ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Cloud Workflow (#72)

Browse Source 
* fix up cloud stuff

* add vpc playbook

* fix var name

* add deploy workflow

* stupid spaces

* unsafe vars

* unsafe vars

* wrong var

* move var

* fix wf

* fix wf

* fix wf

* fix wf
This commit is contained in:
willtome
2023-03-10 14:04:31 -05:00
committed by GitHub
parent 2e9139a67d
commit ac5cf8401a
3 changed files with 240 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
cloud/create_infra.yml
View File

@@ -1,11 +0,0 @@
---
- name: Create Cloud Infra
hosts: localhost
gather_facts: no
vars:
infra_provider: undef
aws_public_key: undef
tasks:
- include_role:
name: "demo.cloud.{{ infra_provider }}"
tasks_from: create_infra

125
cloud/create_vpc.yml Normal file
View File

@@ -0,0 +1,125 @@
---
- name: Create Cloud Infra
hosts: localhost
gather_facts: false
vars:
aws_vpc_name: aws-test-vpc
aws_owner_tag: default
aws_purpose_tag: ansible_demo
aws_tenancy: default
aws_vpc_cidr_block: 10.0.0.0/16
aws_subnet_cidr: 10.0.1.0/24
aws_region: us-east-1
aws_sg_name: aws-test-sg
aws_subnet_name: aws-test-subnet
aws_rt_name: aws-test-rt
tasks:
- name: Create VPC
amazon.aws.ec2_vpc_net:
state: present
name: "{{ aws_vpc_name }}"
cidr_block: "{{ aws_vpc_cidr_block }}"
tenancy: "{{ aws_tenancy }}"
region: "{{ aws_region }}"
tags:
owner: "{{ aws_owner_tag }}"
purpose: "{{ aws_purpose_tag }}"
register: aws_vpc
- name: Create internet gateway
amazon.aws.ec2_vpc_igw:
state: present
vpc_id: "{{ aws_vpc.vpc.id }}"
region: "{{ aws_region }}"
tags:
Name: "{{ aws_vpc_name }}"
owner: "{{ aws_owner_tag }}"
purpose: "{{ aws_purpose_tag }}"
register: aws_gateway
- name: Create security group internal
amazon.aws.ec2_security_group:
state: present
name: "{{ aws_sg_name }}"
region: "{{ aws_region }}"
description: Inbound WinRM and RDP, http for demo servers and internal AD ports
rules:
- proto: tcp
ports:
- 80 # HTTP
- 443 # HTTPS
- 22 # SSH
- 5986 # WinRM
- 3389 # RDP
- 9090 # Cockpit
cidr_ip: 0.0.0.0/0
- proto: icmp
to_port: -1
from_port: -1
cidr_ip: 0.0.0.0/0
- proto: tcp
ports:
- 80 # HTTP
- 5986 # WinRM
- 3389 # RDP
- 53 # DNS
- 88 # Kerberos Authentication
- 135 # RPC
- 139 # Netlogon
- 389 # LDAP
- 445 # SMB
- 464 # Kerberos Authentication
- 5432 # PostgreSQL
- 636 # LDAPS (LDAP over TLS)
- 873 # Rsync
- 3268-3269 # Global Catalog
- 1024-65535 # Ephemeral RPC ports
cidr_ip: "{{ aws_vpc_cidr_block }}"
- proto: udp
ports:
- 53 # DNS
- 88 # Kerberos Authentication
- 123 # NTP
- 137-138 # Netlogon
- 389 # LDAP
- 445 # SMB
- 464 # Kerberos Authentication
- 1024-65535 # Ephemeral RPC ports
cidr_ip: "{{ aws_vpc_cidr_block }}"
rules_egress:
- proto: -1
cidr_ip: 0.0.0.0/0
vpc_id: "{{ aws_vpc.vpc.id }}"
tags:
Name: "{{ aws_sg_name }}"
owner: "{{ aws_owner_tag }}"
purpose: "{{ aws_purpose_tag }}"
- name: Create a subnet on the VPC
amazon.aws.ec2_vpc_subnet:
state: present
vpc_id: "{{ aws_vpc.vpc.id }}"
cidr: "{{ aws_subnet_cidr }}"
region: "{{ aws_region }}"
map_public: true
tags:
Name: "{{ aws_subnet_name }}"
owner: "{{ aws_owner_tag }}"
purpose: "{{ aws_purpose_tag }}"
register: aws_subnet
- name: Create a subnet route table
amazon.aws.ec2_vpc_route_table:
state: present
vpc_id: "{{ aws_vpc.vpc.id }}"
region: "{{ aws_region }}"
subnets:
- "{{ aws_subnet.subnet.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: "{{ aws_gateway.gateway_id }}"
tags:
Name: "{{ aws_rt_name }}"
owner: "{{ aws_owner_tag }}"
purpose: "{{ aws_purpose_tag }}"

131
cloud/setup.yml
View File

@@ -8,6 +8,7 @@ controller_components:
- inventory_sources
- groups
- job_templates
- workflow_job_templates
controller_execution_environments:
- name: Cloud Services Execution Environment
@@ -146,36 +147,28 @@ controller_templates:
extra_vars:
aws_region: us-east-1
- name: Cloud / Create Infra
- name: Cloud / AWS / Create VPC
job_type: run
organization: Default
credentials:
- AWS
#- Azure
project: Ansible official demo project
playbook: cloud/create_infra.yml
playbook: cloud/create_vpc.yml
inventory: Workshop Inventory
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
survey_enabled: true
extra_vars:
aws_region: us-east-2
aws_region: us-east-1
survey:
name: ''
description: ''
spec:
- question_name: Infra Provider
type: multiplechoice
variable: infra_provider
- question_name: Owner
type: text
variable: aws_owner_tag
required: true
choices:
- aws
#- azure
- question_name: AWS Public Key (only required for aws provider)
type: textarea
required: false
variable: aws_public_key
- name: Cloud / AWS / Create VM
job_type: run
@@ -190,6 +183,7 @@ controller_templates:
notification_templates_success: Telemetry
notification_templates_error: Telemetry
survey_enabled: true
allow_simultaneous: true
extra_vars:
aws_region: us-east-1
aws_keypair_name: aws-test-key
@@ -231,12 +225,12 @@ controller_templates:
type: text
variable: aws_vpc_subnet_name
required: true
default: dmz-subnet
default: aws-test-subnet
- question_name: Security Group
type: text
variable: aws_securitygroup_name
required: true
default: dmz-sg
default: aws-test-sg
- name: Cloud / AWS / Delete VM
job_type: run
@@ -323,3 +317,108 @@ controller_templates:
type: text
variable: aws_keypair_owner
required: true
controller_workflows:
- name: Deploy Cloud Stack in AWS
description: A workflow to deploy a cloud stack
organization: Default
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
extra_vars:
vm_deployment: cloud_stack
survey_enabled: true
survey:
name: ''
description: ''
spec:
- question_name: Owner
type: text
variable: aws_owner_tag
required: true
- question_name: Environment
type: multiplechoice
variable: vm_environment
required: true
choices:
- Dev
- QA
- Prod
- question_name: Keypair Public Key
type: textarea
variable: aws_public_key
required: true
- question_name: Email
type: text
variable: email
required: true
simplified_workflow_nodes:
- identifier: Create Keypair
unified_job_template: Cloud / AWS / Create Keypair
extra_data:
aws_keypair_owner: !unsafe "{{ aws_owner_tag }}"
success_nodes:
- VPC Report
failure_nodes:
- Ticket - Keypair Failed
- identifier: Create VPC
unified_job_template: Cloud / AWS / Create VPC
success_nodes:
- VPC Report
failure_nodes:
- Ticket - VPC Failed
- identifier: Ticket - Keypair Failed
unified_job_template: 'SUBMIT FEEDBACK'
extra_data:
feedback: Failed to create AWS keypair
- identifier: VPC Report
unified_job_template: Cloud / AWS / VPC Report
all_parents_must_converge: true
success_nodes:
- Deploy Windows Blueprint
- Deploy RHEL8 Blueprint
- Deploy RHEL9 Blueprint
- identifier: Deploy Windows Blueprint
unified_job_template: Cloud / AWS / Create VM
extra_data:
vm_name: aws_win
vm_blueprint: windows_full
vm_owner: !unsafe "{{ aws_owner_tag }}"
success_nodes:
- Update Inventory
failure_nodes:
- Ticket - Instance Failed
- identifier: Deploy RHEL8 Blueprint
unified_job_template: Cloud / AWS / Create VM
extra_data:
vm_name: aws_rhel8
vm_blueprint: rhel8
vm_owner: !unsafe "{{ aws_owner_tag }}"
success_nodes:
- Update Inventory
failure_nodes:
- Ticket - Instance Failed
- identifier: Deploy RHEL9 Blueprint
unified_job_template: Cloud / AWS / Create VM
extra_data:
vm_name: aws_rhel9
vm_blueprint: rhel9
vm_owner: !unsafe "{{ aws_owner_tag }}"
success_nodes:
- Update Inventory
failure_nodes:
- Ticket - Instance Failed
- identifier: Ticket - VPC Failed
unified_job_template: 'SUBMIT FEEDBACK'
extra_data:
feedback: Failed to create AWS VPC
- identifier: Update Inventory
unified_job_template: AWS Inventory
success_nodes:
- Tag Report
- identifier: Ticket - Instance Failed
unified_job_template: 'SUBMIT FEEDBACK'
extra_data:
feedback: Failed to create AWS instance
- identifier: Tag Report
unified_job_template: Cloud / AWS / Tags Report