Ongoing baseline establishment work

Create provision playbook with modular platform-interop framework
Implement first version of update-system playbook
Implement var organization
Implement basic structure of inventory file

omni.yml

@@ -5,6 +5,8 @@ servers:
     enable_ssh: True
     enable_ssh_password_auth: False
     enable_sudo_password: True
+    enable_networkd: True
+    generate_keys: False
   hosts:
     romulus.net.enp.one:
       vars:
@@ -31,6 +33,8 @@ vms:
     enable_ssh: True
     enable_ssh_password_auth: False
     enable_sudo_password: False
+    enable_networkd: True
+    generate_keys: False
   hosts:
     vm-host-nginx:
       vars:
@@ -64,6 +68,8 @@ workstations:
     enable_ssh: False
     enable_ssh_password_auth: False
     enable_sudo_password: True
+    enable_networkd: False
+    generate_keys: False
   hosts:
     omega:
       vars:

playbooks/common.yml

@@ -1,114 +0,0 @@
----
-- name: Set hostname
-  become: true
-  hostname:
-    name: "{{ default_host if default_host is defined else inventory_hostname }}"
-
-- name: Install CentOS-specific repositories
-  become: true
-  when: ansible_distribution == "CentOS"
-  block:
-    - name: Enable Extra Packages for Enterprise Linux
-      yum_repository:
-        name: epel
-        description: Extra Packages for Enterprise Linux
-        baseurl: https://download.fedoraproject.org/pub/epel/$releasever/$basearch/
-    - name: Install Extra Packages for Enterprise Linux GPG key
-      rpm_key:
-        state: present
-        key: https://archive.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
-    - name: Enable Inline with Upstream Stable
-      yum:
-        state: latest
-        name: https://centos7.iuscommunity.org/ius-release.rpm
-
-- name: Install selinux and firewalld python bindings
-  become: true
-  block:
-    - name: Install python bindings using DNF
-      when: ansible_distribution == "Fedora"
-      dnf:
-        name: "{{ item }}"
-        state: latest
-      with_items:
-        - libselinux-python
-        - policycoreutils-python
-        - python-firewall
-    - name: Install python bindings using YUM
-      when: ansible_distribution == "CentOS"
-      yum:
-        state: latest
-        name:
-          - libselinux-python
-          - policycoreutils-python
-          - python-firewall
-
-- name: Install networkd on CentOS
-  when: ansible_distribution == "CentOS"
-  become: true
-  yum:
-    state: latest
-    name: "{{ item }}"
-  with_items:
-    - systemd-resolved
-    - systemd-networkd
-
-# The directory is deleted ahead of creation to ensure that no old configs
-# remain after runnign ansible
-- name: Delete networkd config directory
-  file:
-    path: /etc/systemd/network
-    state: absent
-
-- name: Create the networkd config directory
-  file:
-    path: /etc/systemd/network
-    state: directory
-
-- name: Make .network files
-  template:
-    src: dot.network.j2
-    dest: "/etc/systemd/network/{{ item.key }}.network"
-  with_dict: "{{ networking }}"
-
-- name: Register static entries
-  delegate_to: {{ router.address }}
-  edgeos_config:
-    save: true
-    lines:
-      - set service dhcp-server shared-network-name {{ router.static.server }} subnet {{ router.static.subnet }} static-mapping {{ item.alias | default(inventory_hostname) }} mac-address {{ item.mac }}
-      - set service dhcp-server shared-network-name {{ router.static.server }} subnet {{ router.static.subnet }} static-mapping {{ item.alias | default(inventory_hostname) }} ip-address {{ item.address }}
-
-- name: Disable network scripts and NetworkManager
-  service:
-    name: "{{ item }}"
-    enabled: false
-  with_items:
-    - network
-    - NetworkManager
-    - NetworkManager-wait-online
-
-- name: Enable systemd-networkd and systemd-resolved
-  service:
-    name: "{{ item }}"
-    enabled: true
-    state: started
-  with_items:
-    - systemd-networkd
-    - systemd-networkd-wait-online
-    - systemd-resolved
-
-- name: Symlink so systemd-resolved uses /etc/resolv.conf
-  file:
-    dest: /etc/resolv.conf
-    src: /run/systemd/resolve/resolv.conf
-    state: link
-    force: true
-    setype: net_conf_t
-
-- name: Symlink so /etc/resolv.conf uses systemd
-  file:
-    dest: /etc/systemd/system/multi-user.target.wants/systemd-resolved.service
-    src: /usr/lib/systemd/system/systemd-resolved.service
-    state: link
-    force: true

