Roles

Roles

Variables

Name Description
output=(long,short) output format stdout (long,short)
localaction=(create,show,update,list,delete) action on the role
uri_follow_redirects follow API redirects (“all”,”save,” “none”)
uri_validate_certs validate API ssl certs (“no”, “yes”)
uri_retries retries on API requests (default: 5)
uri_delay deleay on retries (default: 1)

Functions

List of all roles

otc_auth

otc_auth
========

OTC role for authentification.

Supports:

* os-client-config
* env variables
* virtual MFA-based login

Variables:
^^^^^^^^^^

+--------------+-----------------------------------------------+
| Name         | Description                                   |
+==============+===============================================+
| USERNAME     | cloud username                                |
|              | env variable or content of os-client config   |
+--------------+-----------------------------------------------+
| PASSWORD     | cloud password                                |
|              | env variable or content of os-client config   |
+--------------+-----------------------------------------------+
| PROJECTNAME  | cloud project name, e.g. eu-de                |
|              | env variable or content of os-client config   |
+--------------+-----------------------------------------------+
| DOMAIN       | cloud user domain, e.g. OTC-eu-de-0012345     |
|              | env variable or content of os-client config   |
+--------------+-----------------------------------------------+
| userid       | userid of account for virtual MFA-based login |
+--------------+-----------------------------------------------+
| totp         | passcode from Google Authenticator            |
+--------------+-----------------------------------------------+

Functions:
^^^^^^^^^^

Create::

    role otc_auth

Read::

    n/a

Update::

    n/a

Delete::

    n/a

otc_cts

otc_cts
=======

OTC role for Cloud Trace Service (CTS)

Variables:
^^^^^^^^^^

+---------------------------+---------------------------------------------------------------+
| Name                      | Description                                                   |
+===========================+===============================================================+
| cts_tracker_name          | name of the tracker (default: system                          |
+---------------------------+---------------------------------------------------------------+
| cts_trace_name            | name of trace (i.e.: login)                                   |
+---------------------------+---------------------------------------------------------------+
| cts_trace_param           | param for output filter (i.e.: time,user.name,source_ip       |
+---------------------------+---------------------------------------------------------------+
| cts_limit                 | limit of output (min=10,max=200)                              |
+---------------------------+---------------------------------------------------------------+
| cts_from                  | trace time from (i.e. 2018-06-15 00:00:00                     |
+---------------------------+---------------------------------------------------------------+
| cts_to                    | trace time to (i.e. 2018-06-27 00:00:00                       |
+---------------------------+---------------------------------------------------------------+

Functions:
^^^^^^^^^^

Trace::

    ./grole otc_cts; ansible-playbook roles.yml -e "cts_from=2018-06-25 00:00:00" -e "cts_to=2018-06-27 00:00:00" -e "localaction=trace" 

otc_dns

otc_dns
=======

OTC role for DNS. This role creates zones, zone records and reverse
entries (PTR records).
With as transfer option it's possible to fetch zone information from
existing DNS and write an OTC DNS config file in ini, yml, or json
format. This action required xfer rights on the source DNS server.

Variables:
^^^^^^^^^^

+-------------------------+---------------------------------------------+
| Name                    | Description                                 |
+=========================+=============================================+
| zone_name               | name of DNS zone                            |
+-------------------------+---------------------------------------------+
| zone_id                 | id of DNS zone                              |
+-------------------------+---------------------------------------------+
| zone_description        | Description of DNS zone                     |
+-------------------------+---------------------------------------------+
| zone_type               | DNS zone type (public/private)              |
+-------------------------+---------------------------------------------+
| zone_email              | Email address of SOA                        |
+-------------------------+---------------------------------------------+
| zone_ttl                | DNS zone TTL in sec                         |
+-------------------------+---------------------------------------------+
| zone_records            | List of zone records                        |
+-------------------------+---------------------------------------------+
| ptr_name                | FQDN for PTR record                         |
+-------------------------+---------------------------------------------+
| config                  | Format for Zonetransfer (ini,yml,json)      |
+-------------------------+---------------------------------------------+
| waitfor                 | Wait for zone creation finished (true/false) 
+-------------------------+---------------------------------------------+


Functions:
^^^^^^^^^^

create (public)::

    ansible-playbook dns_yml.yml -e "zone_name=ansible.otc.telekomcloud99.com" -e "localaction=create"

    ansible-playbook dns_ini.yml -e "zone_name=ansible.otc.telekomcloud99.com" -e "localaction=create"

    ansible-playbook dns_json.yml -e "zone_name=ansible.otc.telekomcloud99.com" -e "localaction=create"

create (internal)::

    ansible-playbook dns_yml.yml -e "zone_name=ansible.internal.corp" -e "vpc_name=ansible-vpc01" -e "localaction=create"

    ansible-playbook dns_ini.yml -e "zone_name=ansible.internal.corp" -e "vpc_name=ansible-vpc01" -e "localaction=create"

    ansible-playbook dns_json.yml -e "zone_name=ansible.internal.corp" -e "vpc_name=ansible-vpc01" -e "localaction=create"


ptrcreate::

    ansible-playbook tenant_yml.yml -e "zone_name=ansible.otc.telekomcloud99.com" -e "ecs_name=ansible-test01" -e "localaction=ptrcreate"

ptrdelete::

    ansible-playbook tenant_yml.yml -e "zone_name=ansible.otc.telekomcloud99.com" -e "ecs_name=ansible-test01" -e "localaction=ptrdelete"


show::

