+++ /dev/null
-rook-recovery
-==========
-
-This role is used to deploy the rook jenkins instance in the rook CI aws vpc, The deployed instance will have two ebs volumes where the jobs and the jobs configuration data is located
-
-Notes
-+++++
-In order to make him available the to public network once the instance is deployed you will need to add him to the load balancing target group under the rook ci vpc
+++ /dev/null
----
-dependencies:
- - role: secrets
+++ /dev/null
----
- - name: Include secrets
- include_vars: "{{ secrets_path | mandatory }}/aws.yaml"
- no_log: true
- tags:
- - always
-
- - import_tasks: master-update.yml
- tags:
- - master-update
-
- - name: Launch instance
- ec2:
- aws_access_key: "{{ aws_access_key }}"
- aws_secret_key: "{{ aws_secret_key }}"
- key_name: "{{ keypair }}"
- group: "{{ security_group }}"
- instance_type: "{{ master_instance_type }}"
- image: "{{ image }}"
- wait: true
- region: "{{ region }}"
- vpc_subnet_id: "{{ vpc_subnet_id }}"
- assign_public_ip: yes
- instance_tags: "{{ aws_tags }}"
- wait: yes
- register: ec2_instances
-
- - name: print ec2 facts
- debug:
- var: ec2_instances
-
- - name: Set name tag for AWS instance
- ec2_tag:
- aws_access_key: "{{ aws_access_key }}"
- aws_secret_key: "{{ aws_secret_key }}"
- region: "{{ region }}"
- resource: "{{ item.1.id }}"
- tags:
- Name: "{{ aws_tags.Name }}-{{ '%02d' | format(item.0 + 1) }}"
- with_indexed_items: "{{ ec2_instances.instances }}"
- loop_control:
- label: "{{ item.1.id }} - {{ aws_tags.Name }}-{{ '%02d' | format(item.0 + 1) }}"
-
- - name: Wait for SSH to come up
- wait_for: host={{ item.public_ip }} port=22 delay=60 timeout=320 state=started
- with_items: '{{ ec2_instances.instances }}'
- loop_control:
- label: "{{ item.id }} - {{ item.public_ip }}"
-
- - name: Remove jenkins docker old container
- command: ssh -i "{{ rook_key }}" ubuntu@"{{ item.public_ip }}" sudo docker rm jenkins
- with_items: '{{ ec2_instances.instances }}'
- loop_control:
- label: "{{ item.id }} - {{ item.public_ip }}"
-
- - name: Start jenkins container
- command: ssh -i "{{ rook_key }}" ubuntu@"{{ item.public_ip }}" sudo docker run -d --name jenkins -p 8080:8080 -p 50000:50000 -v /mnt/jenkins/jenkins:/var/jenkins_home "{{ jenkins_master_image }}"
- with_items: '{{ ec2_instances.instances }}'
- loop_control:
- label: "{{ item.id }} - {{ item.public_ip }}"
-
- - name: The instance was succssfuly started
- debug:
- msg:
- - "The Rook Jenkins is up and running the instance is named: {{ aws_tags.Name }}-{{ '%02d' | format(item.0 + 1) }}"
- - "In order to make him avalible to public network you will need to add him to the load balancing target group"
- with_indexed_items: "{{ ec2_instances.instances }}"
- loop_control:
- label: "{{ item.1.id }} - {{ aws_tags.Name }}-{{ '%02d' | format(item.0 + 1) }}"
-
+++ /dev/null
----
- - name: Gather facts
- ec2_instance_facts:
- filters:
- "tag:Name": "{{ master_name }}"
- instance-state-name: running
- register: master_metadata
-
- - name: create date
- shell: "date +%d-%m-%y"
- register: date
-
- - name: Take a image of the master
- ec2_ami:
- aws_access_key: "{{ aws_access_key }}"
- aws_secret_key: "{{ aws_secret_key }}"
- instance_id: "{{ master_metadata.instances[0].instance_id }}"
- no_reboot: yes
- wait: yes
- name: "{{ master_name }}-{{ date.stdout }}"
- tags:
- Name: "{{ master_name }}-{{ date.stdout }}"
-
- - name: Update apt cache
- command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo apt-get update
-
- - name: Update packages
- command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo apt-get upgrade -y
-
- - name: Check if system requires reboot
- command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" [ -f /var/run/reboot-required ]; echo $?
- register: reboot
-
- - name: Reboot if required
- command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo reboot
- ignore_errors: yes
- when: reboot.stdout == '0'
-
- - name: Wait for SSH to come up
- wait_for: host={{ master_metadata.instances[0].public_dns_name }} port=22 delay=60 timeout=320 state=started
- when: reboot.stdout == '0'
-
- - name: Check if old container exist
- command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" docker ps -a | grep -i jenkins | wc -l
- register: container
- when: reboot.stdout == '0'
-
- - name: Remove jenkins old container if exist
- command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo docker rm jenkins
- when:
- - container.stdout == '1'
- - reboot.stdout == '0'
-
- - name: Start jenkins container
- command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo docker run -d --name jenkins -p 8080:8080 -p 50000:50000 -v /mnt/jenkins/jenkins:/var/jenkins_home "{{ jenkins_master_image }}"
- when: reboot.stdout == '0'
+++ /dev/null
----
-jenkins_master_image: jenkins/jenkins:2.235.5
-keypair: root-jenkins-new-key
-master_instance_type: m4.large
-security_group: rook-jenkins-group
-image: ami-09c003703cafa9056
-region: us-east-1
-vpc_subnet_id: subnet-c72b609b
-instance_name: Recovery-Rook-Jenkins
-aws_tags:
- Name: "{{ instance_name }}"
- Application: "Jenkins"
-master_name: Prod-Jenkins
-rook_key: "{{ secrets_path | mandatory }}/rook_key.yml"
--- /dev/null
+Rook
+====
+
+This role is used for updating and recovering the rook jenkins in the rook ci Virtual Private Cloud (VPC).
+
+The functions in this role are:
+
+**rook-jenkins-update:** For updating rook jenkins version to the version defined in the "jenkins_master_image" variable
+
+**rook-os-update:** For updating rook jenkins OS packages
+
+**rook-recovery:** For recovering the Prod-jenkins instance from the image defined in the "image" variable in a case that the instance was deleted or crashed
+
+Usage
++++++
+
+The rook role is used by the ``rook.yml`` playbook. Run this playbook with one of the optional **Tags** listed in the tags section to upgrade rook jenkins OS packages/recover it from an image or update the rook jenkins app.
+
+**Pre-requisites:** Before running ``rook.yml`` make sure your IP address has ssh access to the VPC. This is configured in the `AWS dashboard`_ under the "rook-jenkins-group" security group inbound rules.
+
+- The Rook-Recovery Playbook is used for deploying rook jenkins from an image in case of a crash/corruption:
+ - Run the playbook with the ``rook-recovery`` tag, then you will need to make the newly created instance available to the public network as explained in the next step.
+
+ - Once the instance is deployed, now add the deployed instance to the load balancing target group named "jenkins-rook-new" so that it will be available to the public network.
+
+- AWS dashboard access
+ Access details to the AWS dashboard can be found in here_ (Red Hat VPN Access required)
+
+**NOTE:** ``rook.yml`` Is currently using only localhost and not any host from the inventory. This is because the ``rook-recovery`` play deploys and configures the rook jenkins during his run.
+
+Examples
+++++++++
+
+Updating the rook jenkins app to version 2.289.1::
+
+ ansible-playbook rook.yml --tags="rook-jenkins-update" --extra-vars="jenkins_master_image=jenkins/jenkins:2.289.1"
+
+Updating the rook jenkins OS packages::
+
+ ansible-playbook rook.yml --tags="rook-os-update"
+
+Variables
++++++++++
+
+Available variables are listed below These overrides are included by ``tasks/vars.yml``.
+
+The rook jenkins version::
+
+ jenkins_master_image: jenkins/jenkins:2.289.1
+
+The rook jenkins ssh keyi-pair defined in the aws dashboard::
+
+ keypair: root-jenkins-new-key
+
+The rook jenkins instance type::
+
+ master_instance_type: m4.large
+
+The rook jenkins instance aws security group::
+
+ security_group: rook-jenkins-group
+
+The rook jenkins instance aws region::
+
+ region: us-east-1
+
+The rook jenkins instance aws vpc subnet id::
+
+ vpc_subnet_id: subnet-c72b609b
+
+The rook jenkins image is the backup image used for creating the recovery instance of rook jenkins::
+
+ image: ami-0aaf5dbaa4cbe5771
+
+The rook jenkins instance name, used by the rook-recovery play when creating the instance from image::
+
+ instance_name: Recovery-Rook-Jenkins
+
+A list of the rook jenkins aws instance tags, used by the rook-recovery play when creating the instance from image::
+
+ aws_tags:
+ Name: "{{ instance_name }}"
+ Application: "Jenkins"
+
+The rook jenkins running aws instance name::
+
+ master_name: Prod-Jenkins
+
+The rook jenkins instance ssh key::
+
+ rook_key: "{{ secrets_path | mandatory }}/rook_key.yml"
+
+Tags
+++++
+
+Available tags are listed below:
+
+- rook-jenkins-update
+ Update the rook jenkins app to the version defined in the "jenkins_master_image" variable.
+
+- rook-os-update
+ Update the rook jenkins OS packages.
+
+- rook-recovery
+ Recover the rook jenkins instance from the image defined in "image" variable.
+
+Dependencies
+++++++++++++
+
+This role depends on the following roles:
+
+- secrets
+ Provides a var, ``secrets_path``, containing the path of the secrets repository.
+
+ .. _AWS dashboard: https://console.aws.amazon.com/ec2/v2/home?region=us-east-1#Home:
+ .. _here: http://wiki.ceph.redhat.com/dokuwiki/doku.php?id=rook_aws_account
--- /dev/null
+---
+dependencies:
+ - role: secrets
--- /dev/null
+---
+- name: Include secrets
+ include_vars: "{{ secrets_path | mandatory }}/aws.yaml"
+ no_log: true
+ tags:
+ - always
+
+- import_tasks: rook-jenkins-update.yml
+ tags:
+ - rook-jenkins-update
+
+- import_tasks: rook-os-update.yml
+ tags:
+ - rook-os-update
+
+- import_tasks: rook-recovery.yml
+ tags:
+ - rook-recovery
--- /dev/null
+---
+- name: Gather facts
+ ec2_instance_facts:
+ filters:
+ "tag:Name": "{{ master_name }}"
+ instance-state-name: running
+ register: master_metadata
+
+- name: Take a backup image of the Prod-jenkins instance
+ ec2_ami:
+ aws_access_key: "{{ aws_access_key }}"
+ aws_secret_key: "{{ aws_secret_key }}"
+ instance_id: "{{ master_metadata.instances[0].instance_id }}"
+ no_reboot: yes
+ wait: yes
+ wait_timeout: 3000
+ name: "{{ master_name }}-{{ ansible_date_time.date }}"
+ tags:
+ Name: "{{ master_name }}-{{ ansible_date_time.date }}"
+
+- name: Check if container is running
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" docker ps -a | grep -i jenkins | wc -l
+ register: container
+
+- name: Kill the jenkins container
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo docker kill jenkins
+ when: container.stdout == '1'
+
+- name: Remove the jenkins container
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo docker rm jenkins
+ when: container.stdout == '1'
+
+- name: Start the new jenkins container with the new LTS version
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo docker run -d --name jenkins -p 8080:8080 -p 50000:50000 -v /mnt/jenkins/jenkins:/var/jenkins_home "{{ jenkins_master_image }}"
--- /dev/null
+---
+- name: Gather facts
+ ec2_instance_facts:
+ filters:
+ "tag:Name": "{{ master_name }}"
+ instance-state-name: running
+ register: master_metadata
+
+- name: Take a image of the master
+ ec2_ami:
+ aws_access_key: "{{ aws_access_key }}"
+ aws_secret_key: "{{ aws_secret_key }}"
+ instance_id: "{{ master_metadata.instances[0].instance_id }}"
+ no_reboot: yes
+ wait: yes
+ wait_timeout: 3000
+ name: "{{ master_name }}-{{ ansible_date_time.date }}"
+ tags:
+ Name: "{{ master_name }}-{{ ansible_date_time.date }}"
+
+- name: Update apt cache
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo apt-get update
+
+- name: Update packages
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo apt-get upgrade -y
+
+- name: Check if system requires reboot
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" [ -f /var/run/reboot-required ]; echo $?
