automated the selection of a platform - platform restriction

2019-08-23 13:12:00 +02:00 · 2019-08-23 13:12:00 +02:00 · f4e4ed4722
commit f4e4ed4722
parent 3de387b358
15 changed files with 359 additions and 127 deletions
--- a/1
+++ b/1
@ -33,4 +33,3 @@ destroy_worker ="molecule destroy -s worker"
 destroy_agent ="molecule destroy -s agent"
 destroy_elasticsearch ="molecule destroy -s elasticsearch"
 destroy_kibana ="molecule destroy -s kibana"
--- a/Pipfile.template
+++ b/Pipfile.template
@ -1,35 +0,0 @@
 [[source]]
 url = "https://pypi.org/simple"
 verify_ssl = true
 name = "pypi"
 [packages]
 docker-py = "*"
 ansible = "==2.7.13"
 molecule = "==2.20.2"
 [dev-packages]
 [requires]
 python_version = "2.7"
 [scripts]
 test ="molecule test --destroy=never --platform _PLATFORM_"
 worker ="molecule test -s worker --destroy=never --platform _PLATFORM_"
 agent ="molecule test -s wazuh-agent --destroy=never --platform _PLATFORM_"
 elasticsearch ="molecule test -s elasticsearch  --destroy=never --platform _PLATFORM_"
 kibana ="molecule test -s kibana --destroy=never --platform _PLATFORM_"
 # Verify ..
 verify ="molecule verify"
 verify_worker ="molecule verify -s worker"
 verify_agent ="molecule verify -s agent"
 verify_elasticsearch ="molecule verify -s elasticsearch"
 verify_kibana ="molecule verify -s kibana"
 # Destroy ..
 destroy ="molecule destroy"
 destroy_worker ="molecule destroy -s worker"
 destroy_agent ="molecule destroy -s agent"
 destroy_elasticsearch ="molecule destroy -s elasticsearch"
 destroy_kibana ="molecule destroy -s kibana"
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@ -6,7 +6,7 @@ driver:
 lint:
  name: yamllint
  enabled: false
-platforms:
+bionics:
  - name: manager_bionic
    image: solita/ubuntu-systemd:bionic
    command: /sbin/init
@ -14,31 +14,6 @@ platforms:
      - nofile:262144:262144
    privileged: true
    memory_reservation: 2048m
  - name: manager_xenial
    image: solita/ubuntu-systemd:xenial
    privileged: true
    memory_reservation: 2048m
    command: /sbin/init
    ulimits:
      - nofile:262144:262144
 #  - name: trusty
 #    image: ubuntu:trusty
 #    privileged: true
 #    memory_reservation: 2048m
 #    ulimits:
 #      - nofile:262144:262144
 #  - name: centos6
 #    image: centos:6
 #    privileged: true
 #    memory_reservation: 2048m
 #    ulimits:
 #      - nofile:262144:262144
  - name: manager_centos7
    image: milcom/centos7-systemd
    memory_reservation: 2048m
    privileged: true
    ulimits:
      - nofile:262144:262144
 provisioner:
  name: ansible
  config_options:
--- a/molecule/default/molecule.yml.template
+++ b/molecule/default/molecule.yml.template
@ -0,0 +1,47 @@
 ---
 dependency:
  name: galaxy
 driver:
  name: docker
 lint:
  name: yamllint
  enabled: false
 platforms:
  - name: manager_platform_
    image: imagename
    command: /sbin/init
    ulimits:
      - nofile:262144:262144
    privileged: true
    memory_reservation: 2048m
 provisioner:
  name: ansible
  config_options:
    defaults:
      hash_behaviour: merge
  env:
    ANSIBLE_ROLES_PATH: ../../roles
  lint:
    name: ansible-lint
    enabled: true
 scenario:
  name: default
  test_sequence:
    - lint
    - dependency
    - cleanup
    - destroy
    - syntax
    - create
    - prepare
    - converge
    #- idempotence
    - side_effect
    - verify
    - cleanup
    - destroy
 verifier:
  name: testinfra
  lint:
    name: flake8
