diff --git a/02.-Короче,-Склифософский!.md b/02.-Короче,-Склифософский!.md index d73c56d..4986a9f 100644 --- a/02.-Короче,-Склифософский!.md +++ b/02.-Короче,-Склифософский!.md @@ -1,5 +1,5 @@ # «Короче, Склифосовский!» -Данный раздел предназначен для тех, кто хорошо знаком с системой Ansible, а также имеет представление об основных понятиях и способах авторизации в облачной платформе DECORT. +Данный раздел предназначен для тех, кто хорошо знаком с системой Ansible, а также имеет представление об основных концепциях и способах авторизации в облачной платформе DECORT. Ниже приведен пример Ansible playbook, который создает виртуальный сервер, дополняет _in-memory inventory_ информацией о только что созданном сервере и выполняет простейшую команду на уровне его гостевой ОС. @@ -9,31 +9,58 @@ tasks: - name: obtain access token to streamline further module's execution decort_jwt: + app_id: "{{ my_app_id }}" + app_secret: "{{ my_app_secret }}" + oauth2_url: "https://sso.decs.online" + validity: 1200 delegate_to: localhost + register: token - name: obtain OS image to use for the new VM decort_osimage: - delegate_to: localhost + authenticator: jwt + jwt: "{{ token.jwt }}" + controller_url: "https://cloud.digitalenergy.online" + image_name: "Ubuntu 18.04 v1.2.3" + tenant_name: "MyMainTenant" + delegate_to: localhost + register: my_img - - name: obtain resource group to create the new VM in + - name: obtain resource group, where new VM will be created decort_rg: - delegate_to: localhost + authenticator: jwt + jwt: "{{ token.jwt }}" + controller_url: "https://cloud.digitalenergy.online" - - name: obtain virtual network segment to attach the new VM to - decort_vins: delegate_to: localhost + register: my_rg + + - name: obtain virtual network segment, where new VM will be connected to + decort_vins: + authenticator: jwt + jwt: "{{ token.jwt }}" + controller_url: "https://cloud.digitalenergy.online" + name: "MyVins01" + rg_id: "{{ my_rg.facts.id }}" + delegate_to: localhost + register: my_vins - name: provision extra data disk for the new VM decort_disk: + authenticator: jwt + jwt: "{{ token.jwt }}" + controller_url: "https://cloud.digitalenergy.online" + name: "MyVM-disk01" + size: 50 + place_with: "{{ my_img.facts.id }}" delegate_to: localhost + register: my_disk01 - name: provision x86 KVM VM with one extra data disk attached and connected to two networks decort_kvmvm: - authenticator: oauth2 - app_id: "{{ my_app_id }}" - app_secret: "{{ my_app_secret }}" - oauth2_url: https://sso.digitalenergy.online - controller_url: "https://ds1.digitalenergy.online" + authenticator: jwt + jwt: "{{ token.jwt }}" + controller_url: "https://cloud.digitalenergy.online" name: MyFirstVM arch: KVM_X86 state: present @@ -41,33 +68,43 @@ ram: 4096 boot_disk: size: 10 - image_name: "Ubuntu 16.04" + image_id: "{{ my_img.facts.id }}" data_disks: - - id: "MyFirstVM-dd01" - size: + - id: "{{ my_disk01.facts.id }}" networks: - type: VINS - id: 15 + id: "{{ my_vins.facts.id }}" - type: EXTERNAL id: 2 - tenant_name: "MyTenant" - rg_name: "MyMainRG" + rg_id: "{{ my_rg.facts.id }}" annotation: "My 1st VM created and managed with DECORT KVMVM module" delegate_to: localhost register: new_vm + - name: configure network port forward rules for the newly created VM + decort_pfw: + authenticator: jwt + jwt: "{{ token.jwt }}" + controller_url: "https://cloud.digitalenergy.online" + vins_id: "{{ my_vins.facts.id }}" + compute_id: "{{ new_vm.facts.id }}" + rules: + - ext_port_start: 30022 + int_base_port: 22 + proto: tcp + - ext_port_start: 8443 + int_base_port: 443 + proto: tcp + delegate_to: localhost + - name: add new VM to the in-memory inventory into group just_created add_host: groups: just_created - hostname: "{{ new_vm.vm_facts.name }}" - ansible_host: "{{ new_vm.vm_facts.vdc_ext_ip }}" - ansible_port: 21022 - ansible_user: "{{ new_vm.vm_facts.username }}" - ansible_password: "{{ new_vm.vm_facts.password }}" - - - name: configure network port forward rules for the newly created VM - decort_pfw: - delegate_to: localhost + hostname: "{{ new_vm.facts.name }}" + ansible_host: "{{ new_vm.facts.vdc_ext_ip }}" + ansible_port: 30022 + ansible_user: "{{ new_vm.facts.username }}" + ansible_password: "{{ new_vm.facts.password }}" - hosts: just_created tasks: