-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathprovision.yml
259 lines (226 loc) · 8.36 KB
/
provision.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
---
# Provision hosts and other necessary infrastructure.
- name: provision hosts
hosts: local
connection: local
gather_facts: no
vars_files:
- vars.yml
- credentials.yml
tasks:
- name: worker hosts
rax:
state: present
name: deconst-{{ instance }}-worker-{{ deployment }}-%03d
group: deconst-{{ instance }}-worker-{{ deployment }}
count: "{{ worker_count }}"
exact_count: yes
image: "{{ worker_image }}"
flavor: "{{ worker_flavor }}"
key_name: "{{ rackspace_keyname }}"
wait: yes
register: rax_build_workers
tags: always
- name: add newly provisioned workers to the correct groups
add_host:
name: "{{ item.name }}"
ansible_ssh_host: "{{ item.rax_accessipv4 }}"
fresh_host: yes
groups: deconst-{{ instance }}-worker-{{ deployment }}
when: rax_build_workers.action == "create"
with_items: rax_build_workers.success
tags: always
- name: add all worker hosts to the correct groups
add_host:
name: "{{ item.name }}"
groups: deconst-worker
with_items: rax_build_workers.instances
tags: always
- name: identify full worker cluster rebuilds
set_fact:
fresh_worker_cluster: "{{ rax_build_workers.action == 'create' and rax_build_workers.success | length == worker_count }}"
tags: always
- name: elasticsearch hosts
rax:
state: present
name: deconst-{{ instance }}-elastic-{{ deployment }}-%03d
group: deconst-{{ instance }}-elastic-{{ deployment }}
count: "{{ elastic_count }}"
exact_count: yes
image: "{{ elastic_image }}"
flavor: "{{ elastic_flavor }}"
key_name: "{{ rackspace_keyname }}"
wait: yes
register: rax_build_elastic
tags: always
- name: add newly provisioned elastic hosts to the correct groups
add_host:
name: "{{ item.name }}"
ansible_ssh_host: "{{ item.rax_accessipv4 }}"
fresh_host: yes
groups: deconst-{{ instance }}-elastic-{{ deployment }}
when: rax_build_elastic.action == "create"
with_items: rax_build_elastic.success
tags: always
- name: add all elasticsearch hosts to the correct groups
add_host:
name: "{{ item.name }}"
ansible_ssh_host: "{{ item.rax_accessipv4 }}"
groups: deconst-elastic,deconst-{{ instance }}-elastic-{{ deployment }}
with_items: rax_build_elastic.instances
tags: always
- name: identify full elastic cluster rebuilds
set_fact:
fresh_elastic_cluster: "{{ rax_build_elastic.action == 'create' and rax_build_elastic.success | length == elastic_count }}"
tags: always
- name: build hosts
rax:
state: present
name: deconst-{{ instance }}-build-{{ deployment }}-%03d
group: deconst-{{ instance }}-build-{{ deployment }}
count: "{{ build_count }}"
exact_count: yes
image: "{{ build_image }}"
flavor: "{{ build_flavor }}"
key_name: "{{ rackspace_keyname }}"
wait: yes
register: rax_build_build
tags: always
- name: add newly provisioned build hosts to the correct groups
add_host:
name: "{{ item.name }}"
ansible_ssh_host: "{{ item.rax_accessipv4 }}"
fresh_host: yes
groups: deconst-{{ instance }}-build-{{ deployment }}
when: rax_build_build.action == "create"
with_items: rax_build_build.success
tags: always
- name: add all build hosts to the correct groups
add_host:
name: "{{ item.name }}"
ansible_ssh_host: "{{ item.rax_accessipv4 }}"
groups: deconst-build,deconst-{{ instance }}-build-{{ deployment }}
with_items: rax_build_build.instances
tags: always
- name: identify full build cluster rebuilds
set_fact:
fresh_build_cluster: "{{ rax_build_build.action == 'create' and rax_build_build.success | length == build_count }}"
tags: always
- name: staging hosts
rax:
state: present
name: deconst-{{ instance }}-staging-{{ deployment }}-%03d
group: deconst-{{ instance }}-staging-{{ deployment }}
count: "{{ staging_count }}"
exact_count: yes
image: "{{ staging_image }}"
flavor: "{{ staging_flavor }}"