    enabled: true
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@ -8,40 +8,14 @@ lint:
  options:
    config-data:
      ignore: .virtualenv
-platforms:
+bionics:
-  - name: elasticsearch
+  - name: elasticsearch_bionic
    image: solita/ubuntu-systemd:bionic
    command: /sbin/init
    ulimits:
      - nofile:262144:262144
    privileged: true
    memory_reservation: 2048m
  #- name: xenial
  #  image: solita/ubuntu-systemd:xenial
  #  privileged: true
  #  memory_reservation: 2048m
  #  command: /sbin/init
  #  ulimits:
  #    - nofile:262144:262144
  #- name: trusty
  #image: ubuntu:trusty
  #privileged: true
  #memory_reservation: 2048m
  #ulimits:
      #- nofile:262144:262144
  #- name: centos6
  #  image: centos:6
  #  privileged: true
  #  memory_reservation: 2048m
  #  ulimits:
  #    - nofile:262144:262144
  #- name: centos7
  #  image: milcom/centos7-systemd
  #  memory_reservation: 2048m
  #  privileged: true
  #  ulimits:
  #    - nofile:262144:262144
 provisioner:
  name: ansible
  config_options:
--- a/molecule/elasticsearch/molecule.yml.template
+++ b/molecule/elasticsearch/molecule.yml.template
@ -0,0 +1,57 @@
 ---
 dependency:
  name: galaxy
 driver:
  name: docker
 lint:
  name: yamllint
  options:
    config-data:
      ignore: .virtualenv
 platforms:
  - name: elasticsearch_platform_
    image: imagename
    command: /sbin/init
    ulimits:
      - nofile:262144:262144
    privileged: true
    memory_reservation: 2048m
 provisioner:
  name: ansible
  config_options:
    defaults:
      hash_behaviour: merge
  playbooks:
    docker:
      create: ../default/create.yml
      destroy: ../default/destroy.yml
      prepare: ../default/prepare.yml
  env:
    ANSIBLE_ROLES_PATH: ../../roles
  lint:
    name: ansible-lint
    enabled: true
  inventory:
    group_vars:
      all:
        elasticsearch_jvm_xms: 512
 scenario:
  name: elasticsearch
  test_sequence:
    - lint
    - dependency
    - cleanup
    - destroy
    - syntax
    - create
    - prepare
    - converge
    #- idempotence
    - side_effect
    - verify
    - cleanup
    - destroy
 verifier:
  name: testinfra
  lint:
    name: flake8
--- a/molecule/elasticsearch/playbook.yml
+++ b/molecule/elasticsearch/playbook.yml
@ -3,4 +3,4 @@
  hosts: all
  roles:
    - role: elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 'elasticsearch_platform'
+      elasticsearch_network_host: 'elasticsearch_bionic'
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@ -8,7 +8,7 @@ lint:
  options:
    config-data:
      ignore: .virtualenv
-platforms:
+bionics:
  - name: kibana_bionic
    image: solita/ubuntu-systemd:bionic
    command: /sbin/init
--- a/molecule/kibana/molecule.yml.template
+++ b/molecule/kibana/molecule.yml.template
@ -0,0 +1,64 @@
 ---
 dependency:
  name: galaxy
 driver:
  name: docker
 lint:
  name: yamllint
  options:
    config-data:
      ignore: .virtualenv
 platforms:
  - name: kibana_platform_
    image: imagename
    command: /sbin/init
    ulimits:
      - nofile:262144:262144
    privileged: true
    memory_reservation: 1024m
  - name: kibana_xenial
    image: solita/ubuntu-systemd:xenial
    privileged: true
    memory_reservation: 1024m
    command: /sbin/init
    ulimits:
      - nofile:262144:262144
 #  - name: trusty
 #    image: ubuntu:trusty
 #    memory_reservation: 1024m
 #    ulimits:
 #      - nofile:262144:262144
 #  - name: centos6
 #    image: centos:6
 #    privileged: true
 #    memory_reservation: 1024m
 #    ulimits:
 #      - nofile:262144:262144
  - name: kibana_centos7
