Updated 02. Короче, Склифософский! (markdown)

2020-05-13 17:32:05 +03:00
parent 1c1ee7f84c
commit 0500f083b5
1 changed files with 63 additions and 26 deletions
--- a/02.-Короче,-Склифософский!.md
+++ b/02.-Короче,-Склифософский!.md
@@ -1,5 +1,5 @@
 # «Короче, Склифосовский!»
-Данный раздел предназначен для тех, кто хорошо знаком с системой Ansible, а также имеет представление об основных понятиях и способах авторизации в облачной платформе DECORT.
+Данный раздел предназначен для тех, кто хорошо знаком с системой Ansible, а также имеет представление об основных концепциях и способах авторизации в облачной платформе DECORT.

 Ниже приведен пример Ansible playbook, который создает виртуальный сервер, дополняет _in-memory inventory_ информацией о только что созданном сервере и выполняет простейшую команду на уровне его гостевой ОС.

@@ -9,31 +9,58 @@
  tasks:
  - name: obtain access token to streamline further module's execution
    decort_jwt:
+      app_id: "{{ my_app_id }}"
+      app_secret: "{{ my_app_secret }}"
+      oauth2_url: "https://sso.decs.online"
+      validity: 1200
    delegate_to: localhost
+    register: token

  - name: obtain OS image to use for the new VM
    decort_osimage:
-    delegate_to: localhost
+      authenticator: jwt
+      jwt: "{{ token.jwt }}"
+      controller_url: "https://cloud.digitalenergy.online"
+      image_name: "Ubuntu 18.04 v1.2.3"
+      tenant_name: "MyMainTenant"
+  delegate_to: localhost
+  register: my_img

-  - name: obtain resource group to create the new VM in
+  - name: obtain resource group, where new VM will be created
    decort_rg:
-    delegate_to: localhost
+      authenticator: jwt
+      jwt: "{{ token.jwt }}"
+      controller_url: "https://cloud.digitalenergy.online"

-  - name: obtain virtual network segment to attach the new VM to
-    decort_vins:
    delegate_to: localhost
+    register: my_rg
+
+  - name: obtain virtual network segment, where new VM will be connected to
+    decort_vins:
+      authenticator: jwt
+      jwt: "{{ token.jwt }}"
+      controller_url: "https://cloud.digitalenergy.online"
+      name: "MyVins01"
+      rg_id: "{{ my_rg.facts.id }}"
+    delegate_to: localhost
+    register: my_vins

  - name: provision extra data disk for the new VM
    decort_disk:
+      authenticator: jwt
+      jwt: "{{ token.jwt }}"
+      controller_url: "https://cloud.digitalenergy.online"
+      name: "MyVM-disk01"
+      size: 50
+      place_with: "{{ my_img.facts.id }}"
    delegate_to: localhost
+    register: my_disk01

  - name: provision x86 KVM VM with one extra data disk attached and connected to two networks
    decort_kvmvm:
-      authenticator: oauth2
-      app_id: "{{ my_app_id }}"
-      app_secret: "{{ my_app_secret }}"
-      oauth2_url: https://sso.digitalenergy.online
-      controller_url: "https://ds1.digitalenergy.online"
+      authenticator: jwt
+      jwt: "{{ token.jwt }}"
+      controller_url: "https://cloud.digitalenergy.online"
      name: MyFirstVM
      arch: KVM_X86
      state: present
@@ -41,33 +68,43 @@
      ram: 4096
      boot_disk:
        size: 10
-      image_name: "Ubuntu 16.04"
+      image_id: "{{ my_img.facts.id }}"
      data_disks:
-        - id: "MyFirstVM-dd01"
-          size:
+        - id: "{{ my_disk01.facts.id }}"
      networks:
        - type: VINS
-          id: 15
+          id: "{{ my_vins.facts.id }}"
        - type: EXTERNAL
          id: 2
-      tenant_name: "MyTenant"
-      rg_name: "MyMainRG"
+      rg_id: "{{ my_rg.facts.id }}"
      annotation: "My 1st VM created and managed with DECORT KVMVM module"
    delegate_to: localhost
    register: new_vm

+  - name: configure network port forward rules for the newly created VM
+    decort_pfw:
+      authenticator: jwt
+      jwt: "{{ token.jwt }}"
+      controller_url: "https://cloud.digitalenergy.online"
+      vins_id: "{{ my_vins.facts.id }}"
+      compute_id: "{{ new_vm.facts.id }}"
+      rules:
+        - ext_port_start: 30022
+          int_base_port: 22
+          proto: tcp
+        - ext_port_start: 8443
+          int_base_port: 443
+          proto: tcp
+    delegate_to: localhost
+
  - name: add new VM to the in-memory inventory into group just_created
    add_host:
      groups: just_created
-      hostname: "{{ new_vm.vm_facts.name }}"
-      ansible_host: "{{ new_vm.vm_facts.vdc_ext_ip }}"
-      ansible_port: 21022
-      ansible_user: "{{ new_vm.vm_facts.username }}"
-      ansible_password: "{{ new_vm.vm_facts.password }}"
-
-  - name: configure network port forward rules for the newly created VM
-    decort_pfw:
-    delegate_to: localhost
+      hostname: "{{ new_vm.facts.name }}"
+      ansible_host: "{{ new_vm.facts.vdc_ext_ip }}"
+      ansible_port: 30022
+      ansible_user: "{{ new_vm.facts.username }}"
+      ansible_password: "{{ new_vm.facts.password }}"

 - hosts: just_created
  tasks: