Skip to content

Commit

Permalink
phpldapadmin tool
Browse files Browse the repository at this point in the history
  • Loading branch information
@ebasso
ebasso committed Jun 25, 2024
1 parent d59be3e commit 2d1cb2b
Show file tree
Hide file tree
Showing 10 changed files with 295 additions and 70 deletions.
64 changes: 20 additions & 44 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,64 +4,40 @@ Ansible collection supporting devops for IBM Sterling B2Bi, IBM Connect:Direct,

# Playbooks

| Playbook name | Status | Description |
|-------------------------------|----------------|--------------------------------------------------------------|
| setup-cd.yml | Complete | Install IBM Connect:Direct 6.2.x |
| setup-sb2b.yml | Complete | Install IBM Sterling B2B Integrator 6.1.2 - one node only |
| setup-db2.yml | Complete | Install IBM DB2 11.5.x and setup Sterling B2Bi Database |
| setup-nginx.yml | Complete | Install Nginx as HTTP server for Repository|
| deploy_cd.yml | Complete | Deploy IBM Connect:Direct 6.3.x on Redhat OpenShift |
| deploy_sb2b.yml | Complete | Deploy IBM Sterling B2B Integrator on Redhat OpenShift |
| tools/cloudbeaver.yml | Complete | Deploy CloudBeaver CE to manage databases |
| tools/openldap.yml | Complete | Deploy OpenLDAP as LDAP Server |
| Playbook name | Status | Description |
|--------------------------|----------------|--------------------------------------------------------------|
| setup-cd.yml | Complete | Install IBM Connect:Direct 6.2.x |
| setup-sb2b.yml | Complete | Install IBM Sterling B2B Integrator 6.1.2 - one node only |
| setup-db2.yml | Complete | Install IBM DB2 11.5.x and setup Sterling B2Bi Database |
| setup-nginx.yml | Complete | Install Nginx as HTTP server for Repository|
| deploy_cd.yml | Complete | Deploy IBM Connect:Direct 6.3.x on Redhat OpenShift |
| deploy_cdws.yml | Complete | Deploy IBM Connect:Direct WebServices on Redhat OpenShift |
| deploy_itx_rs.yml | Complete | Deploy IBM Sterling Transformation Server on Redhat OpenShift |
| deploy_itxa.yml | Complete | Deploy IBM Sterling Transformation Advanced on Redhat OpenShift |
| deploy_sb2b.yml | Complete | Deploy IBM Sterling B2B Integrator on Redhat OpenShift |
| deploy_scc.yml | Complete | Deploy IBM Sterling Control Center Monitor/Director on Redhat OpenShift |
| deploy_seas.yml | Complete | Deploy IBM Sterling External Authentication Server on Redhat OpenShift |
| deploy_ssp.yml | Complete | Deploy IBM Sterling Secure Proxy Server on Redhat OpenShift |
| tools/cloudbeaver.yml | Complete | Deploy CloudBeaver CE to manage databases |
| tools/openldap.yml | Complete | Deploy OpenLDAP as LDAP Server |

# Roles

See complete list of [Roles](roles/README.md)


# Getting start

## Running playbooks for standalone
# Install Sterling Products (standalone)

* [Install Connect:Direct (standalone)](docs/setup_cd.md)
* [Install Sterling B2B Integrator (standalone)](docs/setup_b2b.md)


## Deploy IBM Connect:Direct 6.3.x on Redhat OpenShift

You must have **kubectl**, **oc**, **git** and **ansible** installed in your machine

Log in the [IBM Container software library](https://myibm.ibm.com/products-services/containerlibrary) with the IBMid and password that are associated with the entitled software. Click **Get entitlement key**. With key export variable

```bash
export ENTITLED_REGISTRY_KEY=eyJ0...
```

Do a login in Openshift console and run the command:

```bash
oc login --token=sha256~P...k --server=https://c....containers.cloud.xxx.com:31234
```


To run playbook the playbook

```bash
cd ansible-ibm-sterling


export CD_NAMESPACE=ibm-cd-cdnode01-dev
export CD_NODENAME=CDNODE01

ansible-playbook playbooks/deploy_cd.yml
```
# Deploy Sterling Products on Redhat OpenShift / Kubernetes

More options [Deploy IBM Sterling Connect:Direct on OpenShift using Ansible Scripts](docs/deploy_ocp_cd.md)
* [Deploy IBM Sterling Connect:Direct on OpenShift using Ansible Scripts](docs/deploy_ocp_cd.md)
* [Deploy IBM Sterling B2B Integrator on OpenShift using Ansible Scripts](docs/deploy_ocp_sb2b.md)

## Deploy IBM Sterling B2B Integrator on Redhat OpenShift

See documentation [Deploy IBM Sterling B2B Integrator on OpenShift using Ansible Scripts](docs/deploy_ocp_sb2b.md)

# Contributors

Expand Down
51 changes: 28 additions & 23 deletions roles/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,29 +16,34 @@
| ibm/sb2b/sb2b-stop | Complete | Stop SB2Bi |
| others/nginx-install | Complete | Install Nginx |

# Kubernetes Roles
# Kubernetes Roles for IBM Sterling Products

| Role name | Status | Description |
|-------------------------------|----------------|--------------------------------------------------------------|
| cd_deploy | Complete | Deploy IBM Sterling Connect:Direct |
| mq_deploy | Complete | Deploy IBM Message Queue Community Edition |
| sb2bi_deploy | Complete | Deploy IBM Sterling B2B Integrator |
| sb2bi_deploy_db2 | Complete | Deploy IBM DB2 database for Sterling B2B|
| sb2bi_deploy_mq | Complete | Deploy IBM Message Queue Community Edition for Sterling B2B |
| sb2bi_setup_db2 | Complete | Setup database for IBM Sterling B2B |
| scc_deploy | Development | Deploy IBM Sterling Control Center Monitor (SCCM) or Control Center Director (SCCD)|
| scc_deploy_db2 | Development | Deploy IBM DB2 database for SCCM or SCCD|
| scc_deploy_mq | Development | Deploy IBM Message Queue Community Edition for SCCM or SCCD|
| scc_setup_db2 | Development | Setup database for IBM SCCM or SCCD|
| seas_deploy | Complete | Setup SEAS|
| ssp_cm_deploy | Development | Setup database for IBM Sterling Secure Proxy Configuration Manager|
| ssp_deploy | Development | Setup database for IBM Sterling Secure Proxy Engine|
| ssp_ps_deploy | Development | Setup database for IBM Sterling Secure Proxy Perimeter Server|
| Role name | Status | Description |
|-------------------------------|-------------|--------------------------------------------------------------|
| cd_deploy | Complete | Deploy IBM Sterling Connect:Direct |
| cdws_deploy | Complete | Deploy IBM Sterling Connect:Direct WebServices|
| itx_rs_deploy | Complete | Deploy IBM Sterling Transformation Server|
| itxa_deploy | Complete | Deploy IBM Sterling Transformation |
| itxa_deploy_db2 | Complete | Deploy IBM DB2 database for ITXA|
| itxa_setup_db2 | Complete | Setup database for IBM ITXA|
| sb2bi_deploy | Complete | Deploy IBM Sterling B2B Integrator |
| sb2bi_deploy_db2 | Complete | Deploy IBM DB2 database for Sterling B2B|
| sb2bi_deploy_mq | Complete | Deploy IBM Message Queue Community Edition for Sterling B2B |
| sb2bi_setup_db2 | Complete | Setup database for IBM Sterling B2B |
| scc_deploy | Complete | Deploy IBM Sterling Control Center Monitor/Director (SCCD)|
| scc_deploy_db2 | Complete | Deploy IBM DB2 database for SCCM or SCCD|
| scc_deploy_mq | Complete | Deploy IBM Message Queue Community Edition for SCCM or SCCD|
| scc_setup_db2 | Complete | Setup database for IBM SCCM or SCCD|
| seas_deploy | Complete | Setup SEAS|
| ssp_cm_deploy | Complete | Deploy IBM Secure Proxy Configuration Manager|
| ssp_config | Development | Configure Engine, Adapters in IBM SSP using REST API|
| ssp_deploy | Complete | Deploy IBM Secure Proxy Engine|
| ssp_ps_deploy | Development | Deploy IBM Secure Proxy Perimeter|

## Tools
# Tools

| Role name | Status | Description |
|-------------------------------|----------------|--------------------------------------------------------------|
| cloudbeaver.yml | Complete | Deploy CloudBeaver CE to manage databases |
| db2_console | Development | Deploy DB2 Data Management Console |
| openldap.yml | Complete | Deploy OpenLDAP as LDAP Server |
| Role name | Status | Description |
|-------------------------------|-------------|--------------------------------------------------------------|
| cloudbeaver.yml | Complete | Deploy CloudBeaver CE to manage databases |
| db2_console | Development | Deploy DB2 Data Management Console |
| openldap.yml | Complete | Deploy OpenLDAP as LDAP Server |
4 changes: 2 additions & 2 deletions roles/openldap/tasks/05_configure_configmaps.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,14 @@
LDAP_ROOT: "{{ ldp_base_dn }}"
LDAP_DOMAIN: "{{ ldp_domain }}"