    ./grole otc_dns; ansible-playbook roles.yml -e "zone_name=ansible.otc.telekomcloud99.com" -e "localaction=show"

    ./grole otc_vpc otc_dns; ansible-playbook roles.yml -e "zone_name=ansible.otc.telekomcloud99.com" -e "vpc_name=ansible-vpc01" -e "localaction=show"


list::

    ./grole otc_dns; ansible-playbook roles.yml -e "zone_name=ansible.otc.telekomcloud99.com" -e "localaction=list"

    ./grole otc_vpc otc_dns; ansible-playbook roles.yml -e "zone_name=ansible.internal.corp" -e "vpc_name=ansible-vpc01" -e "localaction=list"


delete::

    ./grole otc_dns; ansible-playbook roles.yml ansible-playbook tenant_yml.yml -e "zone_name=ansible.otc.telekomcloud99.com" -e "localaction=delete"

    ./grole otc_vpc otc_dns; ansible-playbook roles.yml  -e "zone_name=ansible.internal.corp" -e "vpc_name=ansible-vpc01" -e "localaction=delete"

transfer::

    ansible-playbook dns_ini.yml -e "config=ini" -e "localaction=transfer" -e "dns_server=192.168.0.1" -e "zone_name=example.com" -e "zone_type=public" -e "zone_email=nobody@localhost" -e "zone_ttl=86400"

    ansible-playbook dns_yml.yml -e "config=yml" -e "localaction=transfer" -e "dns_server=192.168.0.1" -e "zone_name=example.com" -e "zone_type=public" -e "zone_email=nobody@localhost" -e "zone_ttl=86400"

    ansible-playbook dns_json.yml -e "config=json" -e "localaction=transfer" -e "dns_server=192.168.0.1" -e "zone_name=example.com" -e "zone_type=public" -e "zone_email=nobody@localhost" -e "zone_ttl=86400"

otc_ecs

otc_ecs
=======

OTC role for ECS.

Variables:
^^^^^^^^^^

+---------------------------+---------------------------------------------------------------+
| Name                      | Description                                                   |
+===========================+===============================================================+
| localaction=flavors       | show flavors                                                  |
+---------------------------+---------------------------------------------------------------+
| ecs_name                  | name of ECS                                                   |
+---------------------------+---------------------------------------------------------------+
| ecs_id                    | id of ECS                                                     |
+---------------------------+---------------------------------------------------------------+
| ecs_volumetype            | Volume type of ECS (SATA,SSD,SAS)                             |
+---------------------------+---------------------------------------------------------------+
| ecs_volumesize            | Size of ECS volume in GB (or image default)                   |
+---------------------------+---------------------------------------------------------------+
| ecs_ram                   | RAM size of ECS (int)                                         |
+---------------------------+---------------------------------------------------------------+
| ecs_vcpus                 | CPU core of ECS (string)                                      |
+---------------------------+---------------------------------------------------------------+
| ecs_ipaddress             | IP address of ECS                                             |
+---------------------------+---------------------------------------------------------------+
| ecs_fileinject_[1-5]      | Personal data (file injection)                                |
|                           | up to 5 files                                                 |
|                           | example: ansible-playbook -e "ecs_fileinject_1=/etc/hosts \   |
|                           | ecs_fileinject_data_1=$(base64 -w 0 hosts.txt)"               |
+---------------------------+---------------------------------------------------------------+
| ecs_fileinject_data_[1-5] |  Personal data (file injection)                               |
+---------------------------+---------------------------------------------------------------+
| ecs_user_data             | cloud-init user data file                                     |
|                           | example [...] -e "ecs_user_data=$(base64 -w 0 user-data.txt)" |
+---------------------------+---------------------------------------------------------------+
| ecs_adminpass             | Admin password ECS                                            |
+---------------------------+---------------------------------------------------------------+
| ecs_adminkey              | SSH key name of ECS                                           |
+---------------------------+---------------------------------------------------------------+
| waitfor                   | Wait for ECS creation (True or False)                         |
+---------------------------+---------------------------------------------------------------+

Functions:
^^^^^^^^^^

Create::

    ansible-playbook tenant_yml.yml -e "ecs_name=ansible-test01" -e "localaction=create"

    ansible-playbook tenant_ini.yml -e "ecs_name=ansible-test01" -e "localaction=create"

    ansible-playbook tenant_json.yml -e "ecs_name=ansible-test01" -e "localaction=create"

Show::

    ./grole otc_ecs; ansible-playbook roles.yml -e "ecs_name=ansible-test01" -e "localaction=show"

List::

    ./grole otc_ecs; ansible-playbook roles.yml -e "localaction=list"

Delete::

    ./grole otc_ecs; ansible-playbook roles.yml -e "ecs_name=ansible-test01" -e "localaction=delete"

otc_eip

otc_eip
=======

OTC role for floating ip (EIP).

