-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit f8b081f
Showing
12 changed files
with
745 additions
and
0 deletions.
There are no files selected for viewing
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| # iac-vastcluster-ansible-demo | ||
|
|
||
| ## Requirements | ||
|
|
||
| ansible [core 2.13.6] | ||
|
|
||
| ## Hosts | ||
|
|
||
| Edit Hosts in the `./hosts` file following the `[virtual_clusters]` example, Delete if not applicable | ||
|
|
||
| ## Host Vars | ||
|
|
||
| Create a new .yml file under the host_vars dir with the same name of your newly added host in the hosts file. e.g. `example-cluster` | ||
|
|
||
| Follow the examples given in `example-cluster.yml` | ||
|
|
||
| ## Secrets | ||
|
|
||
| Encrypted variables such as passwords or api tokens can be kept in the `secrets.yml` | ||
|
|
||
| Editing File: `ansible-vault edit secrets.yml` | ||
| Example passphrase: `vastdata` | ||
|
|
||
| ## Run All Roles in Initial Playbook for a specific host | ||
|
|
||
| `ansible-playbook -i hosts initial.yml --ask-vault-pass --limit example-cluster` | ||
|
|
||
| ## Run Specific Role in Initial Playbook for a specific host | ||
|
|
||
| `ansible-playbook -i hosts initial.yml --ask-vault-pass --limit example-cluster --tags setup-protectionpolicies` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| [defaults] | ||
| roles_path = roles | ||
| collection_path = collections | ||
| stdout_callback = yaml | ||
| display_ok_hosts = true | ||
| host_key_checking = false |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| [virtual_clusters] | ||
| ### Replace <example-cluster> with the name of your VAST Data Cluster, this is case-sensitive. | ||
| ### If you are using an Ansible Host instead of locally installed Ansible software, please indicate the IP adress to that Anisble host. | ||
| sales-devvm-brett-dellandre ansible_host=127.0.0.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| - hosts: all | ||
| gather_facts: no | ||
| vars_files: | ||
| - secrets.yml | ||
| roles: | ||
| - {name: viewpolicies, tags: [setup-viewpolicies]} | ||
| - {name: views, tags: [setup-views]} | ||
| - {name: quotas, tags: [setup-quotas]} | ||
| - {name: protectionpolicies, tags: [setup-protectionpolicies]} | ||
| - {name: protectedpath, tags: [setup-protectedpath]} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,76 @@ | ||
| --- | ||
| - name: Find ID of Protection Policy | ||
| ansible.builtin.uri: | ||
| url: 'https://{{ vms_ip }}/api/protectionpolicies/' | ||
| return_content: false | ||
| method: GET | ||
| user: "{{ vast_user }}" | ||
| password: "{{ vast_pass }}" | ||
| status_code: 200 | ||
| force_basic_auth: yes | ||
| validate_certs: false | ||
| body_format: json | ||
| delegate_to: localhost | ||
| register: protectpolicyfind | ||
|
|
||
| - name: Set up Protected Path | ||
| ansible.builtin.uri: | ||
| url: 'https://{{ vms_ip }}/api/protectedpaths/' | ||
| return_content: true | ||
| method: "{{ item.method }}" | ||
| user: "{{ vast_user }}" | ||
| password: "{{ vast_pass }}" | ||
| status_code: 201, 200 | ||
| body: | ||
| name: "{{ item.name }}" | ||
| source_dir: "{{ item.source_dir }}" | ||
| protection_policy_id: "{{ protectpolicyfind.json | json_query(jmesquerypp) }}" | ||
| body_format: json | ||
| force_basic_auth: yes | ||
| validate_certs: false | ||
| delegate_to: localhost | ||
| when: item.method == "POST" | ||
| register: protectedpathcreate | ||
| ignore_errors: true | ||
| vars: | ||
| jmesquerypp: "[? name=='{{ item.protection_policy_name }}'].id | [0]" | ||
| changed_when: protectedpathcreate.status != 409 | ||
| failed_when: protectedpathcreate.status == 400 | ||
| loop: "{{ protectedpaths }}" | ||
|
|
||
| - name: Find ID of Protected Path | ||
| ansible.builtin.uri: | ||
