Update: add ansible code

Ansible for installing:
Chef(host)
Cobbler
Compass
Currently only three components being on the same host is supported.

Change-Id: I1f36ee77546d3e5734a69660dde9edc41dc8ea13

install/allinone.yml

@@ -0,0 +1,9 @@
+---
+
+- hosts: allinone
+  sudo: True
+  roles:
+    - common
+    - chef
+    - cobbler
+    - compass

install/group_vars/all

@@ -0,0 +1,159 @@
+---
+
+# Once rebuild is marked as True, all docker images and/or packages will be destroyed and re-established
+rebuild: True
+
+# Auto-generated IP values
+chef_server: "10.145.89.133"
+cobbler_server: "10.145.89.133"
+compass-server: "10.145.89.128"
+
+# Auto-generated
+dockerized_cobbler: True
+dockerized_chef: False
+
+# shared_dir on local machine
+shared_dir: "~/compass/shared"
+
+## default urls
+
+# centos
+epel_6: "https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm"
+
+# compass adapters
+compass_adapters: "git://git.openstack.org/stackforge/compass-adapters.git"
+
+## cobbler
+# cidr for docker bridge: compass0
+compass0_subnet: "192.168.100.1/24"
+
+# subnet ip for docker bridge: compass0
+compass0_subnet_ip: "192.168.100.0"
+
+# subnet mask for docker bridge: compass0
+compass0_subnet_mask: "255.255.255.0"
+
+# router ip for docker bridge: compass0
+compass0_router: "192.168.100.1"
+
+# dhcp range for docker bridge: compass0
+compass0_dhcp_range: "192.168.100.10 192.168.100.250"
+
+# management subnet ip of the cluster you want to deploy
+mgmt_subnet_ip: "10.145.88.0"
+
+# management subnet router ip
+mgmt_router: "10.145.88.1"
+
+# management subnet subnet mask
+mgmt_subnet_mask: "255.255.254.0"
+
+# management subnet dhcp range
+mgmt_dhcp_range: "10.145.88.10 10.145.89.250"
+
+
+
+## ports for cobbler ##
+
+# http port on host that maps to the cobbler container
+cobbler_mapped_http_port_on_host: "8080"
+
+# rsyslog port on host that maps to the compass container
+rsyslog_port_mapped_on_host: "12514"
+
+# tftp port on host that maps to the cobbler container
+tftp_port: "69"
+
+# xmlrpc port on host that maps to the cobbler container
+xmlrpc_port: "25151"
+
+# dns port on host that maps to the cobbler container
+dns_port: "53"
+
+# port mapping as a paramter for running cobbler container
+cobbler_port_mapping: -p {{ cobbler_mapped_http_port_on_host }}:80 -p {{ tftp_port }}:69/udp -p {{ dns_port }}:53/udp -p {{ xmlrpc_port }}:25151 -p {{ rsyslog_port_mapped_on_host }}:514
+
+
+
+## ports for compass ##
+
+# http port on host that maps to the compass container
+compass_mapped_http_port_on_host: "5000"
+
+# ntp port on host that maps to the compass container
+ntp_port: "123"
+
+# squid proxy port on host that maps to the compass container
+proxy_port: "3128"
+
+# port mapping as a parameter for running compass container
+compass_port_mapping: -p {{ compass_mapped_http_port_on_host }}:80 -p {{ ntp_port }}:123 -p {{ proxy_port }}:3128
+
+
+## isos
+# centos iso url
+centos_url: "{{ centos_65_url }}"
+
+# ubuntu iso url
+ubuntu_url: "{{ ubuntu_1204_url }}"
+
+# centos 6.5 url
+centos_65_url: "https://s3-us-west-1.amazonaws.com/compass-local-repo/centos/6.5/CentOS-6.5-x86_64.iso"
+
+# ubuntu 12.04 url
+ubuntu_1204_url: "https://s3-us-west-1.amazonaws.com/compass-local-repo/ubuntu/12.04/Ubuntu-12.04-x86_64.iso"
+
+# os name of centos
+centos: "{{ centos_65 }}"
+
+# os name of ubuntu
+ubuntu: "{{ ubuntu_1204 }}"
+
+# centos 6.5 os name
+centos_65: "CentOS-6.5-x86_64"
+
+# ubuntu 12.04 os name
+ubuntu_1204: "Ubuntu-12.04-x86_64"
+
+
+
+##  volume mapping for cobbler ##
+
+# mount point for isos on cobbler host
+host_mount_point: "/root/docker-cobbler/images"
+
+# mount point inside cobbler container
+container_mount_point: "/var/lib/cobbler/mount_point"
+
+# combined mount syntax for docker run
+image_volume_mapping: "-v {{ host_mount_point }}:{{ container_mount_point }}"
+
+# log dir on cobbler host
+cobbler_host_log_dir: "/var/log/cobbler"
+
+# log dir inside cobbler container
+cobbler_container_log_dir: "/var/log/cobbler"
+
+# log the logs from container into host for future use
+log_volume_mapping: "-v {{ cobbler_host_log_dir }}:{{ cobbler_container_log_dir }}"
+
+
+
+##  volume mapping for compass ##
+
+# log dir on compass host
+compass_host_log_dir: "/var/log/compass"
+
+# log dir on inside compass container
+compass_container_log_dir: "/var/log/cobbler"
+
+# sync logs inside out of the container
+compass_volume_mapping: "-v {{ compass_host_log_dir }}:{{ compass_container_log_dir }}"
+
+
+
+## docker ##
+
+# install docker on ubuntu
+docker_apt_key_server: hkp://keyserver.ubuntu.com:80
+docker_apt_key: 36A1D7869245C8950F966E92D8576A8BA88D21E9

