ansible-lab-ocpv/exercise12-break.yaml at main · sanuragi-redhat/ansible-lab-ocpv · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
- name: Preparing  exercise12
  hosts: localhost
  gather_facts: true

  vars:
    user: "{{ lookup('env', 'USER') }}"

  tasks:
    - name: Create SSH config file with StrictHostKeyChecking no
      ansible.builtin.copy:
        dest: '/home/{{ user }}/.ssh/config'
        content: |
          Host *
            StrictHostKeyChecking no
            UserKnownHostsFile /dev/null
        owner: '{{ user }}'
        group: '{{ user }}'
        mode: '0600'

    - name: Creating NAD
      kubernetes.core.k8s:
        state: present
        template: "exercise12-create-nad.yaml.j2"
      register: createnad
      until: createnad is succeeded
      retries: 60
      delay: 10
      failed_when: createnad is failed or createnad.failed

    - name: Get user SSH key
      ansible.builtin.slurp:
        src: "/home/{{ user }}/.ssh/id_rsa.pub"
      register: usersshkey

    - name: Create the idrsa secret
      kubernetes.core.k8s:
        state: present
        template: "exercise12-secret.yaml.j2"
      register: secretidrsa
      until: secretidrsa is succeeded
      retries: 60
      delay: 10
      failed_when: secretidrsa is failed or secretidrsa.failed

    - name: Creating VM A
      kubernetes.core.k8s:
        state: present
        template: "exercise12-create-vm-a.yaml.j2"
      register: createvma
      until: createvma is succeeded
      retries: 60
      delay: 10
      failed_when: createvma is failed or createvma.failed

    - name: Creating VM B
      kubernetes.core.k8s:
        state: present
        template: "exercise12-create-vm-b.yaml.j2"
      register: createvmb
      until: createvmb is succeeded
      retries: 60
      delay: 10
      failed_when: createvmb is failed or createvmb.failed

    - name: Wait for exercise12-a
      ansible.builtin.command:
        cmd: virtctl ssh -i /home/{{ user }}/.ssh/id_rsa  lab-user@exercise12-a
      ignore_errors: true
      no_log: false
      register: testssha
      until: testssha.rc == 0
      retries: 20
      delay: 10

    - name: Wait for exercise12-b
      ansible.builtin.command:
        cmd: virtctl ssh -i /home/{{ user }}/.ssh/id_rsa  lab-user@exercise12-b
      ignore_errors: true
      no_log: false
      register: testsshb
      until: testsshb.rc == 0
      retries: 20
      delay: 10

    - name: Breaking exercise part 1
      kubernetes.core.k8s:
        state: present
        template: "exercise12-mnp-deny.yaml.j2"
      register: mnpdeny
      until: mnpdeny is succeeded
      retries: 60
      delay: 10
      failed_when: mnpdeny is failed or mnpdeny.failed

    - name: Breaking exercise part 2
      kubernetes.core.k8s:
        state: present
        template: "exercise12-mnp-allow.yaml.j2"
      register: mnpallow
      until: mnpallow is succeeded
      retries: 60
      delay: 10
      failed_when: mnpallow is failed or mnpallow.failed