-
Notifications
You must be signed in to change notification settings - Fork 1
/
jsos.yaml
107 lines (95 loc) · 3.97 KB
/
jsos.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
#####################################################################
# _._
# /_ _`. (c) 2016-2018, David A. Desrosiers
# (.(.)| david dot desrosiers at canonical dot com
# |\_/'|
# )____`\ If you find this useful, please drop me
# //_V _\ \ an email, or send me bug reports if you find
# (( | `(_) problems with it.
# / \> ' / \
# \ \.__./ / Ansible playbook for pulling sosreports from
# `-' `-' a juju-deployed cluster of units
#
#####################################################################
# Make sure you pass in the correct '-l <host_group>' param to limit
# collection of the sosreports for those nodes, else it will do ALL
# nodes from your inventory file (eg: your entire juju deployment)
- name: Generate, collect and upload sosreports from each unit in the juju controller scope
hosts: all,!localhost
vars_files:
- vars.yaml
# Change this to a user that can SSH into the juju units
remote_user: '{{ remote_user }}'
become: yes
tasks:
- name: Create a local cache directory for sosreports to be created within
file: path={{ temp_dir }} state=directory
- name: Create sosreports from each juju unit
shell: '{{ sos_cmd }} {{ sos_opt }} --tmp-dir={{ temp_dir }} --name={{ juju_unit }} --case-id={{ case_id }}'
- name: Build a list of the sosreport filenames to fetch
find:
paths: '{{ temp_dir }}'
file_type: file
recurse: no
patterns: "sosreport-.*{{ case_id }}-{{ date_frag }}.*(?:xz|xz.md5)"
use_regex: yes
register: sosreport_files
# I need to do this because the reports are owned by 'root:root' on
# the units and I can't pull them back (no root ssh) without +r perms
- name: Set permissions of remote sosreport files so we can read them
file:
path: '{{ item.path }}'
owner: '{{ remote_user }}'
group: '{{ remote_user }}'
mode: 0644
become: yes
with_items: '{{ sosreport_files.files }}'
- name: Fetch the sosreports from the hosts
fetch:
src: '{{ item.path }}'
dest: '{{ temp_dir }}/{{ item.path | basename }}'
flat: yes
with_items: '{{ sosreport_files.files }}'
# Once we have received the files, we clean out the directory on the unit
# so we don't consume the local disk space of the unit or container
- name: Remove sosreports from the juju units after fetching to controller
file:
path: '{{ temp_dir }}'
state: absent
- name: Add support SSH key to the user environment
delegate_to: localhost
connection: local
become: no
authorized_key:
user: "{{ lookup('env','USER') }}"
state: present
key: '{{ item }}'
with_file:
- '{{ support_key }}'
- name: Create the remote directory for the case in the portal
delegate_to: localhost
connection: local
become: no
run_once: yes
command: bash -c "sshpass -p {{ sftp_user }} sftp -C {{ sftp_user }}@{{ sftp_host }} <<< $'mkdir {{ case_id }}'"
# If the support portal is also an Ansible node, you can use 'copy' instead
# of the command + sftp here. In my specific use case, it is not, so I do
# it 'raw' with low-level commands.
- name: Upload the collected sosreports to the support portal
delegate_to: localhost
connection: local
become: no
command: bash -c "sshpass -p {{ sftp_user }} sftp -C -c aes128-ctr {{ sftp_user }}@{{ sftp_host }} <<< $'put {{ item.path }} {{ case_id }}'"
with_items: '{{ sosreport_files.files }}'
# Idempotency is important, so we return the machine to the same state we
# found it when we started.
- name: Remove support SSH key from the user environment
delegate_to: localhost
connection: local
become: no
authorized_key:
user: "{{ lookup('env','USER') }}"
state: absent
key: '{{ item }}'
with_file:
- '{{ support_key }}'