Google Git
Sign in
edge/private-cloud-ansible-playbooks/apigee-opdk-playbook-installation-third-region/62f38ce8c18a448b87525898628b5e9386c1b6ee^!/.
commit
62f38ce8c18a448b87525898628b5e9386c1b6ee
[log]
author
carlosfrias <cfrias@apigee.com>
Fri Nov 11 16:06:33 2016 -0500
committer
carlosfrias <cfrias@apigee.com>
Fri Nov 11 16:06:33 2016 -0500
tree
ba59230b61b332fc8306698df2761cc251eb4f86
parent
bb5f1eaccc295acfea3e5900f02b31ba41e6896f [diff]
updated to work with setting up a third region

diff --git a/clean.yml b/clean.yml
new file mode 100644
index 0000000..489da83
--- /dev/null
+++ b/clean.yml

@@ -0,0 +1,20 @@
+---
+- hosts: localhost
+  connection: local
+  tasks:
+  - name: Clean files
+    async: 0
+    poll: 0
+    ignore_errors: yes
+    file:
+      path: '{{ item }}'
+      state: absent
+    with_items:
+    - '~/.ansible/tmp/cache'
+    - '~/.ansible/tmp/ansible.log'
+    - '~/.apigee/ssh_keys'
+    - '~/.apigee/logs'
+    - '~/.apigee/configs'
+    - '~/.apigee/logs_configs'
+
+

diff --git a/components/opdk-cassandra-client-update.yml b/components/opdk-cassandra-client-update.yml
new file mode 100644
index 0000000..461ecd9
--- /dev/null
+++ b/components/opdk-cassandra-client-update.yml

@@ -0,0 +1,7 @@
+---
+- hosts: '{{ hosts }}'
+  roles:
+  - apigee-opdk-start-components
+  - apigee-opdk-cassandra-client-update
+  tags:
+  - c-update
\ No newline at end of file

diff --git a/components/opdk-cassandra-rebuild.yml b/components/opdk-cassandra-rebuild.yml
new file mode 100644
index 0000000..9b7ee53
--- /dev/null
+++ b/components/opdk-cassandra-rebuild.yml

@@ -0,0 +1,9 @@
+---
+- hosts: '{{ hosts }}'
+  vars:
+    opdk_region: dc-1
+  roles:
+  - { role: apigee-opdk-start-components, component_name: 'apigee-cassandra' }
+  - apigee-opdk-cassandra-rebuild
+  tags:
+  - c-rebuild

diff --git a/components/opdk-install-component.yml b/components/opdk-install-component.yml
new file mode 100644
index 0000000..1a14538
--- /dev/null
+++ b/components/opdk-install-component.yml

@@ -0,0 +1,10 @@
+---
+- hosts: '{{ hosts }}'
+  serial: 1
+  roles:
+  - apigee-opdk-setup-default-settings
+  - apigee-opdk-setup-component-installer
+  - { role: apigee-opdk-setup-component, profile: '{{ component_profile }}' }
+#  - { role: apigee-fetch-files, fetch_files: '{{ apigee_log_files }}', fetched_files_dir: '{{ fetched_logs_dir }}' }
+  tags:
+  - apigee-component

diff --git a/components/opdk-pre-requisites.yml b/components/opdk-pre-requisites.yml
new file mode 100644
index 0000000..4be8465
--- /dev/null
+++ b/components/opdk-pre-requisites.yml

@@ -0,0 +1,52 @@
+---
+- hosts: '{{ hosts }}'
+  strategy: free
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-default-settings
+  - apigee-opdk-setup-apigee-user
+  tags:
+  - apigee-user
+  - apigee-pre-req
+
+- hosts: '{{ hosts }}'
+  strategy: free
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-os-limits
+#  - { role: apigee-fetch-files, fetch_files: '{{ system_config_files }}', fetched_files_dir: '{{ fetched_configs_dir }}' }
+  tags:
+  - apigee-pre-req
+  - apigee-tuning
+
+- hosts: '{{ hosts }}'
+  strategy: free
+  roles:
+  - apigee-opdk-setup-openjdk
+  tags:
+  - apigee-pre-req
+  - openjdk
+
+- hosts: '{{ hosts }}'
+  strategy: free
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-default-settings
+  - apigee-opdk-setup-bootstrap
+  tags:
+  - apigee-pre-req
+  - apigee-bootstrap
+
+- hosts: '{{ hosts }}'
+  strategy: free
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-silent-installation-config
+#  - { role: apigee-fetch-files, fetch_files: '{{ apigee_config_files }}', fetched_files_dir: '{{ fetched_configs_dir }}' }
+  tags:
+  - apigee-pre-req
+  - apigee-silent-config

diff --git a/components/opdk-setup-postgres-common.yml b/components/opdk-setup-postgres-common.yml
new file mode 100644
index 0000000..7015614
--- /dev/null
+++ b/components/opdk-setup-postgres-common.yml

@@ -0,0 +1,31 @@
+---
+- hosts: '{{ hosts }}'
+  strategy: free
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-enable-swap
+  - apigee-opdk-setup-default-settings
+  - apigee-opdk-setup-apigee-user
+  - apigee-opdk-setup-os-postgres
+  - apigee-opdk-setup-postgres-config
+
+- include: opdk-install-component.yml
+  vars:
+    hosts: '{{ hosts }}'
+    component_profile: 'ps'
+
+- include: 'opdk-setup-postgres-{{ pg_component }}.yml'
+  when: pg_component is defined
+
+- hosts: '{{ hosts }}'
+  serial: 1
+  roles:
+  - apigee-opdk-setup-default-settings
+  tasks:
+  - name: Obtain server self report
+    opdk_server_self:
+      server_type: 'ps'
+      username: '{{ opdk_user_email }}'
+      password: '{{ opdk_user_pass }}'
+    ignore_errors: yes

diff --git a/components/opdk-setup-postgres-master.yml b/components/opdk-setup-postgres-master.yml
new file mode 100644
index 0000000..1fa4f95
--- /dev/null
+++ b/components/opdk-setup-postgres-master.yml

@@ -0,0 +1,7 @@
+---
+- hosts: '{{ hosts }}'
+  serial: 1
+  roles:
+  - apigee-opdk-setup-postgres-master
+  tags:
+  - pgmaster

diff --git a/components/opdk-setup-postgres-standby.yml b/components/opdk-setup-postgres-standby.yml
new file mode 100644
index 0000000..a8dbba2
--- /dev/null
+++ b/components/opdk-setup-postgres-standby.yml

@@ -0,0 +1,7 @@
+---
+- hosts: '{{ hosts }}'
+  serial: 1
+  roles:
+  - apigee-opdk-setup-postgres-standby
+  tags:
+  - pgstandby

diff --git a/components/opdk-setup-postgresql-add.yml b/components/opdk-setup-postgresql-add.yml
new file mode 100644
index 0000000..6e45161
--- /dev/null
+++ b/components/opdk-setup-postgresql-add.yml

@@ -0,0 +1,9 @@
+---
+- hosts: '{{ hosts }}'
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-default-settings
+  - { role: apigee-opdk-server-self, server_type: 'ps'}
+  - apigee-opdk-setup-postgresql-add
+

diff --git a/components/opdk-setup-qpid-add.yml b/components/opdk-setup-qpid-add.yml
new file mode 100644
index 0000000..fc4cb5b
--- /dev/null
+++ b/components/opdk-setup-qpid-add.yml

@@ -0,0 +1,9 @@
+---
+- hosts: '{{ hosts }}'
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-default-settings
+  - { role: apigee-opdk-server-self, server_type: 'qs'}
+  - apigee-opdk-setup-qpid-add
+

diff --git a/configuration/load-opdk-credentials.yml b/configuration/load-opdk-credentials.yml
new file mode 100644
index 0000000..afd76f6
--- /dev/null
+++ b/configuration/load-opdk-credentials.yml

@@ -0,0 +1,8 @@
+---
+- hosts: '{{ hosts }}'
+  become: yes
+  gather_facts: no
+  strategy: free
+  tasks:
+  - name: Load credentials from file
+    include_vars: '~/.apigee/credentials.yml'
\ No newline at end of file

diff --git a/configuration/opdk-set-reachable.yml b/configuration/opdk-set-reachable.yml
new file mode 100644
index 0000000..0a5eb9d
--- /dev/null
+++ b/configuration/opdk-set-reachable.yml

@@ -0,0 +1,10 @@
+---
+- hosts: '{{ hosts }}'
+  strategy: free
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - { role: apigee-opdk-set-reachable, reachable: '{{ reachability }}', server_type: 'router' }
+  - { role: apigee-opdk-set-reachable, reachable: '{{ reachability }}', server_type: 'mp' }
+  tags:
+  - reachability
\ No newline at end of file

diff --git a/configuration/opdk-setup-org-config.yml b/configuration/opdk-setup-org-config.yml
new file mode 100644
index 0000000..6b2e672
--- /dev/null
+++ b/configuration/opdk-setup-org-config.yml

@@ -0,0 +1,8 @@
+---
+- hosts: '{{ hosts }}'
+  strategy: free
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-org-config
+

diff --git a/configuration/opdk-setup-org.yml b/configuration/opdk-setup-org.yml
new file mode 100644
index 0000000..002ae70
--- /dev/null
+++ b/configuration/opdk-setup-org.yml

@@ -0,0 +1,7 @@
+---
+- hosts: '{{ hosts }}'
+  vars_files:
+  - ~/.apigee/credentials.yml
+  strategy: free
+  roles:
+  - apigee-opdk-setup-org

diff --git a/configuration/opdk-setup-os.yml b/configuration/opdk-setup-os.yml
new file mode 100644
index 0000000..b0461fe
--- /dev/null
+++ b/configuration/opdk-setup-os.yml

@@ -0,0 +1,15 @@
+---
+- hosts: '{{ hosts }}'
+  become: yes
+  gather_facts: no
+  strategy: free
+  pre_tasks:
+  - name: Load credentials from file
+    include_vars: '~/.apigee/credentials.yml'
+  roles:
+  - apigee-opdk-setup-os-minimum
+  - apigee-opdk-setup-selinux-disable
+  - apigee-opdk-shutdown-iptables
+  - apigee-opdk-time-sync
+  - apigee-opdk-setup-os-common
+

diff --git a/configuration/update-user.yml b/configuration/update-user.yml
new file mode 100644
index 0000000..0fb0e4e
--- /dev/null
+++ b/configuration/update-user.yml

@@ -0,0 +1,38 @@
+---
+- hosts: '{{ hosts }}'
+  become: yes
+  vars:
+    pubkey: '~/.ssh/id_rsa.pub'
+
+  vars_files:
+  - ~/.apigee/credentials.yml
+
+  tasks:
+  - name: Build EC2 facts cache
+    ec2_facts:
+
+  - name: Build setup facts cache
+    setup:
+
+  - name: Copy local public keys to server for user {{ user }}
+    authorized_key:
+      user: '{{ user }}'
+      state: present
+      key: "{{ lookup('file', '{{ pubkey }}') }}"
+
+  - name: Permit root login over SSH
+    lineinfile:
+      state: present
+      dest: /etc/ssh/sshd_config
+      regexp: '(^#)(PermitRootLogin yes)'
+      line: '\2'
+      backrefs: yes
+    notify:
+    - Restart SSH service
+    when: user == 'root'
+
+  handlers:
+  - name: Restart SSH service
+    service:
+      name: sshd
+      state: restarted

diff --git a/configuration/update_cache.yml b/configuration/update_cache.yml
new file mode 100644
index 0000000..2a3b521
--- /dev/null
+++ b/configuration/update_cache.yml

@@ -0,0 +1,13 @@
+---
+- hosts: planet
+  vars_files:
+  - ~/.apigee/credentials.yml
+  pre_tasks:
+  - setup:
+
+  - ec2_facts:
+    when: "{{ ansible_bios_version | lower | search('amazon') }}"
+
+  roles:
+  - apigee-opdk-setup-default-settings
+

diff --git a/installation-rollback.yml b/installation-rollback.yml
new file mode 100644
index 0000000..971818d
--- /dev/null
+++ b/installation-rollback.yml

@@ -0,0 +1,8 @@
+---
+- include: configuration/update_cache.yml
+
+- hosts: '{{ hosts }}'
+  vars:
+    remove_apigee: false
+  roles:
+  - apigee-opdk-setup-bootstrap-rollback

diff --git a/installation.yml b/installation.yml
new file mode 100644
index 0000000..f1c5b12
--- /dev/null
+++ b/installation.yml

@@ -0,0 +1,256 @@
+---
+- include: configuration/update_cache.yml
+  tags:
+  - cache
+  - os-pre-req
+  - apigee-pre-req
+  - ms
+  - ds
+  - qpid
+  - pgmaster
+  - pgstandby
+
+- include: configuration/load-opdk-credentials.yml
+  vars:
+    hosts: 'planet'
+  tags:
+  - credentials
+  - os-pre-req
+  - apigee-pre-req
+
+- include: configuration/opdk-setup-os.yml
+  vars:
+    hosts: 'planet'
+  tags:
+  - os
+  - os-pre-req
+
+- include: configuration/update-user.yml
+  vars:
+    hosts: 'planet'
+    user: 'root'
+  tags:
+  - root-user
+
+- include: components/opdk-pre-requisites.yml
+  vars:
+    hosts: 'planet'
+    jdk_version: '1.8'
+    opdk_ldap_type: '2'
+  tags:
+  - apigee-pre-req
+
+- include: components/opdk-install-component.yml
+  vars:
+    hosts: 'dc-3-ds'
+    component_profile: 'ds'
+    jdk_version: '1.8'
+  tags:
+  - ds
+
+- include: components/opdk-install-component.yml
+  vars:
+    hosts: 'dc-2-ds'
+    component_profile: 'ds'
+    jdk_version: '1.8'
+  tags:
+  - ds
+
+- include: components/opdk-install-component.yml
+  vars:
+    hosts: 'dc-1-ds'
+    component_profile: 'ds'
+    jdk_version: '1.8'
+    opdk_ldap_type: '2'
+  tags:
+  - ds
+
+- include: components/opdk-cassandra-rebuild.yml
+  vars:
+    hosts: 'dc-3-ds'
+    jdk_version: '1.8'
+  tags:
+  - ms
+
+- include: components/opdk-cassandra-rebuild.yml
+  vars:
+    hosts: 'dc-2-ds'
+    jdk_version: '1.8'
+  tags:
+  - ms
+
+- include: configuration/opdk-set-reachable.yml
+  vars:
+    hosts: 'dc-3-rmp'
+    reachability: 'false'
+  tags:
+  - rmp
+
+- include: components/opdk-install-component.yml
+  vars:
+    hosts: 'dc-3-rmp'
+    component_profile: 'rmp'
+    jdk_version: '1.8'
+  tags:
+  - rmp
+
+- include: configuration/opdk-set-reachable.yml
+  vars:
+    hosts: 'dc-3-rmp'
+    reachability: 'true'
+  tags:
+  - rmp
+
+- include: configuration/opdk-set-reachable.yml
+  vars:
+    hosts: 'dc-2-rmp'
+    reachability: 'false'
+  tags:
+  - rmp
+
+- include: components/opdk-install-component.yml
+  vars:
+    hosts: 'dc-2-rmp'
+    component_profile: 'rmp'
+    jdk_version: '1.8'
+  tags:
+  - rmp
+
+- include: configuration/opdk-set-reachable.yml
+  vars:
+    hosts: 'dc-2-rmp'
+    reachability: 'true'
+  tags:
+  - rmp
+
+- include: configuration/opdk-set-reachable.yml
+  vars:
+    hosts: 'dc-1-rmp'
+    reachability: 'false'
+  tags:
+  - rmp
+
+- include: components/opdk-install-component.yml
+  vars:
+    hosts: 'dc-1-rmp'
+    component_profile: 'rmp'
+    jdk_version: '1.8'
+  tags:
+  - rmp
+
+- include: configuration/opdk-set-reachable.yml
+  vars:
+    hosts: 'dc-1-rmp'
+    reachability: 'true'
+  tags:
+  - rmp
+
+- include: components/opdk-install-component.yml
+  vars:
+    hosts: 'dc-3-qpid'
+    component_profile: 'qs'
+    jdk_version: '1.8'
+  tags:
+  - qpid
+  - qpid-installer
+
+- include: components/opdk-setup-qpid-add.yml
+  vars:
+    hosts: 'dc-3-qpid'
+  tags:
+  - qpid
+  - qpid-add
+
+- include: components/opdk-install-component.yml
+  vars:
+    hosts: 'dc-2-qpid'
+    component_profile: 'qs'
+    jdk_version: '1.8'
+  tags:
+  - qpid
+
+- include: components/opdk-setup-qpid-add.yml
+  vars:
+    hosts: 'dc-2-qpid'
+  tags:
+  - qpid
+  - qpid-add
+
+- include: validations/opdk-setup-validate.yml
+  vars:
+    hosts: 'dc-3-rmp'
+  tags:
+  - validation
+
+- include: validations/opdk-internal-port-connectivity-validator.yml
+  tags:
+  - port-validator
+
+- include: validations/opdk-setup-status.yml
+  vars:
+    hosts: 'planet'
+  tags:
+  - status
+
+- include: validations/opdk-setup-log-files.yml
+  vars:
+    hosts: dc-1-ds
+  tags:
+  - logs
+  - dc-1
+
+- include: validations/opdk-setup-log-files.yml
+  vars:
+    hosts: dc-2-ds
+  tags:
+  - logs
+  - dc-2
+
+- include: validations/opdk-setup-log-files.yml
+  vars:
+    hosts: dc-3-ds
+  tags:
+  - logs
+  - dc-2
+
+- include: validations/opdk-setup-log-files.yml
+  vars:
+    hosts: dc-1-rmp
+  tags:
+  - logs
+  - dc-1
+
+- include: validations/opdk-setup-log-files.yml
+  vars:
+    hosts: dc-2-rmp
+  tags:
+  - logs
+  - dc-2
+
+- include: validations/opdk-setup-log-files.yml
+  vars:
+    hosts: dc-3-rmp
+  tags:
+  - logs
+  - dc-2
+
+- include: validations/opdk-setup-log-files.yml
+  vars:
+    hosts: dc-1-qpid
+  tags:
+  - logs
+  - dc-1
+
+- include: validations/opdk-setup-log-files.yml
+  vars:
+    hosts: dc-2-qpid
+  tags:
+  - logs
+  - dc-2
+
+- include: validations/opdk-setup-log-files.yml
+  vars:
+    hosts: dc-3-qpid
+  tags:
+  - logs
+  - dc-2

diff --git a/validations/opdk-internal-port-connectivity-validator.yml b/validations/opdk-internal-port-connectivity-validator.yml
new file mode 100644
index 0000000..0e5d7bc
--- /dev/null
+++ b/validations/opdk-internal-port-connectivity-validator.yml

@@ -0,0 +1,38 @@
+---
+
+- hosts: rmp
+  roles:
+  - apigee-internal-port-connectivity-validator-mp
+
+- hosts: ldap
+  roles:
+  - apigee-internal-port-connectivity-validator-ldap
+
+- hosts: ds
+  roles:
+  - apigee-internal-port-connectivity-validator-cassandra
+
+- hosts: ds
+  roles:
+  - apigee-internal-port-connectivity-validator-zookeeper
+
+- hosts: ms
+  roles:
+  - apigee-internal-port-connectivity-validator-ms
+
+- hosts: pg
+  roles:
+  - apigee-internal-port-connectivity-validator-postgres
+
+- hosts: rmp
+  roles:
+  - apigee-internal-port-connectivity-validator-router
+
+- hosts: qpid
+  roles:
+  - apigee-internal-port-connectivity-validator-qpid
+
+- hosts: ui
+  roles:
+  - apigee-internal-port-connectivity-validator-ui
+

diff --git a/validations/opdk-server-self.yml b/validations/opdk-server-self.yml
new file mode 100644
index 0000000..79b61ba
--- /dev/null
+++ b/validations/opdk-server-self.yml

