diff --git a/.gitignore b/.gitignore index 94cddc5..2157f1a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ *.inv .vagrant -.git \ No newline at end of file +.git +*.pdf \ No newline at end of file diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9aab41f..a744dbf 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,6 +1,6 @@ # Contributing to ansible-satellite -Feel free to contribute to the source code. This set of Ansible plays was contibuted by **Stephen Clayton** _[stephenpc@gmail.com](mailto:stephenpc@gmail.com)_. +Feel free to contribute to the source code. Contributors --- @@ -8,3 +8,4 @@ Contributors - [stephenpc](https://github.com/stephenpc) - [defionscode](https://github.com/defionscode) - [stenwt](https://github.com/stenwt) +- [psehgaft](https://github.com/psehgaft) diff --git a/README.md b/README.md index 62deb4a..516fb20 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,17 @@ -# ansible-satellite | Satellite 6.1.x Orchestration +# ansible-satellite | Satellite 6.12.x Orchestration -### Install and configure Satellite 6.1.x on Red Hat Enterprise Linux 6.x and 7.x. This collection can also be used to set up Satellite on AWS. +### Install and configure Satellite 6.12.x on Red Hat Enterprise Linux 6.x and 7.x. This collection can also be used to set up Satellite on AWS. -Fundamental steps are based on the process outlined at the [Satellite 6.1 Installation Guide on the Red Hat Customer Portal](https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/6.1/html/Installation_Guide/index.html). +Fundamental steps are based on the process outlined at the [Satellite 6.1 Installation Guide on the Red Hat Customer Portal](https://access.redhat.com/documentation/en-us/red_hat_satellite/6.12/html-single/installing_satellite_server_in_a_connected_network_environment/index). -At the last revision of this document, the current stable version of Satellite is 6.1.8. +At the last revision of this document, the current stable version of Satellite is 6.7 Reference [standup.yml](standup.yml), which is the installation playbook, to see an example of how the playbooks may be structured, or take a look at any of the listed playbooks below. ### **ansible-satellite roles:** _The following roles are called by several playbooks to orchestrate tasks on the Satellite server. Please review the playbooks to see how these come together to work._ +1. [satellite-clients](#create-clients-tools-for-register) 1. [satellite-auth](#satellite-authentication-satellite-auth) 1. [satellite-content](#satellite-content-satellite-content) 1. [satellite-install](#satellite-installation-satellite-install) @@ -39,6 +40,71 @@ _These scripts are written to aid in refreshing subscriptions on all the hosts, 1. [bash-refresh_subscriptions.sh](#bash-refresh_subscriptionssh) 1. [bash-recreate_subscriptions.sh](#bash-recreate_subscriptionssh) +### Configure Playbook +Copy the inventory.template file and fill it out with information for your infrastructure. Add systems to [nodes] for hosts you want tasks to run on. + +or create a current host inventory on */goup_vars/inventorycontent.yml* + +```inventorycontext.yml +[satellite] +satellite.example.com + +[old_satellite] +satellite.example.com + +[puppet_master] +satellite.example.com + +[puppet_ca] +satellite.example.com + +[6RedHatEnterpriseServer:vars] +activationkey='server,6epel' + +[7RedHatEnterpriseServec:vars] +activationkey='workstation,6epel' + +[nodes] +node1.example.com activationkey= organization= +node2.example.com activationkey= organization= + +[satellite] +satellite.example.com + +[old_satellite] +satellite.example.com + +#[nodes] +# host.example.com organization=EXAMPLE activationkey=rhel_activation_key" +``` +Use activation keys to register the hosts so make sure your activation keys are set up in satellite before running. + +#Running + +Enable the satellite settings create_new_host_when_facts_are_uploaded and create_new_host_when_report_is_uploaded to have hosts automatically created after puppet runs. You should also enable a default_location and default_organization in satellite. These settings are all under the puppet tab. + +To run on all of your nodes (defined in hosts) make sure you update the activationkey variables (in hosts) and then use. + +`ansible-playbook -i inventorycontext.yml satellite-playbook.yaml` + +Add `-k` (ssh) or `-K` (sudo) if you need password prompts. + +You can also run just the puppet registration tasks with + +`ansible-playbook -i inventorycontext.yml satellite-playbook.yaml --tags puppet` + +After the tasks complete you should have new unmanaged hosts in satellite. Edit the host and add any configuration you need (host groups, network, puppet). Unfortunately, I could not find a way to automate those steps yet. Your best bet is probably [hammer](https://github.com/theforeman/hammer-cli). + +Once the hosts have been moved you may need to reinstall the katello-agent. Do that with `ansible all -i hosts -m yum -a "state=absent name=katello-agent"` and then `ansible all -i hosts -m yum -a "state=present name=katello-agent"` + +NOTE: For create a Satellite inventory from de old-satellite in a Satellite migration you need to use: + +`ansible-playbook -i inventorycontext.yml create_inventory.yml` + +For resubscribe nodes in a new satellite based in your inventory context elments + +`ansible-playbook -i inventorycontext.yml satellite_re_subscribe.yml` + --- # Roles @@ -46,14 +112,14 @@ _These scripts are written to aid in refreshing subscriptions on all the hosts, ## Satellite Authentication (**satellite-auth**) _This role sets up the Satellite Server with authenticated local users, or ties it into a central LDAP server for authentication._ -Invoke the role in the following way. Please note the configuration values specified in [roles/satellite-auth/vars/main.yml](roles/satellite-auth/vars/main.yml), [all.yml](group_vars/all.yml) and [secrets.yml](group_vars/secrets.yml). +Invoke the role in the following way. Please note the configuration values specified in [roles/satellite-auth/vars/main.yml](roles/satellite-auth/vars/main.yml), [satellite.yml](group_vars/satellite.yml) and [secrets.yml](group_vars/secrets.yml). ```yaml --- - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: yes # satellite-auth | Define users and assign them roles @@ -63,17 +129,34 @@ Invoke the role in the following way. Please note the configuration values speci # ldap_refresh: yes ``` +## Ansible Satellite Clients (**satellite-clients**) +_This role include tools for subscribe and unsubscribe nodes on your satellite. + +nvoke the role/tasks in the following way. Please note the configuration values specified in [roles/satellite-content/vars/main.yml](roles/satellite-content/vars/main.yml), [satellite.yml](group_vars/satellite.yml) and [secrets.yml](group_vars/secrets.yml). + +```yaml +--- +- hosts: satellite6-server-prod + become: yes + vars_files: + - group_vars/satellite.yml + - group_vars/secrets.yml + gather_facts: yes + tasks: + - include_tasks: ./roles/satellite-clients/tasks/[task].yml +``` + ## Satellite Content (**satellite-content**) _This role creates lifecycle environments on the Satellite Server, creates content views and filters them, then sets up activation keys pointing to each, and a release version with wich to activate RHEL systems._ -Invoke the role in the following way. Please note the configuration values specified in [roles/satellite-content/vars/main.yml](roles/satellite-content/vars/main.yml), [all.yml](group_vars/all.yml) and [secrets.yml](group_vars/secrets.yml). +Invoke the role in the following way. Please note the configuration values specified in [roles/satellite-content/vars/main.yml](roles/satellite-content/vars/main.yml), [satellite.yml](group_vars/satellite.yml) and [secrets.yml](group_vars/secrets.yml). ```yaml --- - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: yes roles: @@ -83,14 +166,14 @@ Invoke the role in the following way. Please note the configuration values speci ## Satellite Installation (**satellite-install**) _This role installs Satellite to a RHEL host._ -Invoke the role in the following way. Please note the configuration values specified in [roles/satellite-install/vars/main.yml](roles/satellite-install/vars/main.yml), [all.yml](group_vars/all.yml) and [secrets.yml](group_vars/secrets.yml). +Invoke the role in the following way. Please note the configuration values specified in [roles/satellite-install/vars/main.yml](roles/satellite-install/vars/main.yml), [satellite.yml](group_vars/satellite.yml) and [secrets.yml](group_vars/secrets.yml). ```yaml --- - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: yes # satellite-install | Install Satellite 6 to a host @@ -101,7 +184,7 @@ Invoke the role in the following way. Please note the configuration values speci ## Satellite Maintenance Tasks (**satellite-maintenance**) _This role covers several items with regard to maintaining the security of the Satellite server, such as SSL configuration. It also provides orchestration of rpm content to the Satellite server, so that it can be made available to hosts on a regular basis. It leverages some variables from the **satellite-content** role as well._ -Invoke the role in the following way. Please note the configuration values specified in [satellite-maintenance/vars/main.yml](roles/satellite-maintenance/vars/main.yml), [satellite-content/vars/main.yml](roles/satellite-content/vars/main.yml), [all.yml](group_vars/all.yml) and [secrets.yml](group_vars/secrets.yml). +Invoke the role in the following way. Please note the configuration values specified in [satellite-maintenance/vars/main.yml](roles/satellite-maintenance/vars/main.yml), [satellite-content/vars/main.yml](roles/satellite-content/vars/main.yml), [satellite.yml](group_vars/satellite.yml) and [secrets.yml](group_vars/secrets.yml). ```yaml --- @@ -120,14 +203,14 @@ Invoke the role in the following way. Please note the configuration values speci ## Amazon Route53 DNS Registration (**satellite-route53**) _This role adds an entry into Amazon Route53 DNS for the Satellite server._ -Invoke the role in the following way. Please note the configuration values specified in [all.yml](group_vars/all.yml). +Invoke the role in the following way. Please note the configuration values specified in [satellite.yml](group_vars/satellite.yml). ```yaml --- - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: yes roles: @@ -139,14 +222,14 @@ Invoke the role in the following way. Please note the configuration values speci ## Satellite Self-Subscription (**satellite-selfsubscribe**) _This roles subscribes the Satellite server to itself. It pauses for a period to allow someone to update the Satellite server manifest at the **Red Hat Customer Portal > Subscription Management > [Subscription Management Applications](https://access.redhat.com/management/distributors?type=satellite) > Satellite**, and will then continue to set Satellite up to receive content filtered in the same way as other systems._ -Invoke the role in the following way. Please note the configuration values specified in [roles/satellite-selfsubscribe/vars/main.yml](roles/satellite-selfsubscribe/vars/main.yml), [all.yml](group_vars/all.yml) and [secrets.yml](group_vars/secrets.yml). +Invoke the role in the following way. Please note the configuration values specified in [roles/satellite-selfsubscribe/vars/main.yml](roles/satellite-selfsubscribe/vars/main.yml), [satellite.yml](group_vars/satellite.yml) and [secrets.yml](group_vars/secrets.yml). ```yaml --- - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: yes roles: @@ -165,14 +248,14 @@ Note: A manifest can been created and included as part of this playbook. It can ## Satellite Setup (**satellite-setup**) _This role ties the Satellite server to Red Hat using the manifest mentioned above, activates products, repositories, and also brings in Docker images from the Red Hat Registry, along with 3rd party and custom repositories for your own generated RPM content._ -Invoke the role in the following way. Please note the configuration values specified in [roles/satellite-setup/vars/main.yml](roles/satellite-setup/vars/main.yml), [all.yml](group_vars/all.yml) and [secrets.yml](group_vars/secrets.yml) +Invoke the role in the following way. Please note the configuration values specified in [roles/satellite-setup/vars/main.yml](roles/satellite-setup/vars/main.yml), [satellite.yml](group_vars/satellite.yml) and [secrets.yml](group_vars/secrets.yml) ```yaml --- - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: yes roles: @@ -182,7 +265,7 @@ Invoke the role in the following way. Please note the configuration values speci ## Satellite In-Place Upgrade (**satellite-upgrade**) _This role performs an in-place upgrade of Satellite 6.1 to the current 6.1.x release._ -Invoke the role in the following way. Please note the configuration values specified in [all.yml](group_vars/all.yml). +Invoke the role in the following way. Please note the configuration values specified in [satellite.yml](group_vars/satellite.yml). ```yaml --- diff --git a/ansible-datellite.tar b/ansible-datellite.tar new file mode 100644 index 0000000..516a73b Binary files /dev/null and b/ansible-datellite.tar differ diff --git a/create_inventory.yml b/create_inventory.yml new file mode 100644 index 0000000..8d5451f --- /dev/null +++ b/create_inventory.yml @@ -0,0 +1,84 @@ +--- +# ansible-satellite | Satellite 6.x Orchestration +- hosts: old_satellite + become: yes + vars_files: + - group_vars/satellite.yml + - group_vars/secrets.yml + gather_facts: no + + tasks: + - set_fact: + inventory_content: [] + + - name: ":::: Get organizations ::::" + import_tasks: ./roles/satellite-content/tasks/get_orgs.yml + + - name: ":::: Create content inventory ::::" + include_tasks: ./roles/satellite-content/tasks/create_content_inventory.yml + with_items: "{{ organizations_list }}" + vars: + node: + organization: "{{ item }}" + + - set_fact: + inventory_satellite: "{{ inventory_content }}" + inventory_content: [] + + - name: ":::: Get list of all activation keys ::::" + include_tasks: ./roles/satellite-content/tasks/get_activation_keys_for_org.yml + with_items: "{{ inventory_satellite }}" + vars: + organization: "{{ item.organization }}" + + - set_fact: + inventory_satellite: "{{ inventory_content }}" + inventory_content: [] + + - name: ":::: Get Host and Key subscriptions ::::" + include_tasks: ./roles/satellite-content/tasks/get_nodes_for_keys.yml + with_items: "{{ inventory_satellite }}" + vars: + organization: "{{ item.organization }}" + activation_key: "{{ item.activationkey }}" + + - set_fact: + inventory_satellite: "{{ inventory_content }}" + inventory_content: [] + + - name: ":::: Create content inventory file ::::" + include_tasks: ./roles/satellite-content/tasks/create_content_inventory_file.yml + vars: + inventory_content: "{{ inventory_satellite }}" + with_items: "{{ inventory_satellite }}" + +- hosts: localhost + become: yes + vars_files: + - group_vars/satellite.yml + - group_vars/secrets.yml + - group_vars/inventory_content.yml + gather_facts: yes + + tasks: + + # create dynamic groups to define variables + - group_by: + key: "{{ ansible_distribution }}-{{ ansible_distribution_version | truncate(1, True, '') }}" + + - set_fact: + ak: "{{ ansible_distribution }}-{{ ansible_distribution_version | truncate(1, True, '') }}" + + - name: ":::: Get repos for host ::::" + include_tasks: roles/satellite-clients/tasks/client_get_enable_repos.yml + + - name: ":::: Unregister host ::::" + include_tasks: ./roles/satellite-clients/tasks/client_unsubscribe.yml + vars: + satellite: "{{ groups['old_satellite'][0] }}" + + - name: ":::: Register host ::::" + include_tasks: ./roles/satellite-clients/tasks/client_unsubscribe.yml + vars: + satellite: "{{ groups['satellite'][0] }}" + activationkey: "{{ groups[ak] }}" diff --git a/ec2_content_hosts_cleanup.yml b/ec2_content_hosts_cleanup.yml index 34c6f2e..8774e28 100644 --- a/ec2_content_hosts_cleanup.yml +++ b/ec2_content_hosts_cleanup.yml @@ -14,7 +14,7 @@ prompt: "Enter your username. (Required, defaults to admin)" default: "admin" private: no - - name: "sat_admin_password" + - name: "rhn_pass" prompt: "Enter your password. (Required)" private: yes - name: "satellite_organization_id" @@ -33,7 +33,7 @@ body_format: json method: GET user: "{{ sat_admin_user }}" - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201 ] url: "https://{{ satellite_server }}/katello/api/systems?organization_id={{ satellite_organization_id | default(1) }}&per_page=5000" validate_certs: no @@ -52,7 +52,7 @@ body_format: json method: DELETE user: "{{ sat_admin_user }}" - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201, 204 ] url: "https://{{ satellite_server }}/katello/api/systems/{{ item.uuid }}" validate_certs: no diff --git a/ec2_content_hosts_report.yml b/ec2_content_hosts_report.yml index 439f7fe..a007109 100644 --- a/ec2_content_hosts_report.yml +++ b/ec2_content_hosts_report.yml @@ -14,7 +14,7 @@ prompt: "Enter your username. (Required, defaults to admin)" default: "admin" private: no - - name: "sat_admin_password" + - name: "rhn_pass" prompt: "Enter your password. (Required)" private: yes - name: "satellite_organization_id" @@ -33,7 +33,7 @@ body_format: json method: GET user: "{{ sat_admin_user }}" - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201 ] url: "https://{{ satellite_server }}/katello/api/systems?organization_id={{ satellite_organization_id | default(1) }}&per_page=5000" validate_certs: no diff --git a/group_vars/inventory.template b/group_vars/inventory.template new file mode 100644 index 0000000..eaafbb4 --- /dev/null +++ b/group_vars/inventory.template @@ -0,0 +1,8 @@ +[satellite] +satellite.example.com + +[old_satellite] +satellite.example.com + +[nodes] +# host.example.com organization=EXAMPLE activationkey=rhel_activation_key" \ No newline at end of file diff --git a/group_vars/inventory_content.yml b/group_vars/inventory_content.yml new file mode 100644 index 0000000..e69de29 diff --git a/group_vars/inventorycontent.yml b/group_vars/inventorycontent.yml new file mode 100644 index 0000000..1864469 --- /dev/null +++ b/group_vars/inventorycontent.yml @@ -0,0 +1,7 @@ +[satellite] +satellite.example.com + +[old_satellite] +satellite.example.com + +[nodes] diff --git a/group_vars/all.yml b/group_vars/satellite.yml similarity index 69% rename from group_vars/all.yml rename to group_vars/satellite.yml index a31ef9c..ee8abba 100644 --- a/group_vars/all.yml +++ b/group_vars/satellite.yml @@ -1,19 +1,19 @@ --- # ansible-satellite group vars - -initial_org: "Your Organization" -initial_loc: "Your Location" -initial_user: "admin" -sat_admin_email: "some-admin-user@yourdomain.com" -sat_admin_firstname: "Admin" -sat_admin_lastname: "User" +initial_loc: "" +initial_user: "" +sat_admin_email: "" +sat_admin_firstname: "" +sat_admin_lastname: "" # Place the file with this name in the roles/satellite-setup/files folder sat_manifest: "manifest.zip" -sat_domain: "yourdomain.com" -sat_hostname: "satellite" -satellite_server: "satellite.yourdomain.com" +sat_domain: "lnx.demo.rd" +sat_hostname: "rhs" +satellite_server: "{{ sat_hostname }}.{{ sat_domain }}" +org_id: 1 +path_vars: /home/mahernan/workspace/ansible-satellite/group_vars/ #slack_token: "SOME-SUPER-LONG-SLACK-TOKEN-HERE" #slack_user: "SLACK-USERNAME" @@ -35,4 +35,6 @@ satellite_server: "satellite.yourdomain.com" # Go through self-subscription process # self_subscribe_key: "satellite_key-ak" -# satellite_product_sku: "SOME-RH-SKU" \ No newline at end of file +# satellite_product_sku: "SOME-RH-SKU" + + diff --git a/group_vars/secrets.yml b/group_vars/secrets.yml index 6fa9f53..3d80578 100644 --- a/group_vars/secrets.yml +++ b/group_vars/secrets.yml @@ -4,10 +4,14 @@ # EXAMPLE: # ansible-vault encrypt secrets.yml -rhn_user: "RHN-USER" -rhn_pass: "RHN-PASS" -rhn_pool_id: "SOME-LONG-RED-HAT-POOL-ID" -sat_admin_password: "SATELLITE-ADMIN-PASSWORD" +rhn_user: "admin" +rhn_pass: "Iaz6USksOy" +rhn_pool_id: "" + +ansible_connection: ssh +ansible_user: redhat +ansible_ssh_pass: redhat +ansible_sudo_pass: redhat # This is only needed if using a custom SSL certificate -#openssl_passphrase: "PASSWORD-TO-USE-FOR-OPENSSL-ENCRYPTION-OF-PRIVATE-KEY" \ No newline at end of file +#openssl_passphrase: "PASSWORD-TO-USE-FOR-OPENSSL-ENCRYPTION-OF-PRIVATE-KEY" diff --git a/maintenance.yml b/maintenance.yml index 9e4b691..7442ccd 100644 --- a/maintenance.yml +++ b/maintenance.yml @@ -4,7 +4,7 @@ - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: yes roles: diff --git a/refresh_ldap_groups.yml b/refresh_ldap_groups.yml index 2185670..f6bca92 100644 --- a/refresh_ldap_groups.yml +++ b/refresh_ldap_groups.yml @@ -4,7 +4,7 @@ - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: yes roles: diff --git a/refresh_s3_rpms.yml b/refresh_s3_rpms.yml index 2279a34..ce35f2f 100644 --- a/refresh_s3_rpms.yml +++ b/refresh_s3_rpms.yml @@ -4,7 +4,7 @@ - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: yes roles: diff --git a/roles/satellite-auth/meta/main.yml b/roles/satellite-auth/meta/main.yml index 14e2854..cda6bdb 100644 --- a/roles/satellite-auth/meta/main.yml +++ b/roles/satellite-auth/meta/main.yml @@ -4,15 +4,19 @@ galaxy_info: description: Authentication role for Red Hat Satellite 6, that sets up local and external authentication sources # company: your company (optional) license: GPLv3 - min_ansible_version: 1.9.4 + min_ansible_version: 2.9.x platforms: - name: EL versions: - 6 - 7 + - 8 + - 9 categories: - cloud - cloud:ec2 - packaging - system + - physical + - vmware dependencies: [] \ No newline at end of file diff --git a/roles/satellite-auth/tasks/ldap.yml b/roles/satellite-auth/tasks/ldap.yml index 9820ac1..4fcbbd4 100644 --- a/roles/satellite-auth/tasks/ldap.yml +++ b/roles/satellite-auth/tasks/ldap.yml @@ -72,7 +72,7 @@ body_format: json method: GET user: admin - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201 ] url: "https://{{ satellite_server }}/api/v2/auth_source_ldaps/{{ item.name }}" validate_certs: no diff --git a/roles/satellite-auth/tasks/ldap_refresh.yml b/roles/satellite-auth/tasks/ldap_refresh.yml index 0ed629f..eb58578 100644 --- a/roles/satellite-auth/tasks/ldap_refresh.yml +++ b/roles/satellite-auth/tasks/ldap_refresh.yml @@ -9,7 +9,7 @@ body_format: json method: GET user: admin - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201 ] url: "https://{{ satellite_server }}/api/v2/users" validate_certs: no @@ -24,7 +24,7 @@ body_format: json method: GET user: admin - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201 ] url: "https://{{ satellite_server }}/api/v2/usergroups" validate_certs: no @@ -39,7 +39,7 @@ body_format: json method: GET user: admin - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201 ] url: "https://{{ satellite_server }}/api/v2/usergroups/{{ item.name }}" validate_certs: no diff --git a/roles/satellite-auth/tests/inventory b/roles/satellite-auth/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/satellite-auth/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/satellite-auth/tests/test.yml b/roles/satellite-auth/tests/test.yml new file mode 100644 index 0000000..c32bcae --- /dev/null +++ b/roles/satellite-auth/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - satellite-auth diff --git a/roles/satellite-clients/README.md b/roles/satellite-clients/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/satellite-clients/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/satellite-clients/handlers/main.yml b/roles/satellite-clients/handlers/main.yml new file mode 100644 index 0000000..cf1b904 --- /dev/null +++ b/roles/satellite-clients/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for satellite-clients diff --git a/roles/satellite-clients/meta/main.yml b/roles/satellite-clients/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/satellite-clients/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/satellite-clients/tasks/client_configure_pupet.yml b/roles/satellite-clients/tasks/client_configure_pupet.yml new file mode 100644 index 0000000..a324db6 --- /dev/null +++ b/roles/satellite-clients/tasks/client_configure_pupet.yml @@ -0,0 +1,39 @@ +--- +# tasks file for satellite-clients + +- name: Update puppet conf ca + lineinfile: dest=/etc/puppet/puppet.conf + regexp="^\s*ca_server\s*=" + line="ca_server = {{ groups['puppet_ca'][0] }}" + tags: puppet + +- name: Update puppet conf server + lineinfile: dest=/etc/puppet/puppet.conf + regexp="^\s*server\s*=" + line="server = {{ groups['puppet_master'][0] }}" + tags: puppet + +- name: Update puppet environment + lineinfile: dest=/etc/puppet/puppet.conf + regexp="^\s*environment\s*=" + line="environment = {{ puppet_env }}" + tags: puppet + +- name: Kill existing puppet agent runs + command: /usr/bin/killall puppet + tags: puppet + ignore_errors: True + +- name: Run puppet to cache certs + shell: /usr/bin/puppet agent -t + ignore_errors: True + tags: puppet + +- name: sign puppet certificate + shell: /usr/bin/puppet cert sign {{ ansible_fqdn }} + delegate_to: "{{ groups['puppet_ca'][0] }}" + tags: puppet + +- name: Run puppet again with valid cert + shell: /usr/bin/puppet agent -t + ignore_errors: True diff --git a/roles/satellite-clients/tasks/client_delete_pupet_cets.yml b/roles/satellite-clients/tasks/client_delete_pupet_cets.yml new file mode 100644 index 0000000..49b8185 --- /dev/null +++ b/roles/satellite-clients/tasks/client_delete_pupet_cets.yml @@ -0,0 +1,14 @@ +--- +# tasks file for satellite-clients + +- name: Remove puppet certs + file: path=/var/lib/puppet/ssl + state=absent + tags: puppet + +# Clean the old cert just in case +- name: clean old cert on puppet ca + shell: /usr/bin/puppet cert clean {{ ansible_fqdn }}hromerot + delegate_to: "{{ groups['puppet_ca'][0] }}" + ignore_errors: True + tags: puppet \ No newline at end of file diff --git a/roles/satellite-clients/tasks/client_enable_repo.yml b/roles/satellite-clients/tasks/client_enable_repo.yml new file mode 100644 index 0000000..ff58614 --- /dev/null +++ b/roles/satellite-clients/tasks/client_enable_repo.yml @@ -0,0 +1,9 @@ +--- +# tasks file for satellite-clients + +- name: Get current subscription repositories + shell: + cmd: "subscription-manager repos --enable={{ repo }}" + register: enable_repo + + diff --git a/roles/satellite-clients/tasks/client_get_enable_repos.yml b/roles/satellite-clients/tasks/client_get_enable_repos.yml new file mode 100644 index 0000000..f579115 --- /dev/null +++ b/roles/satellite-clients/tasks/client_get_enable_repos.yml @@ -0,0 +1,17 @@ +--- +# tasks file for satellite-clients + +- name: Get current subscription repositories + shell: + cmd: subscription-manager repos --list-enabled | grep -i 'Repo ID' + register: enable_repos_id + +- set_fact: + enable_repos: "{{ enable_repos_id.stdout | regex_replace('Repo ID: ', '') }}" + +- set_fact: + enable_repos: "{{ enable_repos_id.stdout | regex_replace(' ', '') }}" + +- set_fact: + enable_repos_list: "{{ enable_repos.split('\n') }}" + diff --git a/roles/satellite-clients/tasks/client_subscribe_by_act_key.yml b/roles/satellite-clients/tasks/client_subscribe_by_act_key.yml new file mode 100644 index 0000000..cd2ed84 --- /dev/null +++ b/roles/satellite-clients/tasks/client_subscribe_by_act_key.yml @@ -0,0 +1,15 @@ +--- +# tasks file for satellite-clients + +- name: Install new satellite certs + shell: "/usr/bin/yum localinstall -e 0 -y http://{{ groups['satellite'][0] }}/pub/katello-ca-consumer-latest.noarch.rpm" + +- name: Subscribe to Satellite + shell: "/usr/bin/subscription-manager register --org={{ organization }} --activationkey={{ activationkey }}" + register: subscription_result +# ignore_errors: True + +# sometimes nodes fail to unregister +#- name: Force subscribe +# shell: "/usr/bin/subscription-manager register --force --org {{ org_id }} --activationkey={{ activationkey }}" +# when: "'Use --force' in subscription_result.stdout" \ No newline at end of file diff --git a/roles/satellite-clients/tasks/client_unsubscribe.yml b/roles/satellite-clients/tasks/client_unsubscribe.yml new file mode 100644 index 0000000..9458be2 --- /dev/null +++ b/roles/satellite-clients/tasks/client_unsubscribe.yml @@ -0,0 +1,16 @@ +--- +# tasks file for satellite-clients + +- name: Unregister host + redhat_subscription: + state: absent + ignore_errors: True + +- name: Clean old subscription-manager data + shell: + cmd: subscription-manager clean + +- name: Remove old satellite certs + yum: + name: "katello-ca-consumer-{{ satellite }}" + state: absent \ No newline at end of file diff --git a/roles/satellite-clients/tests/inventory b/roles/satellite-clients/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/satellite-clients/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/satellite-clients/tests/test.yml b/roles/satellite-clients/tests/test.yml new file mode 100644 index 0000000..0190e3a --- /dev/null +++ b/roles/satellite-clients/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - satellite-clients diff --git a/roles/satellite-content/tasks/activation_keys.yml b/roles/satellite-content/tasks/activation_keys.yml index 6714a82..7e35f7d 100644 --- a/roles/satellite-content/tasks/activation_keys.yml +++ b/roles/satellite-content/tasks/activation_keys.yml @@ -5,7 +5,7 @@ - name: Creating activation key(s) command: > /bin/hammer activation-key create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --content-view "{{ item.content_view }}" --lifecycle-environment "{{ item.lifecycle_env }}" @@ -21,7 +21,7 @@ - name: Updating activation key release versions command: > /bin/hammer activation-key update - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --release-version "{{ item.releasever }}" register: update_activation_keys_rv @@ -37,7 +37,7 @@ - name: Obtaining All Subscription IDs shell: > /bin/hammer subscription list - --organization "{{ initial_org }}" | awk -F"|" '{ print $8 }' | column -t | egrep -vi "(--|ID)" + --organization "{{ organization }}" | awk -F"|" '{ print $8 }' | column -t | egrep -vi "(--|ID)" register: all_subscription_ids changed_when: no @@ -45,7 +45,7 @@ - name: Add subscription to activation key(s) command: > /bin/hammer activation-key add-subscription - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item[0].name }}" --subscription-id "{{ item[1] }}" register: add_activation_key_sub @@ -62,7 +62,7 @@ - name: Override content defaults to enable needed repos for activation key(s) command: > /bin/hammer activation-key content-override - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.0.name }}" --content-label "{{ item.1 }}" --value 1 diff --git a/roles/satellite-content/tasks/content_views.yml b/roles/satellite-content/tasks/content_views.yml index 30e15c1..01e08df 100644 --- a/roles/satellite-content/tasks/content_views.yml +++ b/roles/satellite-content/tasks/content_views.yml @@ -5,7 +5,7 @@ - name: Creating content view(s) command: > /bin/hammer content-view create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --description "{{ item.description }}" register: create_content_view @@ -20,7 +20,7 @@ - name: Updating defined content view(s) command: > /bin/hammer content-view update - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.item.name }}" --description "{{ item.item.description }}" register: update_content_view @@ -37,7 +37,7 @@ - name: Assign repositories to content views via repository ids command: > /bin/hammer content-view update - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --repository-ids "{{ item.repo_ids | join(',') }}" register: update_content_view @@ -52,7 +52,7 @@ - name: Creating content view package filter(s) command: > /bin/hammer content-view filter create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --content-view "{{ item.applytocv }}" --inclusion "{{ item.inclusion | default(yes) }}" @@ -71,7 +71,7 @@ - name: Add content filter rules by package command: > /bin/hammer content-view filter rule create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.1 }}" --content-view "{{ item.0.applytocv }}" --content-view-filter "{{ item.0.name }}" @@ -91,7 +91,7 @@ - name: Applying repository restrictions to package filters command: > /bin/hammer content-view filter update - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --content-view "{{ item.applytocv }}" --repository-ids "{{ item.repo_ids | join(',') }}" @@ -109,7 +109,7 @@ - name: Creating content view date filter(s) command: > /bin/hammer content-view filter create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --content-view "{{ item.applytocv }}" --inclusion "{{ item.inclusion | default(no) }}" @@ -128,7 +128,7 @@ - name: Add content filter rules by start date command: > /bin/hammer content-view filter rule create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --content-view "{{ item.applytocv }}" --content-view-filter "{{ item.name }}" --start-date "{{ item.start_date }}" @@ -148,7 +148,7 @@ - name: Applying repository restrictions to date filters command: > /bin/hammer content-view filter update - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --content-view "{{ item.applytocv }}" --repository-ids "{{ item.repo_ids | join(',') }}" @@ -166,7 +166,7 @@ - name: Publish content views to the Library environment command: > /bin/hammer content-view publish - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" register: publish_content_view with_items: sat_content_views @@ -181,7 +181,7 @@ - name: Promote initial content views from the Library to their respective environments command: > /bin/hammer content-view version promote - --organization "{{ initial_org }}" + --organization "{{ organization }}" --content-view "{{ item.0.name }}" --to-lifecycle-environment "{{ item.1 }}" --version "1.0" diff --git a/roles/satellite-content/tasks/create_content_inventory.yml b/roles/satellite-content/tasks/create_content_inventory.yml new file mode 100644 index 0000000..8fb300e --- /dev/null +++ b/roles/satellite-content/tasks/create_content_inventory.yml @@ -0,0 +1,10 @@ +--- +# tasks file for satellite-clients +# node: +# organization: "{{ organization }}" +# host: "{{ host }}" +# activationkey: "{{ activationkey }}" +# repos: "{{ repos }}" + +- set_fact: + inventory_content: "{{ inventory_content + [node] }}" diff --git a/roles/satellite-content/tasks/create_content_inventory_file.yml b/roles/satellite-content/tasks/create_content_inventory_file.yml new file mode 100644 index 0000000..d67a0b8 --- /dev/null +++ b/roles/satellite-content/tasks/create_content_inventory_file.yml @@ -0,0 +1,18 @@ +--- +# tasks file for satellite-clients + +- name: create inventory file + lineinfile: + path: "{{ path_vars }}/inventorycontent-{{ ansible_date_time.date }}.yml" + line: "{{ item.host }} organization={{ item.organization }} activationkey={{ item.activationkey }}" + create: yes + delegate_to: localhost + connection: local + +- name: create inventory file + copy: + content: "{{ item | to_yaml }}" + dest: "{{ path_vars }}/inventorycontent-{{ ansible_date_time.date }}.json" + delegate_to: localhost + connection: local + \ No newline at end of file diff --git a/roles/satellite-content/tasks/get_activation_keys.yml b/roles/satellite-content/tasks/get_activation_keys.yml new file mode 100644 index 0000000..edb0a6c --- /dev/null +++ b/roles/satellite-content/tasks/get_activation_keys.yml @@ -0,0 +1,34 @@ +--- +# Create activation keys + + # Get all activation Keys +- name: Get list of all activation keys + shell: + cmd: 'hammer activation-key list --organization "{{ organization }}" --fields name' + register: activation_keys + +- set_fact: + activation_keys_list: "{{ activation_keys.stdout.split('\n') | | regex_replace('[ \f\t\v]+$', '') }}" + +- set_fact: + separators: "{{ activation_keys_list[0] }}" + title: "{{ activation_keys_list[1] }}" + number_of_keys: "{{ activation_keys_list|length }}" + +- set_fact: + activation_keys_list_remove_lines: "{{ activation_keys_list|reject('search', separators)|list }}" + +- set_fact: + activation_keys_list_remove_title: "{{ activation_keys_list_remove_lines|reject('search', title)|list }}" + +- set_fact: + activation_keys_list: + - list: "{{ activation_keys_list_remove_title }}" + org: "{{ organization }}" + + + + + + + \ No newline at end of file diff --git a/roles/satellite-content/tasks/get_activation_keys_for_org.yml b/roles/satellite-content/tasks/get_activation_keys_for_org.yml new file mode 100644 index 0000000..e97cbb5 --- /dev/null +++ b/roles/satellite-content/tasks/get_activation_keys_for_org.yml @@ -0,0 +1,25 @@ +--- +# Create activation keys + + # Get all activation Keys + +- name: ":::: Get Activation Keys for Organization ::::" + include_tasks: ./get_activation_keys.yml + +- debug: + msg: "{{ activation_keys_list }}" + +- name: ":::: Create content inventory ::::" + include_tasks: ./create_content_inventory.yml + with_items: "{{ activation_keys_list[0].list }}" + vars: + node: + organization: "{{ activation_keys_list[0].org }}" + activationkey: "{{ item }}" + when: activation_keys_list[0].list is defined and ( activation_keys_list[0].list|length>0 ) + + + + + + \ No newline at end of file diff --git a/roles/satellite-content/tasks/get_nodes_for_key.yml b/roles/satellite-content/tasks/get_nodes_for_key.yml new file mode 100644 index 0000000..26d33b0 --- /dev/null +++ b/roles/satellite-content/tasks/get_nodes_for_key.yml @@ -0,0 +1,33 @@ +--- +# Create activation keys + + # Get all activation Keys +- name: Get node for specific key + shell: + cmd: 'hammer host list --search activation_key="{{ activation_key }}" --fields name' + register: host_for_key + +- set_fact: + host_for_key_list: "{{ host_for_key.stdout.split('\n') | | regex_replace('[ \f\t\v]+$', '') }}" + +- set_fact: + separators: "{{ host_for_key_list[0] }}" + title: "{{ host_for_key_list[1] }}" + number_of_servers_keys: "{{ host_for_key_list|length }}" + +- set_fact: + host_for_key_list_lines: "{{ host_for_key_list|reject('search', separators)|list }}" + +- set_fact: + host_for_key_list_title: "{{ host_for_key_list_lines|reject('search', title)|list }}" + +- set_fact: + host_for_key_list: + - list: "{{ host_for_key_list_title }}" + org: "{{ organization }}" + ak: "{{ activation_key }}" + + + + + \ No newline at end of file diff --git a/roles/satellite-content/tasks/get_nodes_for_keys.yml b/roles/satellite-content/tasks/get_nodes_for_keys.yml new file mode 100644 index 0000000..a5a58ac --- /dev/null +++ b/roles/satellite-content/tasks/get_nodes_for_keys.yml @@ -0,0 +1,31 @@ +--- +# Create activation keys + +# Get all nodes for activation Keys +- name: ":::: Get Host and Key subscriptions ::::" + include_tasks: ./get_nodes_for_key.yml + +- debug: + msg: "{{ host_for_key_list }}" + +- name: ":::: Create content inventory ::::" + include_tasks: ./create_content_inventory.yml + with_items: "{{ host_for_key_list[0].list }}" + vars: + node: + organization: "{{ host_for_key_list[0].org }}" + activationkey: "{{ host_for_key_list[0].ak }}" + host: "{{ item }}" + when: host_for_key_list[0].list is defined and ( host_for_key_list[0].list|length>0 ) + +- name: create inventory file + lineinfile: + path: "{{ path_vars }}/inventorycontent{{ ansible_date_time.date }}.yml" + line: "{{ item }} organization={{ host_for_key_list[0].org }} activationkey={{ host_for_key_list[0].ak }}" + create: yes + with_items: "{{ host_for_key_list[0].list }}" + when: host_for_key_list[0].list is defined and ( host_for_key_list[0].list|length>0 ) + delegate_to: localhost + connection: local + + \ No newline at end of file diff --git a/roles/satellite-content/tasks/get_orgs.yml b/roles/satellite-content/tasks/get_orgs.yml new file mode 100644 index 0000000..05feb49 --- /dev/null +++ b/roles/satellite-content/tasks/get_orgs.yml @@ -0,0 +1,32 @@ +--- +# Create activation keys + + # Get all activation Keys +- name: Get list of all orgs + shell: + cmd: 'hammer org list --fields name' + register: organizations + +- set_fact: + organizations_list: "{{ organizations.stdout.split('\n') | regex_replace('[ \f\t\v]+$', '')}}" + +- set_fact: + separators: "{{ organizations_list[0] }}" + title: "{{ organizations_list[1] }}" + number_of_keys: "{{ organizations_list|length }}" + +- set_fact: + organizations_list_remove_lines: "{{ organizations_list|reject('search', separators)|list }}" + +- set_fact: + organizations_list_remove_title: "{{ organizations_list_remove_lines|reject('search', title)|list }}" + +- set_fact: + organizations_list: "{{ organizations_list_remove_title }}" + + + + + + + \ No newline at end of file diff --git a/roles/satellite-content/tasks/lifecycle.yml b/roles/satellite-content/tasks/lifecycle.yml index 22e8c9b..64fdc96 100644 --- a/roles/satellite-content/tasks/lifecycle.yml +++ b/roles/satellite-content/tasks/lifecycle.yml @@ -5,7 +5,7 @@ - name: Creating lifecycle environments command: > /bin/hammer lifecycle-environment create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.env }}" --description "{{ item.env }} Environment" --prior "{{ item.prior }}" diff --git a/roles/satellite-content/tasks/main.yml b/roles/satellite-content/tasks/main.yml index db4d1a2..4c6c98e 100644 --- a/roles/satellite-content/tasks/main.yml +++ b/roles/satellite-content/tasks/main.yml @@ -6,7 +6,7 @@ fail: msg: "You must pass an organization and a location to this role. Please see README.md for more detail." when: > - initial_org is not defined + organization is not defined or initial_loc is not defined # Wait for primary sync to finish if wait_on_sync is true/yes diff --git a/roles/satellite-content/tasks/s3.yml b/roles/satellite-content/tasks/s3.yml index 5fe592c..dd0fd36 100644 --- a/roles/satellite-content/tasks/s3.yml +++ b/roles/satellite-content/tasks/s3.yml @@ -17,7 +17,7 @@ - name: Upload changed packages to their respective repositories in the custom product command: > /bin/hammer repository upload-content - --organization "{{ initial_org }}" + --organization "{{ organization }}" --product "{{ sat_custom_product }}" --name "{{ item.item[0].name }}" --path "{{ item.dest }}" diff --git a/roles/satellite-content/vars/main.yml b/roles/satellite-content/vars/main.yml index ca500a7..a14c2f0 100644 --- a/roles/satellite-content/vars/main.yml +++ b/roles/satellite-content/vars/main.yml @@ -21,7 +21,7 @@ sat_lifecycle: # List content view details. View names must have no spaces. # Repositories you want to include, should match the IDs output by -# hammer repository list --organization "{{ initial_org }}" and should be +# hammer repository list --organization "{{ organization }}" and should be # separated by commas. Take a look at satellite-setup/vars/main.yml for ordering # Satellite 6.2 will fix the bug in hammer that allows you to specify repository names # when adding repository sets. Will update the code after release to take that into account diff --git a/roles/satellite-install/templates/ansible_satellite_answers.yml.j2 b/roles/satellite-install/templates/ansible_satellite_answers.yml.j2 index 46aab32..4d5160f 100644 --- a/roles/satellite-install/templates/ansible_satellite_answers.yml.j2 +++ b/roles/satellite-install/templates/ansible_satellite_answers.yml.j2 @@ -10,7 +10,7 @@ katello: true foreman: admin_username: admin admin_email: "{{ sat_admin_email }}" - admin_password: "{{ sat_admin_password }}" + admin_password: "{{ rhn_pass }}" admin_first_name: "{{ sat_admin_firstname }}" admin_last_name: "{{ sat_admin_lastname }}" organizations_enabled: true diff --git a/roles/satellite-maintenance/tasks/content_views-auto_update.yml b/roles/satellite-maintenance/tasks/content_views-auto_update.yml index 1cedb5e..fa92114 100644 --- a/roles/satellite-maintenance/tasks/content_views-auto_update.yml +++ b/roles/satellite-maintenance/tasks/content_views-auto_update.yml @@ -10,7 +10,7 @@ body_format: json method: GET user: admin - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201 ] url: "https://{{ satellite_server }}/katello/api/v2/content_views?per_page=5000" validate_certs: no @@ -25,7 +25,7 @@ body_format: json method: GET user: admin - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201 ] url: "https://{{ satellite_server }}/katello/api/v2/content_views/{{ item.id }}/filters" validate_certs: no @@ -66,7 +66,7 @@ body_format: json method: DELETE user: admin - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201, 204 ] url: "https://{{ satellite_server }}/katello/api/v2/content_views/{{ item.viewid }}/filters/{{ item.filterid }}" validate_certs: no @@ -80,7 +80,7 @@ - name: Creating content view package filter(s) command: > /bin/hammer content-view filter create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --content-view "{{ item.content_view_name }}" --inclusion "{{ item.is_inclusion }}" @@ -99,7 +99,7 @@ - name: Add content filter rules by package command: > /bin/hammer content-view filter rule create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.1.name }}" --content-view "{{ item.0.content_view_name }}" --content-view-filter "{{ item.0.name }}" @@ -119,7 +119,7 @@ - name: Applying repository restrictions to package filters command: > /bin/hammer content-view filter update - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --content-view "{{ item.content_view_name }}" --repository-ids "{{ item.repositories | join(',') }}" @@ -137,7 +137,7 @@ - name: Creating content view erratum filters using date exclusion command: > /bin/hammer content-view filter create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name | replace('-cv','') }}-dated_to_{{ ansible_date_time.month }}{{ ansible_date_time.day }}{{ ansible_date_time.year }}" --content-view "{{ item.name }}" --inclusion "{{ sat_content_orchestration.date_filters.inclusion }}" @@ -157,7 +157,7 @@ - name: Exclude erratum updated after todays date command: > /bin/hammer content-view filter rule create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --content-view "{{ item.name }}" --content-view-filter "{{ item.name | replace('-cv','') }}-dated_to_{{ ansible_date_time.month }}{{ ansible_date_time.day }}{{ ansible_date_time.year }}" --start-date "{{ sat_content_orchestration.date_filters.start_date }}" diff --git a/roles/satellite-maintenance/tasks/content_views-prod_promo.yml b/roles/satellite-maintenance/tasks/content_views-prod_promo.yml index ddb0f14..a704019 100644 --- a/roles/satellite-maintenance/tasks/content_views-prod_promo.yml +++ b/roles/satellite-maintenance/tasks/content_views-prod_promo.yml @@ -9,7 +9,7 @@ body_format: json method: GET user: admin - password: "{{ sat_admin_password }}" + password: "{{ rhn_pass }}" status_code: [ 200, 201 ] url: "https://{{ satellite_server }}/katello/api/v2/content_views?per_page=5000" validate_certs: no diff --git a/roles/satellite-maintenance/tasks/s3-update.yml b/roles/satellite-maintenance/tasks/s3-update.yml index 5fe592c..dd0fd36 100644 --- a/roles/satellite-maintenance/tasks/s3-update.yml +++ b/roles/satellite-maintenance/tasks/s3-update.yml @@ -17,7 +17,7 @@ - name: Upload changed packages to their respective repositories in the custom product command: > /bin/hammer repository upload-content - --organization "{{ initial_org }}" + --organization "{{ organization }}" --product "{{ sat_custom_product }}" --name "{{ item.item[0].name }}" --path "{{ item.dest }}" diff --git a/roles/satellite-selfsubscribe/tasks/main.yml b/roles/satellite-selfsubscribe/tasks/main.yml index f64d7ce..4f850dd 100644 --- a/roles/satellite-selfsubscribe/tasks/main.yml +++ b/roles/satellite-selfsubscribe/tasks/main.yml @@ -26,7 +26,7 @@ - name: "Refresh the manifest from the Red Hat Portal" command: > /bin/hammer subscription refresh-manifest - --organization "{{ initial_org }}" + --organization "{{ organization }}" # Remove Satellite certificates - name: Uninstall certificates package if installed @@ -49,7 +49,7 @@ # Check registration status of the system - name: Subscribe the Satellite Server to itself command: > - /sbin/subscription-manager register --org "{{ initial_org | replace(' ','_') }}" --activationkey "{{ self_subscribe_key }}" + /sbin/subscription-manager register --org "{{ organization | replace(' ','_') }}" --activationkey "{{ self_subscribe_key }}" ignore_errors: yes # Remove automatically attached subscriptions diff --git a/roles/satellite-selfsubscribe/tasks/self_content.yml b/roles/satellite-selfsubscribe/tasks/self_content.yml index d31d352..25e56a2 100644 --- a/roles/satellite-selfsubscribe/tasks/self_content.yml +++ b/roles/satellite-selfsubscribe/tasks/self_content.yml @@ -4,7 +4,7 @@ - name: Enable repositories command: > /bin/hammer repository-set enable - --organization "{{ initial_org }}" + --organization "{{ organization }}" --product "{{ item.0.name }}" --name "{{ item.1.name }}" {{ item.1.options }} @@ -24,7 +24,7 @@ - name: Synchronize Red Hat yum repositories in the background command: > /bin/hammer product synchronize - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --async with_items: sat_products @@ -34,7 +34,7 @@ - name: Assign products to sync plan(s) command: > /bin/hammer product set-sync-plan - --organization "{{ initial_org }}" + --organization "{{ organization }}" --sync-plan "{{ item.0.name }}" --name "{{ item.1 }}" register: syncproduct_assign @@ -63,7 +63,7 @@ - name: Determine Satellite Repo ID shell: > /bin/hammer repository list - --organization "{{ initial_org }}" + --organization "{{ organization }}" --search "*Red\ Hat\ Satellite\ 6.1\ for\ RHEL\ 7\ Server*" | egrep -v "(\-\-\-|PRODUCT)" | awk '{ print $1 }' register: satellite_repository_id ignore_errors: yes @@ -83,7 +83,7 @@ - name: Creating lifecycle environments command: > /bin/hammer lifecycle-environment create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.env }}" --description "{{ item.env }} Environment" --prior "{{ item.prior }}" @@ -99,7 +99,7 @@ - name: Creating content view(s) command: > /bin/hammer content-view create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --description "{{ item.description }}" register: create_content_view @@ -114,7 +114,7 @@ - name: Updating defined content view(s) command: > /bin/hammer content-view update - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.item.name }}" --description "{{ item.item.description }}" register: update_content_view @@ -130,7 +130,7 @@ - name: Assign repositories to content views via repository ids command: > /bin/hammer content-view update - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --repository-ids "{{ sat_combined_repo_ids |list| join(',') }}" register: update_content_view @@ -145,7 +145,7 @@ - name: Creating content view date filter(s) command: > /bin/hammer content-view filter create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --content-view "{{ item.applytocv }}" --inclusion "{{ item.inclusion | default(no) }}" @@ -164,7 +164,7 @@ - name: Add content filter rules by start date command: > /bin/hammer content-view filter rule create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --content-view "{{ item.applytocv }}" --content-view-filter "{{ item.name }}" --start-date "{{ item.start_date }}" @@ -184,7 +184,7 @@ - name: Applying repository restrictions to date filters command: > /bin/hammer content-view filter update - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --content-view "{{ item.applytocv }}" --repository-ids "{{ item.repo_ids | join(',') }}" @@ -202,7 +202,7 @@ - name: Publish content views to the Library environment command: > /bin/hammer content-view publish - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" register: publish_content_view with_items: sat_content_views @@ -217,7 +217,7 @@ - name: Promote initial content views from the Library to their respective environments command: > /bin/hammer content-view version promote - --organization "{{ initial_org }}" + --organization "{{ organization }}" --content-view "{{ item.0.name }}" --to-lifecycle-environment "{{ item.1 }}" --version "1.0" @@ -238,7 +238,7 @@ - name: Creating activation key(s) command: > /bin/hammer activation-key create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --content-view "{{ item.content_view }}" --lifecycle-environment "{{ item.lifecycle_env }}" @@ -254,7 +254,7 @@ - name: Updating activation key release versions command: > /bin/hammer activation-key update - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --release-version "{{ item.releasever }}" register: update_activation_keys_rv @@ -270,7 +270,7 @@ - name: Obtaining All Subscription IDs shell: > /bin/hammer subscription list - --organization "{{ initial_org }}" | awk -F"|" '{ print $8 }' | column -t | egrep -vi "(--|ID)" + --organization "{{ organization }}" | awk -F"|" '{ print $8 }' | column -t | egrep -vi "(--|ID)" register: all_subscription_ids changed_when: no @@ -278,7 +278,7 @@ - name: Add subscription to activation key(s) command: > /bin/hammer activation-key add-subscription - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item[0].name }}" --subscription-id "{{ item[1] }}" register: add_activation_key_sub @@ -295,7 +295,7 @@ - name: Override content defaults to enable needed repos for activation key(s) command: > /bin/hammer activation-key content-override - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.0.name }}" --content-label "{{ item.1 }}" --value 1 diff --git a/roles/satellite-setup/tasks/custom_repositories.yml b/roles/satellite-setup/tasks/custom_repositories.yml index ac2b887..e6b04d2 100644 --- a/roles/satellite-setup/tasks/custom_repositories.yml +++ b/roles/satellite-setup/tasks/custom_repositories.yml @@ -5,7 +5,7 @@ - name: Create additional products command: > /bin/hammer product create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" register: create_addl_prod with_items: sat_custom_products @@ -19,7 +19,7 @@ - name: Create additional yum repositories command: > /bin/hammer repository create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --product "{{ item.0.name }}" --name "{{ item.1.name }}" --content-type "yum" diff --git a/roles/satellite-setup/tasks/docker_repositories.yml b/roles/satellite-setup/tasks/docker_repositories.yml index 6335818..53c2363 100644 --- a/roles/satellite-setup/tasks/docker_repositories.yml +++ b/roles/satellite-setup/tasks/docker_repositories.yml @@ -5,7 +5,7 @@ - name: Create Docker products command: > /bin/hammer product create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" register: create_docker_prod with_items: sat_docker_products @@ -19,7 +19,7 @@ - name: Create additional Docker repositories command: > /bin/hammer repository create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --product "{{ item.0.name }}" --name "{{ item.1.name }}" --content-type "docker" diff --git a/roles/satellite-setup/tasks/initial_sync.yml b/roles/satellite-setup/tasks/initial_sync.yml index 486d839..09df017 100644 --- a/roles/satellite-setup/tasks/initial_sync.yml +++ b/roles/satellite-setup/tasks/initial_sync.yml @@ -5,7 +5,7 @@ - name: Synchronize Red Hat yum repositories in the background command: > /bin/hammer product synchronize - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --async with_items: sat_products @@ -15,7 +15,7 @@ - name: Synchronize Docker repositories in the background command: > /bin/hammer product synchronize - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --async with_items: sat_docker_products @@ -25,7 +25,7 @@ - name: Synchronize third-party repositories in the background command: > /bin/hammer product synchronize - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --async with_items: sat_thirdparty_products diff --git a/roles/satellite-setup/tasks/main.yml b/roles/satellite-setup/tasks/main.yml index 0a223b4..def2b27 100644 --- a/roles/satellite-setup/tasks/main.yml +++ b/roles/satellite-setup/tasks/main.yml @@ -6,7 +6,7 @@ fail: msg: "You must pass an organization, location, username, and manifest to this role. Please see README.md for more detail." when: > - initial_org is not defined + organization is not defined or initial_loc is not defined or initial_user is not defined or sat_manifest is not defined @@ -35,8 +35,8 @@ - name: Create an initial organization command: > /bin/hammer organization create - --name "{{ initial_org }}" - --label "{{ initial_org }}" + --name "{{ organization }}" + --label "{{ organization }}" register: create_org failed_when: > create_org.rc != 0 @@ -47,7 +47,7 @@ - name: Add a user to the organization command: > /bin/hammer organization add-user - --name "{{ initial_org }}" + --name "{{ organization }}" --user "{{ initial_user }}" register: org_adduser failed_when: > @@ -83,7 +83,7 @@ command: > /bin/hammer location add-organization --name "{{ initial_loc }}" - --organization "{{ initial_org }}" + --organization "{{ organization }}" register: loc_addorg failed_when: > loc_addorg.rc != 0 @@ -106,7 +106,7 @@ command: > /bin/hammer subscription upload --file "{{ ansible_user_dir }}/{{ sat_manifest }}" - --organization "{{ initial_org }}" + --organization "{{ organization }}" register: manifest_upload failed_when: > manifest_upload.rc != 0 @@ -115,12 +115,12 @@ - name: "Refresh the manifest with the latest copy from the Red Hat Portal" command: > /bin/hammer subscription refresh-manifest - --organization "{{ initial_org }}" + --organization "{{ organization }}" - name: Grab list of repositories available to this Satellite