Add files

a71fe943 · Radosław Piliszek · 1181b9e0 · a71fe943 · a71fe943 · a71fe943
Commit a71fe943 authored 2 years ago by Radosław Piliszek
--- a/ansible/config.yaml
+++ b/ansible/config.yaml
+---
+input:
+  - instance_ip
+  - instance_server_public_key
+output: []
+engine: ansible
+...
--- a/ansible/inventory.j2
+++ b/ansible/inventory.j2
+[vms]
+{{ instance_ip }}
+[vms:vars]
+ansible_connection=ssh
+ansible_user=ubuntu   #vm user variable potentialy
+ansible_ssh_private_key_file=ssh_key
\ No newline at end of file
--- a/ansible/main.yml
+++ b/ansible/main.yml
+---
+- hosts: all
+  gather_facts: no
+  become: yes
+  vars:
+    ansible_ssh_private_key_file: "{{instance_server_public_key}}"
+    ansible_ssh_user: "ubuntu"
+  tasks:
+    - name: Update repositories
+      apt:
+        update_cache: yes
+    - name: Install nginx
+      package:
+        name: nginx
+    - name: Start nginx
+      service:
+        name: nginx
+        enabled: yes
+        state: started
+    - name: Set attributes
+      set_stats:
+        data:
+          site_config_dir: /etc/nginx/conf.d
+    - name: Install sample site
+      copy:
+        dest: ""
+        content: |
+          <!doctype html>
+          <html lang="en">
+          <head>
+            <title>Hello World!</title>
+          </head>
+          <body>
+            <h1>Sample web page</h1>
+            <p>With little content ;)</p>
+          </body>
+          </html>
+      with_items:
+        - /var/www/html/index.html
+        - /usr/share/nginx/html/index.html
\ No newline at end of file
--- a/ansible/ssh_key.j2
+++ b/ansible/ssh_key.j2
+{{ instance_server_public_key }}
\ No newline at end of file
--- a/config.yaml
+++ b/config.yaml
+---
+iac:
+  - terraform
+  - monitoring
+  - ansible
+...
\ No newline at end of file
--- a/monitoring/ansible.cfg
+++ b/monitoring/ansible.cfg
+# https://docs.ansible.com/ansible/latest/reference_appendices/config.html
+[defaults]
+host_key_checking = False
+inventory = {{CWD}}/hosts.yaml  ; This points to the file that lists your hosts
+remote_user = esilab
+deprecation_warnings=False ; to remove the python version depretation warning
+display_skipped_hosts = no 
\ No newline at end of file
--- a/monitoring/ansible_requirements.yml
+++ b/monitoring/ansible_requirements.yml
+roles:
+#  - name: dj-wasabi.telegraf
+#    version: 0.13.2
+#    source: https://galaxy.ansible.com
+  - name: dj-wasabi.telegraf
+    src: https://github.com/dj-wasabi/ansible-telegraf.git
+    scm: git
+    version: 0.13.2
--- a/monitoring/config.yaml
+++ b/monitoring/config.yaml
+---
+input:
+  - instance_ip
+  - instance_server_public_key
+output: []
+engine: ansible
+...
--- a/monitoring/hosts.yaml
+++ b/monitoring/hosts.yaml
+all:
+  hosts:
+    localhost:
+      ansible_connection: local
--- a/monitoring/install_playbook_requirements.sh
+++ b/monitoring/install_playbook_requirements.sh
+#!/bin/bash
+set -e
+SCRIPT_DIR=$(dirname "$0")
+# to avoid the being run in a world writable directory we explicitly assign the ANSIBLE_CONFIG variable 
+if [[ -f ./ansible.cfg ]]
+then
+    export ANSIBLE_CONFIG=./ansible.cfg
+else 
+    if [[ -f $SCRIPT_DIR/ansible.cfg ]]
+    then
+        export ANSIBLE_CONFIG=$SCRIPT_DIR/ansible.cfg
+    fi
+fi
+if [[ -z "$ANSIBLE_CONFIG" ]]
+then 
+    echo ANSIBLE_CONFIG to assigned using default https://docs.ansible.com/ansible/latest/reference_appendices/config.html
+else 
+    echo ANSIBLE_CONFIG=$ANSIBLE_CONFIG
+fi
+if [[ -z "$1" ]]
+then 
+    # echo without params 
+    echo ansible-playbook $SCRIPT_DIR/site_requirements.yaml
+    ansible-playbook $SCRIPT_DIR/site_requirements.yaml
+else 
+    # echo with params
+    echo ansible-playbook $SCRIPT_DIR/site_requirements.yaml --extra-vars "$1"
+    ansible-playbook $SCRIPT_DIR/site_requirements.yaml --extra-vars "$1"
+fi
--- a/monitoring/inventory.j2
+++ b/monitoring/inventory.j2
+[vms]
+{{ instance_ip }}
+[vms:vars]
+ansible_connection=ssh
+ansible_user=ubuntu   #vm user variable potentialy
+ansible_ssh_private_key_file=ssh_key
