rename folder

Ansible/nectar/APIpassword.txt

+MDlmNjRmODBkYmUxOTRh
+
+
+
+# Note: first run the command "chmod a+x run-nectar.sh"
+# and then run the command "./run-nectar.sh"
+
+# ssh
+# ssh -i deployment_key.txt ubuntu@172.26.38.4
+
+# to check internet proxy environment
+# less /etc/environment

Ansible/nectar/host_vars/nectar.yaml

+# this file states common variables
+
+# availability zone
+availability_zone: melbourne-qh2-uom
+
+# volume
+volumes:
+  - vol_name: master volume
+    vol_size: 10
+  - vol_name: automated_vol_1
+    vol_size: 30
+  - vol_name: automated_vol_2
+    vol_size: 30
+
+# security groups
+security_groups:
+  - name: automated_ssh
+    description: "Automated security group for SSH access"
+    protocol: tcp
+    port_range_min: 22
+    port_range_max: 22
+    #remote_ip_prefix: 128.250.0.0/16 (from unimelb)
+    remote_ip_prefix: 0.0.0.0/0 #(accessing from everywhere)
+  - name: automated_http
+    description: "Automated security group for HTTP access"
+    protocol: tcp 
+    port_range_min: 80
+    port_range_max: 80
+    remote_ip_prefix: 0.0.0.0/0
+  - name: automated_CouchDB
+    description: "Automated security group for CouchDB access"
+    protocol: tcp 
+    port_range_min: 5984
+    port_range_max: 5984
+    remote_ip_prefix: 0.0.0.0/0
+  - name: automated_WebServer
+    description: "Automated security group for Web Server access"
+    protocol: tcp 
+    port_range_min: 5555
+    port_range_max: 5555
+    remote_ip_prefix: 0.0.0.0/0
+
+# instance
+instances:
+  - instance_name: master
+    instance_image: 4c5b48a0-fb86-4f4f-a98b-81e3af15e2eb
+    instance_key_name: xinjie
+    instance_flavor: uom.mse.1c4g
+  - instance_name: automated1
+    instance_image: 4c5b48a0-fb86-4f4f-a98b-81e3af15e2eb
+    instance_key_name: xinjie
+    instance_flavor: uom.mse.2c9g
+  - instance_name: automated2
+    instance_image: 4c5b48a0-fb86-4f4f-a98b-81e3af15e2eb
+    instance_key_name: xinjie
+    instance_flavor: uom.mse.2c9g
+  
+  
\ No newline at end of file

Ansible/nectar/nectar.retry

+localhost

Ansible/nectar/nectar.yaml

+# playbook file
+
+- hosts: localhost
+  vars_files:
+    - host_vars/nectar.yaml
+  gather_facts: true
+
+  roles:
+    - role: openstack-common
+    - role: openstack-images
+    - role: openstack-volume
+    - role: openstack-security-group
+    - role: openstack-instance # instance depends on the aboves
+    - role: openstack-volume-snapshot
+    - role: openstack-setup
+

Ansible/nectar/roles/openstack-common/main.yaml

+# this file is for installing dependencies on the host
+
+# sudo apt-get update: sudo apt-get install python-pip
+- name: Install pip
+  become: yes
+  apt:
+    name: ['python-pip']
+    state: latest
+    update_cache: yes
+  when: ansible_distribution == "Ubuntu"
+
+# pip install -- upgrade pip
+- name: Update pip
+  become: yes
+  pip:
+    name: ['pip']
+    state: latest
+
+# pip install openstacksdk, required for the interaction with openstack API
+- name: Install openstacksdk
+  become: yes
+  pip:
+    name: ['openstacksdk']
+    state: latest
+
+#pip install docker
+- name: Install docker
+  become: yes
+  pip:
+    name: ['docker']
+    state: latest
+
+# sudo apt-get install git
+- name: Install git
+    become: yes
+    apt: 
+        name: ['git'] 
+        state: latest
+        update_cache: yes
+  when: ansible_distribution == "Ubuntu"
+       

Ansible/nectar/roles/openstack-images/tasks/main.yaml

+# show all available Openstack images
+
+- name: Retrieve all available Openstack images
+  os_image_facts:
+
+- name: Get image names and Ids
+  set_fact:
+    image_facts: "{{ image_facts|default([]) + [ {'name': item.name, 'id': item.id} ] }}"
+    loop: '{{ openstack_image }}'
+    when: item.name is defined
+
+- name: Show images
+  debug:
+    msg: "Image name: {{ item.name }}; Image id: {{ item.id }}"
+  loop: '{{ image_facts }}'
+  
\ No newline at end of file

