├── .gitignore ├── LICENSE ├── README.md ├── ansible.cfg ├── files ├── cfme.fact ├── inventory └── vmdb_password.yml ├── playbooks ├── change_vmdb_password.yml ├── disable-medium-ssl-ciphers.yml ├── files ├── full-stop-start-services.yml ├── gather-logs.yml ├── health-check.yml ├── install-custom-facts.yml ├── install-vddk.yml ├── install-webmks-sdk.yml ├── migrate-5-7-to-5-8.yml ├── migrate-5-8-to-5-9.yml ├── migrate-5-9-to-5-10.yml ├── rolling-update.yml ├── simultaneous-update.yml ├── smoke-test-service-provision.yml ├── start-services.yml ├── stop-services.yml ├── tasks └── uninstall-webmks-sdk.yml └── tasks ├── api-authenticate.yml ├── configure-activation-key.yml ├── configure-repositories.yml ├── determine-pg-service-name.yml ├── get-service-template.yml ├── host-reboot.yml ├── install-custom-facts.yml ├── perform-health-check.yml ├── provision-service.yml ├── retire-service.yml └── update-packages.yml /.gitignore: -------------------------------------------------------------------------------- 1 | *.swp 2 | *.retry 3 | .vscode 4 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ansible-redhat_cloudforms 2 | This is a *community supported* repository of ansible playbooks for automating the management of ManageIQ and/or Red Hat CloudForms Management Engine (CFME). 3 | 4 | ## Playbooks 5 | Playbooks provided by this project. 6 | 7 | ### migrate-5-7-to-5-8.yml 8 | Performs a migration from CFME 5.7 to 5.8 utilizing steps from [Migrating to Red Hat CloudForms 4.5](https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.5/html/migrating_to_red_hat_cloudforms_4.5/). This playbook does not currently perform a backup, resize the disks or handle database replication scenarios. 9 | 10 | #### Assumptions 11 | * Appliances have already been backed up per [General Configuration Section 4.4.5.1](https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.5/html/general_configuration/configuration#backing-up-and-restoring-a-database). 12 | * Disks have already been resized. 13 | * Environments are not utilizing database replication. 14 | * Appliances have had memory increased to 12Gb for CloudForms 4.5 and newer appliances per requirement. 15 | 16 | #### Required groups 17 | * cfme 18 | * cfme_appliancees 19 | * cfme_databases 20 | 21 | #### Options 22 | | parameter | required | default | choices | comments 23 | |------------------------------|----------|---------|---------|------------------------------------------------------------------- 24 | | cfme_additional_repositories | No | | | Additional repositories to configure when performing the migration 25 | | sat6_org_id | No | | | Satellite 6 organization ID (when using activation key below) 26 | | sat6_activation_key | No | | | Satellite 6 activation key (instead of direct subscribe to repos) 27 | 28 | ### migrate-5-8-to-5-9.yml 29 | Performs a migration from CFME 5.8 to 5.9 utilizing steps from [Migrating to Red Hat CloudForms 4.6](https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.6/html/migrating_to_red_hat_cloudforms_4.6/). This playbook does not currently perform a backup, resize the disks or handle database replication scenarios. 30 | 31 | #### Assumptions 32 | * Appliances have already been backed up per [General Configuration Section 4.4.5.1](https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.5/html/general_configuration/configuration#backing-up-and-restoring-a-database). 33 | * Disks have already been resized. (Only necessary if migrating from CFME 5.8.0.17 or earlier) 34 | * Environments are not utilizing database replication. 35 | 36 | #### Required groups 37 | * cfme 38 | * cfme_appliancees 39 | * cfme_databases 40 | 41 | #### Options 42 | | parameter | required | default | choices | comments 43 | |------------------------------|----------|---------|---------|------------------------------------------------------------------- 44 | | cfme_additional_repositories | No | | | Additional repositories to configure when performing the migration 45 | | sat6_org_id | No | | | Satellite 6 organization ID (when using activation key below) 46 | | sat6_activation_key | No | | | Satellite 6 activation key (instead of direct subscribe to repos) 47 | 48 | ### migrate-5-9-to-5-10.yml 49 | Performs a migration from CFME 5.9 to 5.10 utilizing steps from [Migrating to Red Hat CloudForms 4.7](https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.7/html/migrating_to_red_hat_cloudforms_4.7/). This playbook does not currently perform a backup, resize the disks or handle database replication scenarios. 50 | 51 | #### Assumptions 52 | * Appliances have already been backed up per [General Configuration Section 4.4.5.1](https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.5/html/general_configuration/configuration#backing-up-and-restoring-a-database). 53 | * Disks have already been resized. (Only necessary if migrating from CFME 5.8.0.17 or earlier) 54 | * Environments are not utilizing database replication. 55 | 56 | #### Required groups 57 | * cfme 58 | * cfme_appliancees 59 | * cfme_databases 60 | 61 | #### Options 62 | | parameter | required | default | choices | comments 63 | |------------------------------|----------|---------|---------|------------------------------------------------------------------- 64 | | cfme_additional_repositories | No | | | Additional repositories to configure when performing the migration 65 | | sat6_org_id | No | | | Satellite 6 organization ID (when using activation key below) 66 | | sat6_activation_key | No | | | Satellite 6 activation key (instead of direct subscribe to repos) 67 | 68 | ### rolling-update.yml 69 | Performs an update/upgrade of all packages on the CFME appliances and performs a reboot if necessary. 70 | 71 | #### Required groups 72 | * cfme 73 | * cfme_appliancees 74 | * cfme_databases 75 | 76 | #### Options 77 | | parameter | required | default | choices | comments 78 | |------------------------------|----------|---------|---------|------------------------------------------------------------------- 79 | | cfme_additional_repositories | No | | | Additional repositories to configure when performing the update 80 | | sat6_org_id | No | | | Satellite 6 organization ID (when using activation key below) 81 | | sat6_activation_key | No | | | Satellite 6 activation key (instead of direct subscribe to repos) 82 | 83 | ### simultaneous-update.yml 84 | Performs an update/upgrade of all packages on all CFME appliances at the same time, and performs a reboot if necessary. 85 | 86 | #### Required groups 87 | * cfme 88 | * cfme_appliancees 89 | * cfme_databases 90 | 91 | #### Options 92 | | parameter | required | default | choices | comments 93 | |------------------------------|----------|---------|---------|------------------------------------------------------------------- 94 | | cfme_addiitonal_repositories | No | | | Additional repositories to configure when performing the update 95 | | sat6_org_id | No | | | Satellite 6 organization ID (when using activation key below) 96 | | sat6_activation_key | No | | | Satellite 6 activation key (instead of direct subscribe to repos) 97 | 98 | ### smoke-test-service-provision.yml 99 | Smoke tests Service template provisioning and retirment. 100 | 101 | #### Required groups 102 | * cfme_ui_appliances 103 | 104 | #### Options 105 | | parameter | required | default | comments 106 | |-------------------------------------------|----------|---------|---------------------------------------------------------- 107 | | cfme\_api\_user | Yes | | API user 108 | | cfme\_api\_password | Yes | | API password 109 | | cfme\_service\_catalog\_name | Yes | | Service Catalog that contains the Service Tempalte to test 110 | | cfme\_service\_template\_name | Yes | | Service Teamplte to test 111 | | cfme\_provision\_service\_dialog\_options | Yes | | Hash of dialog options to pass to the Service Template creation request 112 | | cfme\_provision\_service\_retries | No | 60 | Number of attempts at waiting for Provision Service task to complete 113 | | cfme\_provision\_service\_delay | No | 60 | Number of seconds between attempts at waiting for Provion Service task to complete 114 | | cfme\_retire\_service\_retries | No | 60 | Number of attempts at waiting for Retire Service task to complete 115 | | cfme\_retire\_service\_delay | No | 60 | Number of seconds between attempts at waiting for Retire Service task to complete 116 | 117 | ### start-services.yml 118 | Start all of the DB services then all of the Appliance services. 119 | 120 | #### Required groups 121 | * cfme_appliancees 122 | * cfme_databases 123 | 124 | ### stop-services.yml 125 | Stop all of the Appliance services then all of the DB services. 126 | 127 | #### Required groups 128 | * cfme_appliancees 129 | * cfme_databases 130 | 131 | ### full-stop-start-services.yml 132 | Stop all of the Appliance services, then all of the DB services, then start all of the DB services, then all of the Appliance services, then perform a helath check. 133 | 134 | #### Required groups 135 | * cfme_appliancees 136 | * cfme_databases 137 | 138 | ### health-check.yml 139 | Checks the health of the Appliances. 140 | 141 | #### Required groups 142 | * cfme_appliancees 143 | 144 | ### gather-logs.yml 145 | Gathers relevant logs from all of the appliances and puts them in an archive on the first DB host. Optionally emails the archive. 146 | 147 | #### Required groups 148 | * cfme_databases 149 | 150 | #### Options 151 | | parameter | required | default | comments 152 | |---------------------------------|----------|---------|------------------------------------------------------------------------------------- 153 | | cfme\_gather\_logs\_smtp\_host | No | | SMTP host to send log archive email through. If not specified no email will be sent. 154 | | cfme\_gather\_logs\_smtp\_port | No | | SMTP port to send log archive email through. If not specified no email will be sent. 155 | | cfme\_gather\_logs\_email\_from | No | | Email addresses to send the log archive email from. If not specified no email will be sent. 156 | | cfme\_gather\_logs\_email\_to | No | | Email addresses to send the log archive email to. If not specified no email will be sent 157 | 158 | ### install-vddk.yml 159 | Installs the VMware Virtual Disk Development Kit (VDDK). This is required to enable Smart State Analysis (SSA) for VMware hosts. 160 | 161 | * You will need a VMware login to download the VDDK. We do not provide this due to VMware licensing requirements. 162 | 163 | #### Options 164 | | parameter | required | default | comments 165 | |------------------|----------|---------|-------------------------------------------------------------------- 166 | | cfme\_vddk\_path | Yes | | This is the file path, on the control node, of the downloaded VDDK. 167 | 168 | ### uninstall-vddk.yml 169 | Uninstalls the VMware Virtual Disk Development Kit (VDDK). This can be utilized in conjunction with install-vddk.yml when an upgrade of the VDDK is required. 170 | 171 | ### install-webmks-sdk.yml 172 | Installs the VMware HTML Console SDK. This is required to enable WebMKS for VMware Console Support. 173 | 174 | * You will need a VMware login to download the SDK. We do not provide this due to VMware licensing requirements. 175 | 176 | #### Options 177 | | parameter | required | default | comments 178 | |------------------|----------|---------|-------------------------------------------------------------------- 179 | | cfme\_webmks_sdk\_path | Yes | | This is the file path, on the control node, of the downloaded SDK. 180 | 181 | ### uninstall-webmks-sdk.yml 182 | Removes the VMware HTML Console SDK. This disables WebMKS for VMware Console Support. 183 | 184 | ### change_vmdb_password.yml 185 | Changes the VMDB PostgreSQL password, updates the database.yml files, and restarts evmserverd. 186 | 187 | #### Assumptions 188 | * vmdb_password is defined in files/vmdb_password.yml which is encrypted using Ansible Vault. 189 | * The password of the vault is `smartvm`. 190 | * The password of the vault can be changed with `ansible-vault rekey files/vmdb_password.yml`. 191 | * The VMDB password to be used can be set by editing the vault with `ansible-vault edit files/vmdb_password.yml`. 192 | * The playbook can be run with `ansible-playbook --vault-id @prompt playbooks/change_vmdb_password.yml` to prompt for the Ansible Vault password. 193 | 194 | #### Required groups 195 | * cfme_appliancees 196 | * cfme_databases 197 | 198 | #### Options 199 | | parameter | required | default | comments 200 | |------------------|----------|---------|-------------------------------------------------------------------- 201 | | vmdb\_password | Yes | | This is the new password to use for the VMDB PostgreSQL account. 202 | 203 | ### disable-medium-ssl-ciphers.yml 204 | Disables Medium SSL Ciphers in the CloudForms webserver configuration (/etc/httpd/conf.d/manageiq-https-application.conf). 205 | * Addresses Tenable finding https://www.tenable.com/plugins/nessus/42873 206 | 207 | #### Required groups 208 | * cfme_appliancees 209 | 210 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | inventory = files/inventory 3 | -------------------------------------------------------------------------------- /files/cfme.fact: -------------------------------------------------------------------------------- 1 | #!/usr/bin/ruby 2 | 3 | require 'json' 4 | 5 | cfme_package = `rpm -q cfme` 6 | matches = /cfme-(([[:digit:]]*).([[:digit:]]*).([[:digit:]]*).([[:digit:]]*)-([[:digit:]]*))\..*/.match(cfme_package) 7 | 8 | cfme = { 9 | 'cfme_version' => matches[1], 10 | 'cfme_version_product' => "#{matches[2]}.#{matches[3]}", 11 | 'cfme_version_major' => matches[2], 12 | 'cfme_version_minor' => matches[3], 13 | 'cfme_version_patch' => matches[4], 14 | 'cfme_version_build' => matches[5], 15 | 'cfme_version_rpm_release' => matches[6] 16 | } 17 | 18 | puts cfme.to_json 19 | -------------------------------------------------------------------------------- /files/inventory: -------------------------------------------------------------------------------- 1 | [cfme:children] 2 | cfme_databases 3 | cfme_appliances 4 | 5 | # All applicances which are running evmserverd including database appliances which are not standalone. 6 | # Do not include HA / standalone databasees which are not running evmserverd here. 7 | [cfme_appliances] 8 | cfmedb01 # Application running on database appliance. 9 | cfmeui01 10 | cfmeui02 11 | cfmewk01 12 | cfmewk02 13 | cfmewk03 14 | 15 | # Any appliance with VMDB database running. 16 | # HA / standalone or VMDB with application running too. 17 | [cfme_databases] 18 | cfmedb01 # Application running on database appliance. 19 | cfmehadb01 # HA database 20 | cfmehadb02 # HA database 21 | cfmehadb03 # HA database 22 | 23 | [all:vars] 24 | #cfme_additional_repositories=some-repo 25 | sat6_org_id=Example_Org 26 | sat6_activation_key=content_view-cf46,host_collection-cloudforms 27 | 28 | #cfme_api_user=admin 29 | #cfme_api_password=smartvm 30 | #cfme_service_catalog_name= 31 | #cfme_service_template_name= 32 | #cfme_provision_service_dialog_options= 33 | #cfme_provision_service_retries= 34 | #cfme_provision_service_delay= 35 | #cfme_retire_service_retries= 36 | #cfme_retire_service_delay= 37 | 38 | #cfme_gather_logs_smtp_host=mail.example.com 39 | #cfme_gather_logs_smtp_port=25 40 | #cfme_gather_logs_email_from=cloudforms@example.com 41 | #cfme_gather_logs_email_to=cloudforms@example.com 42 | 43 | #cfme_vddk_path= 44 | 45 | #cfme_webmks_sdk_path= 46 | -------------------------------------------------------------------------------- /files/vmdb_password.yml: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 30346666613932663530363532363433646236323939383239663639316364383236666666646131 3 | 3962623835613863653038336232613236626234313833370a623233623066316233653361313337 4 | 61333534363034326339313432663836373133343636353730373336666534613265366635316233 5 | 6135643632336166620a643633663264323831643766383361663935333238613762306533646538 6 | 31326330323362393130343130646666393434656631663063613963376262346163 7 | -------------------------------------------------------------------------------- /playbooks/change_vmdb_password.yml: -------------------------------------------------------------------------------- 1 | - name: CFME | Change VMDB Password | Appliances Specific Preparation 2 | hosts: cfme_appliances 3 | become: True 4 | become_method: su 5 | gather_facts: False 6 | vars_files: 7 | - files/vmdb_password.yml 8 | tasks: 9 | - name: CFME | Change VMDB Password | Stop evmserverd 10 | service: 11 | name: evmserverd 12 | state: stopped 13 | - name: CFME | Change VMDB Password | Update database.yml file. 14 | shell: "/var/www/miq/vmdb/tools/fix_auth.rb --databaseyml --password '{{ vmdb_password }}'" 15 | 16 | - name: CFME | Change VMDB Password | Change PostgreSQL Password 17 | hosts: "{{ groups['cfme_databases'][0] }}" 18 | become: True 19 | gather_facts: False 20 | vars_files: 21 | - files/vmdb_password.yml 22 | tasks: 23 | - name: CFME | Change VMDB Password | Install python-psycopg2 24 | yum: 25 | name: python-psycopg2 26 | state: latest 27 | - name: CFME | Change VMDB Password | Change PostgreSQL Password 28 | postgresql_user: 29 | db: vmdb_production 30 | name: root 31 | password: "{{ vmdb_password }}" 32 | 33 | - name: CFME | Change VMDB Password | Restart evmserverd 34 | hosts: cfme_appliances 35 | become: True 36 | gather_facts: False 37 | tasks: 38 | - name: CFME | Change VMDB Password | Restart evmserverd 39 | service: 40 | name: evmserverd 41 | state: restarted 42 | -------------------------------------------------------------------------------- /playbooks/disable-medium-ssl-ciphers.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Disable Medium SSL Cipher Suites within CloudForms Configuration 3 | hosts: cfme_appliances 4 | gather_facts: True 5 | handlers: 6 | - name: CFME | Restart HTTPD 7 | become: True 8 | service: 9 | name: httpd 10 | state: reloaded 11 | listen: "Restart HTTPD" 12 | - name: CFME | Test HTTPD Port 13 | wait_for: 14 | port: 80 15 | state: started 16 | listen: "Restart HTTPD" 17 | - name: CFME | Health Check | Include Tasks 18 | include_tasks: tasks/perform-health-check.yml 19 | listen: "Restart HTTPD" 20 | tasks: 21 | # Finding https://www.tenable.com/plugins/nessus/42873 22 | - name: CFME | Disable Medium SSL Cipher Suites 23 | become: True 24 | lineinfile: 25 | path: /etc/httpd/conf.d/manageiq-https-application.conf 26 | regexp: '^SSLCipherSuite |^r"SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXPORT"' 27 | line: "SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXPORT" 28 | state: present 29 | backrefs: True 30 | backup: True 31 | notify: "Restart HTTPD" 32 | # Do not run this on CF 5.11 and greater due to change in crypto in RHEL 8 33 | when: "cfme_version_product is version('5.11', '<')" 34 | vars: 35 | cfme_version_product: "{{ ansible_local['cfme']['cfme_version_product'] }}" 36 | -------------------------------------------------------------------------------- /playbooks/files: -------------------------------------------------------------------------------- 1 | ../files/ -------------------------------------------------------------------------------- /playbooks/full-stop-start-services.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Full Stop / Start Services | Gather Facts 3 | hosts: all 4 | gather_facts: True 5 | 6 | - import_playbook: stop-services.yml 7 | - import_playbook: start-services.yml 8 | - import_playbook: health-check.yml 9 | -------------------------------------------------------------------------------- /playbooks/gather-logs.yml: -------------------------------------------------------------------------------- 1 | - name: CFME | Gather Logs 2 | hosts: all 3 | gather_facts: True 4 | tasks: 5 | - name: CFME | Gather Logs | Set logs to gather 6 | set_fact: 7 | cfme_gather_logs_list: 8 | - evm.log 9 | - automation.log 10 | - top_output.log 11 | when: cfme_gather_logs_list is not defined 12 | 13 | - name: CFME | Gather Logs | Set destination host 14 | set_fact: 15 | cfme_gather_logs_destination_host: "{{ groups['cfme-databases'][0] }}" 16 | 17 | - name: CFME | Gather Logs | Get destionation public key 18 | slurp: 19 | src: '~/.ssh/id_rsa.pub' 20 | delegate_to: "{{ cfme_gather_logs_destination_host }}" 21 | register: cfme_destination_pub_key 22 | 23 | - name: CFME | Gather Logs | Add destination public key as authorized key 24 | authorized_key: 25 | user: "{{ ansible_user }}" 26 | state: present 27 | validate_certs: False 28 | key: "{{ cfme_destination_pub_key['content'] | b64decode }}" 29 | 30 | - name: CFME | Gather Logs | Determine destination dir 31 | set_fact: 32 | cfme_gather_logs_destination_dir: "/tmp/ansible-cfme-gather-logs_{{ ansible_date_time.date }}_{{ ansible_date_time.hour }}{{ ansible_date_time.minute }}{{ ansible_date_time.second }}" 33 | delegate_to: "{{ cfme_gather_logs_destination_host }}" 34 | run_once: True 35 | 36 | - name: CFME | Gather Logs | Set destination dir 37 | set_fact: 38 | cfme_gather_logs_destination_dir: "{{ hostvars[cfme_gather_logs_destination_host]['cfme_gather_logs_destination_dir'] }}" 39 | 40 | - name: CFME | Gather Logs | Create destination directory 41 | file: 42 | path: "{{ cfme_gather_logs_destination_dir }}" 43 | state: directory 44 | mode: 0777 45 | recurse: True 46 | run_once: True 47 | delegate_to: "{{ cfme_gather_logs_destination_host }}" 48 | become: True 49 | 50 | - name: CFME | Gather Logs | Syncronize logs 51 | synchronize: 52 | mode: pull 53 | archive: No 54 | src: "/var/www/miq/vmdb/log/{{ item }}" 55 | dest: "{{ cfme_gather_logs_destination_dir }}/{{ item }}-{{ inventory_hostname }}" 56 | delegate_to: "{{ cfme_gather_logs_destination_host }}" 57 | with_items: "{{ cfme_gather_logs_list }}" 58 | ignore_errors: True 59 | 60 | - name: CFME | Gather Logs | Create archive 61 | archive: 62 | path: "{{ cfme_gather_logs_destination_dir }}" 63 | dest: "{{ cfme_gather_logs_destination_dir }}.tgz" 64 | run_once: True 65 | delegate_to: "{{ cfme_gather_logs_destination_host }}" 66 | 67 | - name: CFME | Gather Logs | Archive location 68 | debug: 69 | msg: "{{ cfme_gather_logs_destination_dir }}.tgz" 70 | run_once: True 71 | delegate_to: "{{ cfme_gather_logs_destination_host }}" 72 | 73 | - name: CFME | Gather Logs | Send email with logs attached 74 | mail: 75 | host: "{{ cfme_gather_logs_smtp_host }}" 76 | port: "{{ cfme_gather_logs_smtp_port }}" 77 | secure: never 78 | from: "{{ cfme_gather_logs_email_from }}" 79 | to: "{{ cfme_gather_logs_email_to }}" 80 | subject: CFME Logs 81 | body: "CFME logs gathered from cluster and sent from {{ inventory_hostname }}." 82 | attach: "{{ cfme_gather_logs_destination_dir }}.tgz" 83 | run_once: True 84 | delegate_to: "{{ cfme_gather_logs_destination_host }}" 85 | when: 86 | - "cfme_gather_logs_smtp_host is defined" 87 | - "cfme_gather_logs_smtp_port is defined" 88 | - "cfme_gather_logs_email_from is defined" 89 | - "cfme_gather_logs_email_to is defined" 90 | ignore_errors: True 91 | 92 | - name: CFME | Gather Logs | Delete destination directory 93 | file: 94 | path: "{{ cfme_gather_logs_destination_dir }}" 95 | state: absent 96 | run_once: True 97 | delegate_to: "{{ cfme_gather_logs_destination_host }}" 98 | become: True 99 | -------------------------------------------------------------------------------- /playbooks/health-check.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Health Check 3 | hosts: cfme_appliances 4 | gather_facts: True 5 | tasks: 6 | - name: CFME | Health Check | Include Tasks 7 | import_tasks: tasks/perform-health-check.yml 8 | -------------------------------------------------------------------------------- /playbooks/install-custom-facts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Install Custom Facts 3 | hosts: cfme 4 | become: True 5 | gather_facts: False 6 | tasks: 7 | - name: CFME | Install Custom Facts | Include Tasks 8 | include_tasks: tasks/custom-facts.yml 9 | -------------------------------------------------------------------------------- /playbooks/install-vddk.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Install VDDK 3 | hosts: all 4 | gather_facts: True 5 | tasks: 6 | - name: CFME | Install VDDK | Create Temp Directory 7 | tempfile: 8 | state: directory 9 | prefix: vmware 10 | register: tmp_dir 11 | 12 | - name: CFME | Install VDDK | Extract VDDK 13 | unarchive: 14 | src: "{{ cfme_vddk_path }}" 15 | dest: "{{ tmp_dir['path'] }}" 16 | 17 | - name: CFME | Install VDDK | Sync Folder to /usr/lib 18 | synchronize: 19 | src: "{{ tmp_dir['path'] }}/vmware-vix-disklib-distrib/" 20 | dest: /usr/lib/vmware-vix-disklib 21 | delegate_to: "{{ inventory_hostname }}" 22 | 23 | - name: CFME | Install VDDK | Link libvixDiskLib.so 24 | file: 25 | src: /usr/lib/vmware-vix-disklib/lib64/libvixDiskLib.so 26 | dest: /usr/lib/libvixDiskLib.so 27 | state: link 28 | register: link_result_one 29 | 30 | - name: CFME | Install VDDK | Link libvixDiskLib.so.6 31 | file: 32 | src: /usr/lib/vmware-vix-disklib/lib64/libvixDiskLib.so.6 33 | dest: /usr/lib/libvixDiskLib.so.6 34 | state: link 35 | register: link_result_two 36 | 37 | - name: CFME | Install VDDK | Clean Up /tmp 38 | file: 39 | path: "{{ tmp_dir['path'] }}" 40 | state: absent 41 | 42 | - name: CFME | Install VDDK | Run ldconfig 43 | command: 'ldconfig' 44 | when: link_result_one is changed or link_result_two is changed 45 | -------------------------------------------------------------------------------- /playbooks/install-webmks-sdk.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: CFME | Install WebMKS SDK 4 | hosts: all 5 | gather_facts: True 6 | tasks: 7 | 8 | - block: 9 | 10 | - name: CFME | Install WebMKS SDK | Create Temp Directory 11 | tempfile: 12 | state: directory 13 | prefix: vmware 14 | register: tmp_dir 15 | 16 | - name: CFME | Install WebMKS SDK | Extract WebMKS SDK 17 | unarchive: 18 | src: "{{ cfme_webmks_sdk_path }}" 19 | dest: "{{ tmp_dir['path'] }}" 20 | 21 | - name: CFME | Install WebMKS SDK | Create WebMKS directory 22 | file: 23 | state: directory 24 | path: /var/www/miq/vmdb/public/webmks 25 | owner: root 26 | group: root 27 | 28 | - name: CFME | Install WebMKS SDK | Sync Folder to /var/www/miq/vmdb/public/ 29 | synchronize: 30 | src: "{{ tmp_dir['path'] }}/" 31 | dest: /var/www/miq/vmdb/public/webmks 32 | delegate_to: "{{ inventory_hostname }}" 33 | 34 | - name: CFME | Install WebMKS SDK | Enforce Correct File and Directory Permissions 35 | file: 36 | state: directory 37 | path: /var/www/miq/vmdb/public/webmks 38 | mode: 'a+rX' 39 | recurse: True 40 | 41 | rescue: 42 | 43 | - debug: 44 | msg: 'WebMKS installation failed. Removing any WebMKS assets installed.' 45 | 46 | - name: CFME | Install WebMKS SDK | Remove WebMKS Assets on Failure 47 | file: 48 | state: absent 49 | path: /var/www/miq/vmdb/public/webmks 50 | 51 | always: 52 | 53 | - name: CFME | Install WebMKS SDK | Clean Up /tmp 54 | file: 55 | path: "{{ tmp_dir['path'] }}" 56 | state: absent 57 | -------------------------------------------------------------------------------- /playbooks/migrate-5-7-to-5-8.yml: -------------------------------------------------------------------------------- 1 | - name: CFME | Migrate | 5.7 to 5.8 | All Preparation 2 | hosts: cfme 3 | become: True 4 | gather_facts: True 5 | tasks: 6 | - name: CFME | Migrate | Subscribe Using Activation Key 7 | include_tasks: tasks/configure-activation-key.yml 8 | when: sat6_activation_key is defined 9 | 10 | - name: CFME | Migrate | Subscribe Using Repositories 11 | include_tasks: tasks/configure-repositories.yml 12 | vars: 13 | cfme_version_product: 5.8 14 | when: sat6_activation_key is not defined 15 | 16 | - name: CFME | Migrate | 5.7 to 5.8 | Appliances Specific Preparation 17 | hosts: cfme_appliances 18 | become: True 19 | gather_facts: False 20 | tasks: 21 | - name: CFME | Migrate | Stop evmserverd 22 | service: 23 | name: evmserverd 24 | state: stopped 25 | 26 | - name: CFME | Migrate | 5.7 to 5.8 | DB Specific Preparation 27 | hosts: cfme_databases 28 | become: True 29 | gather_facts: False 30 | tasks: 31 | - name: CFME | Migrate | Stop postgres 32 | service: 33 | name: rh-postgresql95-postgresql 34 | state: stopped 35 | 36 | - name: CFME | Migrate | 5.7 to 5.8 | Update Packages 37 | hosts: cfme 38 | become: True 39 | gather_facts: False 40 | tasks: 41 | - name: CFME | Migrate | Update all packages to latest 42 | yum: 43 | name: '*' 44 | state: latest 45 | 46 | - name: CFME | Migrate | 5.7 to 5.8 | Start postgresql 47 | hosts: cfme_databases 48 | become: True 49 | gather_facts: False 50 | tasks: 51 | - name: CFME | Migrate | Start postgres 52 | service: 53 | name: rh-postgresql95-postgresql 54 | state: started 55 | 56 | - name: CFME | Migrate | 5.8 to 5.9 | Wait for postgresql 57 | hosts: cfme_databases 58 | become: True 59 | gather_facts: False 60 | tasks: 61 | - name: CFME | Migrate | Wait for postgresql 62 | wait_for: 63 | port: 5432 64 | delay: 120 65 | 66 | - name: CFME | Migrate | 5.7 to 5.8 | DB Migration 67 | hosts: cfme_appliances 68 | become: True 69 | gather_facts: False 70 | tasks: 71 | - name: CFME | Migrate | rake db:migrate 72 | run_once: True 73 | shell: "cd /var/www/miq/vmdb; rake db:migrate > >(tee /var/tmp/rake_db_migrate.out) 2> >(tee /var/tmp/rake_db_migrate.err >&2)" 74 | async: 18000 75 | poll: 60 76 | 77 | - name: CFME | Migrate | rake evm:automate:reset 78 | run_once: True 79 | shell: "cd /var/www/miq/vmdb; rake evm:automate:reset > >(tee /var/tmp/evm_automate_reset.out) 2> >(tee /var/tmp/evm_automate_reset.err >&2)" 80 | async: 3600 81 | poll: 60 82 | 83 | - name: CFME | Migrate | 5.7 to 5.8 | Post DB Migrate Restart 84 | hosts: cfme_databases 85 | become: True 86 | gather_facts: False 87 | tasks: 88 | - name: CFME | Migrate | Restart postgresql 89 | service: 90 | name: rh-postgresql95-postgresql 91 | state: restarted 92 | 93 | - name: CFME | Migrate | 5.7 to 5.8 | Check Schema 94 | hosts: cfme_appliances 95 | become: True 96 | gather_facts: False 97 | tasks: 98 | - name: CFME | Migrate | Check DB Schema 99 | block: 100 | - name: CFME | Migrate | rake evm:db:check_schema 101 | shell: "cd /var/www/miq/vmdb; rake evm:db:check_schema | tee /var/tmp/evm_check_schema.out" 102 | register: evm_db_check_schema_cmd 103 | changed_when: False 104 | async: 3600 105 | poll: 60 106 | 107 | # Using assert module due to bug in async/poll. https://github.com/ansible/ansible/issues/32472 108 | - name: CFME | Migrate | Assert evm:db:check_schema result 109 | assert: 110 | that: "evm_db_check_schema_cmd.rc == 0 and 'The local schema is consistent with schema.yml' in evm_db_check_schema_cmd.stdout" 111 | run_once: True 112 | tags: 113 | - evm_check_schema 114 | 115 | - name: CFME | Migrate | 5.7 to 5.8 | Restart evmserverd 116 | hosts: cfme_appliances 117 | become: True 118 | gather_facts: False 119 | tasks: 120 | - name: CFME | Migrate | Restart evmserverd 121 | service: 122 | name: evmserverd 123 | state: restarted 124 | -------------------------------------------------------------------------------- /playbooks/migrate-5-8-to-5-9.yml: -------------------------------------------------------------------------------- 1 | - name: CFME | Migrate | 5.8 to 5.9 | All Preparation 2 | hosts: cfme 3 | become: True 4 | gather_facts: True 5 | tasks: 6 | - name: CFME | Migrate | Subscribe Using Activation Key 7 | include_tasks: tasks/configure-activation-key.yml 8 | when: sat6_activation_key is defined 9 | 10 | - name: CFME | Migrate | Subscribe Using Repositories 11 | include_tasks: tasks/configure-repositories.yml 12 | vars: 13 | cfme_version_product: 5.9 14 | when: sat6_activation_key is not defined 15 | 16 | - name: CFME | Migrate | 5.8 to 5.9 | Appliances Specific Preparation 17 | hosts: cfme_appliances 18 | become: True 19 | gather_facts: False 20 | tasks: 21 | - name: CFME | Migrate | Stop evmserverd 22 | service: 23 | name: evmserverd 24 | state: stopped 25 | 26 | - name: CFME | Migrate | 5.8 to 5.9 | DB Specific Preparation 27 | hosts: cfme_databases 28 | become: True 29 | gather_facts: False 30 | tasks: 31 | - name: CFME | Migrate | Stop postgres 32 | service: 33 | name: rh-postgresql95-postgresql 34 | state: stopped 35 | 36 | - name: CFME | Migrate | 5.8 to 5.9 | Update Packages 37 | hosts: cfme 38 | become: True 39 | gather_facts: False 40 | tasks: 41 | - name: CFME | Migrate | Update all packages to latest 42 | yum: 43 | name: '*' 44 | state: latest 45 | 46 | - name: CFME | Migrate | 5.8 to 5.9 | Start postgresql 47 | hosts: cfme_databases 48 | become: True 49 | gather_facts: False 50 | tasks: 51 | - name: CFME | Migrate | Start postgres 52 | service: 53 | name: rh-postgresql95-postgresql 54 | state: started 55 | 56 | - name: CFME | Migrate | 5.8 to 5.9 | Wait for postgresql 57 | hosts: cfme_databases 58 | become: True 59 | gather_facts: False 60 | tasks: 61 | - name: CFME | Migrate | Wait for postgresql 62 | wait_for: 63 | port: 5432 64 | delay: 120 65 | 66 | - name: CFME | Migrate | 5.8 to 5.9 | DB Migration 67 | hosts: cfme_appliances 68 | become: True 69 | gather_facts: False 70 | tasks: 71 | - name: CFME | Migrate | rake db:migrate 72 | run_once: True 73 | shell: "cd /var/www/miq/vmdb; rake db:migrate > >(tee /var/tmp/rake_db_migrate.out) 2> >(tee /var/tmp/rake_db_migrate.err >&2)" 74 | async: 18000 75 | poll: 60 76 | 77 | - name: CFME | Migrate | rake evm:automate:reset 78 | run_once: True 79 | shell: "cd /var/www/miq/vmdb; rake evm:automate:reset > >(tee /var/tmp/evm_automate_reset.out) 2> >(tee /var/tmp/evm_automate_reset.err >&2)" 80 | 81 | - name: CFME | Migrate | 5.8 to 5.9 | Post DB Migrate Restart 82 | hosts: cfme_databases 83 | become: True 84 | gather_facts: False 85 | tasks: 86 | - name: CFME | Migrate | Restart postgresql 87 | service: 88 | name: rh-postgresql95-postgresql 89 | state: restarted 90 | 91 | - name: CFME | Migrate | 5.8 to 5.9 | Restart evmserverd 92 | hosts: cfme_appliances 93 | become: True 94 | gather_facts: False 95 | tasks: 96 | - name: CFME | Migrate | Restart evmserverd 97 | service: 98 | name: evmserverd 99 | state: restarted 100 | -------------------------------------------------------------------------------- /playbooks/migrate-5-9-to-5-10.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Migrate | 5.9 to 5.10 | All Preparation 3 | hosts: cfme 4 | become: True 5 | gather_facts: True 6 | tasks: 7 | - name: CFME | Migrate | Subscribe Using Activation Key 8 | include_tasks: tasks/configure-activation-key.yml 9 | when: sat6_activation_key is defined 10 | 11 | - name: CFME | Migrate | Subscribe Using Repositories 12 | include_tasks: tasks/configure-repositories.yml 13 | vars: 14 | cfme_version_product: '5.10' 15 | when: sat6_activation_key is not defined 16 | 17 | - name: CFME | Migrate | 5.9 to 5.10 | Appliances Specific Preparation 18 | hosts: cfme_appliances 19 | become: True 20 | gather_facts: False 21 | tasks: 22 | - name: CFME | Migrate | Stop evmserverd 23 | service: 24 | name: evmserverd 25 | state: stopped 26 | 27 | - name: CFME | Migrate | 5.9 to 5.10 | DB Specific Preparation 28 | hosts: cfme_databases 29 | become: True 30 | gather_facts: False 31 | tasks: 32 | - name: CFME | Migrate | Stop postgres 33 | service: 34 | name: rh-postgresql95-postgresql 35 | state: stopped 36 | 37 | - name: CFME | Migrate | 5.9 to 5.10 | Update Packages 38 | hosts: cfme 39 | become: True 40 | gather_facts: False 41 | tasks: 42 | - name: CFME | Migrate | Update all packages to latest 43 | yum: 44 | name: '*' 45 | state: latest 46 | 47 | - name: CFME | Migrate | 5.9 to 5.10 | Start postgresql 48 | hosts: cfme_databases 49 | become: True 50 | gather_facts: False 51 | tasks: 52 | - name: CFME | Migrate | Start postgres 53 | service: 54 | name: rh-postgresql95-postgresql 55 | state: started 56 | 57 | - name: CFME | Migrate | 5.9 to 5.10 | Wait for postgresql 58 | hosts: cfme_databases 59 | become: True 60 | gather_facts: False 61 | tasks: 62 | - name: CFME | Migrate | Wait for postgresql 63 | wait_for: 64 | port: 5432 65 | delay: 120 66 | 67 | - name: CFME | Migrate | 5.9 to 5.10 | DB Migration 68 | hosts: cfme_appliances 69 | become: True 70 | gather_facts: False 71 | tasks: 72 | - name: CFME | Migrate | rake db:migrate 73 | run_once: True 74 | shell: |- 75 | source /etc/profile.d/evm.sh 76 | cd /var/www/miq/vmdb 77 | rake db:migrate > >(tee /var/tmp/rake_db_migrate.out) 2> >(tee /var/tmp/rake_db_migrate.err >&2) 78 | async: 18000 79 | poll: 60 80 | args: 81 | executable: /bin/bash 82 | 83 | - name: CFME | Migrate | rake evm:automate:reset 84 | run_once: True 85 | shell: |- 86 | source /etc/profile.d/evm.sh 87 | cd /var/www/miq/vmdb 88 | rake evm:automate:reset > >(tee /var/tmp/evm_automate_reset.out) 2> >(tee /var/tmp/evm_automate_reset.err >&2) 89 | args: 90 | executable: /bin/bash 91 | 92 | - name: CFME | Migrate | 5.9 to 5.10 | Post DB Migrate Restart 93 | hosts: cfme_databases 94 | become: True 95 | gather_facts: False 96 | tasks: 97 | - name: CFME | Migrate | Restart postgresql 98 | service: 99 | name: rh-postgresql95-postgresql 100 | state: restarted 101 | 102 | - name: CFME | Migrate | 5.9 to 5.10 | Restart evmserverd 103 | hosts: cfme_appliances 104 | become: True 105 | gather_facts: False 106 | tasks: 107 | - name: CFME | Migrate | Restart evmserverd 108 | service: 109 | name: evmserverd 110 | state: restarted 111 | 112 | - name: CFME | Migrate | 5.9 to 5.10 | Wait for API to report ready 113 | import_playbook: health-check.yml 114 | -------------------------------------------------------------------------------- /playbooks/rolling-update.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Rolling Update | All Preparation 3 | hosts: cfme 4 | become: True 5 | gather_facts: True 6 | tasks: 7 | - name: CFME | Rolling Update | Include Tasks for Subscribing Using Activation Key 8 | include_tasks: tasks/configure-activation-key.yml 9 | when: sat6_activation_key is defined 10 | 11 | - name: CFME | Rolling Update | Include Tasks for Configuring Repositories 12 | include_tasks: tasks/configure-repositories.yml 13 | when: sat6_activation_key is not defined 14 | 15 | - name: CFME | Rolling Update | Any package updates required? 16 | command: "yum check-update --releasever={{ releasever }}" 17 | args: 18 | warn: no 19 | register: packages_need_update_result 20 | changed_when: packages_need_update_result.rc == 100 21 | failed_when: packages_need_update_result.rc != 0 and packages_need_update_result.rc != 100 22 | when: releasever is defined 23 | 24 | - name: CFME | Rolling Update | Any package updates required? 25 | command: "yum check-update" 26 | args: 27 | warn: no 28 | register: packages_need_update_result 29 | changed_when: packages_need_update_result.rc == 100 30 | failed_when: packages_need_update_result.rc != 0 and packages_need_update_result.rc != 100 31 | when: releasever is undefined 32 | 33 | - name: CFME | Rolling Update | Update Databases 34 | hosts: cfme_databases 35 | become: True 36 | gather_facts: False 37 | serial: 1 38 | tasks: 39 | - name: CFME | Rolling Update | Include Tasks for Updating Packages 40 | include_tasks: tasks/update-packages.yml 41 | when: packages_need_update_result is changed 42 | 43 | - name: CFME | Rolling Update | Update Appliances 44 | hosts: cfme_appliances:!cfme_databases 45 | become: True 46 | gather_facts: False 47 | serial: 1 48 | tasks: 49 | - name: CFME | Rolling Update | Include Tasks for Updating Packages 50 | include_tasks: tasks/update-packages.yml 51 | when: packages_need_update_result is changed 52 | 53 | - name: CFME | Rolling Update | Wait for API to report ready 54 | import_playbook: health-check.yml 55 | 56 | - name: CFME | Rolling Update | Reset MIQ and Red Hat Automate Domains 57 | hosts: cfme_appliances 58 | become: True 59 | gather_facts: False 60 | tasks: 61 | 62 | - name: CFME | Rolling Update | rake evm:automate:reset 63 | run_once: True 64 | shell: |- 65 | source /etc/profile.d/evm.sh 66 | cd /var/www/miq/vmdb 67 | rake evm:automate:reset > >(tee /var/tmp/evm_automate_reset.out) 2> >(tee /var/tmp/evm_automate_reset.err >&2) 68 | args: 69 | executable: /bin/bash 70 | -------------------------------------------------------------------------------- /playbooks/simultaneous-update.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Update | All Preparation 3 | hosts: cfme 4 | become: True 5 | gather_facts: True 6 | tasks: 7 | - name: CFME | Update | Include Tasks for Subscribing Using Activation Key 8 | include_tasks: tasks/configure-activation-key.yml 9 | when: sat6_activation_key is defined 10 | 11 | - name: CFME | Update | Include Tasks for Configuring Repositories 12 | include_tasks: tasks/configure-repositories.yml 13 | when: sat6_activation_key is not defined 14 | 15 | - name: CFME | Update | Any package updates required? 16 | command: "yum check-update --releasever={{ releasever }}" 17 | args: 18 | warn: no 19 | register: packages_need_update_result 20 | changed_when: packages_need_update_result.rc == 100 21 | failed_when: packages_need_update_result.rc != 0 and packages_need_update_result.rc != 100 22 | when: releasever is defined 23 | 24 | - name: CFME | Update | Any package updates required? 25 | command: "yum check-update" 26 | args: 27 | warn: no 28 | register: packages_need_update_result 29 | changed_when: packages_need_update_result.rc == 100 30 | failed_when: packages_need_update_result.rc != 0 and packages_need_update_result.rc != 100 31 | when: releasever is undefined 32 | 33 | - name: CFME | Update | Update Databases 34 | hosts: cfme_databases 35 | become: True 36 | gather_facts: False 37 | tasks: 38 | - name: CFME | Update | Include Tasks for Updating Packages 39 | include_tasks: tasks/update-packages.yml 40 | when: packages_need_update_result is changed 41 | 42 | - name: CFME | Update | Update Appliances 43 | hosts: cfme_appliances:!cfme_databases 44 | become: True 45 | gather_facts: False 46 | tasks: 47 | - name: CFME | Update | Include Tasks for Updating Packages 48 | include_tasks: tasks/update-packages.yml 49 | when: packages_need_update_result is changed 50 | 51 | - name: CFME | Update | Wait for API to report ready 52 | import_playbook: health-check.yml 53 | 54 | - name: CFME | Update | Reset MIQ and Red Hat Automate Domains 55 | hosts: cfme_appliances 56 | become: True 57 | gather_facts: False 58 | tasks: 59 | 60 | - name: CFME | Update | rake evm:automate:reset 61 | run_once: True 62 | shell: |- 63 | source /etc/profile.d/evm.sh 64 | cd /var/www/miq/vmdb 65 | rake evm:automate:reset > >(tee /var/tmp/evm_automate_reset.out) 2> >(tee /var/tmp/evm_automate_reset.err >&2) 66 | args: 67 | executable: /bin/bash 68 | -------------------------------------------------------------------------------- /playbooks/smoke-test-service-provision.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Smoke tests service creation by creating and then retiring a service. 3 | # 4 | # @param cfme_api_user API user 5 | # @param cfme_api_password API password 6 | # @param cfme_service_catalog_name Name of the Service Catalog to smoek test. 7 | # @param cfme_service_template_name Name of the Service Template to smoke test. 8 | # @param cfme_provision_service_dialog_options Dialog options to use for the smoke test of the Service Template. 9 | 10 | - name: CFME | Smoke Test Service Provision 11 | gather_facts: True 12 | hosts: cfme_ui_appliances[0] 13 | tasks: 14 | - name: CFME | Smoke Test Service Provision | Validate Variables 15 | assert: 16 | that: 17 | - "cfme_api_user is defined" 18 | - "cfme_api_password is defined" 19 | - "cfme_service_catalog_name is defined" 20 | - "cfme_service_template_name is defined" 21 | - "cfme_provision_service_dialog_options is defined" 22 | 23 | - name: CFME | Smoke Test Service Provision | Include API Authenticate Tasks 24 | include_tasks: tasks/api-authenticate.yml 25 | 26 | - name: CFME | Smoke Test Service Provision | Include Get Service Teamplate Tasks 27 | include_tasks: tasks/get-service-template.yml 28 | 29 | - name: CFME | Smoke Test Service Provision | Include Provision Service Tasks 30 | include_tasks: tasks/provision-service.yml 31 | 32 | - name: CFME | Smoke Test Service Provision | Include Retire Service Tasks 33 | include_tasks: tasks/retire-service.yml 34 | -------------------------------------------------------------------------------- /playbooks/start-services.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: CFME | Start Services | Databases 4 | hosts: cfme_databases 5 | become: True 6 | gather_facts: False 7 | tasks: 8 | - name: CFME | Start Services | PostgreSQL 9 | service: 10 | name: "{{ cfme_pg_service_name }}" 11 | state: started 12 | 13 | - name: CFME | Start Services | Appliances 14 | hosts: cfme_appliances 15 | become: True 16 | gather_facts: True 17 | tasks: 18 | - import_tasks: tasks/determine-pg-service-name.yml 19 | 20 | - name: CFME | Start Services | EVM 21 | service: 22 | name: evmserverd 23 | state: started 24 | -------------------------------------------------------------------------------- /playbooks/stop-services.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: CFME | Stop Services | Appliances 4 | hosts: cfme_appliances 5 | become: True 6 | gather_facts: False 7 | tasks: 8 | - name: CFME | Stop Services | EVM 9 | service: 10 | name: evmserverd 11 | state: stopped 12 | 13 | - name: CFME | Stop Services | Databases 14 | hosts: cfme_databases 15 | become: True 16 | gather_facts: True 17 | tasks: 18 | - import_tasks: tasks/determine-pg-service-name.yml 19 | 20 | - name: CFME | Stop Services | PostgreSQL 21 | service: 22 | name: "{{ cfme_pg_service_name }}" 23 | state: stopped 24 | -------------------------------------------------------------------------------- /playbooks/tasks: -------------------------------------------------------------------------------- 1 | ../tasks -------------------------------------------------------------------------------- /playbooks/uninstall-webmks-sdk.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: CFME | Remove WebMKS SDK 4 | hosts: all 5 | gather_facts: False 6 | tasks: 7 | 8 | - name: CFME | Remove WebMKS SDK | Remove WebMKS Assets 9 | file: 10 | state: absent 11 | path: /var/www/miq/vmdb/public/webmks 12 | 13 | -------------------------------------------------------------------------------- /tasks/api-authenticate.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # @param cfme_api_user User to get auth token for to use for API calls 3 | # @param cfme_api_password Password for given user to get auth token for API calls for 4 | # 5 | # @set cfme_api_uri URI to use for API calls 6 | # @set cfme_auth_token Authentication token to use for API calls 7 | 8 | - name: CFME | API Authenticate | Validate Variables 9 | assert: 10 | that: 11 | - "cfme_api_user is defined" 12 | - "cfme_api_password is defined" 13 | 14 | - name: CFME | API Authenticate | Set API URI 15 | set_fact: 16 | cfme_api_uri: "https://{{ inventory_hostname }}/api" 17 | 18 | - name: CFME | API Authenticate | Authenticate 19 | local_action: 20 | module: uri 21 | url: "{{ cfme_api_uri }}/auth" 22 | method: GET 23 | validate_certs: False 24 | user: "{{ cfme_api_user }}" 25 | password: "{{ cfme_api_password }}" 26 | headers: 27 | accept: 'json' 28 | register: cfme_auth_result 29 | 30 | - name: CFME | API Authenticate | Set Auth Token 31 | set_fact: 32 | cfme_auth_token: "{{ cfme_auth_result['json']['auth_token'] }}" 33 | -------------------------------------------------------------------------------- /tasks/configure-activation-key.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Subscribe Using Activation Key | Include Tasks for Installing Custom Facts 3 | include_tasks: tasks/install-custom-facts.yml 4 | 5 | - name: CFME | Subscribe Using Activation Key | Re-register Host With New Satellite 6 Activation Key 6 | redhat_subscription: 7 | state: present 8 | org_id: "{{ sat6_org_id }}" 9 | activationkey: "{{ sat6_activation_key }}" 10 | force_register: true 11 | -------------------------------------------------------------------------------- /tasks/configure-repositories.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Configure Repositories | Include Tasks for Installing Custom Facts 3 | include_tasks: tasks/install-custom-facts.yml 4 | 5 | - name: CFME | Configure Repositories | Disable All 6 | command: "subscription-manager repos --disable='*'" 7 | become: True 8 | 9 | - name: CFME | Configure Repositories | Set CFME Product Version 10 | set_fact: 11 | cfme_version_product: "{{ ansible_local['cfme']['cfme_version_product'] }}" 12 | when: cfme_version_product is not defined 13 | 14 | - name: CFME | Configure repositories | Configure repositories for CF 4.x 15 | when: "cfme_version_product is version('5.10', '<=')" 16 | block: 17 | 18 | - name: CFME | Configure Repositories | Set Required Base Repositories 19 | set_fact: 20 | cfme_base_repositories: 21 | - rhel-7-server-rpms 22 | - rhel-server-rhscl-7-rpms 23 | - rhel-7-server-extras-rpms 24 | - "cf-me-{{ cfme_version_product }}-for-rhel-7-rpms" 25 | 26 | - name: CFME | Configure Repositories | Set Version Specific Repositories 27 | set_fact: 28 | cfme_version_repositories: 29 | - rhel-7-server-ansible-2.7-rpms 30 | - rhel-7-server-rh-common-rpms 31 | when: cfme_version_product == '5.10' 32 | 33 | - name: CFME | Configure Repositories | Set Required Repositories 34 | set_fact: 35 | cfme_repositories: "{{ cfme_base_repositories | union ( cfme_version_repositories if cfme_version_product == '5.10' else [] ) }}" 36 | 37 | - name: CFME | Configure repositories | Configure repositories for CF 5.x 38 | when: "cfme_version_product is version('5.11', '>=')" 39 | block: 40 | 41 | - name: CFME | Configure Repositories | Set Required Base Repositories 42 | set_fact: 43 | cfme_repositories: 44 | - cfme-5.11-for-rhel-8-x86_64-rpms 45 | - ansible-2.9-for-rhel-8-x86_64-rpms 46 | - rhel-8-for-x86_64-baseos-rpms 47 | - rhel-8-for-x86_64-appstream-rpms 48 | 49 | - name: CFME | Configure Repositories | Enable Required Repositories 50 | command: "subscription-manager repos --enable='{{ item }}'" 51 | with_items: "{{ cfme_repositories }}" 52 | become: True 53 | 54 | - name: CFME | Configure Repositories | Enable Additional Repositories 55 | command: "subscription-manager repos --enable='{{ item }}'" 56 | with_items: "{{ cfme_additional_repositories }}" 57 | become: True 58 | when: cfme_additional_repositories is defined 59 | -------------------------------------------------------------------------------- /tasks/determine-pg-service-name.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | # Sets the correct Postgres version based on the CFME Version 4 | 5 | - name: CFME | Determine PG Service Name | Determine CFME Version 6 | when: "cfme_version_product is undefined" 7 | block: 8 | - name: CFME | Determine PG Service Name | Install Custom Fact 9 | include_tasks: tasks/install-custom-facts.yml 10 | 11 | - name: CFME | Determine PG Service Name | Set CFME Product Version 12 | set_fact: 13 | cfme_version_product: "{{ ansible_local['cfme']['cfme_version_product'] }}" 14 | when: cfme_version_product is not defined 15 | 16 | - name: CFME | Determine PG Service Name | Set PG Service Name 17 | set_fact: 18 | cfme_pg_service_name: "{{ 'postgresql' 19 | if ( cfme_version_product is version('5.11', '>=') ) 20 | else 'rh-postgresql95-postgresql' }}" 21 | -------------------------------------------------------------------------------- /tasks/get-service-template.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # @param cfme_api_uri URI to teh CFME API to get the Service Teamplate from 3 | # @param cfme_auth_token Auth token to authenticate with CFME with 4 | # @param cfme_service_catalog_name Name of the Service Catalog that the Service Teamplate belongs to 5 | # @param cfme_service_template_name Name of the Service Template to Get 6 | # 7 | # @set cfme_service_catalog_id ID of the Service Catalog that contains the requested Service Teamplate 8 | # @set cfme_service_template Hash describing the requested Service Template 9 | # @set cfme_service_template_id ID of the requested Service Template 10 | # @set cfme_service_template_href HREF for the Service Teamplte 11 | 12 | - name: CFME | Get Service Template | Validate Variables 13 | assert: 14 | that: 15 | - "cfme_api_uri is defined" 16 | - "cfme_auth_token is defined" 17 | - "cfme_service_catalog_name is defined" 18 | - "cfme_service_template_name is defined" 19 | 20 | - name: CFME | Get Service Template | Get Service Catalog 21 | local_action: 22 | module: uri 23 | url: "{{ cfme_api_uri }}/service_catalogs?expand=resources&attributes=id,href&filter[]=name={{ cfme_service_catalog_name | urlencode() }}" 24 | method: GET 25 | validate_certs: False 26 | headers: 27 | accept: 'json' 28 | x-auth-token: "{{ cfme_auth_token }}" 29 | register: cfme_service_catalog_result 30 | 31 | - name: CFME | Get Service Template | Set Service Catalog ID and HREF 32 | set_fact: 33 | cfme_service_catalog_id: "{{ cfme_service_catalog_result['json']['resources'][0]['id'] }}" 34 | cfme_service_catalog_href: "{{ cfme_service_catalog_result['json']['resources'][0]['href'] }}" 35 | 36 | - name: CFME | Get Service Template | Request Service Template 37 | local_action: 38 | module: uri 39 | url: "{{ cfme_service_catalog_href }}/service_templates?expand=resources&attributes=id&filter[]=name={{ cfme_service_template_name | urlencode() }}" 40 | method: GET 41 | validate_certs: False 42 | headers: 43 | accept: 'json' 44 | x-auth-token: "{{ cfme_auth_token }}" 45 | register: cfme_service_tempalte_result 46 | 47 | - name: CFME | Get Service Template | Set Service Template Facts 48 | set_fact: 49 | cfme_service_template: "{{ cfme_service_tempalte_result['json']['resources'][0] }}" 50 | cfme_service_template_id: "{{ cfme_service_template_id }}" 51 | cfme_service_template_href: "{{ cfme_api_uri }}/service_templates/{{ cfme_service_template_id }}" 52 | vars: 53 | cfme_service_template_id: "{{ cfme_service_tempalte_result['json']['resources'][0]['id'] }}" 54 | -------------------------------------------------------------------------------- /tasks/host-reboot.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Host Reboot | Set Defaults 3 | set_fact: 4 | reboot_only_if_needed: True 5 | when: reboot_only_if_needed is undefined 6 | 7 | - block: 8 | - name: Host Reboot | Install yum-utils 9 | package: 10 | name: yum-utils 11 | state: present 12 | 13 | - name: Host Reboot | Detect if reboot is required 14 | command: needs-restarting --reboothint 15 | register: needs_restart_result 16 | failed_when: needs_restart_result.rc > 1 17 | changed_when: needs_restart_result.rc == 1 18 | when: reboot_only_if_needed 19 | 20 | - name: Host Reboot | Schedule Reboot 21 | command: "/sbin/shutdown --reboot +1 'Reboot invoked by Ansible'" 22 | register: redhat_reboot 23 | when: needs_restart_result.changed or not reboot_only_if_needed 24 | 25 | - name: Host Reboot | Wait for host after reboot 26 | wait_for_connection: 27 | delay: 65 28 | timeout: 600 29 | become: False 30 | when: redhat_reboot.changed 31 | -------------------------------------------------------------------------------- /tasks/install-custom-facts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: CFME | Install Custom Facts | Create /etc/ansible/facts.d 3 | file: 4 | state: directory 5 | recurse: True 6 | path: /etc/ansible/facts.d 7 | 8 | - name: CFME | Install Custom Facts | Install Fact 9 | copy: 10 | src: files/cfme.fact 11 | dest: /etc/ansible/facts.d/ 12 | mode: 0755 13 | register: cfme_install_custom_facts_result 14 | 15 | - name: CFME | Install Custom Facts | Gather New Facts 16 | setup: 17 | when: cfme_install_custom_facts_result is changed 18 | -------------------------------------------------------------------------------- /tasks/perform-health-check.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: CFME | Health Check | Port 443 is listening 4 | wait_for: 5 | host: "{{ ansible_fqdn }}" 6 | port: 443 7 | state: started 8 | timeout: "{{ cfme_port_ready_timeout_seconds | default(600) }}" 9 | 10 | - name: CFME | Health Check | Ping Check 11 | uri: 12 | url: "https://{{ ansible_fqdn }}:443/ping" 13 | method: GET 14 | validate_certs: False 15 | body_format: raw 16 | return_content: Yes 17 | register: cfme_ping_check_result 18 | until: "cfme_ping_check_result['content'] is defined and cfme_ping_check_result['content'] == 'pong'" 19 | retries: "{{ cfme_healthcheck_retries | default(100) }}" 20 | delay: 5 21 | 22 | -------------------------------------------------------------------------------- /tasks/provision-service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # @param cfme_api_uri URI to the CFME API to get the Service Teamplate from 3 | # @param cfme_auth_token Auth token to authenticate with CFME with 4 | # @param cfme_service_catalog_id ID of the Service Catalog that contains the requested Service Teamplate 5 | # @param cfme_service_template_href HREF for the Service Teamplte 6 | # @param cfme_provision_service_dialog_options 7 | # Dialog options to use when creating the Service Provision request 8 | # 9 | # @set cfme_service_provision_request_id ID of the Service Provison request that was created and finished 10 | # @set cfme_service_ids IDs of the Service(s) created by the created requeste 11 | 12 | - name: CFME | Provision Service | Validate Variables 13 | assert: 14 | that: 15 | - "cfme_api_uri is defined" 16 | - "cfme_auth_token is defined" 17 | - "cfme_service_catalog_id is defined" 18 | - "cfme_service_template_href is defined" 19 | - "cfme_provision_service_dialog_options is defined" 20 | 21 | - name: CFME | Provision Service | Create Service Provision Request 22 | local_action: 23 | module: uri 24 | url: "{{ cfme_api_uri }}/service_catalogs/{{ cfme_service_catalog_id }}/service_templates" 25 | method: POST 26 | validate_certs: False 27 | headers: 28 | accept: 'json' 29 | x-auth-token: "{{ cfme_auth_token }}" 30 | timeout: 120 31 | body_format: 'json' 32 | body: 33 | action: "order" 34 | resource: "{{ cfme_provision_service_dialog_options | combine({ 'href': cfme_service_template_href }) }}" 35 | register: cfme_provision_request_result 36 | 37 | - name: CFME | Provision Service | Set Service Provision Request ID 38 | set_fact: 39 | cfme_service_provision_request_id: "{{ cfme_provision_request_result['json']['results'][0]['id'] }}" 40 | 41 | - name: CFME | Provision Service | Wait for Provision Service Request to Finish 42 | local_action: 43 | module: uri 44 | url: "{{ cfme_api_uri }}/service_requests/{{ cfme_service_provision_request_id }}?expand=request_tasks" 45 | method: GET 46 | validate_certs: False 47 | headers: 48 | accept: 'json' 49 | x-auth-token: "{{ cfme_auth_token }}" 50 | register: cfme_service_provision_request_status_result 51 | until: cfme_service_provision_request_status_result['json']['request_state'] == 'finished' 52 | retries: "{{ cfme_provision_service_retries | default(60) }}" 53 | delay: "{{ cfme_provision_service_delay | default(60) }}" 54 | 55 | - name: CFME | Provision Service | Verify Service Provision Finished with State of Ok 56 | assert: 57 | that: 58 | - "cfme_service_provision_request_status_result['json']['request_state'] == 'finished'" 59 | - "cfme_service_provision_request_status_result['json']['status'] == 'Ok'" 60 | msg: "Service Provision Request State <{{ cfme_service_provision_request_status_result['json']['request_state'] }}> must be 'finished' with a Status <{{ cfme_service_provision_request_status_result['json']['status'] }}> of 'Ok'. {{ cfme_service_provision_request_status_result['json']['message'] }}" 61 | 62 | - name: CFME | Provision Service | Set Provisioned Service Facts 63 | set_fact: 64 | cfme_service_ids: "{{ cfme_service_provision_request_status_result['json'] | json_query(query) | unique }}" 65 | vars: 66 | query: "request_tasks[?destination_type=='Service'].destination_id" 67 | -------------------------------------------------------------------------------- /tasks/retire-service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # @param cfme_api_uri URI to the CFME API to get the Service Teamplate from 3 | # @param cfme_auth_token Auth token to authenticate with CFME with 4 | # @param cfme_service_ids IDs of the Service(s) to retire 5 | 6 | - name: CFME | Retire Service | Validate Variables 7 | assert: 8 | that: 9 | - "cfme_api_uri is defined" 10 | - "cfme_auth_token is defined" 11 | - "cfme_service_ids is defined" 12 | 13 | - name: CFME | Retire Services 14 | local_action: 15 | module: uri 16 | url: "{{ cfme_api_uri }}/services/{{ item }}" 17 | method: POST 18 | validate_certs: False 19 | headers: 20 | accept: 'json' 21 | x-auth-token: "{{ cfme_auth_token }}" 22 | body_format: 'json' 23 | body: 24 | action: "retire" 25 | register: cfme_retire_services_result 26 | with_items: "{{ cfme_service_ids }}" 27 | 28 | - name: CFME | Wait for Services to Retire 29 | local_action: 30 | module: uri 31 | url: "{{ cfme_api_uri }}/services/{{ item }}" 32 | method: GET 33 | validate_certs: False 34 | headers: 35 | accept: 'json' 36 | x-auth-token: "{{ cfme_auth_token }}" 37 | register: cfme_services_status_result 38 | with_items: "{{ cfme_service_ids }}" 39 | until: cfme_services_status_result['json']['retired'] == true 40 | retries: "{{ cfme_retire_service_retries | default(60) }}" 41 | delay: "{{ cfme_retire_service_delay | default(60) }}" 42 | -------------------------------------------------------------------------------- /tasks/update-packages.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - import_tasks: tasks/determine-pg-service-name.yml 4 | 5 | - name: CFME | Update Packages | Stop evmserverd 6 | service: 7 | name: evmserverd 8 | state: stopped 9 | when: "'cfme-appliances' in group_names" 10 | 11 | - name: CFME | Update Packages | Stop postgres 12 | service: 13 | name: "{{ cfme_pg_service_name }}" 14 | state: stopped 15 | when: "'cfme-databases' in group_names" 16 | 17 | - name: CFME | Update Packages | Latest 18 | command: "yum update -y --releasever={{ releasever }}" 19 | when: releasever is defined 20 | 21 | - name: CFME | Update Packages | Latest 22 | yum: 23 | name: "*" 24 | state: latest 25 | when: releasever is undefined 26 | 27 | - name: CFME | Update Packages | Include Tasks for Host Reboot 28 | include_tasks: tasks/host-reboot.yml 29 | 30 | - name: CFME | Update Packages | Start postgres 31 | service: 32 | name: "{{ cfme_pg_service_name }}" 33 | state: started 34 | when: "'cfme-databases' in group_names" 35 | 36 | - name: CFME | Update Packages | Start evmserverd 37 | service: 38 | name: evmserverd 39 | state: started 40 | when: "'cfme-appliances' in group_names" 41 | 42 | --------------------------------------------------------------------------------