#--------------------------------------------------------------------------
#Version: 2018.06.01.001
#--------------------------------------------------------------------------
#Open shift/stack

https://danehans.github.io/v3_presentation/#/

#--------------------------------------------------------------------------
	install python rpm
	setup ansible user and ansible group
	setup keys for to be used by the ansible user

	#sudo rule

	#common dirs
	/ansible (softlink to data area)
		inventories
		playbooks
		serverfacts

#--------------------------------------------------------------------------
#ansible

ansible: add extra pkg on clients: facter #give more server info

ansible-doc -l
  ex: ansible-doc selinux


http://galaxy.ansible.com   #role examples
http://ansible.com/community
docs.ansible.com - modules index


•	It's easy to get started
ansible.com/get-started
•	Join the Ansible community
ansible.com/community
•	Would you like to learn a lot more?
redhat.com/en/services/training/do407-automation-ansible

Don’t use IE for tower
Tower need 4GB RAM for each client

sudo yum -y install wget
wget http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-latest.tar.gz


https://github.com/ansible/lightbulb

#--------------------------------------------------------------------------
By default, hosts file is: 
	/etc/ansible/hosts

ansible --list-hosts all #list all hosts possible (keyword)

myhostfile
	[group1]
	host1
	host2

	[group2]
	app1
	app2

	[group3]
	db1
	db2

	[control]
	control-system-name  ansible_connection=local  #only non-ssh for this one

ansible -i myhostsfile --list-hosts all 
	#looks in /etc/ansible/hosts first, then you additional file

ansible.cfg
	[defaults]
	inventory=./myhostfile
	#now we don't need to give it the -i filename

ansible --list-hosts "*"   #like "all"

ansible --list-hosts group2

ansible --list-hosts app1

ansible --list-hosts "app*" 

ansible --list-hosts group1:group2  #deprecated/old is :
ansible --list-hosts group1,group2  #new is ,

ansible --list-hosts \!group3   #all but group3

ansible --list-hosts group3[0]   #index list
	#db1

#--------------------------------------------------------------------------
#technique: ad-hoc or playbook
#tasks - modules
#--------------------------------------------------------------------------
modules

	apt/yum
	copy
	file
	get_url
	git
	ping
	debug
	service
	synchronize
	template
	uri
	user
	wait_for
	assert

	command
	shell #for redirection
	script
	raw #if no python

ad-hoc
	ansible all -m ping   #get pong - if up
	ansible all -m command -a uptime
	ansible all -m command -a hostname
	ansible all -m command -a "uptime;hostname"
	ansible all -m setup  #get facts 

	ansible multi -i inventory -a "df -h"
	ansible db -i inventory -m yum -a "name=httpd state=present" -b


ntp.yml
---
  -hosts: all
   become: yes
   tasks: 
   -name: Ensure NTP is installed
    yum:
	  name: ntp
	  state: present
   -name: Ensure NTP is running
    service: ntpd
	state: started
	enabled: yes
+++

	ansible-playbook -i inventory ntp.yml --syntax-check
		#fix errors

	ansible-playbook -i inventory ntp.yml --syntax-check
		playbook: ntp.yml

	ansible-playbook -i inventory ntp.yml 

nodejs.yml
---
- hosts: web1
  become: yes
  tasks:
  - name: Install other repo
    yum:
	  name: "http://rpms.remirepo.net/enterprise/remi-release-7.rpm"
	  state: present

  - name: Import key
    rpm_key:
	  key: "http://rpms.remirepo.net/RPM-GPG-KEY-remi"
	  state: present

  - name: install epel
    yum:
	  name: epel-release
	  state: present
  - name: stop firewalld
    service:
	  name: firewalld
	  state: stopped

  -name: install node
   yum:
     name: npn
	 state: present
	 enablerepo: epel

  -name: install forever
   npm:
     name: forever
	 global: yes
	 state: present

  -name: nodejs dir
   file: "path={{ node_apps_location}} state=directory"

  -name: copy example
   copy: "src=app dest={{ name_apps_location }}"

  -name: install dependencies
   npm: "path={{ node_apps_location}}/app

  -name: check running
   command: forever list
   register: forever list 
   changed_when: false

 -name: start
  command: "forever start {{ node_apps_location }}/app/app.js"
  when: "forever_list.stdout.find('node_apps_location/app/app.js') == -1"

+++

	ansible-playbook -i inventory nodejs.yml \
		--extra-vars="node_apps_location=/usr/local/opt/node"

cd roles
	ansible-galaxy init nodejs

	nodejsrole.yml

		tasks
			main.yml
				pull in what tasks above/you want
				
  					-name: install app
   					 npm:
     					name: {{item}}
	 					global: yes
	 					state: present

inventory
	hosts
	groups
	inventory-specific data
	static or dynamic

	can use yaml of json for inventory in newer versions


galaxy.ansible.com
ansible.com/whitepapers
ansible.com/get-started
ansible.com/tower-trial


	AUT: F5 and ansible presentation
		 Service now bhs link
		 is automation sudo rule in ssp automation

		 ansible
		 	read from file for input
			post install automation

			keep each playbook simple, combine use in workflow/playbook

			look for modules
				galaxy.ansible.com

			docs
				docs.ansible.com

				ansible.com/resources
				ansible.com/get-started
				ansible.com/tower-trial
				github.com/ansible/ansible-examples

		 presentation
		 	see downloads ppt
		 	
			the phoenix project
			enterprise devops playbook (orielly)
				CM
				IAC
					modules (small and simple)
					cooperation
					composability (building blocks)
					extensiblity
					flexibility
					declaration
					abstraction
					idempotence
					convergence

			yaml (BOF, EOF)
				---
				stuff
				...

			updates
				ansible 2.6

			updates
				powershell (epel? or where?)
					#site
					https://docs.microsoft.com/en-us/powershell/scripting/setup/installing-powershell-core-on-macos-and-linux?view=powershell-6

					# Register the Microsoft RedHat repository
					#only rhel 7 (unless we get openssl-libs in channels
					curl \
					https://packages.microsoft.com/config/rhel/7/prod.repo \
						> /etc/yum.repos.d/microsoft.repo

					yum clean all
					# Install PowerShell
					yum install -y powershell \
						libunwind libcurl openssl libicu

					# Start PowerShell
					pwsh

			AUT: ansible: is there an bash to ansbile???
			 	 ansible AD group
				 unix
					l2&l3
						686,424

			multi-cloud openshift w/ F5
				iApps - declaritive interface
				tmsh2iapp - translate existing infc to iapp
				SDO  - service mesh (container to container)
					[Container committee]
				

		 node.js - review

#=========================================================================
#CLIENTS
#=========================================================================

#setup

install python rpm

setup ansible user and ansible group
setup ansible sudo rules

#=========================================================================
#CENTRAL ANSIBLE SERVERS
#=========================================================================

Both prod and dev, use /ansible

	/ansible (softlink to data area)
		inventories
		playbooks
		serverfacts

################################################################################
# User a different ssh key file

[dmz_servers:vars]
ansible_ssh_private_key_file = id_rsa

[dmz_servers]
xxx1
yyy1
zzz1

[all_servers:vars]
ansible_ssh_private_key_file = id_rsa_nopass

[all_servers]
xxx
yyy
zzz

######################################
UI - all you can do here, you can use uri REST calls