Mosudi Isiaka Contact Me

AUTOMATION WITH ANSIBLE

The automation will achieve the following deliverables:

  1. AWS ec2 server provisioning
  2. Ubuntu Server repository update and system upgrade
  3. Creation and activation of swap space to compensate for low RAM vailable on the ec2 instance
  4. Requisite Software Installation
  5. Apache2 Web Server, Mysql Server, Mysql Client, phpmyadmin and PHP installation
  6. Local timezone modification
  7. Addition of both Docker CE, Icinga2 and Icingaweb2 Ubuntu repositories
  8. Docker CE, Icinga2 and Icingaweb2, Icinga2 CLI Installation
  9. Installation of Nagios plugins and Icingaweb2 directory configurations
  10. Enable Icinga2 features
  11. Create Icinga2 Web Token and make it available at the console
  12. Extract IDO mysql database details

If you are the type that will rather see the action than follow-up to boring stories:

Click here to watch fullscreen video

Let's see the playbook



- name: Create Ec2 Instances
  hosts: localhost
  connection: local
  gather_facts: False

  vars:
    # prefix for naming
    prefix: staging
    ec2_access_key: AKIAIAF7XXXXXXXXXXXX           	# Click here
    ec2_secret_key: VDELVxxxxxxxxxxxxxxxxxxxxxxxxx	# Click here
    ec2_region: us-west-2
    ec2_image: ami-6635cd06
#   ec2_image: ami-efd0428f
    ec2_instance_type: t2.micro
    ec2_keypair: mioxxxxxxxx				# Click here
    ec2_security_group: crossxxxxxxx			# Click here
    ec2_instance_count: 1
    ec2_vol_size: 25
    ec2_tag: mioansible2
#    ec2_volume_size: 26
    wait_for_port: 22


  tasks:
    - name: Provision of Ubuntu 14.04  AWS Instance and Demo Lab Setup of (ICINGA2 AND DOCKER CE) by Mosudi Isiaka
      ec2: 
        access_key="{{ ec2_access_key }}"
        secret_key="{{ ec2_secret_key }}"
        keypair="{{ ec2_keypair }}"
        group="{{ ec2_security_group }}"
        type="{{ ec2_instance_type }}"
        image="{{ ec2_image }}"
        region="{{ ec2_region }}"
        instance_tags="{'Name':'{{ ec2_tag }}'}"
        count="{{ ec2_instance_count }}"
        wait=true 
      register: ec2

    - name: Wait for SSH to come up
      wait_for:
        host: "{{ item.public_dns_name }}"
        port: 22
        delay: 60
        timeout: 320
        state: started
      with_items : "{{ ec2.instances }}"
      when: ec2 

    - name: accept new ssh fingerprints                                         
      shell: ssh-keyscan -H {{ item.public_ip }} >> ~/.ssh/known_hosts          
      with_items: '{{ ec2.instances }}'

#    - name: Add all instance public IPs to host group

    - name: Add all instance public IP Address to host group
      add_host: 
#       hostname: "{{ item.public_dns_name }}"
        hostname: "{{ item.public_ip }}"
        groups: ec2hosts
      with_items: "{{ ec2.instances }}"




##APPEND NEW EC2 HOSTNAME TO /ETC/ANSIBLE/HOSTS
    - name: Generate Inventory Parameters for new ec2 host
      lineinfile: dest=/etc/ansible/hosts line="{{ item.public_ip }} ansible_ssh_user=ubuntu  ansible_ssh_private_key_file=/opt/mioxxxxxx.pem  mysql_root_password=mysqlrootpassword" state=present
      with_items: "{{ ec2.instances }}"


### EDITING  web_lab_server.sh script
    - name: Replacing the public Hostname in web_lab_server.sh script
      lineinfile: 
        dest: ~/shell_scripts/webserver/web_lab_server.sh
        regexp: '^(.*)lab_gateway_public_hostname=(.*)$' 
        line: 'lab_gateway_public_hostname={{ item.public_dns_name }}'
        backrefs: yes
      with_items: "{{ ec2.instances }}"

    - name: Replacing the public IP Address in web_lab_server.sh script
      lineinfile: 
        dest: ~/shell_scripts/webserver/web_lab_server.sh
        regexp: '^(.*)lab_gateway_public_ip=(.*)$' 
        line: 'lab_gateway_public_ip={{ item.public_ip }}'
        backrefs: yes
      with_items: "{{ ec2.instances }}"

### EDITING  db_lab_server.sh script
    - name: Replacing the public Hostname in db_lab_server.sh script
      lineinfile: 
        dest: ~/shell_scripts/dbserver/db_lab_server.sh
        regexp: '^(.*)lab_gateway_public_hostname=(.*)$' 
        line: 'lab_gateway_public_hostname={{ item.public_dns_name }}'
        backrefs: yes
      with_items: "{{ ec2.instances }}"

    - name: Replacing the public Hostname in db_lab_server.sh script
      lineinfile: 
        dest: ~/shell_scripts/dbserver/db_lab_server.sh
        regexp: '^(.*)lab_gateway_public_ip=(.*)$' 
        line: 'lab_gateway_public_ip={{ item.public_ip }}'
        backrefs: yes
      with_items: "{{ ec2.instances }}"


- name: configuration play
  hosts: ec2hosts
  user: ubuntu
  gather_facts: true


  vars:
    ansible_ssh_private_key_file: "/opt/mioxxxxxx.pem" 		# Click here
    ec2_access_key: AKIAIAF7XXXXXXXXXXXX
    ec2_secret_key: VDELVxxxxxxxxxxxxxxxxxxxxxxxxx

  tasks:

#  UPDATE THE UBUNTU LINUX SERVER 

    - name: Only run "update_cache=yes" 
      become: yes
      become_method: sudo
      apt:
        update_cache: yes
        cache_valid_time: 86400
 

########################################################
###INCREASE VIRTUAL RAM
#We have got only 1GB RAM(AWS free tier), at least we have control over virtual RAM

#INCREASE VIRTUAL RAM

    - name: Create 1GB swap space
      become: yes
      become_method: sudo
      command: dd if=/dev/zero of=/swpapace.swp bs=1024 count=1M
      when: ansible_swaptotal_mb < 1

#Setup the swap file 
    - name: Setup the swap space
      become: yes
      become_method: sudo
      command: mkswap /swpapace.swp
      when: ansible_swaptotal_mb < 1
 
#Edit /etc/fstab
    - name: Add to fstab
      become: yes
      become_method: sudo
      action: lineinfile dest=/etc/fstab regexp="swpapace.swp" line="/swpapace.swp none swap sw 0 0" state=present

#Activate the swap space
    - name: Activate the swap space
      become: yes
      become_method: sudo
      command: swapon -a