server command: > /bin/hammer product list - --organization "{{ initial_org }}" + --organization "{{ organization }}" changed_when: no register: hammer_product_list diff --git a/roles/satellite-setup/tasks/redhat_repositories.yml b/roles/satellite-setup/tasks/redhat_repositories.yml index 9030b9e..6914948 100644 --- a/roles/satellite-setup/tasks/redhat_repositories.yml +++ b/roles/satellite-setup/tasks/redhat_repositories.yml @@ -5,7 +5,7 @@ - name: Enable repositories command: > /bin/hammer repository-set enable - --organization "{{ initial_org }}" + --organization "{{ organization }}" --product "{{ item.0.name }}" --name "{{ item.1.name }}" {{ item.1.options }} diff --git a/roles/satellite-setup/tasks/sync_plans.yml b/roles/satellite-setup/tasks/sync_plans.yml index d5c33e0..d48c3f2 100644 --- a/roles/satellite-setup/tasks/sync_plans.yml +++ b/roles/satellite-setup/tasks/sync_plans.yml @@ -5,7 +5,7 @@ - name: Creating sync plan(s) command: > /bin/hammer sync-plan create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" --sync-date "{{ ansible_date_time.date }} {{ item.synctime }}" --interval "{{ item.interval }}" @@ -23,7 +23,7 @@ - name: Assign products to sync plan(s) command: > /bin/hammer product set-sync-plan - --organization "{{ initial_org }}" + --organization "{{ organization }}" --sync-plan "{{ item.0.name }}" --name "{{ item.1 }}" register: syncproduct_assign diff --git a/roles/satellite-setup/tasks/thirdparty_repositories.yml b/roles/satellite-setup/tasks/thirdparty_repositories.yml index 85aedf5..12944da 100644 --- a/roles/satellite-setup/tasks/thirdparty_repositories.yml +++ b/roles/satellite-setup/tasks/thirdparty_repositories.yml @@ -5,7 +5,7 @@ - name: Create third-party products command: > /bin/hammer product create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --name "{{ item.name }}" register: create_thirdparty_prod with_items: sat_thirdparty_products @@ -19,7 +19,7 @@ - name: Create third-party yum repositories command: > /bin/hammer repository create - --organization "{{ initial_org }}" + --organization "{{ organization }}" --product "{{ item.0.name }}" --name "{{ item.1.name }}" --url "{{ item.1.url }}" diff --git a/roles/satellite-setup/templates/cli_config.yml.j2 b/roles/satellite-setup/templates/cli_config.yml.j2 index 0004027..8fb0683 100644 --- a/roles/satellite-setup/templates/cli_config.yml.j2 +++ b/roles/satellite-setup/templates/cli_config.yml.j2 @@ -8,7 +8,7 @@ :foreman: :host: "https://localhost/" :username: "admin" - :password: "{{ sat_admin_password }}" + :password: "{{ rhn_pass }}" :request_timeout: -1 :log_dir: '~/.foreman/log' diff --git a/rsync.yml b/rsync.yml new file mode 100644 index 0000000..33f7456 --- /dev/null +++ b/rsync.yml @@ -0,0 +1,20 @@ +--- +# ansible-satellite | Upgrade + +- hosts: local + become: yes + ansible_become_pass: + gather_facts: yes + tasks: + + - set_fact: + path: + user: + remote_server: + remote_path: + + - name: Execute rsync command + ansible.builtin.shell: + cmd: rsync -avzh {{ path }}/* {{ user }}@{{ remote_server }}:{{ remote_path }}/ + + # rsync -avzh -e 'ssh -X' --rsync-path='SUDO_ASKPASS=/usr/libexec/openssh/ssh-askpass sudo -A rsync' /var/lib/pulp/* [user]@[satellite server v12]:/var/lib/pulp/ \ No newline at end of file diff --git a/satellite_group_by.yml b/satellite_group_by.yml new file mode 100644 index 0000000..58afbbf --- /dev/null +++ b/satellite_group_by.yml @@ -0,0 +1,19 @@ +--- +# ansible-satellite | Satellite 6.x Orchestration + +- hosts: satellite6-server-prod + become: yes + vars_files: + - group_vars/satellite.yml + - group_vars/secrets.yml + gather_facts: yes + + tasks: + # create dynamic groups to define variables + - group_by: + key: "{{ ansible_distribution }}-{{ ansible_distribution_version | truncate(1, True, '') }}" + + - debug: + msg: "{{ ansible_distribution }}-{{ ansible_distribution_version | truncate(1, True, '') }}" + + \ No newline at end of file diff --git a/satellite_re_subscribe.yml b/satellite_re_subscribe.yml new file mode 100644 index 0000000..4d271ed --- /dev/null +++ b/satellite_re_subscribe.yml @@ -0,0 +1,41 @@ +--- +- hosts: servers + become: yes + vars_files: + - group_vars/satellite.yml + - group_vars/secrets.yml + gather_facts: yes + + tasks: +# create dynamic groups to define variables +# - group_by: +# key: "{{ ansible_distribution }}-{{ ansible_distribution_version | truncate(1, True, '') }}" + + - name: ":::: Get repos for host ::::" + include_tasks: roles/satellite-clients/tasks/client_get_enable_repos.yml + + - name: Copy a new "ntp.conf" file into place, backing up the original if it differs from the copied version + copy: + src: "/etc/yum.repos.d/redhat.repo" + dest: "/etc/yum.repos.d/redhat.repo.{{ ansible_date_time.date }}" + backup: yes + remote_src: yes + + - name: ":::: Unregister host ::::" + include_tasks: ./roles/satellite-clients/tasks/client_unsubscribe.yml + vars: + satellite: "{{ groups['old_satellite'][0] }}" + + - name: ":::: Register host ::::" + include_tasks: ./roles/satellite-clients/tasks/client_unsubscribe.yml + vars: + satellite: "{{ groups['satellite'][0] }}" + + - name: ":::: Register repos ::::" + include_tasks: ./roles/satellite-clients/tasks/client_enable_repo.yml + vars: + repo: "{{ item }}" + with_items: "{{ enable_repos_list }}" + + + diff --git a/satellite_re_subscribe_new.yml b/satellite_re_subscribe_new.yml new file mode 100644 index 0000000..adaf2c1 --- /dev/null +++ b/satellite_re_subscribe_new.yml @@ -0,0 +1,52 @@ +--- +- hosts: all + become: yes + vars_files: + - group_vars/satellite.yml + - group_vars/secrets.yml + gather_facts: yes + + tasks: + - name: '{{ company }} :::: {{ policy }} :::: API procedure - Generating Host Registration Command' + ansible.builtin.uri: + url: "{{ satellite_url }}/api/registration_commands" + user: "{{ user_registration }}" + password: "{{ passwd_registration }}" + force_basic_auth: yes + return_content: yes + method: POST + body_format: json + headers: + Content-Type: application/json + body: '{ "registration_command": { "activation_keys": ["{{ rhsm_activation_key }}"] }}' + validate_certs: no + register: host_registration + + - name: '{{ company }} :::: {{ policy }} :::: Get CA file' + ansible.builtin.get_url: + url: "{{ satellite_url }}/pub/katello-server-ca.crt" + dest: /etc/pki/ca-trust/source/anchors/ + validate_certs: no + + - name: '{{ company }} :::: {{ policy }} :::: update-ca-trust enable' + ansible.builtin.command: + cmd: update-ca-trust enable + + - name: '{{ company }} :::: {{ policy }} :::: update-ca-trust ' + ansible.builtin.command: + cmd: update-ca-trust + + - name: '{{ company }} :::: {{ policy }} :::: Registering server' + ansible.builtin.shell: + cmd: "{{ host_registration.json.registration_command }}" + register: out + + - name: Notify Errors + ansible.builtin.debug: + var: out.stderr_lines + when: out.stderr_lines | length > 0 + + - name: Notify Stdout + ansible.builtin.debug: + var: out.stdout_lines + when: out.rc == 0 diff --git a/bash-recreate_subscriptions.sh b/scripts/bash-recreate_subscriptions.sh similarity index 100% rename from bash-recreate_subscriptions.sh rename to scripts/bash-recreate_subscriptions.sh diff --git a/bash-refresh_subscriptions.sh b/scripts/bash-refresh_subscriptions.sh similarity index 100% rename from bash-refresh_subscriptions.sh rename to scripts/bash-refresh_subscriptions.sh diff --git a/self-subscribe.yml b/self-subscribe.yml index d4fbd8f..346b71a 100644 --- a/self-subscribe.yml +++ b/self-subscribe.yml @@ -4,7 +4,7 @@ - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: no roles: diff --git a/standup.yml b/standup.yml index 86fdc3d..c3eeb9f 100644 --- a/standup.yml +++ b/standup.yml @@ -4,9 +4,10 @@ - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml - group_vars/secrets.yml gather_facts: yes + roles: # satellite-install | Install Satellite 6 to a host - role: satellite-install diff --git a/upgrade.yml b/upgrade.yml index c84aece..ca8e2bb 100644 --- a/upgrade.yml +++ b/upgrade.yml @@ -4,7 +4,7 @@ - hosts: satellite6-server-prod become: yes vars_files: - - group_vars/all.yml + - group_vars/satellite.yml gather_facts: yes roles: # satellite-upgrade | Perform Satellite Upgrade