-
Notifications
You must be signed in to change notification settings - Fork 138
/
setup-ssh-access.yml
114 lines (100 loc) · 3.65 KB
/
setup-ssh-access.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: Prepare first time deployer access
hosts: "localhost"
gather_facts: false
vars:
task: "deploy"
tasks:
- block:
- name: Get vcloud node(s) IP(s) when heat output not available and virtual deploy
command: |
openstack --os-cloud "{{ os_cloud }}" --os-project-name {{ os_project_name }} \
stack output show {{ heat_stack_name }} {{ item }} -c output_value -f value
loop: "{{ cli_stack_queries }}"
register: "os_stack_output"
when:
- not is_physical_deploy
- heat_stack_output is not defined
- name: Store vcloud IP(s) when virtual deploy
set_fact:
"{{ item.item | replace('-', '_') }}": "{{ (item.stdout == 'None') | ternary([], item.stdout | from_yaml) }}"
cacheable: True
loop: "{{ (heat_stack_output is defined) | ternary(heat_stack_output_queries, os_stack_output.results) }}"
loop_control:
label: "{{ item.item | replace('-', '_') }}: {{ ('stdout' in item and item.stdout == 'None') | ternary([], item.stdout | default('') | from_yaml) }}"
when: not is_physical_deploy
- name: Ensure deployer on ansible inventory file when virtual deploy
blockinfile:
path: "inventory"
insertafter: "\\[deployer_virt\\]"
marker: "# {mark} ANSIBLE MANAGED BLOCK - ARDANA"
block: |
{{ cloud_env }} ansible_host={{ admin_floating_ip }}
when: not is_physical_deploy
- name: Configure first time deployer access
add_host:
name: "{{ cloud_env }}"
ansible_host: "{{ is_physical_deploy | ternary(omit, admin_floating_ip) }}"
ansible_password: "linux"
- name: Remove local ssh host key for admin floating IP
known_hosts:
name: "{{ admin_floating_ip }}"
state: absent
failed_when: False
when: not is_physical_deploy
rescue:
- include_role:
name: rocketchat_notify
vars:
rc_action: "finished"
rc_state: "Failed"
when: rc_notify
- name: Stop if something failed
fail:
msg: "{{ task }} failed."
- name: Ensure public keys on deployer
hosts: "{{ cloud_env }}"
remote_user: root
# NOTE: don't gather facts before deployer becomes accessible
gather_facts: false
vars:
task: "deploy"
tasks:
- block:
- name: Wait for deployer to be accessible
wait_for:
host: "{{ hostvars[cloud_env].ansible_host }}"
port: 22
search_regex: OpenSSH
state: started
delay: 10
delegate_to: localhost
- name: Gather facts
setup:
- include_role:
name: ssh_keys
rescue:
- include_role:
name: rocketchat_notify
vars:
rc_action: "finished"
rc_state: "Failed"
when: rc_notify
- name: Stop if something failed
fail:
msg: "{{ task }} failed."