From 61a2643ec144e2b93d077da83b3866bf9ca10fb9 Mon Sep 17 00:00:00 2001 From: Wolfgang Kulhanek Date: Tue, 19 Dec 2023 12:10:04 +0100 Subject: [PATCH] Install more tools. Add motd capability (#7536) Co-authored-by: Wolfgang Kulhanek --- .../default_vars.yml | 23 +++++++-- .../install_helm.yml | 32 +++++++++++++ .../post_infra.yml | 6 +-- .../post_software.yml | 4 +- .../pre_infra.yml | 6 +-- .../pre_software.yml | 26 ++++++++-- .../requirements.yml | 4 +- .../software.yml | 48 ++++++------------- 8 files changed, 97 insertions(+), 52 deletions(-) create mode 100644 ansible/configs/open-environment-azure-subscription/install_helm.yml diff --git a/ansible/configs/open-environment-azure-subscription/default_vars.yml b/ansible/configs/open-environment-azure-subscription/default_vars.yml index d09cca5837b..b4a6f19cc54 100644 --- a/ansible/configs/open-environment-azure-subscription/default_vars.yml +++ b/ansible/configs/open-environment-azure-subscription/default_vars.yml @@ -16,6 +16,9 @@ az_aro_version: 4.11.26 # For OC client ocp4_installer_root_url: https://mirror.openshift.com/pub/openshift-v4/clients +# OpenShift client install root URL +ocp4_tools_root_url: "{{ ocp4_installer_root_url }}" + # Set to true if you have azcollection > v1.13.0 (2022-05-27) install_aro_with_azcollection: false @@ -72,8 +75,15 @@ HostedZoneId: "{{ azure_root_dns_zone }}" azure_dns_resource_group: rhpds-dns-handler # bastion install stuff -remote_user: azure -ansible_user: azure +bastion_user_name: azure +remote_user: "{{ bastion_user_name }}" +ansible_user: "{{ bastion_user_name }}" + +# Remove motd (register for insights) prompt from bastion +bastion_remove_insights_motd: false + +# Add a custom motd to the bastion. Only set when specified +# bastion_custom_motd: Welcome to the Red Hat ARO Workshop! repo_method: satellite update_packages: true @@ -82,6 +92,12 @@ common_packages_el9: - python39 - git +# Extra packages to install. Override in AgV +common_extra_packages: {} + +# Install helm on the bastion +aro_install_helm: false + rhel_vm_size: Standard_DS1_v2 # Enable RHEL Gold Image @@ -125,10 +141,11 @@ showroom_deploy_shared_cluster_enable: false # showroom_user_password: "" # showroom_user_password_length: 16 -# User to log into Showroom (rosa) +# User to log into Showroom (azure) showroom_ssh_username: "{{ bastion_user_name }}" showroom_default_ssh_user: "{{ bastion_user_name }}" showroom_ssh_method: sshkey # password | sshkey showroom_ssh_key_type: ed25519 # ed25519 | rsa # For method = password provide a password # showroom_ssh_password: "{{ _showroom_user_password }}" +showroom_host: "bastion.{{ guid }}.{{ cluster_dns_zone }}" diff --git a/ansible/configs/open-environment-azure-subscription/install_helm.yml b/ansible/configs/open-environment-azure-subscription/install_helm.yml new file mode 100644 index 00000000000..9a1a54f1655 --- /dev/null +++ b/ansible/configs/open-environment-azure-subscription/install_helm.yml @@ -0,0 +1,32 @@ +--- +- name: Set URL for helm + ansible.builtin.set_fact: + helm_url: >- + {{ '{0}/helm/latest/helm-linux-amd64.tar.gz'.format(ocp4_tools_root_url ) }} + +- name: Install Helm as root + become: true + block: + - name: Install helm command + ansible.builtin.unarchive: + src: "{{ helm_url }}" + remote_src: true + dest: /usr/local/bin + mode: "0775" + owner: root + group: root + retries: 10 + register: r_client + until: r_client is success + delay: 30 + + - name: Link downloaded helm command to helm + ansible.builtin.file: + src: /usr/local/bin/helm-linux-amd64 + dest: /usr/local/bin/helm + owner: root + group: root + state: link + + - name: Create Helm Bash completion file + ansible.builtin.shell: /usr/local/bin/helm completion bash >/etc/bash_completion.d/helm diff --git a/ansible/configs/open-environment-azure-subscription/post_infra.yml b/ansible/configs/open-environment-azure-subscription/post_infra.yml index ac714890d95..7cb64251a2f 100644 --- a/ansible/configs/open-environment-azure-subscription/post_infra.yml +++ b/ansible/configs/open-environment-azure-subscription/post_infra.yml @@ -1,12 +1,12 @@ --- -- name: Step 003 Post Infrastructure +- name: Step 002 Post Infrastructure hosts: localhost connection: local become: false gather_facts: false tags: - - step003 + - step002 - post_infrastructure tasks: - ansible.builtin.debug: - msg: "Step 003 Post Infrastructure - Dummy action" + msg: "Step 002 Post Infrastructure - Dummy action" diff --git a/ansible/configs/open-environment-azure-subscription/post_software.yml b/ansible/configs/open-environment-azure-subscription/post_software.yml index 3512b676eb2..ccd745740bf 100644 --- a/ansible/configs/open-environment-azure-subscription/post_software.yml +++ b/ansible/configs/open-environment-azure-subscription/post_software.yml @@ -1,10 +1,10 @@ --- -- name: Step 006 Post Software +- name: Step 005 Post Software hosts: localhost connection: local become: false tags: - - step006 + - step005 - post_software tasks: - ansible.builtin.debug: diff --git a/ansible/configs/open-environment-azure-subscription/pre_infra.yml b/ansible/configs/open-environment-azure-subscription/pre_infra.yml index e6986aaadf7..c450b1b7e15 100644 --- a/ansible/configs/open-environment-azure-subscription/pre_infra.yml +++ b/ansible/configs/open-environment-azure-subscription/pre_infra.yml @@ -1,15 +1,15 @@ --- -- name: Step 001 Pre Infrastructure +- name: Step 000 Pre Infrastructure hosts: localhost connection: local become: false gather_facts: false tags: - - step001 + - step000 - pre_infrastructure tasks: - ansible.builtin.debug: - msg: "Step 001 Pre Infrastructure" + msg: "Step 000 Pre Infrastructure" - name: Add the Azure user to the Subscription hosts: localhost diff --git a/ansible/configs/open-environment-azure-subscription/pre_software.yml b/ansible/configs/open-environment-azure-subscription/pre_software.yml index db79c4326c3..bcbd358e2fa 100644 --- a/ansible/configs/open-environment-azure-subscription/pre_software.yml +++ b/ansible/configs/open-environment-azure-subscription/pre_software.yml @@ -1,5 +1,5 @@ --- -- name: Step 004 pre-software +- name: Step 003 pre-software hosts: localhost gather_facts: false become: false @@ -13,7 +13,7 @@ become: true gather_facts: false tags: - - step004 + - step003 roles: - role: set-repositories when: repo_method is defined @@ -95,13 +95,29 @@ regexp: "^export GUID" line: "export GUID={{ guid }}" -- name: Software flight-check + - name: Remove register for insights motd + when: bastion_remove_insights_motd | bool + ansible.builtin.file: + state: absent + path: /etc/motd.d/insights-client + + - name: Add a custom motd to the bastion + when: bastion_custom_motd | default("") | length > 0 + ansible.builtin.copy: + dest: /etc/motd.d/agnosticd + owner: root + group: root + mode: "o=rw,g=rw,o=r" + content: "{{ bastion_custom_motd }}" + +- name: PreSoftware flight-check hosts: localhost connection: local gather_facts: false become: false tags: - - post_flight_check + - flight_check tasks: - - ansible.builtin.debug: + - name: Print pre-software checks message + ansible.builtin.debug: msg: "Pre-Software checks completed successfully" diff --git a/ansible/configs/open-environment-azure-subscription/requirements.yml b/ansible/configs/open-environment-azure-subscription/requirements.yml index b8ad193b7da..63368a0a1e1 100644 --- a/ansible/configs/open-environment-azure-subscription/requirements.yml +++ b/ansible/configs/open-environment-azure-subscription/requirements.yml @@ -1,9 +1,9 @@ --- collections: - name: ansible.posix - version: 1.5.1 + version: 1.5.4 - name: community.general - version: 6.4.0 + version: 7.2.1 - name: kubernetes.core version: 2.4.0 - name: azure.azcollection diff --git a/ansible/configs/open-environment-azure-subscription/software.yml b/ansible/configs/open-environment-azure-subscription/software.yml index e45c77059e3..5e4f431f6eb 100644 --- a/ansible/configs/open-environment-azure-subscription/software.yml +++ b/ansible/configs/open-environment-azure-subscription/software.yml @@ -1,5 +1,5 @@ --- -- name: Step 005 software +- name: Step 004 software hosts: localhost gather_facts: false become: false @@ -13,15 +13,19 @@ become: false tasks: - name: Install ARO - when: ( install_aro | default(false) | bool ) + when: install_aro | default(false) | bool ansible.builtin.include_role: name: open-env-azure-install-aro -- name: Install OC client and helm +- name: Install CLI tools on bastion hosts: bastions become: true gather_facts: false tasks: + - name: Install Helm + when: aro_install_helm | default(false) | bool + ansible.builtin.include_tasks: install_helm.yml + - name: Install OC client when: install_aro | default(false) | bool block: @@ -33,38 +37,13 @@ az_aro_version ) }} - - name: Ensure ocp4_client_url is set - ansible.builtin.assert: - that: ocp4_client_url | default('') | length > 0 - - name: Install OpenShift CLI become: true ansible.builtin.unarchive: src: "{{ ocp4_client_url }}" remote_src: true dest: /usr/bin - mode: "0775" - owner: root - group: root - retries: 10 - register: r_client - until: r_client is success - delay: 30 - - - name: Set URL for helm - ansible.builtin.set_fact: - helm_url: >- - {{ '{0}/helm/latest/helm-linux-amd64.tar.gz'.format( - ocp4_installer_root_url | default("https://mirror.openshift.com/pub/openshift-v4/clients") - ) }} - - - name: Install helm command - become: true - ansible.builtin.unarchive: - src: "{{ helm_url }}" - remote_src: true - dest: /usr/bin - mode: "0775" + mode: "u=rwx,g=rwx,o=rx" owner: root group: root retries: 10 @@ -79,14 +58,15 @@ gather_facts: false tasks: - name: Login with azure admin service principal - when: env_type == 'open-environment-azure-subscription' ansible.builtin.command: >- - az login --service-principal -u "{{ hostvars.localhost.azapp.applications[0].app_id }}" - -p="{{ hostvars.localhost.azpass }}" --tenant="{{ azure_tenant }}" + az login --service-principal + -u "{{ hostvars.localhost.azapp.applications[0].app_id }}" + -p="{{ hostvars.localhost.azpass }}" + --tenant="{{ azure_tenant }}" no_log: true - - name: Install OC client - when: ( install_aro | default(false) | bool ) + - name: Create kubeconfig + when: install_aro | default(false) | bool block: - name: Run kubeconfig task vars: