Proxmox playbook and unifi ap

This commit is contained in:
Alexandre Iooss 2019-11-01 15:17:59 +01:00
parent 5b3ac2a21a
commit 6dec3ed0d1
No known key found for this signature in database
GPG key ID: 6C79278F3FCDCC02
4 changed files with 432 additions and 122 deletions

227
hosts
View file

@ -31,36 +31,222 @@ freya.adm.auro.re
marki.adm.auro.re
[fleming_vm]
#ldap-replica-fleming1.adm.auro.re
#ldap-replica-fleming2.adm.auro.re
#dhcp-fleming.adm.auro.re
#dns-fleming.adm.auro.re
#prometheus-fleming.adm.auro.re
#radius-fleming.adm.auro.re
#unifi-fleming.adm.auro.re
ldap-replica-fleming.adm.auro.re
dhcp-fleming.adm.auro.re
dns-fleming.adm.auro.re
prometheus-fleming.adm.auro.re
radius-fleming.adm.auro.re
unifi-fleming.adm.auro.re
routeur-fleming.adm.auro.re
[fleming_unifi]
fa-0-1.borne.auro.re
fa-1-1.borne.auro.re
fa-2-1.borne.auro.re
fa-2-2.borne.auro.re
fa-3-1.borne.auro.re
fa-4-1.borne.auro.re
fb-0-1.borne.auro.re
fb-1-1.borne.auro.re
fb-1-2.borne.auro.re
fb-2-1.borne.auro.re
fb-2-2.borne.auro.re
fb-3-1.borne.auro.re
fb-3-2.borne.auro.re
fb-4-1.borne.auro.re
fb-4-2.borne.auro.re
fc-0-1.borne.auro.re
fc-1-1.borne.auro.re
fc-2-1.borne.auro.re
fc-3-1.borne.auro.re
fc-4-1.borne.auro.re
fd-0-1.borne.auro.re
fd-1-1.borne.auro.re
fd-2-1.borne.auro.re
fd-3-1.borne.auro.re
fd-4-1.borne.auro.re
fe-0-1.borne.auro.re
fe-1-1.borne.auro.re
fe-1-2.borne.auro.re
fe-2-1.borne.auro.re
fe-2-2.borne.auro.re
fe-3-1.borne.auro.re
fe-3-2.borne.auro.re
fe-4-1.borne.auro.re
fe-4-2.borne.auro.re
ff-0-1.borne.auro.re
ff-0-f.borne.auro.re
ff-1-1.borne.auro.re
ff-1-2.borne.auro.re
ff-2-1.borne.auro.re
ff-2-2.borne.auro.re
ff-3-1.borne.auro.re
ff-3-2.borne.auro.re
ff-4-1.borne.auro.re
ff-4-2.borne.auro.re
fg-0-1.borne.auro.re
fg-1-1.borne.auro.re
fg-1-2.borne.auro.re
fg-2-1.borne.auro.re
fg-2-2.borne.auro.re
fg-3-1.borne.auro.re
fg-3-2.borne.auro.re
fg-4-1.borne.auro.re
fg-4-2.borne.auro.re
fh-0-1.borne.auro.re
fh-1-1.borne.auro.re
fh-1-2.borne.auro.re
fh-2-1.borne.auro.re
fh-2-2.borne.auro.re
fh-3-1.borne.auro.re
fh-3-2.borne.auro.re
fh-4-1.borne.auro.re
fh-4-2.borne.auro.re
fi-0-1.borne.auro.re
fi-1-1.borne.auro.re
fi-1-2.borne.auro.re
fi-2-1.borne.auro.re
fi-2-2.borne.auro.re
fi-3-1.borne.auro.re
fi-3-2.borne.auro.re
fi-4-1.borne.auro.re
fi-4-2.borne.auro.re
fj-0-1.borne.auro.re
fj-1-1.borne.auro.re
fj-1-2.borne.auro.re
fj-2-1.borne.auro.re
fj-2-2.borne.auro.re
fj-3-1.borne.auro.re
fj-3-2.borne.auro.re
fj-4-1.borne.auro.re
fj-4-2.borne.auro.re
fk-0-1.borne.auro.re
fk-1-1.borne.auro.re
fk-1-2.borne.auro.re
fk-2-1.borne.auro.re
fk-2-2.borne.auro.re
fk-3-1.borne.auro.re
fk-3-2.borne.auro.re
fk-4-1.borne.auro.re
fk-4-2.borne.auro.re
fl-0-1.borne.auro.re
fl-1-1.borne.auro.re
fl-1-2.borne.auro.re
fl-2-1.borne.auro.re
fl-2-2.borne.auro.re
fl-3-1.borne.auro.re
fl-3-2.borne.auro.re
fl-4-1.borne.auro.re
fl-4-2.borne.auro.re
[pacaterie_physical]
mordred.adm.auro.re
titan.adm.auro.re
[pacaterie_vm]
#ldap-replica-pacaterie.adm.auro.re
#dhcp-pacaterie.adm.auro.re
