Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-05-01 20:58:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge branch 'ansible' of github.com:shaderecker/tpotce into ansible

Browse source
This commit is contained in:
Sebastian Haderecker 2021-02-13 18:29:45 +01:00
commit 9ff9c3c4df
1 changed files with 10 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
cloud/ansible/README.md
View file

@ -11,6 +11,7 @@ This example showcases the deployment on our own OpenStack based Public Cloud Of
# Table of contents # Table of contents
- [Preparation of Ansible Master](#ansible-master) - [Preparation of Ansible Master](#ansible-master)
- [Ansible Installation](#ansible) - [Ansible Installation](#ansible)
- [OpenStack Collection Installation](#collection)
- [Agent Forwarding](#agent-forwarding) - [Agent Forwarding](#agent-forwarding)
- [Preparations in Open Telekom Cloud Console](#preparation) - [Preparations in Open Telekom Cloud Console](#preparation)
- [Create new project](#project) - [Create new project](#project)
@ -56,6 +57,11 @@ In short (if you already have Python3/pip3 installed):
pip3 install ansible pip3 install ansible
``` ```
<a name="collection"></a>
## OpenStack Collection Installation
For interacting with OpenStack resources in Ansible, you need to install the collection from Ansible Galaxy:
`ansible-galaxy collection install openstack.cloud`
<a name="agent-forwarding"></a> <a name="agent-forwarding"></a>
## Agent Forwarding ## Agent Forwarding
If you run the Ansible Playbook remotely on your Ansible Master Server, Agent Forwarding must be enabled in order to let Ansible connect to newly created machines. If you run the Ansible Playbook remotely on your Ansible Master Server, Agent Forwarding must be enabled in order to let Ansible connect to newly created machines.
@ -134,14 +140,14 @@ You may have to adjust the `remote_user` in the Ansible Playbook under [`opensta
<a name="instance-settings"></a> <a name="instance-settings"></a>
## Instance settings ## Instance settings
Located at [`openstack/roles/deploy/vars/main.yaml`](openstack/roles/deploy/vars/main.yaml). Located at [`openstack/roles/create_vm/vars/main.yaml`](openstack/roles/create_vm/vars/main.yaml).
Here you can customize your virtual machine specifications: Here you can customize your virtual machine specifications:
- Choose an availability zone. For Open Telekom Cloud reference see [here](https://docs.otc.t-systems.com/en-us/endpoint/index.html). - Choose an availability zone. For Open Telekom Cloud reference see [here](https://docs.otc.t-systems.com/en-us/endpoint/index.html).
- Change the OS image (For T-Pot we need Debian) - Change the OS image (For T-Pot we need Debian)
- (Optional) Change the volume size - (Optional) Change the volume size
- Specify your key pair (:warning: Mandatory) - Specify your key pair (:warning: Mandatory)
- (Optional) Change the instance type (flavor) - (Optional) Change the instance type (flavor)
`s2.medium.8` corresponds to 1 vCPU and 8GB of RAM and is the minimum required flavor. `s3.medium.8` corresponds to 1 vCPU and 8GB of RAM and is the minimum required flavor.
A full list of Open Telekom Cloud flavors can be found [here](https://docs.otc.t-systems.com/en-us/usermanual/ecs/en-us_topic_0177512565.html). A full list of Open Telekom Cloud flavors can be found [here](https://docs.otc.t-systems.com/en-us/usermanual/ecs/en-us_topic_0177512565.html).
``` ```
@ -149,7 +155,7 @@ availability_zone: eu-de-03
image: Standard_Debian_10_latest image: Standard_Debian_10_latest
volume_size: 128 volume_size: 128
key_name: your-KeyPair key_name: your-KeyPair
flavor: s2.medium.8 flavor: s3.medium.8
``` ```
<a name="user-password"></a> <a name="user-password"></a>
@ -200,7 +206,7 @@ Enable this by uncommenting the role in the [deploy_tpot.yaml](openstack/deploy_
# - custom_hpfeeds # - custom_hpfeeds
``` ```
You can specify custom HPFEEDS in [`openstack/roles/custom_hpfeeds/templates/hpfeeds.cfg`](openstack/roles/custom_hpfeeds/templates/hpfeeds.cfg). You can specify custom HPFEEDS in [`openstack/roles/custom_hpfeeds/files/hpfeeds.cfg`](openstack/roles/custom_hpfeeds/files/hpfeeds.cfg).
That file contains the defaults (turned off) and you can adapt it for your needs, e.g. for SISSDEN: That file contains the defaults (turned off) and you can adapt it for your needs, e.g. for SISSDEN:
``` ```
myENABLE=true myENABLE=true