From 5486750b209896d2b15f12cec72abdbc55b2279b Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 18 Apr 2020 20:15:39 +0200 Subject: cleanup hetzner cloud-install --- roles/cloud/install/tasks/hcloud.yml | 49 ++++++++++++++-------- roles/cloud/install/tasks/hetzner_installimage.yml | 12 +++--- roles/cloud/install/tasks/hroot.yml | 31 +++++++------- 3 files changed, 52 insertions(+), 40 deletions(-) (limited to 'roles/cloud') diff --git a/roles/cloud/install/tasks/hcloud.yml b/roles/cloud/install/tasks/hcloud.yml index 7e87c114..983b3dec 100644 --- a/roles/cloud/install/tasks/hcloud.yml +++ b/roles/cloud/install/tasks/hcloud.yml @@ -1,5 +1,7 @@ --- - name: retrieve ssh key ids + delegate_to: localhost + check_mode: no uri: url: "https://api.hetzner.cloud/v1/ssh_keys" method: GET @@ -7,9 +9,10 @@ Authorization: "Bearer {{ install_cooked.cloud.credentials.token }}" status_code: 200 register: sshkeys - delegate_to: localhost - name: retrieve server id and check if rescue mode is already active + delegate_to: localhost + check_mode: no uri: url: "https://api.hetzner.cloud/v1/servers?name={{ install_cooked.cloud.server_name | default(inventory_hostname) }}" method: GET @@ -17,17 +20,29 @@ Authorization: "Bearer {{ install_cooked.cloud.credentials.token }}" status_code: 200 register: serverstatus - delegate_to: localhost + +- name: do not continue if we found no or multiple servers + when: (serverstatus.json.servers | length) != 1 + fail: + msg: "hcloud API returned {{ serverstatus.json.servers | length }} servers" - name: do not continue in check mode + when: ansible_check_mode | bool fail: msg: "can not bootstrap new servers in check mode" - when: ansible_check_mode | bool - check_mode: no + +- name: display warning message + pause: + prompt: | + *** Danger **** + will be bootstraping host {{ inventory_hostname }} with main IP {{ serverstatus.json.servers[0].public_net.ipv4.ip }} ... + ALL DATA WILL BE LOST!!! press CTRL-C then A to abort. + seconds: 15 ### TODO: for now we add all ssh keys that are installed for this project - this might not be a good idea! - name: activate rescue mode when: not serverstatus.json.servers[0].rescue_enabled + delegate_to: localhost uri: url: "https://api.hetzner.cloud/v1/servers/{{ serverstatus.json.servers[0].id }}/actions/enable_rescue" method: POST @@ -36,21 +51,19 @@ Authorization: "Bearer {{ install_cooked.cloud.credentials.token }}" Content-Type: "application/json" status_code: 201 - delegate_to: localhost -## TODO: remove this once the task below is fixed -- pause: - prompt: Please reset the server {{ install_cooked.cloud.server_name | default(inventory_hostname) }} and press enter... +- name: wait for rescue mode activation + pause: + seconds: 5 -### TODO this does not work???? -# - name: do a hardware reset -# uri: -# url: "https://api.hetzner.cloud/v1/servers/{{ serverstatus.json.servers[0].id }}/actions/reset" -# method: POST -# headers: -# Authorization: "Bearer {{ install_cooked.cloud.credentials.token }}" -# status_code: 201 -# delegate_to: localhost +- name: do a hardware reset + delegate_to: localhost + uri: + url: "https://api.hetzner.cloud/v1/servers/{{ serverstatus.json.servers[0].id }}/actions/reset" + method: POST + headers: + Authorization: "Bearer {{ install_cooked.cloud.credentials.token }}" + status_code: 201 ### TODO: would be nice to get the SSH host key from robot - name: completely ignore ssh host keys for now @@ -63,7 +76,7 @@ delay: 30 timeout: 120 -- include_tasks: hetzner_installimage.yml +- import_tasks: hetzner_installimage.yml - name: reboot shell: sleep 2 && shutdown -r now "triggered by ansible after running installimage" diff --git a/roles/cloud/install/tasks/hetzner_installimage.yml b/roles/cloud/install/tasks/hetzner_installimage.yml index 19f3a16f..5704b200 100644 --- a/roles/cloud/install/tasks/hetzner_installimage.yml +++ b/roles/cloud/install/tasks/hetzner_installimage.yml @@ -1,12 +1,12 @@ --- - name: determine latest image name + check_mode: no + args: + executable: /bin/bash shell: | set -o pipefail shopt -s nocaseglob ls /root/.oldroot/nfs/images/{{ install_distro }}-*-{{ install_codename }}-64-minimal.tar.gz | sort -r | head -n 1 - args: - executable: /bin/bash - check_mode: no changed_when: false register: latest_image @@ -22,16 +22,16 @@ mode: 0755 - name: run installimage - command: /root/.oldroot/nfs/install/installimage -a -c installimage.conf -x postinst.sh - register: hetzner_installimage_cmd args: chdir: /root + command: /root/.oldroot/nfs/install/installimage -a -c installimage.conf -x postinst.sh + register: hetzner_installimage_cmd - name: print installimage output debug: msg: "{{ hetzner_installimage_cmd.stdout_lines + hetzner_installimage_cmd.stderr_lines }}" - name: check if installimage succeeded + when: "hetzner_installimage_cmd.rc != 0 or 'postinst.sh finished successfully' not in hetzner_installimage_cmd.stdout_lines" fail: msg: failed to run installimage - when: "hetzner_installimage_cmd.rc != 0 or 'postinst.sh finished successfully' not in hetzner_installimage_cmd.stdout_lines" diff --git a/roles/cloud/install/tasks/hroot.yml b/roles/cloud/install/tasks/hroot.yml index 9124f44a..b7d511a0 100644 --- a/roles/cloud/install/tasks/hroot.yml +++ b/roles/cloud/install/tasks/hroot.yml @@ -1,5 +1,7 @@ --- - name: retrieve ssh key fingerprints + delegate_to: localhost + check_mode: no uri: url: "https://robot-ws.your-server.de/key" method: GET @@ -8,18 +10,12 @@ force_basic_auth: yes status_code: 200 register: sshkeys - delegate_to: localhost - check_mode: no - -- name: do not continue in check mode - fail: - msg: "can not bootstrap new servers in check mode" - when: ansible_check_mode | bool - check_mode: no - when: hetzner_main_ip is not defined block: - name: retrieve server list from robot + delegate_to: localhost + check_mode: no uri: url: "https://robot-ws.your-server.de/server" method: GET @@ -28,13 +24,16 @@ force_basic_auth: yes status_code: 200 register: servers - delegate_to: localhost - check_mode: no - name: extract server IP address from robot result set_fact: hetzner_main_ip: "{{ servers.json | hroot_extract_serverip(install_cooked.cloud.server_name | default(inventory_hostname)) }}" +- name: do not continue in check mode + when: ansible_check_mode | bool + fail: + msg: "can not bootstrap new servers in check mode" + - name: display warning message pause: prompt: | @@ -44,6 +43,8 @@ seconds: 15 - name: check if rescue mode is already active + delegate_to: localhost + check_mode: no uri: url: "https://robot-ws.your-server.de/boot/{{ hetzner_main_ip }}/rescue" method: GET @@ -52,12 +53,11 @@ force_basic_auth: yes status_code: 200 register: rescuestatus - delegate_to: localhost - check_mode: no ### TODO: for now we add all ssh keys that are installed in the robot - this might not be a good idea! - name: activate rescue mode when: not rescuestatus.json.rescue.active + delegate_to: localhost uri: url: "https://robot-ws.your-server.de/boot/{{ hetzner_main_ip }}/rescue" method: POST @@ -68,13 +68,13 @@ status_code: 200 headers: Content-Type: "application/x-www-form-urlencoded" - delegate_to: localhost -- name: wait for the rescue mode to become active +- name: wait for rescue mode activation pause: seconds: 5 - name: do a hardware reset + delegate_to: localhost uri: url: "https://robot-ws.your-server.de/reset/{{ hetzner_main_ip }}" method: POST @@ -85,7 +85,6 @@ status_code: 200 headers: Content-Type: "application/x-www-form-urlencoded" - delegate_to: localhost ### TODO: would be nice to get the SSH host key from robot - name: completely ignore ssh host keys for now @@ -98,7 +97,7 @@ delay: 30 timeout: 120 -- include_tasks: hetzner_installimage.yml +- import_tasks: hetzner_installimage.yml - name: reboot shell: sleep 2 && shutdown -r now "triggered by ansible after running installimage" -- cgit v1.2.3