install/inventories/allinone

@@ -0,0 +1,2 @@
+[allinone]
+xc-ansible-test1 ansible_ssh_host=10.145.89.128 ansible_ssh_user=root ansible_ssh_pass=root type=allinone

install/inventories/chef

@@ -0,0 +1,2 @@
+[chefnodes]
+xc-ansible-test1 ansible_ssh_host=10.145.89.128 ansible_ssh_user=root ansible_ssh_pass=root dockerized=False type=chef

install/inventories/cobbler

@@ -0,0 +1,2 @@
+[cobblernodes]
+xc-ansible-test1 ansible_ssh_host=10.145.89.128 ansible_ssh_user=root ansible_ssh_pass=root dockerized=True container_name=cobbler-dev type=cobbler

install/inventories/compass

@@ -0,0 +1,2 @@
+[compassnodes]
+xc-ansible-test1 ansible_ssh_host=10.145.89.128 ansible_ssh_user=root ansible_ssh_pass=root dockerized=True container_name=compass-dev type=compass

install/inventories/hosts_test

@@ -0,0 +1,6 @@
+[chefnodes]
+xc-precise-server ansible_ssh_host=10.145.89.133 ansible_ssh_user=root ansible_ssh_pass=root type=chef
+[cobblernodes]
+xc-ansible-test1 ansible_ssh_host=10.145.89.128 ansible_ssh_user=root ansible_ssh_pass=root type=cobbler
+[compassnodes]
+xc-precise-server ansible_ssh_host=10.145.89.133 ansible_ssh_user=root ansible_ssh_pass=root type=compass

install/inventories/ubuntu_test

@@ -0,0 +1,6 @@
+# [chefnodes]
+# xc-precise-server ansible_ssh_host=10.145.89.133 ansible_ssh_user=root ansible_ssh_pass=root type=chef
+[cobblernodes]
+xc-precise-server ansible_ssh_host=10.145.89.133 ansible_ssh_user=root ansible_ssh_pass=root type=cobbler
+[compassnodes]
+xc-precise-server ansible_ssh_host=10.145.89.133 ansible_ssh_user=root ansible_ssh_pass=root type=compass

install/precheck.yml

@@ -0,0 +1,16 @@
+---
+
+- hosts: chefnodes
+  sudo: True
+  roles:
+    - precheck
+
+- hosts: cobblernodes
+  sudo: True
+  roles:
+    - precheck
+
+- hosts: compassnodes
+  sudo: True
+  roles:
+    - precheck

install/roles/chef/files/chef-server.rb

@@ -0,0 +1,4 @@
+nginx['non_ssl_port'] = 80
+nginx['enable_non_ssl'] = true
+nginx['ssl_port'] = 443
+nginx['url'] = "https://#{node['fqdn']}"

install/roles/chef/files/compass.json

@@ -0,0 +1,8 @@
+{
+  "name": "compass",
+  "public_key": null,
+  "validator": false,
+  "admin": true,
+  "json_class": "Chef::ApiClient",
+  "chef_type": "client"
+}

install/roles/chef/files/knife.rb

@@ -0,0 +1,9 @@
+log_level                :info
+log_location             STDOUT
+node_name                'admin'
+client_key               '/etc/chef-server/admin.pem'
+validation_client_name   'chef-validator'
+validation_key           '/etc/chef-server/chef-validator.pem'
+chef_server_url          'https://localhost:443'
+syntax_check_cache_path  '/root/.chef/syntax_check_cache'
+cookbook_path [ '/root/chef-repo/cookbooks' ]

install/roles/chef/files/knife.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+knife  configure -y -i --defaults -r ~/chef-repo -s https://localhost:443 -u root --admin-client-name admin --admin-client-key /etc/chef-server/admin.pem --validation-client-name chef-validator --validation-key /etc/chef-server/chef-validator.pem<<EOF
+'thisisarandomstring'
+EOF

install/roles/chef/tasks/Debian.yml

@@ -0,0 +1,30 @@
+---
+
+- name: install git
+  apt: name=git
+       state=installed
+       update_cache=yes
+
+- name: fact of chef-server
+  shell: dpkg -l
+  register: packages
+
+# get precise chef-server deb pkg if ubuntu is 12.04
+- name: get chef-server
+  get_url: url={{ chef_server_precise }}
+           dest=/tmp/chef-server.deb
+  when: "'chef-server' not in packages.stdout and ansible_distribution_major_version == '12'"
+
+- name: install chef-server
+  apt: deb=/tmp/chef-server.deb
+       state=installed
+
+- name: get chef-client
+  get_url: url={{ chef_client_precise }}
+           dest=/tmp/chef-client.rpm
+  when: "'chef' not in packages.stdout and ansbile_distribution_major_version == '12'"
+
+- name: install chef-client
+  apt: deb=/tmp/chef-client.deb
+       state=installed
+  when: "'chef' not in packages.stdout"

install/roles/chef/tasks/RedHat.yml

@@ -0,0 +1,30 @@
+---
+
+- name: fact of chef-server
+  command: rpm -qa | grep -q chef-server
+  register: is_installed
+
+- name: get chef-server
+  get_url: url={{ chef_server_el6_rpm }}
+           dest=/tmp/chef-server.rpm
+  when: is_installed.stdout.find('chef-server') == -1 and ansible_distribution_major_version == '6'
+
+- name: install chef-server
+  shell: rpm -Uvh /tmp/chef-server.rpm
+  when: "'chef-server' not in is_installed.stdout"
+
+- name: is chef-client installed
+  command: rpm -q chef
+  register: chefclient_installed
+
+- name: get chef-client
+  get_url: url={{ chef_client_el6_rpm }}
+           dest=/tmp/chef-client.rpm
+  when: chefclient_installed.stdout.find('chef') == -1 and ansible_distribution_major_version == '6'
+
+- name: install chef-client
+  shell: rpm -Uvh /tmp/chef-client.rpm
+  when: chefclient_installed.stdout.find('chef') == -1
+
+- name: install git
+  yum: name=git