Ansible/nectar/roles/openstack-instance/tasks/main.yaml

+# Create an instance on NeCTAR
+- name: Create instances
+  os_server:
+    name: '{{ item.instance_name }}'
+    image: '{{ item.instance_image }}'
+    key_name: '{{ item.instance_key_name }}'
+    flavor: '{{ item.instance_flavor }}'
+    availability_zone: '{{ availability_zone }}'
+    security_groups: '{{sg_names }}'
+    auto_floating_ip: yes
+    wait: yes
+    timeout: 600
+    state: present
+  loop: '{{ instances }}'
+  register: os_instance
+
+- debug:
+    msg: "Instance {{ instance_name }} has been created. IP address is {{ os_instance.openstack.public_v4 }}"
+  when: os_instance.openstack is defined
+
+#get a list of instance Ids from the return value of os_instance
+- name: Create a list of instance Ids
+  set_fact:
+    os_instance_ids: '{{ os_instance_ids|default([]) + [ item.id ] }}'
+  loop: '{{ os_instance.results }}'
+
+- debug:
+    msg: "Instance {{ os_instance_ids }} has been created."
+  when: os_instance.name is defined

Ansible/nectar/roles/openstack-security-group/tasks/main.yaml

+# create a security group
+- name: Create a security group
+  os_security_group:
+    name: '{{ item.name }}'
+    description: '{{ item.description }}'
+    state: present
+  loop: '{{ security_groups }}'
+
+- name: Create a list of security group names
+  set_fact:
+    sg_names: '{{ sg_names|default([]) + [ item.name ] }}'
+  loop: '{{ security_groups }}'
+
+- debug:
+    msg: "Security group(s) {{ sg_names }} has been created. "
+
+# create security group rules
+- name: Create security group rules
+  os_security_group_rule:
+    security_group: '{{ item.name }}'
+    protocol: '{{ item.protocol }}'
+    port_range_min: '{{ item.port_range_min }}'
+    port_range_max: '{{ item.port_range_max }}'
+    remote_ip_prefix: '{{ item.remote_ip_prefix }}'
+    state: present
+  loop: '{{ security_groups }}'
+  
\ No newline at end of file

Ansible/nectar/roles/openstack-setup/tasks/main.yaml

+Attach a volume
+- name: attach master volume to master
+  os_server_volume:
+    state: present
+    server: '{{ os_instance_ids|first }}'
+    volume: '{{ os_vol_ids|first }}'
+    device: /dev/vdb
+- name: attach volume1 to instance1
+  os_server_volume:
+    state: present
+    server: '{{ os_instance_ids|second }}'
+    volume: '{{ os_vol_ids|second }}'
+    device: /dev/vdb
+- name: attach volume2 to instance2
+  os_server_volume:
+    state: present
+    server: '{{ os_instance_ids|third }}'
+    volume: '{{ os_vol_ids|third }}'
+    device: /dev/vdb
+
+
+
+

Ansible/nectar/roles/openstack-volume-snapshot/tasks/main.yaml

+# create volume snapshot
+- name: Create volume snapshot
+  os_volume_snapshot:
+    state: present
+    volume: '{{ item.vol_name }}'
+    display_name: "{{ item.vol_name }}-{{ lookup('pipe', 'date +%Y-%m-%d-%H-%M-%S') }}"
+    wait: yes # wait until the snapshot is created
+    timeout: 600
+    force: yes
+    availability_zone: '{{ availability_zone }}'
+  loop: '{{ volumes }}'
+   
\ No newline at end of file

Ansible/nectar/roles/openstack-volume/tasks/main.yaml

+# create volumes from variables
+- name: Create volume(s) on NeCTAR
+  os_volume:
+    display_name: '{{ item.vol_name }}'
+    size: '{{ item.vol_size }}'
+    availability_zone: '{{ availability_zone }}'
+    wait: yes
+    timeout: 600
+    state: present
+  loop: '{{ volumes }}'
+  register: os_vol
+
+#get a list of volume Ids from the return value of os_volume
+- name: Create a list of volume Ids
+  set_fact:
+    os_vol_ids: '{{ os_vol_ids|default([]) + [ item.id ] }}'
+  loop: '{{ os_vol.results }}'
+
+- debug:
+    msg: "Volume {{ os_vol_ids }} has been created."
+    
\ No newline at end of file

Ansible/nectar/run-nectar.sh

+#!/bin/bash
+
+. ./unimelb-comp90024-group-69-openrc.sh; ansible-playbook --ask-become-pass nectar.yaml

