-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathplaybook.yml
135 lines (119 loc) · 3.66 KB
/
playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
---
- hosts: all
become: yes
become_user: root
become_method: sudo
vars_files:
- vars/common.yaml
- vars/{{ arch_type }}.yaml
- vars/{{ target_env }}.yaml
vars_prompt:
- name: username
prompt: What is your redhat username?
private: false
- name: password
prompt: What is your redhat password?
tasks:
- name: Register as user (joe_user) with password (somepass) and auto-subscribe to available content.
community.general.redhat_subscription:
state: present
username: "{{ username }}"
password: "{{ password }}"
auto_attach: true
# Manage Repos
- name: Run Command Manage repo via RHSM
ansible.builtin.command: subscription-manager config --rhsm.manage_repos=1
- name: Install the latest version of Firewall and lvm2
ansible.builtin.dnf:
name:
- firewalld
- lvm2
state: latest
# Create Disk, Volume, Volume group
- name: Create a new primary partition for LVM
community.general.parted:
device: "{{ device_name }}"
number: 1
flags: [ lvm ]
state: present
- name: Create a volume group
community.general.lvg:
vg: rhel
pvs: "{{ pvs_name | join(',') }}"
pvresize: true
# Start firewall
- name: Make sure a firewall service unit is running and enabled
ansible.builtin.systemd:
state: started
name: firewalld
enabled: true
# Config
- name: Configure firewall
ansible.posix.firewalld:
source: 10.42.0.0/16
zone: trusted
state: enabled
permanent: true
immediate: true
- name: Configure firewall
ansible.posix.firewalld:
source: "169.254.169.1"
zone: trusted
state: enabled
permanent: true
immediate: true
# Enable microshift packages
- name: Enable Microshift repository
community.general.rhsm_repository:
name:
- "rhocp-4.13-for-rhel-9-{{ ansible_architecture }}-rpms"
- "fast-datapath-for-rhel-9-{{ ansible_facts['architecture'] }}-rpms"
# Install microshift packages
- name: Install the Microshift and Openshift-Clients
ansible.builtin.dnf:
name:
- microshift
- openshift-clients
state: latest
# Daemon Reload
- name: Just force systemd to reread configs (2.4 and above)
ansible.builtin.systemd:
daemon_reload: true
# copy pull secret
- name: Copy secret file
ansible.builtin.copy:
src: pull-secret.txt
dest: /etc/crio/openshift-pull-secret
# Start Microshift
- name: Make sure Microshift service unit is running and enabled
ansible.builtin.systemd:
state: started
name: microshift.service
enabled: true
# Set kubeconfig
- name: Create a directory if it does not exist
ansible.builtin.file:
path: /home/{{ user_name }}/.kube
state: directory
mode: '0755'
become: false
- name: Copy kube config
ansible.builtin.copy:
src: /var/lib/microshift/resources/kubeadmin/kubeconfig
dest: /home/{{ user_name }}/.kube/config
owner: "{{ user_name }}"
group: "{{ group_name }}"
mode: '0644'
remote_src: true
- name: Copy Serving Manifest
ansible.builtin.template:
src: "{{ item }}"
dest: /home/{{ user_name }}/
owner: "{{ user_name }}"
group: "{{ group_name }}"
mode: '0644'
loop:
- manifest/0-kourier.yaml
- manifest/1-serving-crds.yaml
- manifest/2-serving-core.yaml
- manifest/hello.yaml