playbooks/files/bashrc.sh

@@ -0,0 +1,73 @@
+function up() { cd $(eval printf '../'%.0s {1..$1}); }
+alias fuck='sudo $(history -p \!\!)'
+alias doc='cd ~/Documents'
+alias explorer='nautilus'
+alias version='uname -orp && lsb_release -a | grep Description'
+alias activate='source ./bin/activate'
+alias ipconfig='ip address show'
+alias cls='clear'
+alias mklink='ln -s'
+alias ls='ls -lshF --color --group-directories-first --time-style=long-iso'
+
+function venv() {
+  DIR="/home/$USER/.virtualenvs"
+
+  [[ -d $DIR ]] || mkdir $DIR
+
+  if [ ! -v $1 ] || [ $1 -eq '--help' ] || [ $1 -eq '-h' ]; then
+    echo "Custom python Virtualenv manager
+\"Because pipenv is too hard and everything else sucks\"
+
+Commands:
+  list                 List available virtualenvs
+  show                 Alias of list
+  delete <venv>        Delete a virtualenv
+  del                  Alias of delete
+  rm                   Alias of delete
+  load <venv>          Activate a virtualenv for usage
+  new <venv> <python>  Create a new virtualenv. If <python> is not specified,
+                       then the system default python is used
+"
+
+  elif [ ! -v $1 ] || [ $1 -eq "list" ] || [ $1 -eq "show" ]; then
+    echo "hello"
+    ls $DIR
+
+  elif [ $1 -eq "del" ] || [ $1 -eq "rm" ]; then
+    if [ ! -v $2 ]; then
+      echo "Error: virtualenv name parameter not provided"
+    else
+      if [ ! -d "$DIR/$2" ]; then
+        echo "Error: virtualenv $2 does not exist"
+      else
+        rm -rf $DIR/$2
+      fi
+    fi
+
+  elif [ $1 -eq "new" ]; then
+    if [ ! -v $2 ]; then
+      echo "Error: virtualenv name parameter not provided"
+    else
+      if [ -d "$DIR/$2" ]; then
+        echo "Error: virtualenv $2 already exits"
+      elif [ -v $3 ]; then
+        virtualenv $2 --python=$3
+      else
+        virtualenv $2
+      fi
+    fi
+
+  elif [ $1 -eq "load" ]; then
+    if [ ! -v $2 ]; then
+      echo "Error: virtualenv name parameter not provided"
+    elif [ ! -d "$DIR/$2" ]; then
+      echo "Error: virtualenv $2 does not exist"
+    else
+      source $DIR/$2/bin/activate
+    fi
+
+  else
+    echo "No parameter provided"
+  fi
+
+}

playbooks/provision.yml

@@ -0,0 +1,74 @@
+---
+- hosts: all
+  name: Init
+  tasks:
+    - name: Check system compatibility
+      when: ansible_distribution != "CentOS" and ansible_distribution != "Red Hat Enterprise Linux" and ansible_distribution != "Fedora"
+      meta: end_play
+      debug:
+        msg: "Standard configuration deployment is only supported on Fedora 27/28, Centos 7.5, and RHEL"
+
+    - name: Set hostname
+      become: true
+      hostname:
+        name: "{{ default_host if default_host is defined else inventory_hostname }}"
+
+    - name: Install MOTD
+      become: true
+      template:
+        src: motd.j2
+        dest: /etc/motd
+        mode: 0644
+
+    - name: Install global bashrc
+      become: true
+      template:
+        src: bashrc.j2
+        dest: /etc/profile.d/30-omni-bashrc.sh
+        mode: 0644
+
+- hosts: all
+  name: System packages
+  tasks:
+    - import_tasks: common/centos/repositories.yml
+      when: ansible_distribution == "CentOS"
+    - import_tasks: common/centos/packages.yml
+      when: ansible_distribution == "CentOS"
+    - import_tasks: common/fedora/packages.yml
+      when: ansible_distribution == "Fedora"
+    # - import_tasks: common/debian/packages.yml
+    #   when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu"
+
+
+- import_playbook: update-system.yml
+
+
+- hosts: all
+  name: Replace NetworkManager with systemd-networkd
+  tasks:
+    - name: Install systemd-networkd
+      when: enable_networkd == true
+      block:
+        - import_tasks: common/centos/networkd.yml
+          when: ansible_distribution == "CentOS"
+        - import_tasks: common/fedora/networkd.yml
+          when: ansible_distribution == "Fedora"
+        # - import_tasks: common/debian/networkd.yml
+        #   when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu"
+    - name: Configure systemd-networkd
+      when: enable_networkd == true
+        - import_tasks: common/networkd.yml
+
+
+- hosts: all
+  name: Register static DHCP entries
+  tasks:
+    - name: Install static DHCP leases
+      delegate_to: {{ router.address }}
+      when: networking is defined
+      edgeos_config:
+        save: true
+        lines:
+          - set service dhcp-server shared-network-name {{ router.static.server }} subnet {{ router.static.subnet }} static-mapping {{ item.alias | default(inventory_hostname) }} mac-address {{ item.mac }}
+          - set service dhcp-server shared-network-name {{ router.static.server }} subnet {{ router.static.subnet }} static-mapping {{ item.alias | default(inventory_hostname) }} ip-address {{ item.address }}
+      with_dict: "{{ networking }}"

