Giters

mz0 / ansible-do

DIgital Ocean & ArubaCloud playbooks

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

clouddigitaloceanansible-playbook

Uniform cloud server environments

launch.yml playbook starts launch.yml playbook finishes

Installation

  • Install Ansible 2.7.5 or newer (e.g. pip install --user -r requirements.txt).

  • Check do1.yml/ar1.yml and change the variables to your need.

Playbooks

launch-DO.yml / destroy-DO.yml

Launch / destroy a Debian 8.11 x64 droplet on Digital Ocean.

$ ansible-playbook launch-DO.yml

This Playbook will:

  • replace systemd with sysvinit
  • change SSH port 22 -> 2222 (set in do1.yml & hosts.ini)
  • configure swap file
  • install openntpd
  • configure sshd (PasswordAuthentication=no etc.)
  • configure sudoers
  • trim packages (leave only the needed ones)
  • add 3rd-party repos for LEMP stack (Nginx, PHP5.6-7.3, MariaDB 10.x)
  • install the EMP parts (nginx, mysqld, php-fpm)

See install and run example: doc/do1-log.md

Note: your API key should be in the file referenced by do_api_token in do1.yml.

relaunch-A.yml / listsrv-A.yml

Re-launch a Debian 8.11 x64 "Smart" VM on Aruba Cloud. Configuration is very much alike the one above.

Note:

  • "Smart" VMs are billed monthly - you do not want them killed and re-created without second thought, and if you pay for them 1Euro/mo you likely don't want them deleted at all ;)

  • put your username & password in a file like doc/aruba-secrets.ini

  • listsrv-A.yml lets you check ArubaCloud server status, queued task and its progress.

  • "Smart server" has Swap space pre-allocated as LVMs LV. We reclaim this space

Issues:

launch-DO - If SSH key is not registered on DO this playbook will fail (FIXME).

The launch-DO.yml playbook was not "idempotent" - on the second attempt it failed on prohibited root-login. (AllowGroups sudo) - sshd_config loosened a bit (AllowGroups line commented out, RootLogin enabled) until better solution is found.

If playbook failed on timeout you may restart it but do not use launch.retry (may need dynamic inventory - FIXME). Re-running from the start is the only option now. There's very little time lost in case of launch-DO in that case, relaunch-A is a different story ;)

Checked with Ansible 2.7 from PPA & 2.8dev0 on Ubuntu 18.04/18.10 with Python 2.7 Last update Dec 27, 2018.

About

DIgital Ocean & ArubaCloud playbooks

clouddigitaloceanansible-playbook

Languages

Language:Python 100.0%