diff --git a/01_template/kickstart/kickstart.cfg b/01_template/kickstart/kickstart.cfg index 9ddd80d..7e91676 100644 --- a/01_template/kickstart/kickstart.cfg +++ b/01_template/kickstart/kickstart.cfg @@ -52,6 +52,9 @@ nfs-utils autofs policycoreutils-python-utils python3-policycoreutils.noarch +strace +tcpdump +curl %end # Post install @@ -68,6 +71,9 @@ restorecon -R /root/.ssh/ systemctl enable sshd.service +# sed -iE 's/wheel:x:10:/wheel:x:10:veldrane/g' /etc/group +sed -E 's/(\#auth)(\s+sufficient\s+pam_wheel.so)/auth\2/g' -i /etc/pam.d/su + yum upgrade -y %end diff --git a/01_template/kickstart/rocky9-template.sh b/01_template/kickstart/rocky9-template.sh index a8f975c..8f4f043 100755 --- a/01_template/kickstart/rocky9-template.sh +++ b/01_template/kickstart/rocky9-template.sh @@ -1,6 +1,6 @@ #!/bin/bash -KICKSTART="/root/lab-new-ocp4/01_template/kickstart/kickstart.cfg" +KICKSTART="/root/lab/01_template/kickstart/kickstart.cfg" mkdir -p /data/vms/rocky9 diff --git a/01_template/make-template.sh b/01_template/make-template.sh index 982969f..cd83e3c 100755 --- a/01_template/make-template.sh +++ b/01_template/make-template.sh @@ -1,6 +1,6 @@ virt-clone --original rocky9 --name basevm -f /data/vms/templates/basevm.qcow2 w=$(virt-sysprep --list-operations | egrep -v 'fs-uuids|lvm-uuids|ssh-userdir|ssh-hostkeys|bash-history' | awk '{ printf "%s,", $1}' | sed 's/,$//') virt-sysprep -d basevm --hostname basevm --enable $w -#cp /data/vms/basevm.qcow2 /data/templates/basevm.qcow2 +cp /data/vms/basevm.qcow2 /data/templates/basevm.qcow2 #virsh dumpxml basevm > /data/vms/templates/basevm.xml virsh undefine basevm diff --git a/09_apigw/consul/ansible/01_prepare_nodes.yaml b/09_apigw/consul/ansible/01_prepare_nodes.yaml new file mode 120000 index 0000000..c9ee98e --- /dev/null +++ b/09_apigw/consul/ansible/01_prepare_nodes.yaml @@ -0,0 +1 @@ +../../../99_newhost/ansible/01_prepare_nodes.yaml \ No newline at end of file diff --git a/09_apigw/consul/ansible/02_install_consul.yaml b/09_apigw/consul/ansible/02_install_consul.yaml new file mode 100644 index 0000000..349b3c0 --- /dev/null +++ b/09_apigw/consul/ansible/02_install_consul.yaml @@ -0,0 +1,45 @@ +--- +- hosts: localhost + become: true + gather_facts: no + tasks: + + - name: Set variables + include: include/_setup_vars.yaml + + - name: Create snapshot for the host + shell: virsh snapshot-create-as --domain {{ fqdn }} --name "before Consul installation" + ignore_errors: yes + + - name: "Create ansible group for new hosts" + add_host: name="{{ ip }}" groups=newhost + + +- hosts: newhost + become: true + gather_facts: no + tasks: + + + - name: Set variables + include: include/_setup_vars.yaml + + - name: Install yum utils + shell: yum install -y yum-utils + + - name: Add hashicorp repo + shell: yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo + + - name: Install consul and envoy + shell: yum install -y consul hashicorp-envoy + + - name: Copy consul bootstrap file + copy: + src: include/consul.hcl + dest: /etc/consul.d/consul.hcl + + - name: Enable consul agent and start it + shell: systemctl enable consul ; systemctl start consul + + - name: Add ui port + shell: firewall-cmd --add-port=8080/tcp --permanent ; firewall-cmd --reload diff --git a/09_apigw/consul/ansible/include/_setup_vars.yaml b/09_apigw/consul/ansible/include/_setup_vars.yaml new file mode 100644 index 0000000..0817c1a --- /dev/null +++ b/09_apigw/consul/ansible/include/_setup_vars.yaml @@ -0,0 +1,37 @@ +- name: Set global variables + set_fact: + virbr: "8" + netsuffix: "254" + hostname: "apigw" + domain: "lab.syscallx86.com" + mem: "2G" + ipaserver: "freeipa.lab.syscallx86.com" + nfsserver: "nfsnode.lab.syscallx86.com" + home_export: "/nfsvg/home" + ipaip: "10.1.8.10" + ldapbase: "dc=lab,dc=local" + svcadmin: "admin" + adminpwd: "admin123" + template: "basevm" + template_dir: "/data/templates" + vms_dir: "/data/vms" + rootvg_size: 30 + + +- name: Set ip + set_fact: + ip: "10.1.{{ virbr }}.{{ netsuffix }}" + + + +- name: Set FQDN + set_fact: + fqdn: "{{ hostname }}.{{ domain }}" + +- name: Set REALM + set_fact: + realm: "{{ domain|upper }}" + +- name: Set disksize + set_fact: + disksize: "30" diff --git a/09_apigw/consul/ansible/include/consul.hcl b/09_apigw/consul/ansible/include/consul.hcl new file mode 100644 index 0000000..b195c98 --- /dev/null +++ b/09_apigw/consul/ansible/include/consul.hcl @@ -0,0 +1,6 @@ +data_dir = "/opt/consul" +client_addr = "0.0.0.0" +retry_join = ["10.1.8.26"] # Adresa vaĊĦeho Consul serveru +enable_central_service_config = true +encrypt = "5idcXNSN1IESUpVGNBVsqDfEMc0HbX5hDa3I5ld5uMg=" +datacenter = "primary" diff --git a/09_apigw/consul/ansible/include/hashicorp.repo b/09_apigw/consul/ansible/include/hashicorp.repo new file mode 100644 index 0000000..e69de29 diff --git a/20_application/include/_setup_vars.yaml b/20_application/include/_setup_vars.yaml index 74d8cf4..212ef80 100644 --- a/20_application/include/_setup_vars.yaml +++ b/20_application/include/_setup_vars.yaml @@ -1,8 +1,8 @@ - name: Set global variables set_fact: virbr: "8" - netsuffix: "41" - hostname: "api01" + netsuffix: "42" + hostname: "api02" domain: "lab.syscallx86.com" mem: "2G" ipaserver: "freeipa.lab.syscallx86.com"