install/roles/chef/tasks/chef-server.yml

@@ -0,0 +1,14 @@
+- name: chef-server cleanse
+  shell: chef-server-ctl cleanse
+
+- name: create chef-server directory
+  file: path=/etc/chef-server state=directory
+
+- name: copy chef-server.rb
+  copy: src=chef-server.rb dest=/etc/chef-server/chef-server.rb mode=644 backup=yes
+
+- name: reconfigure chef-server
+  shell: chef-server-ctl reconfigure
+
+- name: test chef-server
+  shell: chef-server-ctl test

install/roles/chef/tasks/compass.yml

@@ -0,0 +1,60 @@
+---
+
+- name: create backup dir
+  file: path=/root/backup state=directory
+
+- name: create cookbook directory
+  file: path=/var/chef/cookbooks state=directory
+
+- name: backup cookbooks
+  shell: cp -rf /var/chef/cookbooks /root/backup/cookbooks
+
+- name: remove cookbooks
+  shell: rm -rf /var/chef/cookbooks/*
+
+- name: clone compass-adapters
+  git: repo={{ compass_adapters }} dest=/root/compass-adapters version=dev/experimental accept_hostkey=yes recursive=no
+ 
+- name: copy cookbooks to its directory
+  shell: cp -rf /root/compass-adapters/chef/cookbooks/* /var/chef/cookbooks/
+
+- name: upload cookbooks using knife
+  shell: knife cookbook upload -o /var/chef/cookbooks --all
+
+- name: create roles directory
+  file: path=/var/chef/roles state=directory
+
+- name: backup roles
+  shell: cp -rf /var/chef/roles /root/backup/roles
+
+- name: remove roles
+  shell: rm -rf /var/chef/roles/*
+
+- name: copy roles to its directory
+  shell: cp -rf /root/compass-adapters/chef/roles/* /var/chef/roles/
+
+- name: upload roles from file
+  shell: knife role from file /var/chef/roles/*.json
+
+- name: copy compass admin knife client config to chef server
+  copy: src=compass.json dest=/var/chef/compass.json mode=0644
+
+- name: check if compass client exists
+  command: knife client list
+  register: result
+
+- name: remove compass client if it exists
+  shell: knife client delete compass -y
+  when: result.stdout.find('compass') != -1
+
+- name: create chef admin client for remote control
+  shell: knife client create -a compass -f /tmp/compass.pem -y -d
+
+- name: fetch compass.pem
+  fetch: src=/tmp/compass.pem dest={{ shared_dir }}/keys/compass.pem flat=yes
+
+- name: fetch chef admin.pem
+  fetch: src=/etc/chef-server/admin.pem dest={{ shared_dir }}/keys/admin.pem flat=yes
+
+- name: fetch chef validator.pem
+  fetch: src=/etc/chef-server/chef-validator.pem dest={{ shared_dir }}/keys/chef-validator.pem flat=yes

install/roles/chef/tasks/docker.yml

@@ -0,0 +1,4 @@
+---
+
+- name: hello world
+  shell: echo hello world

install/roles/chef/tasks/knife.yml

@@ -0,0 +1,17 @@
+--- 
+- name: make knife directory
+  file: path=~/.chef state=directory
+
+- name: copy knife setup script
+  copy: src=knife.sh dest=/tmp/knife.sh mode=0755
+
+- name: check if knife is already configured
+  command: ls ~/.chef
+  register: result
+
+- name: run knife setup script
+  shell: /tmp/knife.sh >> knife.txt chdir=/tmp/
+  when: result.stdout.find('root') == -1
+
+- name: replace knife config file
+  copy: src=knife.rb dest=/root/.chef/knife.rb mode=0644

install/roles/chef/tasks/main.yml

@@ -0,0 +1,22 @@
+---
+
+- include: RedHat.yml
+  when: ansible_os_family == 'RedHat' and not dockerized
+
+- include: Debian.yml
+  when: ansible_os_family == 'Debian' and not dockerized
+
+- include: docker-redhat.yml
+  when: ansible_os_family == 'Redhat' and dockerized
+
+- include: docker-debian.yml
+  when: ansible_os_family == 'Debian' and dockerized
+
+- include: chef-server.yml
+  when: not dockerized
+
+- include: knife.yml
+  when: not dockerized
+
+- include: compass.yml
+  when: not dockerized

install/roles/chef/vars/main.yml

@@ -0,0 +1,16 @@
+---
+
+# chef server specific environment variables
+
+chef_server_el6_rpm: "https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-server-11.0.8-1.el6.x86_64.rpm"
+# open source chef server does not support centos7/el7 yet
+chef_server_el7_rpm: ""
+chef_server_precise: "https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef-server_11.0.8-1.ubuntu.12.04_amd64.deb"
+chef_server_trusty: ""
+
+# chef client rpm
+chef_client_el6_rpm: "https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.8.0-1.el6.x86_64.rpm" 
+
+dockerized: False
+
+

install/roles/cobbler/files/Dockerfile

@@ -0,0 +1,19 @@
+FROM compassindocker/cobbler
+
+ADD files/dhcp.template /etc/cobbler/dhcp.template
+ADD files/start.sh /root/start.sh
+ADD files/admin.pem /etc/cobbler/admin.pem
+ADD files/chef-validator.pem /etc/cobbler/chef-validator.pem 
+ADD files/fix_ks_server.py /var/lib/cobbler/sync/post/fix_ks_server.py
+
+RUN chmod +x /root/start.sh
+CMD ["/root/start.sh"]
+
+EXPOSE 80
+EXPOSE 67 67/udp
+EXPOSE 69 69/udp
+EXPOSE 53 53/udp
+EXPOSE 25151
+EXPOSE 443
+EXPOSE 873
+ 

install/roles/cobbler/tasks/dhcp-relay-debian.yml

@@ -0,0 +1,14 @@
+---
+
+- name: get isc-dhcp-relay agent
+  apt: pkg=isc-dhcp-relay state=installed
+
+- name: make dhcp-relay agent listen to cobbler
+  lineinfile: dest=/etc/default/isc-dhcp-relay
+              regexp='^SERVERS'
+              line='SERVERS="{{ cobbler_docker_ip }}"'
+
+- name: make dhcp-relay agetn listen on compass0
+  lineinfile: dest=/etc/default/isc-dhcp-relay
+              regexp='^INTERFACES'
+              line='INTERFACES="compass0"'

install/roles/cobbler/tasks/dhcp-relay-redhat.yml

@@ -0,0 +1,6 @@
+- name: install dhcp on cobbler host for relay
+  yum: pkg=dhcp state=installed
+  when: ansible_os_family == "RedHat"
+
+- name: configure dhcprelay
+  shell: dhcrelay {{ cobbler_docker_ip }}

install/roles/cobbler/tasks/docker.yml

@@ -0,0 +1,121 @@
+---
+
+- name: install mkisofs
+  yum: pkg=mkisofs state=installed
+  when: ansible_os_family == "Redhat"
+
+- name: install mkisofs in debian
+  apt: pkg=mkisofs state=installed
+  when: ansible_os_family == "Debian"
+
+- name: clean up docker directory
+  file: path=~/docker-cobbler/{{ item }} state=absent
+  with_items:
+    - Dockerfile
+    - files
+
+- name: clean up log directory
+  file: path=/var/log/cobbler state=absent
+
+- name: create directory for docker and files
+  file: path=~/docker-cobbler/files state=directory
+
+- name: create directories for images
+  file: path=~/docker-cobbler/images/{{ item }} state=directory
+  with_items:
+    - "{{ centos }}"
+    - "{{ ubuntu }}"
+
+- name: download images
+  get_url: url={{ item.name }} dest=/tmp/{{ item.filename }} mode=0644
+  with_items:
+    - { name: "{{ centos_url }}", filename: "{{ centos }}.iso" }
+    - { name: "{{ ubuntu_url }}", filename: "{{ ubuntu }}.iso" }
+
+- name: mount info
+  command: mount
+  register: mount_info
+
+- name: mount images
+  shell: mount -o loop /tmp/{{ item }}.iso ~/docker-cobbler/images/{{ item }}
+#  mount: name=~/docker-cobbler/images/{{ item }} src=/tmp/{{ item }}.iso opts=loop fstype=iso9660 state=mounted
+  with_items:
+    - "{{ centos }}"
+    - "{{ ubuntu }}"
+  when: mount_info.stdout.find('CentOS') == -1
+
+- name: copy Dockerfile to ~/docker-cobbler
+  copy: src=Dockerfile dest=~/docker-cobbler/Dockerfile mode=0644
+
+- name: copy dhcp.template
+  template: src=dhcp.template.j2
+            dest=~/docker-cobbler/files/dhcp.template
+            mode=0644
+
+- name: copy start script
+  template: src=start.sh.j2
+            dest=~/docker-cobbler/files/start.sh
+            mode=0755
+
+- name: copy post sync script
+  template: src=fix_ks_server.py.j2
+            dest=~/docker-cobbler/files/fix_ks_server.py
+            mode=0755
+
+- name: copy admin key
+  copy: src={{ shared_dir }}/keys/admin.pem
+        dest=~/docker-cobbler/files/admin.pem
+        mode=0644
+
+- name: copy chef validator key
+  copy: src={{ shared_dir }}/keys/chef-validator.pem
+        dest=~/docker-cobbler/files/chef-validator.pem
+        mode=0644 
+
+- name: cobbler container?
+  command: docker ps -a
+  register: containers
+
+- name: remove cobbler container if any
+  shell: docker rm -f cobbler-dev
+  when: containers.stdout.find('cobbler-dev') != -1
+
+- name: check if 'cobbler' image already exists
+  command: docker images cobbler
+  register: image
+
+- name: remove image 'cobbler' if it exists and --rebuild is specified
+  shell: docker rmi -f cobbler
+  when: image.stdout.find('cobbler') != -1 and rebuild
+
+- name: restart docker daemon if debian
+  service: name=docker state=restarted
+  when: ansible_os_family == "Debian"
+
+- name: build a docker image for cobbler
+  shell: docker build -t cobbler ~/docker-cobbler
+  when: image.stdout.find('cobbler') == -1 or rebuild
+
+- name: fork image and run a new cobbler container
+  shell: docker run --name=cobbler-dev -d {{ cobbler_port_mapping }} {{ image_volume_mapping }} {{ log_volume_mapping }} -i -t cobbler
+
+- name: extract cobbler ip info
+  shell: echo `docker inspect cobbler-dev | awk -F '"' '/IPAdd/ {print $4}'` > /tmp/ip
+
+- name: quote the ip first
+  shell: echo `sed 's/\(.*\)/"\1"/g' /tmp/ip` > /tmp/dynamic.yml
+
+- name: add cobbler_docker_ip before cobbler ip
+  shell: "echo `sed '/^/ s/^/cobbler_docker_ip: /' /tmp/dynamic.yml` > /tmp/dynamic.yml"
+
+- name: write cobbler_ip to local var
+  fetch: src=/tmp/dynamic.yml dest={{ shared_dir }}/dynamic.yml mode=0644 flat=yes
+
+- name: include cobbler dynamic vars
+  include_vars: "{{ shared_dir }}/dynamic.yml"
+
+- include: dhcp-relay-redhat.yml
+  when: ansible_os_family == "Redhat"
+
+- include: dhcp-relay-debian.yml
+  when: ansible_os_family == "Debian"

install/roles/cobbler/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+
+- include: RedHat.yml
+  when: ansible_os_family == 'RedHat' and not dockerized
+
+- include: Debian.yml
+  when: ansible_os_family == 'Debian' and not dockerized
+
+- include: docker.yml
+  when: dockerized

install/roles/cobbler/templates/dhcp.template.j2

@@ -0,0 +1,121 @@
+# ******************************************************************
+# Cobbler managed dhcpd.conf file
+#
+# generated from cobbler dhcp.conf template ($date)
+# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
+# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
+# overwritten.
+#
+# ******************************************************************
+
+ddns-update-style interim;
+
+allow booting;
+allow bootp;
+deny unknown-clients;
+local-address 192.168.100.100;
+log-facility local6;
+
+ignore client-updates;
+set vendorclass = option vendor-class-identifier;
+
+option pxe-system-type code 93 = unsigned integer 16;
+option space pxelinux;
+option pxelinux.magic      code 208 = string;
+option pxelinux.configfile code 209 = text;
+option pxelinux.pathprefix code 210 = text;
+option pxelinux.reboottime code 211 = unsigned integer 32;
+
+subnet {{ compass0_subnet_ip }} netmask {{ compass0_subnet_mask }} {
+     option routers {{ compass0_router }};
+     option domain-name-servers {{ compass0_router }};
+     option subnet-mask {{ compass0_subnet_mask }};
+     range dynamic-bootp {{ compass0_dhcp_range }};
+     default-lease-time 21600;
+     max-lease-time 43200;
+     next-server $next_server;
+     class "pxeclients" {
+          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
+          if option pxe-system-type = 00:02 {
+                  filename "ia64/elilo.efi";
+          } else if option pxe-system-type = 00:06 {
+                  filename "grub/grub-x86.efi";
+          } else if option pxe-system-type = 00:07 {
+                  filename "grub/grub-x86_64.efi";
+          } else {
+                  filename "pxelinux.0";
+          }
+     }
+
+}
+
+subnet {{ mgmt_subnet_ip }} netmask {{ mgmt_subnet_mask }} {
+     option routers {{ mgmt_router }};
+     option domain-name-servers {{ mgmt_router }};
+     option subnet-mask {{ mgmt_subnet_mask }};
+     range dynamic-bootp {{ mgmt_dhcp_range }};
+     default-lease-time 21600;
+     max-lease-time 43200;
+     next-server $next_server;
+     class "pxeclients" {
+          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
+          if option pxe-system-type = 00:02 {
+                  filename "ia64/elilo.efi";
+          } else if option pxe-system-type = 00:06 {
+                  filename "grub/grub-x86.efi";
+          } else if option pxe-system-type = 00:07 {
+                  filename "grub/grub-x86_64.efi";
+          } else {
+                  filename "pxelinux.0";
+          }
+     }
+
+}
+
+#for dhcp_tag in $dhcp_tags.keys():
+    ## group could be subnet if your dhcp tags line up with your subnets
+    ## or really any valid dhcpd.conf construct ... if you only use the
+    ## default dhcp tag in cobbler, the group block can be deleted for a
+    ## flat configuration
+# group for Cobbler DHCP tag: $dhcp_tag
+group {
+        #for mac in $dhcp_tags[$dhcp_tag].keys():
+            #set iface = $dhcp_tags[$dhcp_tag][$mac]
+    host $iface.name {
+        hardware ethernet $mac;
+        site-option-space "pxelinux";
+        option pxelinux.magic f1:00:74:7e;
+        if exists dhcp-parameter-request-list {
+            # Always send the PXELINUX options (specified in hexadecimal)
+            option dhcp-parameter-request-list = concat(option dhcp-parameter-request-list,d0,d1,d2,d3);
+        }
+        option pxelinux.reboottime 30;
+        #if $iface.hostname:
+        option host-name "$iface.hostname";
+        #end if
+        #if $iface.netmask:
+        option subnet-mask $iface.netmask;
+        #end if
+        #if $iface.gateway:
+        option routers $iface.gateway;
+        #end if
+        #if $iface.enable_gpxe:
+        if exists user-class and option user-class = "gPXE" {
+            filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
+        } else if exists user-class and option user-class = "iPXE" {
+            filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
+        } else {
+            filename "undionly.kpxe";
+        }
+        #else
+        filename "$iface.filename";
+        #end if
+        ## Cobbler defaults to $next_server, but some users
+        ## may like to use $iface.system.server for proxied setups
+        next-server $next_server;
+        ## next-server $iface.next_server;
+    }
+        #end for
+}
+#end for
+

install/roles/cobbler/templates/fix_ks_server.py.j2

@@ -0,0 +1,18 @@
+#!/usr/bin/python
+import logging
+
+from cobbler import api
+from subprocess import call
+
+SERVER='{{ cobbler_server }}:{{ cobbler_mapped_http_port_on_host }}'
+
+def main():
+    """main entry"""
+    cobbler_api = api.BootAPI()
+    for system in cobbler_api.systems():
+        sys_name = system.name
+        call(["cobbler", "system", "edit", "--name=%s" % sys_name, "--server=%s" % SERVER])
+    return
+
+if __name__ == '__main__':
+    main()

install/roles/cobbler/templates/start.sh.j2

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+export ipaddr=$(ip addr show eth0 | grep 'inet ' | awk '{ print $2}'|cut -d/ -f1)
+sed -i "/^local-address/c\local-address $ipaddr;" /etc/cobbler/dhcp.template
+sed -i "/^server/c\server: $ipaddr" /etc/cobbler/settings 
+sed -i "/^next_server/c\next_server: {{ cobbler_server }}" /etc/cobbler/settings
+
+service httpd restart
+service cobblerd restart
+
+# import distros
+cobbler import --path=/var/lib/cobbler/mount_point/CentOS-6.5-x86_64 --name=CentOS-6.5-x86_64 --arch=x86_64 --kickstart=/var/lib/cobbler/kickstarts/default.ks --breed=redhat
+cobbler import --path=/var/lib/cobbler/mount_point/Ubuntu-12.04-x86_64 --name=Ubuntu-12.04-x86_64 --arch=x86_64 --kickstart=/var/lib/cobbler/kickstarts/default.seed --breed=ubuntu 
+
+# add profiles
+cobbler profile edit --name=CentOS-6.5-x86_64 --repo=centos_ppa_repo --distro=CentOS-6.5-x86_64 --ksmeta="tree=http://{{ cobbler_server }}:{{ cobbler_mapped_http_port_on_host }}/cobbler/ks_mirror/CentOS-6.5-x86_64 http_port={{ cobbler_mapped_http_port_on_host }} cblr_server={{ cobbler_server }} rsyslog_port={{ rsyslog_port_mapped_on_host }} chef_validation_file=/etc/cobbler/chef-validator.pem chef_admin_file=/etc/cobbler/admin.pem" --kickstart=/var/lib/cobbler/kickstarts/default.ks
+cobbler profile edit --name=Ubuntu-12.04-x86_64 --repo=ubuntu_ppa_repo --distro=Ubuntu-12.04-x86_64 --ksmeta="tree=http://{{ cobbler_server }}:{{ cobbler_mapped_http_port_on_host }}/cobbler/ks_mirror/Ubuntu-12.04-x86_64 http_port={{ cobbler_mapped_http_port_on_host }} cblr_server={{ cobbler_server }} rsyslog_port={{ rsyslog_port_mapped_on_host }} chef_validation_file=/etc/cobbler/chef-validator.pem chef_admin_file=/etc/cobbler/admin.pem" --kickstart=/var/lib/cobbler/kickstarts/default.seed --kopts="netcfg/choose_interface=auto"
+
+
+cobbler sync
+cobbler check
+service xinetd restart
+
+tail -f /var/log/cobbler/cobbler.log

install/roles/cobbler/vars/main.yml

@@ -0,0 +1 @@
+dockerized: True

install/roles/common/files/docker.list

@@ -0,0 +1 @@
+deb https://get.docker.com/ubuntu docker main

install/roles/common/tasks/docker-common.yml

@@ -0,0 +1,48 @@
+- name: get all bridges
+  command: brctl show
+  register: bridges
+
+- name: bring down docker0 if found
+  shell: ip link set dev docker0 down
+  when: bridges.stdout.find('docker0') != -1
+
+- name: remove docker0 if found
+  shell: brctl delbr docker0
+  when: bridges.stdout.find('docker0') != -1
+
+- name: bring down compass0 if found
+  shell: ip link set dev compass0 down
+  when: bridges.stdout.find('compass0') != -1
+
+- name: remove compass0 if found
+  shell: brctl delbr compass0
+  when: bridges.stdout.find('compass0') != -1
+  
+- name: add bridge compass0
+  shell: brctl addbr compass0
+
+- name: get compass0 info
+  command: ip addr 
+  register: compass0_info 
+
+- name: add ip addr to  compass0
+  shell: ip addr add {{ compass0_subnet }} dev compass0
+  when: compass0_info.stdout.find("{{ compass0_subnet }}") == -1
+
+- name: bring up compass0
+  shell: ip link set dev compass0 up
+
+- name: register compass0 to docker daemon
+  lineinfile: dest=/etc/sysconfig/docker regexp=^other_args line=other_args=-b=compass0
+  when: ansible_os_family == 'RedHat'
+
+- name: register compass0 when it's debian
+  lineinfile: dest=/etc/default/docker line=DOCKER_OPTS=-b=compass0
+  when: ansible_os_family == 'Debian'
+
+- name: start docker daemon
+  service: name=docker state=started
+
+- name: remove all containers
+  shell: docker rm -f $(docker ps -aq)
+  ignore_errors: yes

install/roles/common/tasks/docker-debian-precise.yml

@@ -0,0 +1,28 @@
+- name: apt-get update
+  apt: update_cache=yes
+
+- name: find out if https exists in apt methods
+  stat: path=/usr/lib/apt/methods/https
+  register: existence
+
+- name: install apt-transport-https if https not in methods
+  apt: name=apt-transport-https
+       state=present
+  when: not existence.stat.exists
+
+- name: add docker repository key
+  shell: apt-key adv --keyserver {{ docker_apt_key_server }} --recv-keys {{ docker_apt_key }}
+
+- name: add a docker.list file to apt source list
+  copy: src=docker.list dest=/etc/apt/sources.list.d/docker.list
+        mode=0644
+
+- name: update again
+  apt: update_cache=yes
+
+- name: get docker and brctl
+  apt: name={{ item }}
+       state=installed
+  with_items:
+    - lxc-docker
+    - bridge-utils

install/roles/common/tasks/docker-debian.yml

@@ -0,0 +1,5 @@
+- include: docker-debian-precise.yml
+  when: ansible_distribution_major_version == '12'
+
+- include: docker-debian-trusty.yml
+  when: ansible_distribution_major_version == '14'

install/roles/common/tasks/docker-redhat.yml

@@ -0,0 +1,31 @@
+---
+
+- name: get epel 6
+  yum: name={{ epel_6 }} state=present
+  when: ansible_distribution_major_version == '6'
+
+# I've tried to do a "variable in variable" to dynamically load
+# major version, so that getting the correct epel url is way easier.
+# but ansible is not friendly with it, will need to dive more into
+# it to see if there is a way.
+- name: get epel 7
+  yum: name={{ epel_7 }} state=present
+  when: ansible_distribution_major_version == '7'
+
+- name: get docker
+  yum: pkg=docker-io state=installed
+  when: ansible_distribution_major_version == '6'
+
+- name: get docker if el7
+  yum: pkg=docker state=installed
+  when: ansible_distribution_major_version == '7'
+
+# install bridge util/python-pip package
+- name: install brctl
+  yum: pkg={{ item }} state=installed
+  with_items:
+    - bridge-utils
+    - python-pip
+
+- name: pip install dockerpy
+  pip: name=docker-py

install/roles/common/tasks/main.yml

@@ -0,0 +1,16 @@
+---
+
+- include: RedHat.yml
+  when: ansible_os_family == 'RedHat' and not dockerized
+
+- include: Debian.yml
+  when: ansible_os_family == 'Debian' and not dockerized
+
+- include: docker-redhat.yml
+  when: ansible_os_family == 'RedHat' and dockerized
+
+- include: docker-debian.yml
+  when: ansible_os_family == 'Debian' and dockerized
+
+- include: docker-common.yml
+  when: dockerized

install/roles/compass/files/Dockerfile

@@ -0,0 +1,12 @@
+FROM compassindocker/compass
+
+ADD files/start.sh /root/start.sh
+ADD files/compass.setting /etc/compass/setting
+ADD files/cobbler.conf /etc/compass/os_installer/cobbler.conf
+ADD files/chef-icehouse.conf /etc/compass/package_installer/chef-icehouse.conf
+ADD files/compass.pem /etc/compass.pem
+
+CMD ["/root/start.sh"]
+EXPOSE 80
+EXPOSE 123
+EXPOSE 3128

install/roles/compass/files/start.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+
+# activate virtualenv
+source `which virtualenvwrapper.sh`
+workon compass-core
+
+# start mysqld service, push it to bg
+/usr/bin/mysqld_safe > /dev/null 2>&1 &
+
+RET=1
+while [[ RET -ne 0 ]]; do
+    echo "waiting for mariadb to startup"
+    sleep 5
+    mysql -uroot -e "status" > /dev/null 2>&1
+    RET=$?
+done
+
+echo "mariadb started"
+
+# set mysql with default username and password
+mysqladmin -h127.0.0.1 --port=3306 -u root password root
+
+# create db 'compass'
+mysql -h127.0.0.1 --port=3306 -uroot -proot -e "create database compass"
+
+# start compass services
+/opt/compass/bin/manage_db.py createdb
+/usr/sbin/apachectl -k start
+/usr/sbin/rabbitmq-server &
+/usr/bin/redis-server &
+/usr/sbin/ntpd &
+ln -s /root/.virtualenvs/compass-core/bin/celery /opt/compass/bin/celery
+CELERY_CONFIG_MODULE=compass.utils.celeryconfig_wrapper C_FORCE_ROOT=1 /opt/compass/bin/celery worker &> /tmp/celery-worker.log &
+/opt/compass/bin/progress_update.py &> /tmp/progress_update.log &
+touch /var/log/compass/celery.log
+tail -f /var/log/compass/celery.log

install/roles/compass/tasks/docker.yml

@@ -0,0 +1,70 @@
+---
+
+# - name: load dynamic variable
+#  include_vars: "{{ shared_dir }}/dynamic.yml"
+
+- name: clean up docker directory
+  file: path=~/docker-compass state=absent
+
+- name: clean up log directory
+  file: path=/var/log/compass state=absent
+ 
+- name: create directory for docker and files
+  file: path=~/docker-compass/files state=directory
+
+- name: copy Dockerfile
+  copy: src=Dockerfile dest=~/docker-compass/Dockerfile mode=0644
+
+- name: copy start script
+  copy: src=start.sh
+        dest=~/docker-compass/files/start.sh
+        mode=0755
+
+- name: copy compass.pem
+  copy: src={{ shared_dir }}/keys/compass.pem
+        dest=~/docker-compass/files/compass.pem
+        mode=0644  
+
+- name: copy chef config
+  template: src=chef-icehouse.conf.j2 dest=~/docker-compass/files/chef-icehouse.conf
+            mode=0644
+
+- name: copy cobber conf
+  template: src=cobbler.conf.j2 dest=~/docker-compass/files/cobbler.conf
+            mode=0644
+
+- name: copy compass setting
+  template: src=compass.setting.j2 dest=~/docker-compass/files/compass.setting
+            mode=0644
+
+- name: copy Dockerfile
+  copy: src=Dockerfile dest=~/docker-compass/Dockerfile mode=0644
+ 
+- name: get containers
+  command: docker ps -a
+  register: containers
+
+- name: remove compass container if any
+  shell: docker rm compass-dev
+  when: containers.stdout.find('compass-dev') != -1
+
+- name: check if compass image already exists
+  command: docker images compass
+  register: image
+
+- name: remove image 'compass' if it exists and --rebuild is specified
+  shell: docker rmi -f compass
+  when: image.stdout.find('compass') != -1 and rebuild
+
+- name: build a docker image for compass
+  shell: docker build -t compass ~/docker-compass
+  when: image.stdout.find('compass') == -1 or rebuild
+
+- name: fork image and run a new compass container
+  shell: docker run --name=compass-dev -d {{ compass_port_mapping }} -i -t compass
+
+- name: remove dynamic generated vars
+  local_action: file path={{ shared_dir }}/{{ item }} state=absent
+  with_items:
+    - dynamic.yml
+    - keys

install/roles/compass/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+
+- include: RedHat.yml
+  when: ansible_os_family == 'RedHat' and not dockerized
+
+- include: Debian.yml
+  when: ansible_os_family == 'Debian' and not dockerized
+
+- include: docker.yml
+  when: dockerized

install/roles/compass/templates/chef-icehouse.conf.j2

@@ -0,0 +1,10 @@
+NAME = 'chef_installer'
+INSTANCE_NAME = 'chef_installer'
+SETTINGS = {
+    'chef_url': 'https://{{ chef_server }}',
+    'chef_server_ip': '{{ chef_server }}',
+    'chef_server_dns': 'compass',
+    'key_dir': '/etc/compass.pem',
+    'client_name': 'compass',
+    'databags': []
+}

install/roles/compass/templates/cobbler.conf.j2

@@ -0,0 +1,9 @@
+NAME = 'cobbler'
+INSTANCE_NAME = 'cobbler'
+SETTINGS = {
+    'cobbler_url': 'http://{{ cobbler_server }}:{{ cobbler_mapped_http_port_on_host }}/cobbler_api',
+    'credentials': {
+        'username': 'cobbler',
+        'password': 'cobbler'
+    }
+}

install/roles/compass/templates/compass.setting.j2

@@ -0,0 +1,33 @@
+CONFIG_DIR = '/etc/compass'
+DATABASE_TYPE = 'mysql'
+DATABASE_USER = 'root'
+DATABASE_PASSWORD = 'root'
+DATABASE_SERVER = '127.0.0.1:3306'
+DATABASE_NAME = 'compass'
+SQLALCHEMY_DATABASE_URI = '%s://%s:%s@%s/%s' % (DATABASE_TYPE, DATABASE_USER, DATABASE_PASSWORD, DATABASE_SERVER, DATABASE_NAME)
+SQLALCHEMY_DATABASE_POOL_TYPE = 'instant'
+INSTALLATION_LOGDIR = {
+    'CobblerInstaller': '/var/log/cobbler/anamon',
+    'ChefInstaller': '/var/log/chef'
+}
+DEFAULT_LOGLEVEL = 'info'
+DEFAULT_LOGDIR = '/var/log/compass'
+DEFAULT_LOGINTERVAL = 6
+DEFAULT_LOGINTERVAL_UNIT = 'h'
+DEFAULT_LOGFORMAT = '%(asctime)s - %(filename)s - %(lineno)d - %(levelname)s - %(message)s'
+WEB_LOGFILE = 'compass.log'
+CELERY_LOGFILE = 'celery.log'
+CELERYCONFIG_DIR = '/etc/compass'
+CELERYCONFIG_FILE = 'celeryconfig'
+PROGRESS_UPDATE_INTERVAL=30
+POLLSWITCH_INTERVAL=60
+SWITCHES = [
+]
+TMPL_DIR = '/etc/compass/templates'
+COMPASS_SUPPORTED_PROXY = 'http://{{ ansible_ssh_host }}:3128'
+COMPASS_SUPPORTED_DEFAULT_NOPROXY = ['127.0.0.1','{{ ansible_ssh_host }}','compass']
+COMPASS_SUPPORTED_NTP_SERVER = '{{ ansible_ssh_host }}'
+COMPASS_SUPPORTED_DNS_SERVERS = ['{{ ansible_ssh_host }}']
+COMPASS_SUPPORTED_DOMAINS = ['ods.com']
+COMPASS_SUPPORTED_DEFAULT_GATEWAY = '{{ mgmt_router }}'
+COMPASS_SUPPORTED_LOCAL_REPO = 'http://{{ ansible_ssh_host }}'

install/roles/compass/vars/main.yml

@@ -0,0 +1 @@
+dockerized: True

install/roles/precheck/tasks/chef.yml

@@ -0,0 +1 @@
+---

install/roles/precheck/tasks/docker.yml

@@ -0,0 +1,14 @@
+---
+
+- name: check if docker is running
+  command: ps -ef
+  register: processes
+
+- name: check if there is containers if docker is running
+  command: docker ps -a
+  register: containers
+  when: processes.stdout.find("docker") != -1
+
+- name: write files if container exists
+  local_action: file path="/tmp/{{ container_name }}" mode=0644 state=touch
+  when: processes.stdout.find("docker") != -1 and containers.stdout.find("{{ container_name }}") != -1

install/roles/precheck/tasks/main.yml

@@ -0,0 +1,7 @@
+---
+
+- include: no-docker.yml
+  when: not dockerized
+
+- include: docker.yml
+  when: dockerized

install/roles/precheck/tasks/no-docker.yml

@@ -0,0 +1,10 @@
+---
+
+- include: chef.yml
+  when: type == "chef"
+
+- include: cobbler.yml
+  when: type == "cobbler"
+
+- include: compass.yml
+  when: type == "compass"

install/site.yml

@@ -0,0 +1,18 @@
+---
+
+- hosts: chefnodes
+  sudo: True
+  roles:
+    - chef
+
+- hosts: cobblernodes
+  sudo: True
+  roles:
+    - common
+    - cobbler
+
+- hosts: compassnodes
+  sudo: True
+  roles:
+    - common
+    - compass