    - name: Prepare Server
      become: yes
      become_method: sudo
      apt: "name={{item}} state=latest"
#     update_cache: yes
#     cache_valid_time: 86400
      with_items:
        - apache2
        - apt-show-versions
        - apt-transport-https
        - build-essential
        - ca-certificates
        - curl
        - fish
        - libapache2-mod-php5
        - libauthen-pam-perl
        - libio-pty-perl
        - libnet-ssleay-perl
        - libpam-runtime
        - mysql-server
        - openssl
        - perl
        - php5-imagick
        - php5-intl
        - php5-ldap
        - php5-mcrypt    
        - php5-mysql
        - php5-pgsql
        - python
        - python-apt
        - python-mysqldb
        - python-pip  
        - python-software-properties
        - software-properties-common
        - vim
        - wget

    - name: Configure mcrypt 
      become: yes
      become_method: sudo
      shell: " php5enmod mcrypt "


## ADDING ICINGA2 AND DOCKER REPOSITORIES AS WELL AS UPDATING REPO.
    - name: Adding Docker Repository "APK-KEY" 
      become: yes
      become_method: sudo
      shell: "curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - "


    - name: Adding Docker Repo
      become: yes
      become_method: sudo
      apt_repository:
        repo: deb https://download.docker.com/linux/ubuntu trusty stable
        state: present


    - name: Adding Icinga2 Repository "APK-KEY" 
      become: yes
      become_method: sudo
      shell: "wget -O - https://packages.icinga.com/icinga.key | apt-key add - "


    - name: Adding Icinga2 Repo DEB
      become: yes
      become_method: sudo
      apt_repository:
        repo: deb http://packages.icinga.com/ubuntu icinga-trusty main
        state: present

    - name: Adding Icinga2 Repo SRC
      become: yes
      become_method: sudo
      apt_repository:
        repo: deb-src http://packages.icinga.com/ubuntu icinga-trusty main
        state: present


    - name: Update Repository after adding docker and icinga2 repositories
      become: yes
      become_method: sudo
      apt:
        update_cache: yes

#SERVER CONFIGURATION

    - name: Edit PHP Timezone
      become: yes
      become_method: sudo
      action: lineinfile dest=/etc/php5/apache2/php.ini regexp=";date.timezone =       " line="date.timezone =Africa/Lagos " state=present
      notify:
        - restart apache2

    - name: Installing the package  "awscli"
      become: yes
      become_method: sudo
      shell: pip install awscli    

    - name: Install Docker, Icinga, phpmyadmin
      become: yes
      become_method: sudo
      apt: "name={{item}} state=latest"
#     update_cache: yes
#     cache_valid_time: 86400
      with_items:
        - docker-ce
        - icinga2
        - mysql-client
        - icingaweb2
        - icingacli 
        - phpmyadmin
        - icinga2-ido-mysql
        - nagios-plugins


#### SETUP DOCKER
    - name: Creating docker group if it doesnt exist
      become: yes
      become_method: sudo
      group: name=docker state=present

    - name: Running Docker without sudo
      become: yes
      become_method: sudo
      command: usermod -a -G docker {{ ansible_ssh_user }}

#################################################################
### SETUP LAB DOCKER CONTAINERS FOR ICINGA2 CLIENTS

    - name:  Changing directory and Clone Ubuntu 14.0 Dockerfile
      shell: bash -c "git clone https://github.com/dockerfile/ubuntu.git"
      args:
        chdir: /home/ubuntu/

    - name:  Backup Original Dockerfile
      shell: bash -c "mv Dockerfile  Dockerfile_backup"
      args:
        chdir: /home/ubuntu/ubuntu 


### LAB APACHE WEB SERVER
    - name: Replace with WebDockerfile
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/webserver/WebDockerfile dest=/home/ubuntu/ubuntu/Dockerfile mode=0777

    - name:  Building Ubuntu 14.04 Apache2 Web server  dockerfile
      become: yes
      become_method: sudo 
      shell: bash -c 'docker build -t="dockerfile/ubuntu" /home/ubuntu/ubuntu/'
      args:
        chdir: /home/ubuntu/

    - name: Fetch web_lab_server.sh for configuration webserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/webserver/web_lab_server.sh dest=/home/ubuntu/web_lab_server.sh mode=0777

    - name: Fetch host.conf for Icinga2 configuration webserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/webserver/webhosts.conf dest=/home/ubuntu/webhosts.conf mode=0777

    - name: Fetch services.conf for Icinga2 configuration webserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/webserver/webservices.conf dest=/home/ubuntu/webservices.conf mode=0777

    - name: Creating ubuntu 14.04 Apache2 Web server docker container with hostname webserver.mosudi
      become: yes
      become_method: sudo 
      shell: /home/ubuntu/web_lab_server.sh
      args:
        chdir: /home/ubuntu/
#     register: web_lab_container




### LAB MYSQL DB SERVER

    - name: Replace with DBDockerfile
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/dbserver/DBDockerfile dest=/home/ubuntu/ubuntu/Dockerfile mode=0777

    - name: Building Ubuntu 14.04 Mysql DB server  dockerfile 
      become: yes
      become_method: sudo
      shell: bash -c 'docker build -t="dockerfile/ubuntu" /home/ubuntu/ubuntu/'
      args:
        chdir: /home/ubuntu/


    - name: Fetch db_lab_server.sh for configuration dbserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/dbserver/db_lab_server.sh dest=/home/ubuntu/db_lab_server.sh mode=0777


    - name: Fetch host.conf for Icinga2 configuration dbserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/dbserver/dbhosts.conf dest=/home/ubuntu/dbhosts.conf mode=0777

    - name: Fetch services.conf for Icinga2 configuration dbserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/dbserver/dbservices.conf dest=/home/ubuntu/dbservices.conf mode=0777

    - name: Fetch create_icinga2db.sh for Icinga2 configuration dbserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/dbserver/create_icinga2db.sh dest=/home/ubuntu/create_icinga2db.sh mode=0777



    - name: Creating ubuntu 14.04 Mysql Database server docker container with hostname dbserver.mosudi
      become: yes
      become_method: sudo 
      shell: /home/ubuntu/db_lab_server.sh
      args:
        chdir: /home/ubuntu/
#      register: db_lab_container


########## ICINGA2 MASTER
    - name: Setting Up Icinga2 DB root password
      become: yes
      become_method: sudo
      script: ~/shell_scripts/create_icinga2db.sh
      #script will reside within the Ansible master


#    - name: Setting Up Icinga2 DB
#      become: yes
#      become_method: sudo
#      shell: "source /root/create_icinga2db.sh"


    - name: Start mysql service
      become: yes
      become_method: sudo
      service: name=mysql state=reloaded

    - name: Start Apache2 service
      become: yes
      become_method: sudo
      service: name=apache2 state=reloaded

    - name: Start Icinga2
      become: yes
      become_method: sudo
      command: "icinga2 daemon -C"

    - name: Enable Icinga2 features
      become: yes
      become_method: sudo
      command: "icinga2 feature enable ido-mysql statusdata command perfdata"

    - name: Restart icinga2
      become: yes
      become_method: sudo
      service: name=icinga2 state=reloaded

#    - name: Backup original Icinga2 IDO configuration file, ido-mysql.conf. Backup ...
#      become: yes
#      become_method: sudo
#      command: "mv /etc/icinga2/features-enabled/ido-mysql.conf /etc/icinga2/features-enabled/ido-mysql.conf_backup"

#    - name: Transfer new cinga2 IDO configuration file
#      become: yes
#      become_method: sudo
#      copy: src=/home/mosud/shell_scripts/ido-mysql.conf dest=/etc/icinga2/features-enabled/ido-mysql.conf mode=0777




    - name: Creating Group Nagios 
      become: yes
      become_method: sudo
      command: addgroup --system nagios
    - name: Adding Nagios and also www-data
      become: yes
      become_method: sudo
      command: usermod -a -G nagios www-data
    - name: Setup config directory
      become: yes
      become_method: sudo
      command: "icingacli setup config directory --group nagios"

    - name: Making Icinga2 Web Folder Writeable
      become: yes
      become_method: sudo
      command: chmod -R 777 /etc/icingaweb2/
#     command: bash -c "chcon -R -t httpd_sys_content_t /etc/icingaweb2/"
#     notify:
#       - start icinga2
#       - start mysql
#       - start apache2

    - name: Start Apace2 service
      become: yes
      become_method: sudo
      service: name=apache2 state=reloaded

    - name: Create Icinga2 Web Token
      become: yes
      become_method: sudo
      command: icingacli setup token create

    - name: Create Icinga2 Web Token
      become: yes
      become_method: sudo
      command: bash -c "icingacli setup token show | cut -d':' -f2 | sed -e 's/^[ \t]*//'"
      register: out
    - name: Ido-mysql database username
      become: yes
      become_method: sudo
      command: bash -c "grep user /etc/icinga2/features-enabled/ido-mysql.conf | tr -d ','| cut -d'=' -f2"
      register: ido_db_username

    - name: Ido-mysql database dbname
      become: yes
      become_method: sudo
      command: bash -c "grep database /etc/icinga2/features-enabled/ido-mysql.conf | tr -d ','| cut -d'=' -f2 "
      register: ido_db_name
      
    - name: Ido-mysql database password
      become: yes
      become_method: sudo
      command: bash -c "grep password /etc/icinga2/features-enabled/ido-mysql.conf | tr -d ','| cut -d'=' -f2"
      register: ido_db_password

    - name: Ido-mysql database host
      become: yes
      become_method: sudo
      command: bash -c "grep host /etc/icinga2/features-enabled/ido-mysql.conf | tr -d ','| cut -d'=' -f2"
      register: ido_db_host

    - name: Icinga2 Web Token
      debug: var=out.stdout_lines

    - name: Ido-mysql database username
      debug: var=ido_db_username.stdout_lines

    - name: Ido-mysql database dbname
      debug: var=ido_db_name.stdout_lines

    - name: Ido-mysql database password
      debug: var=ido_db_password.stdout_lines

    - name: Ido-mysql database host
      debug: var=ido_db_host.stdout_lines











Did I hear you say "so loooonnnggg !"

Not too worry, I am going to break it down for you. In actual fact, a professional Ansible playbook would have been divided into several "roles","hosts",etc as the case might be.

This represents the final ultimate outcome of the project

GETTING THE JOB DONE

Getting the job done equires settup of Ansible control machine, aka Ansible Master. Ansible will try to use native OpenSSH for remote communication when possible but will fallback into using a high-quality Python implementation of OpenSSH called ‘paramiko’. Whereas, the best implementation of Ansible requires use of SSH keys, I will be using " --ask-sudo-pass " for my sudo features along the implementation process.

Configure the Ansible Master

I will be using Ubuntu LTS 16.04 Desktop for the Ansible implementation.

mosud@serverafrica ~> uname -a
Linux serverafrica 4.8.0-54-generic #57~16.04.1-Ubuntu SMP Wed May 24 16:22:28 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

mosud@serverafrica ~> cat /etc/issue
Ubuntu 16.04.2 LTS \n \l

mosud@serverafrica:~$ lsb_release -cds
Ubuntu 16.04.2 LTS
xenial



With this, I am in no doubt the version of Ansible that will be installed from the repository as this have to do with it underlying ansible commands and syntax

Installation:


mosud@serverafrica:~/shell_scripts$ 
mosud@serverafrica:~$ apt-get -y install python-software-properties
mosud@serverafrica:~$ apt-get -y install software-properties-common
mosud@serverafrica:~$ sudo apt-get install -y ansible python-boto
mosud@serverafrica:~$ sudo mv /etc/ansible/hosts /etc/ansible/hosts_backup
mosud@serverafrica:~$ sudo echo “
[local]
127.0.0.1


Localhost
[ec2hosts]

” > /etc/ansible/hosts

mosud@serverafrica:~$ cd ~
mosud@serverafrica:~$ mkdir shell_scripts
mosud@serverafrica:~$ cd shell_scripts/
mosud@serverafrica:~/shell_scripts$ 
mosud@serverafrica:~/shell_scripts$ echo "
#!/bin/sh

password=mysqlrootpassword

mysqladmin -u root password $password

  
" > create_icinga2db.sh

mosud@serverafrica:~/shell_scripts$ chmod +x create_icinga2db.sh


Installed alongside Ansible is python-boto. This is the Python interface to Amazon Web Services. I also replaced the Ansible hosts file, /etc/ansible/hosts
Then, creating the deployment ansible playbook

mosud@serverafrica:~$ vi deployment.yml 

Using Ansible for the deployment.

mosud@serverafrica:~$ sudo ansible-playbook –i hosts deployment.yml -–ask-sudo-pass

Not so fast, but until when I create all required scripts and configuration files.

