ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add playbooks

Browse Source
This commit is contained in:
willtome
2022-02-11 08:26:04 -06:00
parent 858e7290ec
commit 99a6ff6dbf
10 changed files with 299 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
linux/ec2_register.yml
View File

@@ -49,4 +49,5 @@
name: redhat.insights.insights_client
vars:
insights_tags:
env: "{{ env }}"
env: "{{ env }}"
purpose: demo

13
linux/inventory.insights.yml Normal file
View File

@@ -0,0 +1,13 @@
---
plugin: redhat.insights.insights
get_patches: yes
groups:
patch_bugs: insights_patching.rhba_count > 0
patch_enhancements: insights_patching.rhea_count > 0
patch_security: insights_patching.rhsa_count > 0
get_tags: False
filter_tags:
- insights-client/purpose=demo
keyed_groups:
- key: insights_tags['insights-client']
prefix: insights

20
linux/patching.yml Normal file
View File

@@ -0,0 +1,20 @@
---
- name: Apply Non-kernel Updates
hosts: "{{ HOSTS }}"
become: true
tasks:
- name: upgrade all packages except kernel
yum:
name: '*'
state: latest
exclude: kernel*
tags: all
- name: upgrade all packages security related except kernel
yum:
name: '*'
state: latest
security: true
exclude: kernel*
tags: security

14
linux/run_script.yml Normal file
View File

@@ -0,0 +1,14 @@
---
- name: Run Shell Script
hosts: "{{ HOSTS }}"
become: yes
gather_facts: no
vars:
shell_script: undef
tasks:
- name: Run Shell Script
shell: "{{ shell_script }}"
- debug:
msg: You should really consider converting this script to a playbook!

14
linux/service_start.yml Normal file
View File

@@ -0,0 +1,14 @@
---
- hosts: "{{ HOSTS }}"
vars:
service_name: undef
tasks:
- name: Check Service
service_facts:
- name: Start Service
service:
name: "{{ service_name }}"
state: started
when: service_name + '.service' in services

14
linux/service_stop.yml Normal file
View File

@@ -0,0 +1,14 @@
---
- hosts: "{{ HOSTS }}"
vars:
service_name: undef
tasks:
- name: Check Service
service_facts:
- name: Stop Service
service:
name: "{{ service_name }}"
state: stopped
when: service_name + '.service' in services

144
linux/setup.yml
View File

@@ -1,8 +1,16 @@
---
controller_validate_certs: false
user_message: |
Be sure to update the activation_key and org_id extra variables for LINUX /Register
controller_components:
- projects
- job_templates
controller_projects:
- name: Fact Scan
organization: Default
scm_type: git
scm_url: 'https://github.com/ansible/awx-facts-playbooks.git'
controller_templates:
- name: "LINUX / Register"
job_type: run
@@ -32,3 +40,137 @@ controller_templates:
- QA
- Prod
required: true
- name: "LINUX / Troubleshoot"
job_type: run
inventory: "Workshop Inventory"
project: "Ansible official demo project"
playbook: "linux/tshoot.yml"
execution_environment: Default execution environment
use_fact_cache: true
credentials:
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
description: ''
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
required: true
- name: "LINUX / Temporary Sudo"
job_type: run
inventory: "Workshop Inventory"
project: "Ansible official demo project"
playbook: "linux/temp_sudo.yml"
execution_environment: Default execution environment
credentials:
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
description: ''
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
required: true
- question_name: User Name
type: text
variable: sudo_user
required: true
- question_name: How long to grant access in minutes
type: text
variable: sudo_time
- name: "LINUX / Patching"
job_type: run
inventory: "Workshop Inventory"
project: "Ansible official demo project"
playbook: "linux/patching.yml"
execution_environment: Default execution environment
use_fact_cache: true
credentials:
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
description: ''
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
required: true
- name: "LINUX / Start Service"
job_type: run
inventory: "Workshop Inventory"
project: "Ansible official demo project"
playbook: "linux/start_service.yml"
execution_environment: Default execution environment
use_fact_cache: true
credentials:
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
description: ''
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
required: true
- question_name: Service Name
type: text
variable: service_name
required: true
- name: "LINUX / Stop Service"
job_type: run
inventory: "Workshop Inventory"
project: "Ansible official demo project"
playbook: "linux/stop_service.yml"
execution_environment: Default execution environment
use_fact_cache: true
credentials:
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
description: ''
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
required: true
- question_name: Service Name
type: text
variable: service_name
required: true
- name: "LINUX / Run Shell Script"
job_type: run
inventory: "Workshop Inventory"
project: "Ansible official demo project"
playbook: "linux/run_script.yml"
execution_environment: Default execution environment
credentials:
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
description: ''
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
required: true
- question_name: Service Name
type: block
variable: shell_script
required: true
- name: "LINUX / Fact Scan"
project: Fact Scan
playbook: scan_facts.yml
inventory: Workshop Inventory
execution_environment: Default execution environment
ask_limit_on_launch: true
use_fact_cache: true
credentials:
- Workshop Credential

41
linux/temp_sudo.yml Normal file
View File

@@ -0,0 +1,41 @@
---
- name: Temporary Sudo
hosts: "{{ HOSTS }}"
become: yes
gather_facts: no
vars:
sudo_cleanup: true
sudo_user: undef
sudo_time: 10
sudo_units: minutes
tasks:
- name: Check if sudo user exists on system
getent:
database: passwd
key: "{{ sudo_user }}"
- name: Check Cleanup package
yum:
name: at
state: latest
- name: Check Cleanup Service
service:
name: atd
state: started
- name: Create Sudo Rule
copy:
dest: "/etc/sudoers.d/{{ sudo_user }}"
owner: root
group: root
mode: 0640
content: "{{ sudo_user }} ALL=(ALL) NOPASSWD:ALL"
- name: Set Permission Cleanup
at:
command: "rm /etc/sudoers.d/{{ sudo_user }}"
count: "{{ sudo_time }}"
units: "{{ sudo_units }}"
when: sudo_cleanup|bool

29
linux/tshoot.yml Normal file
View File

@@ -0,0 +1,29 @@
---
- name: gather debug info
hosts: "{{ HOSTS }}"
become: yes
tasks:
- name: Gather recent vmstat info
command: /bin/vmstat 1 5
register: vmstat
- name: Gather top CPU hogs
command: ps -eo user,pid,size,pcpu,cmd --sort=-pcpu
register: pscpu
- name: Gather top memory hogs
command: ps -eo user,pid,size,pcpu,cmd --sort=-size
register: pssize
- name: Swap + wait states
debug:
var: vmstat.stdout_lines
- name: Top 3 CPU hogs
debug:
var: pscpu.stdout_lines[:4]
- name: Top 3 memory hogs
debug:
var: pssize.stdout_lines[:4]