ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add cloud demos

Browse Source
This commit is contained in:
willtome
2022-03-14 16:48:02 -04:00
parent cf90f1e145
commit c1ad7245d2
3 changed files with 172 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -19,11 +19,13 @@ Please push contributions via a pull request following the naming convention of
## Using this project
1. First you must create a credential to access Automation Hub to load the collections used by this project.
> This project is tested for compatibility with AAP2 Linux Automation Workshop available to Red Hat Employees and Partners.
1. First you must create a credential for [Automation Hub](https://console.redhat.com/ansible/automation-hub/) to successfully sync collections used by this project.
1. In the Credentials section of the Controller UI, add a new Credential called `Automation Hub` with the type `Ansible Galaxy/Automation Hub API Token`
2. You can obtain a token [here](https://console.redhat.com/ansible/automation-hub/token). This page will also provide the Server URL and Auth Server URL.
3. Next, click on Organizations and edit the `Default` organization. Add your `Automation Hub` credential to the `Galaxy Credentials` section.
3. Next, click on Organizations and edit the `Default` organization. Add your `Automation Hub` credential to the `Galaxy Credentials` section. Don't forget to click Save!!
2. If it has not been created for you, add a Project called `Ansible official demo project` with this repo as a source. NOTE: if you are using a fork, be sure that you have the correct URL. Update the project.
3. Finally, Create a Job Template called `Setup` with the following configuration:

122
cloud/create_infra.yml Normal file
View File

@@ -0,0 +1,122 @@
---
- name: Create Cloud Infra
hosts: localhost
gather_facts: no
vars:
vpc_user: workshop
vpc_name: demo
vpc_cidr_block: 10.0.0.0/16
tasks:
- name: Create VPC
amazon.aws.ec2_vpc_net:
state: present
name: "{{ vpc_name }}-ansible-vpc"
cidr_block: "{{ vpc_cidr_block }}"
tenancy: default
region: "{{ aws_region }}"
tags:
user: "{{ vpc_user }}"
purpose: Ansible Demo
register: aws_vpc
- name: Create Internet Gateway for VPC
amazon.aws.ec2_vpc_igw:
state: present
vpc_id: "{{ aws_vpc.vpc.id }}"
region: "{{ aws_region }}"
tags:
Name: "{{ vpc_user }}-{{vpc_name }}-vpc-igw"
user: "{{ vpc_user }}"
purpose: Ansible Demo
register: aws_gateway
- name: Create security group internal
amazon.aws.ec2_group:
state: present
name: "{{ vpc_user }}-{{ vpc_name }}-sec-group"
region: "{{ aws_region }}"
description: Inbound WinRM and RDP, http for demo servers and internal AD ports
rules:
- proto: tcp
ports:
- 80 # HTTP
- 443 # HTTPS
- 22 # SSH
cidr_ip: 0.0.0.0/0
- proto: icmp
to_port: -1
from_port: -1
cidr_ip: 0.0.0.0/0
- proto: tcp
ports:
- 80 # HTTP
- 5986 # WinRM
- 3389 # RDP
- 53 # DNS
- 88 # Kerberos Authentication
- 135 # RPC
- 139 # Netlogon
- 389 # LDAP
- 445 # SMB
- 464 # Kerberos Authentication
- 5432 # PostgreSQL
- 636 # LDAPS (LDAP over TLS)
- 873 # Rsync
- 3268-3269 # Global Catalog
- 1024-65535 # Ephemeral RPC ports
cidr_ip: 10.0.0.0/16
- proto: udp
ports:
- 53 # DNS
- 88 # Kerberos Authentication
- 123 # NTP
- 137-138 # Netlogon
- 389 # LDAP
- 445 # SMB
- 464 # Kerberos Authentication
- 1024-65535 # Ephemeral RPC ports
cidr_ip: 10.0.0.0/16
rules_egress:
- proto: -1
cidr_ip: 0.0.0.0/0
vpc_id: "{{ aws_vpc.vpc.id }}"
tags:
Name: "{{ vpc_user }}-{{ vpc_name }}-sec-group"
user: "{{ vpc_user}}"
purpose: Ansible Demo
- name: Create a subnet on the VPC
amazon.aws.ec2_vpc_subnet:
state: present
vpc_id: "{{ aws_vpc.vpc.id }}"
cidr: 10.0.0.0/16
region: "{{ aws_region }}"
map_public: yes
tags:
Name: "{{ vpc_user }}-{{ vpc_name }}-subnet"
user: "{{ vpc_user }}"
purpose: Ansible Demo
register: aws_subnet
- name: Create a subnet route table
amazon.aws.ec2_vpc_route_table:
state: present
vpc_id: "{{ aws_vpc.vpc.id }}"
region: "{{ aws_region }}"
subnets:
- "{{ aws_subnet.subnet.id }}"
routes:
- dest: 0.0.0.0/0
gateway_id: "{{ aws_gateway.gateway_id }}"
tags:
Name: "{{ vpc_user }}-{{ vpc_name }}-vpc-rtbl"
user: "{{ vpc_user }}"
purpose: Ansible Demo
- name: Create AWS keypair
amazon.aws.ec2_key:
name: "{{ vpc_user }}-{{ vpc_name }}-demo-key"
region: "{{ aws_region }}"
key_material: "{{ aws_public_key }}"
state: present

46
cloud/setup.yml Normal file
View File

@@ -0,0 +1,46 @@
---
user_message:
- Update AWS credential with Access and Secret key
controller_components:
- credentials
- inventory_sources
- job_templates
controller_credentials:
- name: AWS
credential_type: Amazon Web Services
organization: Default
update_secrets: false
inputs:
username: REPLACEME
password: REPLACEME
controller_inventory_sources:
- name: AWS Inventory
organization: Default
source: ec2
inventory: Workshop Inventory
credential: AWS
controller_templates:
- name: Cloud / Create Infra
job_type: run
organization: Default
credentials:
- AWS
project: Ansible official demo project
playbook: cloud/create_infra.yml
inventory: Demo Inventory
execution_environment: Default execution environment
survey_enabled: true
extra_vars:
aws_region: us-east-2
survey:
name: ''
description: ''
spec:
- question_name: Public Key
type: textarea
variable: aws_public_key
required: true