#dns-pacaterie.adm.auro.re
#prometheus-pacaterie.adm.auro.re
#radius-pacaterie.adm.auro.re
#unifi-pacaterie.adm.auro.re
ldap-replica-pacaterie.adm.auro.re
dhcp-pacaterie.adm.auro.re
dns-pacaterie.adm.auro.re
prometheus-pacaterie.adm.auro.re
radius-pacaterie.adm.auro.re
unifi-pacaterie.adm.auro.re
routeur-pacaterie.adm.auro.re
[pacaterie_unifi]
pc-1-1.borne.auro.re
pn-0-1.borne.auro.re
pn-0-2.borne.auro.re
pn-0-3.borne.auro.re
pn-1-1.borne.auro.re
pn-1-2.borne.auro.re
pn-1-3.borne.auro.re
pn-2-1.borne.auro.re
pn-2-2.borne.auro.re
pn-2-3.borne.auro.re
pn-3-1.borne.auro.re
pn-3-2.borne.auro.re
pn-3-3.borne.auro.re
pn-4-1.borne.auro.re
pn-4-2.borne.auro.re
pn-4-3.borne.auro.re
ps-0-1.borne.auro.re
ps-0-2.borne.auro.re
ps-0-3.borne.auro.re
ps-1-1.borne.auro.re
ps-1-2.borne.auro.re
ps-1-3.borne.auro.re
ps-2-1.borne.auro.re
ps-2-2.borne.auro.re
ps-2-3.borne.auro.re
ps-3-1.borne.auro.re
ps-3-2.borne.auro.re
ps-4-1.borne.auro.re
ps-4-2.borne.auro.re
ps-4-3.borne.auro.re
[edc_physical]
chapalux.adm.auro.re
[edc_vm]
ldap-replica-edc.adm.auro.re
dhcp-edc.adm.auro.re
dns-edc.adm.auro.re
prometheus-edc.adm.auro.re
radius-edc.adm.auro.re
unifi-edc.adm.auro.re
routeur-edc.adm.auro.re
[edc_unifi]
ep-0-1.borne.auro.re
[georgesand_physical]
perceval.adm.auro.re
[georgesand_vm]
ldap-replica-georgesand.adm.auro.re
dhcp-georgesand.adm.auro.re
dns-georgesand.adm.auro.re
prometheus-georgesand.adm.auro.re
radius-georgesand.adm.auro.re
unifi-georgesand.adm.auro.re
routeur-georgesand.adm.auro.re
[georgesand_unifi]
ga-0-1.borne.auro.re
ga-1-1.borne.auro.re
ga-2-1.borne.auro.re
ga-3-1.borne.auro.re
ga-4-1.borne.auro.re
ga-5-1.borne.auro.re
ga-5-2.borne.auro.re
gb-1-1.borne.auro.re
gb-2-1.borne.auro.re
gb-3-1.borne.auro.re
gb-4-1.borne.auro.re
gb-5-1.borne.auro.re
gc-1-1.borne.auro.re
gc-2-1.borne.auro.re
gc-3-1.borne.auro.re
gc-4-1.borne.auro.re
gc-5-1.borne.auro.re
gd-1-1.borne.auro.re
gd-2-1.borne.auro.re
gd-3-1.borne.auro.re
gd-4-1.borne.auro.re
gd-5-1.borne.auro.re
gd-garage-1.borne.auro.re
ge-0-1.borne.auro.re
ge-1-1.borne.auro.re
ge-2-1.borne.auro.re
ge-3-1.borne.auro.re
ge-4-1.borne.auro.re
ge-5-1.borne.auro.re
gf-0-1.borne.auro.re
gf-1-1.borne.auro.re
gf-2-1.borne.auro.re
gf-3-1.borne.auro.re
gf-4-1.borne.auro.re
gf-5-1.borne.auro.re
#####################
# Geographic groups #
@ -76,21 +262,25 @@ ovh_vm
[fleming:children]
fleming_pve
fleming_vm
fleming_unifi
# everything at pacaterie
[pacaterie:children]
pacaterie_physical
pacaterie_vm
pacaterie_unifi
# everything at edc
[edc:children]
edc_physical
edc_vm
edc_unifi
# everything at georgesand
[georgesand:children]
georgesand_physical
georgesand_vm
georgesand_unifi
#####################
# Type groups #
@ -116,11 +306,12 @@ pacaterie_physical
edc_physical
georgesand_physical
# every server (except access points)
[server:children]
container
physical
vm
# every unifi access point
[unifi:children]
fleming_unifi
pacaterie_unifi
edc_unifi
georgesand_unifi
[all:vars]
# Force remote to use Python 3