+ register: reboot
+
+- name: Reboot if required
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo reboot
+ ignore_errors: yes
+ when: reboot.stdout == '0'
+
+- name: Wait for SSH to come up
+ wait_for: host={{ master_metadata.instances[0].public_dns_name }} port=22 delay=60 timeout=320 state=started
+ when: reboot.stdout == '0'
+
+- name: Check if old container exist
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" docker ps -a | grep -i jenkins | wc -l
+ register: container
+
+- name: Remove jenkins old container if exist
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo docker rm jenkins
+ when:
+ - container.stdout == '1'
+ - reboot.stdout == '0'
+
+- name: Start jenkins container
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ master_metadata.instances[0].public_dns_name }}" sudo docker run -d --name jenkins -p 8080:8080 -p 50000:50000 -v /mnt/jenkins/jenkins:/var/jenkins_home "{{ jenkins_master_image }}"
+ when:
+ - container.stdout == '1'
+ - reboot.stdout == '0'
--- /dev/null
+---
+- name: Launch instance
+ ec2:
+ aws_access_key: "{{ aws_access_key }}"
+ aws_secret_key: "{{ aws_secret_key }}"
+ key_name: "{{ keypair }}"
+ group: "{{ security_group }}"
+ instance_type: "{{ master_instance_type }}"
+ image: "{{ image }}"
+ wait: true
+ region: "{{ region }}"
+ vpc_subnet_id: "{{ vpc_subnet_id }}"
+ assign_public_ip: yes
+ instance_tags: "{{ aws_tags }}"
+ wait: yes
+ register: ec2_instances
+
+- name: print ec2 facts
+ debug:
+ var: ec2_instances
+
+- name: Set name tag for AWS instance
+ ec2_tag:
+ aws_access_key: "{{ aws_access_key }}"
+ aws_secret_key: "{{ aws_secret_key }}"
+ region: "{{ region }}"
+ resource: "{{ item.1.id }}"
+ tags:
+ Name: "{{ aws_tags.Name }}-{{ '%02d' | format(item.0 + 1) }}"
+ with_indexed_items: "{{ ec2_instances.instances }}"
+ loop_control:
+ label: "{{ item.1.id }} - {{ aws_tags.Name }}-{{ '%02d' | format(item.0 + 1) }}"
+
+- name: Wait for SSH to come up
+ wait_for: host={{ item.public_ip }} port=22 delay=60 timeout=320 state=started
+ with_items: '{{ ec2_instances.instances }}'
+ loop_control:
+ label: "{{ item.id }} - {{ item.public_ip }}"
+
+- name: Remove jenkins docker old container
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ item.public_ip }}" sudo docker rm jenkins
+ with_items: '{{ ec2_instances.instances }}'
+ loop_control:
+ label: "{{ item.id }} - {{ item.public_ip }}"
+
+- name: Start jenkins container
+ command: ssh -i "{{ rook_key }}" ubuntu@"{{ item.public_ip }}" sudo docker run -d --name jenkins -p 8080:8080 -p 50000:50000 -v /mnt/jenkins/jenkins:/var/jenkins_home "{{ jenkins_master_image }}"
+ with_items: '{{ ec2_instances.instances }}'
+ loop_control:
+ label: "{{ item.id }} - {{ item.public_ip }}"
+
+- name: The instance was succssfuly started
+ debug:
+ msg:
+ - "The Rook Jenkins is up and running the instance is named: {{ aws_tags.Name }}-{{ '%02d' | format(item.0 + 1) }}"
+ - "In order to make him avalible to public network you will need to add him to the load balancing target group"
+ with_indexed_items: "{{ ec2_instances.instances }}"
+ loop_control:
+ label: "{{ item.1.id }} - {{ aws_tags.Name }}-{{ '%02d' | format(item.0 + 1) }}"
--- /dev/null
+---
+jenkins_master_image: jenkins/jenkins:2.289.1
+keypair: root-jenkins-new-key
+master_instance_type: m4.large
+security_group: rook-jenkins-group
+image: ami-0aaf5dbaa4cbe5771
+region: us-east-1
+vpc_subnet_id: subnet-c72b609b
+instance_name: Recovery-Rook-Jenkins
+aws_tags:
+ Name: "{{ instance_name }}"
+ Application: "Jenkins"
+master_name: Prod-Jenkins
+rook_key: "{{ secrets_path | mandatory }}/rook_key.yml"
+++ /dev/null
----
-- hosts: localhost
- gather_facts: False
- roles:
- - rook-recovery
--- /dev/null
+---
+- hosts: localhost
+ gather_facts: True
+ roles:
+ - rook
projects / ceph-cm-ansible.git / commitdiff