From aa30d06b821457d307c7a1c358cf8db4c423ffa1 Mon Sep 17 00:00:00 2001 From: romakarol <32648346+romakarol@users.noreply.github.com> Date: Mon, 27 Sep 2021 09:54:36 +0100 Subject: [PATCH] Add websphere and IHS roles (#12) * websphere role cleaned * test * add iim to websphere install script * Update downloadInstaller.sh * fix iim install/extract path * Update linux_common.yml * Update linux_common.yml * tmp_dir gone * Revert "tmp_dir gone" This reverts commit ef6a527f4fad204c2c39f864a206267aa5f69145. * Revert "Update linux_common.yml" This reverts commit 0e5ee282ea86168729f2c7dde9bb54ef7653d5bc. * Revert "Update linux_common.yml" This reverts commit 89889d557cc589593b15530d61329e5427c48d30. * Revert "fix iim install/extract path" This reverts commit b430be538c9482a69872ea85e342570728b5333f. * Update v90_base_install.yml * Update downloadInstaller.sh * Update v90_base_install.yml * Update v90_base_install.yml * remove extra premature cleanup * init ihs * update travis * add test * fix lint issue * Fixes to downloadInstaller.sh * Also copy IHS fix pack installers to remote. * Add back in AppServer.properties template * Reintroduce missing task. * Switch Extract IHS plugins to remote_src no. * Add debug code to see if files are present. * Update v90_fixpack_install.yml * Update v90_fixpack_install.yml * Update v90_fixpack_install.yml * Update v90_fixpack_install.yml * clean duplicates * Remove comments and add clean up to main.yml * move cleanup * cleanup more comments * cleanup * update README to v9...8 vars * Update main.yml * update default/readme to 5...8 for websphere also Co-authored-by: Roman Muntean Co-authored-by: Jien Huang Co-authored-by: martin-cummins --- .travis.yml | 6 +- galaxy.yml | 4 +- molecule/__ihs-v85/converge.yml | 12 + molecule/__ihs-v85/verify.yml | 15 + molecule/__ihs-v90/converge.yml | 13 + molecule/__ihs-v90/verify.yml | 17 + molecule/__websphere-v85/converge.yml | 13 + molecule/__websphere-v85/verify.yml | 38 ++ molecule/__websphere-v90/converge.yml | 13 + molecule/__websphere-v90/verify.yml | 40 ++ molecule/_resources/Dockerfile.j2 | 26 ++ molecule/db2-111-centos-7/molecule.yml | 4 +- molecule/db2-111-centos-7/verify.yml | 2 +- molecule/db2-115-centos-8/molecule.yml | 4 +- molecule/db2-115-centos-8/verify.yml | 2 +- molecule/default/molecule.yml | 4 +- molecule/default/verify.yml | 2 +- molecule/ihs-v80-centos-7/molecule.yml | 34 ++ molecule/ihs-v90-centos-8/molecule.yml | 34 ++ molecule/iim-191-centos-8/molecule.yml | 4 +- molecule/websphere-v85-centos-7/molecule.yml | 34 ++ molecule/websphere-v90-centos-7/molecule.yml | 34 ++ molecule/websphere-v90-centos-8/molecule.yml | 34 ++ roles/db2/defaults/main.yml | 2 +- roles/ihs/README.md | 76 ++++ roles/ihs/defaults/main.yml | 15 + roles/ihs/meta/main.yml | 39 ++ roles/ihs/tasks/configure.yml | 57 +++ roles/ihs/tasks/env.yml | 43 ++ roles/ihs/tasks/main.yml | 32 ++ roles/ihs/tasks/v85_base_install.yml | 56 +++ roles/ihs/tasks/v85_fixpack_install.yml | 66 +++ roles/ihs/tasks/v90_base_install.yml | 84 ++++ roles/ihs/tasks/v90_fixpack_install.yml | 66 +++ roles/ihs/templates/custom_ihs_perf.conf.j2 | 114 +++++ roles/ihs/templates/custom_ssl.conf.j2 | 40 ++ .../templates/custom_staticcontent.conf.j2 | 39 ++ roles/ihs/templates/responsefile.txt.j2 | 427 ++++++++++++++++++ roles/ihs/vars/v8.5.5.17.yml | 19 + roles/ihs/vars/v9.0.5.3.yml | 16 + roles/ihs/vars/v9.0.5.7.yml | 16 + roles/ihs/vars/v9.0.5.8.yml | 15 + roles/websphere/README.md | 34 ++ roles/websphere/defaults/main.yml | 9 + roles/websphere/meta/main.yml | 39 ++ roles/websphere/tasks/configure.yml | 7 + roles/websphere/tasks/env.yml | 45 ++ roles/websphere/tasks/fixpack_install.yml | 20 + roles/websphere/tasks/main.yml | 47 ++ roles/websphere/tasks/v85_base_install.yml | 31 ++ roles/websphere/tasks/v90_base_install.yml | 62 +++ .../templates/AppServer.properties.j2 | 34 ++ roles/websphere/vars/v8.5.5.17.yml | 14 + roles/websphere/vars/v9.0.5.3.yml | 15 + roles/websphere/vars/v9.0.5.7.yml | 15 + roles/websphere/vars/v9.0.5.8.yml | 15 + scripts/downloadInstaller.sh | 67 +++ 57 files changed, 2051 insertions(+), 14 deletions(-) create mode 100644 molecule/__ihs-v85/converge.yml create mode 100644 molecule/__ihs-v85/verify.yml create mode 100644 molecule/__ihs-v90/converge.yml create mode 100644 molecule/__ihs-v90/verify.yml create mode 100644 molecule/__websphere-v85/converge.yml create mode 100644 molecule/__websphere-v85/verify.yml create mode 100644 molecule/__websphere-v90/converge.yml create mode 100644 molecule/__websphere-v90/verify.yml create mode 100644 molecule/_resources/Dockerfile.j2 create mode 100644 molecule/ihs-v80-centos-7/molecule.yml create mode 100644 molecule/ihs-v90-centos-8/molecule.yml create mode 100644 molecule/websphere-v85-centos-7/molecule.yml create mode 100644 molecule/websphere-v90-centos-7/molecule.yml create mode 100644 molecule/websphere-v90-centos-8/molecule.yml create mode 100644 roles/ihs/README.md create mode 100644 roles/ihs/defaults/main.yml create mode 100644 roles/ihs/meta/main.yml create mode 100644 roles/ihs/tasks/configure.yml create mode 100644 roles/ihs/tasks/env.yml create mode 100644 roles/ihs/tasks/main.yml create mode 100644 roles/ihs/tasks/v85_base_install.yml create mode 100644 roles/ihs/tasks/v85_fixpack_install.yml create mode 100644 roles/ihs/tasks/v90_base_install.yml create mode 100644 roles/ihs/tasks/v90_fixpack_install.yml create mode 100644 roles/ihs/templates/custom_ihs_perf.conf.j2 create mode 100644 roles/ihs/templates/custom_ssl.conf.j2 create mode 100644 roles/ihs/templates/custom_staticcontent.conf.j2 create mode 100644 roles/ihs/templates/responsefile.txt.j2 create mode 100644 roles/ihs/vars/v8.5.5.17.yml create mode 100644 roles/ihs/vars/v9.0.5.3.yml create mode 100644 roles/ihs/vars/v9.0.5.7.yml create mode 100644 roles/ihs/vars/v9.0.5.8.yml create mode 100644 roles/websphere/README.md create mode 100644 roles/websphere/defaults/main.yml create mode 100644 roles/websphere/meta/main.yml create mode 100644 roles/websphere/tasks/configure.yml create mode 100644 roles/websphere/tasks/env.yml create mode 100644 roles/websphere/tasks/fixpack_install.yml create mode 100644 roles/websphere/tasks/main.yml create mode 100644 roles/websphere/tasks/v85_base_install.yml create mode 100644 roles/websphere/tasks/v90_base_install.yml create mode 100644 roles/websphere/templates/AppServer.properties.j2 create mode 100644 roles/websphere/vars/v8.5.5.17.yml create mode 100644 roles/websphere/vars/v9.0.5.3.yml create mode 100644 roles/websphere/vars/v9.0.5.7.yml create mode 100644 roles/websphere/vars/v9.0.5.8.yml diff --git a/.travis.yml b/.travis.yml index 5d28007..7166b5c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,10 +31,14 @@ env: - ANSIBLE_GALAXY_SERVER_IBM_URL=https://galaxy.ansible.com/ # ANSIBLE_GALAXY_SERVER_IBM_TOKEN is set using secure environment variables matrix: + - SCENARIO=websphere-v90-centos-8 + - SCENARIO=websphere-v85-centos-7 - SCENARIO=db2-111-centos-7 - SCENARIO=db2-115-centos-8 - SCENARIO=iim-191-centos-8 - + - SCENARIO=iim-191-centos-8 + - SCENARIO=ihs-v90-centos-8 + - SCENARIO=ihs-v80-centos-7 stage: Molecule Tests before_script: diff --git a/galaxy.yml b/galaxy.yml index e4327b3..b38e8b4 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ namespace: ibm name: spm_middleware # The version of the collection. Must be compatible with semantic versioning -version: 1.0.5 +version: 1.0.6 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md @@ -39,4 +39,6 @@ build_ignore: - molecule - skeleton_role - tests + - runLint.sh + - tagAndPublish.sh - scripts diff --git a/molecule/__ihs-v85/converge.yml b/molecule/__ihs-v85/converge.yml new file mode 100644 index 0000000..1bf3921 --- /dev/null +++ b/molecule/__ihs-v85/converge.yml @@ -0,0 +1,12 @@ +--- +- name: Converge + hosts: all + + collections: + - ibm.spm_middleware + + vars: + ihs_version: 8.5.5.17 + roles: + - iim + - ihs diff --git a/molecule/__ihs-v85/verify.yml b/molecule/__ihs-v85/verify.yml new file mode 100644 index 0000000..959463f --- /dev/null +++ b/molecule/__ihs-v85/verify.yml @@ -0,0 +1,15 @@ +--- +- name: Verify + hosts: all + pre_tasks: + - name: Check packages + iim_info: + iim_path: /opt/IBM/InstallationManager + register: iim_info + + tasks: + - name: Check that the correct packages are installed + assert: + that: + - "iim_info.packages | \ + select('match', 'com.ibm.websphere.IHS.v85.*') | list | length > 0" diff --git a/molecule/__ihs-v90/converge.yml b/molecule/__ihs-v90/converge.yml new file mode 100644 index 0000000..3f2b817 --- /dev/null +++ b/molecule/__ihs-v90/converge.yml @@ -0,0 +1,13 @@ +--- +- name: Converge + hosts: all + + collections: + - wh_spm.middleware + + vars: + ihs_version: 9.0.5.8 + + roles: + - iim + - ihs diff --git a/molecule/__ihs-v90/verify.yml b/molecule/__ihs-v90/verify.yml new file mode 100644 index 0000000..a480ec8 --- /dev/null +++ b/molecule/__ihs-v90/verify.yml @@ -0,0 +1,17 @@ +--- +# This is an example playbook to execute Ansible tests. + +- name: Verify + hosts: all + pre_tasks: + - name: Check packages + iim_info: + iim_path: /opt/IBM/InstallationManager + register: iim_info + + tasks: + - name: Check that the correct packages are installed + assert: + that: + - "iim_info.packages | \ + select('match', 'com.ibm.websphere.IHS.v90.*') | list | length > 0" diff --git a/molecule/__websphere-v85/converge.yml b/molecule/__websphere-v85/converge.yml new file mode 100644 index 0000000..8013eb7 --- /dev/null +++ b/molecule/__websphere-v85/converge.yml @@ -0,0 +1,13 @@ +--- +- name: Converge + hosts: all + + collections: + - ibm.spm_middleware + + vars: + websphere_version: 8.5.5.17 + + roles: + - iim + - websphere diff --git a/molecule/__websphere-v85/verify.yml b/molecule/__websphere-v85/verify.yml new file mode 100644 index 0000000..a8b49dc --- /dev/null +++ b/molecule/__websphere-v85/verify.yml @@ -0,0 +1,38 @@ +--- +- name: Verify + hosts: all + pre_tasks: + - name: Check packages + iim_info: + iim_path: /opt/IBM/InstallationManager + register: iim_info + + - name: Slurp JspBatchCompiler.sh + slurp: + src: /opt/IBM/WebSphere/AppServer/bin/JspBatchCompiler.sh + register: jsp_compiler_sh + + - name: Slurp websphere.sh + slurp: + src: /opt/profile.d/websphere.sh + register: env_websphere_sh + + tasks: + - name: Check that the correct packages are installed + assert: + that: + - "iim_info.packages | \ + select('match', 'com.ibm.websphere.ND.v85.*') | list | length > 0" + + - name: Check that JspBatchCompiler has been patched + assert: + that: + - "{{ '-Xmx1024m' in (jsp_compiler_sh['content'] | b64decode) }}" + + - name: Check that environment file has been created correctly + assert: + that: + - "{{ 'WAS_HOME=/opt/IBM/WebSphere/AppServer' \ + in (env_websphere_sh['content'] | b64decode) }}" + - "{{ 'JAVA_HOME=$WAS_HOME/java\n' \ + in (env_websphere_sh['content'] | b64decode) }}" diff --git a/molecule/__websphere-v90/converge.yml b/molecule/__websphere-v90/converge.yml new file mode 100644 index 0000000..f2fd2e4 --- /dev/null +++ b/molecule/__websphere-v90/converge.yml @@ -0,0 +1,13 @@ +--- +- name: Converge + hosts: all + + collections: + - ibm.spm_middleware + + vars: + websphere_version: 9.0.5.8 + + roles: + - iim + - websphere diff --git a/molecule/__websphere-v90/verify.yml b/molecule/__websphere-v90/verify.yml new file mode 100644 index 0000000..429373c --- /dev/null +++ b/molecule/__websphere-v90/verify.yml @@ -0,0 +1,40 @@ +--- +- name: Verify + hosts: all + pre_tasks: + - name: Check packages + iim_info: + iim_path: /opt/IBM/InstallationManager + register: iim_info + + - name: Slurp JspBatchCompiler.sh + slurp: + src: /opt/IBM/WebSphere/AppServer/bin/JspBatchCompiler.sh + register: jsp_compiler_sh + + - name: Slurp websphere.sh + slurp: + src: /opt/profile.d/websphere.sh + register: env_websphere_sh + + tasks: + - name: Check that the correct packages are installed + assert: + that: + - "iim_info.packages | \ + select('match', 'com.ibm.websphere.ND.v90.*') | list | length > 0" + - "iim_info.packages | \ + select('match', 'com.ibm.java.jdk.v8.*') | list | length > 0" + + - name: Check that JspBatchCompiler has been patched + assert: + that: + - "{{ '-Xmx1024m' in (jsp_compiler_sh['content'] | b64decode) }}" + + - name: Check that environment file has been created correctly + assert: + that: + - "{{ 'WAS_HOME=/opt/IBM/WebSphere/AppServer' \ + in (env_websphere_sh['content'] | b64decode) }}" + - "{{ 'JAVA_HOME=$WAS_HOME/java/8.0\n' \ + in (env_websphere_sh['content'] | b64decode) }}" diff --git a/molecule/_resources/Dockerfile.j2 b/molecule/_resources/Dockerfile.j2 new file mode 100644 index 0000000..2e34ced --- /dev/null +++ b/molecule/_resources/Dockerfile.j2 @@ -0,0 +1,26 @@ +# Molecule managed + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python3 python3-pip sudo python3-devel python3-dnf bash python3-libselinux && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi + +# Create `ansible` user with sudo permissions and membership in `DEPLOY_GROUP` +ENV ANSIBLE_USER=ansible DEPLOY_GROUP=deployer +RUN set -xe \ + && if [ $(getent group wheel) ]; then export SUDO_GROUP=wheel; fi \ + && if [ $(getent group sudo) ]; then export SUDO_GROUP=sudo; fi \ + && groupadd -r ${ANSIBLE_USER} \ + && groupadd -r ${DEPLOY_GROUP} \ + && useradd -m -g ${ANSIBLE_USER} ${ANSIBLE_USER} \ + && usermod -aG ${SUDO_GROUP} ${ANSIBLE_USER} \ + && usermod -aG ${DEPLOY_GROUP} ${ANSIBLE_USER} \ + && sed -i "/^%${SUDO_GROUP}/s/ALL\$/NOPASSWD:ALL/g" /etc/sudoers diff --git a/molecule/db2-111-centos-7/molecule.yml b/molecule/db2-111-centos-7/molecule.yml index 0ba3a68..b9214ae 100644 --- a/molecule/db2-111-centos-7/molecule.yml +++ b/molecule/db2-111-centos-7/molecule.yml @@ -12,8 +12,8 @@ platforms: - name: centos-7 image: centos:7 dockerfile: ../_resources/Dockerfile.j2 - pre_build_image: False - privileged: True + pre_build_image: false + privileged: true volume_mounts: - "/sys/fs/cgroup:/sys/fs/cgroup:rw" command: "/usr/sbin/init" diff --git a/molecule/db2-111-centos-7/verify.yml b/molecule/db2-111-centos-7/verify.yml index 1f5332c..5d733c3 100644 --- a/molecule/db2-111-centos-7/verify.yml +++ b/molecule/db2-111-centos-7/verify.yml @@ -7,7 +7,7 @@ - stat: "path=/opt/Props/Bootstrap.properties" register: boot_props - command: "db2level" - become: yes + become: true become_user: "db2admin" become_method: sudo become_flags: "-i" diff --git a/molecule/db2-115-centos-8/molecule.yml b/molecule/db2-115-centos-8/molecule.yml index 4e0bb34..c3f230a 100644 --- a/molecule/db2-115-centos-8/molecule.yml +++ b/molecule/db2-115-centos-8/molecule.yml @@ -12,8 +12,8 @@ platforms: - name: centos-8 image: centos:8 dockerfile: ../_resources/Dockerfile.j2 - pre_build_image: False - privileged: True + pre_build_image: false + privileged: true volume_mounts: - "/sys/fs/cgroup:/sys/fs/cgroup:rw" command: "/usr/sbin/init" diff --git a/molecule/db2-115-centos-8/verify.yml b/molecule/db2-115-centos-8/verify.yml index 3219174..4fb341f 100644 --- a/molecule/db2-115-centos-8/verify.yml +++ b/molecule/db2-115-centos-8/verify.yml @@ -7,7 +7,7 @@ - stat: "path=/opt/Props/Bootstrap.properties" register: boot_props - command: "db2level" - become: yes + become: true become_user: "db2admin" become_method: sudo become_flags: "-i" diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index ec5d8ec..7efb473 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -22,8 +22,8 @@ platforms: - name: centos-8 image: centos:8 dockerfile: ../_resources/Dockerfile.j2 - pre_build_image: False - privileged: True + pre_build_image: false + privileged: true volume_mounts: - "/sys/fs/cgroup:/sys/fs/cgroup:rw" command: "/usr/lib/systemd/systemd" diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 1f5332c..5d733c3 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -7,7 +7,7 @@ - stat: "path=/opt/Props/Bootstrap.properties" register: boot_props - command: "db2level" - become: yes + become: true become_user: "db2admin" become_method: sudo become_flags: "-i" diff --git a/molecule/ihs-v80-centos-7/molecule.yml b/molecule/ihs-v80-centos-7/molecule.yml new file mode 100644 index 0000000..20c95fa --- /dev/null +++ b/molecule/ihs-v80-centos-7/molecule.yml @@ -0,0 +1,34 @@ +--- +driver: + name: docker + provider: + name: docker + +lint: | + set -e + yamllint . + +platforms: + - name: centos-7 + image: centos:7 + dockerfile: ../_resources/Dockerfile.j2 + pre_build_image: false + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:rw" + command: "/usr/sbin/init" + environment: + container: docker + +provisioner: + name: ansible + log: true + config_options: + defaults: + stderr_callback: debug + stdout_callback: debug + env: + ANSIBLE_FORCE_COLOR: 'true' + playbooks: + converge: ../__ihs-v85/converge.yml + verify: ../__ihs-v85/verify.yml diff --git a/molecule/ihs-v90-centos-8/molecule.yml b/molecule/ihs-v90-centos-8/molecule.yml new file mode 100644 index 0000000..b33a2b8 --- /dev/null +++ b/molecule/ihs-v90-centos-8/molecule.yml @@ -0,0 +1,34 @@ +--- +driver: + name: docker + provider: + name: docker + +lint: | + set -e + yamllint . + +platforms: + - name: centos-8 + image: centos:8 + dockerfile: ../_resources/Dockerfile.j2 + pre_build_image: false + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:rw" + command: "/usr/sbin/init" + environment: + container: docker + +provisioner: + name: ansible + log: true + config_options: + defaults: + stderr_callback: debug + stdout_callback: debug + env: + ANSIBLE_FORCE_COLOR: 'true' + playbooks: + converge: ../__ihs-v90/converge.yml + verify: ../__ihs-v90/verify.yml diff --git a/molecule/iim-191-centos-8/molecule.yml b/molecule/iim-191-centos-8/molecule.yml index 4b67c7c..b47bd0e 100644 --- a/molecule/iim-191-centos-8/molecule.yml +++ b/molecule/iim-191-centos-8/molecule.yml @@ -12,8 +12,8 @@ platforms: - name: centos-8 image: centos:8 dockerfile: ../_resources/Dockerfile.j2 - pre_build_image: False - privileged: True + pre_build_image: false + privileged: true volume_mounts: - "/sys/fs/cgroup:/sys/fs/cgroup:rw" command: "/usr/sbin/init" diff --git a/molecule/websphere-v85-centos-7/molecule.yml b/molecule/websphere-v85-centos-7/molecule.yml new file mode 100644 index 0000000..1e16c1d --- /dev/null +++ b/molecule/websphere-v85-centos-7/molecule.yml @@ -0,0 +1,34 @@ +--- +driver: + name: docker + provider: + name: docker + +lint: | + set -e + yamllint . + +platforms: + - name: centos-7 + image: centos:7 + dockerfile: ../_resources/Dockerfile.j2 + pre_build_image: false + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:rw" + command: "/usr/sbin/init" + environment: + container: docker + +provisioner: + name: ansible + log: true + config_options: + defaults: + stderr_callback: debug + stdout_callback: debug + env: + ANSIBLE_FORCE_COLOR: 'true' + playbooks: + converge: ../__websphere-v85/converge.yml + verify: ../__websphere-v85/verify.yml diff --git a/molecule/websphere-v90-centos-7/molecule.yml b/molecule/websphere-v90-centos-7/molecule.yml new file mode 100644 index 0000000..6674b41 --- /dev/null +++ b/molecule/websphere-v90-centos-7/molecule.yml @@ -0,0 +1,34 @@ +--- +driver: + name: docker + provider: + name: docker + +lint: | + set -e + yamllint . + +platforms: + - name: centos-7 + image: centos:7 + dockerfile: ../_resources/Dockerfile.j2 + pre_build_image: false + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:rw" + command: "/usr/sbin/init" + environment: + container: docker + +provisioner: + name: ansible + log: true + config_options: + defaults: + stderr_callback: debug + stdout_callback: debug + env: + ANSIBLE_FORCE_COLOR: 'true' + playbooks: + converge: ../__websphere-v90/converge.yml + verify: ../__websphere-v90/verify.yml diff --git a/molecule/websphere-v90-centos-8/molecule.yml b/molecule/websphere-v90-centos-8/molecule.yml new file mode 100644 index 0000000..caa04f1 --- /dev/null +++ b/molecule/websphere-v90-centos-8/molecule.yml @@ -0,0 +1,34 @@ +--- +driver: + name: docker + provider: + name: docker + +lint: | + set -e + yamllint . + +platforms: + - name: centos-8 + image: centos:8 + dockerfile: ../_resources/Dockerfile.j2 + pre_build_image: false + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:rw" + command: "/usr/sbin/init" + environment: + container: docker + +provisioner: + name: ansible + log: true + config_options: + defaults: + stderr_callback: debug + stdout_callback: debug + env: + ANSIBLE_FORCE_COLOR: 'true' + playbooks: + converge: ../__websphere-v90/converge.yml + verify: ../__websphere-v90/verify.yml diff --git a/roles/db2/defaults/main.yml b/roles/db2/defaults/main.yml index 57197b8..f310540 100644 --- a/roles/db2/defaults/main.yml +++ b/roles/db2/defaults/main.yml @@ -10,7 +10,7 @@ db2_license_path: /tmp/db2ese_u.lic db2_db_create: True db2_db_name: DATABASE db2_db_username: "{{ lookup('env', 'DB2_USER') }}" -db2_db_password: "{{ lookup('env', 'DB2_PASSWPRD') }}" +db2_db_password: "{{ lookup('env', 'DB2_PASSWORD') }}" db2_db_spm_enc: "{{ lookup('env', 'DB2_ENC_PASSWORD') }}" db2_db_drop_required: False diff --git a/roles/ihs/README.md b/roles/ihs/README.md new file mode 100644 index 0000000..cde45e5 --- /dev/null +++ b/roles/ihs/README.md @@ -0,0 +1,76 @@ +# ihs + +The `ihs` role will install IBM HTTP Server. + +## Requirements + +IBM Installation Manager (1.9.x) must already be installed in the target environment. + +## Role Variables + +| Property Name | Default value | +| ----------------------- | --------------------------------------------------- | +| `ihs_install_path` | `/opt/IBM/HTTPServer` | +| `plg_install_path` | `/opt/IBM/WebSphere/Plugins` | +| `wct_install_path` | `/opt/IBM/WebSphere/Toolbox` | +| `ihs_version` | `9.0.5.8` | +| `ihs_config_type` | `local_distributed` | +| `ihs_admin_user` | `wasadmin` | +| `ihs_admin_pass` | `wasadmin` | +| ----------------------- | --------------------------------------------------- | +| Version-specific: | Values from `9.0.5.8` | +| ----------------------- | --------------------------------------------------- | +| `ihs_base_path` | `WAS/9.0.5ND` | +| `ihs_base_archive_list` | `was.repo.90500.[ihs|plugins|wct].zip` | +| `ihs_fp_path` | `WAS/9.0.5Fixpacks` | +| `ihs_fp_archive_list` | `9.0.5-WS-[IHSPLG|WCT]-FP008.zip` | +| `ihs_pid` | `v90_9.0.5008.20210525_1601` | +| `ihs_java_zip_path` | `Java/IBM/ibm-java-sdk-8.0-6.26-linux-x64-installmgr.zip` | +| `ihs_java_pid` | `com.ibm.java.jdk.v8` | +| ----------------------- | --------------------------------------------------- | +| `iim_install_path` | `/opt/IBM/InstallationManager` | +| `profiled_path` | `/opt/profile.d` | + +## Dependencies + +IBM Installation Manager (iim) + + +## Example Playbook + +``` +--- +- hosts: servers + remote_user: root + + collections: + - ibm.spm_middleware + + roles: + - ibm.spm_middleware.iim + - role: ibm.spm_middleware.ihs + vars: + - ihs_version: 8.5.5.17 + +``` + +## Example Playbook (Local Development) +``` +--- +- hosts: servers + remote_user: root + + collections: + - ibm.spm_middleware + + roles: + - ibm.spm_middleware.iim + - role: ihs + vars: + - ihs_version: 8.5.5.17 + +``` + +## License + +MIT diff --git a/roles/ihs/defaults/main.yml b/roles/ihs/defaults/main.yml new file mode 100644 index 0000000..a06907f --- /dev/null +++ b/roles/ihs/defaults/main.yml @@ -0,0 +1,15 @@ +--- +iim_install_path: /opt/IBM/InstallationManager + +ihs_install_path: /opt/IBM/HTTPServer +plg_install_path: /opt/IBM/WebSphere/Plugins +wct_install_path: /opt/IBM/WebSphere/Toolbox + +ihs_version: 9.0.5.8 + +ihs_config_type: local_distributed +ihs_admin_user: wasadmin +ihs_admin_pass: wasadmin + +# Common +profiled_path: /opt/profile.d diff --git a/roles/ihs/meta/main.yml b/roles/ihs/meta/main.yml new file mode 100644 index 0000000..523c95d --- /dev/null +++ b/roles/ihs/meta/main.yml @@ -0,0 +1,39 @@ +--- +galaxy_info: + author: SPM DevOps Team + description: Install IBM HTTP Server. + company: Watson Health SPM + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + license: MIT + + min_ansible_version: 2.9 + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + platforms: + - name: EL + versions: + - 7 + - 8 + + galaxy_tags: + [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: + [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/ihs/tasks/configure.yml b/roles/ihs/tasks/configure.yml new file mode 100644 index 0000000..71e3406 --- /dev/null +++ b/roles/ihs/tasks/configure.yml @@ -0,0 +1,57 @@ +--- +- name: Check htpasswd + slurp: + path: "{{ ihs_install_path }}/conf/admin.passwd" + register: admin_passwd_file + +- name: Set htpasswd + command: "{{ ihs_install_path }}/bin/htpasswd -b -cm {{ ihs_install_path }}/conf/admin.passwd {{ ihs_admin_user }} {{ ihs_admin_pass }}" + when: ihs_admin_user not in (admin_passwd_file['content'] | b64decode) + +- name: Create config drop-ins directory + file: + path: "{{ ihs_install_path }}/conf.d" + state: directory + +- name: Include config drop-ins + lineinfile: + path: "{{ ihs_install_path }}/conf/httpd.conf" + line: "Include conf.d/*.conf" + insertafter: EOF + state: present + +- name: Render configuration files + template: + src: "{{ item }}.j2" + dest: "{{ ihs_install_path }}/conf.d/{{ item }}" + loop: + - custom_ihs_perf.conf + - custom_ssl.conf + - custom_staticcontent.conf + +- name: Create kdb for self-signed cert + command: "{{ ihs_install_path }}/bin/gskcapicmd -keydb -create -db {{ plg_install_path }}/config/key.kdb -pw {{ ihs_admin_pass }} -type cms -stash" + args: + creates: "{{ plg_install_path }}/config/key.kdb" + register: kdb_file + +- name: Generate self-signed cert + command: "{{ ihs_install_path }}/bin/gskcapicmd -cert -create -db {{ plg_install_path }}/config/key.kdb -pw {{ ihs_admin_pass }} -label websphere -size 2048 -sigalg SHA256WithRSA -expire 820 -dn 'CN={{ ansible_fqdn }},O=IBM,C=IE' -default_cert yes -san_dnsname {{ ansible_fqdn }} -eku serverAuth" + when: kdb_file.changed + +- name: Check admin.conf + slurp: + path: "{{ ihs_install_path }}/conf/admin.conf" + register: admin_conf_file + +- name: Render PCT response file + template: + src: responsefile.txt.j2 + dest: "{{ wct_install_path }}/WCT/ihs_responsefile.txt" + when: "'Listen @@AdminPort@@' in (admin_conf_file['content'] | b64decode)" + +- name: Run PCT tool + command: "./wctcmd.sh -tool pct -defLocPathname {{ plg_install_path }} -defLocName {{ ansible_hostname }} -createDefinition -response ./ihs_responsefile.txt" + args: + chdir: "{{ wct_install_path }}/WCT" + when: "'Listen @@AdminPort@@' in (admin_conf_file['content'] | b64decode)" diff --git a/roles/ihs/tasks/env.yml b/roles/ihs/tasks/env.yml new file mode 100644 index 0000000..7f490b4 --- /dev/null +++ b/roles/ihs/tasks/env.yml @@ -0,0 +1,43 @@ +--- +- name: "Create {{ profiled_path }}" + file: + path: "{{ profiled_path }}" + mode: 0755 + state: directory + when: ansible_os_family != "Windows" + +- name: "Create {{ profiled_path }}/ihs.sh" + copy: + dest: "{{ profiled_path }}/ihs.sh" + content: | + #!/bin/bash + IHS_HOME={{ ihs_install_path }} + export IHS_HOME + + PLG_HOME={{ plg_install_path }} + export PLG_HOME + + export PATH=$IHS_HOME/bin:$PLG_HOME/bin:$PATH + mode: 0755 + when: ansible_os_family != "Windows" + +- name: Create /opt/.profile + copy: + dest: /opt/.profile + content: | + #!/bin/bash + PATH=.:$PATH + + if [ -e {{ profiled_path }} ]; then + if [ "$PS1" ]; then + ls -l {{ profiled_path }}/*.sh + fi + for lizard in {{ profiled_path }}/*.sh ; do + . $lizard + done + fi + + LANG=en_US.ISO-8859-1 + umask 002 + mode: 0755 + when: ansible_os_family != "Windows" diff --git a/roles/ihs/tasks/main.yml b/roles/ihs/tasks/main.yml new file mode 100644 index 0000000..66dcb05 --- /dev/null +++ b/roles/ihs/tasks/main.yml @@ -0,0 +1,32 @@ +--- +- name: Include version variables + include_vars: "v{{ ihs_version }}.yml" + +- name: Check packages + iim_info: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.PLG.{{ ihs_pid }}" + register: iim_info + +- name: Install Base version + include_tasks: "{{ ihs_pid.split('_') | first }}_base_install.yml" + when: not iim_info.base_installed + +- name: Install Fixpack version + include_tasks: "{{ ihs_pid.split('_') | first }}_fixpack_install.yml" + when: not iim_info.exact_installed + +- name: Setup environment variables + include_tasks: env.yml + +- name: Configure IHS + include_tasks: configure.yml + +- name: Cleanup + file: + path: "{{ item }}" + state: absent + loop: + - /tmp/fp + - /tmp/wct + - /tmp/repo-zips diff --git a/roles/ihs/tasks/v85_base_install.yml b/roles/ihs/tasks/v85_base_install.yml new file mode 100644 index 0000000..1d0f07e --- /dev/null +++ b/roles/ihs/tasks/v85_base_install.yml @@ -0,0 +1,56 @@ +--- +- name: Create zip directory + file: + path: /tmp/repo-zips + state: directory + +- name: Copy installers + copy: + directory_mode: yes + remote_src: no + src: "/tmp/repo-zips/" + dest: "/tmp/repo-zips/" + +- name: Create IHS repo directories + file: + path: "/tmp/repo" + state: directory + +- name: Extract IHS installers + unarchive: + src: "/tmp/repo-zips/{{ item }}" + dest: /tmp/repo/ + remote_src: yes + creates: "/tmp/repo/disk{{ (index + 1) | string }}" + loop: "{{ ihs_base_archive_list }}" + loop_control: + index_var: index + +- name: Install IHS + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.IHS.{{ ihs_base_pid }}" + path: "{{ ihs_install_path }}" + repo: /tmp/repo + properties: + "user.ihs.httpPort": 80 + state: present + when: "iim_info.packages | select('match', 'com.ibm.websphere.IHS.*') | list | length == 0" + +- name: Install PLG + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.PLG.{{ ihs_base_pid }}" + path: "{{ plg_install_path }}" + repo: /tmp/repo + state: present + when: "iim_info.packages | select('match', 'com.ibm.websphere.PLG.*') | list | length == 0" + +- name: Install WCT + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.WCT.{{ ihs_base_pid }}" + path: "{{ wct_install_path }}" + repo: /tmp/repo + state: present + when: "iim_info.packages | select('match', 'com.ibm.websphere.WCT.*') | list | length == 0" diff --git a/roles/ihs/tasks/v85_fixpack_install.yml b/roles/ihs/tasks/v85_fixpack_install.yml new file mode 100644 index 0000000..748c5bc --- /dev/null +++ b/roles/ihs/tasks/v85_fixpack_install.yml @@ -0,0 +1,66 @@ +--- +- name: Copy installers + copy: + directory_mode: yes + remote_src: no + src: "/tmp/repo-zips/" + dest: "/tmp/repo-zips/" + +- name: Create WAS repo directory + file: + path: "/tmp/fp" + state: directory + +- name: Create WAS repo directory + file: + path: "/tmp/wct" + state: directory + +- name: Extract IHS installers + unarchive: + src: "/tmp/repo-zips/{{ item }}" + dest: "/tmp/fp/" + remote_src: yes + loop: "{{ ihs_fp_archive_list }}" + +- name: Extract WCT installers + unarchive: + src: "/tmp/repo-zips/{{ item }}" + dest: "/tmp/wct/" + remote_src: yes + loop: "{{ ihs_wct_archive_list }}" + +- name: Set up-to-date facts + set_fact: + have_exact_ihs: "'com.ibm.websphere.IHS.{{ ihs_pid }}' in iim_info.packages" + have_exact_plg: "'com.ibm.websphere.PLG.{{ ihs_pid }}' in iim_info.packages" + have_exact_wct: "'com.ibm.websphere.WCT.{{ ihs_pid }}' in iim_info.packages" + +- name: Upgrade IHS + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.IHS.{{ ihs_pid }}" + path: "{{ ihs_install_path }}" + repo: /tmp/fp + properties: + "user.ihs.httpPort": 80 + state: present + when: not (have_exact_ihs|bool) + +- name: Upgrade PLG + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.PLG.{{ ihs_pid }}" + path: "{{ plg_install_path }}" + repo: /tmp/fp + state: present + when: not (have_exact_plg|bool) + +- name: Upgrade WCT + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.WCT.{{ ihs_pid }}" + path: "{{ wct_install_path }}" + repo: /tmp/wct + state: present + when: not (have_exact_wct|bool) diff --git a/roles/ihs/tasks/v90_base_install.yml b/roles/ihs/tasks/v90_base_install.yml new file mode 100644 index 0000000..bb2ba5a --- /dev/null +++ b/roles/ihs/tasks/v90_base_install.yml @@ -0,0 +1,84 @@ +--- +- name: Create zip directory + file: + path: /tmp/repo-zips + state: directory + +- name: Copy base installers + copy: + directory_mode: yes + remote_src: no + src: "/tmp/repo-zips/" + dest: "/tmp/repo-zips/" + +- name: Create IHS base repo directories + file: + path: "/tmp/repo/{{ index }}" + state: directory + loop: "{{ ihs_base_archive_list }}" + loop_control: + index_var: index + +- name: Create Java repo directory + file: + path: /tmp/repo/java + state: directory + +- name: Extract IHS base installers + unarchive: + src: "/tmp/repo-zips/{{ item }}" + dest: "/tmp/repo/{{ index }}" + remote_src: yes + creates: "/tmp/repo/{{ index }}/repository.config" + loop: "{{ ihs_base_archive_list }}" + loop_control: + index_var: index + +- name: Extract Java installer + unarchive: + src: /tmp/repo-zips/java-repo.zip + dest: /tmp/repo/java + remote_src: yes + creates: /tmp/repo/java/repository.config + +- name: Build base repo list + set_fact: + repo_list: "{{ repo_list | default(['/tmp/repo/java']) + ['/tmp/repo/' + index|string]}}" + loop: "{{ ihs_base_archive_list }}" + loop_control: + index_var: index + +- name: Install IHS + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: + - "com.ibm.websphere.IHS.{{ ihs_pid.split('_') | first }}" + - com.ibm.java.jdk.v8 + path: "{{ ihs_install_path }}" + repo: "{{ repo_list }}" + properties: + "user.ihs.httpPort": 80 + state: present + when: "iim_info.packages | select('match', 'com.ibm.websphere.IHS.*') | list | length == 0" + +- name: Install PLG + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: + - "com.ibm.websphere.PLG.{{ ihs_pid.split('_') | first }}" + - com.ibm.java.jdk.v8 + path: "{{ plg_install_path }}" + repo: "{{ repo_list }}" + state: present + when: "iim_info.packages | select('match', 'com.ibm.websphere.PLG.*') | list | length == 0" + +- name: Install WCT + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: + - "com.ibm.websphere.WCT.{{ ihs_pid.split('_') | first }}" + - com.ibm.java.jdk.v8 + path: "{{ wct_install_path }}" + repo: "{{ repo_list }}" + state: present + when: "iim_info.packages | select('match', 'com.ibm.websphere.WCT.*') | list | length == 0" diff --git a/roles/ihs/tasks/v90_fixpack_install.yml b/roles/ihs/tasks/v90_fixpack_install.yml new file mode 100644 index 0000000..88a303c --- /dev/null +++ b/roles/ihs/tasks/v90_fixpack_install.yml @@ -0,0 +1,66 @@ +--- +- name: Create IHS fixpack repo directories + file: + path: "/tmp/repo/{{ index }}" + state: directory + loop: "{{ ihs_fp_archive_list }}" + loop_control: + index_var: index + +- name: Copy fixpack installers + copy: + directory_mode: yes + remote_src: no + src: "/tmp/repo-zips/" + dest: "/tmp/repo-zips/" + +- name: Extract IHS fixpack installers + unarchive: + src: "/tmp/repo-zips/{{ item }}" + dest: "/tmp/repo/{{ index }}" + remote_src: yes + loop: "{{ ihs_fp_archive_list }}" + loop_control: + index_var: index + +- name: Build fixpack repo list + set_fact: + repo_list: "{{ repo_list | default([]) + ['/tmp/repo/' + index|string]}}" + loop: "{{ ihs_fp_archive_list }}" + loop_control: + index_var: index + +- name: Set up-to-date facts + set_fact: + have_exact_ihs: "'com.ibm.websphere.IHS.{{ ihs_pid }}' in iim_info.packages" + have_exact_plg: "'com.ibm.websphere.PLG.{{ ihs_pid }}' in iim_info.packages" + have_exact_wct: "'com.ibm.websphere.WCT.{{ ihs_pid }}' in iim_info.packages" + +- name: Upgrade IHS + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.IHS.{{ ihs_pid }}" + path: "{{ ihs_install_path }}" + repo: "{{ repo_list }}" + properties: + "user.ihs.httpPort": 80 + state: present + when: not (have_exact_ihs|bool) + +- name: Upgrade PLG + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.PLG.{{ ihs_pid }}" + path: "{{ plg_install_path }}" + repo: "{{ repo_list }}" + state: present + when: not (have_exact_plg|bool) + +- name: Upgrade WCT + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.WCT.{{ ihs_pid }}" + path: "{{ wct_install_path }}" + repo: "{{ repo_list }}" + state: present + when: not (have_exact_wct|bool) diff --git a/roles/ihs/templates/custom_ihs_perf.conf.j2 b/roles/ihs/templates/custom_ihs_perf.conf.j2 new file mode 100644 index 0000000..81b2eb0 --- /dev/null +++ b/roles/ihs/templates/custom_ihs_perf.conf.j2 @@ -0,0 +1,114 @@ +############################################################################### +# Copyright 2017,2020 IBM Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +############################################################################### + +# +# Taken from http://www-01.ibm.com/support/docview.wss?uid=swg21685199&aid=1 +# + +KeepAlive On +MaxKeepAliveRequests 1000 +KeepAliveTimeOut 120 + +# +# if required, you need to substitute these in the main httpd.conf for Linux +# +# +#ThreadLimit 300 +#MaxClients 300 +#MinSpareThreads 300 +#MaxSpareThreads 300 +#ThreadsPerChild 300 +#StartServers 1 +#ServerLimit 1 +#MaxRequestsPerChild 0 +# +# +# if required, you need to substitue these in the main httpd.conf for Windows +# +# +#ThreadLimit 300 +#ThreadsPerChild 300 +#MaxRequestsPerChild 0 +#MaxMemFree 2048 +# +# +# + +# +# Allow access to /server-status +# +# +# SetHandler server-status +# Order allow,deny +# Allow from all +# + +# +# Custom rule to redirect to HTTPS +# +# +# RedirectPermanent / https://${HOSTNAME}_SSL/ +# + + LoadModule headers_module modules/mod_headers.so + + + LoadModule expires_module modules/mod_expires.so + +# Enables mod_rewrite for React Router's BrowserRouter directives + + LoadModule rewrite_module modules/mod_rewrite.so + +# Below "/opt/IBM/HTTPServer/htdocs/universal" is the location +# where the web application is deployed under the DocumentRoot. +# Alternatively you can specify the DocumentRoot "/opt/IBM/HTTPServer/htdocs" + + AllowOverride FileInfo Options=MultiViews + ExpiresActive On + ExpiresDefault "access plus 1 month" + Header unset Last-Modified + + +# List of MIME types that can be compressed provided with the out-of-the-box application +# some of them might be already configured in your HTTP server, please edit as required + + AddType image/x-icon .ico + AddType application/javascript .js + AddType application/json json + AddType image/svg+xml svg + AddType text/css css + AddType text/html html + + +# mod_filter is needed for "AddOutputFilterByType" in IHS9 (Apache 2.4) + + LoadModule filter_module modules/mod_filter.so + + + LoadModule deflate_module modules/mod_deflate.so + + + + AddOutputFilterByType DEFLATE text/html text/plain text/css application/x-javascript application/javascript image/svg+xml application/json image/x-icon image/vnd.microsoft.icon text/xml + # Netscape 4.x has some problems... + BrowserMatch ^Mozilla/4 gzip-only-text/html + # Netscape 4.06-4.08 have some more problems + BrowserMatch ^Mozilla/4\.0[678] no-gzip + # MSIE masquerades as Netscape, but it is fine + BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html + # Make sure proxies don't deliver the wrong content + Header append Vary User-Agent env=!dont-vary + diff --git a/roles/ihs/templates/custom_ssl.conf.j2 b/roles/ihs/templates/custom_ssl.conf.j2 new file mode 100644 index 0000000..6a42841 --- /dev/null +++ b/roles/ihs/templates/custom_ssl.conf.j2 @@ -0,0 +1,40 @@ +############################################################################### +# Copyright 2017,2020 IBM Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +############################################################################### +# +# Custom SSL config file +# + + +LoadModule ibm_ssl_module modules/mod_ibm_ssl.so +# Below 2 Listen directives needed for IHS in WINDOWS, second one for IPv6 support +Listen 0.0.0.0:443 +# In Fyre some RHEL7 vms seem to have ipv6 disabled OOTB +# Listen [::]:443 + + SSLEnable + SSLClientAuth None + SSLServerCert websphere + # Disable SSLv3 for CVE-2014-3566 + # SSLv2 is disabled in V8R0 and later by default, and in typical V7 + # and earlier configurations disabled implicitly when SSLv3 ciphers + # are configured with SSLCipherSpec. + SSLProtocolDisable SSLv3 SSLv2 TLSv10 TLSv11 + KeyFile {{ plg_install_path }}/config/key.kdb + SSLStashFile {{ plg_install_path }}/config/key.sth + SSLV3TimeOut 120 + +# End of example SSL configuration + diff --git a/roles/ihs/templates/custom_staticcontent.conf.j2 b/roles/ihs/templates/custom_staticcontent.conf.j2 new file mode 100644 index 0000000..63da368 --- /dev/null +++ b/roles/ihs/templates/custom_staticcontent.conf.j2 @@ -0,0 +1,39 @@ +############################################################################### +# Copyright 2017,2020 IBM Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +############################################################################### +# +# Custom Static Content config file +# + +Alias /CuramStatic/ "{{ ihs_install_path }}/htdocs/WebContent/" + + Options Indexes MultiViews + AllowOverride None + #Order allow,deny + Require all granted + + + + ExpiresActive On + ExpiresByType text/css "access plus 1 month" + ExpiresByType text/javascript "access plus 1 month" + ExpiresByType text/plain "access plus 1 month" + ExpiresByType image/gif "access plus 1 month" + ExpiresByType image/jpg "access plus 1 month" + ExpiresByType image/png "access plus 1 month" + ExpiresByType application/x-shockwave-flash "access plus 1 month" + ExpiresByType application/x-javascript "access plus 1 month" + Header unset Last-Modified + diff --git a/roles/ihs/templates/responsefile.txt.j2 b/roles/ihs/templates/responsefile.txt.j2 new file mode 100644 index 0000000..4354f12 --- /dev/null +++ b/roles/ihs/templates/responsefile.txt.j2 @@ -0,0 +1,427 @@ +############################################################################### +# Copyright 2017,2020 IBM Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +############################################################################### + +################################################################################ +# Note: Default Web server Plugins install locations +# -------------------------------------------------- +# +# Below are the default install locations for each supported operating system. +# +# AIX: "/usr/IBM/WebSphere/Plugins" +# +# HP-UX, Linux, and Solaris: "/opt/IBM/WebSphere/Plugins" +# +# Windows: "C:/Program Files/IBM/WebSphere/Plugins" +# +# Note: On unix operating systems, spaces in the install location is not supported. +# Note: On Windows operating systems, use forward slashes in the directory names. +################################################################################ + +################################################################################ +# +# Configuration Type +# +# Valid Options : local_standalone WebSphere Application Server and web server on same machine +# remote WebSphere Applicaiton Server and web server on separate machines. +# local_distributed Required when the profile on WebSphere Application +# Server is federated to a deployment manager +# + +configType="{{ ihs_config_type }}" + + +################################################################################ +# +# WebSphere Application Server Existing Location +# +# Valid Options : An existing WebSphere Application Server installation's home directory. +# +# Note : This option is valid for local configuration type. +# + +wasExistingLocation="" + + +################################################################################ +# +# Web server to configure +# +# Valid options +# ihs IBM HTTP Server V8.5.5 +# apache22 Apache Web Server V2.2 +# apache24 Apache Web Server V2.4 +# domino9 IBM Domino Web Server V9.0 (not supported on HP-UX, Solaris x64 (x86_64)) +# sunone Sun Java System Web Server V6.1 or Sun Java System Web Server V7.0 +# iis7 Microsoft Internet Information Services V7 (supported on Windows) +# iis8 Microsoft Internet Information Services V8 (supported on Windows) +# +# Note : Specify only one Web server to configure. +# + +webServerSelected="ihs" + + +################################################################################ +# +# IHS-specific Administrator settings +# +################################################################################ +# +# HTTP Administration Port Number +# +# Specify the HTTP administration port number +# +# Note : Specify this value only when configuring IHS. +# + +ihsAdminPort="8008" + + +################################################################################ +# +# IHS Administrator User ID for IHS Administration Server +# +# Specify the IHS administrator server userid. +# +# Note : Specify this value only when configuring IHS. +# + +ihsAdminUserID="{{ ihs_admin_user }}" + + +################################################################################ +# +# IHS Administrator User Group for IHS Administration server +# +# Specify the user Group of the IHS administration process. +# +# Note : Specify this value only when configuring IHS. +# + +ihsAdminUserGroup="{{ ihs_admin_user }}" + + +################################################################################ +# +# Web Server Configuration File 1 +# +# Specify the first web server configuration file. +# +# Valid options +# +# ihs : httpd.conf +# apache : httpd.conf +# domino9 : Notes.jar (Domino Web Server V9.0) +# sunone : magnus.conf +# +# Note : File must exist +# + +webServerConfigFile1="{{ ihs_install_path }}/conf/httpd.conf" + + +################################################################################ +# +# Web Server Configuration File 2 +# +# Specify the second web server configuration file. +# +# Valid options +# +# domino9 : names.nsf (Domino Web Server V9.0) +# sunone : obj.conf +# +# Note : File must exist +# + +webServerConfigFile2="" + + +################################################################################ +# +# Web server port number +# +# Specify the web server port for the web server selected to be configured. +# + +webServerPortNumber="80" + + +################################################################################ +# +# Domino User ID +# +# Specify the Domino V9.0 user ID. +# + +#dominoUserID="notes" + + +################################################################################ +# +# Web Server Definition Name +# +# Specify a name for the web server being defined. +# +# Note : No spaces are allowed in the web server definition name. +# + +webServerDefinition="ihs_{{ ansible_hostname }}" + + +################################################################################ +# +# WebSphere Application Server Machine Hostname +# +# remote install type : enter the hostname of the WebSphere Application Server machine. +# local install type : "" (hostname of target install machine will be used.) +# +# This specification can be omitted for a local_standalone installation type. +# + +wasMachineHostName="{{ ansible_fqdn }}" + + +################################################################################ +# +# Advanced user options available in silent installs only +# +# Specify whether to map all the existing deployed applications to the web server. +# +# Valid Options +# true : the web server definition is mapped as a target to the existing deployed +# applications such as snoop and hitcount (recommended) +# false : no applications are mapped to the web server definition +# +# Note : If this is not set to a valid option, the installer will set it to true +# and continue the installation. +# + +mapWebServerToApplications="true" + + +################################################################################ +# +# Web Server Hostname +# +# In advanced scenarios where a user has multiple web server hostnames on a machine, +# specify the web server hostname used to configure. +# +# Valid Options : +# "" : installation will resolve to the hostname detected on the machine (recommended) +# "" : installation will use the specified on the machine. +# + +webServerHostName="" + + +################################################################################ +# +# Web Server Installation Architecture +# +# Specify the web server installation architecture. +# +# Valid Options : +# "32" : valid for 32 bit web server installations +# "64" : valid for 64 bit web server installations +# "" : architecture of the web server machine will be used +# + +webServerInstallArch="" + + +################################################################################ +# +# WebSphere Application Server Profile Name +# +# Specify the name of the WebSphere Application Server profile to be configured. +# +# Valid options: +# "" : Enter the name of an existing WebSphere Application Server +# profile. Leaving the string empty will result in the +# installer using the default profile. +# This option is valid only in local installation scenarios. +# + +#profileName="" + +################################################################################ +# +# Additional IHS-specific Configuration settings, Tentative +# +################################################################################ +# +# Create a User and Group for the IHS Administrative Server +# +# Optionally creates a user and group when configuring the IHS Administrative +# Server (only specify value when configuring IHS) +# +# Valid options: +# "true" : A user and group will be created if neccessary +# "false" : A user and group will not be created +# + +ihsAdminCreateUserAndGroup="true" + +{% if ansible_os_family == "Windows" %} +################################################################################ +# +# Additional IHS-specific configuration settings +# +################################################################################ +# +# IHS Windows Startup Type +# +# Specify the startup type of the IHS administrative service that is to be created +# on Windows. +# +# Valid options: +# "auto" : service will automatically start when system is booted +# "demand" : service will start only when requested +# +# Note : specify this value only when configuring IHS +# + +ihsWindowsStartupType="auto" +{% endif %} + +################################################################################ +# +# IHS Administrative Server User ID +# +# Specify the ID of the user that will be used to configure the IHS administrative +# server. +# +# Valid options: +# "" : enter the name that will be used to configure the +# IHS administrative server +# +# Note : specify this value only when configuring IHS +# + +{% if ansible_os_family == "Windows" %} +ihsAdminWinUserID="{{ ihs_admin_user }}" +{% else %} +ihsAdminUnixUserID="{{ ihs_admin_user }}" +{% endif %} + +################################################################################ +# +# IHS Administrative Server User Password +# +# Specify the password of the user that will be used to configure the IHS +# administrative server. +# +# Valid options: +# "" : enter the password of the user that will be used +# to configure the IHS administrative server +# +# Note : specify this value only when configuring IHS +# + +{% if ansible_os_family == "Windows" %} +ihsAdminWinPassword="{{ ihs_admin_user }}" +{% else %} +ihsAdminUnixUserGroup="{{ ihs_admin_user }}" +{% endif %} + +################################################################################ +# +# IHS Administrative Server Password +# +# Specify the user password to the IHS administrative server to be configured +# +# Valid options: +# "" : User must enter the password of the User +# to the IHS administrative Server to be configured +# +# Note : specify this value only when configuring IHS +# + +ihsAdminPassword="{{ ihs_admin_pass }}" + +################################################################################# +# +# Enable IHS Administrative Server Support +# +# Specify whether to configure the IHS administrative server +# +# Valid options: +# "true" : Support will be enabled and the IHS administrative +# server will be configured +# "false" : Support will not be enabled and IHS administrative +# server will not be configured +# +# Note : specify this value only when configuring IHS +# + +enableAdminServerSupport="true" + +################################################################################# +# +# Enable Configuration Using a User ID and Password +# +# Specify whether to configure the IHS administrative Server with a user ID and +# password as credentials +# +# Valid options: +# "true" : enable support to configure the IHS administrative server +# with a given user ID and password. +# The revelvant credentials must be supplied. +# "false" : do not enable support for user ID and password configuration. +# No additional values are required. +# +# Note : specify this value only when configuring IHS +# + +enableUserAndPass="true" + +{% if ansible_os_family == "Windows" %} +################################################################################# +# +# Create a Windows Service for the IHS Administrative Server +# +# Specify whether to configure the IHS administrative server to run as a Windows service +# +# Valid options: +# "true" : support to configure the IHS administrative server +# as a Windows service will be enabled +# "false" : support to configure the IHS administrative server +# as a Windows service will not be enabled +# +# Note : specify this value only when configuring IHS +# + +enableWinService="true" +{% endif %} + +################################################################################# +# +# Type of the Web Server to be Configured +# +# Specify the type of the web server to be configured. +# +# Valid options: +# IHS IBM HTTP Server V9.0 +# APACHE Apache Web Server V2.2 or Apache Web Server V2.4 +# DOMINO Domino Web Server V9.0 (not supported on HP-UX, Solaris x64 (x86_64)) +# SUNJAVASYSTEM Sun Java System Web Server V6.1 or Sun Java System Web Server V7.0 +# IIS Microsoft Internet Information Services V7, V8 (supported on Windows) +# +# Note : Specify only one web server to configure. +# + +webServerType="IHS" diff --git a/roles/ihs/vars/v8.5.5.17.yml b/roles/ihs/vars/v8.5.5.17.yml new file mode 100644 index 0000000..9f33414 --- /dev/null +++ b/roles/ihs/vars/v8.5.5.17.yml @@ -0,0 +1,19 @@ +--- +ihs_base_path: WAS/8.5.5ND +ihs_base_archive_list: + - WAS_V8.5.5_SUPPL_1_OF_3.zip + - WAS_V8.5.5_SUPPL_2_OF_3.zip + - WAS_V8.5.5_SUPPL_3_OF_3.zip + +ihs_fp_path: WAS/8.5.5Fixpacks/FP17 +ihs_fp_archive_list: + - 8.5.5-WS-WASSupplements-FP017-part1.zip + - 8.5.5-WS-WASSupplements-FP017-part2.zip + - 8.5.5-WS-WASSupplements-FP017-part3.zip + +ihs_wct_archive_list: + - 8.5.5-WS-WCT-FP017-part1.zip + - 8.5.5-WS-WCT-FP017-part2.zip + +ihs_pid: v85_8.5.5017.20200205_1450 +ihs_base_pid: v85_8.5.5000.20130514_1044 diff --git a/roles/ihs/vars/v9.0.5.3.yml b/roles/ihs/vars/v9.0.5.3.yml new file mode 100644 index 0000000..4534b73 --- /dev/null +++ b/roles/ihs/vars/v9.0.5.3.yml @@ -0,0 +1,16 @@ +--- +ihs_base_path: WAS/9.0.5ND +ihs_base_archive_list: + - was.repo.90500.ihs.zip + - was.repo.90500.plugins.zip + - was.repo.90500.wct.zip + +ihs_fp_path: WAS/9.0.5Fixpacks +ihs_fp_archive_list: + - 9.0.5-WS-IHSPLG-FP003.zip + - 9.0.5-WS-WCT-FP003.zip + +ihs_pid: v90_9.0.5003.20200226_0941 + +ihs_java_zip_path: Java/IBM/ibm-java-sdk-8.0-6.15-linux-x64-installmgr.zip +ihs_java_pid: com.ibm.java.jdk.v8 diff --git a/roles/ihs/vars/v9.0.5.7.yml b/roles/ihs/vars/v9.0.5.7.yml new file mode 100644 index 0000000..82a0d8b --- /dev/null +++ b/roles/ihs/vars/v9.0.5.7.yml @@ -0,0 +1,16 @@ +--- +ihs_base_path: WAS/9.0.5ND +ihs_base_archive_list: + - was.repo.90500.ihs.zip + - was.repo.90500.plugins.zip + - was.repo.90500.wct.zip + +ihs_fp_path: WAS/9.0.5Fixpacks +ihs_fp_archive_list: + - 9.0.5-WS-IHSPLG-FP007.zip + - 9.0.5-WS-WCT-FP007.zip + +ihs_pid: v90_9.0.5007.20210301_1241 + +ihs_java_zip_path: Java/IBM/ibm-java-sdk-8.0-6.26-linux-x64-installmgr.zip +ihs_java_pid: com.ibm.java.jdk.v8 diff --git a/roles/ihs/vars/v9.0.5.8.yml b/roles/ihs/vars/v9.0.5.8.yml new file mode 100644 index 0000000..ecdacf4 --- /dev/null +++ b/roles/ihs/vars/v9.0.5.8.yml @@ -0,0 +1,15 @@ +--- +ihs_base_path: WAS/9.0.5ND +ihs_base_archive_list: + - was.repo.90500.ihs.zip + - was.repo.90500.plugins.zip + - was.repo.90500.wct.zip + +ihs_fp_path: WAS/9.0.5Fixpacks +ihs_fp_archive_list: + - 9.0.5-WS-IHSPLG-FP008.zip + - 9.0.5-WS-WCT-FP008.zip + +ihs_pid: v90_9.0.5008.20210525_1601 +ihs_java_zip_path: Java/IBM/ibm-java-sdk-8.0-6.26-linux-x64-installmgr.zip +ihs_java_pid: com.ibm.java.jdk.v8 diff --git a/roles/websphere/README.md b/roles/websphere/README.md new file mode 100644 index 0000000..ad07821 --- /dev/null +++ b/roles/websphere/README.md @@ -0,0 +1,34 @@ +# websphere + +The `websphere` role will install IBM WebSphere Application Server (ND). + +## Requirements + +IBM Installation Manager (1.9.x) must already be installed in the target environment. + +## Role Variables + +| Property Name | Default value | +| ------------------------ | --------------------------------------------------- | +| `websphere_install_path` | `/opt/IBM/WebSphere/AppServer` | +| `websphere_version` | `9.0.5.8` | +| ------------------------ | --------------------------------------------------- | +| `iim_install_path` | `/opt/IBM/InstallationManager` | +| `profiled_path` | `/opt/profile.d` | + +## Dependencies + +None + +## Example Playbook + +``` +- hosts: servers + roles: + - role: spm_middleware.websphere + websphere_version: 9.0.5.7 +``` + +## License + +MIT diff --git a/roles/websphere/defaults/main.yml b/roles/websphere/defaults/main.yml new file mode 100644 index 0000000..1ce553b --- /dev/null +++ b/roles/websphere/defaults/main.yml @@ -0,0 +1,9 @@ +--- +iim_install_path: /opt/IBM/InstallationManager + +websphere_install_path: /opt/IBM/WebSphere/AppServer + +websphere_version: 9.0.5.8 + +# Common +profiled_path: /opt/profile.d diff --git a/roles/websphere/meta/main.yml b/roles/websphere/meta/main.yml new file mode 100644 index 0000000..2d2fd8c --- /dev/null +++ b/roles/websphere/meta/main.yml @@ -0,0 +1,39 @@ +--- +galaxy_info: + author: SPM Development + description: Installs WebSphere Application Server ND + company: Watson Health SPM + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + license: MIT + + min_ansible_version: 2.9 + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + platforms: + - name: EL + versions: + - 7 + - 8 + + galaxy_tags: + [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: + [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/websphere/tasks/configure.yml b/roles/websphere/tasks/configure.yml new file mode 100644 index 0000000..950b405 --- /dev/null +++ b/roles/websphere/tasks/configure.yml @@ -0,0 +1,7 @@ +--- +- name: Patch JspBatchCompiler + replace: + path: "{{ websphere_install_path }}/bin/JspBatchCompiler.{{ 'bat' if ansible_os_family == 'Windows' else 'sh' }}" + regexp: "-Xmx256m" + replace: "-Xmx1024m" + mode: 0755 diff --git a/roles/websphere/tasks/env.yml b/roles/websphere/tasks/env.yml new file mode 100644 index 0000000..897a253 --- /dev/null +++ b/roles/websphere/tasks/env.yml @@ -0,0 +1,45 @@ +--- +- name: "Create {{ profiled_path }}" + file: + path: "{{ profiled_path }}" + mode: 0755 + state: directory + when: ansible_os_family != "Windows" + +- name: "Create {{ profiled_path }}/websphere.sh" + copy: + dest: "{{ profiled_path }}/websphere.sh" + content: | + #!/bin/bash + WAS_HOME={{ websphere_install_path }} + export WAS_HOME + + JAVA_HOME=$WAS_HOME/{{ websphere_java_home | default('java') }} + export JAVA_HOME + export PATH=$JAVA_HOME/bin:$PATH + + J2EE_JAR=$WAS_HOME/lib/j2ee.jar + export J2EE_JAR + mode: 0755 + when: ansible_os_family != "Windows" + +- name: Create /opt/.profile + copy: + dest: /opt/.profile + content: | + #!/bin/bash + PATH=.:$PATH + + if [ -e {{ profiled_path }} ]; then + if [ "$PS1" ]; then + ls -l {{ profiled_path }}/*.sh + fi + for lizard in {{ profiled_path }}/*.sh ; do + . $lizard + done + fi + + LANG=en_US.ISO-8859-1 + umask 002 + mode: 0755 + when: ansible_os_family != "Windows" diff --git a/roles/websphere/tasks/fixpack_install.yml b/roles/websphere/tasks/fixpack_install.yml new file mode 100644 index 0000000..ce4193c --- /dev/null +++ b/roles/websphere/tasks/fixpack_install.yml @@ -0,0 +1,20 @@ +--- +- name: Create repo directories + file: + path: /tmp/repo + state: directory + +- name: Extract installers + unarchive: + src: "/tmp/repo-zips/{{ item }}" + dest: /tmp/repo + remote_src: yes + loop: "{{ zip_list }}" + +- name: Install package + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: "{{ pack_id }}" + path: "{{ websphere_install_path }}" + repo: /tmp/repo + state: present diff --git a/roles/websphere/tasks/main.yml b/roles/websphere/tasks/main.yml new file mode 100644 index 0000000..ed97576 --- /dev/null +++ b/roles/websphere/tasks/main.yml @@ -0,0 +1,47 @@ +--- +- name: Include version variables + include_vars: "v{{ websphere_version }}.yml" + +- name: Check packages + iim_info: + iim_path: "{{ iim_install_path }}" + product_id: "com.ibm.websphere.ND.{{ websphere_pid }}" + register: iim_info + +- name: Install Base version + include_tasks: "{{ websphere_pid.split('_') | first }}_base_install.yml" + when: not iim_info.base_installed + +- name: Install Fixpack version + include_tasks: fixpack_install.yml + vars: + zip_path: "{{ websphere_fp_path }}" + zip_list: "{{ websphere_fp_archive_list }}" + pack_id: "com.ibm.websphere.ND.{{ websphere_pid }}" + when: not iim_info.exact_installed + +- name: Setup environment variables + include_tasks: env.yml + +- name: Configure WebSphere + include_tasks: configure.yml + +- name: Ensure /opt/Props dir exists + file: + path: /opt/Props + state: directory + +- name: Copy AppServer.properties + template: + dest: /opt/Props/AppServer.properties + src: AppServer.properties.j2 + mode: 0755 + force: no + +- name: Cleanup + file: + path: "{{ item }}" + state: absent + loop: + - /tmp/repo + - /tmp/repo-zips diff --git a/roles/websphere/tasks/v85_base_install.yml b/roles/websphere/tasks/v85_base_install.yml new file mode 100644 index 0000000..c4035b1 --- /dev/null +++ b/roles/websphere/tasks/v85_base_install.yml @@ -0,0 +1,31 @@ +--- +- name: Copy installers + copy: + directory_mode: yes + remote_src: no + src: "/tmp/repo-zips/" + dest: "/tmp/repo-zips/" + +- name: Create WAS repo directory + file: + path: "/tmp/repo" + state: directory + +- name: Extract WAS installers + unarchive: + src: "/tmp/repo-zips/{{ item }}" + dest: /tmp/repo + remote_src: yes + creates: "/tmp/repo/disk{{ (index + 1) | string }}" + loop: "{{ websphere_base_archive_list }}" + loop_control: + index_var: index + +- name: Install WAS + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: com.ibm.websphere.ND.v85 + path: "{{ websphere_install_path }}" + repo: /tmp/repo + state: present + when: "iim_info.packages | select('match', 'com.ibm.websphere.ND.*') | list | length == 0" diff --git a/roles/websphere/tasks/v90_base_install.yml b/roles/websphere/tasks/v90_base_install.yml new file mode 100644 index 0000000..782a9ad --- /dev/null +++ b/roles/websphere/tasks/v90_base_install.yml @@ -0,0 +1,62 @@ +--- +- name: Create temporary directory + file: + path: /tmp/repo-zips/ + recurse: yes + mode: 0755 + state: directory + +- name: Copy installers + copy: + directory_mode: yes + remote_src: no + src: "/tmp/repo-zips/" + dest: "/tmp/repo-zips/" + +- name: Create WAS repo directories + file: + path: "/tmp/repo/{{ index }}" + state: directory + loop: "{{ websphere_base_archive_list }}" + loop_control: + index_var: index + +- name: Create Java repo directory + file: + path: /tmp/repo/java + state: directory + +- name: Extract WAS installers + unarchive: + src: "/tmp/repo-zips/{{ item }}" + dest: "/tmp/repo/{{ index }}" + remote_src: yes + creates: "/tmp/repo/{{ index }}/repository.config" + loop: "{{ websphere_base_archive_list }}" + loop_control: + index_var: index + +- name: Extract Java installer + unarchive: + src: /tmp/repo-zips/java-repo.zip + dest: /tmp/repo/java + remote_src: yes + creates: /tmp/repo/java/repository.config + +- name: Build repo list + set_fact: + repo_list: "{{ repo_list | default(['/tmp/repo/java']) + ['/tmp/repo/' + index|string]}}" + loop: "{{ websphere_base_archive_list }}" + loop_control: + index_var: index + +- name: Install WAS + iim_package: + iim_path: "{{ iim_install_path }}" + product_id: + - com.ibm.websphere.ND.v90 + - com.ibm.java.jdk.v8 + path: "{{ websphere_install_path }}" + repo: "{{ repo_list }}" + state: present + when: "iim_info.packages | select('match', 'com.ibm.websphere.ND.*') | list | length == 0" diff --git a/roles/websphere/templates/AppServer.properties.j2 b/roles/websphere/templates/AppServer.properties.j2 new file mode 100644 index 0000000..d85d6db --- /dev/null +++ b/roles/websphere/templates/AppServer.properties.j2 @@ -0,0 +1,34 @@ +## APPLICATION SERVER PROPERTIES + +## IT IS VERY IMPORTANT TO USE '/' FOR DIRECTORY PATHS. ## + +# Property to indicate whether WLS/SAP or WAS is installed. +as.vendor=IBM + +# The username and password for admin server. +security.username=websphere +# Encrypt the plain-text password using 'build encrypt -Dpassword=' +# Below is the encryption for the default password ("websphere"). +# NOTE: This must be updated after your first login! +security.password=XOVRjjVTebM8gV953LGMLQ== + +# The name of the WebSphere Node or WebLogic Domain Name. +node.name={{ansible_hostname}} + +# The name of the server on which the application will be hosted. +curam.server.name=CuramServer +curam.server.port=2809 + +############################################### +## THE FOLLOWING PROPERTIES ARE FOR WAS ONLY ## +############################################### +# The alias that should be used for the database authorization +curam.db.auth.alias=databaseAlias + +# HTTP Port for the server on which the client +# will be accessed +curam.client.httpport=9044 + +# HTTP Port for the server on which the Web services +# will be accessed +curam.webservices.httpport=9082 diff --git a/roles/websphere/vars/v8.5.5.17.yml b/roles/websphere/vars/v8.5.5.17.yml new file mode 100644 index 0000000..0491e56 --- /dev/null +++ b/roles/websphere/vars/v8.5.5.17.yml @@ -0,0 +1,14 @@ +--- +websphere_pid: v85_8.5.5017.20200205_1450 + +websphere_base_path: WAS/8.5.5ND +websphere_base_archive_list: + - WAS_ND_V8.5.5_1_OF_3.zip + - WAS_ND_V8.5.5_2_OF_3.zip + - WAS_ND_V8.5.5_3_OF_3.zip + +websphere_fp_path: WAS/8.5.5Fixpacks/FP17 +websphere_fp_archive_list: + - 8.5.5-WS-WAS-FP017-part1.zip + - 8.5.5-WS-WAS-FP017-part2.zip + - 8.5.5-WS-WAS-FP017-part3.zip diff --git a/roles/websphere/vars/v9.0.5.3.yml b/roles/websphere/vars/v9.0.5.3.yml new file mode 100644 index 0000000..0736203 --- /dev/null +++ b/roles/websphere/vars/v9.0.5.3.yml @@ -0,0 +1,15 @@ +--- +websphere_pid: v90_9.0.5003.20200226_0941 + +websphere_base_path: WAS/9.0.5ND +websphere_base_archive_list: + - was.repo.90500.nd.zip + +websphere_java_path: Java/IBM +websphere_java_version: 8.0-6.15 +websphere_java_pid: com.ibm.java.jdk.v8 +websphere_java_home: java/8.0 + +websphere_fp_path: WAS/9.0.5Fixpacks +websphere_fp_archive_list: + - 9.0.5-WS-WAS-FP003.zip diff --git a/roles/websphere/vars/v9.0.5.7.yml b/roles/websphere/vars/v9.0.5.7.yml new file mode 100644 index 0000000..0555f85 --- /dev/null +++ b/roles/websphere/vars/v9.0.5.7.yml @@ -0,0 +1,15 @@ +--- +websphere_pid: v90_9.0.5007.20210301_1241 + +websphere_base_path: WAS/9.0.5ND +websphere_base_archive_list: + - was.repo.90500.nd.zip + +websphere_java_path: Java/IBM +websphere_java_version: 8.0-6.26 +websphere_java_pid: com.ibm.java.jdk.v8 +websphere_java_home: java/8.0 + +websphere_fp_path: WAS/9.0.5Fixpacks +websphere_fp_archive_list: + - 9.0.5-WS-WAS-FP007.zip diff --git a/roles/websphere/vars/v9.0.5.8.yml b/roles/websphere/vars/v9.0.5.8.yml new file mode 100644 index 0000000..a37dd54 --- /dev/null +++ b/roles/websphere/vars/v9.0.5.8.yml @@ -0,0 +1,15 @@ +--- +websphere_pid: v90_9.0.5008.20210525_1601 + +websphere_base_path: WAS/9.0.5ND +websphere_base_archive_list: + - was.repo.90500.nd.zip + +websphere_java_path: Java/IBM +websphere_java_version: 8.0-6.26 +websphere_java_pid: com.ibm.java.jdk.v8 +websphere_java_home: java/8.0 + +websphere_fp_path: WAS/9.0.5Fixpacks +websphere_fp_archive_list: + - 9.0.5-WS-WAS-FP008.zip diff --git a/scripts/downloadInstaller.sh b/scripts/downloadInstaller.sh index ff4e0e8..bb834c9 100644 --- a/scripts/downloadInstaller.sh +++ b/scripts/downloadInstaller.sh @@ -24,3 +24,70 @@ if [ "$1" = "iim-191-centos-8" ]; then mkdir -p /tmp/iim/ curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/IIM/agent.installer.linux.gtk.x86_64_1.9.1001.20191112_1525.zip -o /tmp/iim/iim_installer.tar.gz fi + +# Websphere +if [ "$1" = "websphere-v85-centos-7" ]; then + echo "Download IIM installer" + mkdir -p /tmp/iim/ + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/IIM/agent.installer.linux.gtk.x86_64_1.9.1001.20191112_1525.zip -o /tmp/iim/iim_installer.tar.gz + + echo "Download Websphere installer and fixpacks" + # base + mkdir -p /tmp/repo-zips/ + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5ND/WAS_ND_V8.5.5_1_OF_3.zip -o /tmp/repo-zips/WAS_ND_V8.5.5_1_OF_3.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5ND/WAS_ND_V8.5.5_2_OF_3.zip -o /tmp/repo-zips/WAS_ND_V8.5.5_2_OF_3.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5ND/WAS_ND_V8.5.5_3_OF_3.zip -o /tmp/repo-zips/WAS_ND_V8.5.5_3_OF_3.zip + # fixpacks + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5Fixpacks/FP17/8.5.5-WS-WAS-FP017-part1.zip -o /tmp/repo-zips/8.5.5-WS-WAS-FP017-part1.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5Fixpacks/FP17/8.5.5-WS-WAS-FP017-part2.zip -o /tmp/repo-zips/8.5.5-WS-WAS-FP017-part2.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5Fixpacks/FP17/8.5.5-WS-WAS-FP017-part3.zip -o /tmp/repo-zips/8.5.5-WS-WAS-FP017-part3.zip + +elif [ "$1" = "websphere-v90-centos-8" ]; then + echo "Download IIM installer" + mkdir -p /tmp/iim/ + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/IIM/agent.installer.linux.gtk.x86_64_1.9.1001.20191112_1525.zip -o /tmp/iim/iim_installer.tar.gz + + echo "Download Websphere installer and fixpacks" + mkdir -p /tmp/repo-zips/ + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/9.0.5ND/was.repo.90500.nd.zip -o /tmp/repo-zips/was.repo.90500.nd.zip + # java + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/Java/IBM/ibm-java-sdk-8.0-6.26-linux-x64-installmgr.zip -o /tmp/repo-zips/java-repo.zip + # fixpacks + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/9.0.5Fixpacks/9.0.5-WS-WAS-FP008.zip -o /tmp/repo-zips/9.0.5-WS-WAS-FP008.zip + +elif [ "$1" = "ihs-v90-centos-8" ]; then + echo "Download IIM installer" + mkdir -p /tmp/iim/ + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/IIM/agent.installer.linux.gtk.x86_64_1.9.1001.20191112_1525.zip -o /tmp/iim/iim_installer.tar.gz + + echo "Download IHS installer and fixpacks" + mkdir -p /tmp/repo-zips/ + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/9.0.5ND/was.repo.90500.ihs.zip -o /tmp/repo-zips/was.repo.90500.ihs.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/9.0.5ND/was.repo.90500.plugins.zip -o /tmp/repo-zips/was.repo.90500.plugins.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/9.0.5ND/was.repo.90500.wct.zip -o /tmp/repo-zips/was.repo.90500.wct.zip + # java + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/Java/IBM/ibm-java-sdk-8.0-6.26-linux-x64-installmgr.zip -o /tmp/repo-zips/java-repo.zip + + # FP Plugins + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/9.0.5Fixpacks/9.0.5-WS-WCT-FP008.zip -o /tmp/repo-zips/9.0.5-WS-WCT-FP008.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/9.0.5Fixpacks/9.0.5-WS-IHSPLG-FP008.zip -o /tmp/repo-zips/9.0.5-WS-IHSPLG-FP008.zip + + +elif [ "$1" = "ihs-v80-centos-7" ]; then + echo "Download IIM installer" + mkdir -p /tmp/iim/ + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/IIM/agent.installer.linux.gtk.x86_64_1.9.1001.20191112_1525.zip -o /tmp/iim/iim_installer.tar.gz + + echo "Download IHS installer and fixpacks" + mkdir -p /tmp/repo-zips/ + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5ND/WAS_V8.5.5_SUPPL_1_OF_3.zip -o /tmp/repo-zips/WAS_V8.5.5_SUPPL_1_OF_3.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5ND/WAS_V8.5.5_SUPPL_2_OF_3.zip -o /tmp/repo-zips/WAS_V8.5.5_SUPPL_2_OF_3.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5ND/WAS_V8.5.5_SUPPL_3_OF_3.zip -o /tmp/repo-zips/WAS_V8.5.5_SUPPL_3_OF_3.zip + # fixpacks + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5Fixpacks/FP17/8.5.5-WS-WCT-FP017-part1.zip -o /tmp/repo-zips/8.5.5-WS-WCT-FP017-part1.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5Fixpacks/FP17/8.5.5-WS-WCT-FP017-part2.zip -o /tmp/repo-zips/8.5.5-WS-WCT-FP017-part2.zip + + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5Fixpacks/FP17/8.5.5-WS-WASSupplements-FP017-part1.zip -o /tmp/repo-zips/8.5.5-WS-WASSupplements-FP017-part1.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5Fixpacks/FP17/8.5.5-WS-WASSupplements-FP017-part2.zip -o /tmp/repo-zips/8.5.5-WS-WASSupplements-FP017-part2.zip + curl -H "X-JFrog-Art-Api: ${ARTIFACTORY_TOKEN}" -k ${ARTIFACTORY_URL}/${ARTIFACTORY_REPO}/SoftwareInstallers/WAS/8.5.5Fixpacks/FP17/8.5.5-WS-WASSupplements-FP017-part3.zip -o /tmp/repo-zips/8.5.5-WS-WASSupplements-FP017-part3.zip +fi