| url: 'https://{{ vms_ip }}/api/protectedpaths/' | ||
| return_content: false | ||
| method: GET | ||
| user: "{{ vast_user }}" | ||
| password: "{{ vast_pass }}" | ||
| status_code: 200 | ||
| force_basic_auth: yes | ||
| validate_certs: false | ||
| body_format: json | ||
| delegate_to: localhost | ||
| register: protectedpathfind | ||
|
|
||
| - name: Edit Protected Path | ||
| ansible.builtin.uri: | ||
| url: 'https://{{ vms_ip }}/api/protectedpaths/{{ protectedpathfind.json | json_query(jmesquerypa) }}/' | ||
| return_content: true | ||
| method: "{{ item.method }}" | ||
| user: "{{ vast_user }}" | ||
| password: "{{ vast_pass }}" | ||
| status_code: 201, 200, 204 | ||
| body: | ||
| name: "{{ item.name }}" | ||
| body_format: json | ||
| force_basic_auth: yes | ||
| validate_certs: false | ||
| delegate_to: localhost | ||
| when: item.method != "POST" | ||
| register: protectedpathedit | ||
| ignore_errors: true | ||
| vars: | ||
| jmesquerypa: "[? name=='{{ item.name }}'].id | [0]" | ||
| changed_when: protectedpathedit.status != 409 | ||
| failed_when: protectedpathedit.status == 400 | ||
| loop: "{{ protectedpaths }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,91 @@ | ||
| --- | ||
| - name: Gather Time Facts | ||
| setup: | ||
| gather_subset: | ||
| - 'date_time' | ||
| delegate_to: localhost | ||
|
|
||
| - name: Set up Protection Policies | ||
| ansible.builtin.uri: | ||
| url: 'https://{{ vms_ip }}/api/protectionpolicies/' | ||
| return_content: true | ||
| method: "{{ item.method }}" | ||
| user: "{{ vast_user }}" | ||
| password: "{{ vast_pass }}" | ||
| status_code: 201, 200 | ||
| body: | ||
| name: "{{ item.name }}" | ||
| frames: | ||
| - | ||
| every: "{{ item.every_value }}{{ item.every_unit }}" | ||
| every_value: "{{ item.every_value }}" | ||
| every_unit: "{{ item.every_unit }}" | ||
| start-at: "{{ ansible_date_time.date }} {{ ansible_date_time.time }}" | ||
| keep-local: "{{ item.keep_local_value }}{{ item.keep_local_period }}" | ||
| keep-remote: "{{ item.keep_remote | default(omit) }}" | ||
| local-period: "{{ item.keep_local_period }}" | ||
| prefix: "{{ item.snapshot_prefix }}" | ||
| clone_type: "{{ item.clone_type|upper }}" | ||
| target_object_id: "{{ item.replication_target | default(omit) }}" | ||
| indestructible: "{{ item.indestructible }}" | ||
| body_format: json | ||
| force_basic_auth: yes | ||
| validate_certs: false | ||
| delegate_to: localhost | ||
| when: item.method == "POST" | ||
| register: protectionpolicycreate | ||
| ignore_errors: true | ||
| changed_when: protectionpolicycreate.status != 409 | ||
| failed_when: protectionpolicycreate.status == 400 | ||
| loop: "{{ protectionpolicies }}" | ||
|
|
||
| - name: Find ID of Protection Policy | ||
| block: | ||
| - name: Get ID of Protection Policy | ||
| ansible.builtin.uri: | ||
| url: 'https://{{ vms_ip }}/api/protectionpolicies/' | ||
| return_content: false | ||
| method: GET | ||
| user: "{{ vast_user }}" | ||
| password: "{{ vast_pass }}" | ||
| status_code: 200 | ||
| force_basic_auth: yes | ||
| validate_certs: false | ||
| body_format: json | ||
| delegate_to: localhost | ||
| register: protectionpolicyfind | ||
|
|
||
| - name: Edit Protection Policies | ||
| ansible.builtin.uri: | ||
| url: 'https://{{ vms_ip }}/api/protectionpolicies/{{ protectionpolicyfind.json | json_query(jmesquerypp) }}/' | ||
| return_content: true | ||
| method: "{{ item.method }}" | ||
| user: "{{ vast_user }}" | ||
| password: "{{ vast_pass }}" | ||
| status_code: 201, 200 | ||
| body: | ||
| name: "{{ item.name }}" | ||
| frames: | ||
| - | ||
| every: "{{ item.every_value }}{{ item.every_unit }}" | ||
| every_value: "{{ item.every_value }}" | ||
| every_unit: "{{ item.every_unit }}" | ||
