Merge pull request #19 from eumel8/dev

Dev 20180726

.gitlab-ci.yml

@@ -7,7 +7,7 @@ lint:
   script:
     - sudo apt-get -y install python-pip
     - sudo pip install yamllint
-    - yamllint .
+    - find roles/ -name "*.yml" | xargs ansible-lint
 
 package:
    stage: package

.travis.yml

@@ -3,7 +3,7 @@ sudo: required
 dist: xenial
 
 language: python
-python: 
+python:
   - "2.7"
   - "3.5"
 
@@ -13,6 +13,7 @@ env:
   - ANSIBLE_VERSION=latest
   - ANSIBLE_VERSION=2.4.3.0
   - ANSIBLE_VERSION=2.5.0
+  - ANSIBLE_VERSION=2.5.2
 
 branches:
   only:

README.md

@@ -1,9 +1,11 @@
-Ansible for Open Telekom Cloud
+Ansible for Open Telekom Cloud  [![GitHub release](https://img.shields.io/github/release/eumel8/ansible-otc.svg?maxAge=3600)](https://github.com/eumel8/ansible-otc/releases)
 ==============================
 
 [![Documentation Status](https://readthedocs.org/projects/ansible-otc/badge/?version=latest)](http://ansible-otc.readthedocs.io/en/dev/?badge=latest)
 [![Build Status](https://travis-ci.org/eumel8/ansible-otc.svg?branch=dev)](https://travis-ci.org/eumel8/ansible-otc)
 
+[![Codacy Badge](https://api.codacy.com/project/badge/Grade/25eee063b94b455b90e3aa9d915071fa)](https://www.codacy.com/app/eumel/ansible-otc?utm_source=github.com&utm_medium=referral&utm_content=eumel8/ansible-otc&utm_campaign=Badge_Grade)
+
 Intro
 =====
 

doc/source/auth.rst

@@ -35,7 +35,7 @@ credentials::
     cp secrets.yml _secrets.yml 
     ansible-vault edit _secrets.yml
 
-We will looking for *_secrets.yml* file in the :ref:`otc_auth`
+We will looking for *_secrets.yml* file in the role ``otc_auth``
 
 Call the playbooks with vault param to encrypt the secret store::
 

doc/source/conf.py

@@ -31,9 +31,9 @@
 # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
 # ones.
 extensions = ['sphinx.ext.intersphinx',
-    'sphinx.ext.coverage',
-    'sphinx.ext.viewcode',
-    'sphinx.ext.githubpages']
+              'sphinx.ext.coverage',
+              'sphinx.ext.viewcode',
+              'sphinx.ext.githubpages']
 
 # Add any paths that contain templates here, relative to this directory.
 templates_path = ['_templates']
@@ -66,7 +66,7 @@
 #
 # This is also used if you do content translation via gettext catalogs.
 # Usually you set "language" from the command line for these cases.
-#language = 'en, de'
+# language = 'en, de'
 
 # List of patterns, relative to source directory, that match files and
 # directories to ignore when looking for source files.
@@ -85,14 +85,14 @@
 # The theme to use for HTML and HTML Help pages.  See the documentation for
 # a list of builtin themes.
 #
-#html_theme = 'alabaster'
+# html_theme = 'alabaster'
 html_theme = 'classic'
-#html_theme = 'scrolls'
-#html_theme = 'nature'
-#html_theme = 'sphinxdoc'
-#html_theme = 'agogo'
-#html_theme = 'traditional'
-#html_theme = 'bizstyle'
+# html_theme = 'scrolls'
+# html_theme = 'nature'
+# html_theme = 'sphinxdoc'
+# html_theme = 'agogo'
+# html_theme = 'traditional'
+# html_theme = 'bizstyle'
 
 # Theme options are theme-specific and customize the look and feel of a theme
 # further.  For a list of options available for each theme, see the
@@ -112,9 +112,6 @@
     'textcolor': '#6c6c6c',
     'linkcolor': '#4b4b4b',
     'visitedlinkcolor': '#6c6c6c',
-#    'headbgcolor':
-#    'headtextcolor':
-#    'headlinkcolor':
     'codebgcolor': '#ededed',
     'codetextcolor': '#a4a4a4',
     'bodyfont': 'Tele-GroteskNor',
@@ -201,8 +198,6 @@
      'Miscellaneous'),
 ]
 
-
-
 # -- Options for Epub output ----------------------------------------------
 
 # Bibliographic Dublin Core info.
@@ -223,7 +218,5 @@
 # A list of files that should not be packed into the epub file.
 epub_exclude_files = ['search.html']
 
-
-
 # Example configuration for intersphinx: refer to the Python standard library.
-intersphinx_mapping = {'https://docs.python.org/': None}
+intersphinx_mapping = {'https://docs.python.org/3/': None}

doc/source/connect.rst

@@ -6,7 +6,7 @@ OTC Connect Cheat Sheet
 How to connect to the Open Telekom Cloud
 ----------------------------------------
 
-Install prerequisites as root on your Ubuntu 16.04 machine::
+Install prerequisites as root on your Ubuntu 16.04 machine:
 
 Using requirements file in ansible-otc repo::
 

doc/source/dns.rst

@@ -142,4 +142,4 @@ Public zone::
     ansible-playbook dns_ini.yml -e "zone_name=example.com" -e "localaction=create"
 
 
-End of PoC. Look at the `[other plays and roles]<https://github.com/eumel8/ansible-otc>`__ to interact with OTC API
+End of PoC. Look at the `[other plays and roles] <https://github.com/eumel8/ansible-otc>`__ to interact with OTC API

doc/source/install.rst

@@ -7,6 +7,7 @@ Installrequirements
 * ansible==2.5.0.0
 * python-jmespath
 * python-netaddr
+* libxml2-utils
 
 
   *Ubuntu 14.04/16.04:*::

doc/source/roles.rst

@@ -11,12 +11,21 @@ Variables:
 +----------------------------------------------+----------------------------------------------+
 | localaction=(create,show,update,list,delete) | action on the role                           |
 +----------------------------------------------+----------------------------------------------+
+| uri_follow_redirects                         | follow API redirects ("all","save," "none")  |
++----------------------------------------------+----------------------------------------------+
+| uri_validate_certs                           | validate API ssl certs ("no", "yes")         |
++----------------------------------------------+----------------------------------------------+
+| uri_retries                                  | retries on API requests (default: 5)         |
++----------------------------------------------+----------------------------------------------+
+| uri_delay                                    | deleay on retries (default: 1)               |
++----------------------------------------------+----------------------------------------------+
 
 Functions:
 ==========
 
 .. include:: ../../roles/os-client-config/README.rst
 .. include:: ../../roles/otc_auth/README.rst
+.. include:: ../../roles/otc_cts/README.rst
 .. include:: ../../roles/otc_dns/README.rst
 .. include:: ../../roles/otc_ecs/README.rst
 .. include:: ../../roles/otc_eip/README.rst

playbooks/tenant_ini.yml

@@ -68,6 +68,23 @@
     zone_email: "{{ lookup('ini','zone_email section={{ zone_name }} file={{ tenant_ini }}') | default(lookup('ini', 'zone_email section=DEFAULT file={{ tenant_ini }}') ) }}"
     zone_ttl: "{{ lookup('ini','zone_ttl section={{ zone_name }} file={{ tenant_ini }}') | default(lookup('ini', 'zone_ttl section=DEFAULT file={{ tenant_ini }}') ) }}"
     zone_records: "{{ lookup('ini','{{ zone_name }} section=dnszonerecords file={{ tenant_ini }}') }}"
+   # RDS
+    rds_availability_zone: "{{ lookup('ini','rds_availability_zone' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_vpc_name: "{{ lookup('ini','rds_vpc_name' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_secgroup_name: "{{ lookup('ini','rds_secgroup_name' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_subnet_name: "{{ lookup('ini','rds_subnet_name' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_type: "{{ lookup('ini','rds_type' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_version: "{{ lookup('ini','rds_version' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_root_password: "{{ lookup('ini','rds_root_password' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_port: "{{ lookup('ini','rds_port' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_ram: "{{ lookup('ini','rds_ram' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_volume_type: "{{ lookup('ini','rds_volume_type' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_volume_size: "{{ lookup('ini','rds_volume_size' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_backup_time: "{{ lookup('ini','rds_backup_time' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_backup_days: "{{ lookup('ini','rds_backup_days' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_ha_enabled: "{{ lookup('ini','rds_ha_enabled' section={{ rds_name }} file={{ tenant_ini }}')"
+    rds_ha_replication_mode: "{{ lookup('ini','rds_ha_replication_mode' section={{ rds_name }} file={{ tenant_ini }}')"
+
     # playbook action
     localaction: "create"
 

playbooks/tenant_json.yml

@@ -67,6 +67,22 @@
     zone_email: "{{ tenant_cf['dnszones'][zone_name]['zone_email'] | default(tenant_cf['default']['zone_email']) }}"
     zone_ttl: "{{ tenant_cf['dnszones'][zone_name]['zone_ttl'] | default(tenant_cf['default']['zone_ttl']) }}"
     zone_records: "{{ tenant_cf['dnszonerecords'][zone_name] }}"
+    # RDS
+    rds_availability_zone: "{{ tenant_cf['rds'][rds_name][rds_availability_zone] }}"
+    rds_vpc_name: "{{ tenant_cf['rds'][rds_name][rds_vpc_name] }}"
+    rds_secgroup_name: "{{ tenant_cf['rds'][rds_name][rds_secgroup_name] }}"
+    rds_subnet_name: "{{ tenant_cf['rds'][rds_name][rds_subnet_name] }}"
+    rds_type: "{{ tenant_cf['rds'][rds_name][rds_type] }}"
+    rds_version: "{{ tenant_cf['rds'][rds_name][rds_version] }}"
+    rds_root_password: "{{ tenant_cf['rds'][rds_name][rds_root_password] }}"
+    rds_port: "{{ tenant_cf['rds'][rds_name][rds_port] }}"
+    rds_ram: "{{ tenant_cf['rds'][rds_name][rds_ram] }}"
+    rds_volume_type: "{{ tenant_cf['rds'][rds_name][rds_volume_type] }}"
+    rds_volume_size: "{{ tenant_cf['rds'][rds_name][rds_volume_size] }}"
+    rds_backup_time: "{{ tenant_cf['rds'][rds_name][rds_backup_time] }}"
+    rds_backup_days: "{{ tenant_cf['rds'][rds_name][rds_backup_days] }}"
+    rds_ha_enabled: "{{ tenant_cf['rds'][rds_name][rds_ha_enabled] }}"
+    rds_ha_replication_mode: "{{ tenant_cf['rds'][rds_name][rds_ha_replication_mode] }}"
     # playbook action
     localaction: "create"
 

playbooks/tenant_yml.yml

@@ -67,6 +67,23 @@
     zone_email: "{{ dnszones[zone_name].zone_email | default(default.zone_email) }}"
     zone_ttl: "{{ dnszones[zone_name].zone_ttl | default(default.zone_ttl) }}"
     zone_records: "{{ dnszonerecords[zone_name] }}"
+    # RDS
+    rds_availability_zone: "{{ rds[rds_name].rds_availability_zone }}"
+    rds_vpc_name: "{{ rds[rds_name].rds_vpc_name }}"
+    rds_secgroup_name: "{{ rds[rds_name].rds_secgroup_name }}"
+    rds_subnet_name: "{{ rds[rds_name].rds_subnet_name }}"
+    rds_type: "{{ rds[rds_name].rds_type | default('MySQL') }}"
+    rds_version: "{{ rds[rds_name].rds_version }}"
+    rds_root_password: "{{ rds[rds_name].rds_root_password }}"
+    rds_port: "{{ rds[rds_name].rds_port | default(3306) }}"
+    rds_ram: "{{ rds[rds_name].rds_ram }}"
+    rds_volume_type: "{{ rds[rds_name].rds_volume_type | default('COMMON') }}"
+    rds_volume_size: "{{ rds[rds_name].rds_volume_size | default(100) }}"
+    rds_backup_time: "{{ rds[rds_name].rds_backup_time | default('00:00:00') }}"
+    rds_backup_days: "{{ rds[rds_name].rds_backup_days }}"
+    rds_ha_enabled: "{{ rds[rds_name].rds_ha_enabled }}"
+    rds_ha_replication_mode: "{{ rds[rds_name].rds_ha_replication_mode }}"
+
     # playbook action
     localaction: "create"
 

playbooks/vars/buildservice_var.yml

@@ -11,7 +11,7 @@ subnet_gateway: "192.168.0.1"
 subnet_dhcp_enable: true
 subnet_primary_dns: 8.8.8.8
 subnet_secondary_dns: 8.4.4.8
-secgroups: 
+secgroups:
   - "buildserver-secgroup01"
 securitygroups:
   buildserver-secgroup01:

playbooks/vars/dns.yml

@@ -1,6 +1,6 @@
 ---
 default:
-  vpc_name : "ansible-vpc01",
+  vpc_name: "ansible-vpc01",
   zone_email: "[email protected]",
   zone_ttl: 86400
 dnszones:

playbooks/vars/tenant.ini

@@ -96,3 +96,20 @@ zone_ttl=3600
 ansible.internal.corp=[ "ansible-test01.ansible.internal.corp;description;A;300;192.168.0.101",
                         "ansible-test02.ansible.internal.corp;description;A;300;192.168.0.102" ]
 ansible.otc.telekomcloud99.com=[ "ansible-test01.ansible.otc.telekomcloud99.com;;A;300;80.158.23.253" ]
+[ansible-mysql01]
+rds_availability_zone=eu_de-01
+rds_secgroup_name=ansible-test01
+rds_subnet_name=ansible-subnet01
+rds_vpc_name=ansible-vpc01
+rds_type=MySQL
+rds_version=5.7.20
+rds_root_password="Test123!"
+rds_port=3306
+rds_ram=2048
+rds_volume_type=COMMON
+rds_volume_size=110
+rds_backup_time=01:00:00
+rds_backup_days=0
+rds_ha_enabled=false
+rds_ha_replication_mode="semisync"
+