- name: "Create ConfigMap openldap-customldif"
- name: "Create ConfigMap openldap-custom.ldif"
kubernetes.core.k8s:
state: present
definition:
kind: ConfigMap
apiVersion: v1
metadata:
name: openldap-customldif
name: openldap-custom.ldif
namespace: "{{ oldp_namespace }}"
labels:
app: openldap
Expand Down
2 changes: 1 addition & 1 deletion roles/openldap/tasks/06_deploy_openldap.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@
claimName: openldap-data-pvc
- name: custom-ldif-files
configMap:
name: openldap-customldif
name: openldap-custom.ldif
defaultMode: 420

# Create Service and Route
Expand Down
38 changes: 38 additions & 0 deletions roles/phpldapadmin/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
Role Name
=========

A brief description of the role goes here.

Requirements
------------

Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.

Role Variables
--------------

A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.

Dependencies
------------

A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.

Example Playbook
----------------

Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:

- hosts: servers
roles:
- { role: username.rolename, x: 42 }

License
-------

BSD

Author Information
------------------

An optional section for the role authors to include contact information, or a website (HTML is not allowed).
9 changes: 9 additions & 0 deletions roles/phpldapadmin/defaults/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
oldp_namespace: "{{ openldap_namespace | default('sterling-openldap', true) }}"
plwa_namespace: "{{ phpldapadmin_namespace | default('sterling-phpldapadmin', true) }}"

oldp_host: "openldap-svc.{{ oldp_namespace }}.svc.cluster.local"

ldp_admin_password: "{{ openldap_admin_password | default('passw0rd') }}"

plwa_image: docker.io/osixia/phpldapadmin:latest
17 changes: 17 additions & 0 deletions roles/phpldapadmin/tasks/01_check_vars.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
---
# - name: Check for required environment variables
# ansible.builtin.assert:
# that:
# # NAMESPACE
# - lookup('env', 'OPENLDAP_NAMESPACE') != ""
# fail_msg: "One or more required environment variables are not defined"


# 1. Fail if required parameters are not set
# -----------------------------------------------------------------------------
- name: "Fail if required properties have not been provided"
ansible.builtin.assert:
that:
- oldp_namespace is defined and oldp_namespace != ""
- plwa_namespace is defined and plwa_namespace != ""
fail_msg: "One or more required properties have not been set"
65 changes: 65 additions & 0 deletions roles/phpldapadmin/tasks/02_create_namespace_secrets.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
---
# Create Kubernetes namespace
# -----------------------------------------------------------------------------
- name: "Create namespace for phpLdapWebAdmin"
kubernetes.core.k8s:
state: present
definition:
apiVersion: v1
kind: Namespace
metadata:
name: "{{ plwa_namespace }}"
labels:
name: phpldapadmin
register: cout

# Create Secrets
# -----------------------------------------------------------------------------
- name: Create Secrets for phpLdapWebAdmin
kubernetes.core.k8s:
state: present
definition:
apiVersion: v1
kind: Secret
metadata:
name: phpldapadmin-secret
namespace: "{{ plwa_namespace }}"
labels:
app: phpldapadmin
type: Opaque
stringData:
LDAP_ADMIN_PASSWORD: "{{ ldp_admin_password }}"

# # Create ServiceAccount
# -----------------------------------------------------------------------------
- name: Create Service Account for phpLdapWebAdmin
kubernetes.core.k8s:
state: present
definition:
apiVersion: v1
kind: ServiceAccount
metadata:
name: phpldapadmin-sa
namespace: "{{ plwa_namespace }}"

# Create Role Binding
# -----------------------------------------------------------------------------
- name: Create Role Binding for phpLdapWebAdmin
kubernetes.core.k8s:
state: present
definition:
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: 'phpldapadmin-anyuid'
namespace: "{{ plwa_namespace }}"
labels:
app: phpldapadmin
subjects:
- kind: ServiceAccount
name: phpldapadmin-sa
namespace: "{{ plwa_namespace }}"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: 'system:openshift:scc:anyuid'
Loading

0 comments on commit 2d1cb2b

Please sign in to comment.