RCauth Delegation Server & MasterPortal - Ansible scripts

From PDP/Grid Wiki
Revision as of 17:27, 12 July 2016 by Tamasb@nikhef.nl (talk | contribs) (master portal ansible intro)
Jump to navigationJump to search

Introduction

After experimenting with the Jenkins as a method of deployment for the CILogon Pilot we quickly had to come to the conclusion that Jenkins was not meant to be used for such deployments. Although it can spin up machines and run any kind of configuration scripts on them, it was still lacking the kind of configuration control and templating capabilities that we were looking for. We decided to move away from it an use one of the more widespread tools for deployments and configuration.

Out pick fell on Ansible mainly because of the following point:

  • support for configuration templating
  • easy to use modules to interact with systems
  • no client software required (runs through ssh)
  • good documentation

Master Portal

The ansible scripts for deploying a Master Portal can be found under the Nikhef subversion, here. You can use these scripts to deploy a Master Portal and Credential Store on two separate hosts, or into one single host. Before you begin executing plays make sure to decide whether you're deployment will use two separate hosts for Master Portal and Credential Store, or a single host. Fill in you machine hostname[s] into the hosts.inventory file accordingly. The hostname[s] set in the invertory files will be set on the target machine[s].

These scripts expect you to have a basic CentOS 6 or 7 installation ready. Since the two OS installations have slight differences between them (like repository addresses) we created two sets of default variables for each OS version. Once you decided which OS version you want to use, make sure to check the symlinks called roles/*/defaults/main.yml. These symlinks can either point to rh6.yml or to rh7.yml under the same directory in which they are. Set these according to the OS of your choice.

Roles

basic

The basic role tries to cover the general environment setup that is needed for both Master Portal and Credential Store.

credstore

masterportal

Plays

These ansible scripts include two play:

  • credstore.yml to deploy a Credential Store. This will apply the basic and the credstore roles.
  • masterportal.yml to deploy a Master Portal. This will apply the basic and the masterportal roles.

Delegation Server