key_name: "{{ rackspace_keyname }}"
wait: yes
register: rax_build_staging
tags: always
- name: add newly provisioned staging hosts to the correct groups
add_host:
name: "{{ item.name }}"
ansible_ssh_host: "{{ item.rax_accessipv4 }}"
fresh_host: yes
groups: deconst-{{ instance }}-staging-{{ deployment }}
when: rax_build_staging.action == "create"
with_items: rax_build_staging.success
tags: always
- name: add all staging hosts to the correct groups
add_host:
name: "{{ item.name }}"
ansible_ssh_host: "{{ item.rax_accessipv4 }}"
groups: deconst-staging,deconst-{{ instance }}-staging-{{ deployment }}
with_items: rax_build_staging.instances
tags: always
- name: identify full staging cluster rebuilds
set_fact:
fresh_staging_cluster: "{{ rax_build_staging.action == 'create' and rax_build_staging.success | length == staging_count }}"
tags: always
- name: presenter load balancer
rax_clb:
name: deconst-{{ instance }}-presenter
port: "{{ presenter_lb_port }}"
protocol: HTTPS
wait: yes
state: present
register: clb_presenter
- name: locate the load balancer VIP
set_fact: clb_vip_id={{ clb_presenter.balancer.virtual_ips[0].id }}
- name: content service load balancer
rax_clb:
name: deconst-{{ instance }}-content
port: "{{ content_service_lb_port }}"
protocol: HTTPS
vip_id: "{{ clb_vip_id }}"
wait: yes
timeout: 120
state: present
register: clb_content_service
- name: build load balancer
rax_clb:
name: deconst-{{ instance }}-build
port: "{{ build_lb_port }}"
protocol: HTTPS
wait: yes
state: present
register: clb_build
- name: staging presenter load balancer
rax_clb:
name: deconst-{{ instance }}-staging-presenter
port: "{{ staging_presenter_lb_port }}"
protocol: HTTPS
wait: yes
state: present
register: clb_staging_presenter
- name: staging content load balancer
rax_clb:
name: deconst-{{ instance }}-staging-content
port: "{{ staging_content_lb_port }}"
protocol: HTTPS
wait: yes
timeout: 120
state: present
register: clb_staging_content
- name: identify full cluster rebuilds
set_fact:
fresh_cluster: "{{ fresh_worker_cluster|bool and fresh_elastic_cluster|bool and fresh_build_cluster|bool and fresh_staging_cluster|bool }}"
tags: always
- name: force the generation of a new token for a fresh cluster
file: path=.etcd_cluster_token state=absent
when: fresh_cluster
- name: etcd cluster token
set_fact:
etcd_cluster_token: "{{ lookup('password', '.etcd_cluster_token length=20') }}"
- name: ensure we're ready to continue
hosts: local
connection: local
gather_facts: no
vars_files:
- vars.yml
- credentials.yml
tasks:
- name: trust newly launched hosts
lineinfile:
dest: "{{ lookup('env', 'HOME') }}/.ssh/known_hosts"
create: yes
state: present
line: "{{ lookup('pipe', 'ssh-keyscan -t rsa ' + item.rax_accessipv4 )}}"
regexp: "^{{ item.rax_accessipv4 }}"
with_items: "{{ rax_build_workers.success | union(rax_build_elastic.success) | union(rax_build_build.success) }}"
- name: print what we're waiting for
pause:
prompt: >
Permit connections to your Elasticsearch and MongoDB clusters from the following IPs:
{% for instance in rax_build_workers.success|union(rax_build_elastic.success)|union(rax_build_build.success)|union(rax_build_staging.success)|sort %}
{{ instance.name }}: public {{ instance.rax_accessipv4 }} servicenet {{ instance.rax_addresses.private[0].addr }}
{% endfor %}
Set the following DNS records:
{{ domain }} => {{ clb_presenter.balancer.virtual_ips[0].address }}
{{ build_domain }} => {{ clb_build.balancer.virtual_ips[0].address }}
{{ staging_presenter_domain }} => {{ clb_staging_presenter.balancer.virtual_ips[0].address }}
{{ staging_content_domain }} => {{ clb_staging_content.balancer.virtual_ips[0].address }}
Continue when both are in place
when: (rax_build_workers.success|length + rax_build_elastic.success|length + rax_build_build.success|length + rax_build_staging.success|length) > 0