Installation using Ansible¶
Warning
Below guide is still in an experimental stage
Provided Ansible resources assume an apt based OS
OnSphere can be deployed using Ansible so that you don’t have to bother with each and every details.
Note
Neither the Ansible install nor its configuration is covered in this guide. Provided Ansible playbook assumes requirements to be able to run any playbook on the host you are targeting (e.g Ansible installed, variables for ansible_user, ansible_become_password, …. properly populated, ssh access on host open, …) are available .
You can either copy/paste OnSphere Ansible files into your project or simply add OnSphere Ansible galaxy to your requirements file.
Requirements file (requirements.yml) example :
collections:
- source: /PATH/ON/YOUR/MACHINE/YOU/EXTRACTED/ONSPHERE-ANSIBLE-RESOURCES
type: dir
version: main
To install the requirements simply call
ansible-galaxy install -r ./requirements.yml --force
Note
This command assumes you are in the directory where the requirements file is located, if not, it is possible to replace ./requirements.yml with the file’s path (relative or absolute)
A basic playbook to install OnSphere could look like this :
Warning
This playbook will erase any already existing configuration matching the provided stack name.
---
- name: Deploy Onsphere
hosts: main_node
gather_facts: false
become: true
# For local deployment uncomment below
# hosts: main_node
# connection: local
# become: false
tasks:
- include_vars:
file: "./osp-deploy-vault.enc"
when: ansible_ssh_pass is undefined
- name: Settings pre-required facts
ansible.builtin.set_fact:
ansible_ssh_pass: '{{ vars["vault"]["target_ssh_pass"] }}' # FILL IN VAULT
ansible_become_password: '{{ vars["vault"]["target_ssh_pass"] }}' # FILL IN VAULT
overried_existing_requirements: false
override_existing_stack: true
config_to_deploy_path: ""
sdn_nexus: "nexus.onsphere.ch"
portainer_config_path: "/opt/osp/portainer/"
tmp_dir: "/tmp/osp-stack-deploy"
when: ansible_ssh_pass is undefined
- name: Settings Portainer and registry
ansible.builtin.set_fact:
docker_registry: # Ask SDN for your registry credentials
username: # FILL IN -> Your docker regitry username
password: '{{ vars["vault"]["docker_registry_pwd"] }}'
url: "{{ sdn_nexus }}"
portainer:
version: 3.6
image_version: 2.17.0
enable_http: true
enable_https: false
enable_edge_computing: false
admin_password: '{{ vars["vault"]["portainer_admin_pwd"] }}'
when: docker_registry is undefined
- name: Set portainer api port based on configured options
set_fact:
portainer: >-
{{
portainer | combine({
'api_port': (portainer.enable_https) | ternary('9443', '9000')
})
}}
- name: Set stack settings
ansible.builtin.set_fact:
stack_settings:
dispatcher_port: # FILL IN (e.g 5022)
registry: '{{ docker_registry["url"] }}'
name: # FILL IN (e.g "osp-stack-1") Max 20 characters
config_name: # FILL IN (e.g "osp-config-1")
onsphere_version: # FILL IN (e.g "1.2.3")
admin_user: '{{ vars["vault"]["admin_user"] }}'
admin_password: '{{ vars["vault"]["admin_pwd"] }}'
keycloak_db_password: '{{ vars["vault"]["keycloack_db_pwd"] }}'
when: stack_settings is undefined
- name: Get host OS family
ansible.builtin.setup:
gather_subset:
- '!all'
- '!min'
- os_family
- include_role:
name: roles/onsphere/install
- include_role:
name: roles/onsphere/deploy_configuration
when: config_to_deploy_path != ""
Where all variables starting with YOUR_ should be replaced/populated, ideally storing those ending with _stored_in_vault in an Ansible vault
Note
Contact Swissdotnet at info@swissdotnet.ch for YOUR_docker_registry_username and YOUR_docker_registry_pwd_stored_in_vault if you don’t already have credential for OnSphere Nexus access.
If you already have an OnSphere configuration which you want to attach on the newly deployed OnSphere stack, you can simply reference its path in config_to_deploy_path variable.