NOW LETS BREAK IT DOWN

Creating Ubuntu LTS 14.04 Server ec2 instance on Amazon Web Service



- name: Create Ec2 Instances
  hosts: localhost
  connection: local
  gather_facts: False

  vars:
    # prefix for naming
    prefix: staging
    ec2_access_key: AKIAIAF7XXXXXXXXXXXX
    ec2_secret_key: VDELVxxxxxxxxxxxxxxxxxxxxxxxxx
    ec2_region: us-west-2
    ec2_image: ami-6635cd06
#   ec2_image: ami-efd0428f
    ec2_instance_type: t2.micro
    ec2_keypair: mioxxxxxxxx
    ec2_security_group: crossxxxxxxx
    ec2_instance_count: 1
    ec2_vol_size: 25
    ec2_tag: mioansible2
#    ec2_volume_size: 26
    wait_for_port: 22


  tasks:
    - name: Provision of Ubuntu 14.04  AWS Instance and Demo Lab Setup of (ICINGA2 AND DOCKER CE) by Mosudi Isiaka
      ec2: 
        access_key="{{ ec2_access_key }}"
        secret_key="{{ ec2_secret_key }}"
        keypair="{{ ec2_keypair }}"
        group="{{ ec2_security_group }}"
        type="{{ ec2_instance_type }}"
        image="{{ ec2_image }}"
        region="{{ ec2_region }}"
        instance_tags="{'Name':'{{ ec2_tag }}'}"
        count="{{ ec2_instance_count }}"
        wait=true 
      register: ec2



NB: You need Amazon webservices account for you to create an ec2 instance. You might want to visit https://aws.amazon.com/ if you do not have an account.
There are four(4) fundamental security requirements for you to succesfully create ec2 instance(s)
  1. access_key
  2. secret_key
  3. ec2_keypair
  4. ec2_security_group
Also, ec2_image and ec2_instance_type are equally basic requirements for ec2 instance launch. Feel free to search for any of these terms on the AWS documentation website https://aws.amazon.com/documentation/. A very important index to note is ec2_instance_count, the number count determines how many of this server we want to launch. The task "ec2" launches the instance using the avaialable parameter while the task "register: ec2" registers the created instance in the memory for address

Tactical monitoring of the new instance via ssh while waiting for further commands to be forwarded until the instance is up and running



    - name: Wait for SSH to come up
      wait_for:
        host: "{{ item.public_dns_name }}"
        port: 22
        delay: 60
        timeout: 320
        state: started
      with_items : "{{ ec2.instances }}"
      when: ec2 


Creating ssh fingerprints for the newly created server and adding server to new host group, ec2hosts


  - name: accept new ssh fingerprints                                         
      shell: ssh-keyscan -H {{ item.public_ip }} >> ~/.ssh/known_hosts          
      with_items: '{{ ec2.instances }}'

#    - name: Add all instance public IPs to host group

    - name: Add all instance public names to host group
      add_host: 
#       hostname: "{{ item.public_dns_name }}"
        hostname: "{{ item.public_ip }}"
        groups: ec2hosts
      with_items: "{{ ec2.instances }}"


Adding the newly created server to the inventory with necessary parameters


##APPEND NEW EC2 HOSTNAME TO /ETC/ANSIBLE/HOSTS
    - name: Generate Inventory Parameters for new ec2 host
      lineinfile: dest=/etc/ansible/hosts line="{{ item.public_ip }} ansible_ssh_user=ubuntu  ansible_ssh_private_key_file=/opt/mioxxxxxx.pem  mysql_root_password=mysqlrootpassword" state=present
      with_items: "{{ ec2.instances }}"


### EDITING  web_lab_server.sh script
    - name: Replacing the public Hostname in web_lab_server.sh script
      lineinfile: 
        dest: ~/shell_scripts/webserver/web_lab_server.sh
        regexp: '^(.*)lab_gateway_public_hostname=(.*)$' 
        line: 'lab_gateway_public_hostname={{ item.public_dns_name }}'
        backrefs: yes
      with_items: "{{ ec2.instances }}"

    - name: Replacing the public IP Address in web_lab_server.sh script
      lineinfile: 
        dest: ~/shell_scripts/webserver/web_lab_server.sh
        regexp: '^(.*)lab_gateway_public_ip=(.*)$' 
        line: 'lab_gateway_public_ip={{ item.public_ip }}'
        backrefs: yes
      with_items: "{{ ec2.instances }}"

### EDITING  db_lab_server.sh script
    - name: Replacing the public Hostname in db_lab_server.sh script
      lineinfile: 
        dest: ~/shell_scripts/dbserver/db_lab_server.sh
        regexp: '^(.*)lab_gateway_public_hostname=(.*)$' 
        line: 'lab_gateway_public_hostname={{ item.public_dns_name }}'
        backrefs: yes
      with_items: "{{ ec2.instances }}"

    - name: Replacing the public Hostname in db_lab_server.sh script
      lineinfile: 
        dest: ~/shell_scripts/dbserver/db_lab_server.sh
        regexp: '^(.*)lab_gateway_public_ip=(.*)$' 
        line: 'lab_gateway_public_ip={{ item.public_ip }}'
        backrefs: yes
      with_items: "{{ ec2.instances }}"



Taking over control of the newly launched instance



- name: configuration play
  hosts: ec2hosts
  user: ubuntu
  gather_facts: true


  vars:
    ansible_ssh_private_key_file: "/opt/xxxxxxxx.pem"
    ec2_access_key: AKIAIAFXXXXXXXXXXXXX
    ec2_secret_key: VDELVnJeyM6ouVMBXXXXXXXXXXXXXXXXXXXXX

  tasks:

#  UPDATE THE UBUNTU LINUX SERVER 

    - name: Only run "update_cache=yes" 
      become: yes
      become_method: sudo
      apt:
        update_cache: yes
        cache_valid_time: 86400



We have got only 1GB RAM(AWS free tier), at least we have control over virtual RAM.



###INCREASE VIRTUAL RAM
#We have got only 1GB RAM(AWS free tier), at least we have control over virtual RAM

#INCREASE VIRTUAL RAM

    - name: Create 1GB swap space
      become: yes
      become_method: sudo
      command: dd if=/dev/zero of=/swpapace.swp bs=1024 count=1M
      when: ansible_swaptotal_mb < 1

#Setup the swap file 
    - name: Setup the swap space
      become: yes
      become_method: sudo
      command: mkswap /swpapace.swp
      when: ansible_swaptotal_mb < 1
 
#Edit /etc/fstab
    - name: Add to fstab
      become: yes
      become_method: sudo
      action: lineinfile dest=/etc/fstab regexp="swpapace.swp" line="/swpapace.swp none swap sw 0 0" state=present

#Activate the swap space
    - name: Activate the swap space
      become: yes
      become_method: sudo
      command: swapon -a



Instance Update, Upgrade and installation of basic and prerequisites software suite making the instance suitable for further configurations




    - name: Prepare Server
      become: yes
      become_method: sudo
      apt: "name={{item}} state=latest"
#     update_cache: yes
#     cache_valid_time: 86400
      with_items:
        - apache2
        - apt-show-versions
        - apt-transport-https
        - build-essential
        - ca-certificates
        - curl
        - fish
        - libapache2-mod-php5
        - libauthen-pam-perl
        - libio-pty-perl
        - libnet-ssleay-perl
        - libpam-runtime
        - mysql-server
        - openssl
        - perl
        - php5-imagick
        - php5-intl
        - php5-ldap
        - php5-mcrypt    
        - php5-mysql
        - php5-pgsql
        - python
        - python-apt
        - python-mysqldb
        - python-pip  
        - python-software-properties
        - software-properties-common
        - vim
        - wget


Configure mcrypt


    - name: Configure mcrypt 
      become: yes
      become_method: sudo
      shell: " php5enmod mcrypt "


Timezone configuration by editing /etc/php5/apache2/php.ini




    - name: Edit PHP Timezone
      become: yes
      become_method: sudo
      action: lineinfile dest=/etc/php5/apache2/php.ini regexp=";date.timezone =       " line="date.timezone =Africa/Lagos " state=present
      notify:
        - restart apache2



Adding Docker and Icinga2 repositories



## ADDING ICINGA2 AND DOCKER REPOSITORIES AS WELL AS UPDATING REPO.
    - name: Adding Docker Repository "APK-KEY" 
      become: yes
      become_method: sudo
      shell: "curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - "


    - name: Adding Docker Repo
      become: yes
      become_method: sudo
      apt_repository:
        repo: deb https://download.docker.com/linux/ubuntu trusty stable
        state: present


    - name: Adding Icinga2 Repository "APK-KEY" 
      become: yes
      become_method: sudo
      shell: "wget -O - https://packages.icinga.com/icinga.key | apt-key add - "


    - name: Adding Icinga2 Repo DEB
      become: yes
      become_method: sudo
      apt_repository:
        repo: deb http://packages.icinga.com/ubuntu icinga-trusty main
        state: present

    - name: Adding Icinga2 Repo SRC
      become: yes
      become_method: sudo
      apt_repository:
        repo: deb-src http://packages.icinga.com/ubuntu icinga-trusty main
        state: present


    - name: Update Repository after adding docker and icinga2 repositories
      become: yes
      become_method: sudo
      apt:
        update_cache: yes



Installing Amazon webservices command line interface- awscli



    - name: Installing the package  "awscli"
      become: yes
      become_method: sudo
      shell: pip install awscli    


Installation of Docker, Icinga2, icingaweb2, icingacli, phpmyadmin, icinga2-ido-mysql with nagios-plugins


    - name: Install Docker, Icinga, phpmyadmin
      become: yes
      become_method: sudo
      apt: "name={{item}} state=latest"
#     update_cache: yes
#     cache_valid_time: 86400
      with_items:
        - docker-ce
        - icinga2
        - icinga2-ido-mysql
        - icingacli 
        - icingaweb2
        - mysql-client
        - nagios-plugins
        - phpmyadmin

Group and username manipulation for Docker CE to allow the instance user, "ubuntu" to run Docker with sudo



    - name: Creating docker group if it doesnt exist
      become: yes
      become_method: sudo
      group: name=docker state=present

    - name: Running Docker without sudo
      become: yes
      become_method: sudo
      command: usermod -a -G docker {{ ansible_ssh_user }}


Building Docker File and building ubuntu docker containers



#################################################################
### SETUP LAB DOCKER CONTAINERS FOR ICINGA2 CLIENTS

    - name:  Changing directory and Clone Ubuntu 14.0 Dockerfile
      shell: bash -c "git clone https://github.com/dockerfile/ubuntu.git"
      args:
        chdir: /home/ubuntu/

    - name:  Backup Original Dockerfile
      shell: bash -c "mv Dockerfile  Dockerfile_backup"
      args:
        chdir: /home/ubuntu/ubuntu 


### LAB APACHE WEB SERVER
    - name: Replace with WebDockerfile
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/webserver/WebDockerfile dest=/home/ubuntu/ubuntu/Dockerfile mode=0777

    - name:  Building Ubuntu 14.04 Apache2 Web server  dockerfile
      become: yes
      become_method: sudo 
      shell: bash -c 'docker build -t="dockerfile/ubuntu" /home/ubuntu/ubuntu/'
      args:
        chdir: /home/ubuntu/

    - name: Fetch web_lab_server.sh for configuration webserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/webserver/web_lab_server.sh dest=/home/ubuntu/web_lab_server.sh mode=0777

    - name: Fetch host.conf for Icinga2 configuration webserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/webserver/webhost.conf dest=/home/ubuntu/webhost.conf mode=0777

    - name: Fetch services.conf for Icinga2 configuration webserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/webserver/webservices.conf dest=/home/ubuntu/webservices.conf mode=0777

    - name: Creating ubuntu 14.04 Apache2 Web server docker container with hostname webserver.mosudi
      become: yes
      become_method: sudo 
      shell: /home/ubuntu/web_lab_server.sh
      args:
        chdir: /home/ubuntu/
#     register: web_lab_container

### LAB MYSQL DB SERVER

    - name: Replace with DBDockerfile
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/dbserver/DBDockerfile dest=/home/ubuntu/ubuntu/Dockerfile mode=0777

    - name: Building Ubuntu 14.04 Mysql DB server  dockerfile 
      become: yes
      become_method: sudo
      shell: bash -c 'docker build -t="dockerfile/ubuntu" /home/ubuntu/ubuntu/'
      args:
        chdir: /home/ubuntu/


    - name: Fetch db_lab_server.sh for configuration dbserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/dbserver/db_lab_server.sh dest=/home/ubuntu/db_lab_server.sh mode=0777


    - name: Fetch host.conf for Icinga2 configuration dbserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/dbserver/dbhosts.conf dest=/home/ubuntu/dbhosts.conf mode=0777

    - name: Fetch services.conf for Icinga2 configuration dbserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/dbserver/dbservices.conf dest=/home/ubuntu/dbservices.conf mode=0777

    - name: Fetch create_icinga2db.sh for Icinga2 configuration dbserver.mosudi docker container
      become: yes
      become_method: sudo
      copy: src=~/shell_scripts/dbserver/create_icinga2db.sh dest=/home/ubuntu/create_icinga2db.sh mode=0777



    - name: Creating ubuntu 14.04 Mysql Database server docker container with hostname dbserver.mosudi
      become: yes
      become_method: sudo 
      shell: /home/ubuntu/db_lab_server.sh
      args:
        chdir: /home/ubuntu/
#      register: db_lab_container




Mysql Server root password configuration




########## ICINGA2
    - name: Setting Up Icinga2 DB root password
      become: yes
      become_method: sudo
      script: ~/shell_scripts/create_icinga2db.sh
      #script will reside within the Ansible master



Restarting service, mysql



    - name: Start mysql service
      become: yes
      become_method: sudo
      service: name=mysql state=reloaded


Restarting service, apache2



    - name: Start Apache2 service
      become: yes
      become_method: sudo
      service: name=apache2 state=reloaded


Starting Icinga2 daemon



    - name: Start Icinga2
      become: yes
      become_method: sudo
      command: "icinga2 daemon -C"


Enable Icinga2 feature: ido-mysql, statusdata, command, perfdata


    - name: Enable Icinga2 features
      become: yes
      become_method: sudo
      command: "icinga2 feature enable ido-mysql statusdata command perfdata"


Restarting service, icinga2 after enabling Icinga2 features



    - name: Restart icinga2
      become: yes
      become_method: sudo
      service: name=icinga2 state=reloaded


Creating group name nagios, this will be required by the Nagios plugins


    - name: Creating Group Nagios 
      become: yes
      become_method: sudo
      command: addgroup --system nagios


Adding username www-data to the group, nagios


    - name: Adding Nagios and also www-data
      become: yes
      become_method: sudo
      command: usermod -a -G nagios www-data


Configuration of icingaweb2 using the icingacli installed earlier



   - name: Setup config directory
      become: yes
      become_method: sudo
      command: "icingacli setup config directory --group nagios"


Configuration of icingaweb2 directory


    - name: Making Icinga2 Web Folder Writeable
      become: yes
      become_method: sudo
      command: chmod -R 777 /etc/icingaweb2/


Restarting service, icinga2 after enabling Icinga2 features



    - name: Restart icinga2
      become: yes
      become_method: sudo
      service: name=icinga2 state=reloaded


Restarting service, apache2


    - name: Start Apache2 service
      become: yes
      become_method: sudo
      service: name=apache2 state=reloaded


Create Icinga2 Web Token


    - name: Create Icinga2 Web Token
      become: yes
      become_method: sudo
      command: icingacli setup token create


Lets have Icinga2 Web Token with bit of other relevant info at the console


    - name: Create Icinga2 Web Token
      become: yes
      become_method: sudo
      command: bash -c "icingacli setup token show | cut -d':' -f2 | sed -e 's/^[ \t]*//'"
      register: out
      
    - debug: var=out.stdout_lines


Lets generate Ido-mysql database needed variables(db: user, name, password & host) and echo them at the console


    - name: Ido-mysql database username
      become: yes
      become_method: sudo
      command: bash -c "grep user /etc/icinga2/features-enabled/ido-mysql.conf | tr -d ','| cut -d'=' -f2"
      register: ido_db_username

    - name: Ido-mysql database dbname
      become: yes
      become_method: sudo
      command: bash -c "grep database /etc/icinga2/features-enabled/ido-mysql.conf | tr -d ','| cut -d'=' -f2 "
      register: ido_db_name
      
    - name: Ido-mysql database password
      become: yes
      become_method: sudo
      command: bash -c "grep password /etc/icinga2/features-enabled/ido-mysql.conf | tr -d ','| cut -d'=' -f2"
      register: ido_db_password

    - name: Ido-mysql database host
      become: yes
      become_method: sudo
      command: bash -c "grep host /etc/icinga2/features-enabled/ido-mysql.conf | tr -d ','| cut -d'=' -f2"
      register: ido_db_host

    - name: Icinga2 Web Token
      debug: var=out.stdout_lines

    - name: Ido-mysql database username
      debug: var=ido_db_username.stdout_lines

    - name: Ido-mysql database dbname
      debug: var=ido_db_name.stdout_lines

    - name: Ido-mysql database password
      debug: var=ido_db_password.stdout_lines

    - name: Ido-mysql database host
      debug: var=ido_db_host.stdout_lines


Voi-la ! that is the playbook for you.

But that is not the end of the story. You have to start by creating the configuration files and scripts:

Creating Dockerfiles

Lets create two docker files, each for the lab Apache2 web server and Mysql database server.


cat <<EOF > ~/shell_scripts/webserver/WebDockerfile 
#
# Ubuntu Dockerfile
#
# https://github.com/dockerfile/ubuntu
#
## MOSUDI Using Ubuntu 14.04 aws ec2 instance 
## MOSUDI cd /home/ubuntu/
## MOSUDI git clone github.com/dockerfile/ubuntu
## MOSUDI mv /home/ubuntu/ubuntu/dockerfile  /home/ubuntu/ubuntu/dockerfile_backup
## MOSUDI mv /home/ubuntu/WebDockerfile  /home/ubuntu/ubuntu/dockerfile
## MOSUDI docker build -t="dockerfile/ubuntu" /home/ubuntu/ubuntu/
## MOSUDI docker run -itd --rm dockerfile/ubuntu

# Pull base image.
FROM ubuntu:14.04

#ARG DEBIAN_FRONTEND=noninteractive

# Install.
RUN \
  sed -i 's/# \(.*multiverse$\)/\1/g' /etc/apt/sources.list && \
  apt-get update && \
  apt-get -y upgrade && \
  apt-get install -y \
		build-essential \
		byobu \
		curl \
		git \
		htop \
		man \
		python-software-properties \
		software-properties-common \ 
		unzip \
		vim \
		wget \

  && wget -O - https://packages.icinga.com/icinga.key | apt-key add -  
RUN echo "deb http://packages.icinga.com/ubuntu icinga-trusty main " >> /etc/apt/sources.list
RUN echo "deb-src http://packages.icinga.com/ubuntu icinga-trusty main " >> /etc/apt/sources.list  && \
 apt-get update && apt-get install -y \
		apache2 \
		bash-completion \
		icinga2 \
                nagios-plugins  \
		openssh-server \
		php5 \
		php5-intl \
		php5-mcrypt php5-imagick  \
		python \
		tzdata \
#RUN sed -i 's/;date.timezone =/date.timezone = Africa\/Lagos/g' /etc/php5/apache2/php.ini && \
  && icinga2 daemon -C && \
  service apache2 start -C && \
 
# END OF ADDED LINES
  rm -rf /var/lib/apt/lists/*

# Add files.
ADD root/.bashrc /root/.bashrc
ADD root/.gitconfig /root/.gitconfig
ADD root/.scripts /root/.scripts

# Set environment variables.
ENV HOME /root

# Define working directory.
WORKDIR /root

# Define default command.
CMD ["bash"]

EOF


Then, Database Server Dockerfile


cat <<EOF > ~/shell_scripts/dbserver/DBDockerfile 
#
# Ubuntu Dockerfile
#
# https://github.com/dockerfile/ubuntu
#
## MOSUDI Using Ubuntu 14.04 aws ec2 instance 
## MOSUDI cd /home/ubuntu/
## MOSUDI git clone github.com/dockerfile/ubuntu
## MOSUDI mv /home/ubuntu/ubuntu/dockerfile  /home/ubuntu/ubuntu/dockerfile_backup
## MOSUDI mv /home/ubuntu/WebDockerfile  /home/ubuntu/ubuntu/dockerfile
## MOSUDI docker build -t="dockerfile/ubuntu" /home/ubuntu/ubuntu/
## MOSUDI docker run -itd --rm dockerfile/ubuntu

# Pull base image.
FROM ubuntu:14.04

#ARG DEBIAN_FRONTEND=noninteractive

# Install.
RUN \
  sed -i 's/# \(.*multiverse$\)/\1/g' /etc/apt/sources.list && \
  apt-get update && \
  apt-get -y upgrade && \
  apt-get install -y \
		build-essential \
		byobu \
		curl \
		git \
		htop \
		man \
		python-software-properties \
		software-properties-common \ 
		unzip \
		vim \
		wget \

  && wget -O - https://packages.icinga.com/icinga.key | apt-key add -  
RUN echo "deb http://packages.icinga.com/ubuntu icinga-trusty main " >> /etc/apt/sources.list
RUN echo "deb-src http://packages.icinga.com/ubuntu icinga-trusty main " >> /etc/apt/sources.list  && \
 apt-get update && apt-get install -y \
		bash-completion \
		icinga2 \
		mysql-server \
                nagios-plugins  \
		openssh-server \
		php5 \
		php5-intl \
		php5-mcrypt php5-imagick  \
		python \
		tzdata \
#RUN sed -i 's/;date.timezone =/date.timezone = Africa\/Lagos/g' /etc/php5/apache2/php.ini && \
  && service mysql start -C && \
  icinga2 daemon -C && \

# END OF ADDED LINES
  rm -rf /var/lib/apt/lists/*

# Add files.
ADD root/.bashrc /root/.bashrc
ADD root/.gitconfig /root/.gitconfig
ADD root/.scripts /root/.scripts

# Set environment variables.
ENV HOME /root

# Define working directory.
WORKDIR /root

# Define default command.
CMD ["bash"]


EOF


Creating Web Server Icinga2 hosts.conf file


cat <<EOF > ~/shell_scripts/webserver/webhosts.conf
object Host NodeName {
  import "generic-host"
  address = "127.0.0.1"
  address6 = "::1"
  vars.os = "Linux"
  vars.http_vhosts["http"] = {
    http_uri = "/"
  }
  vars.notification["mail"] = {
    groups = [ "icingaadmins" ]
  }
}

EOF


Creating Web Server Icinga2 services.conf file


cat <<EOF > ~/shell_scripts/webserver/webservices.conf
		apply Service for (http_vhost => config in host.vars.http_vhosts) {
		  import "generic-service"

		  check_command = "http"

		  vars += config
		}



EOF



cat <<EOF > ~/shell_scripts/webserver/web_lab_server.sh
#!/bin/bash

docker run -itd --rm dockerfile/ubuntu > web_lab

web_lab="$(cat web_lab )" 
docker commit  $web_lab mosudi/webserver  > /dev/null 2>&1 
docker run -h webserver.mosudi -p 800:80 -p 223:22 -itd mosudi/webserver /bin/bash >web_lab_container
web_lab_container="$(cat web_lab_container )"
docker inspect $web_lab_container  | grep Hostname | grep -v null| cut -d '"' -f 4 | tail -1  >web_lab_container_hostname 
web_lab_container_hostname="$(cat web_lab_container_hostname)"
docker inspect $web_lab_container  | grep IPAddress | grep -v null| cut -d '"' -f 4 | head -1 >web_lab_container_ip
web_lab_container_ip="$( cat web_lab_container_ip)"
echo "$(cat web_lab_container_ip)    $(cat web_lab_container_hostname) " >> /etc/hosts
docker exec -it $web_lab_container bash -c "echo '$web_lab_container_ip    $web_lab_container_hostname '  >> /etc/hosts"
docker inspect $web_lab_container | grep Gateway | grep -v null| cut -d '"' -f 4 | head -1 >lab_gateway_ip
lab_gateway_ip="$(cat lab_gateway_ip)"
lab_gateway_public_hostname=
lab_gateway_public_ip=
lab_gateway_hostname="$(hostname -f)"
docker exec -it $web_lab_container bash -c "echo '$lab_gateway_ip    $lab_gateway_hostname '  >> /etc/hosts"

docker exec -it $web_lab_container bash -c "echo '$lab_gateway_public_ip    $lab_gateway_public_hostname '  >> /etc/hosts"

docker exec -it $web_lab_container bash -c "sed -i 's/;date.timezone =/date.timezone = Africa\/Lagos/g' /etc/php5/apache2/php.ini "

docker exec -it $web_lab_container bash -c "sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/g' /etc/ssh/sshd_config "

docker exec -it $web_lab_container bash -c " echo -e 'password\npassword' | passwd  root  "

docker exec -it $web_lab_container bash -c 'mv /etc/icinga2/conf.d/services.conf /etc/icinga2/conf.d/services.conf_backup'
docker exec -it $web_lab_container bash -c 'mv /etc/icinga2/conf.d/hosts.conf /etc/icinga2/conf.d/hosts.conf_backup'
services="$(cat webservices.conf)"
hosts="$(cat webhosts.conf)"
docker exec -it $web_lab_container bash -c "echo '$services' >/etc/icinga2/conf.d/services.conf"
docker exec -it $web_lab_container bash -c "echo '$hosts' >/etc/icinga2/conf.d/hosts.conf"
#46a67e40ff6f
docker exec -it $web_lab_container bash -c "service ssh start  "
docker exec -it $web_lab_container bash -c "service apache2 start  "


docker exec -it $web_lab_container bash -c "icinga2 object list --type Host "
docker exec -it $web_lab_container bash -c "icinga2 object list --type Service "
docker exec -it $web_lab_container bash -c "icinga2 daemon -C "


#getting the host docker ip address
#ip addr show |grep 172.17.| grep -v null | awk '{print $2}'|cut -d '/' -f 1


EOF

chmod +x ~/shell_scripts/webserver/web_lab_server.sh

Creating Database Server Icinga2 hosts.conf file


cat <<EOF > ~/shell_scripts/dbserver/dbhosts.conf
	object Host NodeName {
		import "generic-host"
	//      address = "dbserver.mosudi"
		address = "127.0.0.1"
		address6 = "::1"
		vars.os = "Linux"
		check_command = "mysql"
		vars.mysql_database = "mysql"
		vars.mysql_username = "root"
		vars.mysql_password = "mysqlrootpassword"
		}

EOF


Creating Database Server Icinga2 services.conf file


cat <<EOF > ~/shell_scripts/dbserver/dbservices.conf
apply Service "MySQL - DB Monitor" {
				   import "generic-service"
				   check_command = "mysql"
				   vars.mysql_database = "mysql"
				   assign where host.name == NodeName
				}


