-
Notifications
You must be signed in to change notification settings - Fork 2
/
setup_tetration_sensor.yml
173 lines (153 loc) · 5.22 KB
/
setup_tetration_sensor.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
#!/usr/bin/ansible-playbook
---
#
# setup_tetration_sensor.yml
#
# Copyright (c) 2018 World Wide Technology, Inc.
# All rights reserved.
#
# author: joel.king@wwt.com
#
# usage: ./setup_tetration_sensor.yml -e "PASSWORDS_DIR=$HOME/ansible/playbooks"
#
# export ANSIBLE_LOG_PATH=/tmp/verify.txt
# ./setup_tetration_sensor.yml --tags check -e "PASSWORDS_DIR=$HOME/ansible/playbooks"
# grep 'command: ' /tmp/verify.txt
#
# notes:
# Tested using Linux verson: CentOS-7-x86_64-Everything-1804.iso
#
# For human-readable output modify ansible.cfg statement stdout_callback = debug
# and excute with -v
#
# reference:
# Cisco Tetration Analytics Installation Guide for the Software Agent
# https://www.cisco.com/c/dam/en/us/td/docs/data-center-analytics/tetration-analytics/sw/install/cta_install_guide_for_software_sensor_agents.pdf
#
- name: Installs Tetration software agent
hosts: TETRATION
no_log: False
gather_facts: True
vars_files:
- "{{ PASSWORDS_DIR }}/passwords.yml"
vars:
students: 0
download:
dest_dir: "/tmp/tetration/"
images:
- {server: "ftp://{{ ftp.username }}:{{ ftp.password }}@10.255.40.101/SDN/images/tetration/", fn: "tet-sensor-2.3.1.41-1.el7-atctetration01.enforcer.x86_64.rpm"}
commands:
check: # Checks if the deep visibility agent dependencies are met on RHEL, CentOS...
- cat /etc/centos-release
- uname -r
- cat /etc/shells
- rpm --showrc | grep 'rpmlib(CompressedFileNames)'
- rpm --showrc | grep 'rpmlib(PayloadFilesHavePrefix)'
- rpm --showrc | grep rpmlib
- curl -V
- dmidecode -V
- openssl version -a
- cpio --version
- sed --version
- awk --version
- flock -V
- rpm -qa | grep lsb
- yum provides */lsb_release
- rpm -qa | grep libpcap
- iptables --version
- ipset --version
- crontab -l
verification: # verifies the agent installation on RHEL, CentOS...
- service tet-sensor status
- service tet-enforcer status
- ps aux | grep tet
- rpm -qa | grep tet
- netstat -natp | grep -i tet
packages:
apt:
- git
pip:
- tetpyclient # Python API Client for Tetration Analytics
yum:
- git # Git for Training
- python-pip # Pip not installed on CentOS by default
- epel-release # Required to download the latest Ansible
- ansible # Ansible for Training
- redhat-lsb-core # Pre-req for the Tetraton software sensor
tasks:
- name: Setup determines package manager and distribution
debug: # 'apt' or 'yum', 'CentOS', 'Ubuntu', etc.
msg: "Package manager:{{ ansible_pkg_mgr }} Distro:{{ ansible_distribution }}"
#
# CentOS
#
- name: Install Tetration software sensor
block:
- name: Optionally issue commands for pre-install check
shell: "{{ item }}"
with_items: "{{ commands.check }}"
register: check
ignore_errors: True
tags: check
- debug:
msg: "command: {{ item.cmd }} value: {{ item.stdout }}"
with_items: "{{ check.results }}"
tags: check
- name: Create a directory for the file(s)
file:
path: "{{ download.dest_dir }}"
owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}"
state: directory
mode: 0755
become: true
- name: Download files / to install on the server
get_url:
url: "{{ item.server }}{{ item.fn }}"
dest: "{{ download.dest_dir }}{{ item.fn }}"
with_items: "{{ download.images }}"
- name: Install the yum packages
yum:
name: "{{ item }}"
state: latest
with_items: "{{ packages.yum }}"
- name: Install Tetration (using yum)
yum:
name: "{{ download.dest_dir }}{{ item.fn }}"
with_items: "{{ download.images }}"
- name: Upgrade all packages
yum:
name: '*'
state: latest
- name: Issue commands for post-install check
shell: "{{ item }}"
with_items: "{{ commands.verification }}"
register: check
tags: post
- debug:
msg: "command: {{ item.cmd }} value: {{ item.stdout }}"
with_items: "{{ check.results }}"
tags: post
when: ansible_pkg_mgr == 'yum'
become: true
become_user: root
#
# Python
#
- name: Common Python packages
block:
- name: Install the python packages
pip:
name: "{{ item }}"
state: latest
use_mirrors: no
with_items: "{{ packages.pip }}"
#
# Create student user accounts
#
- include_role:
name: create_user
vars:
class_size: "{{ students }}"
when: students > 0
tags: create_user