Merge branch 'feature/KASM-3051-guac-role' into 'develop'

Resolve KASM-3051 "Feature/ guac role"

Closes KASM-3051 and KASM-3623

See merge request kasm-technologies/internal/ansible!16
This commit is contained in:
Matthew McClaskey 2022-11-22 16:08:22 +00:00
commit 79402adc1b
11 changed files with 52 additions and 14 deletions

View file

@ -45,7 +45,7 @@ It has been tested on CentOS 7.9.2009, CentOS 8.4.2105, Debian 9.13, Debian 10.1
1. Open `roles/install_common/vars/main.yml`, `group_vars/agent.yml` and update variables if desired.
2. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp and db roles.
2. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp, db, and guac roles.
3. Download the Kasm Workspaces installer from https://www.kasmweb.com/downloads.html and copy it to `roles/install_common/files`.
@ -69,9 +69,9 @@ It has been tested on CentOS 7.9.2009, CentOS 8.4.2105, Debian 9.13, Debian 10.1
6. Navigate to the Agents tab, and enable each Agent after it checks in. (May take a few minutes)
### Adding Additional Agent / Webapp hosts to an existing installation
### Adding Additional Agent / Webapp / Guac hosts to an existing installation
The installation can be "scaled up" after being installed by adding additional hosts to the agent or db roles in the inventory file and rerunning the playbook.
The installation can be "scaled up" after being installed by adding additional hosts to the agent, app, or guac roles in the inventory file and rerunning the playbook.
Please ensure that redis_password, manager_token and database_password is set in `roles/install_common/vars/main.yml`
@ -94,13 +94,13 @@ If you did not save the redis_password, manager_token or database_password for y
## Kasm Uninstall playbook
This playbook uninstalls Kasm workspaces from DB, WebApp and Agent servers specified in the `inventory` file.
This playbook uninstalls Kasm workspaces from DB, WebApp, Agent, and Guac servers specified in the `inventory` file.
It has been tested on CentOS 7.9.2009, CentOS 8.4.2105, Debian 9.13, Debian 10.10, Ubuntu 18.04.5, and Ubuntu 20.04.3
It has been tested on CentOS 7.9.2009, CentOS 8.4.2105, Debian 9.13, Debian 10.10, Ubuntu 18.04.5, Ubuntu 20.04.3, and Ubuntu 22.04.1
### Ansible Configuration
1. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp and db roles.
1. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp, db, and guac roles.
3. Run the deployment.
@ -114,15 +114,15 @@ It has been tested on CentOS 7.9.2009, CentOS 8.4.2105, Debian 9.13, Debian 10.1
## Kasm Stop/Start/Restart playbooks
These playbooks can be used to start, stop or restart Kasm workspaces services on the DB, WebApp and Agent servers specified in the `inventory` file.
These playbooks can be used to start, stop or restart Kasm workspaces services on the DB, WebApp, Agent, and Guac servers specified in the `inventory` file.
It can be limited to run only on hosts in specific groups by passing `-l [db, web, or agent]` flag.
It can be limited to run only on hosts in specific groups by passing `-l [db, web, agent, or guac]` flag.
In the examples `restart_kasm.yml` can be substituted for `start_kasm.yml` or `stop_kasm.yml` for starting or stopping the kasm services respectively.
### Ansible Configuration
1. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp and db roles.
1. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp, db, and guac roles.
2. Run the playbook.
@ -146,7 +146,7 @@ This playbook can be used to backup the Kasm Workspaces database to a location o
1. Open `roles/backup_db/vars/main.yml` and update variables if desired.
2. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp and db roles.
2. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp, db, and guac roles.
3. Run the playbook.
@ -166,7 +166,7 @@ This playbook is used for patching the underlying OSes on the Kasm Workspace ser
1. Open `roles/patch_os/vars/main.yml` and update variables if desired.
2. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp and db roles.
2. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp, db, and guac roles.
3. Run the playbook.

