Added basic ansible roles to prometheus

veldrane · Oct 15, 2020 · 7456125 · 7456125
1 parent 5716767
commit 7456125
Show file tree

Hide file tree

Showing 9 changed files with 258 additions and 0 deletions.
diff --git a/08_keycloak/unsorted/scripts/getgoogle.com b/08_keycloak/unsorted/scripts/getgoogle.com
@@ -0,0 +1,50 @@
+#!/bin/bash
+
+if [ $# -ne 5 ]; then
+  echo 1>&2 "Usage: . $0 hostname realm username clientid"
+  echo 1>&2 "  options:"
+  echo 1>&2 "    hostname: localhost:8081"
+  echo 1>&2 "    realm:keycloak-demo"
+  echo 1>&2 "    clientid:demo"
+  echo 1>&2 "    client-secret:x 42734911-3cbd-4a20-a426-83cb208edc43"
+  echo 1>&2 "    For verify ssl: use 'y' (otherwise it will send curl post with --insecure)"
+
+  return
+fi
+
+USERNAME="gveldrane"
+PASSWORD=Pvspvjdbpl4
+URL="https://oauth2.googleapis.com/token"
+
+
+
+
+
+
+
+
+if [[ $SECURE = 'y' ]]; then
+	INSECURE=
+else 
+	INSECURE=--insecure
+fi
+
+
+#echo -n Password: 
+#read -s PASSWORD
+
+
+export TOKEN=$(curl -X POST "URL" \
+ -H "Content-Type: application/x-www-form-urlencoded" \
+ -d "username=$USERNAME" \
+ -d "password=$PASSWORD" \
+ -d 'grant_type=password' \
+ -d "client_id=$CLIENT_ID" \
+ -d "client_secret=$CLIENT_SECRET" \
+ -d "scope=groups openid" 2>/dev/null )
+
+echo $TOKEN
+
+if [[ $(echo $TOKEN) != 'null' ]]; then
+	export KEYCLOAK_TOKEN=$TOKEN
+fi
diff --git a/08_keycloak/unsorted/scripts/gettoken-code.sh b/08_keycloak/unsorted/scripts/gettoken-code.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+if [ $# -ne 5 ]; then
+  echo 1>&2 "Usage: . $0 hostname realm username clientid"
+  echo 1>&2 "  options:"
+  echo 1>&2 "    hostname: localhost:8081"
+  echo 1>&2 "    realm:keycloak-demo"
+  echo 1>&2 "    clientid:demo"
+  echo 1>&2 "    client-secret:x 42734911-3cbd-4a20-a426-83cb208edc43"
+  echo 1>&2 "    For verify ssl: use 'y' (otherwise it will send curl post with --insecure)"
+
+  return
+fi
+
+HOSTNAME=$1
+REALM_NAME=$2
+USERNAME=$3
+CLIENT_ID=$4
+CLIENT_SECRET=$5
+SECURE=$6
+PASSWORD=Heslo1234
+
+
+
+KEYCLOAK_URL=https://$HOSTNAME/auth/realms/$REALM_NAME/protocol/openid-connect/auth
+
+if [[ $SECURE = 'y' ]]; then
+	INSECURE=
+else 
+	INSECURE=--insecure
+fi
+
+
+#echo -n Password: 
+#read -s PASSWORD
+
+
+export TOKEN=$(curl -X POST "$KEYCLOAK_URL" "$INSECURE" \
+ -H "Content-Type: application/x-www-form-urlencoded" \
+ -d "client_id=$CLIENT_ID" \
+ -d "state=12345678"
+ -d "response_type=code" 2>/dev/null )
+
+echo $TOKEN
+
+if [[ $(echo $TOKEN) != 'null' ]]; then
+	export KEYCLOAK_TOKEN=$TOKEN
+fi
diff --git a/08_keycloak/unsorted/scripts/gettoken.bckp.sh b/08_keycloak/unsorted/scripts/gettoken.bckp.sh
@@ -0,0 +1,62 @@
+#!/bin/bash
+
+if [ $# -ne 5 ]; then
+  echo 1>&2 "Usage: . $0 hostname realm username clientid"
+  echo 1>&2 "  options:"
+  echo 1>&2 "    hostname: localhost:8081"
+  echo 1>&2 "    realm:keycloak-demo"
+  echo 1>&2 "    clientid:demo"
+  echo 1>&2 "    client-secret:x 42734911-3cbd-4a20-a426-83cb208edc43"
+  echo 1>&2 "    For verify ssl: use 'y' (otherwise it will send curl post with --insecure)"
+
+  return
+fi
+
+HOSTNAME=$1
+REALM_NAME=$2
+USERNAME=$3
+CLIENT_ID=$4
+CLIENT_SECRET=$5
+SECURE=$6
+PASSWORD=Heslo1234
+
+
+
+#KEYCLOAK_URL=https://$HOSTNAME/auth/realms/$REALM_NAME/protocol/openid-connect/token
+KEYCLOAK_URL=https://$HOSTNAME/auth/realms/$REALM_NAME/protocol/openid-connect/token
+
+
+
+#echo "Using Keycloak: $KEYCLOAK_URL"
+#echo "realm: $REALM_NAME"
+#echo "client-id: $CLIENT_ID"
+#echo "username: $USERNAME"
+#echo "client-secret: $CLIENT_SECRET"
+#echo "secure: $SECURE"
+
+
+if [[ $SECURE = 'y' ]]; then
+	INSECURE=
+else 
+	INSECURE=--insecure
+fi
+
+
+#echo -n Password: 
+#read -s PASSWORD
+
+
+export TOKEN=$(curl -X POST "$KEYCLOAK_URL" "$INSECURE" \
+ -H "Content-Type: application/x-www-form-urlencoded" \
+ -d "username=$USERNAME" \
+ -d "password=$PASSWORD" \
+ -d 'grant_type=password' \
+ -d "client_id=$CLIENT_ID" \
+ -d "client_secret=$CLIENT_SECRET" \
+ -d "scope=groups openid" 2>/dev/null )
+
+echo $TOKEN
+
+if [[ $(echo $TOKEN) != 'null' ]]; then
+	export KEYCLOAK_TOKEN=$TOKEN
+fi
diff --git a/14_baseimages/CentOS/Docker/Dockerfile b/14_baseimages/CentOS/Docker/Dockerfile
@@ -0,0 +1,15 @@
+FROM scratch
+ADD centos-7-x86_64-docker.tar.xz /
+
+LABEL \
+    org.label-schema.schema-version="1.0" \
+    org.label-schema.name="CentOS Base Image" \
+    org.label-schema.vendor="CentOS" \
+    org.label-schema.license="GPLv2" \
+    org.label-schema.build-date="20200809" \
+    org.opencontainers.image.title="CentOS Base Image" \
+    org.opencontainers.image.vendor="CentOS" \
+    org.opencontainers.image.licenses="GPL-2.0-only" \
+    org.opencontainers.image.created="2020-08-09 00:00:00+01:00"
+
+CMD ["/bin/bash"]
diff --git a/14_baseimages/CentOS/Docker/centos-7-x86_64-docker.tar.xz b/14_baseimages/CentOS/Docker/centos-7-x86_64-docker.tar.xz
diff --git a/14_baseimages/CentOS/Docker/download.sh b/14_baseimages/CentOS/Docker/download.sh
@@ -0,0 +1 @@
+wget https://github.com/CentOS/sig-cloud-instance-images/raw/CentOS-7-x86_64/docker/centos-7-x86_64-docker.tar.xz -O centos-7-x86_64-docker.tar.xz
diff --git a/15_prometheus/01_prepare_nodes.yaml b/15_prometheus/01_prepare_nodes.yaml
@@ -0,0 +1 @@
+../99_newhost/ansible/01_prepare_nodes.yaml
diff --git a/15_prometheus/02_install_prometheus b/15_prometheus/02_install_prometheus
@@ -0,0 +1,46 @@
+---
+- hosts: localhost
+  become: true
+  gather_facts: no
+  tasks:
+
+  - name: Set variables
+    include: include/_setup_vars.yaml
+
+  - name: "Create ansible group for new hosts"
+    add_host: name="{{ ip }}" groups=newhost
+
+  - name: Create nfs home data disk
+    shell: qemu-img create -f qcow2 {{ vms_dir }}/{{ fqdn }}/nfsvg.qcow2 {{ disksize }}
+
+  - name: Attach disk to machine
+    shell: virsh attach-disk {{ fqdn }} --source {{ vms_dir }}/{{ fqdn }}/nfsvg.qcow2 --target vdb --subdriver qcow2 --targetbus virtio --persistent
+
+  - name: Autostart of the machine
+    shell: virsh autostart {{ fqdn }}
+
+- hosts: newhost
+  become: true
+  gather_facts: no
+  tasks:
+
+  - name: Set variables
+    include: include/_setup_vars.yaml
+
+  - name: Setup firewall rules
+    shell: firewall-cmd --permanent --add-service={mountd,nfs,rpc-bind} ; firewall-cmd --reload
+
+  - name: Create datavg and logical volume
+    shell: pvcreate /dev/vdb ; vgcreate promvg /dev/vdb ; lvcreate -n data -L50G promvg
+
+  - name: Create fs
+    shell: mkfs.ext4 /dev/promvg/data
+
+  - name: make directory /prometheus/data
+    shell: mkdir -p /prometheus/data
+
+  - name: Add /nfshome to fstab
+    shell: echo '/dev/mapper/prometheus-data  /prometheus/data              ext4    noatime,nodiratime        1 2' >> /etc/fstab
+
+  - name: Mount /prometheus/data
+    shell: mount /prometheus/data
diff --git a/15_prometheus/include/_setup_vars.yaml b/15_prometheus/include/_setup_vars.yaml
@@ -0,0 +1,35 @@
+- name: Set global variables
+  set_fact:
+    virbr: "16"
+    netsuffix: "31" 
+    hostname: "node31"
+    domain: "lab.local"
+    mem: "8G"
+    ipaserver: "freeipa.lab.local"
+    ipaip: "10.1.8.10"
+    ldapbase: "dc=lab,dc=local"
+    svcadmin: "admin"
+    adminpwd: "admin123"
+    template: "t_centos7"
+    template_dir: "/data/templates"
+    vms_dir: "/data/vms"
+    rootvg_size: 30
+
+
+- name: Set ip
+  set_fact:
+    ip: "10.1.{{ virbr  }}.{{ netsuffix }}"
+
+
+
+- name: Set FQDN
+  set_fact:
+    fqdn: "{{ hostname }}.{{ domain }}"
+
+- name: Set REALM
+  set_fact: 
+    realm: "{{ domain|upper }}"
+
+- name: Set disksize
+  set_fact: 
+    disksize: "51G"
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		wget https://github.com/CentOS/sig-cloud-instance-images/raw/CentOS-7-x86_64/docker/centos-7-x86_64-docker.tar.xz -O centos-7-x86_64-docker.tar.xz