Variables:
^^^^^^^^^^

+-------------------------+-----------------------------------------------------------+
| Name                    | Description                                               |
+=========================+===========================================================+
| public_ip_address       | Public ip address (alreay allocated or new                |
+-------------------------+-----------------------------------------------------------+
| eip_id                  | id of EIP                                                 |
+-------------------------+-----------------------------------------------------------+
| eip_bandwidth_name      | Bandwith name of EIP                                      |
+-------------------------+-----------------------------------------------------------+
| eip_bandwidth_size      | Bandwith size of EIP (5-500 Mbit/s                        |
+-------------------------+-----------------------------------------------------------+


Functions:
^^^^^^^^^^

Create::

    ansible-playbook tenant_yml.yml -e "public_ip_address=0.0.0.0" -e "localaction=create"

Show::

    ./grole otc_eip; ansible-playbook roles.yml -e "public_ip_address=160.44.1.1" -e "localaction=show"

List::

    ./grole otc_eip; ansible-playbook roles.yml -e "localaction=list"

Delete::

    ./grole otc_eip; ansible-playbook roles.yml -e "public_ip_address=160.44.1.1" -e "localaction=delete"

otc_elb

otc_elb
=======

OTC role for Elastic Load Balancer (ELB).

Variables:
^^^^^^^^^^

+------------------------------------+---------------------------------------------------------------+
| Name                               | Description                                                   |
+====================================+===============================================================+
| localaction="list"                 | List ELB                                                      |
+------------------------------------+---------------------------------------------------------------+
| localaction="create"               | Create ELB                                                    |
+------------------------------------+---------------------------------------------------------------+
| localaction="show"                 | Show ELB resources                                            |
+------------------------------------+---------------------------------------------------------------+
| localaction="listenercreate"       | Create ELB Listener                                           |
+------------------------------------+---------------------------------------------------------------+
| localaction="listenershow"         | Show ELB Listener resources                                   |
+------------------------------------+---------------------------------------------------------------+
| localaction="healthcheckcreate"    | Create ELB Healthcheck                                        |
+------------------------------------+---------------------------------------------------------------+
| localaction="certificatecreate"    | Create ELB Certificate                                        |
+------------------------------------+---------------------------------------------------------------+
| localaction="backendcreate"        | Create ELB Backend                                            |
+------------------------------------+---------------------------------------------------------------+
| localaction="backenddelete"        | Delete ELB Backend                                            |
+------------------------------------+---------------------------------------------------------------+
| localaction="delete"               | Delete ELB                                                    |
+------------------------------------+---------------------------------------------------------------+
| localaction="listenerdelete"       | Delete ELB Listener                                           |
+------------------------------------+---------------------------------------------------------------+
| localaction="healthcheckdelete"    | Delete ELB Healthcheck                                        |
+------------------------------------+---------------------------------------------------------------+
| localaction="certificatedelete"    | Delete ELB certificate                                        |
+------------------------------------+---------------------------------------------------------------+
| localaction="backenddelete"        | Delete ELB Backend                                            |
+------------------------------------+---------------------------------------------------------------+
| elb_name                           | name of ELB                                                   |
+------------------------------------+---------------------------------------------------------------+
| elb_id                             | id of ELB                                                     |
+------------------------------------+---------------------------------------------------------------+
| admin_state_up                     | state of the ELB                                              |
+------------------------------------+---------------------------------------------------------------+
| elb_availability_zone              | Availability zone where ELB is located                        |
+------------------------------------+---------------------------------------------------------------+
| elb_bandwidth                      | Bandwidth of the ELB                                          |
+------------------------------------+---------------------------------------------------------------+
| elb_type                           | Typ of ELB (internal or external                              |
+------------------------------------+---------------------------------------------------------------+
| elb_secgroup_name                  | Security Group bound on ELB                                   |
+------------------------------------+---------------------------------------------------------------+
| elb_subnet_name                    | Subnet of ELB                                                 |
+------------------------------------+---------------------------------------------------------------+
| elb_vpc_name                       | VPC of ELB                                                    |
+------------------------------------+---------------------------------------------------------------+
| listener_protocol                  | Listener protocol (HTTP, HTTPS, TCP)                          |
+------------------------------------+---------------------------------------------------------------+
| listener_port                      | Listener Port                                                 |
+------------------------------------+---------------------------------------------------------------+
| listener_backend_protocol          | Listener Backend Protocol (HTTP, HTTPS, TCP)                  |
+------------------------------------+---------------------------------------------------------------+
| listener_backend_port              | Listener Backend Port                                         |
+------------------------------------+---------------------------------------------------------------+
| listener_lb_algorithm              | Listener Algorithm (source,  roundrobin, leastconn)           |
+------------------------------------+---------------------------------------------------------------+
| listener_certificate_name          | Listener SSL Certificate Name                                 |
+------------------------------------+---------------------------------------------------------------+
| listener_tcp_timeout               | Listener TCP timeout                                          |
+------------------------------------+---------------------------------------------------------------+
| listener_cookie_timeout            | Listener Timeout for Cookies                                  |
+------------------------------------+---------------------------------------------------------------+
| listener_sticky_session_type       | Listener Sticky Session Type (insert if Cookie used)          |
+------------------------------------+---------------------------------------------------------------+
| listener_session_sticky            | Listener Session Sticky (true or false)                       |
+------------------------------------+---------------------------------------------------------------+
| healthcheck_connect_port           | Connect Port for the health check                             |
+------------------------------------+---------------------------------------------------------------+
| healthcheck_interval               | Interval for the health check                                 |
+------------------------------------+---------------------------------------------------------------+
| healthcheck_protocol               | Protocol for the health check                                 |
+------------------------------------+---------------------------------------------------------------+
| healthcheck_timeout                | Timeout for the health check                                  |
+------------------------------------+---------------------------------------------------------------+
| healthcheck_uri                    | URI for the health check (HTTP/HTTPS)                         |
+------------------------------------+---------------------------------------------------------------+
| unhealthy_threshold                | Treshold for unhealthy state                                  |
+------------------------------------+---------------------------------------------------------------+
| backend_members                    | Backend member for the ELB Listener                           |
+------------------------------------+---------------------------------------------------------------+
| waitfor                            | Wait for Creating/Deleting Job finished (True or False)       |
+------------------------------------+---------------------------------------------------------------+

Functions:
^^^^^^^^^^

Create::

    ansible-playbook tenant_yml.yml -e "elb_name=ansible-elb01" -e "localaction=create"

    ansible-playbook tenant_yml.yml -e "elb_name=ansible-elb01" -e "listener_name=ansible-listener01" -e "localaction=listenercreate"

    ansible-playbook tenant_yml.yml -e "elb_name=ansible-elb01" -e "listener_name=ansible-listener01" -e "localaction=healthcheckcreate"

    ansible-playbook tenant_yml.yml -e "elb_name=ansible-elb01" -e "listener_name=ansible-listener01" -e "localaction=backendcreate"

    ./grole otc_elb; ansible-playbook roles.yml -e "localaction=certificatecreate" -e "elb_certificate_name=ansible-cert01" -e "elb_certificate_certificate_file=cert.pem" -e "elb_certificate_key_file=key.pem"


note: similar with ini, and json conf

Show::

    ./grole otc_elb; ansible-playbook roles.yml -e "elb_name=ansible-elb01" -e "localaction=show"

    ./grole otc_elb; ansible-playbook roles.yml -e "elb_name=ansible-elb01" -e "localaction=listenershow"

List::

    ./grole otc_elb; ansible-playbook roles.yml -e "localaction=list"

Delete::

    ./grole otc_elb; ansible-playbook roles.yml -e "elb_name=ansible-elb01" -e "localaction=delete"

    ansible-playbook tenant_yml.yml -e "elb_name=ansible-elb01" -e "localaction=delete"

    ansible-playbook tenant_yml.yml -e "elb_name=ansible-elb01" -e "listener_name=ansible-listener01" -e "localaction=listenerdelete"

    ansible-playbook tenant_yml.yml -e "elb_name=ansible-elb01" -e "listener_name=ansible-listener01" -e "localaction=healthcheckdelete"

    ansible-playbook tenant_yml.yml -e "elb_name=ansible-elb01" -e "listener_name=ansible-listener01" -e "localaction=backenddelete" -e "ecs_name=ansible-test02"

    ./grole otc_elb; ansible-playbook roles.yml -e "localaction=certificatedelete" -e "elb_certificate_name=ansible-cert01"

otc_evs

otc_evs
=======

OTC role for Elastic Volume Service (EVS).

Variables:
^^^^^^^^^^

+-------------------------+-----------------------------------------------------------+
| Name                    | Description                                               |
+=========================+===========================================================+
| evs_availability_zone   | Availability Zone for EVS                                 |
+-------------------------+-----------------------------------------------------------+
| evs_id                  | id of EVS                                                 |
+-------------------------+-----------------------------------------------------------+
| evs_name                | name of EVS                                               |
+-------------------------+-----------------------------------------------------------+
| evs_volume_type         | Volume type of EVS (SATA,SSD,SAS)                         |
+-------------------------+-----------------------------------------------------------+
| evs_size                | Volume size in GB                                         |
+-------------------------+-----------------------------------------------------------+
| evs_ims_id              | ims_id from which the volume should created               |
+-------------------------+-----------------------------------------------------------+
| evs_backup_id           | backup_id from which the volume should created            |
+-------------------------+-----------------------------------------------------------+
| evs_scsi                | hw passthrough enabled                                    |
+-------------------------+-----------------------------------------------------------+
| evs_multiattach         | multi attache enabled                                     |
+-------------------------+-----------------------------------------------------------+
| waitfor                 | wait for job is finished (true or false)                  |
+-------------------------+-----------------------------------------------------------+


Functions:
^^^^^^^^^^

Create::

    ansible-playbook tenant_yml.yml -e "evs_name=ansible-evs01" -e "localaction=create"

Show::

    ./grole otc_evs; ansible-playbook roles.yml -e "evs_name=ansible-evs01" -e "localaction=show"

List::

    ./grole otc_evs; ansible-playbook roles.yml -e "localaction=list"

Delete::

    ./grole otc_evs; ansible-playbook roles.yml -e "evs_name=ansible-evs01" -e "localaction=delete"

otc_ims

otc_ims
=======

OTC role for Image.

