 50, "availability_zone": "FR_Roubaix", "volume_type": "HDD SATA"}, - {"name": "osd06", "description": "Ceph OSD", "size": 50, "availability_zone": "UK_London", "volume_type": "HDD SATA"}, - {"name": "osd07", "description": "Ceph OSD", "size": 50, "availability_zone": "UK_London", "volume_type": "HDD SATA"}, - {"name": "osd08", "description": "Ceph OSD", "size": 50, "availability_zone": "UK_London", "volume_type": "HDD SATA"}, - {"name": "osd09", "description": "Ceph OSD", "size": 50, "availability_zone": "UK_London", "volume_type": "HDD SATA"}, - {"name": "osd10", "description": "Ceph OSD", "size": 50, "availability_zone": "UK_London", "volume_type": "HDD SATA"}, - {"name": "osd11", "description": "Ceph OSD", "size": 50, "availability_zone": "UK_London", "volume_type": "HDD SATA"} - ] -} diff --git a/inventory b/inventory index a4894c1..ed8b982 100644 --- a/inventory +++ b/inventory @@ -1,37 +1,26 @@ -#---- start billing inventory ---- -[bildat] -prd-bildat-00 ansible_host=172.50.0.238 ansible_user=ubuntu -prd-bildat-01 ansible_host=172.50.0.27 ansible_user=ubuntu -prd-bildat-02 ansible_host=172.50.1.162 ansible_user=ubuntu +#---- start console inventory ---- +[console_web] +stg-bilweb-00 ansible_host=172.53.3.53 ansible_user=ubuntu +stg-bilweb-01 ansible_host=172.53.1.161 ansible_user=ubuntu -[bilweb] -prd-bilweb-00 ansible_host=172.50.2.220 ansible_user=ubuntu -prd-bilweb-01 ansible_host=172.50.3.195 ansible_user=ubuntu +[console_database] +stg-billdb-00 ansible_host=172.53.3.141 ansible_user=ubuntu +stg-billdb-01 ansible_host=172.53.3.232 ansible_user=ubuntu +stg-billdb-02 ansible_host=172.53.3.78 ansible_user=ubuntu -[billing_bastion] -prd-bilbas-00 ansible_host=172.50.2.44 ansible_user=ubuntu +[console_bastion] +stg-bilbas-00 ansible_host=172.53.3.126 ansible_user=ubuntu -[billing:children] -billing_bastion -bilweb -bildat -#---- end billing inventory ---- -#---- start kubernetes inventory ---- -[k8scontrol] -prd-k8sctl-00 ansible_host=172.129.3.103 ansible_user=ubuntu -prd-k8sctl-01 ansible_host=172.129.3.56 ansible_user=ubuntu -prd-k8sctl-02 ansible_host=172.129.0.60 ansible_user=ubuntu +[nexus] +stg-bilrep-00 ansible_host=172.53.0.130 ansible_user=ubuntu -[k8sworker] -prd-k8swrk-00 ansible_host=172.129.1.110 ansible_user=ubuntu -prd-k8swrk-01 ansible_host=172.129.2.189 ansible_user=ubuntu -prd-k8swrk-02 ansible_host=172.129.3.134 ansible_user=ubuntu +[container_biuld] +stg-conbld-00 ansible_host=172.53.0.185 ansible_user=ubuntu -[kubernetes_bastion] -prd-k8sbas-00 ansible_host=172.129.0.95 ansible_user=ubuntu - -[kubernetes:children] -kubernetes_bastion -k8sworker -k8scontrol -#---- end kubernetes inventory ---- +[console:children] +container_biuld +nexus +console_bastion +console_database +console_web +#---- end console inventory ---- diff --git a/kubernetes.sh b/kubernetes.sh deleted file mode 100755 index ba5db16..0000000 --- a/kubernetes.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -export OS_CLOUD="felcloud_cli" -export PULUMI_STACK="staging" -export PULUMI_SUB_STACK="kubernetes" -export PULUMI_CONFIG_PASSPHRASE_FILE="$PWD/env.d/$PULUMI_STACK/pulumi_passphrase" diff --git a/openstack.sh b/openstack.sh deleted file mode 100755 index 9aec9a9..0000000 --- a/openstack.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -export OS_CLOUD="felcloud_cli" -export PULUMI_STACK="staging" -export PULUMI_SUB_STACK="openstack" -export PULUMI_CONFIG_PASSPHRASE_FILE="$PWD/env.d/$PULUMI_STACK/pulumi_passphrase" diff --git a/pulumi_passphrase b/pulumi_passphrase index f8b8df2..9d74086 100644 --- a/pulumi_passphrase +++ b/pulumi_passphrase @@ -1,7 +1,7 @@ $ANSIBLE_VAULT;1.1;AES256 -39306138313765623361313334353336336239386235333631363464383532633661373866396132 -6162623733386661383865333664323833613964343862390a626562353064626265393338363361 -30333836646462393966313934303161663366323838626236336531306364363337653162633064 -3033366331613266390a646438316365313139333766623730613737396234336334336331376666 -61333437333131656561663031373264376364326434363132616564356564323761363233353063 -3137613634383032383065656339396331623065613535663730 +62303632316333616431643931383639333964323332383737666531646432643263656432326432 +3336326461306235643638626332613864646536666334640a376665393432653761353337376464 +34653230393836383062323336626331323266643639393936646237323736363364343531373538 +3530333930353631360a636433393431656165323034373832633333303966623235613231643764 +31333136353864373061353065323234373732663335373661336235336437366363316235663633 +6566663036666532313766323861643663383433343737636563 diff --git a/requirements.yml b/requirements.yml index bb39f4a..10f32cf 100644 --- a/requirements.yml +++ b/requirements.yml @@ -10,22 +10,12 @@ scm: git accept_hostkey: yes -- src: ssh://git@git.felcloud.io:2224/ansible_roles/k8s_common.git - version: 0.0.1 - scm: git - accept_hostkey: yes - -- src: ssh://git@git.felcloud.io:2224/ansible_roles/k8s_control.git - version: 0.0.1 - scm: git - accept_hostkey: yes - -- src: ssh://git@git.felcloud.io:2224/ansible_roles/k8s_worker.git - version: 0.0.1 - scm: git - accept_hostkey: yes - - src: ssh://git@git.felcloud.io:2224/ansible_roles/keepalived.git version: 0.0.1 scm: git accept_hostkey: yes + +- src: ssh://git@git.felcloud.io:2224/ansible_roles/console.git + version: 0.0.1 + scm: git + accept_hostkey: yes