Ansible/nectar/unimelb-comp90024-group-69-openrc.sh

+#!/usr/bin/env bash
+# To use an OpenStack cloud you need to authenticate against the Identity
+# service named keystone, which returns a **Token** and **Service Catalog**.
+# The catalog contains the endpoints for all services the user/tenant has
+# access to - such as Compute, Image Service, Identity, Object Storage, Block
+# Storage, and Networking (code-named nova, glance, keystone, swift,
+# cinder, and neutron).
+#
+# *NOTE*: Using the 3 *Identity API* does not necessarily mean any other
+# OpenStack API is version 3. For example, your cloud provider may implement
+# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
+# only for the Identity API served through keystone.
+export OS_AUTH_URL=https://keystone.rc.nectar.org.au:5000/v3/
+# With the addition of Keystone we have standardized on the term **project**
+# as the entity that owns the resources.
+export OS_PROJECT_ID=dee2d1529c81423fa20cea727c20d0fb
+export OS_PROJECT_NAME="unimelb-comp90024-group-69"
+export OS_USER_DOMAIN_NAME="Default"
+if [ -z "$OS_USER_DOMAIN_NAME" ]; then unset OS_USER_DOMAIN_NAME; fi
+export OS_PROJECT_DOMAIN_ID="default"
+if [ -z "$OS_PROJECT_DOMAIN_ID" ]; then unset OS_PROJECT_DOMAIN_ID; fi
+# unset v2.0 items in case set
+unset OS_TENANT_ID
+unset OS_TENANT_NAME
+# In addition to the owning entity (tenant), OpenStack stores the entity
+# performing the action as the **user**.
+export OS_USERNAME="weiting.zhang1@student.unimelb.edu.au"
+# With Keystone you pass the keystone password.
+echo "Please enter your OpenStack Password for project $OS_PROJECT_NAME as user $OS_USERNAME: "
+read -sr OS_PASSWORD_INPUT
+export OS_PASSWORD=$OS_PASSWORD_INPUT
+# If your configuration has multiple regions, we set that information here.
+# OS_REGION_NAME is optional and only valid in certain environments.
+export OS_REGION_NAME="Melbourne"
+# Don't leave a blank variable, unset it if it was empty
+if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
+export OS_INTERFACE=public
+export OS_IDENTITY_API_VERSION=3
\ No newline at end of file

Ansible/setup/APIpassword.txt

+NGExZGEyYTg5MDRiYWI0
+
+
+#Note: first run the command "chmod a+x run-web.sh"
+# and then run the command "./run-web.sh"
+
+# ssh to master
+# ssh -i deployment_key.txt ubuntu@172.26.37.182

