X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=blueprints%2Fiotgateway%2Fplaybooks%2Froles%2Feg_mep%2Ftasks%2Finstall.yml;fp=blueprints%2Fiotgateway%2Fplaybooks%2Froles%2Feg_mep%2Ftasks%2Finstall.yml;h=0000000000000000000000000000000000000000;hb=233fedcbae7166783277ed538d454b106b9d52ae;hp=f33094d87257ea6c17f8f466417485542a22c1d0;hpb=8d3b452ed742e3b9e3e7e5ed9633038437fbdca9;p=eliot.git

diff --git a/blueprints/iotgateway/playbooks/roles/eg_mep/tasks/install.yml b/blueprints/iotgateway/playbooks/roles/eg_mep/tasks/install.yml
deleted file mode 100644
index f33094d..0000000
--- a/blueprints/iotgateway/playbooks/roles/eg_mep/tasks/install.yml
+++ /dev/null
@@ -1,273 +0,0 @@
-# Copyright 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
----
-
-- name: Doing deployment setup for edge gallery
-  copy:
-    src: deploy
-    dest: /tmp/eg_mep/
-
-- name: Import config file
-  include_vars:
-    file: ../../../config.yml
-    name: vardata
-
-- name: Set a variable
-  ansible.builtin.set_fact:
-    comm_pwd: "{{ vardata.common_pwd.name }}"
-
-- name: Remove old dir
-  command: rm -rf /tmp/.mep_tmp_cer
-  args:
-    chdir: /tmp/
-
-- name: Make dir
-  command: mkdir -p /tmp/.mep_tmp_cer
-  args:
-    chdir: /tmp/
-
-- name: Openssl genrsa
-  command: openssl genrsa -out ca.key 2048
-  args:
-    chdir: /tmp/.mep_tmp_cer/
-
-- name: Opnessl req
-  # yamllint disable rule:line-length
-  command: openssl req -new -key ca.key -subj /C=CN/ST=Peking/L=Beijing/O=edgegallery/CN=edgegallery -out ca.csr
-  # yamllint disable rule:line-length
-  args:
-    chdir: /tmp/.mep_tmp_cer/
-
-- name: Sing key with ca key and ca crt
-  # yamllint disable rule:line-length
-  command: openssl x509 -req -days 365 -in ca.csr -extensions v3_ca -signkey ca.key -out ca.crt
-  # yamllint disable rule:line-length
-  args:
-    chdir: /tmp/.mep_tmp_cer/
-
-- name: Openssl genrsa
-  command: openssl genrsa -out mepserver_tls.key 2048
-  args:
-    chdir: /tmp/.mep_tmp_cer/
-
-- name: Openssl rsa mep tls with common pwd
-  # yamllint disable rule:line-length
-  command: openssl rsa -in /tmp/.mep_tmp_cer/mepserver_tls.key -aes256 -passout pass:{{ vardata.common_pwd.name}} -out /tmp/.mep_tmp_cer/mepserver_encryptedtls.key
-  # yamllint disable rule:line-length
-  when: comm_pwd != ""
-
-- name: Openssl rsa mep tls
-  # yamllint disable rule:line-length
-  command: openssl rsa -in /tmp/.mep_tmp_cer/mepserver_tls.key -aes256 -passout pass:{{ vardata.mep_cert_pwd.name}} -out /tmp/.mep_tmp_cer/mepserver_encryptedtls.key
-  # yamllint disable rule:line-length
-  when: comm_pwd == ""
-
-- name: Openssl req new key mepserver tls key
-  # yamllint disable rule:line-length
-  command: openssl req -new -key mepserver_tls.key -subj /C=CN/ST=Beijing/L=Beijing/O=edgegallery/CN=edgegallery -out mepserver_tls.csr
-  # yamllint disable rule:line-length
-  args:
-    chdir: /tmp/.mep_tmp_cer/
-
-- name: Openssl mepserver tls csr
-  # yamllint disable rule:line-length
-  command: openssl x509 -req -in mepserver_tls.csr -extensions v3_req -CA ca.crt -CAkey ca.key -CAcreateserial -out mepserver_tls.crt
-  # yamllint disable rule:line-length
-  args:
-    chdir: /tmp/.mep_tmp_cer/
-
-- name: Openssl genrsa out
-  command: openssl genrsa -out jwt_privatekey 2048
-  args:
-    chdir: /tmp/.mep_tmp_cer/
-
-- name: Openssl rsa jwt privatekey
-  command: openssl rsa -in jwt_privatekey -pubout -out jwt_publickey
-  args:
-    chdir: /tmp/.mep_tmp_cer/
-
-- name: Openssl rsa in jwt with common pwd
-  # yamllint disable rule:line-length
-  command: openssl rsa -in /tmp/.mep_tmp_cer/jwt_privatekey -aes256 -passout pass:{{ vardata.common_pwd.name}} -out /tmp/.mep_tmp_cer/jwt_encrypted_privatekey
-  ignore_errors: yes
-  no_log: True
-  # yamllint disable rule:line-length
-  when: comm_pwd != ""
-
-- name: Openssl rsa in jwt
-  # yamllint disable rule:line-length
-  command: openssl rsa -in /tmp/.mep_tmp_cer/jwt_privatekey -aes256 -passout pass:{{ vardata.mep_cert_pwd.name}} -out /tmp/.mep_tmp_cer/jwt_encrypted_privatekey
-  # yamllint disable rule:line-length
-  ignore_errors: yes
-  no_log: True
-  when: comm_pwd == ""
-
-- name: Create mep namespace
-  command: kubectl create ns mep
-  args:
-    chdir: /tmp/
-
-- name: Create generic pg secret with common pwd
-  # yamllint disable rule:line-length
-  command: kubectl -n mep create secret generic pg-secret --from-literal=pg_admin_pwd={{ vardata.common_pwd.name}} --from-literal=kong_pg_pwd={{ vardata.mep_kong_pg_pwd.name}}
-           --from-file=server.key=/tmp/.mep_tmp_cer/mepserver_tls.key --from-file=server.crt=/tmp/.mep_tmp_cer/mepserver_tls.crt
-  ignore_errors: yes
-  no_log: True
-  # yamllint disable rule:line-length
-  when: comm_pwd != ""
-
-- name: Create generic pg secret
-  # yamllint disable rule:line-length
-  command: kubectl -n mep create secret generic pg-secret --from-literal=pg_admin_pwd={{ vardata.mep_pg_admin_pwd.name}} --from-literal=kong_pg_pwd={{ vardata.mep_kong_pg_pwd.name}}
-           --from-file=server.key=/tmp/.mep_tmp_cer/mepserver_tls.key --from-file=server.crt=/tmp/.mep_tmp_cer/mepserver_tls.crt
-  ignore_errors: yes
-  no_log: True
-  # yamllint disable rule:line-length
-  when: comm_pwd == ""
-
-- name: Create mep generic for mep ssl with common pwd
-  # yamllint disable rule:line-length
-  command: kubectl -n mep create secret generic mep-ssl --from-literal=cert_pwd={{ vardata.common_pwd.name}} --from-file=server.cer=/tmp/.mep_tmp_cer/mepserver_tls.crt
-           --from-file=server_key.pem=/tmp/.mep_tmp_cer/mepserver_encryptedtls.key --from-file=trust.cer=/tmp/.mep_tmp_cer/ca.crt
-  ignore_errors: yes
-  no_log: True
-  # yamllint disable rule:line-length
-  when: comm_pwd != ""
-
-- name: Create mep generic for mep ssl
-  # yamllint disable rule:line-length
-  command: kubectl -n mep create secret generic mep-ssl --from-literal=cert_pwd={{ vardata.mep_cert_pwd.name}} --from-file=server.cer=/tmp/.mep_tmp_cer/mepserver_tls.crt
-           --from-file=server_key.pem=/tmp/.mep_tmp_cer/mepserver_encryptedtls.key --from-file=trust.cer=/tmp/.mep_tmp_cer/ca.crt
-  # yamllint disable rule:line-length
-  when: comm_pwd == ""
-
-- name: Create mep seret generic
-  # yamllint disable rule:line-length
-  command: kubectl -n mep create secret generic mepauth-secret --from-file=server.crt=/tmp/.mep_tmp_cer/mepserver_tls.crt --from-file=server.key=/tmp/.mep_tmp_cer/mepserver_tls.key
-           --from-file=ca.crt=/tmp/.mep_tmp_cer/ca.crt --from-file=jwt_publickey=/tmp/.mep_tmp_cer/jwt_publickey --from-file=jwt_encrypted_privatekey=/tmp/.mep_tmp_cer/jwt_encrypted_privatekey
-  # yamllint disable rule:line-length
-  args:
-    chdir: /tmp/
-
-- name: Remove directory
-  command: rm -rf /tmp/.mep_tmp_cer
-  args:
-    chdir: /tmp/
-
-- debug:
-    msg: Deploy_dns_metallb execution start
-
-- name: Eg_Mep deployment execution of namesapce
-  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/metallb/namespace.yaml
-  args:
-    chdir: /tmp/eg_mep/deploy/
-
-- name: Eg_Mep deployment execution of metallb
-  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/metallb/metallb.yaml
-  args:
-    chdir: /tmp/eg_mep/deploy/
-
-- name: Eg_Mep deployment create secret
-  # yamllint disable rule:line-length
-  command: kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
-  # yamllint disable rule:line-length
-  args:
-    chdir: /tmp/eg_mep/deploy/
-
-- name: Eg_Mep deployment execution of config-mep
-  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/metallb/config-map.yaml
-  args:
-    chdir: /tmp/eg_mep/deploy/
-
-- debug:
-    msg: Deploy_network_isolation_multus execution start
-
-- name: Running multus yaml files
-  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/network-isolation/multus.yaml
-  args:
-    chdir: /tmp/eg_mep/deploy/
-
-- name: Running eg-sp-rbac yaml files
-  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-rbac.yaml
-  args:
-    chdir: /tmp/eg_mep/deploy/
-
-- name: Replacing image
-  replace:
-    path: /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-controller.yaml
-    regexp: 'edgegallery/edgegallery-secondary-ep-controller:latest'
-    replace: "{{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/edgegallery-secondary-ep-controller:latest"
-
-- name: Running eg-sp-controller yaml files
-  # yamllint disable rule:line-length
-  command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-controller.yaml
-  args:
-    chdir: /tmp/eg_mep/deploy/
-
-- debug:
-    msg: Setup_interfaces execution start
-
-- name: Link eg mep macvlan
-  # yamllint disable rule:line-length
-  command: ip link add eg-mp1 link {{ vardata.edge_management_interface.name}} type macvlan mode bridge
-  args:
-    chdir: /tmp/eg_mep/deploy/
-  ignore_errors: yes
-  no_log: True
-
-- name: Link eg mep macvlan
-  command: ip addr add {{ vardata.eg-management-address.name}} dev eg-mp1
-  args:
-    chdir: /tmp/eg_mep/deploy/
-  ignore_errors: yes
-  no_log: True
-
-- name: Link eg me1 up
-  command: ip link set dev eg-mp1 up
-  args:
-    chdir: /tmp/eg_mep/deploy/
-  ignore_errors: yes
-  no_log: True
-
-- name: Link eg eg mm5 with eth1
-  # yamllint disable rule:line-length
-  command: ip link add eg-mm5 link {{ vardata.edge_dataplane_interface.name}} type macvlan mode bridge
-  args:
-    chdir: /tmp/eg_mep/deploy/
-  ignore_errors: yes
-  no_log: True
-
-- name: Link eg eg mm5 ip addr
-  command: ip addr add {{ vardata.eg-dataplane-address.name}} dev eg-mm5
-  args:
-    chdir: /tmp/eg_mep/deploy/
-  ignore_errors: yes
-  no_log: True
-
-- name: Link eg eg mm5 set dev
-  command: ip link set dev eg-mm5 up
-  args:
-    chdir: /tmp/eg_mep/deploy/
-  ignore_errors: yes
-  no_log: True
-
-- debug:
-    msg: Pull helm repo start
-
-- name: Edge gallery mep installation pull chart and image
-  # yamllint disable rule:line-length
-  command: helm install mep-edgegallery edgegallery/mep --set networkIsolation.phyInterface.mp1={{ vardata.edge_management_interface.name}} --set networkIsolation.phyInterface.mm5={{ vardata.edge_dataplane_interface.name}} --set images.mep.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mep --set images.mepauth.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mepauth --set images.dns.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mep-dns-server --set images.kong.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/kong --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/postgres --set images.mep.tag={{ vardata.eg_image_tag.name}} --set images.mepauth.tag={{ vardata.eg_image_tag.name}} --set images.dns.tag={{ vardata.eg_image_tag.name}} --set images.mep.pullPolicy=IfNotPresent --set images.mepauth.pullPolicy=IfNotPresent --set images.dns.pullPolicy=IfNotPresent --set images.kong.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set ssl.secretName=mep-ssl
-  # yamllint disable rule:line-length