diff --git a/.github/workflows/ansible-integration.yaml b/.github/workflows/ansible-integration.yaml index 50d29d3..a6f4d1b 100644 --- a/.github/workflows/ansible-integration.yaml +++ b/.github/workflows/ansible-integration.yaml @@ -7,8 +7,8 @@ jobs: - uses: actions/checkout@v2 - name: Start docker-compose run: | - docker-compose up -d + docker compose up -d sleep 720 - docker-compose logs + docker compose logs docker ps -a - docker exec zdm-proxy-automation_client_1 cqlsh zdm-proxy-automation_proxy_1 -e 'select * from system.local;' + docker exec zdm-proxy-automation-client-1 cqlsh zdm-proxy-automation-proxy-1 -e 'select * from system.local;' diff --git a/ansible-control-host-docker/Dockerfile b/ansible-control-host-docker/Dockerfile index c1b17fb..1b57132 100644 --- a/ansible-control-host-docker/Dockerfile +++ b/ansible-control-host-docker/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM ubuntu:22.04 +FROM ubuntu:24.04 ENV DEBIAN_FRONTEND noninteractive # install all necessary software packages and dependencies @@ -13,18 +13,15 @@ RUN apt-get update && apt-get install -y software-properties-common \ gnupg RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367 && \ - apt-add-repository "deb http://ppa.launchpad.net/ansible/ansible/ubuntu jammy main" && \ + apt-add-repository "deb http://ppa.launchpad.net/ansible/ansible/ubuntu noble main" && \ apt-get update && apt-get upgrade --yes && \ apt-get install --yes python3-pip && \ - apt-get install python3-jmespath && \ + apt-get install --yes python3-jmespath && \ + apt-get install --yes ansible && \ + apt-get install --yes python3-cryptography && \ apt-get autoremove && apt-get autoclean -RUN sudo python3 -m pip install ansible -RUN sudo python3 -m pip install cryptography - -# create ubuntu user -RUN useradd -ms /bin/bash ubuntu -RUN usermod -aG sudo ubuntu +# switch to ubuntu user USER ubuntu WORKDIR /home/ubuntu/ @@ -52,4 +49,3 @@ RUN mkdir target_tls_files RUN mkdir zdm_proxy_tls_files ENTRYPOINT ["/bin/bash"] - diff --git a/ansible/tasks/install_docker_ansible_module.yml b/ansible/tasks/install_docker_ansible_module.yml index ccc61cf..59f65a8 100644 --- a/ansible/tasks/install_docker_ansible_module.yml +++ b/ansible/tasks/install_docker_ansible_module.yml @@ -4,6 +4,9 @@ - package_list: [ 'curl', 'software-properties-common', 'python3-pip', 'virtualenv', 'python3-setuptools' ] when: install_packages | bool +# On Ubuntu 22 and below, install docker-py package using pip. +# On Ubuntu 24 and above, use apt-get. + - name: Uninstall incompatible Docker-py Module become: no pip: @@ -11,10 +14,18 @@ state: absent vars: ansible_python_interpreter: python3 + when: ansible_distribution_major_version | int < 24 -- name: Install Docker Module for Python +- name: Install Docker Module for Python Pip pip: name: docker version: 2.7.0 vars: ansible_python_interpreter: python3 + when: ansible_distribution_major_version | int < 24 + +- name: Install Docker Module for Python Apt + apt: + name: python3-docker + state: present + when: ansible_distribution_major_version | int >= 24 \ No newline at end of file diff --git a/compose/client-entrypoint.sh b/compose/client-entrypoint.sh index b035d92..7266184 100755 --- a/compose/client-entrypoint.sh +++ b/compose/client-entrypoint.sh @@ -26,10 +26,10 @@ echo "Installing cqlsh" pip install -U cqlsh echo "Testing cqlsh" -test_conn zdm-proxy-automation_proxy_1 +test_conn zdm-proxy-automation-proxy-1 echo "Running SELECT statement" -select_all zdm-proxy-automation_proxy_1 +select_all zdm-proxy-automation-proxy-1 echo "Ready" tail -F /dev/null # keeps container running \ No newline at end of file diff --git a/compose/jumphost-entrypoint.sh b/compose/jumphost-entrypoint.sh index 7c29fc3..edde376 100755 --- a/compose/jumphost-entrypoint.sh +++ b/compose/jumphost-entrypoint.sh @@ -54,14 +54,14 @@ if ! id "ubuntu" &>/dev/null; then echo "Adding proxy servers to SSH known_hosts" gosu ubuntu touch /home/ubuntu/.ssh/known_hosts - scan_key zdm-proxy-automation_jumphost_1 - scan_key zdm-proxy-automation_proxy_1 - scan_key zdm-proxy-automation_proxy_2 - scan_key zdm-proxy-automation_proxy_3 + scan_key zdm-proxy-automation-jumphost-1 + scan_key zdm-proxy-automation-proxy-1 + scan_key zdm-proxy-automation-proxy-2 + scan_key zdm-proxy-automation-proxy-3 - test_conn zdm-proxy-automation_proxy_1 - test_conn zdm-proxy-automation_proxy_2 - test_conn zdm-proxy-automation_proxy_3 + test_conn zdm-proxy-automation-proxy-1 + test_conn zdm-proxy-automation-proxy-2 + test_conn zdm-proxy-automation-proxy-3 # remove shared keys once applied to remote servers rm /run/keys/*.pub @@ -76,14 +76,14 @@ fi echo "Starting SSH server" /etc/init.d/ssh start -test_conn zdm-proxy-automation_proxy_1 -test_conn zdm-proxy-automation_proxy_2 -test_conn zdm-proxy-automation_proxy_3 +test_conn zdm-proxy-automation-proxy-1 +test_conn zdm-proxy-automation-proxy-2 +test_conn zdm-proxy-automation-proxy-3 -export PROXY_IP_1=$(get_ip zdm-proxy-automation_proxy_1) -export PROXY_IP_2=$(get_ip zdm-proxy-automation_proxy_2) -export PROXY_IP_3=$(get_ip zdm-proxy-automation_proxy_3) -export JUMPHOST_IP=$(get_ip zdm-proxy-automation_jumphost_1) +export PROXY_IP_1=$(get_ip zdm-proxy-automation-proxy-1) +export PROXY_IP_2=$(get_ip zdm-proxy-automation-proxy-2) +export PROXY_IP_3=$(get_ip zdm-proxy-automation-proxy-3) +export JUMPHOST_IP=$(get_ip zdm-proxy-automation-jumphost-1) cd /opt/zdm-proxy-automation || return @@ -100,9 +100,9 @@ gosu ubuntu ansible-playbook deploy_zdm_proxy.yml -i zdm_ansible_inventory \ -e "origin_password=foo" \ -e "target_username=foo" \ -e "target_password=foo" \ - -e "origin_contact_points=zdm-proxy-automation_origin_1" \ + -e "origin_contact_points=zdm-proxy-automation-origin-1" \ -e "origin_port=9042" \ - -e "target_contact_points=zdm-proxy-automation_target_1" \ + -e "target_contact_points=zdm-proxy-automation-target-1" \ -e "target_port=9042" echo "Ready" diff --git a/orchestration-scripts/run_terraform_zdm.sh b/orchestration-scripts/run_terraform_zdm.sh index d568916..79ed8cb 100755 --- a/orchestration-scripts/run_terraform_zdm.sh +++ b/orchestration-scripts/run_terraform_zdm.sh @@ -54,7 +54,7 @@ zdm_vpc_cidr_prefix="172.18" #custom_name_suffix= # OPTIONAL: zdm_linux_distro to be used for both proxy and monitoring instances. -# Defaults to jammy (Ubuntu 22.04), valid options are focal, jammy, centos7, centos8, centos9, rocky8, rocky9, rhel7, rhel8. +# Defaults to noble (Ubuntu 24.04), valid options are focal, jammy, noble, centos7, centos8, centos9, rocky8, rocky9, rhel7, rhel8. #zdm_linux_distro= # OPTIONAL: AWS instance type to be used for each ZDM proxy. Defaults to c5.xlarge, almost always fine. diff --git a/orchestration-scripts/run_terraform_zdm_no_peering.sh b/orchestration-scripts/run_terraform_zdm_no_peering.sh index 10ff495..edc0cf4 100755 --- a/orchestration-scripts/run_terraform_zdm_no_peering.sh +++ b/orchestration-scripts/run_terraform_zdm_no_peering.sh @@ -42,7 +42,7 @@ zdm_vpc_cidr_prefix="172.18" #custom_name_suffix= # OPTIONAL: zdm_linux_distro to be used for both proxy and monitoring instances. -# Defaults to jammy (Ubuntu 22.04), valid options are focal, jammy, centos7, centos8, centos9, rocky8, rocky9, rhel7, rhel8. +# Defaults to noble (Ubuntu 24.04), valid options are focal, jammy, noble, centos7, centos8, centos9, rocky8, rocky9, rhel7, rhel8. #zdm_linux_distro= # OPTIONAL: AWS instance type to be used for each ZDM proxy. Defaults to c5.xlarge, almost always fine. diff --git a/orchestration-scripts/setup_ansible_control_host.sh b/orchestration-scripts/setup_ansible_control_host.sh index 059c24a..ef8b6a8 100755 --- a/orchestration-scripts/setup_ansible_control_host.sh +++ b/orchestration-scripts/setup_ansible_control_host.sh @@ -50,7 +50,7 @@ printf "# proxy instances \nHost %s.