-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathdeploy.yml
209 lines (191 loc) · 6.43 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
---
- name: Deploy VC and Hosts
hosts: localhost
gather_facts: false
collections:
- vmware.alb
- vmware.ansible_for_nsxt
- crypto
pre_tasks:
- name: Create the temporary directory
ansible.builtin.tempfile:
state: directory
suffix: setup
register: temp_dir_results
tags: ["always"]
- ansible.builtin.set_fact:
temp_dir: "{{ temp_dir_results.path }}"
tags: ["always"]
vars:
debug_mode: "{{ debug | default(False) | bool }}"
roles:
# Base vsphere section
- role: vsphere/vsphere-deploy-vc-and-hosts
tags: ["vsphere"]
when: 'nested_vcenter is defined and nested_hosts is defined'
- role: vsphere/vsphere-datacenter
tags: ["vsphere"]
when: 'nested_vcenter is defined'
- role: vsphere/vsphere-clusters
tags: ["vsphere"]
when: 'nested_clusters is defined'
- role: vsphere/vsphere-vswitch0-port-groups
tags: ["vsphere"]
when: 'nested_hosts is defined'
- role: vsphere/vsphere-local-datastores
tags: ["vsphere"]
when: 'nested_clusters is defined'
- role: vsphere/vsphere-nfs-datastores
tags: ["vsphere"]
when: 'nested_clusters is defined'
- role: vsphere/vsphere-enable-cluster-services
tags: ["vsphere"]
when: 'nested_clusters is defined'
- role: vsphere/vsphere-resource-pools
tags: ["vsphere"]
when: 'nested_clusters is defined'
- role: vsphere/vsphere-distributed-switches
when: 'distributed_switches is defined'
tags: ["vsphere"]
- role: vsphere/vsphere-distributed-port-groups
when: 'distributed_switches is defined'
tags: ["vsphere"]
- role: vsphere/vsphere-import-vm-template
when: 'vm_templates is defined'
tags: ["vsphere", "vm-template"]
# NSX-T Section
- role: nsxt/nsxt-mgmt-appliance
when: 'nsxt is defined'
tags: ["nsxt", "nsxt-mgr"]
# TODO set password expiry
# su admin '-c set user admin set user admin password-expiration 9999'
- role: nsxt/nsxt-mgmt-certificate
when: 'nsxt is defined'
tags: ["nsxt", "nsxt-mgr-cert"]
- role: nsxt/nsxt-ip-pools
when: 'nsxt.ip_pools is defined or nsxt.policy_ip_pools is defined'
tags: ["nsxt", "nsxt-ip-pools"]
- role: nsxt/nsxt-ip-blocks
when: 'nsxt.ip_blocks is defined or nsxt.policy_ip_blocks is defined'
tags: ["nsxt", "nsxt-ip-blocks"]
- role: nsxt/nsxt-uplink-profiles
when: 'nsxt is defined'
tags: ["nsxt", "nsxt-uplink-profiles"]
- role: nsxt/nsxt-transport-zones
when: 'nsxt is defined'
tags: ["nsxt", "nsxt-transport-zones"]
- role: nsxt/nsxt-compute-manager
when: 'nsxt is defined'
tags: ["nsxt", "nsxt-compute-mgr"]
- role: nsxt/nsxt-principal-identities
when: 'nsxt.principal_identities is defined'
tags: ["nsxt", "nsxt-pis"]
- role: nsxt/nsxt-vlan-segments
when: 'nsxt is defined'
tags: ["nsxt", "nsxt-vlan-segments"]
- role: nsxt/nsxt-transport-nodes
when: 'nsxt is defined'
tags: ["nsxt", "nsxt-transport-nodes"]
- role: nsxt/nsxt-edge-clusters
when: 'nsxt is defined'
tags: ["nsxt", "nsxt-edge-clusters"]
- role: nsxt/nsxt-switching-routing
when: 'nsxt is defined'
tags: ["nsxt", "nsxt-switching-routing"]
# NSX-ALB (Avi) Section
- role: nsx-alb/deploy-controller
when: 'nsx_alb is defined'
tags: ["nsx-alb", "alb-controller"]
- role: nsx-alb/configure-cloud
when: 'nsx_alb is defined'
tags: ["nsx-alb", "alb-cloud"]
- role: nsx-alb/dummy-service
when: 'nsx_alb.dummy_service is defined'
tags: ["nsx-alb", "alb-dummy"]
# Tanzu Multi-Cloud Secton
- role: tanzu/multi-cloud-generate-config
when: 'tanzu_multi_cloud.generated_config_file is defined'
tags: ["tkgm-config"]
# vSphere with Kubernetes Section
- role: vsphere/vsphere-storage-based-policy-management
when: 'tspbm is defined'
tags: ["tkgs"]
- role: tanzu/vsphere-content-library
when: 'tanzu_vsphere is defined'
tags: ["tkgs"]
- role: tanzu/vyos-router
when: 'tkg_router is defined'
tags: ["tkgs"]
- role: tanzu/ha-proxy
when: 'tkg_haproxy is defined'
tags: ["tkgs"]
- role: tanzu/vsphere-enable-cluster
when: 'tanzu_vsphere is defined'
tags: ["tkgs", "tkgs-enable"]
# Opsman/Bosh Secton
- role: tanzu/opsman/install-opsman
when: 'tanzu_opsman_bosh is defined'
tags: ["opsman"]
- role: tanzu/opsman/configure-bosh
when: 'tanzu_opsman_bosh is defined'
tags: ["bosh"]
# TKGi section
- role: tanzu/tkgi/harbor-tile
when: 'tkgi is defined'
tags: ["harbor-tile"]
- role: tanzu/tkgi/tkgi-tile
when: 'tkgi is defined'
tags: ["tkgi-tile"]
# TAS section
- role: tanzu/application-service
when: 'tanzu_application_service is defined'
tags: ["tas-tile"]
# Concourse section
- role: concourse
when: 'concourse is defined'
tags: ["concourse"]
# Harbor VM section
- role: harbor-standalone/harbor-vm
when: 'harbor_standalone is defined'
tags: ["harbor"]
# MinIO VM section
- role: minio-standalone/minio-vm
when: 'minio_standalone is defined'
tags: ["minio"]
post_tasks:
- name: Remove the temporary directory
ansible.builtin.file:
path: "{{ temp_dir }}"
state: absent
no_log: true
# Separate section to run commands inside harbor VM if created
- name: Setup Standalone Harbor
hosts: harbor
become: true
roles:
- role: harbor-standalone/harbor-configuration
when: 'harbor_standalone is defined'
tags: ["harbor"]
- name: Setup Standalone Minio
hosts: minio
become: true
roles:
- role: ricsanfre.minio
minio_root_user: "{{ minio_standalone.minio_root_user }}"
minio_root_password: "{{ minio_standalone.minio_root_password }}"
minio_enable_tls: false
minio_server_port: "{{ minio_standalone.minio_server_port }}"
minio_url: "{{ minio_standalone.minio_url }}"
minio_site_region: "{{ minio_standalone.minio_site_region }}"
minio_buckets: "{{ minio_standalone.buckets }}"
minio_pip_environment_vars:
PIP_BREAK_SYSTEM_PACKAGES: "1"
when: 'minio_standalone is defined'
tags: ["minio"]
- name: Display Summary
hosts: localhost
gather_facts: false
roles:
### Show outputs at the end
- role: display-configuration
tags: ["summary"]