    image: milcom/centos7-systemd
    memory_reservation: 1024m
    privileged: true
    ulimits:
      - nofile:262144:262144
 provisioner:
  name: ansible
  config_options:
    defaults:
      hash_behaviour: merge
  playbooks:
    docker:
      create: ../default/create.yml
      destroy: ../default/destroy.yml
  env:
    ANSIBLE_ROLES_PATH: ../../roles
  lint:
    name: ansible-lint
    enabled: true
  inventory:
    group_vars:
      all:
        elasticsearch_jvm_xms: 256
 verifier:
  name: testinfra
  lint:
    name: flake8
--- a/molecule/kibana/playbook.yml
+++ b/molecule/kibana/playbook.yml
@ -3,4 +3,4 @@
  hosts: all
  roles:
    - role: elastic-stack/ansible-kibana
-      elasticsearch_network_host: 'elasticsearch_platform'
+      elasticsearch_network_host: 'elasticsearch_bionic'
--- a/molecule/wazuh-agent/molecule.yml.template
+++ b/molecule/wazuh-agent/molecule.yml.template
@ -0,0 +1,89 @@
 ---
 dependency:
  name: galaxy
 driver:
  name: docker
  #lint:
  #  name: yamllint
 lint:
  name: yamllint
  options:
    config-data:
      ignore: .virtualenv
 platforms:
  #- name: wazuh_server_centos7
  #  image: milcom/centos7-systemd
  #  networks:
  #    - name: wazuh
  #  privileged: true
  #  groups:
  #    - manager
  - name: wazuh_agent_bionic
    image: ubuntu:bionic
    networks:
      - name: wazuh
    groups:
      - agent
  #- name: wazuh_agent_xenial
  #  image: solita/ubuntu-systemd:xenial
  #  privileged: true
  #  command: /sbin/init
  #  networks:
  #    - name: wazuh
  #  groups:
  #    - agent
  #- name: wazuh_agent_trusty
  #  image: ubuntu:trusty
  #  networks:
  #    - name: wazuh
  #  groups:
  #    - agent
  #- name: wazuh_agent_centos6
  #  image: centos:6
  #  networks:
  #    - name: wazuh
  #  groups:
  #    - agent
  #- name: wazuh_agent_centos7
  #  image: milcom/centos7-systemd
  #  privileged: true
  #  networks:
  #    - name: wazuh
  #  groups:
  #    - agent
 provisioner:
  name: ansible
  config_options:
    defaults:
      hash_behaviour: merge
  playbooks:
    docker:
      create: ../default/create.yml
      destroy: ../default/destroy.yml
  env:
    ANSIBLE_ROLES_PATH: ../../roles
  inventory:
    group_vars:
      agent:
        api_pass: password
        wazuh_managers:
          - address: "{{ wazuh_manager_ip }}"
            port: 1514
            protocol: tcp
            api_port: 55000
            api_proto: 'http'
            api_user: null
        wazuh_agent_authd:
          enable: true
          port: 1515
          ssl_agent_ca: null
          ssl_agent_cert: null
          ssl_agent_key: null
          ssl_auto_negotiate: 'no'
  lint:
    name: ansible-lint
    enabled: true
 verifier:
  name: testinfra
  lint:
    name: flake8
--- a/molecule/wazuh-agent/playbook.yml.template
+++ b/molecule/wazuh-agent/playbook.yml.template
@ -0,0 +1,18 @@
 ---
 - name: Converge
  hosts: all
  roles:
    - role: wazuh/ansible-wazuh-agent
  vars:
    wazuh_managers:
      - address: 'manager_platform'
        port: 1514
        protocol: tcp
        api_port: 55000
        api_proto: 'http'
        api_user: ansible
    wazuh_agent_authd:
      enable: true
      port: 1515
      ssl_agent_ca: null
      ssl_auto_negotiate: 'no'    
--- a/molecule/worker/molecule.yml
+++ b/molecule/worker/molecule.yml
