Unverified Commit a628292b authored by Ioannis Tsafaras's avatar Ioannis Tsafaras Committed by Avraam Tsantekidis

Bastion SSH proxy

parent 061c38ff
...@@ -10,9 +10,13 @@ ...@@ -10,9 +10,13 @@
- name: Remove master file - name: Remove master file
file: path=/root/master state=absent file: path=/root/master state=absent
tags: rm tags: rm
- name: Copy hosts file
template: src=../roles/common/templates/hosts.j2 dest=/etc/hosts backup=no owner=root group=root mode=0750
tags: hosts
- hosts: slaves - hosts: slaves
user: root user: root
gather_facts: False
tasks: tasks:
- name: Touch slave file - name: Touch slave file
file: path=/root/slave state=touch mode="u=rw,g=r,o=r" file: path=/root/slave state=touch mode="u=rw,g=r,o=r"
...@@ -20,6 +24,6 @@ ...@@ -20,6 +24,6 @@
- name: Remove slave file - name: Remove slave file
file: path=/root/slave state=absent file: path=/root/slave state=absent
tags: rm tags: rm
- name: Copy hosts file. - name: Copy hosts file
template: src=../roles/common/templates/hosts.j2 dest=/etc/hosts backup=no owner=root group=root mode=0750 template: src=../roles/common/templates/hosts.j2 dest=/etc/hosts backup=no owner=root group=root mode=0750
tags: hosts tags: hosts
Host bastion Host bastion
HostName snf-661243.vm.okeanos.grnet.gr HostName snf-xxxxxx.vm.okeanos.grnet.gr
User root User root
ProxyCommand none ProxyCommand none
Host * Host *
ProxyCommand ssh root@snf-661243.vm.okeanos.grnet.gr nc %h %p ProxyCommand ssh root@snf-xxxxxx.vm.okeanos.grnet.gr nc %h %p
...@@ -14,7 +14,7 @@ class Manager: ...@@ -14,7 +14,7 @@ class Manager:
for response in provisioner_response[group]: for response in provisioner_response[group]:
self.inventory[group]["hosts"].append(response[u'SNF:fqdn']) self.inventory[group]["hosts"].append(response[u'SNF:fqdn'])
if group == "master": if group == "master":
self.master_fqdn = response[u'SNF:fqdn'].split('.')[0] self.master_fqdn = response[u'SNF:fqdn']
def create_inventory(self): def create_inventory(self):
""" """
...@@ -22,7 +22,7 @@ class Manager: ...@@ -22,7 +22,7 @@ class Manager:
:return: :return:
""" """
ipdict = {"snf-661243": "192.168.0.2", "snf-661526" : "192.168.0.3", "snf-661527" : "192.168.0.4"} ipdict = {"snf-661243": "192.168.0.3", "snf-661526" : "192.168.0.2", "snf-661527" : "192.168.0.4"}
inventory_groups = [] inventory_groups = []
host_vars = {} host_vars = {}
...@@ -38,9 +38,9 @@ class Manager: ...@@ -38,9 +38,9 @@ class Manager:
inventory_groups.append(master_group) inventory_groups.append(master_group)
slave_group = ansible.inventory.group.Group(name="slaves") slave_group = ansible.inventory.group.Group(name="slaves")
host_vars["proxy_env"] = {"http_proxy": "http://"+self.master_fqdn+":3128"} host_vars["proxy_env"] = {"http_proxy": "http://"+self.master_fqdn.split('.')[0]+":3128"}
for host_id, host in enumerate(self.inventory["slaves"]["hosts"], start=1): for host_id, host in enumerate(self.inventory["slaves"]["hosts"], start=1):
ansible_host = ansible.inventory.host.Host(name=host) ansible_host = ansible.inventory.host.Host(name=host.split('.')[0]+'.local')
host_vars["internal_ip"] = ipdict[host.split('.')[0]] host_vars["internal_ip"] = ipdict[host.split('.')[0]]
for var_key, var_value in host_vars.iteritems(): for var_key, var_value in host_vars.iteritems():
ansible_host.set_variable(var_key, var_value) ansible_host.set_variable(var_key, var_value)
...@@ -202,7 +202,7 @@ if __name__ == "__main__": ...@@ -202,7 +202,7 @@ if __name__ == "__main__":
u'SNF:port_forwarding': {}}]} u'SNF:port_forwarding': {}}]}
from provisioner import Provisioner # from provisioner import Provisioner
# provisioner = Provisioner("lambda") # provisioner = Provisioner("lambda")
# inv = provisioner.create_lambda_cluster("test_vm") # inv = provisioner.create_lambda_cluster("test_vm")
...@@ -210,5 +210,7 @@ if __name__ == "__main__": ...@@ -210,5 +210,7 @@ if __name__ == "__main__":
manager.create_inventory() manager.create_inventory()
ansible.constants.HOST_KEY_CHECKING = False ansible.constants.HOST_KEY_CHECKING = False
manager.run_playbook(playbook_file="../../ansible/playbooks/testinventory.yml") ansible.constants.ANSIBLE_SSH_ARGS = '-o "ProxyCommand ssh -A -W %%h:%%p root@%s"' % manager.master_fqdn
# ansible.constants.ANSIBLE_SSH_ARGS = '-o "ProxyCommand ssh root@%s nc %%h %%p"' % manager.master_fqdn
manager.run_playbook(playbook_file="../../ansible/playbooks/testinventory.yml", tags=["rm"])
# manager.run_playbook(playbook_file="../../ansible/playbooks/testproxy.yml", tags=["install"]) # manager.run_playbook(playbook_file="../../ansible/playbooks/testproxy.yml", tags=["install"])
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment