Skip to content

Commit

Permalink
admin password should be mandatory var
Browse files Browse the repository at this point in the history
  • Loading branch information
cicharka committed May 22, 2024
1 parent 4c3af68 commit 0fd27ce
Show file tree
Hide file tree
Showing 18 changed files with 21 additions and 48 deletions.
2 changes: 1 addition & 1 deletion galaxy.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
namespace: cisco
name: sdwan_deployment
version: 0.1.0
version: 0.1.1
readme: README.md
authors:
- Arkadiusz Cichon <[email protected]>
Expand Down
7 changes: 1 addition & 6 deletions playbooks/aws_sdwan_config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -53,19 +53,14 @@ aws_vpn_name: "{{ aws_resources_prefix }}-vpn"
aws_eip_name: "{{ aws_resources_prefix }}-eip"
aws_nacl_name: "{{ aws_resources_prefix }}-nacl"

# EC2 INSTANCES
aws_key_name: null




##########################################
# SD-WAN Instances configuration #
##########################################

# Cloud-init general configurations
admin_username: admin
admin_password: example_password # pragma: allowlist secret
admin_password: null # pragma: allowlist secret
vbond_port: 12346
# vbond_transport_private_ip: null # note that default: 192.168.1.199
# vbond_transport_public_ip: null # note that default: 192.168.1.199
Expand Down
2 changes: 2 additions & 0 deletions playbooks/azure_sdwan_config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ az_allowed_subnets: null
# Controllers #
###############################

admin_password: null

# vManage
az_vmanage_image_vhd_source: null
az_vmanage_vm_size: "Standard_F16s_v2"
Expand Down
2 changes: 1 addition & 1 deletion playbooks/template_cloudinit_config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ cloud_provider: null # can be either aws or azure

# Cloud-init general configurations
admin_username: admin
admin_password: example_password # pragma: allowlist secret
admin_password: null # pragma: allowlist secret
vbond_port: 12346
vbond_transport_private_ip: null
vbond_transport_public_ip: null
Expand Down
10 changes: 3 additions & 7 deletions roles/aws_controllers/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,16 +32,11 @@ The `aws_controllers` role automates the deployment of Cisco SD-WAN controllers

### Defaults (`defaults/main.yml`)

- `organization_name`: Name of the organization deploying the controllers. Must be defined by the user.
- `aws_region`: AWS region where resources will be deployed (default: `us-east-1`).
- `az_network_security_group`: The name of the Azure Network Security Group.
- `az_subnets`: A list of subnet definitions for the Azure Virtual Network.
- `aws_vpc_name`, `aws_security_group_name`: Default naming convention for VPC and security group.
- `aws_tag_creator`: Tag used to mark resources created in AWS.
- `aws_key_name`: AWS SSH key pair name.
- `admin_username`, `admin_password`: Default credentials for controllers.
- `vbond_port`, `default_vbond_ip`: Default port and IP for vBond.
- `aws_vmanage_ami_id`, `aws_vmanage_instance_type`: AMI ID and instance type for vManage.
- `aws_vbond_ami_id`, `aws_vbond_instance_type`: AMI ID and instance type for vBond.
- `aws_vsmart_ami_id`, `aws_vsmart_instance_type`: AMI ID and instance type for vSmart.
- `site_id_vmanage`, `site_id_vbond`, `site_id_vsmart`: Default site IDs for each controller.

### Vars (`vars/main.yml`)
Expand All @@ -55,6 +50,7 @@ The `aws_controllers` role automates the deployment of Cisco SD-WAN controllers
The following variables must be set prior to executing the role:

- `organization_name`: The name of your organization, used as a prefix for Azure resources.
- `aws_region`: AWS region where resources will be deployed.
- `az_location`: The Azure region where resources will be deployed.
- `az_resource_group`: The name of the Azure resource group for the deployment.
- `az_network_security_group`: The name of the Azure Network Security Group.
Expand Down
6 changes: 2 additions & 4 deletions roles/aws_controllers/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,24 +11,22 @@ organization_name: null # has to be set by user
################################################

# Required by gather networking resources
aws_region: us-east-1
aws_region: null
aws_vpc_name: "{{ aws_resources_prefix }}-vpc"
aws_security_group_name: "{{ aws_resources_prefix }}-sg"
aws_tag_creator: "{{ organization_name }}"


aws_resources_prefix: "{{ organization_name }}"

aws_key_name: null


##########################################
# SD-WAN Instances configuration #
##########################################

# Cloud-init general configurations
admin_username: admin
admin_password: example_password # pragma: allowlist secret
admin_password: null # pragma: allowlist secret
vbond_port: 12346
default_vbond_ip: 192.168.1.199 # default ips from official Cisco guides
# vpn0_interface_color: default
Expand Down
5 changes: 0 additions & 5 deletions roles/aws_edges/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -35,14 +35,9 @@ The `aws_edges` role is an essential component of the `cisco.sdwan_deployment` c

