Skip to content

Update SKC playbook paths #98

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 3, 2025
Merged

Update SKC playbook paths #98

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 17 additions & 17 deletions ansible/files/multinode.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,7 @@ function deploy_seed() {

function deploy_seed_vault() {
# Deploy hashicorp vault to the seed
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-deploy-seed.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store/secret-store-deploy-seed.yml
# Encrypt either vault or openbao certificate keys
encrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/vault/OS-TLS-INT.pem
encrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/vault/seed-vault-keys.json
Expand Down Expand Up @@ -168,10 +168,10 @@ function copy_ca_to_seed() {
}

function deploy_ceph() {
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/cephadm-deploy.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/ceph/cephadm-deploy.yml
sleep 30
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/cephadm.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/cephadm-gather-keys.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/ceph/cephadm.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/ceph/cephadm-gather-keys.yml
}

function deploy_overcloud_vault() {
Expand All @@ -182,21 +182,21 @@ function deploy_overcloud_vault() {
fi

# Deploy hashicorp vault to the controllers
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-deploy-overcloud.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store/secret-store-deploy-overcloud.yml
# Encrypt either vault or openbao certificate keys
encrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/vault/overcloud-vault-keys.json
encrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/openbao/overcloud-openbao-keys.json
}

function generate_overcloud_certs() {
# Generate external tls certificates
if [[ -f $KAYOBE_CONFIG_PATH/ansible/secret-store-generate-test-external-tls.yml ]]; then
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-generate-test-external-tls.yml
if [[ -f $KAYOBE_CONFIG_PATH/ansible/secret-store/secret-store-generate-test-external-tls.yml ]]; then
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store/secret-store-generate-test-external-tls.yml
encrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/kolla/certificates/haproxy.pem
fi

# Generate internal tls certificates
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-generate-internal-tls.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store/secret-store-generate-internal-tls.yml
encrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/kolla/certificates/haproxy-internal.pem

# If ProxySQL certificate and key are generated, encrypt them
Expand All @@ -205,7 +205,7 @@ function generate_overcloud_certs() {
done

# Generate backend tls certificates
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-generate-backend-tls.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store/secret-store-generate-backend-tls.yml
for cert in $(ls -1 $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/kolla/certificates/*-key.pem); do
encrypt_file $cert
done
Expand All @@ -227,7 +227,7 @@ function generate_barbican_secrets() {
decrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/secrets.yml
sed -i "s/secret_id:.*/secret_id: $(uuidgen)/g" $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/secrets.yml
encrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/secrets.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-deploy-barbican.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store/secret-store-deploy-barbican.yml
decrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/secrets.yml
sed -i "s/role_id:.*/role_id: $(cat /tmp/barbican-role-id)/g" $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/secrets.yml
encrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/secrets.yml
Expand Down Expand Up @@ -257,10 +257,10 @@ function deploy_wazuh() {
run_kayobe infra vm host configure

# Deploy Wazuh
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/wazuh-secrets.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/deployment/wazuh-secrets.yml
encrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/wazuh-secrets.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/wazuh-manager.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/wazuh-agent.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/deployment/wazuh-manager.yml
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/deployment/wazuh-agent.yml
}

function create_resources() {
Expand Down Expand Up @@ -387,8 +387,8 @@ function deploy_full() {

function upgrade_overcloud() {
# Generate external tls certificates if it was previously disabled.
if [[ -f $KAYOBE_CONFIG_PATH/ansible/secret-store-generate-test-external-tls.yml ]] && [[ ! -f $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/kolla/certificates/haproxy.pem ]]; then
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-generate-test-external-tls.yml
if [[ -f $KAYOBE_CONFIG_PATH/ansible/secret-store/secret-store-generate-test-external-tls.yml ]] && [[ ! -f $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/kolla/certificates/haproxy.pem ]]; then
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store/secret-store-generate-test-external-tls.yml
encrypt_file $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/kolla/certificates/haproxy.pem
fi

Expand Down Expand Up @@ -416,14 +416,14 @@ function minor_upgrade() {
set -f
run_kayobe seed host package update --packages '*'
set +f
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/reboot.yml --limit seed
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/maintenance/reboot.yml --limit seed

# Upgrade overcloud host packages
run_kayobe overcloud host configure
set -f
run_kayobe overcloud host package update --packages '*'
set +f
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/reboot.yml --limit overcloud
run_kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/maintenance/reboot.yml --limit overcloud

# Upgrade overcloud containers
run_kayobe overcloud service deploy
Expand Down