View file

@ -1,12 +1,12 @@
---
# Deploy Prometheus
- hosts: prometheus-fleming.adm.auro.re
vars:
# Prometheus targets.json
prometheus_targets:
- targets: "{{ groups['server'] | list | sort }}"
- targets: |
{{ groups['fleming_physical'] + groups['fleming_vm'] | list | sort }}
prometheus_unifi_snmp_targets:
- targets: []
- targets: "{{ groups['fleming_unifi'] | list | sort }}"
roles:
- prometheus
- prometheus-alertmanager
@ -15,14 +15,39 @@
vars:
# Prometheus targets.json
prometheus_targets:
- targets: "{{ groups['server'] | list | sort }}"
- targets: |
{{ groups['pacaterie_physical'] + groups['pacaterie_vm'] | list | sort }}
prometheus_unifi_snmp_targets:
- targets: []
- targets: "{{ groups['pacaterie_unifi'] | list | sort }}"
roles:
- prometheus
- prometheus-alertmanager
- hosts: prometheus-edc.adm.auro.re
vars:
# Prometheus targets.json
prometheus_targets:
- targets: |
{{ groups['edc_physical'] + groups['edc_vm'] | list | sort }}
prometheus_unifi_snmp_targets:
- targets: "{{ groups['edc_unifi'] | list | sort }}"
roles:
- prometheus
- prometheus-alertmanager
- hosts: prometheus-georgesand.adm.auro.re
vars:
# Prometheus targets.json
prometheus_targets:
- targets: |
{{ groups['georgesand_physical'] + groups['georgesand_vm'] | list | sort }}
prometheus_unifi_snmp_targets:
- targets: "{{ groups['georgesand_unifi'] | list | sort }}"
roles:
- prometheus
- prometheus-alertmanager
# Monitor all hosts
- hosts: fleming,pacaterie
- hosts: all,!unifi,!ovh
roles:
- prometheus-node

