Merge pull request #28 from jefferyfry/master

Updated/added READMEs. Changes to playbooks. Added license file, syst…
2026-01-21 04:06:55 -06:00 · 2020-05-25 18:12:04 -07:00
parent 22b1b8eb36 8c40d2b2d1
commit 3f71b891f5
13 changed files with 94 additions and 55 deletions
--- a/Ansible/README.md
+++ b/Ansible/README.md
@@ -0,0 +1,35 @@
+# JFrog Ansible Collection
+
+This Ansible directory consists of the following directories that support the JFrog Ansible collection.
+ 
+ * [collection directory](collection) - This directory contains the Ansible collection package that has the Ansible roles for Artifactory and Xray. See the collection [README](collection/README.md) for details on the available roles and variables.
+ * [infra directory](infra) - This directory contains example infrastructure templates that can be used for testing and as example deployments.
+ * [project directory](project) - This directory contains example playbooks for various architectures from single Artifactory (RT) deployments to high-availability setups.
+ * [test directory](test) - This directory contains Gradle tests that can be used to verify a deployment. It also has Ansible playbooks for creating infrastructure, provisioning software and testing with Gradle.
+ 
+ ## Getting Started
+ 
+ 1. Install this collection or the roles in your Ansible path using your ansible.cfg file. The following is an example:
+ ```
+# Installs collections into [current dir]/ansible_collections/namespace/collection_name
+collections_paths = ~/.ansible/collections:/usr/share/ansible/collections:collection
+
+# Installs roles into [current dir]/roles/namespace.rolename
+roles_path = Ansible/collection/jfrog/ansible/roles
+```
+ 2. Ansible uses SSH to connect to hosts. Ensure that your SSH private key is on your client and the public keys are installed on your Ansible hosts. If you are using a bastion host, you can add the following Ansible variable to allow proxying through the bastion host.
+ ```
+ ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A user@host -W %h:%p"'
+ 
+ eg.
+ ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"'
+ ```
+ 3. Create your inventory file. Use one of the examples from the [project directory](project) to construct an inventory file (hosts.yml) with the host addresses and variables.
+ 
+ 4. Create your playbook. Use one of the examples from the [project directory](project) to construct a playbook using the JFrog Ansible roles. These roles will be applied to your inventory and provision software.
+ 
+ 5. Then execute with the following command to provision the JFrog software with Ansible. Variables can also be passed in at the command-line.
+ 
+ ```
+ansible-playbook -i hosts.yml playbook.yml --extra-vars "master_key=$(openssl rand -hex 16) join_key=$(openssl rand -hex 16)"
+```
--- a/Ansible/collection/README.md
+++ b/Ansible/collection/README.md
@@ -32,10 +32,13 @@ The following Vars must be configured.
 * db_user: The database user to configure. eg. "artifactory"
 * db_password: The database password to configure. "Art1fact0ry"
 * server_name: This is the server name. eg. "artifactory.54.175.51.178.xip.io"
+* system_file: Your own system YAML file can be specified and used. If specified, this file will be used rather than constructing a file from the parameters above.
+* binary_store_file: Your own binary store file can be used. If specified, the default cluster-file-system will not be used.

 ### primary vars
 * artifactory_is_primary: For the primary node this must be set to **true**.
 * artifactory_license1 - 5: These are the cluster licenses.
+* artifactory_license_file: Your own license file can be used. If specified, a license file constructed from the licenses above will not be used.

 ### secondary vars
 * artifactory_is_primary: For the secondary node(s) this must be set to **false**.
--- a/Ansible/collection/jfrog/ansible/roles/artifactory/defaults/main.yml
+++ b/Ansible/collection/jfrog/ansible/roles/artifactory/defaults/main.yml
@@ -6,7 +6,7 @@ ansible_marketplace: standalone
 # The version of Artifactory to install
 artifactory_version: 7.4.1

-# licenses
+# licenses file - specify a licenses file or specify up to 5 licenses
 artifactory_license1:
 artifactory_license2:
 artifactory_license3:
@@ -26,9 +26,6 @@ artifactory_download_directory: /opt/jfrog
 artifactory_file_store_dir: /data

 # Pick the Artifactory flavour to install, can be also cpp-ce, jcr, pro.
-# note that for "pro" version, the artifactory_zip URL would need to be overridden to e.g.:
-# https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}.zip
-# https://dl.bintray.com/jfrog/artifactory-pro/org/artifactory/pro/jfrog-artifactory-pro/{{ artifactory_version }}/jfrog-artifactory-pro-{{ artifactory_version }}-linux.tar.gz
 artifactory_flavour: pro

 extra_java_opts: -server -Xms2g -Xmx14g -Xss256k -XX:+UseG1GC
--- a/Ansible/collection/jfrog/ansible/roles/artifactory/tasks/main.yml
+++ b/Ansible/collection/jfrog/ansible/roles/artifactory/tasks/main.yml
@@ -52,11 +52,19 @@
    group: "{{ artifactory_group }}"
  become: yes

+- name: use specified system yaml
+  copy:
+    src: "{{ system_file }}"
+    dest: "{{ artifactory_home }}/var/etc/system.yaml"
+  become: yes
+  when: system_file is defined
+
 - name: configure system yaml
  template:
    src: system.yaml.j2
    dest: "{{ artifactory_home }}/var/etc/system.yaml"
  become: yes
+  when: system_file is not defined

 - name: ensure {{ artifactory_home }}/var/etc/security/ exists
  file:
@@ -92,18 +100,33 @@
    dest: "{{ artifactory_home }}/var/etc/info/installer-info.json"
  become: yes

- name: configure binary store
+- name: use specified binary store
+  copy:
+    src: "{{ binary_store_file }}"
+    dest: "{{ artifactory_home }}/var/etc/binarystore.xml"
+  become: yes
+  when: binary_store_file is defined
+
+- name: use default binary store
  template:
    src: binarystore.xml.j2
    dest: "{{ artifactory_home }}/var/etc/binarystore.xml"
  become: yes
+  when: binary_store_file is not defined

- name: configure cluster license
+- name: use license file
+  copy:
+    src: "{{ artifactory_license_file }}"
+    dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
+  become: yes
+  when: artifactory_license_file is defined and artifactory_is_primary == true
+
+- name: use license strings
  template:
    src: artifactory.cluster.license.j2
    dest: "{{ artifactory_home }}/var/etc/artifactory/artifactory.cluster.license"
  become: yes
-  when: artifactory_is_primary == true
+  when: artifactory_license_file is not defined and artifactory_is_primary == true

 - name: download database driver
  get_url:
--- a/Ansible/project/rt-xray-auto-keys/playbook.yml
+++ b/Ansible/project/rt-xray-auto-keys/playbook.yml
@@ -6,16 +6,13 @@
    var: join_key

 - hosts: database
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/postgres
+    - postgres

 - hosts: artifactory
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/artifactory
+    - artifactory

 - hosts: xray
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/xray
+    - xray
--- a/Ansible/project/rt-xray-ha-ssh-proxy/playbook.yml
+++ b/Ansible/project/rt-xray-ha-ssh-proxy/playbook.yml
@@ -1,15 +1,12 @@
 ---
 - hosts: database
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/postgres
+    - postgres

 - hosts: primary:secondary
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/artifactory
+    - artifactory

 - hosts: xray
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/xray
+    - xray
--- a/Ansible/project/rt-xray-ha/playbook.yml
+++ b/Ansible/project/rt-xray-ha/playbook.yml
@@ -1,15 +1,12 @@
 ---
 - hosts: database
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/postgres
+    - postgres

 - hosts: primary
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/artifactory
+    - artifactory

 - hosts: xray
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/xray
+    - xray
--- a/Ansible/project/rt-xray/playbook.yml
+++ b/Ansible/project/rt-xray/playbook.yml
@@ -1,15 +1,12 @@
 ---
 - hosts: database
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/postgres
+    - postgres

 - hosts: artifactory
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/artifactory
+    - artifactory

 - hosts: xray
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/xray
+    - xray
--- a/Ansible/project/rt/hosts.yml
+++ b/Ansible/project/rt/hosts.yml
@@ -2,30 +2,23 @@
 all:
    vars:
        ansible_user: "ubuntu"
-        ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem"
    children:
        database:
            hosts:
-                52.86.32.79:
+                54.83.163.100:
                    db_users:
-                        - { db_user: "artifactory", db_password: "Art1fAct0ry" }
+                        - { db_user: "artifactory", db_password: "{{ lookup('env', 'artifactory_password') }}" }
                    dbs:
                        - { db_name: "artifactory", db_owner: "artifactory" }
        primary:
            hosts:
-                100.25.104.198:
+                54.165.47.191:
                    artifactory_is_primary: true
-                    artifactory_license1: x
-                    artifactory_license2: x
-                    artifactory_license3: x
-                    artifactory_license4: x
-                    artifactory_license5: x
-                    master_key: "c97b862469de0d94fbb7d48130637a5a"
-                    join_key: "9bcca98f375c0728d907cc6ee39d4f02"
+                    artifactory_license_file: "{{ lookup('env', 'artifactory_license_file') }}"
                    db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar"
                    db_type: "postgresql"
                    db_driver: "org.postgresql.Driver"
-                    db_url: "jdbc:postgresql://10.0.0.160:5432/artifactory"
+                    db_url: "jdbc:postgresql://10.0.0.219:5432/artifactory"
                    db_user: "artifactory"
-                    db_password: "Art1fAct0ry"
-                    server_name: "ec2-100-25-104-198.compute-1.amazonaws.com"
+                    db_password: "{{ lookup('env', 'artifactory_password') }}"
+                    server_name: "ec2-54-165-47-191.compute-1.amazonaws.com"
--- a/Ansible/project/rt/playbook.yml
+++ b/Ansible/project/rt/playbook.yml
@@ -1,10 +1,8 @@
 ---
 - hosts: database
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/postgres
+    - postgres

 - hosts: primary
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/artifactory
+    - artifactory
--- a/Ansible/project/rt/runPlaybook.sh
+++ b/Ansible/project/rt/runPlaybook.sh
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+ansible-playbook -i Ansible/project/rt/hosts.yml Ansible/project/rt/playbook.yml --extra-vars "master_key=$(openssl rand -hex 16) join_key=$(openssl rand -hex 16)"
--- a/Ansible/project/ssl/playbook.yml
+++ b/Ansible/project/ssl/playbook.yml
@@ -1,11 +1,9 @@
 ---
 - hosts: database
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/postgres
+    - postgres

 - hosts: primary
-  gather_facts: true
  roles:
-    - jfrog/ansible/roles/artifactory
-    - jfrog/ansible/roles/artifactory-nginx-ssl
+    - artifactory
+    - artifactory-nginx-ssl
--- a/README.md
+++ b/README.md
@@ -5,3 +5,4 @@ Template to deploy/manage JFrog Artifactory enterprise cluster on various cloud
 * [Terraform](Terraform/README.md)
 * [CloudFormation](CloudFormation/README.md)
 * [Azure Resource Manager](AzureResourceManager/README.md)
+* [Ansible](Ansible/README.md)