playbooks/vars/tenant.json

@@ -54,7 +54,7 @@
     "ansible-test01" : [ "ingress;IPv4;tcp;22022;22022;0.0.0.0/0" ]
   },
   "elb": {
-    {"ansible-elb01": {
+    "ansible-elb01": {
       "elb_type" : "External",
       "elb_bandwidth" : "100",
       "admin_state_up" : "true",
@@ -65,7 +65,7 @@
     }
   },
   "elblistener": {
-    { "ansible-listener01": {
+    "ansible-listener01": {
       "listener_protocol" : "TCP",
       "listener_port" : "22",
       "listener_backend_protocol" : "TCP",
@@ -97,5 +97,24 @@
     "ansible.internal.corp": [ "ansible-test01.ansible.internal.corp;description;A;300;192.168.0.101",
                                "ansible-test02.ansible.internal.corp;description;A;300;192.168.0.102" ],
     "ansible.otc.telekomcloud99.com": [ "ansible-test01.example.com;;A;300;80.158.23.253" ]
+  },
+  "rds" : {
+    "ansible-mysql01": {
+      "rds_availability_zone": "eu_de-01",
+      "rds_secgroup_name": "ansible-test01",
+      "rds_subnet_name": "ansible-subnet01",
+      "rds_vpc_name": "ansible-vpc01",
+      "rds_type": "MySQL",
+      "rds_version": "5.7.20",
+      "rds_root_password": "Test123!",
+      "rds_port": 3306,
+      "rds_ram": 2048,
+      "rds_volume_type": "COMMON",
+      "rds_volume_size": 110,
+      "rds_backup_time": "01:00:00",
+      "rds_backup_days": 0,
+      "rds_ha_enabled": false,
+      "rds_ha_replication_mode": "semisync"
+    }
   }
 }

playbooks/vars/tenant.yml

@@ -35,11 +35,11 @@ vms:
     vpc_net: "192.168.0.0/16"
     availability_zone: "eu-de-01"
     subnet_name: "ansible-subnet01"
-    secgroups: 
+    secgroups:
       - "default-ansible"
       - "ansible-test01"
     ecs_ipaddress: "192.168.0.101"
-    ecs_publicip: "80.158.23.253"
+    ecs_publicip: "80.158.5.174"
     ecs_publicfqdn: "ansible-test01.ansible.otc.telekomcloud99.com"
     ecs_publicttl: "300"
     eip_bandwidth_name: "ansible-eip01"
@@ -65,7 +65,7 @@ elb:
     elb_type: "External"
     elb_bandwidth: 100
     admin_state_up: true
-    elb_availability_zone: eu_de-01
+    elb_availability_zone: "eu_de-01"
     elb_secgroup_name: "ansible-secgroup01"
     elb_subnet_name: "ansible-subnet01"
     elb_vpc_name: "ansible-vpc01"
@@ -99,3 +99,20 @@ dnszonerecords:
     - "ansible-test02.ansible.internal.corp;description;A;300;192.168.0.102"
   ansible.otc.telekomcloud99.com:
     - "ansible-test01.ansible.otc.telekomcloud99.com;;A;300;160.44.0.101"
+rds:
+  ansible-mysql01:
+    rds_availability_zone: "eu_de-01"
+    rds_secgroup_name: "ansible-test01"
+    rds_subnet_name: "ansible-subnet01"
+    rds_vpc_name: "ansible-vpc01"
+    rds_type: "MySQL"
+    rds_version: "5.7.20"
+    rds_root_password: "Test123!"
+    rds_port: 3306
+    rds_ram: 2048
+    rds_volume_type: "COMMON"
+    rds_volume_size: 110
+    rds_backup_time: "01:00:00"
+    rds_backup_days: 0
+    rds_ha_enabled: false
+    rds_ha_replication_mode: "semisync"

roles/otc_auth/defaults/main.yml

@@ -0,0 +1,4 @@
+uri_follow_redirects: "none"
+uri_validate_certs: "yes"
+uri_retries: 5
+uri_delay: 1

roles/otc_auth/meta/main.yml

@@ -0,0 +1,16 @@
+galaxy_info:
+  author: Frank Kloeker
+  description: Ansible Role for Open Telekom Cloud
+  company: Deutsche Telekom AG
+  license: Apache2
+  min_ansible_version: 2.4
+  platforms:
+    - name: Ubuntu
+      versions:
+        - xenial
+  categories:
+    - cloud
+    - python
+    - openstack
+#dependencies:
+#  - role: otc_auth