EOF




cat <<EOF > ~/shell_scripts/dbserver/db_lab_server.sh
#!/bin/bash

docker run -itd --rm dockerfile/ubuntu > db_lab
db_lab="$(cat db_lab )"
docker commit  $db_lab mosudi/mysqlserver  > /dev/null 2>&1 
docker run -h dbserver.mosudi -itd -p 801:80 -p 222:22 mosudi/mysqlserver /bin/bash >db_lab_container
db_lab_container="$(cat db_lab_container )"
docker inspect $db_lab_container  | grep Hostname | grep -v null| cut -d '"' -f 4 | tail -1 >db_lab_container_hostname
db_lab_container_hostname="$(cat db_lab_container_hostname)"
docker inspect $db_lab_container  | grep IPAddress | grep -v null| cut -d '"' -f 4 | head -1 >db_lab_container_ip
db_lab_container_ip="$(cat db_lab_container_ip)"
echo "$db_lab_container_ip    $db_lab_container_hostname " >> /etc/hosts
docker exec -it $db_lab_container bash -c 'echo "$db_lab_container_ip    $db_lab_container_hostname " >> /etc/hosts'
docker inspect $db_lab_container | grep Gateway | grep -v null| cut -d '"' -f 4 | head -1 >lab_gateway_ip
lab_gateway_ip="$(cat lab_gateway_ip)"
lab_gateway_public_hostname=
lab_gateway_public_ip=
lab_gateway_hostname="$(hostname -f)"
docker exec -it $db_lab_container bash -c "echo '$lab_gateway_ip    $lab_gateway_hostname '  >> /etc/hosts"

docker exec -it $db_lab_container bash -c "echo '$lab_gateway_public_ip    $lab_gateway_public_hostname '  >> /etc/hosts"
#create_icinga2db="$(cat ~/create_icinga2db.sh)"
#docker exec -it $db_lab_container bash -c "echo '$create_icinga2db' > ~/create_icinga2db.sh && chmod +x ~/create_icinga2db.sh && source ~/create_icinga2db.sh  "
create_icinga2db="$(cat create_icinga2db.sh)"
docker exec -it $db_lab_container bash -c "echo '$create_icinga2db' > /root/create_icinga2db.sh "
docker exec -it $db_lab_container bash -c "chmod +x /root/create_icinga2db.sh"
docker exec -it $db_lab_container bash -c "export PATH=/root/:$PATH  "
docker exec -it $db_lab_container bash -c " create_icinga2db.sh  "


docker exec -it $db_lab_container bash -c "sed -i 's/;date.timezone =/date.timezone = Africa\/Lagos/g' /etc/php5/apache2/php.ini "
docker exec -it $db_lab_container bash -c "sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/g' /etc/ssh/sshd_config "

docker exec -it $db_lab_container bash -c "sed -i 's/bind-address.*/bind-address     = 0.0.0.0/g' /etc/mysql/my.cnf "

docker exec -it $db_lab_container bash -c " echo -e 'password\npassword' | passwd  root "

docker exec -it $db_lab_container bash -c 'mv /etc/icinga2/conf.d/services.conf /etc/icinga2/conf.d/services.conf_backup'
docker exec -it $db_lab_container bash -c 'mv /etc/icinga2/conf.d/hosts.conf /etc/icinga2/conf.d/hosts.conf_backup'
services="$(cat dbservices.conf)"
hosts="$(cat dbhosts.conf)"
docker exec -it $db_lab_container bash -c "echo '$services' >/etc/icinga2/conf.d/services.conf"
docker exec -it $db_lab_container bash -c "echo '$hosts' >/etc/icinga2/conf.d/hosts.conf"

docker exec -it $db_lab_container bash -c "service ssh start   "
docker exec -it $db_lab_container bash -c "service mysql start  "


docker exec -it $db_lab_container bash -c "icinga2 object list --type Host "
docker exec -it $db_lab_container bash -c "icinga2 object list --type Service "
docker exec -it $db_lab_container bash -c "icinga2 daemon -C "


#getting the host docker ip address
#ip addr show |grep 172.17.| grep -v null | awk '{print $2}'|cut -d '/' -f 1


EOF

chmod +x ~/shell_scripts/dbserver/db_lab_server.sh


Creating Database Server root password create_icinga2db.sh


cat <<EOF > ~/shell_scripts/create_icinga2db.sh


#!/bin/sh

password=mysqlrootpassword

mysqladmin -u root password $password

EOF

chmod +x ~/shell_scripts/create_icinga2db.sh

cp ~/shell_scripts/create_icinga2db.sh ~/shell_scripts/dbserver/create_icinga2db.sh


Directory Structure

We end up with a directory structure like this

	~/shell_scripts
		create_icinga2db.sh      
		deployment.yaml  
                /dbserver/
			DBDockerfile  
			create_icinga2db.sh  
			dbhosts.conf  
			db_lab_server.sh  
			dbservices.conf 
		/webserver/
			WebDockerfile  
			webhost.conf  
			web_lab_server.sh  
			webservices.conf                



Now lets deploy


mosud@serverafrica:~$ sudo ansible-playbook –i hosts deployment.yml -–ask-sudo-pass

Now you have your playbook success story



TASK [Icinga2 Web Token] *******************************************************
ok: [34.212.207.87] => {
    "out.stdout_lines": [
        "19279d5ab200071f"
    ]
}

TASK [Ido-mysql database username] *********************************************
ok: [34.212.207.87] => {
    "ido_db_username.stdout_lines": [
        " \"icinga2\""
    ]
}

TASK [Ido-mysql database dbname] ***********************************************
ok: [34.212.207.87] => {
    "ido_db_name.stdout_lines": [
        " \"icinga2\""
    ]
}

TASK [Ido-mysql database password] *********************************************
ok: [34.212.207.87] => {
    "ido_db_password.stdout_lines": [
        " \"1WsDnvZmULZU\""
    ]
}

TASK [Ido-mysql database host] *************************************************
ok: [34.212.207.87] => {
    "ido_db_host.stdout_lines": [
        " \"localhost\""
    ]
}

PLAY RECAP *********************************************************************
34.211.196.22              : ok=56   changed=47   unreachable=0    failed=0   
localhost                  : ok=9    changed=8    unreachable=0    failed=0   

mosud@serverafrica:~/shell_scripts$ 




Icingaweb2 Configuration

Finally visit Icingaweb2 in your browser to access the setup wizard and complete the installation: http://ec2intance_ip_address_or_public_dns_name/icingaweb/

GETTING THE JOB DONE

Lets continue with Icinga2 master and clients configurations.

The reason we are both here: