diff --git a/config.yaml b/config.yaml
index 082e5e5f4463eaa91ce35a61957caf2dd029c03d..83fbfa351bbd75d1a2e0c7d472f74ff16fe1b9d5 100644
--- a/config.yaml
+++ b/config.yaml
@@ -1,6 +1,7 @@
---
iac:
- terraform
+- piacere_monitoring_requirements
- piacere_monitoring
- nginx
...
\ No newline at end of file
diff --git a/piacere_monitoring/ansible.cfg b/piacere_monitoring/ansible.cfg
index 660a5ebcbecd0307307b5c2d2d61083e315c4e45..885456a448024a41c76909e7d9e6b7eb972f2550 100644
--- a/piacere_monitoring/ansible.cfg
+++ b/piacere_monitoring/ansible.cfg
@@ -1,7 +1,5 @@
# https://docs.ansible.com/ansible/latest/reference_appendices/config.html
[defaults]
host_key_checking = False
-inventory = {{CWD}}/hosts.yaml ; This points to the file that lists your hosts
-remote_user = esilab
deprecation_warnings=False ; to remove the python version depretation warning
display_skipped_hosts = no
\ No newline at end of file
diff --git a/piacere_monitoring/config.yaml b/piacere_monitoring/config.yaml
index 8b7284e426fba96d8fffd9d11e5d153b09edf120..a62bdc610c005dab45b1aaa18c0288fdae7ab4ac 100644
--- a/piacere_monitoring/config.yaml
+++ b/piacere_monitoring/config.yaml
@@ -3,6 +3,7 @@
input:
- instance_ip_vm1
- instance_server_private_key_user1
+ - DEPLOYMENT_ID
output: []
engine: ansible
...
diff --git a/piacere_monitoring/hosts.yaml b/piacere_monitoring/hosts.yaml
deleted file mode 100644
index b9cbfc6d1be7e249a1f6813793dd228083d669fe..0000000000000000000000000000000000000000
--- a/piacere_monitoring/hosts.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-all:
- hosts:
- localhost:
- ansible_connection: local
diff --git a/piacere_monitoring/install_playbook_requirements.sh b/piacere_monitoring/install_playbook_requirements.sh
deleted file mode 100644
index 843bf3b6e0c4dfb6d6157ae22687cd7585ef3a02..0000000000000000000000000000000000000000
--- a/piacere_monitoring/install_playbook_requirements.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/bash
-set -e
-
-SCRIPT_DIR=$(dirname "$0")
-
-# to avoid the being run in a world writable directory we explicitly assign the ANSIBLE_CONFIG variable
-if [[ -f ./ansible.cfg ]]
-then
- export ANSIBLE_CONFIG=./ansible.cfg
-else
- if [[ -f $SCRIPT_DIR/ansible.cfg ]]
- then
- export ANSIBLE_CONFIG=$SCRIPT_DIR/ansible.cfg
- fi
-fi
-
-if [[ -z "$ANSIBLE_CONFIG" ]]
-then
- echo ANSIBLE_CONFIG to assigned using default https://docs.ansible.com/ansible/latest/reference_appendices/config.html
-else
- echo ANSIBLE_CONFIG=$ANSIBLE_CONFIG
-fi
-
-if [[ -z "$1" ]]
-then
- # echo without params
- echo ansible-playbook $SCRIPT_DIR/site_requirements.yaml
- ansible-playbook $SCRIPT_DIR/site_requirements.yaml
-else
- # echo with params
- echo ansible-playbook $SCRIPT_DIR/site_requirements.yaml --extra-vars "$1"
- ansible-playbook $SCRIPT_DIR/site_requirements.yaml --extra-vars "$1"
-fi
diff --git a/piacere_monitoring/main.yml b/piacere_monitoring/main.yml
index a0edc4f654d2f8dc8fbe03d7b0f58ea1fa46a1c1..9e047c50949e49e28371af5875f5383f6131fc5e 100644
--- a/piacere_monitoring/main.yml
+++ b/piacere_monitoring/main.yml
@@ -1,21 +1,29 @@
----
-- hosts: localhost
- tasks:
- - name: print disclamer
- debug:
- msg: this can also be done with "ansible-galaxy install -r requirements"
- - name: install telegraf from galaxy
- community.general.ansible_galaxy_install:
- type: role
- requirements_file: ansible_requirements.yml
-
- hosts: all
pre_tasks:
+ - name: Check parameters
+ fail:
+ msg: 'variable {{item}} empty'
+ when: item | length == 0
+ with_items:
+ - "{{ pma_deployment_id }}"
+ - "{{ pma_influxdb_bucket }}"
+ - "{{ pma_influxdb_token }}"
+ - "{{ pma_influxdb_org }}"
+ - "{{ pma_influxdb_addr }}"
+ - name: Print parameters
+ debug:
+ msg:
+ - "pma_deployment_id: {{ pma_deployment_id }}"
+ - "pma_influxdb_bucket: {{ pma_influxdb_bucket }}"
+ - "pma_influxdb_token: {{ pma_influxdb_token }}"
+ - "pma_influxdb_org: {{ pma_influxdb_org }}"
+ - "pma_influxdb_addr: {{ pma_influxdb_addr | length }}"
- name: Ensure gnupg package
package:
name: gnupg
state: present
become: true
+
vars_files:
- vars/main.yaml
roles:
diff --git a/piacere_monitoring/run-playbook.sh b/piacere_monitoring/run-playbook.sh
deleted file mode 100644
index f2bba22bc6dcae68d78545cc6b130677bc5083ef..0000000000000000000000000000000000000000
--- a/piacere_monitoring/run-playbook.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/bash
-set -e
-
-SCRIPT_DIR=$(dirname "$0")
-
-# to avoid the being run in a world writable directory we explicitly assign the ANSIBLE_CONFIG variable
-if [[ -f ./ansible.cfg ]]
-then
- export ANSIBLE_CONFIG=./ansible.cfg
-else
- if [[ -f $SCRIPT_DIR/ansible.cfg ]]
- then
- export ANSIBLE_CONFIG=$SCRIPT_DIR/ansible.cfg
- fi
-fi
-
-if [[ -z "$ANSIBLE_CONFIG" ]]
-then
- echo ANSIBLE_CONFIG to assigned using default https://docs.ansible.com/ansible/latest/reference_appendices/config.html
-else
- echo ANSIBLE_CONFIG=$ANSIBLE_CONFIG
-fi
-
-if [[ -z "$1" ]]
-then
- # echo without params
- echo ansible-playbook $SCRIPT_DIR/site.yaml
- ansible-playbook $SCRIPT_DIR/site.yaml
-else
- # echo with params
- echo ansible-playbook $SCRIPT_DIR/site.yaml --extra-vars "$1"
- ansible-playbook $SCRIPT_DIR/site.yaml --extra-vars "$1"
-fi
diff --git a/piacere_monitoring/site.yaml b/piacere_monitoring/site.yaml
deleted file mode 100644
index 531dbf50d5ca852802196de7eafe0c238b9beb85..0000000000000000000000000000000000000000
--- a/piacere_monitoring/site.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-- hosts: all
- pre_tasks:
- - name: Check parameters
- fail:
- msg: 'variable {{item}} not defined'
- when: item is not defined
- with_items:
- - pma_deployment_id
- - pma_influxdb_bucket
- - pma_influxdb_token
- - pma_influxdb_org
- - pma_influxdb_addr
- - name: Print parameters
- debug:
- msg:
- - "pma_deployment_id: {{ pma_deployment_id }}"
- - "pma_influxdb_bucket: {{ pma_influxdb_bucket }}"
- - "pma_influxdb_token: {{ pma_influxdb_token }}"
- - "pma_influxdb_org: {{ pma_influxdb_org }}"
- - "pma_influxdb_addr: {{ pma_influxdb_addr }}"
- - name: Ensure gnupg package
- package:
- name: gnupg
- state: present
- become: true
-
- vars_files:
- - vars/main.yaml
- roles:
- - dj-wasabi.telegraf
diff --git a/piacere_monitoring/vars/main.yaml b/piacere_monitoring/vars/main.yaml
index 861faf3e8413d8a708702083d34c7ecd6f9a1fb1..82a13779b3fe5172fec598227652ac217a3583e5 100644
--- a/piacere_monitoring/vars/main.yaml
+++ b/piacere_monitoring/vars/main.yaml
@@ -1,8 +1,8 @@
-pma_deployment_id: "123e4567-e89b-12d3-a456-426614174002"
-pma_influxdb_bucket: "bucket"
-pma_influxdb_token: "piacerePassword"
-pma_influxdb_org: "piacere"
-pma_influxdb_addr: "https://influxdb.pm.ci.piacere.digital.tecnalia.dev"
+pma_deployment_id: "{{ lookup('env', 'DEPLOYMENT_ID' ) }}"
+pma_influxdb_bucket: "{{ lookup('env', 'INFLUXDB_BUCKET' ) }}"
+pma_influxdb_token: "{{ lookup('env', 'INFLUXDB_TOKEN' ) }}"
+pma_influxdb_org: "{{ lookup('env', 'INFLUXDB_ORG' ) }}"
+pma_influxdb_addr: "{{ lookup('env', 'INFLUXDB_ADDR' ) }}"
telegraf_agent_package_state: latest
diff --git a/piacere_monitoring_requirements/ansible.cfg b/piacere_monitoring_requirements/ansible.cfg
new file mode 100644
index 0000000000000000000000000000000000000000..885456a448024a41c76909e7d9e6b7eb972f2550
--- /dev/null
+++ b/piacere_monitoring_requirements/ansible.cfg
@@ -0,0 +1,5 @@
+# https://docs.ansible.com/ansible/latest/reference_appendices/config.html
+[defaults]
+host_key_checking = False
+deprecation_warnings=False ; to remove the python version depretation warning
+display_skipped_hosts = no
\ No newline at end of file
diff --git a/piacere_monitoring/ansible_requirements.yml b/piacere_monitoring_requirements/ansible_requirements.yml
similarity index 100%
rename from piacere_monitoring/ansible_requirements.yml
rename to piacere_monitoring_requirements/ansible_requirements.yml
diff --git a/piacere_monitoring_requirements/config.yaml b/piacere_monitoring_requirements/config.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..8ddae8c719b4485a650b1686773214608e92ab66
--- /dev/null
+++ b/piacere_monitoring_requirements/config.yaml
@@ -0,0 +1,6 @@
+
+---
+input: []
+output: []
+engine: ansible
+...
diff --git a/piacere_monitoring_requirements/inventory.j2 b/piacere_monitoring_requirements/inventory.j2
new file mode 100644
index 0000000000000000000000000000000000000000..05614f63f4308c6f6753e0ee14febd9a41497bbb
--- /dev/null
+++ b/piacere_monitoring_requirements/inventory.j2
@@ -0,0 +1 @@
+localhost ansible_connection=local
\ No newline at end of file
diff --git a/piacere_monitoring_requirements/main.yml b/piacere_monitoring_requirements/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..734e9e982ab1a6a619f37d64089b72c2a0631b31
--- /dev/null
+++ b/piacere_monitoring_requirements/main.yml
@@ -0,0 +1,11 @@
+- name: "Intalling requirements"
+ hosts: localhost
+ connection: local
+ tasks:
+ - name: print disclamer
+ debug:
+ msg: this can also be done with "ansible-galaxy install -r requirements"
+ - name: install telegraf from galaxy
+ community.general.ansible_galaxy_install:
+ type: role
+ requirements_file: ansible_requirements.yml
diff --git a/piacere_monitoring_requirements/ssh_key.j2 b/piacere_monitoring_requirements/ssh_key.j2
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/terraform/main.tf b/terraform/main.tf
index 53dc25324685ff841d8f5dca3e891e5d2cea8ccb..6eeddfb2c8bdfc8ee99bbe0e451938d90d30a7f3 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -67,11 +67,7 @@ resource "openstack_networking_port_v2" "net1" {
network_id = openstack_networking_network_v2.net1.id
admin_state_up = true
security_group_ids = [
- openstack_compute_secgroup_v2.icmp.id,
- openstack_compute_secgroup_v2.http.id,
- openstack_compute_secgroup_v2.https.id,
- openstack_compute_secgroup_v2.ssh.id,
-
+ openstack_compute_secgroup_v2.nginx.id,
]
fixed_ip {
subnet_id = openstack_networking_subnet_v2.net1_subnet.id
@@ -89,54 +85,43 @@ resource "openstack_networking_router_interface_v2" "net1_router_interface" {
subnet_id = openstack_networking_subnet_v2.net1_subnet.id
}
-
+# generate random string
+resource "random_string" "key_pair_user_name" {
+ length = 16
+ special = false
+ upper = false
+ numeric = false
+}
# Create ssh keys
resource "openstack_compute_keypair_v2" "user1" {
- name = "user1"
+ name = random_string.key_pair_user_name.result
# public_key = "user1"
}
-
-
# CREATING SECURITY_GROUP
-resource "openstack_compute_secgroup_v2" "icmp" {
- name = "icmp"
- description = "Security group rule for port -1"
+resource "openstack_compute_secgroup_v2" "nginx" {
+ name = "nginx"
+ description = "Security group rule for nginx"
rule {
from_port = -1
to_port = -1
ip_protocol = "icmp"
cidr = "0.0.0.0/0"
}
-}
-
-resource "openstack_compute_secgroup_v2" "http" {
- name = "http"
- description = "Security group rule for port 80"
rule {
from_port = 80
to_port = 80
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
-}
-
-resource "openstack_compute_secgroup_v2" "https" {
- name = "https"
- description = "Security group rule for port 443"
rule {
from_port = 443
to_port = 443
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
-}
-
-resource "openstack_compute_secgroup_v2" "ssh" {
- name = "ssh"
- description = "Security group rule for port 22"
rule {
from_port = 22
to_port = 22