playbooks/templates/motd.j2

@@ -0,0 +1,11 @@
+ ______    _      _   __     _   _______
+|  ___ \  | \    / | |  \   | | |__   __|
+| |   | | |  \  /  | | \ \  | |    | |
+| |   | | |   \/   | | |\ \ | |    | |
+| |   | | | |\  /| | | | \ \| |    | |
+| |___| | | | \/ | | | |  \ \ |  __| |__
+ \______| |_|    |_| |_|   \__| |______/
+
+ {{ description | default('ENPN Distributed System') }}
+
+{{ ansible_distribution }} {{ ansible_distribution_version }} - Ansible'd {{ ansible_date_time.date }}

playbooks/update-system.yml

@@ -0,0 +1,24 @@
+---
+- hosts: all
+  name: Upgrade packages
+  tasks:
+    - name: Upgrade YUM packages
+      when: ansible_distribution == "CentOS"
+      become: true
+      yum:
+        state: latest
+        name: *
+        exclude: kernel*{{ ',' + exclude_upgrade | default('') }}
+
+    - name: Upgrade DNF packages
+      when: ansible_distribution == "Fedora"
+      become: true
+      dnf:
+        state: latest
+        name: *
+        exclude: kernel*{{ ',' + exclude_upgrade | default('') }}
+
+    # - name: Upgrade APT packages
+    #   when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu"
+    #   become: true
+    #   apt:

playbooks/vars

@@ -0,0 +1 @@
+../vars

roles/hypervisor/tasks/main.yml

@@ -4,6 +4,13 @@
   debug:
     msg: "Hypervisor deployment is only supported on CentOS and RHEL"
 
+- name: Temporarily disable IUS and EPEL repositories
+  become: true
+  command: mv /etc/yum.repos.d/{{ item }}.repo /etc/yum.repos.d/{{ item }}.repo.bak
+  with_items:
+    - ius
+    - epel
+
 - name: Install OVirt repository
   become: true
   yum:
@@ -15,3 +22,10 @@
   yum:
     name: ovirt-engine
     state: latest
+
+- name: Re-enable IUS and EPEL repositories
+  become: true
+  command: mv /etc/yum.repos.d/{{ item }}.repo.bak /etc/yum.repos.d/{{ item }}.repo
+  with_items:
+    - ius
+    - epel

vars/global.yml

@@ -0,0 +1,2 @@
+---
+ansible_user: ansible

vars/network.yml

@@ -0,0 +1,8 @@
+---
+domain: net.enp.one
+
+router:
+  address: router.tre2.local
+  static:
+    server: DOMAIN
+    subnet: 10.42.101.0/24

vars/packages.yml

@@ -0,0 +1,29 @@
+---
+packages_global:
+  - cmake
+  - curl
+  - gcc
+  - gcc-c++
+  - git
+  - libselinux-python
+  - make
+  - nano
+  - openssl-devel
+  - policycoreutils-python
+  - python-devel
+  - python-firewall
+  - python-virtualenv
+  - unzip
+  - vim
+  - vim-minimal
+
+packages_dnf:
+  - python3-devel
+
+packages_yum:
+  - bash-completion
+  - bash-completion-extras
+  - nc
+  - nfs-utils
+  - python36u
+  - wget

vars/users.yml

@@ -1,14 +1,4 @@
 ---
-ansible_user: ansible
-
-domain: net.enp.one
-
-router:
-  address: router.tre2.local
-  static:
-    server: DOMAIN
-    subnet: 10.42.101.0/24
-
 users:
   # - name: username (required)
   #   fullname: user's full name (optional)