redhatnordicssa / cool-lab Goto Github PK

Playbooks to add execution nodes to given AAP cluster.

create ansible config to join AAP to IdM. Includes binddn settings to controller and equivalent groups for AAP users and AAP admins in IdM. And aap-ldap user in IdM.

awx.awx.settings:
https://docs.ansible.com/ansible/latest/collections/awx/awx/settings_module.html#ansible-collections-awx-awx-settings-module

Ldap config for IdM:
https://rcarrata.com/ansible/integrate-tower-with-idm/

MGT cluster is installed, but requires registry to be fixed from the default to scaled proper PV setup. Ask Johnny.

https://console-openshift-console.apps.ocpmgt.cool.lab

Find a way to automate different Ansible configurations so they can be used by the ansible-setup command.
The information need to be inserted into a inventory file that can be used by the setup command.
Jinja2 could be an option

As a user I want to get MS-SQL server. Server also is visible via Observation tooling.

to this cluster #38

I added it via using this concept:

https://github.com/hybrid-cloud-patterns/multicloud-gitops

there is some oddities, like e.g. vmware config is missing domain name, which causes stuff at idm registration etc..

make it authenticate users and have admins coming from rhops

Create playbooks to create AAP cluster controllers.

Ilkka has working set for LDAP auth for OCP. This needs to be automated.

use https://github.com/redhat-cop/tower_configuration/tree/devel/examples/configs to create machine credential for red hat org

Make the intial work for building AAP cluster by setting up the "setup.sh" parts along with inventories.

I don't know how to do this exactly, perhaps downloading the setup package for aap, and filling up the inventory and calling ansible-playbook to setup the cluster.

Find out how to do this.

Requirements:

• List of community collections to sync - store in git

Create groups to IdM. Ops, Dev, RH, Arrow. to begin with

VM gets registered to IdM by running this playbook.

use smart filter to get only redhat vms. e.g. anything named with '^rh-.*][0-9]+$'

While I delete VM, I want it gone from subscription, insights, and idm conf. Create a playbook to wipe vm

IdM doesn't allow DNS queries forwarding for VPN clients, which makes it hard to connect to lab. Loosen the DNS config to allow VPN queries.

Current user adding playbook works only at the first run. It must be fixed to be idempotent.

Controller node: 4 CPUs - 16 GB memory - use default hdd
Execution node: 4 CPUs - 16 GB memory - use default hdd
Database node: 4 CPUs - 16 GB memory - use default hdd

Even though the playbooks set freeipa forwarders, the idms don't forward queries to external DNS servers. Only cool.lab dns works.

Use https://github.com/redhat-cop/tower_configuration/tree/devel/examples/configs to create workflow out of playbooks in our cool-lab repo.

The workflow should create VM, register to subs and insights, IdM, have DNS set at least.

Accordingly, create nuke vm workflow or task which undos all above.

There are already playbooks for this.

— Add machine credential for with root ssh private key from vault
— Add the coollab project
— Add templates for automation from the coollab project include survey

make it ansibled

https://hybrid-cloud-patterns.io/multicloud-gitops/getting-started/

Requirements:

• credentials cloud.redhat.com (subs user/pwd)

Use the prepare-rhel8 in install-ansible playbook

Add playbooks to create local automation hub for AAP cluster.

Add this: https://github.com/rcarrata/devsecops-demo

Ensure that new machines gets added to the right hostgroup in idm so that we can use the hostgroups to provide the correct access

Use automatic registration of new machines to idm for user and dns functionality in the install-ansible playbook

Put together the different part so that we can do the following:

• Create the vms needed
• Register with idm
• Add subscriptions to vms
• Create the setup inventory
• Download the setup bundle
• Run the installation of ansible

https://access.redhat.com/documentation/en-us/red_hat_ansible_automation_platform/2.1/html/installing_and_configuring_central_authentication_for_the_ansible_automation_platform/assembly-central-auth-hub

Automate user list for IdM.

Create sudo rules for ops to become sudo root.