### Defaults (`defaults/main.yml`)

- `organization_name`: Name of the organization. Must be defined by the user.
- `aws_region`: AWS region where resources will be deployed (default: `us-east-1`).
- `aws_vpc_name`, `aws_security_group_name`: Defaults for naming VPC and security group resources.
- `aws_tag_creator`: Tag for identifying the creator of AWS resources.
- `aws_key_name`: AWS SSH key pair name for EC2 instances.
- `admin_username`, `admin_password`: Default admin credentials for edge devices.
- `vbond_port`, `default_vbond_ip`: Default vBond communication settings.
- `aws_cedge_ami_id`, `aws_cedge_instance_type`: AMI ID and instance type for cEdge devices.
- `edge_instances`: List of edge device instances to be deployed.

### Vars (`vars/main.yml`)
Expand Down
6 changes: 2 additions & 4 deletions roles/aws_edges/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,24 +11,22 @@ organization_name: null # has to be set by user
################################################

# Required by gather networking resources
aws_region: us-east-1
aws_region: null
aws_vpc_name: "{{ aws_resources_prefix }}-vpc"
aws_security_group_name: "{{ aws_resources_prefix }}-sg"
aws_tag_creator: "{{ organization_name }}"


aws_resources_prefix: "{{ organization_name }}"

aws_key_name: null


##########################################
# SD-WAN Instances configuration #
##########################################

# Cloud-init general configurations
admin_username: admin
admin_password: example_password # pragma: allowlist secret
admin_password: null # pragma: allowlist secret
vbond_port: 12346
default_vbond_ip: 192.168.1.199 # default ips from official Cisco guides
# vpn0_interface_color: default
Expand Down
2 changes: 0 additions & 2 deletions roles/aws_network_infrastructure/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,6 @@ This role focuses on creating and configuring the necessary network components i

- `aws_allowed_subnets`: VPN subnets allowed to connect to AWS Elastic IPs.
- `organization_name`: Name of the organization. Must be defined by the user.
- `aws_region`: AWS region where resources will be deployed (default: `us-east-1`).
- `aws_availibility_zone`: AWS availability zone for resource deployment (default: `us-east-1a`).
- `aws_vpc_name`, `aws_vpc_cidr`: Defaults for naming and CIDR of the VPC.
- `aws_igw_name`: Name for the AWS Internet Gateway.
- `aws_subnets`: List of subnet configurations for the VPC.
Expand Down
2 changes: 1 addition & 1 deletion roles/aws_network_infrastructure/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ organization_name: null # has to be set by user


# Common
aws_region: us-east-1
aws_region: null
aws_resources_prefix: "{{ organization_name }}"
aws_tag_creator: "{{ organization_name }}"
aws_availibility_zone: us-east-1a # we cannot use us-east-1e for c5.9xlarge, therefore we use us-east-1a
Expand Down
2 changes: 1 addition & 1 deletion roles/aws_teardown/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ This role provides a systematic approach to tearing down AWS resources, with a s
- `teardown_resources_data_path`: Path where the teardown data JSON file will be stored.
- `teardown_only_instances`: Boolean value to indicate if only EC2 instances should be torn down.
- `teardown_specific_instances`: Boolean value to indicate if specific EC2 instances should be torn down.
- `aws_region`: AWS region where resources were deployed (default: `us-east-1`).
- `aws_region`: AWS region where resources were deployed.
- `aws_availibility_zone`: AWS availability zone used for resource deployment (default: `us-east-1a`).
- `aws_vpc_name`, `aws_security_group_name`: Names for the VPC and security group to be removed.

Expand Down
4 changes: 2 additions & 2 deletions roles/aws_teardown/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,10 @@ teardown_specific_instances: false
#####################################

# Common
aws_region: us-east-1
aws_region: null
aws_resources_prefix: "{{ organization_name }}"
aws_tag_creator: "{{ organization_name }}"
aws_availibility_zone: us-east-1a # we cannot use us-east-1e for c5.9xlarge, therefore we use us-east-1a
aws_availibility_zone: null # we cannot use us-east-1e for c5.9xlarge, therefore we use us-east-1a

aws_vpc_name: "{{ aws_resources_prefix }}-vpc"
aws_security_group_name: "{{ aws_resources_prefix }}-sg"
6 changes: 1 addition & 5 deletions roles/azure_controllers/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,18 +36,14 @@ The `azure_controllers` role automates the deployment of Cisco SD-WAN controller

### Defaults (`defaults/main.yml`)

- `organization_name`: User-defined organization name, used as a prefix for Azure resources.
- `az_location`: Azure location where resources will be deployed. Must be defined by the user.
- `az_resources_prefix`: Prefix for Azure resources, defaults to the organization name.
- `az_resource_group`: Name of the Azure resource group.
- `az_virtual_network`: Name of the Azure Virtual Network.
- `az_vn_address_prefixes_cidr`: CIDR block for the Azure Virtual Network.
- `az_subnets`: Definitions for Azure subnets within the Virtual Network.
- `az_network_security_group`: Name of the Azure Network Security Group.
- `az_allowed_subnets`: VPN subnets allowed to connect to Azure public IPs.
- `azure_key_name`: Name of the Azure key for VM access.
- `admin_username`: Default admin username for deployed VMs.
- `admin_password`: Default admin password for deployed VMs.
- 'az_vmanage_image_vhd_source'
- `az_vmanage_vm_size`, `az_vbond_vm_size`, `az_vsmart_vm_size`: Azure VM sizes for vManage, vBond, and vSmart instances.
- `site_id_vmanage`, `site_id_vbond`, `site_id_vsmart`: Default site IDs for vManage, vBond, and vSmart instances.
- `vmanage_instances`, `vbond_instances`, `vsmart_instances`: Lists for instance configurations.
Expand Down
7 changes: 4 additions & 3 deletions roles/azure_controllers/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,9 @@ az_allowed_subnets: null
# SD-WAN Instances configuration #
##########################################

azure_key_name: null

# Cloud-init general configurations
admin_username: admin
admin_password: example_password # pragma: allowlist secret
admin_password: null # pragma: allowlist secret
vbond_port: 12346
default_vbond_ip: 192.168.1.199
# vpn0_interface_color: default
Expand All @@ -61,6 +59,7 @@ default_vbond_ip: 192.168.1.199
# vManage
az_vmanage_vm_size: "Standard_F16s_v2"
site_id_vmanage: 100
az_vmanage_image_vhd_source: null

vmanage_instances: []
# - hostname: "{{ az_resources_prefix }}-vManage"
Expand All @@ -71,6 +70,7 @@ vmanage_instances: []
# vBond
az_vbond_vm_size: "Standard_F4s_v2"
site_id_vbond: 200
az_vbond_image_vhd_source: null

vbond_instances: []
# - hostname: "{{ az_resources_prefix }}-vBond"
Expand All @@ -81,6 +81,7 @@ vbond_instances: []
# vSmart
az_vsmart_vm_size: "Standard_F4s_v2"
site_id_vsmart: 300
az_vsmart_image_vhd_source: null

vsmart_instances: []
# - hostname: "{{ az_resources_prefix }}-vSmart"
Expand Down
1 change: 0 additions & 1 deletion roles/azure_edges/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@ Variables with default values that can be overridden by the user:
- `az_resources_prefix`: Prefix for resources, can be customized by the user.
- `az_resource_group`, `az_virtual_network`, `az_vn_address_prefixes_cidr`, `az_subnets`, `az_network_security_group`: Default configurations for Azure networking resources.
- `az_allowed_subnets`: VPN subnets allowed for Azure public IP connections. Should be defined by the user.
- `azure_key_name`: The Azure key for VM access, to be provided by the user.
- `admin_username`, `admin_password`: Default admin credentials for cEdge instances.
- `vbond_port`, `default_vbond_ip`: Default configurations for vBond.
- `az_cedge_vm_size`: Default Azure VM size for cEdge instances.
Expand Down
2 changes: 0 additions & 2 deletions roles/azure_edges/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,6 @@ az_allowed_subnets: null
# SD-WAN Instances configuration #
##########################################

azure_key_name: null

# Cloud-init general configurations
admin_username: admin
admin_password: example_password # pragma: allowlist secret
Expand Down
2 changes: 0 additions & 2 deletions roles/template_cloudinit/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,6 @@ The `template_cloudinit` role executes the following tasks:

Variables with default values that the user may need to override:

- `organization_name`: Mandatory for identifying the organization; used in naming conventions.
- `aws_key_name`: AWS key name for SSH access to instances, to be provided by the user.
- `results_dir`: Directory to store generated cloudinit files.
- `userdata_vmanage_path`, `userdata_vbond_path`, `userdata_vsmart_path`: Paths to templated userdata configurations for respective SD-WAN controllers.
- `admin_username`, `admin_password`: Default admin credentials used in userdata scripts.
Expand Down
1 change: 0 additions & 1 deletion roles/template_cloudinit/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
---

organization_name: null # has to be set by user
aws_key_name: null


# Deployment results path
Expand Down

0 comments on commit 0fd27ce

Please sign in to comment.