From 600fd7aac4770e9fb326187e577e32096efc5c05 Mon Sep 17 00:00:00 2001 From: robertsweetman Date: Wed, 3 Apr 2024 16:55:36 +0100 Subject: [PATCH 1/6] start downloading boe package --- ansible/group_vars/server_type_onr_boe.yml | 77 ++++++++++++++++++- ansible/roles/onr-boe/defaults/main.yml | 12 +++ ansible/roles/onr-boe/meta/main.yml | 6 ++ .../roles/onr-boe/tasks/download-software.yml | 39 ++++++++++ ansible/roles/onr-boe/tasks/main.yml | 39 ++++++++++ 5 files changed, 172 insertions(+), 1 deletion(-) create mode 100644 ansible/roles/onr-boe/defaults/main.yml create mode 100644 ansible/roles/onr-boe/meta/main.yml create mode 100644 ansible/roles/onr-boe/tasks/download-software.yml create mode 100644 ansible/roles/onr-boe/tasks/main.yml diff --git a/ansible/group_vars/server_type_onr_boe.yml b/ansible/group_vars/server_type_onr_boe.yml index e4ff39c0e..0398b0753 100644 --- a/ansible/group_vars/server_type_onr_boe.yml +++ b/ansible/group_vars/server_type_onr_boe.yml @@ -1,3 +1,78 @@ --- ansible_python_interpreter: /usr/local/bin/python3.6 -# FIXME: this is a rhel 6.9 instance so 'packages' role may not work the same way + +users_and_groups_system: + - name: bobj + group: binstall + groups: + - dba + - sapsys + +server_type_roles_list: + - users-and-groups + - sudoers + - get-ec2-facts + - set-ec2-hostname + - domain-search + - disable-ipv6 + - disable-firewall + - time + - packages + - message-of-the-day + - amazon-ssm-agent + - amazon-cli + - ansible-script + - epel + - disks + # - oracle-19c-client + # - oracle-tns-entries + # - ncr-bip + - onr-boe + - collectd + - amazon-cloudwatch-agent + - amazon-cloudwatch-agent-collectd + # - collectd-service-metrics TODO: not defined yet + +roles_list: "{{ (ami_roles_list | default([]) | difference(server_type_roles_list | default([]))) + (server_type_roles_list | default([])) }}" + +packages_yum_install: + - nano + - vim + - make + - libstdc++.i686 + - libstdc++.x86_64 + - glibc.i686 + - glibc.x86_64 + - libX11.i686 + - libX11.x86_64 + - libXext.i686 + - libXext.x86_64 + - expat.i686 + - expat.x86_64 + - libxcrypt.i686 + - libgcc.i686 + - libgcc.x86_64 + - libnsl.i686 + - libXcursor.i686 + - libXcursor.x86_64 + - libXrender.i686 + - libXrender.x86_64 + - libXfixes.i686 + - libXfixes.x86_64 + - libxcb.i686 + - libxcb.x86_64 + - libXau.i686 + - libXau.x86_64 + - xz-libs.i686 + +disks_mount: + - ebs_device_name: /dev/sdb + dir: /u01 + fstype: xfs + - ebs_device_name: /dev/sdc + dir: /u02 + fstype: xfs + # - ebs_device_name: /dev/sds + # dir: swap + # fstype: swap + diff --git a/ansible/roles/onr-boe/defaults/main.yml b/ansible/roles/onr-boe/defaults/main.yml new file mode 100644 index 000000000..b18d4cf9a --- /dev/null +++ b/ansible/roles/onr-boe/defaults/main.yml @@ -0,0 +1,12 @@ +--- +artefacts_s3_bucket_name: mod-platform-image-artefact-bucket20230203091453221500000001 +artefacts_s3_bucket_path: hmpps/onr +artefact_dir: /u02 # check this +app_dir: /u01/app # check this + +boe_software: ENTERPRISE07P_4-10007478.TGZ +boe_install_user: bobj +boe_install_group: binstall + +stage: "{{ artefact_dir }}/stage" +temp: "{{ artefact_dir }}/temp" diff --git a/ansible/roles/onr-boe/meta/main.yml b/ansible/roles/onr-boe/meta/main.yml new file mode 100644 index 000000000..4d8f456c6 --- /dev/null +++ b/ansible/roles/onr-boe/meta/main.yml @@ -0,0 +1,6 @@ +--- +dependencies: + - role: get-ec2-facts + - role: ansible-requirements +# - role: disable-ipv6 TODO: ask Craig what this is for + - role: disable-firewall diff --git a/ansible/roles/onr-boe/tasks/download-software.yml b/ansible/roles/onr-boe/tasks/download-software.yml new file mode 100644 index 000000000..b405c62bd --- /dev/null +++ b/ansible/roles/onr-boe/tasks/download-software.yml @@ -0,0 +1,39 @@ +--- +- name: Create directories + ansible.builtin.file: + path: "{{ item }}" + owner: "{{ boe_install_user }}" + group: "{{ boe_install_group }}" + state: directory + recurse: yes + loop: + - "{{ temp }}" + - "{{ stage }}" + tags: + - amibuild + - oracle_19c_download + - oracle_19c_create_dirs + +# - name: Download oracle prerequisite rpms from S3 bucket +# amazon.aws.aws_s3: +# bucket: "{{ artefacts_s3_bucket_name }}" +# object: "{{ artefacts_s3_bucket_path }}/{{ item }}" +# dest: "{{ stage }}/{{ item }}" +# mode: get +# overwrite: latest +# loop: +# - "{{ oracle_prereq_rpm }}" +# - "{{ oracle_asmlib_rpm }}" +# - "{{ oracleasm_support_rpm }}" + +- name: Download Oracle 19c software from S3 bucket + amazon.aws.aws_s3: + bucket: "{{ artefacts_s3_bucket_name }}" + object: "{{ artefacts_s3_bucket_path }}/{{ item }}" + dest: "{{ stage }}/{{ item }}" + mode: get + overwrite: latest + loop: + - "{{ boe_software }}" + # - "{{ grid_software }}" + # - "{{ opatch }}" diff --git a/ansible/roles/onr-boe/tasks/main.yml b/ansible/roles/onr-boe/tasks/main.yml new file mode 100644 index 000000000..e38c959fc --- /dev/null +++ b/ansible/roles/onr-boe/tasks/main.yml @@ -0,0 +1,39 @@ +--- +# - import_tasks: prereqs.yml +# tags: +# - always + +# - import_tasks: users.yml +# tags: +# - amibuild +# - ec2provision +# - oracle_db_users + +- name: Set selinux to permissive mode + import_role: + name: selinux-config + vars: + selinux_state: permissive + tags: + - amibuild + - ec2provision + - oracle_db_selinux_permissive + +- import_tasks: get-facts.yml + tags: + - ec2provision + # - oracle_db_get_facts + # - oracle_db_reconfigure_has + # - oracle_db_restore_databases + +- import_tasks: download-software.yml + tags: + - amibuild + - ec2provision + # - oracle_db_get_base_software + +# - import_tasks: install-base-software.yml +# tags: +# - amibuild +# - ec2provision +# - oracle_db_install_base_software From 5b7e19d92a8c0c5938e076293be353b01edcd9fc Mon Sep 17 00:00:00 2001 From: robertsweetman Date: Fri, 5 Apr 2024 15:37:31 +0100 Subject: [PATCH 2/6] fix disks settings for rhel 6 --- ansible/group_vars/server_type_onr_boe.yml | 4 ++-- ansible/roles/onr-boe/tasks/main.yml | 24 +++++++++++----------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/ansible/group_vars/server_type_onr_boe.yml b/ansible/group_vars/server_type_onr_boe.yml index 0398b0753..1d6de2343 100644 --- a/ansible/group_vars/server_type_onr_boe.yml +++ b/ansible/group_vars/server_type_onr_boe.yml @@ -68,10 +68,10 @@ packages_yum_install: disks_mount: - ebs_device_name: /dev/sdb dir: /u01 - fstype: xfs + fstype: ext4 - ebs_device_name: /dev/sdc dir: /u02 - fstype: xfs + fstype: ext4 # - ebs_device_name: /dev/sds # dir: swap # fstype: swap diff --git a/ansible/roles/onr-boe/tasks/main.yml b/ansible/roles/onr-boe/tasks/main.yml index e38c959fc..f61c50f14 100644 --- a/ansible/roles/onr-boe/tasks/main.yml +++ b/ansible/roles/onr-boe/tasks/main.yml @@ -9,19 +9,19 @@ # - ec2provision # - oracle_db_users -- name: Set selinux to permissive mode - import_role: - name: selinux-config - vars: - selinux_state: permissive - tags: - - amibuild - - ec2provision - - oracle_db_selinux_permissive +# - name: Set selinux to permissive mode +# import_role: +# name: selinux-config +# vars: +# selinux_state: permissive +# tags: +# - amibuild +# - ec2provision +# - oracle_db_selinux_permissive -- import_tasks: get-facts.yml - tags: - - ec2provision +# - import_tasks: get-facts.yml +# tags: +# - ec2provision # - oracle_db_get_facts # - oracle_db_reconfigure_has # - oracle_db_restore_databases From ef29186e9d819b4059af56c6a8817c05bdafd239 Mon Sep 17 00:00:00 2001 From: robertsweetman Date: Mon, 8 Apr 2024 12:17:15 +0100 Subject: [PATCH 3/6] add dns_zone_internal vars --- .../environment_name_oasys_national_reporting_development.yml | 1 + .../environment_name_oasys_national_reporting_preproduction.yml | 1 + .../environment_name_oasys_national_reporting_production.yml | 1 + .../environment_name_oasys_national_reporting_test.yml | 1 + 4 files changed, 4 insertions(+) diff --git a/ansible/group_vars/environment_name_oasys_national_reporting_development.yml b/ansible/group_vars/environment_name_oasys_national_reporting_development.yml index 42e569393..1b22d2488 100644 --- a/ansible/group_vars/environment_name_oasys_national_reporting_development.yml +++ b/ansible/group_vars/environment_name_oasys_national_reporting_development.yml @@ -1,2 +1,3 @@ --- ansible_aws_ssm_bucket_name: s3-bucket20240321142315369800000001 +dns_zone_internal: oasys-national-reporting.hmpps-development.modernisation-platform.internal diff --git a/ansible/group_vars/environment_name_oasys_national_reporting_preproduction.yml b/ansible/group_vars/environment_name_oasys_national_reporting_preproduction.yml index d60d88987..299172d9d 100644 --- a/ansible/group_vars/environment_name_oasys_national_reporting_preproduction.yml +++ b/ansible/group_vars/environment_name_oasys_national_reporting_preproduction.yml @@ -1,2 +1,3 @@ --- ansible_aws_ssm_bucket_name: s3-bucket20240321144721125500000001 +dns_zone_internal: oasys-national-reporting.hmpps-preproduction.modernisation-platform.internal diff --git a/ansible/group_vars/environment_name_oasys_national_reporting_production.yml b/ansible/group_vars/environment_name_oasys_national_reporting_production.yml index 359a53329..f9b8e69e8 100644 --- a/ansible/group_vars/environment_name_oasys_national_reporting_production.yml +++ b/ansible/group_vars/environment_name_oasys_national_reporting_production.yml @@ -1,2 +1,3 @@ --- ansible_aws_ssm_bucket_name: s3-bucket20240321144737986100000001 +dns_zone_internal: oasys-national-reporting.hmpps-production.modernisation-platform.internal diff --git a/ansible/group_vars/environment_name_oasys_national_reporting_test.yml b/ansible/group_vars/environment_name_oasys_national_reporting_test.yml index 16766eee4..72a4211a8 100644 --- a/ansible/group_vars/environment_name_oasys_national_reporting_test.yml +++ b/ansible/group_vars/environment_name_oasys_national_reporting_test.yml @@ -1,2 +1,3 @@ --- ansible_aws_ssm_bucket_name: s3-bucket20240321144723303200000002 +dns_zone_internal: oasys-national-reporting.hmpps-test.modernisation-platform.internal From 15125bf5957e6cd638e088ac99b09d5fa0e111e9 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 8 Apr 2024 11:40:22 +0000 Subject: [PATCH 4/6] Commit changes made by code formatters --- ansible/group_vars/server_type_onr_boe.yml | 1 - ansible/roles/onr-boe/meta/main.yml | 2 +- ansible/roles/onr-boe/tasks/main.yml | 7 +++---- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/ansible/group_vars/server_type_onr_boe.yml b/ansible/group_vars/server_type_onr_boe.yml index 1d6de2343..98296edd2 100644 --- a/ansible/group_vars/server_type_onr_boe.yml +++ b/ansible/group_vars/server_type_onr_boe.yml @@ -75,4 +75,3 @@ disks_mount: # - ebs_device_name: /dev/sds # dir: swap # fstype: swap - diff --git a/ansible/roles/onr-boe/meta/main.yml b/ansible/roles/onr-boe/meta/main.yml index 4d8f456c6..4885d7b7e 100644 --- a/ansible/roles/onr-boe/meta/main.yml +++ b/ansible/roles/onr-boe/meta/main.yml @@ -2,5 +2,5 @@ dependencies: - role: get-ec2-facts - role: ansible-requirements -# - role: disable-ipv6 TODO: ask Craig what this is for + # - role: disable-ipv6 TODO: ask Craig what this is for - role: disable-firewall diff --git a/ansible/roles/onr-boe/tasks/main.yml b/ansible/roles/onr-boe/tasks/main.yml index f61c50f14..27504c826 100644 --- a/ansible/roles/onr-boe/tasks/main.yml +++ b/ansible/roles/onr-boe/tasks/main.yml @@ -22,16 +22,15 @@ # - import_tasks: get-facts.yml # tags: # - ec2provision - # - oracle_db_get_facts - # - oracle_db_reconfigure_has - # - oracle_db_restore_databases +# - oracle_db_get_facts +# - oracle_db_reconfigure_has +# - oracle_db_restore_databases - import_tasks: download-software.yml tags: - amibuild - ec2provision # - oracle_db_get_base_software - # - import_tasks: install-base-software.yml # tags: # - amibuild From 9cb35c68ef59f4fed8c9ffa1eac70e55c4643695 Mon Sep 17 00:00:00 2001 From: robertsweetman Date: Mon, 8 Apr 2024 12:47:11 +0100 Subject: [PATCH 5/6] remove package --- ansible/group_vars/server_type_onr_boe.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/group_vars/server_type_onr_boe.yml b/ansible/group_vars/server_type_onr_boe.yml index 98296edd2..71f60cc40 100644 --- a/ansible/group_vars/server_type_onr_boe.yml +++ b/ansible/group_vars/server_type_onr_boe.yml @@ -49,7 +49,7 @@ packages_yum_install: - libXext.x86_64 - expat.i686 - expat.x86_64 - - libxcrypt.i686 + # - libxcrypt.i686 removed from list as package is not available in RHEL 6 - libgcc.i686 - libgcc.x86_64 - libnsl.i686 From b912cf55c283e3ff0600526664219b7b5e87e7a8 Mon Sep 17 00:00:00 2001 From: robertsweetman Date: Mon, 8 Apr 2024 13:09:58 +0100 Subject: [PATCH 6/6] remove package --- ansible/group_vars/server_type_onr_boe.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/group_vars/server_type_onr_boe.yml b/ansible/group_vars/server_type_onr_boe.yml index 71f60cc40..ba39d1f20 100644 --- a/ansible/group_vars/server_type_onr_boe.yml +++ b/ansible/group_vars/server_type_onr_boe.yml @@ -52,7 +52,7 @@ packages_yum_install: # - libxcrypt.i686 removed from list as package is not available in RHEL 6 - libgcc.i686 - libgcc.x86_64 - - libnsl.i686 + # - libnsl.i686 removed from list as package is not available in RHEL 6 - libXcursor.i686 - libXcursor.x86_64 - libXrender.i686