@@ -0,0 +1,76 @@
+---
+- hosts: rmp
+  serial: 1
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-default-settings
+  tasks:
+  - name: Obtain router server self report
+    ignore_errors: yes
+    opdk_server_self:
+      server_type: 'router'
+      username: '{{ opdk_user_email }}'
+      password: '{{ opdk_user_pass }}'
+  - debug: var="edge_router_self"
+
+  - name: Obtain message processor server self report
+    ignore_errors: yes
+    opdk_server_self:
+      server_type: 'mp'
+      username: '{{ opdk_user_email }}'
+      password: '{{ opdk_user_pass }}'
+
+  - debug: var="edge_mp_self"
+
+
+- hosts: pg
+  serial: 1
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-default-settings
+  tasks:
+  - name: Obtain postgres server self report
+    ignore_errors: yes
+    opdk_server_self:
+      server_type: 'ps'
+      username: '{{ opdk_user_email }}'
+      password: '{{ opdk_user_pass }}'
+
+  - debug: var="edge_ps_self"
+
+
+- hosts: qpid
+  serial: 1
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-default-settings
+  tasks:
+  - name: Obtain qpid server self report
+    ignore_errors: yes
+    opdk_server_self:
+      server_type: 'qs'
+      username: '{{ opdk_user_email }}'
+      password: '{{ opdk_user_pass }}'
+
+  - debug: var="edge_qs_self"
+
+
+- hosts: ms
+  serial: 1
+  vars_files:
+  - ~/.apigee/credentials.yml
+  roles:
+  - apigee-opdk-setup-default-settings
+  tasks:
+  - name: Obtain management server self report
+    ignore_errors: yes
+    opdk_server_self:
+      server_type: 'ms'
+      username: '{{ opdk_user_email }}'
+      password: '{{ opdk_user_pass }}'
+
+  - debug: var="edge_ms_self"
+

diff --git a/validations/opdk-setup-log-files.yml b/validations/opdk-setup-log-files.yml
new file mode 100644
index 0000000..93fcd4d
--- /dev/null
+++ b/validations/opdk-setup-log-files.yml

@@ -0,0 +1,30 @@
+---
+- hosts: '{{ hosts }}'
+  become: true
+  strategy: free
+  roles:
+  - apigee-opdk-setup-default-settings
+  - { role: apigee-fetch-files, fetch_files: '{{ system_config_files }}', fetched_files_dir: '{{ fetched_configs_dir }}/{{ hosts }}/' }
+  tags:
+  - logs
+  - os-logs
+
+- hosts: '{{ hosts }}'
+  become: true
+  strategy: free
+  roles:
+  - apigee-opdk-setup-default-settings
+  - { role: apigee-fetch-files, fetch_files: '{{ apigee_log_files }}', fetched_files_dir: '{{ fetched_logs_dir }}/{{ hosts }}/' }
+  tags:
+  - logs
+  - apigee-logs
+
+- hosts: '{{ hosts }}'
+  become: true
+  strategy: free
+  roles:
+  - apigee-opdk-setup-default-settings
+  - { role: apigee-fetch-files, fetch_files: '{{ apigee_config_files }}', fetched_files_dir: '{{ fetched_configs_dir }}/{{ hosts }}/' }
+  tags:
+  - logs
+  - config-logs

diff --git a/validations/opdk-setup-status.yml b/validations/opdk-setup-status.yml
new file mode 100644
index 0000000..a5dff3e
--- /dev/null
+++ b/validations/opdk-setup-status.yml

@@ -0,0 +1,6 @@
+---
+- hosts: '{{ hosts }}'
+  roles:
+  - apigee-opdk-setup-status
+  tags:
+  - status

diff --git a/validations/opdk-setup-validate.yml b/validations/opdk-setup-validate.yml
new file mode 100644
index 0000000..861f295
--- /dev/null
+++ b/validations/opdk-setup-validate.yml

@@ -0,0 +1,16 @@
+---
+- hosts: '{{ hosts }}'
+  serial: 1
+  roles:
+  - apigee-opdk-setup-default-settings
+  - apigee-opdk-setup-validate
+  tags:
+  - validate
+
+- hosts: '{{ hosts }}'
+  serial: 1
+  roles:
+  - apigee-opdk-setup-default-settings
+  - apigee-opdk-setup-validate-cleanup
+  tags:
+  - validate-cleanup