Ansible repository with playbooks to manage azure objects

jdongmo 2ec71e1c12 Add Jenkinsfile for continuous deployment		4 роки тому
files	update information files	4 роки тому
inventory	Update ansible config	4 роки тому
roles	Update/Add roles to manage azure resources	4 роки тому
vars	update information files	4 роки тому
Dockerfile	Add Dockerfile	4 роки тому
Jenkinsfile	Add Jenkinsfile for continuous deployment	4 роки тому
LICENSE	update information files	4 роки тому
Readme.md	first commit	5 роки тому
ansible.cfg	Update ansible config	4 роки тому
infra.yml	update infra playbook	4 роки тому
playbook_address_group.yml	Add recipes to build azure infra.	5 роки тому
playbook_analytics_workspace.yml	Update playbooks to manage resources	4 роки тому
playbook_application_gateway.yml	Add playbook to manage some azure resources	4 роки тому
playbook_availability_set.yml	Update playbooks to manage resources	4 роки тому
playbook_backendpool.yml	Add playbook to manage some azure resources	4 роки тому
playbook_connect_vm_workspace.yml	Add recipes to build azure infra.	5 роки тому
playbook_connection.yml	Add playbook to manage some azure connection	4 роки тому
playbook_ip.yml	Add recipes to build azure infra.	5 роки тому
playbook_load_balancer.yml	Update playbooks to manage resources	4 роки тому
playbook_local_network_gateway.yml	Add playbook to manage some azure resources	4 роки тому
playbook_managed_disk.yml	Add playbook to manage some azure resources	4 роки тому
playbook_network_interface_card.yml	Update playbooks to manage resources	4 роки тому
playbook_network_security_group.yml	Update playbooks to manage resources	4 роки тому
playbook_other_resource.yml	Add playbook to manage some azure resources	4 роки тому
playbook_peering.yml	Update playbooks to manage resources	4 роки тому
playbook_public_ip.yml	Add playbook to manage some azure resources	4 роки тому
playbook_resource_group.yml	Update playbooks to manage resources	4 роки тому
playbook_route.yml	Add recipes to build azure infra.	5 роки тому
playbook_routing_table.yml	Update playbooks to manage resources	4 роки тому
playbook_sentinel.yml	Update playbooks to manage resources	4 роки тому
playbook_ssh_public_key.yml	Add playbook to manage some azure resources	4 роки тому
playbook_storage_account.yml	Update playbooks to manage resources	4 роки тому
playbook_subnet.yml	Update playbooks to manage resources	4 роки тому
playbook_udr.yml	Add playbook to manage some azure resources	4 роки тому
playbook_virtual_machine.yml	Update playbooks to manage resources	4 роки тому
playbook_virtual_machine_extension.yml	Add playbook to manage some azure resources	4 роки тому
playbook_virtual_network.yml	Update playbooks to manage resources	4 роки тому
playbook_virtual_network_gateway.yml	Add playbook to manage some azure resources	4 роки тому
run.sh	Add recipes to build azure infra.	5 роки тому

Readme.md

Devops

Ansible repository to perform automatic tasks in Azure cloud.

Requirements

To run Azure recipe, you should have Azure variable (credentials and location) set in environment or having vault file with authentication variables

The host running plays must have python3 installed and library in requirements.txt file

yum install python3-pip

apt install python3-pip

Then install required libraries

pip3 install -r requirements.txt --user

The host must also have following packages:

sshpass
azure-cli

yum install sshpass azure-cli

apt install sshpass azure-cli

Give azure credentials in environment variables or with az command or using an encrypted vault file _creds.yml

---
azure_subscription_id: 5fc52367-fb6a-483d-a5ee-c1f218fa0dss
#Connect using AD account
azure_ad_user: user@domain.tld
azure_password: **************
#Connect using service principal
azure_client_id: a747fc62-38fa-453d-a5fa-ab3039a464cc
azure_secret: *******************************
azure_tenant: 893d20a5-1b00-47ed-9370-10f37cbf5t8a
...

And encrypt it with ansible-vault

example:
ansible-vault encrypt --vault-password-file  ~/.ssh/creds/vault_password.txt inventory/group_vars/jumpboxes/_creds.yml

Run

To run a playbook, we’ll use wrapper script run.sh To run default infrastructure playbook infra.yml who create all the infra

./run.sh -v

To run another playbook playbook.yml after default playbook

./run.sh -v playbook.yml

To only play another playbook playbook.yml

ANSIBLE_PLAYBOOK_FILE=playbook.yml ./run.sh -v

To only play another playbook (playbook.yml) against specific host host

ANSIBLE_PLAYBOOK_FILE=playbook.yml ./run.sh -v --limit host

Docker

We have a Dockerfile in order to generate a docker image to use it for running play in an controled environment.

Build image: docker build -t devops-docker .
Run a play using this image:

docker run -e -e "ANSIBLE_PLAYBOOK_FILE=playbook.yml" --entrypoint "./run.sh"
devops-docker -v --limit host