---
- name: Perform common environment setup for nodes
- hosts: infrastructure, kubernetes
- tasks:
- - name: Setup resolv.conf
- lineinfile:
- line: "nameserver {{ hostvars[groups.infrastructure[0]].ansible_host }}"
- path: /etc/resolv.conf
- state: present
- insertbefore: BOF
- become: yes
- - name: Add application offline rpm repository
- yum_repository:
- name: "{{ app_name }}"
- file: "{{ app_name | lower }}"
- description: "{{ app_name }} offline repository"
- baseurl: "{{ 'http://repo.infra-server' if 'infrastructure' not in group_names else 'file://' + app_data_path + '/pkg/rhel' }}"
- gpgcheck: no
- enabled: yes
- when: deploy_rpm_repository
- become: yes
-
-- name: Setup firewall
hosts: infrastructure, kubernetes
roles:
- - role: firewall
- vars:
- state: disable
+ - package-repository
+ - firewall
- name: Setup infrastructure servers
hosts: infrastructure
roles:
+ - package-repository-check
- certificates
- docker
- dns
- vncserver
- - role: nexus
- vars:
- phase: install
- nginx
- tasks:
- - name: "wait for nexus to come up"
- uri:
- url: "{{ nexus_url }}/service/metrics/healthcheck"
- user: admin
- password: admin123
- force_basic_auth: yes
- method: GET
- register: nexus_wait
- until: not nexus_wait.failed
- retries: 30
- delay: 10
-
-- name: Nexus changes in runtime
- hosts: infrastructure
- roles:
- - role: nexus
- vars:
- phase: configure
- when: populate_nexus | bool
- - role: nexus
- vars:
- phase: runtime-populate
- when: runtime_images is defined
+ - chrony
+ - nexus
+ - role: chartmuseum
- name: Setup base for Kubernetes nodes
- hosts: kubernetes
+ hosts: kubernetes:!infrastructure
roles:
+ - package-repository-check
+ - chrony
- docker
tasks:
- - import_tasks: roles/certificates/tasks/upload_root_ca.yml
+ - include_role:
+ name: certificates
+ tasks_from: upload_root_ca.yml
+ vars:
+ certificates_local_dir: "{{ playbook_dir }}/certs"