Variables:
^^^^^^^^^^

+-------------------------+-----------------------------------------------------------+
| Name                    | Description                                               |
+=========================+===========================================================+
| image_name              | name of image                                             |
+-------------------------+-----------------------------------------------------------+
| image_id                | id of image                                               |
+-------------------------+-----------------------------------------------------------+
| image_url               | s3 source url for image upload                            |
|                         | :                                           |
|                         | ansible1:/xenial-server-cloudimg-amd64-disk1.vmdk         |
+-------------------------+-----------------------------------------------------------+
| ecs_id                  | ecs_id as source for image creation (ECS must be stopped) |
+-------------------------+-----------------------------------------------------------+
| image_min_disk          | minimal disk size for image creation (in GB)              |
+-------------------------+-----------------------------------------------------------+
| image_os_version        | os_version of the created image                           |
+-------------------------+-----------------------------------------------------------+
| waitfor                 | wait for image creation (True or False)                   |
+-------------------------+-----------------------------------------------------------+


Functions:
^^^^^^^^^^

Create::

    ansible-playbook tenant_yml.yml -e "image_name=ansible-image01" -e "image_url=ansible1:/xenial-server-cloudimg-amd64-disk1.vmdk" -e "image_min_disk=12" "localaction=create"

    ansible-playbook tenant_yml.yml -e "image_name=ansible-image01" -e "ecs_id=12345678901234567890" -e "image_min_disk=12" "localaction=create"

Show::

    ./grole otc_evs; ansible-playbook roles.yml -e "image_name=Community_Ubuntu_16.04_TSI_latest" -e "localaction=show"

List::

    ./grole otc_evs; ansible-playbook roles.yml -e "localaction=list"

Delete::

    ./grole otc_evs; ansible-playbook roles.yml -e "image_name=ansible-image01" -e "localaction=delete"

otc_job

otc_job
=======

OTC role for Job Control. Print out the status and some
messages about OTC jobs, e.g. building ECS.

Variables:
^^^^^^^^^^

+--------------+---------------------------------------------+
| Name         | Description                                 |
+==============+=============================================+
| job_id       | Job ID to lookup                            |
+--------------+---------------------------------------------+

Functions:
^^^^^^^^^^

Create::

    n/a

Read::

    ansible-playbook -e "job_id=1234567890" job.yml

    ./ajob "1234567890"

Update::

    n/a

Delete::

    n/a

otc_keypair

otc_keypair
===========

OTC role for ssh keys.

Variables:
^^^^^^^^^^

+-------------------------+-----------------------------------------------------------+
| Name                    | Description                                               |
+=========================+===========================================================+
| ecs_adminkey            | Name of the ssh key (to upload)                           |
+-------------------------+-----------------------------------------------------------+
| ecs_adminkey_name       | Lookup name of ssh key                                    |
+-------------------------+-----------------------------------------------------------+
| keypair_file            | File to upload as ssh key                                 |
+-------------------------+-----------------------------------------------------------+


Functions:
^^^^^^^^^^

Create::

    ./grole otc_keypair; ansible-playbook roles.yml -e "ecs_adminkey=ansible-key01" -e "keypair_file=.ssh/authorized_keys" -e "localaction=create"

    ansible-playbook tenant_yml.yml -e "ecs_adminkey=ansible-key01" -e "keypair_file=.ssh/authorized_keys" -e "localaction=create"

note: keypair will be created during ECS creating worklflow

Show::

    ./grole otc_keypair; ansible-playbook roles.yml -e "ecs_adminkey=ansible-key01" -e "localaction=show"

List::

    ./grole otc_keypair; ansible-playbook roles.yml -e "localaction=list"

Delete::

    ./grole otc_keypair; ansible-playbook roles.yml -e "ecs_adminkey=ansible-key01" -e "localaction=delete"

otc_obs

otc_obs
=======

OTC role for Object Storage Service (OBS).
This role requires curl, libxml2-utils, and openssl installed.

Authentification will be done with environment variables (e.g. EC2...)
or ansible-vault file in 'vars/_secrets.yml' or 'vars/secrets.yml'.
Dependly on that ansible-playbook must be called with vault param.