*\n IdentityFile %s/%s\n" "${zdm_proxy_priv if ! command -v ansible &> /dev/null; then echo "Installing Ansible" sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367 - sudo apt-add-repository "deb http://ppa.launchpad.net/ansible/ansible/ubuntu jammy main" + sudo apt-add-repository "deb http://ppa.launchpad.net/ansible/ansible/ubuntu noble main" sudo apt update --yes sudo apt upgrade --yes sudo apt install --yes software-properties-common diff --git a/terraform/aws/no-peering-deployment-root-aws/variables.tf b/terraform/aws/no-peering-deployment-root-aws/variables.tf index 744578d..d6660c6 100644 --- a/terraform/aws/no-peering-deployment-root-aws/variables.tf +++ b/terraform/aws/no-peering-deployment-root-aws/variables.tf @@ -46,10 +46,10 @@ variable "owner" { } variable "zdm_linux_distro" { - default = "jammy" + default = "noble" validation { - condition = can(regex("focal|jammy|centos7|centos8|centos9|rocky8|rocky9|rhel7|rhel8", var.zdm_linux_distro)) - error_message = "Invalid Linux distro, allowed_values = [focal jammy centos7 centos8 centos9 rocky8 rocky9 rhel7 rhel8]." + condition = can(regex("focal|jammy|noble|centos7|centos8|centos9|rocky8|rocky9|rhel7|rhel8", var.zdm_linux_distro)) + error_message = "Invalid Linux distro, allowed_values = [focal jammy noble centos7 centos8 centos9 rocky8 rocky9 rhel7 rhel8]." } } diff --git a/terraform/aws/self-contained-deployment-root-aws/variables.tf b/terraform/aws/self-contained-deployment-root-aws/variables.tf index afbd682..f64ac7b 100644 --- a/terraform/aws/self-contained-deployment-root-aws/variables.tf +++ b/terraform/aws/self-contained-deployment-root-aws/variables.tf @@ -63,10 +63,10 @@ variable "owner" { } variable "zdm_linux_distro" { - default = "jammy" + default = "noble" validation { - condition = can(regex("focal|jammy|centos7|centos8|centos9|rocky8|rocky9|rhel7|rhel8", var.zdm_linux_distro)) - error_message = "Invalid Linux distro, allowed_values = [focal jammy centos7 centos8 centos9 rocky8 rocky9 rhel7 rhel8]." + condition = can(regex("focal|jammy|noble|centos7|centos8|centos9|rocky8|rocky9|rhel7|rhel8", var.zdm_linux_distro)) + error_message = "Invalid Linux distro, allowed_values = [focal jammy noble centos7 centos8 centos9 rocky8 rocky9 rhel7 rhel8]." } } diff --git a/terraform/aws/submodules-aws/instances-aws/main.tf b/terraform/aws/submodules-aws/instances-aws/main.tf index 80c6d16..74d0136 100644 --- a/terraform/aws/submodules-aws/instances-aws/main.tf +++ b/terraform/aws/submodules-aws/instances-aws/main.tf @@ -29,6 +29,7 @@ locals { allowed_linux_distros = { focal = { owner = "amazon", name_pattern = "ubuntu/images/*/ubuntu-*-20.04-*", linux_user = "ubuntu" } jammy = { owner = "amazon", name_pattern = "ubuntu/images/*/ubuntu-*-22.04-*", linux_user = "ubuntu" } + noble = { owner = "amazon", name_pattern = "ubuntu/images/*/ubuntu-*-24.04-*", linux_user = "ubuntu" } centos7 = { owner = "125523088429", name_pattern = "CentOS Linux 7*", linux_user = "centos" } centos8 = { owner = "125523088429", name_pattern = "CentOS Stream 8*", linux_user = "centos" } centos9 = { owner = "125523088429", name_pattern = "CentOS Stream 9*", linux_user = "ec2-user" } diff --git a/terraform/aws/submodules-aws/instances-aws/variables.tf b/terraform/aws/submodules-aws/instances-aws/variables.tf index cf71e4f..80e9e6e 100644 --- a/terraform/aws/submodules-aws/instances-aws/variables.tf +++ b/terraform/aws/submodules-aws/instances-aws/variables.tf @@ -33,10 +33,10 @@ variable "custom_name_suffix" {} variable "owner" {} variable "zdm_linux_distro" { - default = "jammy" + default = "noble" validation { - condition = can(regex("focal|jammy|centos7|centos8|centos9|rocky8|rocky9|rhel7|rhel8", var.zdm_linux_distro)) - error_message = "Invalid Linux distro, allowed_values = [focal jammy centos7 centos8 centos9 rocky8 rocky9 rhel7 rhel8]." + condition = can(regex("focal|jammy|noble|centos7|centos8|centos9|rocky8|rocky9|rhel7|rhel8", var.zdm_linux_distro)) + error_message = "Invalid Linux distro, allowed_values = [focal jammy noble centos7 centos8 centos9 rocky8 rocky9 rhel7 rhel8]." } }