Implemented DCI Manager finish
This commit is contained in:
Jeroen Vermeulen
parent
dd0cb886e1
commit
4d317cb64f
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: common
|
||||
- role: talos_dci_login
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
|
||||
- debug:
|
||||
var: dci_server_info.id
|
||||
|
||||
- name: Wait for Talos port 50000
|
||||
delegate_to: "{{ talosctl_host }}"
|
||||
become: no
|
||||
ansible.builtin.wait_for:
|
||||
host: "{{ ansible_remote }}"
|
||||
port: 50000
|
||||
|
||||
- name: Call DCI Manager API to finish operation
|
||||
when: dci_server_info.operation.status == 'running'
|
||||
delegate_to: "{{ dci_manager_access_host }}"
|
||||
become: no
|
||||
ansible.builtin.uri:
|
||||
url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/dci/v3/server/{{ dci_server_info.id }}/operation_finish"
|
||||
method: POST
|
||||
headers:
|
||||
X-Xsrf-Token: "{{ dci_token }}"
|
||||
body_format: json
|
||||
body: "{}"
|
||||
register: _dci_finish
|
||||
until: _dci_server.status != 503
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
dci_manager_access_host: localhost
|
||||
dci_manager_protocol: https
|
||||
dci_manager_host: dcimanager6.snel.com
|
||||
dci_manager_port: 443
|
||||
dci_manager_bitwarden_item_name: "dcimanager6.snel.com Ansible"
|
||||
dci_manager_talos_os_template_id: 92
|
||||
|
|
@ -0,0 +1,69 @@
|
|||
---
|
||||
|
||||
- name: Check BitWarden item
|
||||
ansible.builtin.assert:
|
||||
that: "lookup('community.general.bitwarden', dci_manager_bitwarden_item_name, field='password') | first | length > 0"
|
||||
quiet: true
|
||||
|
||||
- name: Login on DCI Manager API
|
||||
delegate_to: "{{ dci_manager_access_host }}"
|
||||
become: no
|
||||
ansible.builtin.uri:
|
||||
url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/api/auth/v4/public/token"
|
||||
method: POST
|
||||
body_format: json
|
||||
return_content: true
|
||||
headers:
|
||||
Accept: application/json
|
||||
body:
|
||||
email: "{{ lookup('community.general.bitwarden', dci_manager_bitwarden_item_name, field='username') | first }}"
|
||||
password: "{{ lookup('community.general.bitwarden', dci_manager_bitwarden_item_name, field='password') | first }}"
|
||||
status_code: 201
|
||||
register: _dci_manager_login
|
||||
until: _dci_manager_login.status != 503
|
||||
|
||||
- name: Set token fact
|
||||
ansible.builtin.set_fact:
|
||||
dci_token: "{{ (_dci_manager_login.content | from_json).token }}"
|
||||
|
||||
|
||||
- name: Get TOTP code from BitWarden
|
||||
delegate_to: "localhost"
|
||||
ansible.builtin.command:
|
||||
cmd: "bw get totp '{{ dci_manager_bitwarden_item_name }}'"
|
||||
register: _totp
|
||||
changed_when: false
|
||||
|
||||
- name: Two factor authenticate DCI Manager API
|
||||
delegate_to: "{{ dci_manager_access_host }}"
|
||||
become: no
|
||||
ansible.builtin.uri:
|
||||
url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/api/auth/v4/public/token/confirm"
|
||||
method: POST
|
||||
body_format: json
|
||||
return_content: true
|
||||
headers:
|
||||
Accept: application/json
|
||||
body: "{
|
||||
\"token\": \"{{ dci_token }}\",
|
||||
\"code\": {{ _totp.stdout | int }}
|
||||
}"
|
||||
register: _dci_2fa_auth
|
||||
until: _dci_2fa_auth.status != 503
|
||||
|
||||
- name: Get all servers from DCI Manager
|
||||
delegate_to: "{{ dci_manager_access_host }}"
|
||||
become: no
|
||||
ansible.builtin.uri:
|
||||
url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/dci/v3/server"
|
||||
method: GET
|
||||
return_content: true
|
||||
headers:
|
||||
Accept: application/json
|
||||
X-Xsrf-Token: "{{ dci_token }}"
|
||||
register: _dci_server
|
||||
until: _dci_server.status != 503
|
||||
|
||||
- name: Set fact with server info from DCI Manager
|
||||
ansible.builtin.set_fact:
|
||||
dci_server_info: "{{ _dci_server.content | from_json | community.general.json_query('list[?@.ip[?@.name==`' ~ ansible_remote ~ '`]]') | first }}"
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: common
|
||||
- role: talos_dci_login
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
---
|
||||
|
||||
- debug:
|
||||
var: dci_server_info.id
|
||||
|
||||
- name: Call DCI Manager API to reinstall Talos Linux
|
||||
delegate_to: "{{ dci_manager_access_host }}"
|
||||
become: no
|
||||
ansible.builtin.uri:
|
||||
url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/dci/v3/server/{{ dci_server_info.id }}/operation_os"
|
||||
method: POST
|
||||
return_content: true
|
||||
headers:
|
||||
Accept: application/json
|
||||
X-Xsrf-Token: "{{ dci_token }}"
|
||||
body_format: json
|
||||
body:
|
||||
hdd_raid: "no_raid"
|
||||
os_template_id: "{{ dci_manager_talos_os_template_id }}"
|
||||
password: "_not_used_"
|
||||
register: _dci_finish
|
||||
until: _dci_server.status != 503
|
||||
|
||||
- debug:
|
||||
var: _dci_finish
|
||||
|
||||
- name: Wait for Talos port 50000
|
||||
delegate_to: "{{ talosctl_host }}"
|
||||
become: no
|
||||
ansible.builtin.wait_for:
|
||||
host: "{{ ansible_remote }}"
|
||||
port: 50000
|
||||
10
talos.yml
10
talos.yml
|
|
@ -1,6 +1,16 @@
|
|||
---
|
||||
# Playbook Talos Install
|
||||
|
||||
- name: Talos hardware nodes
|
||||
become: no
|
||||
gather_facts: false
|
||||
hosts:
|
||||
- talos_hardware_nodes
|
||||
roles:
|
||||
- role: talos_dci_finish
|
||||
tags:
|
||||
- talos_dci_finish
|
||||
|
||||
- name: Talos configs
|
||||
become: no
|
||||
gather_facts: false
|
||||
|
|
|
|||
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
|
||||
- name: Reinstall Talos using DCI Manager
|
||||
gather_facts: false
|
||||
hosts:
|
||||
- talos_hardware_nodes
|
||||
roles:
|
||||
- role: talos_dci_reinstall
|
||||
Loading…
Reference in New Issue