View file

@ -3,8 +3,71 @@
- hosts: proxy.adm.auro.re # Host with python-proxmoxer and python-requests
become: false # We do not need root as we use Proxmox API
vars:
vm_definitions:
vars_prompt:
- name: "password"
prompt: "Enter LDAP password for your user"
private: true
tasks:
- name: Define a virtual machine in Proxmox
proxmox_kvm:
api_user: "{{ ansible_user_id }}@pam"
api_password: "{{ password }}"
api_host: "{{ item.virtu }}.adm.auro.re"
name: "{{ item.name }}"
node: "{{ item.virtu }}"
scsihw: virtio-scsi-pci
scsi: '{"scsi0":"{{ item.virtu }}:{{ item.disksize }},format=raw"}'
sata: '{"sata0":"local:iso/{{ item.installiso }},media=cdrom"}'
net: '{"net0":"virtio,bridge=vmbr2"}' # Adm only by default
cores: "{{ item.cores }}"
memory: "{{ item.memory }}"
balloon: "{{ item.memory // 2 }}"
bios: seabios # Ansible module doesn't support UEFI boot disk
loop:
# Réseau Fleming
- name: ldap-replica-fleming
virtu: freya
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: dhcp-fleming
virtu: freya
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: dns-fleming
virtu: freya
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: prometheus-fleming
virtu: freya
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: radius-fleming
virtu: freya
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: unifi-fleming
virtu: freya
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-9.9.0-amd64-netinst.iso
- name: routeur-fleming
virtu: freya
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
# Réseau Pacaterie
- name: ldap-replica-pacaterie
@ -43,49 +106,97 @@
memory: 1024 # M
disksize: 16 # G
installiso: debian-9.9.0-amd64-netinst.iso
- name: routeur-pacaterie
virtu: mordred
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
# Réseau Fleming
- name: ldap-replica-fleming1
virtu: freya
# Réseau EDC
- name: ldap-replica-edc
virtu: chapalux
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: dhcp-fleming
virtu: freya
- name: dhcp-edc
virtu: chapalux
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: dns-fleming
virtu: freya
- name: dns-edc
virtu: chapalux
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: prometheus-fleming
virtu: freya
- name: prometheus-edc
virtu: chapalux
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: radius-fleming
virtu: freya
- name: radius-edc
virtu: chapalux
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: unifi-fleming
virtu: freya
- name: unifi-edc
virtu: chapalux
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-9.9.0-amd64-netinst.iso
- name: routeur-edc
virtu: chapalux
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
vars_prompt:
- name: "password"
prompt: "Enter LDAP password for your user"
private: true
roles:
- proxmox-vm
# Réseau George Sand
- name: ldap-replica-georgesand
virtu: perceval
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: dhcp-georgesand
virtu: perceval
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: dns-georgesand
virtu: perceval
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: prometheus-georgesand
virtu: perceval
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: radius-georgesand
virtu: perceval
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso
- name: unifi-georgesand
virtu: perceval
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-9.9.0-amd64-netinst.iso
- name: routeur-georgesand
virtu: perceval
cores: 2 # 2 mimimum, 10 maximum
memory: 1024 # M
disksize: 16 # G
installiso: debian-10.0.0-amd64-netinst.iso

View file

@ -1,17 +0,0 @@
---
- name: Define a virtual machine in Proxmox
proxmox_kvm:
api_user: "{{ ansible_user_id }}@pam"
api_password: "{{ password }}"
api_host: "{{ item.virtu }}.adm.auro.re"
name: "{{ item.name }}"
node: "{{ item.virtu }}"
scsihw: virtio-scsi-pci
scsi: '{"scsi0":"{{ item.virtu }}:{{ item.disksize }},format=raw"}'
sata: '{"sata0":"local:iso/{{ item.installiso }},media=cdrom"}'
net: '{"net0":"virtio,bridge=vmbr2"}' # Adm only by default
cores: "{{ item.cores }}"
memory: "{{ item.memory }}"
balloon: "{{ item.memory // 2 }}"
bios: seabios # Ansible module doesn't support UEFI boot disk
loop: "{{ vm_definitions }}"