1
group_vars/guac.yml Normal file
View file

@ -0,0 +1 @@
desired_swap_size: 4g

View file

@ -2,6 +2,7 @@
- db
- web
- agent
- guac
roles:
- install_common
any_errors_fatal: true

View file

@ -4,3 +4,5 @@ ubuntu18-web
ubuntu18-db
[agent]
ubuntu18-agent
[guac]
ubuntu18-guac

View file

@ -4,6 +4,7 @@
- db
- web
- agent
- guac
roles:
- patch_os

View file

@ -1,5 +1,5 @@
- name: Install database role
command: "bash {{ tempdir.path }}/kasm_release/install.sh -S db -e -Q {{database_password}} -R {{redis_password}} -U {{user_password}} -P {{admin_password}} -M {{manager_token}} {{ '-s ' ~ service_images_copy.dest if service_images_file }} {{ '-w ' ~ workspace_images_copy.dest if workspace_images_file }}"
command: "bash {{ tempdir.path }}/kasm_release/install.sh -S db -e -Q {{database_password}} -R {{redis_password}} -U {{user_password}} -P {{admin_password}} -M {{manager_token}} --registration-token {{registration_token}} {{ '-s ' ~ service_images_copy.dest if service_images_file }} {{ '-w ' ~ workspace_images_copy.dest if workspace_images_file }}"
register: install_output
become: true
retries: 20
@ -8,7 +8,7 @@
when: test is not defined
- name: Install database role - test
command: "bash {{ tempdir.path }}/kasm_release/install.sh -S db -e -I -Q {{database_password}} -R {{redis_password}} -U {{user_password}} -P {{admin_password}} -M {{manager_token}} {{ '-s ' ~ service_images_copy.dest if service_images_file }} {{ '-w ' ~ workspace_images_copy.dest if workspace_images_file }}"
command: "bash {{ tempdir.path }}/kasm_release/install.sh -S db -e -I -Q {{database_password}} -R {{redis_password}} -U {{user_password}} -P {{admin_password}} -M {{manager_token}} --registration-token {{registration_token}} {{ '-s ' ~ service_images_copy.dest if service_images_file }} {{ '-w ' ~ workspace_images_copy.dest if workspace_images_file }}"
register: install_output
become: true
retries: 20

View file

@ -29,4 +29,9 @@
when: manager_token is not defined
run_once: true
delegate_to: localhost
- set_fact:
registration_token: "{{ lookup('password', '/dev/null chars=ascii_letters,digits length=22') }}"
when: registration_token is not defined
run_once: true
delegate_to: localhost

View file

@ -0,0 +1,17 @@
- name: Check connection from guac to webserver
uri:
url: "https://{{ web_ip }}/api/__healthcheck"
timeout: 5
validate_certs: false
register: _result
until: _result.status == 200
retries: 7
delay: 5
- name: Install guac role
command: "bash {{ tempdir.path }}/kasm_release/install.sh -S guac -e --api-hostname {{ web_ip }} --public-hostname {{ guac_ip }} --registration-token {{ registration_token }} {{ '-s ' ~ service_images_copy.dest if service_images_file }}"
register: install_output
become: true
retries: 20
delay: 10
until: install_output is success or ('Failed to lock apt for exclusive operation' not in install_output.stderr and '/var/lib/dpkg/lock' not in install_output.stderr)

View file

@ -12,6 +12,7 @@
- set_fact:
db_ip: "{{ hostvars[groups['db'][0]]['ansible_default_ipv4']['address'] }}"
web_ip: "{{ hostvars[groups['web'][0]]['ansible_default_ipv4']['address'] }}"
guac_ip: "{{ hostvars[groups['guac'][0]]['ansible_default_ipv4']['address'] }}"
# IP of the host that ansible is being ran against
target_ip: "{{ ansible_default_ipv4.address }}"
@ -85,6 +86,13 @@
- "'agent' in group_names"
- not kasm_installed
- name: Run Kasm guac install tasks
include_tasks:
file: guac_install.yml
when:
- "'guac' in group_names"
- not kasm_installed
- name: enable the docker service to run at boot
service:
name: docker
@ -104,6 +112,7 @@
- "Database Password: {{ database_password }}"
- "Redis Password: {{ redis_password }}"
- "Manager Token: {{ manager_token }}"
- "Registration Token: {{ registration_token }}"
- "user@kasm.local password: {{ user_password }}"
- "admin@kasm.local password: {{ admin_password }}"
run_once: true

View file

@ -2,6 +2,7 @@
- db
- web
- agent
- guac
serial: 1
gather_facts: no
tasks:

View file

@ -2,5 +2,6 @@
- db
- web
- agent
- guac
roles:
- uninstall