Variables:
^^^^^^^^^^

+-------------------------+-----------------------------------------------------------+
| Name                    | Description                                               |
+=========================+===========================================================+
| EC2_ACCESS_KEY          | OBS access key                                            |
+-------------------------+-----------------------------------------------------------+
| EC2_SECRET_KEY          | OBS secret key                                            |
+-------------------------+-----------------------------------------------------------+
| EC2_URL                 | OBS URL (default https://obs.otc.t-systems.com)           |
+-------------------------+-----------------------------------------------------------+
| bucket                  | s3 bucket name                                            |
+-------------------------+-----------------------------------------------------------+
| object                  | data to upload                                            |
+-------------------------+-----------------------------------------------------------+

Functions:
^^^^^^^^^^

list OBS buckets::

    ansible-playbook s3.yml -e "localaction=list" --vault-password-file vars/vaultpass.txt

    ansible-playbook s3.yml -e "localaction=list"

create OBS bucket::

    ansible-playbook s3.yml -e "bucket=mybucket" -e "localaction=create"

delete OBS bucket::

    ansible-playbook s3.yml -e "bucket=mybucket" -e "localaction=delete"

upload files in OBS (VHD, ZVHD, VMDK, QCOW2 are supported for otc image service)::

    ansible-playbook s3.yml -e "bucket=mybucket" -e "object=xenial-server-cloudimg-amd64-disk1.vmdk" -e "localaction=upload"

delete OBS objects::

    ansible-playbook s3.yml -e "bucket=mybucket" -e "object=xenial-server-cloudimg-amd64-disk1.vmdk" -e "localaction=delete_object" 

otc_rds

otc_rds
=======

OTC role for RDS.

Variables:
^^^^^^^^^^

+-------------------------+----------------------------------------------------------------+
| Name                    | Description                                                    |
+=========================+================================================================+
| rds_version_id          | ID of the RDS version (to use to fetch flavor                  |
+-------------------------+----------------------------------------------------------------+
| rds_name                | Name of RDS instance                                           |
+-------------------------+----------------------------------------------------------------+
| rds_id                  | ID of RDS instance                                             |
+-------------------------+----------------------------------------------------------------+
| rds_node_id             | ID of RDS instance node (name convention _node0,_node1..)      |
+-------------------------+----------------------------------------------------------------+
| rds_type                | RDS type (MySQL or PostgreSQL)                                 |
+-------------------------+----------------------------------------------------------------+
| rds_version             | RDS version (i.e. 5.6.7)                                       |
+-------------------------+----------------------------------------------------------------+
| rds_spec_code           | RDS resource specification code, (i.e. rds.mysql.m1.xlarge.ha) |
+-------------------------+----------------------------------------------------------------+
| rds_instance_mode       | RDS instance type (ha,replica or single)                       |
+-------------------------+----------------------------------------------------------------+
| rds_volume_type         | Type of RDS volume (COMMON (SATA) or ULTRAHIGH (SSD))          |
+-------------------------+----------------------------------------------------------------+
| rds_volume_size         | Size of RDS volume (40 - 4000 GB)                              |
+-------------------------+----------------------------------------------------------------+
| rds_port                | RDS port                                                       |
+-------------------------+----------------------------------------------------------------+
| rds_ram                 | Memory for RDS in MB                                           |
+-------------------------+----------------------------------------------------------------+
| rds_availability_zone   | RDS Availability Zone ( i.e. eu_de-01)                         |
+-------------------------+----------------------------------------------------------------+
| rds_secgroup_name       | RDS Security Group                                             |
+-------------------------+----------------------------------------------------------------+
| rds_subnet_name         | RDS subnet                                                     |
+-------------------------+----------------------------------------------------------------+
| rds_backup_time         | Start time of backup (i.e. 01:00-02:00, maximum of 1 hour,     |
|                         | minutes in 00,15,30,45)                                        |
+-------------------------+----------------------------------------------------------------+
| rds_backup_id           | ID of RDS backup (required for restore)                        |
+-------------------------+----------------------------------------------------------------+
| rds_backup_name         | Name if manual generated backup                                |
+-------------------------+----------------------------------------------------------------+
| rds_backup_days         | Keep days of backups (between 0-732, 0 = disabled)             |
+-------------------------+----------------------------------------------------------------+
| rds_restore_time        | Timestamp of RDS restore                                       |
+-------------------------+----------------------------------------------------------------+
| rds_ha_enabled          | RDS HA enabled or not (true or false)                          |
+-------------------------+----------------------------------------------------------------+
| rds_ha_replication_mode | RDS replication mode (async or semisync for MySQL,             |
|                         | async or sync for PostgreSQL)                                  |
+-------------------------+----------------------------------------------------------------+
| rds_disk_encryption_id  | Key ID for disc encryption                                     |
+-------------------------+----------------------------------------------------------------+
| rds_root_password       | RDS root password                                              |
+-------------------------+----------------------------------------------------------------+
| errorlog_startdate      | Start date of error log (i.e. 2018-04-05+23:59)                |
+-------------------------+----------------------------------------------------------------+
| errorlog_enddate        | End date of error log (i.e. 2018-05-05+23:59)                  |
+-------------------------+----------------------------------------------------------------+
| errorlog_curpage        | Pages per error log (default 1)                                |
+-------------------------+----------------------------------------------------------------+
| errorlog_perpage        | Error message per page (1-100, default 100)                    |
+-------------------------+----------------------------------------------------------------+
| slowlog_type            | Type of slowlog (INSERT, UPDATE, SELECT, DELETE, CREATE)       |
+-------------------------+----------------------------------------------------------------+
| waitfor                 | Wait for RDS creation is finished (true or false)              |
+-------------------------+----------------------------------------------------------------+
| rds_parametergroup      | Key/Value list of configuration parameter                      |
+-------------------------+----------------------------------------------------------------+


Functions:
^^^^^^^^^^

Version::

     ./grole otc_rds; ansible-playbook roles.yml -e "localaction=version"

Flavor::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01 rds_type=MySQL rds_version=5.7.20 localaction=flavor"

List::

    ./grole otc_rds; ansible-playbook roles.yml -e "localaction=list"

Show::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01_node0 localaction=show"

Note: configured rds_name will automatically append with number of instances starting from ``_node0``

Create::

    ansible-playbook tenant_yml.yml -e "rds_name=ansible-mysql01 rds_root_password=Ab+12345678 localaction=create"

Note: define rds settings in an extra file like in tests/vars/tenant.yml

Create Parameter Group::

    ansible-playbook tenant_yml.yml -e "rds_name=ansible-mysql01 localaction=create_parametergroup"

Note: define parameters in an extra file as key/value pairs in rds_parametergroup variable

List Parameter Group::

   ./grole otc_rds; ansible-playbook roles.yml -e "localaction=list_parametergroup"

Apply Parameter Group::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01 localaction=apply_parametergroup"

Delete Parameter Group::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01 localaction=delete_parametergroup"

Resize Volume::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01_node0 rds_volume_size=120 localaction=resize_volume"

Resize Flavor::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01 rds_node_id=d61a75b397ff4af1837fafb75a860eafin01  rds_ram=8000  rds_type=MySQL rds_version=5.7.20 rds_ha_enabled=false localaction=resize_flavor"

Reboot an instance::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01 waitfor=true localaction=reboot"

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_node_id=d61a75b397ff4af1837fafb75a860eafin01 localaction=reboot"

Note: rds_node_id to shown from ``Show`` command

Delete an instance::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01 localaction=delete"

List backups::

    ./grole otc_rds; ansible-playbook roles.yml -e "localaction=backups"

Create a backup::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01 rds_backup_name=my_backup_mysql01_1 localaction=create_backup"

Delete a backup::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_backup_id=04eabf2523c8445e80faa0452c991e87br01 localaction=delete_backup"

Note: grab the rds_backup_id from ``List backups``

Restore current DB (with file backup)::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_backup_id=04eabf2523c8445e80faa0452c991e87br01 rds_name=ansible-mysql01 localaction=restore_backup_current" 

Restore current DB (Point in Time Recovery)::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_restore_time='2018-05-13 19:30:01' rds_name=ansible-mysql01 localaction=restore_backup_current" 

Note: microseconds are rounded

Restore to a new instance (with file backup)::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_backup_id=04eabf2523c8445e80faa0452c991e87br01" rds_name=ansible-mysql02 rds_volume_size=120  rds_ram=4096 rds_type=MySQL rds_version=5.7.20 rds_ha_enabled=false rds_id=02eabf2523c8445e80faa0452c991e87br01 localaction=restore_backup_new" 

Note: instance version is assigned to the backup set, so it's not possible to restore MySQL 5.7 version from MySQL 5.6 backup

Restore to a new instance (Point in Time Recovery)::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_restore_time='2018-05-13 19:30:01' rds_name=ansible-mysql02 rds_volume_size=120  rds_ram=4096 rds_type=MySQL rds_version=5.7.20 rds_ha_enabled=false rds_id=02eabf2523c8445e80faa0452c991e87br01 localaction=restore_backup_new" 

Note: grab the different IDs for example from ``list (backups)``

Query error log::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_node_id=a0fbfc3ff14f4d7b8f4bec1aff2e7e8cno01 errorlog_startdate=2018-05-01+00:00 errorlog_enddate=2018-05-13+18:00 localaction=errorlog"

Note: You can only query error logs generated within a month. rds_node_id to shown from ``Show`` command

Query slow query log::

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01 localaction=slowlog"

    ./grole otc_rds; ansible-playbook roles.yml -e "rds_name=ansible-mysql01 slowlog_type=SELECT localaction=slowlog"

Note: if ``slowlog_type`` is not set, all types will be queried

otc_secgroup

otc_secgroup
============

OTC role for security groups. This role creates security groups defined
for an ECS and creates the rules. The rules are defined in an extra section.
Standard rules will be removed before the defined rules are created.

Variables:
^^^^^^^^^^

+-------------------------+---------------------------------------------+
| Name                    | Description                                 |
+=========================+=============================================+
| secgroup_name           | name of Secgroup                            |
+-------------------------+---------------------------------------------+
| secgroup_id             | id of Secgroup                              |
+-------------------------+---------------------------------------------+
| secgroup_ids            | list of secgroup_ids (to bind on ECS        |
+-------------------------+---------------------------------------------+
| secgroups               | list of secgroups in ecs section            |
+-------------------------+---------------------------------------------+
| secgrouprules           | list of rules for a security group          |
+-------------------------+---------------------------------------------+
| secgrouprule_id         | id of a secgroup rule                       |
+-------------------------+---------------------------------------------+

Functions:
^^^^^^^^^^

Create::

    ansible-playbook tenant_yml.yml -e "ecs_name=ansible-test01" -e "localaction=create"

    ansible-playbook tenant_ini.yml -e "ecs_name=ansible-test01" -e "localaction=create"

    ansible-playbook tenant_json.yml -e "ecs_name=ansible-test01" -e "localaction=create"

note: subnet will create during ECS creating workflow

Show::

    ./grole otc_secgroup; ansible-playbook roles.yml -e "secgroup_name=ansible-secgroup01" -e "localaction=show"

List::

    ./grole otc_secgroup; ansible-playbook roles.yml -e "localaction=list"

    ./grole otc_secgroup; ansible-playbook roles.yml -e "vpc_id=1234567891234567890" -e "localaction=list"

    ./grole otc_vpc otc_secgroup; ansible-playbook roles.yml -e "vpc_name=ansible-vpc01" -e "localaction=list"

Delete::

    ./grole otc_secgroup; ansible-playbook roles.yml -e "secgroup_name=ansible-secgroup01" -e "localaction=delete"

otc_subnet

otc_subnet
==========

OTC role for Subnet.

Variables:
^^^^^^^^^^

+-------------------------+---------------------------------------------+
| Name                    | Description                                 |
+=========================+=============================================+
| subnet_name             | name of Subnet                              |
+-------------------------+---------------------------------------------+
| subnet_id               | id of Subnet                                |
+-------------------------+---------------------------------------------+

Functions:
^^^^^^^^^^

Create::

    ansible-playbook tenant_yml.yml -e "ecs_name=ansible-test01" -e "localaction=create"

    ansible-playbook tenant_ini.yml -e "ecs_name=ansible-test01" -e "localaction=create"

    ansible-playbook tenant_json.yml -e "ecs_name=ansible-test01" -e "localaction=create"

note: subnet will create during ECS creating workflow

Show::

    ./grole otc_subnet; ansible-playbook roles.yml -e "subnet_name=ansible-subnet01" -e "localaction=show"

List::

    ./grole otc_subnet; ansible-playbook roles.yml -e "localaction=list"

Delete::

    ./grole otc_subnet; ansible-playbook roles.yml -e "subnet_name=ansible-subnet01" -e "localaction=delete"

otc_vpc

otc_vpc
=======

OTC role for VPC.

Variables:
^^^^^^^^^^

+-------------------------+---------------------------------------------+
| Name                    | Description                                 |
+=========================+=============================================+
| localaction=router      | Information about VPC Router as fact        |
+-------------------------+---------------------------------------------+
| localaction=snat        | Configure SNAT on VPC                       |
+-------------------------+---------------------------------------------+
| enable_snat=true|false  | Enable or disable SNAT                      |
+-------------------------+---------------------------------------------+
| vpc_name                | name of VPC                                 |
+-------------------------+---------------------------------------------+
| vpc_id                  | id of VPC                                   |
+-------------------------+---------------------------------------------+
| waitfor                 | wait for VPC creation (true or false)       |
+-------------------------+---------------------------------------------+

Functions:
^^^^^^^^^^

Create::

    ansible-playbook tenant_yml.yml -e "ecs_name=ansible-test01" -e "localaction=create"

    ansible-playbook tenant_ini.yml -e "ecs_name=ansible-test01" -e "localaction=create"

    ansible-playbook tenant_json.yml -e "ecs_name=ansible-test01" -e "localaction=create"

note: VPC will create during ECS creating workflow

Show::

    ./grole otc_vpc; ansible-playbook roles.yml -e "vpc_name=ansible-vpc01" -e "localaction=show"

List::

    ./grole otc_vpc; ansible-playbook roles.yml -e "localaction=list"

Delete::

    ./grole otc_vpc; ansible-playbook roles.yml -e "vpc_name=ansible-vpc01" -e "localaction=delete"

os-client-config

os-client-config
================

OTC role for generate os-clientconfig

Variables:
^^^^^^^^^^

+-------------------------+---------------------------------------------+
| Name                    | Description                                 |
+=========================+=============================================+
| occ_profile_name        | cloud profile name, e.g. otc                |
+-------------------------+---------------------------------------------+
| occ_auth_url            | IAM auth url (version 3 is default)         |
+-------------------------+---------------------------------------------+
| occ_region_name         | cloud region name                           |
+-------------------------+---------------------------------------------+
| occ_username            | cloud username                              |
+-------------------------+---------------------------------------------+
| occ_password            | cloud password                              |
+-------------------------+---------------------------------------------+
| occ_project_name        | cloud project name, e.g. eu-de              |
+-------------------------+---------------------------------------------+
| occ_project_domain_name | cloud project domain name, e.g. Default     |
+-------------------------+---------------------------------------------+
| occ_user_domain_name    | cloud user domain, e.g. OTC-eu-de-0012345   |
+-------------------------+---------------------------------------------+

Functions:
^^^^^^^^^^

Create::

     ansible-playbook os-client-config.yml

Read::

    n/a

Update::

    n/a

Delete::

    n/a