@ -8,7 +8,7 @@ lint:
  options:
    config-data:
      ignore: .virtualenv
-platforms:
+bionics:
  - name: worker_bionic
    image: solita/ubuntu-systemd:bionic
    command: /sbin/init
@ -16,31 +16,7 @@ platforms:
      - nofile:262144:262144
    privileged: true
    memory_reservation: 2048m
-  - name: worker_xenial
+
    image: solita/ubuntu-systemd:xenial
    privileged: true
    memory_reservation: 2048m
    command: /sbin/init
    ulimits:
      - nofile:262144:262144
  - name: trusty
  #image: ubuntu:trusty
  #privileged: true
  #memory_reservation: 2048m
  #ulimits:
      #- nofile:262144:262144
  #- name: centos6
  #  image: centos:6
  #  privileged: true
  #  memory_reservation: 2048m
  #  ulimits:
  #    - nofile:262144:262144
  - name: worker_centos7
    image: milcom/centos7-systemd
    memory_reservation: 2048m
    privileged: true
    ulimits:
      - nofile:262144:262144
 provisioner:
  name: ansible
  config_options:
--- a/molecule/worker/molecule.yml.template
+++ b/molecule/worker/molecule.yml.template
@ -0,0 +1,54 @@
 ---
 dependency:
  name: galaxy
 driver:
  name: docker
 lint:
  name: yamllint
  options:
    config-data:
      ignore: .virtualenv
 platforms:
  - name: worker_platform_
    image: imagename
    command: /sbin/init
    ulimits:
      - nofile:262144:262144
    privileged: true
    memory_reservation: 2048m
 provisioner:
  name: ansible
  config_options:
    defaults:
      hash_behaviour: merge
  playbooks:
    docker:
      create: ../default/create.yml
      destroy: ../default/destroy.yml
      prepare: ../default/prepare.yml
  env:
    ANSIBLE_ROLES_PATH: ../../roles
  lint:
    name: ansible-lint
    enabled: true
 scenario:
  name: worker
  test_sequence:
    - lint
    - dependency
    - cleanup
    - destroy
    - syntax
    - create
    - prepare
    - converge
    #- idempotence
    - side_effect
    - verify
    - cleanup
    - destroy
 verifier:
  name: testinfra
  lint:
    name: flake8
--- a/run_cluster_mode.sh
+++ b/run_cluster_mode.sh
@ -1,24 +1,38 @@
 #!/bin/bash
 paths=( "molecule/default/" "molecule/worker/" "molecule/elasticsearch/" "molecule/kibana/" )
 images=( "solita/ubuntu-systemd:bionic" "solita/ubuntu-systemd:xenial" "milcom/centos7-systemd" "ubuntu:trusty" "centos:6" )
 platform=( "bionic" "xenial" "centos7" "trusty" "centos6" )
-if [ -z "$1" ]
+echo "Please select an image. "
 select IMAGE in "${images[@]}";
 do
     echo "You picked $IMAGE ($REPLY)"
     break
 done
 index=$(($REPLY - 1))
 if [ -z "$IMAGE" ]
 then
      echo "Platform not selected. Please select a platform of [bionuc, xenial or centos7]. => Aborting"
      echo "Run Instruction: ./run_cluster_mode.sh <platform>"
      exit
 else
-      for i in "${paths[@]}"
+        for i in "${paths[@]}"
-      do
+        do
            cp "$i/playbook.yml.template" "$i/playbook.yml"
-            sed -i "s/platform/$1/g" "$i/playbook.yml"
+            sed -i "s/platform/${platform[$index]}/g" "$i/playbook.yml"
      done
-      cp Pipfile.template Pipfile
+            cp "$i/molecule.yml.template" "$i/molecule.yml"
-      sed -i "s/_PLATFORM_/$1/g" Pipfile
+            sed -i "s|imagename|${images[$index]}|g" "$i/molecule.yml"
            sed -i "s/platform_/${platform[$index]}/g" "$i/molecule.yml"    
        done
 fi
 sudo pipenv run elasticsearch
 sudo pipenv run test
-sudo pipenv run agent
+sudo pipenv run worker
 sudo pipenv run kibana