Ansible/setup/deployment_key.txt

+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAu6j5UCFfXI/Qs2rASiCZkeZaM3J6bbi8IgvS0wZs2KgSQMMJ
+Sp/FwJvsxG5ayl+cA2DoytpvFvnJkKgLvOtXMOb5GH3Kdv93ru3G5x5LoOMsSNEj
+pM5t4D52UY1XrsaDt45Oa1Ca2T4KbwJXd1QRMd1hUVkT9yKILVp5kTF1bW2uJMrg
+tzJ7XcSkvxnmCYauCM82AY/+obZVLoms1iUNpAlghPessSorlSsGkreGIgczRXk9
+CmVEf05efufL6xA9Jz5Hh4fn3SzAn+DgDJ58AXT6KhqqkkWyQ94CVQtP6Ierd2rD
+N0S+pmtWJRXsZAGBpM0KCriJPcDwvYB9MOtRawIDAQABAoIBABvOgvrTpxzBFqyv
+QcT6JadP2cfLy8ZcXEwzMk8goZpM9T9xZvwOxq+uqxvEOmHIXwbFIlmEmnduFecA
+b5TTznypjPmLEigl3KcoBpQSkiRJ5TL5Am4WRIO43bFh3z8/nR7i0E3oiLluDv+5
++hntdArOgfAa4fF5xXHq+R6BlKPdHq9IL1tP3VJgkIkVNYXiM10m1o3eSu6BoEAq
+LZA32pgVTuYEu5L22pfq0qgDEr2Xyk9SN61SA4Czn7qZ4pU3IjGK05WIXNZAA8eJ
+M2bjWMZ384cxRldJcye0fuFJzj/I0DE2e2KIkESy/3zXIn3y9amJX3PrS/H6b0Oh
+9sBY7BECgYEA5O1Wgf/zgns494gm3mxCp2K/pB/V62SeKT8RFni3vhhN/sY2/lHd
+9fD1LyUR8Ec6P2Q7Y/4lEEStPtVIhWJp0w3oWGonBfJyA2IEnqKojzkqxgvGDOub
+TlsWlCTqIy0Fa1aOX9SeAeGcumioMzeBSPSeSLnxjBw918Z2EJba+nkCgYEA0dpL
+kkQ5Lqghd40bS3DhMFgGPtmBiMPeLpO/MQu/ONLVHIlhLtCx85xsLz53WmrhaXon
+H7x2K+E7pUIwPAoD4gBRV//GhilXv+qBNAvNfqW8lniFB0toBpxP/uuY1+kqd1RT
+7Gn0dRV+YmB9B+NcdWmwqqm6k3Bgc58k7yM08gMCgYAq3gaE8Vi35jsUnvooTD1u
++p7ILO3x1jWHo7efbZt6jTKNsrA5jzrxAt3mphpl0/CkTjCQ2NY35aRLT8T0tSj7
+zG7ln3sPMgcHeyNCUVMe/qVz0GCVqsi6M3RW6VKuo4+QOfUPHNE5qPWgMljMvmgH
+MUcydx80DVXHQfJ5yMXYgQKBgFfOfVyAS2ToWMiLNGaGntL5ofNeU0MEoczfaVp+
+Tc7a+Ozt1sod7LfANcw22P3uRs85m3E+DDwkDC8D2ObmUeWYuHCXx1uPpPXai6FZ
+ZuydMKHNX+xDcw2BDj/eGKAPIgO4Nz1uwCjVi4JiWS6ZxbAjPxbJ2hWjKdh3OJ8P
+HjI9AoGAfi08ZLqS4mYcGxbMfzdZY5X8lOk38pxE0CffzehU5/8c9W9qVSqnAttT
+XWmiWMWBWnlByophlAhLICVpz5SrsIQmfsofh3L8Jb+TiBHhj1JVIiBNmeNg7VSe
+4sbRuUM5B1UWBqWlRY7C2NdjKcOHXZ90a3+vUylQdvkcDM4+IBg=
+-----END RSA PRIVATE KEY-----

Ansible/setup/host_vars/nectar.yaml

+# define the device and mounting point of volumes
+# volume
+volumes:
+  - device: /dev/vdb
+    mountpoint: /data
+
+# define the working directory
+working_dir: something
+
+# details for database
+database_name: something
+database_user: something
+database_password: something
+mysql_root_password: "P@ssword"
+
+

Ansible/setup/hosts

+[server]
+172.26.37.182 ansible_connection=ssh ansible_user=ubuntu ansible_ssh_private_key_file=deployment_key.txt
+172.26.38.4 ansible_connection=ssh ansible_user=ubuntu ansible_ssh_private_key_file=deployment_key.txt
+172.26.38.157 ansible_connection=ssh ansible_user=ubuntu ansible_ssh_private_key_file=deployment_key.txt
\ No newline at end of file

Ansible/setup/nectar.retry

+172.26.37.182

Ansible/setup/nectar.yaml

+# playbook file
+
+- hosts: server
+  become: yes
+  vars_files:
+    - host_vars/nectar.yaml
+  gather_facts: true
+
+  roles:
+    - role: common
+    - role: volumes
+    - role: docker
+

Ansible/setup/roles/common/tasks/main.yaml

+# this file is for installing dependencies on the host
+
+- name: Gather facts of remote host
+  setup:
+    gather_subset: all
+
+- name: Install dependencies
+  tags: always
+  become: yes
+  apt:
+    name: ['apt-transport-https', 'build-essential', 'ca-certificates', 'curl', 'git', 'python-pip', 'python-setuptools']
+    state: latest
+    install_recommends: no
+    update_cache: yes
+
+# pip install -- upgrade pip
+- name: Update pip
+  tags: always
+  become: yes
+  pip:
+    name: ['pip']
+    state: latest
+
+- name: add internet proxy
+  lineinfile:
+    dest: /etc/environment
+    regexp: '^\n'
+    insertafter: '^\n'
+    line: "{{ item.line }}" 
+  with_items:
+    - { line: 'http_proxy="http://wwwproxy.unimelb.edu.au:8000"' }
+    - { line: 'https_proxy="http://wwwproxy.unimelb.edu.au:8000"' } 
+    - { line: 'ftp_proxy="http://wwwproxy.unimelb.edu.au:8000"' }
+    - { line: 'no_proxy=localhost,127.0.0.1,127.0.1.1,ubuntu' }
+
+
+       
\ No newline at end of file