sa_8001/dsk-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ansible Script 추가

Browse Source
This commit is contained in:
ByeonJungHun
2023-12-19 13:36:16 +09:00
parent 0273450ff6
commit 05cb8d9269
2610 changed files with 281893 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
ansible/zabbix_agent/roles/zabbix-agent/molecule/with-server/Dockerfile.j2 Normal file
View File

@@ -0,0 +1,14 @@
# Molecule managed
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi

26
ansible/zabbix_agent/roles/zabbix-agent/molecule/with-server/INSTALL.rst Normal file
View File

@@ -0,0 +1,26 @@
********************************
Docker driver installation guide
********************************
Requirements
============
* General molecule dependencies (see https://molecule.readthedocs.io/en/latest/installation.html)
* Docker Engine
* docker-py
* docker
Install
=======
Ansible < 2.6
.. code-block:: bash
$ sudo pip install docker-py
Ansible >= 2.6
.. code-block:: bash
$ sudo pip install docker

73
ansible/zabbix_agent/roles/zabbix-agent/molecule/with-server/molecule.yml Normal file
View File

@@ -0,0 +1,73 @@
---
dependency:
name: galaxy
driver:
name: docker
platforms:
- name: zabbix-server-centos
image: milcom/centos7-systemd:latest
groups:
- zabbix_server
- mysql
privileged: true
networks:
- name: zabbix
published_ports:
- "80:80"
- name: zabbix-agent-centos
image: milcom/centos7-systemd:latest
groups:
- zabbix_agent
privileged: true
networks:
- name: zabbix
- name: zabbix-agent-debian
image: minimum2scp/systemd-stretch:latest
command: /sbin/init
groups:
- zabbix_agent
privileged: true
networks:
- name: zabbix
- name: zabbix-agent-ubuntu
image: solita/ubuntu-systemd:bionic
groups:
- zabbix_agent
privileged: true
networks:
- name: zabbix
provisioner:
name: ansible
playbooks:
docker:
create: ../default/create.yml
destroy: ../default/destroy.yml
inventory:
group_vars:
all:
zabbix_api_create_hosts: true
zabbix_api_create_hostgroup: true
zabbix_api_server_url: http://zabbix-server-centos
zabbix_apache_servername: zabbix-server-centos
mysql:
zabbix_server_database: mysql
zabbix_server_database_long: mysql
zabbix_server_dbport: 3306
database_type: mysql
database_type_long: mysql
host_vars:
zabbix-agent-fedora:
ansible_python_interpreter: /usr/bin/python3
zabbix-agent-ubuntu:
zabbix_agent_tlsaccept: psk
zabbix_agent_tlsconnect: psk
zabbix_agent_tlspskidentity: "myhost PSK"
zabbix_agent_tlspsk_secret: b7e3d380b9d400676d47198ecf3592ccd4795a59668aa2ade29f0003abbbd40d
zabbix_agent_tlspskfile: /etc/zabbix/zabbix_agent_pskfile.psk
scenario:
name: with-server
verifier:
name: testinfra

24
ansible/zabbix_agent/roles/zabbix-agent/molecule/with-server/playbook.yml Normal file
View File

@@ -0,0 +1,24 @@
---
- name: Converge
hosts: all:!zabbix_server
pre_tasks:
- name: "Get IP Server"
ansible.builtin.shell: grep $(hostname) /etc/hosts | awk '{ print $1 }' | tail -n 1
register: ip_address
delegate_to: zabbix-server-centos
changed_when: false
tags:
- skip_ansible_lint
- name: "Get IP hosts"
ansible.builtin.shell: grep $(hostname) /etc/hosts | awk '{ print $1 }' | tail -n 1
register: ip_address_host
changed_when: false
tags:
- skip_ansible_lint
roles:
- role: zabbix_agent
zabbix_agent_ip: "{{ ip_address_host.stdout }}"
zabbix_agent_server: "{{ ip_address.stdout }}"
zabbix_agent_serveractive: "{{ ip_address.stdout }}"

114
ansible/zabbix_agent/roles/zabbix-agent/molecule/with-server/prepare.yml Normal file
View File

@@ -0,0 +1,114 @@
---
- name: Prepare
hosts: zabbix_server
pre_tasks:
- name: "Installing EPEL"
ansible.builtin.yum:
name:
- epel-release
state: present
when: ansible_distribution == 'CentOS'
- name: "Installing packages"
ansible.builtin.yum:
name:
- net-tools
- which
- libselinux-python
- python-pip
state: present
register: installation_dependencies
when: ansible_distribution == 'CentOS'
- name: "Installing which on NON-CentOS"
ansible.builtin.apt:
name:
- net-tools
- python-pip
- curl
state: present
when: ansible_distribution != 'CentOS'
- name: "Configure SUDO."
ansible.builtin.lineinfile:
dest: /etc/sudoers
line: "Defaults !requiretty"
state: present
- name: "Make sure the docs are installed."
ansible.builtin.lineinfile:
dest: /etc/yum.conf
line: "tsflags=nodocs"
state: absent
- name: "Installing some python dependencies"
ansible.builtin.pip:
name: py-zabbix
state: present
roles:
- role: geerlingguy.mysql
- role: zabbix_server
- role: zabbix_web
- name: Prepare
hosts: all:!zabbix_server:!docker
tasks:
- name: "Installing packages on CentOS family"
ansible.builtin.yum:
name:
- net-tools
- which
state: present
when:
- ansible_os_family == 'RedHat'
- name: "Installing packages on Debian family"
ansible.builtin.apt:
name:
- net-tools
state: present
when:
- ansible_os_family == 'Debian'
- name: Converge
hosts: docker
tasks:
- name: "Download Docker CE repo file"
ansible.builtin.get_url:
url: https://download.docker.com/linux/centos/docker-ce.repo
dest: /etc/yum.repos.d/docker-ce.repo
mode: 0644
register: zabbix_agent_prepare_docker_repo
until: zabbix_agent_prepare_docker_repo is succeeded
- name: "Installing Epel"
ansible.builtin.package:
pkg:
- epel-release
state: present
register: zabbix_agent_prepare_docker_install
until: zabbix_agent_prepare_docker_install is succeeded
- name: "Installing Docker"
ansible.builtin.package:
pkg:
- docker-ce
- python-pip
- python-setuptools
state: present
register: zabbix_agent_prepare_docker_install
until: zabbix_agent_prepare_docker_install is succeeded
- name: "Installing Docker Python"
ansible.builtin.pip:
name:
- docker
state: present
register: zabbix_agent_prepare_docker_install
until: zabbix_agent_prepare_docker_install is succeeded
- name: "Starting Docker service"
ansible.builtin.service:
name: docker
state: started

5
ansible/zabbix_agent/roles/zabbix-agent/molecule/with-server/requirements.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- src: geerlingguy.apache
- src: geerlingguy.mysql
- src: dj-wasabi.zabbix-server
- src: dj-wasabi.zabbix-web

44
ansible/zabbix_agent/roles/zabbix-agent/molecule/with-server/tests/test_agent.py Normal file
View File

@@ -0,0 +1,44 @@
import os
from zabbix_api import ZabbixAPI
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('zabbix_agent')
def authenticate():
zapi = ZabbixAPI(server='http://zabbix-server-centos/api_jsonrpc.php')
zapi.login("Admin", "zabbix")
return zapi
def test_psk_host(host):
zapi = authenticate()
hostname = host.check_output('hostname -s')
host_name = "zabbix-agent-ubuntu"
server_data = zapi.host.get({'output': 'extend', 'selectInventory': 'extend', 'filter': {'host': [hostname]}})
if hostname == host_name:
assert server_data[0]['tls_psk'] == "b7e3d380b9d400676d47198ecf3592ccd4795a59668aa2ade29f0003abbbd40d"
assert server_data[0]['tls_psk_identity'] == "myhost PSK"
assert server_data[0]['tls_accept'] == "2"
else:
assert server_data[0]['tls_psk'] == ""
assert server_data[0]['tls_psk_identity'] == ""
assert server_data[0]['tls_accept'] == "1"
def test_zabbix_agent_psk(host):
hostname = host.check_output('hostname -s')
host_name = "zabbix-agent-ubuntu"
psk_file = host.file("/etc/zabbix/zabbix_agent_pskfile.psk")
if hostname == host_name:
assert psk_file.user == "zabbix"
assert psk_file.group == "zabbix"
assert psk_file.mode == 0o400
assert psk_file.contains("b7e3d380b9d400676d47198ecf3592ccd4795a59668aa2ade29f0003abbbd40d")
else:
assert not psk_file.exists

41
ansible/zabbix_agent/roles/zabbix-agent/molecule/with-server/tests/test_default.py Normal file
View File

@@ -0,0 +1,41 @@
import os
from zabbix_api import ZabbixAPI
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('zabbix_server')
def authenticate():
zapi = ZabbixAPI(server='http://zabbix-server-centos/api_jsonrpc.php')
zapi.login("Admin", "zabbix")
return zapi
def get_hosts():
return [
"zabbix-agent-debian",
"zabbix-agent-ubuntu",
"zabbix-agent-centos",
"zabbix-agent-docker-centos"
]
def test_hosts():
zapi = authenticate()
hosts = get_hosts()
servers = zapi.host.get({'output': ["hostid", "name"]})
for server in servers:
if server['name'] != 'Zabbix server':
assert server['name'] in hosts
def test_hosts_status():
zapi = authenticate()
servers = zapi.host.get({'output': ["status", "name"]})
for server in servers:
if server['name'] != 'Zabbix server':
assert int(server['status']) == 0