| keep-local: "{{ item.keep_local_value }}{{ item.keep_local_period }}" | ||
| keep-remote: "{{ item.keep_remote | default(omit) }}" | ||
| local-period: "{{ item.keep_local_period }}" | ||
| prefix: "{{ item.snapshot_prefix }}" | ||
| clone_type: "{{ item.clone_type|upper }}" | ||
| target_object_id: "{{ item.replication_target | default(omit) }}" | ||
| indestructible: "{{ item.indestructible }}" | ||
| body_format: json | ||
| force_basic_auth: yes | ||
| validate_certs: false | ||
| delegate_to: localhost | ||
| when: item.method != "POST" | ||
| register: protectionpolicyedit | ||
| ignore_errors: true | ||
| vars: | ||
| jmesquerypp: "[? name=='{{ item.name }}'].id | [0]" | ||
| changed_when: protectionpolicyedit.status != 409 | ||
| failed_when: protectionpolicyedit.status == 400 | ||
| loop: "{{ protectionpolicies }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,79 @@ | ||
| --- | ||
| - name: Set up Quota | ||
| ansible.builtin.uri: | ||
| url: 'https://{{ vms_ip }}/api/quotas/' | ||
| return_content: true | ||
| method: "{{ item.method }}" | ||
| user: "{{ vast_user }}" | ||
| password: "{{ vast_pass }}" | ||
| status_code: 201, 200 | ||
| body: | ||
| name: "{{ item.name }}" | ||
| path: "{{ item.path }}" | ||
| soft_limit: "{{ item.soft_limit_capacity | human_to_bytes }}" | ||
| hard_limit: "{{ item.hard_limit_capacity | human_to_bytes }}" | ||
| soft_limit_inodes: "{{ item.soft_limit_folders }}" | ||
| hard_limit_inodes: "{{ item.hard_limit_folders }}" | ||
| enable_alarms: "{{ item.enable_alarms }}" | ||
| grace_period: "{{ item.grace_period }}" | ||
| enable_email_providers: "{{ item.enable_email_providers }}" | ||
| create_dir: "{{ item.create_dir }}" | ||
| is_user_quota: "{{ item.is_user_quota}}" | ||
| body_format: json | ||
| force_basic_auth: yes | ||
| validate_certs: false | ||
| delegate_to: localhost | ||
| when: item.method == "POST" | ||
| register: quotacreate | ||
| ignore_errors: true | ||
| changed_when: quotacreate.status != 409 | ||
| failed_when: quotacreate.status == 400 | ||
| loop: "{{ quotas }}" | ||
|
|
||
| - name: Find ID of Quota Policy | ||
| block: | ||
| - name: Get ID of Quota Policy | ||
| ansible.builtin.uri: | ||
| url: 'https://{{ vms_ip }}/api/quotas/' | ||
| return_content: false | ||
| method: GET | ||
| user: "{{ vast_user }}" | ||
| password: "{{ vast_pass }}" | ||
| status_code: 200 | ||
| force_basic_auth: yes | ||
| validate_certs: false | ||
| body_format: json | ||
| delegate_to: localhost | ||
| register: quotasfind | ||
|
|
||
| - name: Edit Quota | ||
| ansible.builtin.uri: | ||
| url: 'https://{{ vms_ip }}/api/quotas/{{ quotasfind.json | json_query(jmesqueryq) }}/' | ||
| return_content: true | ||
| method: "{{ item.method }}" | ||
| user: "{{ vast_user }}" | ||
| password: "{{ vast_pass }}" | ||
| status_code: 201, 200, 204 | ||
| body: | ||
| name: "{{ item.name }}" | ||
| path: "{{ item.path }}" | ||
| soft_limit: "{{ item.soft_limit_capacity | human_to_bytes }}" | ||
| hard_limit: "{{ item.hard_limit_capacity | human_to_bytes }}" | ||
| soft_limit_inodes: "{{ item.soft_limit_folders }}" | ||
| hard_limit_inodes: "{{ item.hard_limit_folders }}" | ||
| enable_alarms: "{{ item.enable_alarms }}" | ||
| grace_period: "{{ item.grace_period }}" | ||
| enable_email_providers: "{{ item.enable_email_providers }}" | ||
| create_dir: "{{ item.create_dir }}" | ||
| body_format: json | ||
| force_basic_auth: yes | ||
| validate_certs: false | ||
| delegate_to: localhost | ||
| when: item.method != "POST" | ||
| register: quotaedit | ||
| ignore_errors: true | ||
| vars: | ||
| jmesqueryq: "[? name=='{{ item.name }}'].id | [0]" | ||
| changed_when: quotaedit.status != 409 | ||
| failed_when: quotaedit.status == 400 | ||
| loop: "{{ quotas }}" |
Oops, something went wrong.