initial commit
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a06fd77 --- /dev/null +++ b/.gitignore
@@ -0,0 +1,2 @@ +generated +files
diff --git a/gce-ansible-config.yml b/gce-ansible-config.yml new file mode 100644 index 0000000..96d98ca --- /dev/null +++ b/gce-ansible-config.yml
@@ -0,0 +1,46 @@ +--- +- name: Create SSH Private Key File From SA Account File + hosts: localhost + gather_facts: no + + vars: + service_account: "{{ lookup('file', credentials_file) }}" + ssh_private_key: "{{ service_account['private_key'] }}" + project_id: "{{ service_account['project_id'] }}" + service_account_email: "{{ service_account['client_email'] }}" + + tasks: + - name: Create project inventory folder + tags: ['gce-ini'] + file: + path: "{{ item }}" + state: directory + with_items: + - 'generated/inventory' + - 'generated/ssh' + + - name: Generate default ssh key file name + set_fact: + default_ssh_private_key_file: "generated/ssh/{{ project_id }}-ssh.pem" + when: ssh_private_key_file is not defined + + - name: Save private key to file + tags: ['ssh'] + copy: + dest: "{{ ssh_private_key_file | default(default_ssh_private_key_file) }}" + content: "{{ ssh_private_key }}" + remote_src: no + mode: 0400 + register: ssh_pem + + - name: Obtain ssh private key file name + set_fact: + ssh_private_key_file: "{{ ssh_pem.path }}" + + - name: Prepare the gce.ini file + tags: ['gce-ini'] + template: + src: gce.ini.j2 + dest: "generated/inventory/{{ project_id }}-gce.ini" + +
diff --git a/gce-create-instances.yml b/gce-create-instances.yml new file mode 100644 index 0000000..dd70814 --- /dev/null +++ b/gce-create-instances.yml
@@ -0,0 +1,131 @@ +--- +- name: Create Instance + hosts: localhost + connection: local + gather_facts: no + vars: + credentials_file: "{{ sa_json_file }}" + service_account: "{{ lookup('file', credentials_file) }}" + ssh_private_key: "{{ service_account['private_key'] }}" + project_id: "{{ service_account['project_id'] }}" + service_account_email: "{{ service_account['client_email'] }}" + + vars_files: + - gce-properties.yml + + tasks: + - name: Launch instances + tags: ['launch'] + gce: + name: "{{ host_prefix }}" + num_instances: "{{ num_instances | default(1) }}" + machine_type: "{{ machine_type }}" + image: "{{ image }}" + zone: "{{ zone }}" + project_id: "{{ project_id }}" + service_account_email: "{{ service_account_email }}" + credentials_file: '{{ credentials_file }}' + state: present + tags: "{{ default_firewall_tags }}" + register: gce + +# - name: Create firewall rule +# tags: ['firewall'] +# gce_net: +# state: present +# fwname: opdk-ssh +# src_range: ['0.0.0.0/0'] +# target_tags: ["{{ firewall_tag }}"] +# allowed: tcp:22 +# mode: auto +# project_id: "{{ project_id }}" +# service_account_email: "{{ service_account_email }}" +# credentials_file: '{{ credentials_file }}' + +# - name: Bind firewall rule to instances +# tags: ['bind'] +# gce_tag: +# instance_pattern: "{{ host_prefix }}*" +# tags: "{{ firewall_tag }}" +# zone: "{{ zone }}" +# state: present +# project_id: "{{ project_id }}" +# service_account_email: "{{ service_account_email }}" +# credentials_file: '{{ credentials_file }}' + +# - name: Save private key to file +# copy: +# dest: ~/.ssh/id_rsa +# content: "{{ sa_file['private_key'] }}" +# remote_src: no +# mode: 0400 + +# - name: Create public key from private key +# shell: ssh-keygen -y -f ~/.ssh/id_rsa +# register: ssh_public_key +# +# - name: Save public key +# copy: +# content: "{{ ssy_public_key }}" +# dest: ~/.ssh/id_rsa.pub +# remote_src: no +# +# - name: Update instances with public key + +# - name: Label Instances if less than 10 instances +# tags: ['label'] +# gce_labels: +# service_account_email: "{{ service_account_email }}" +# project_id: "{{ project_id }}" +# credentials_file: '{{ credentials_file }}' +# state: present +# resource_name: "{{ host_prefix }}-00{{ item }}" +# resource_type: instances +# resource_location: "{{ zone }}" +# labels: "{{ labels }}" +# with_sequence: "start=0 end={{ num_instances | int - 1 | default(0) }}" +# when: num_instances is not defined or num_instances | int - 1 < 10 + +# - block: +# - name: Label Instances if less than 10 instances +# tags: ['label'] +# gce_labels: +# service_account_email: "{{ service_account_email }}" +# project_id: "{{ project_id }}" +# credentials_file: '{{ credentials_file }}' +# state: present +# resource_name: "{{ host_prefix }}-00{{ item }}" +# resource_type: instances +# resource_location: "{{ zone }}" +# labels: "{{ labels }}" +# with_sequence: "start=0 end={{ num_instances | int - 1 | default(0) }}" +# when: num_instances | int - 1 | int < 10 +# +# - name: Label Instances if between than 10 and 100 instances +# tags: ['label'] +# gce_labels: +# service_account_email: "{{ service_account_email }}" +# project_id: "{{ project_id }}" +# credentials_file: '{{ credentials_file }}' +# state: present +# resource_name: "{{ host_prefix }}-0{{ item }}" +# resource_type: instances +# resource_location: "{{ zone }}" +# labels: "{{ labels }}" +# with_sequence: "start=0 end={{ num_instances | int - 1 | default(0) }}" +# when: num_instances | int - 1 < 100 and num_instances | int - 1 > 9 +# +# - name: Label Instances if greater 100 instances +# tags: ['label'] +# gce_labels: +# service_account_email: "{{ service_account_email }}" +# project_id: "{{ project_id }}" +# credentials_file: '{{ credentials_file }}' +# state: present +# resource_name: "{{ host_prefix }}-{{ item }}" +# resource_type: instances +# resource_location: "{{ zone }}" +# labels: "{{ labels }}" +# with_sequence: "start=0 end={{ num_instances | int - 1 | default(0) }}" +# when: num_instances | int - 1 > 99 +# when: num_instances is defined
diff --git a/gce-dependencies.yml b/gce-dependencies.yml new file mode 100644 index 0000000..76f04af --- /dev/null +++ b/gce-dependencies.yml
@@ -0,0 +1,20 @@ +--- +- name: Install GCE Dependencies + hosts: localhost + connection: local + become: yes + + tasks: + - name: Install or Remove GCE Dependencies based on state requested + pip: + name: "{{ item }}" + state: "{{ state | default('present') }}" + with_items: + - apache-libcloud + - pyopenssl + - pycrypto + - crypto + - google-api-python-client + - google-auth + - google-auth-httplib2 +
diff --git a/gce-properties.yml b/gce-properties.yml new file mode 100644 index 0000000..0129328 --- /dev/null +++ b/gce-properties.yml
@@ -0,0 +1,10 @@ +--- +machine_type: 'n1-standard-1' +image: 'centos-7-v20170918' +zone: 'us-east1-b' +host_prefix: 'cf' +labels: + carlos: '' +firewall_tag: 'opdk_ssh' +default_firewall_tags: +- 'default-zkrxups2f6ccnycpl3bokiut'
diff --git a/gce-remove.yml b/gce-remove.yml new file mode 100644 index 0000000..005978d --- /dev/null +++ b/gce-remove.yml
@@ -0,0 +1,18 @@ +--- +- name: Remove Instance + hosts: localhost + connection: local + + vars_files: + - gce-properties.yml + + tasks: + - name: Remove instance + gce: + instance_names: "{{ instance_names }}" + zone: "{{ zone }}" + project_id: "{{ project_id }}" + service_account_email: "{{ service_account_email }}" + credentials_file: '{{ credentials_file }}' + state: deleted + register: gce
diff --git a/gce.ini.j2 b/gce.ini.j2 new file mode 100644 index 0000000..aae2c18 --- /dev/null +++ b/gce.ini.j2
@@ -0,0 +1,55 @@ +#!/usr/bin/python +# Copyright 2013 Google Inc. +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +# The GCE inventory script has the following dependencies: +# 1. A valid Google Cloud Platform account with Google Compute Engine +# enabled. See https://cloud.google.com +# 2. An OAuth2 Service Account flow should be enabled. This will generate +# a private key file that the inventory script will use for API request +# authorization. See https://developers.google.com/accounts/docs/OAuth2 +# 3. Convert the private key from PKCS12 to PEM format +# $ openssl pkcs12 -in pkey.pkcs12 -passin pass:notasecret \ +# > -nodes -nocerts | openssl rsa -out pkey.pem +# 4. The libcloud (>=0.13.3) python libray. See http://libcloud.apache.org +# +# (See ansible/test/gce_tests.py comments for full install instructions) +# +# Author: Eric Johnson <erjohnso@google.com> + +[gce] +# GCE Service Account configuration information can be stored in the +# libcloud 'secrets.py' file. Ideally, the 'secrets.py' file will already +# exist in your PYTHONPATH and be picked up automatically with an import +# statement in the inventory script. However, you can specify an absolute +# path to the secrets.py file with 'libcloud_secrets' parameter. +libcloud_secrets = + +# If you are not going to use a 'secrets.py' file, you can set the necessary +# authorization parameters here. +gce_service_account_email_address = '{{ service_account_email }}' +gce_service_account_pem_file_path = '{{ ssh_private_key_file }}' +gce_project_id = '{{ project_id }}' +gce_zone = '{{ gce_zone | default("us-east1-b") }}' + +[inventory] +# The 'inventory_ip_type' parameter specifies whether 'ansible_ssh_host' should +# contain the instance internal or external address. Values may be either +# 'internal' or 'external'. If 'external' is specified but no external instance +# address exists, the internal address will be used. +# The INVENTORY_IP_TYPE environment variable will override this value. +inventory_ip_type = {{ inventory_id_type | default('internal') }}
diff --git a/pip-requirements-noversions.txt b/pip-requirements-noversions.txt new file mode 100644 index 0000000..8786ba8 --- /dev/null +++ b/pip-requirements-noversions.txt
@@ -0,0 +1,65 @@ +altgraph +ansible +apache-libcloud +asn1crypto +awscli +backports.ssl-match-hostname +bcrypt +bdist-mpkg +certifi +cffi +chardet +colorama +crypto +cryptography +docker-py +docker-pycreds +docutils +ecdsa +enum34 +epdb +futures +get +helper +httplib2 +idna +ipaddress +Jinja2 +jmespath +kazoo +macholib +MarkupSafe +matplotlib +modulegraph +Naked +ndg-httpsclient +numpy +paramiko +pexpect +post +ptyprocess +public +passlib +py2app +pyasn1 +pycparser +pycrypto +PyNaCl +pyOpenSSL +pyparsing +python-dateutil +pytz +PyYAML +query-string +requests +rsa +s3transfer +scipy +shellescape +simplejson +six +urllib3 +virtualenv +websocket-client +xattr +zope.interface \ No newline at end of file
diff --git a/pip-requirements-versioned.txt b/pip-requirements-versioned.txt new file mode 100644 index 0000000..e3c9393 --- /dev/null +++ b/pip-requirements-versioned.txt
@@ -0,0 +1,68 @@ +altgraph==0.10.2 +ansible==2.3.1.0 +apache-libcloud==2.1.0 +asn1crypto==0.22.0 +awscli==1.8.12 +backports.ssl-match-hostname==3.5.0.1 +bcrypt==3.1.3 +bdist-mpkg==0.5.0 +boto==2.48.0 +boto3==1.4.4 +botocore==1.5.84 +certifi==2017.4.17 +cffi==1.10.0 +chardet==3.0.4 +colorama==0.3.3 +crypto==1.4.1 +cryptography==2.0 +docker-py==1.7.0 +docker-pycreds==0.2.1 +docutils==0.13.1 +ecdsa==0.13 +enum34==1.1.6 +epdb==0.15.1 +futures==3.1.1 +get==0.0.11 +helper==2.4.1 +httplib2==0.9.2 +idna==2.5 +ipaddress==1.0.18 +Jinja2==2.9.6 +jmespath==0.9.3 +kazoo==2.2.1 +macholib==1.5.1 +MarkupSafe==1.0 +matplotlib==1.3.1 +modulegraph==0.10.4 +Naked==0.1.31 +ndg-httpsclient==0.4.2 +numpy==1.13.1 +paramiko==2.2.1 +pexpect==4.0.1 +post==0.0.8 +ptyprocess==0.5 +public==0.0.34 +passlib==1.6.5 +py2app==0.7.3 +pyasn1==0.2.3 +pycparser==2.18 +pycrypto==2.6.1 +PyNaCl==1.1.2 +pyOpenSSL==17.1.0 +pyparsing==2.0.1 +python-dateutil==2.6.1 +pytz==2013.7 +PyYAML==3.12 +query-string==0.0.8 +requests==2.18.1 +rsa==3.2 +s3transfer==0.1.10 +scipy==0.19.1 +shellescape==3.4.1 +simplejson==3.8.2 +six==1.10.0 +urllib3==1.21.1 +virtualenv==15.1.0 +websocket-client==0.40.0 +xattr==0.6.4 +zope.interface==4.1.1