\ No newline at end of file
--- a/monitoring/main.yml
+++ b/monitoring/main.yml
+---
+- hosts: localhost
+  tasks:
+    - name: print disclamer
+      debug:
+        msg: this can also be done with "ansible-galaxy install -r requirements"
+    - name: install telegraf from galaxy
+      community.general.ansible_galaxy_install:
+        type: role
+        requirements_file: ansible_requirements.yml
+- hosts: all
+  pre_tasks:
+    - name: Ensure gnupg package
+      package:
+        name: gnupg
+        state: present
+      become: true
+  vars_files:
+    - vars/main.yaml
+  roles:
+    - dj-wasabi.telegraf
\ No newline at end of file
--- a/monitoring/run-playbook.sh
+++ b/monitoring/run-playbook.sh
+#!/bin/bash
+set -e
+SCRIPT_DIR=$(dirname "$0")
+# to avoid the being run in a world writable directory we explicitly assign the ANSIBLE_CONFIG variable 
+if [[ -f ./ansible.cfg ]]
+then
+    export ANSIBLE_CONFIG=./ansible.cfg
+else 
+    if [[ -f $SCRIPT_DIR/ansible.cfg ]]
+    then
+        export ANSIBLE_CONFIG=$SCRIPT_DIR/ansible.cfg
+    fi
+fi
+if [[ -z "$ANSIBLE_CONFIG" ]]
+then 
+    echo ANSIBLE_CONFIG to assigned using default https://docs.ansible.com/ansible/latest/reference_appendices/config.html
+else 
+    echo ANSIBLE_CONFIG=$ANSIBLE_CONFIG
+fi
+if [[ -z "$1" ]]
+then 
+    # echo without params 
+    echo ansible-playbook $SCRIPT_DIR/site.yaml
+    ansible-playbook $SCRIPT_DIR/site.yaml
+else 
+    # echo with params
+    echo ansible-playbook $SCRIPT_DIR/site.yaml --extra-vars "$1"
+    ansible-playbook $SCRIPT_DIR/site.yaml --extra-vars "$1"
+fi
--- a/monitoring/site.yaml
+++ b/monitoring/site.yaml
+- hosts: all
+  pre_tasks:
+    - name: Check parameters
+      fail:
+        msg: 'variable {{item}} not defined'
+      when: item is not defined
+      with_items:
+        - pma_deployment_id
+        - pma_influxdb_bucket
+        - pma_influxdb_token
+        - pma_influxdb_org
+        - pma_influxdb_addr
+    - name: Print parameters
+      debug:
+        msg: 
+          - "pma_deployment_id: {{ pma_deployment_id }}"
+          - "pma_influxdb_bucket: {{ pma_influxdb_bucket }}"
+          - "pma_influxdb_token: {{ pma_influxdb_token }}"
+          - "pma_influxdb_org: {{ pma_influxdb_org }}"
+          - "pma_influxdb_addr: {{ pma_influxdb_addr }}"
+    - name: Ensure gnupg package
+      package:
+        name: gnupg
+        state: present
+      become: true
+  vars_files:
+    - vars/main.yaml
+  roles:
+    - dj-wasabi.telegraf
--- a/monitoring/site_requirements.yaml
+++ b/monitoring/site_requirements.yaml
+- hosts: localhost
+  tasks:
+    - name: print disclamer
+      debug:
+        msg: this can also be done with "ansible-galaxy install -r requirements"
+    - name: install telegraf from galaxy
+      community.general.ansible_galaxy_install:
+        type: role
+        requirements_file: ansible_requirements.yml
--- a/monitoring/ssh_key.j2
+++ b/monitoring/ssh_key.j2
+{{ instance_server_public_key }}
\ No newline at end of file
--- a/monitoring/vars/main.yaml
+++ b/monitoring/vars/main.yaml
+pma_deployment_id: "123e4567-e89b-12d3-a456-426614174002"
+pma_influxdb_bucket: "bucket"
+pma_influxdb_token: "piacerePassword"
+pma_influxdb_org: "piacere"
+pma_influxdb_addr: "https://influxdb.pm.ci.piacere.digital.tecnalia.dev"
+telegraf_agent_package_state: latest
+telegraf_agent_output:
+  - type: influxdb_v2
+    config:
+      - urls = ["{{ pma_influxdb_addr }}"]
+      - token = "{{ pma_influxdb_token }}"
+      - organization = "{{ pma_influxdb_org }}"
+      - bucket = "{{ pma_influxdb_bucket }}"
+      - insecure_skip_verify = true
+telegraf_global_tags:
+  - tag_name: deployment_id
+    tag_value: "{{ pma_deployment_id }}"
+telegraf_plugins_default:
+  - plugin: cpu
+  - plugin: mem
+  - plugin: processes
+  - plugin: disk
+  - plugin: net
\ No newline at end of file
--- a/terraform/config.yaml
+++ b/terraform/config.yaml
+---
+engine: terraform
+input: []
+output:
+  - instance_server_public_key
+  - instance_server_private_key
+  - instance_ip
+...
--- a/terraform/main.tf
+++ b/terraform/main.tf
+terraform {
+required_version = ">= 0.14.0"
+  required_providers {
+    openstack = {
+      source  = "terraform-provider-openstack/openstack"
+      version = "~> 1.35.0"
+    }
+  }
+}
+# Configure the OpenStack Provider
+provider "openstack" {
+  insecure    = true
+}
+# Retrieve data
+data "openstack_networking_network_v2" "external" {
+  name = "external"
+}
+data "openstack_identity_project_v3" "test_tenant" {
+  name = "admin"
+}
+data "openstack_networking_secgroup_v2" "default" {
+  name = "default"
+  tenant_id = data.openstack_identity_project_v3.test_tenant.id
+}
+# Create virtual machine
+resource "openstack_compute_instance_v2" "nginx" {
+  name        = "nginx-host"
+  image_name  = "ubuntu-18.04"
+  flavor_name = "m1.tiny"
+  key_pair    = openstack_compute_keypair_v2.user_key.name
+  network {
+    port = openstack_networking_port_v2.nginx.id
+  }
+}
+# Create ssh keys
+resource "openstack_compute_keypair_v2" "user_key" {
+  name       = "user1"
+}
+# Create floating ip
+resource "openstack_networking_floatingip_v2" "nginx" {
+  pool = "external"
+}
+# Attach floating ip to instance
+resource "openstack_compute_floatingip_associate_v2" "nginx" {
+  floating_ip = openstack_networking_floatingip_v2.nginx.address
+  instance_id = openstack_compute_instance_v2.nginx.id
+}
+## Network
+# Create Network
+resource "openstack_networking_network_v2" "generic" {
+  name = " "
+}
+# Create Subnet
+resource "openstack_networking_subnet_v2" "nginx" {
+  name            = "subnet-nginx"
+  network_id      = openstack_networking_network_v2.generic.id
+  cidr            = "16.0.0.0/24"
+  dns_nameservers = ["8.8.8.8", "8.8.8.4"]
+}
+# Attach networking port
+resource "openstack_networking_port_v2" "nginx" {
+  name           = "nginx"
+  network_id     = openstack_networking_network_v2.generic.id
+  admin_state_up = true
+  security_group_ids = [
+    data.openstack_networking_secgroup_v2.default.id        #default flavour id
+  ]
+  fixed_ip {
+    subnet_id = openstack_networking_subnet_v2.nginx.id
+  }
+}
+# Router creation. UUID external gateway
+resource "openstack_networking_router_v2" "generic" {
+  name                = "router-generic"
+  external_network_id = data.openstack_networking_network_v2.external.id    #External network id
+}
+# Router interface configuration
+resource "openstack_networking_router_interface_v2" "nginx" {
+  router_id = openstack_networking_router_v2.generic.id
+  subnet_id = openstack_networking_subnet_v2.nginx.id
+}
+resource "openstack_compute_secgroup_v2" "http" {
+  name        = "http"
+  description = "Open input http port"
+  rule {
+    from_port   = 80
+    to_port     = 80
+    ip_protocol = "tcp"
+    cidr        = "0.0.0.0/0"
+  }
+}
+resource "openstack_compute_secgroup_v2" "ssh" {
+  name        = "ssh"
+  description = "Open input ssh port"
+  rule {
+    from_port   = 22
+    to_port     = 22
+    ip_protocol = "tcp"
+    cidr        = "0.0.0.0/0"
+  }
+}
--- a/terraform/output.tf
+++ b/terraform/output.tf
+output "instance_server_public_key" {
+  value = openstack_compute_keypair_v2.user_key.public_key
+}
+output "instance_server_private_key" {
+  value = openstack_compute_keypair_v2.user_key.private_key
+}
+output "instance_ip" {
+  value = openstack_compute_floatingip_associate_v2.nginx.floating_ip
+}
\ No newline at end of file