đź“™ Playbook: Open Support Tunnel

Ansible
1

“Give the hardest job to the laziest guy and he’ll find the easiest way to do it.” - Abraham Lincoln

Whenever we contact support, bless their hearts, they need a support tunnel. Of course they do, how else would they help? I can’t help but groan a LITTLE bit because now I’ve gotta stop what I’m doing and log into the cluster and type a little 5 digit number. How inconvenient.

This playbook takes your production inventory and specified node and opens a support tunnel. Easy!

- name: Scale Customer Support Tunnel Open
  hosts: all
  connection: ansible.builtin.local
  gather_facts: false

  environment:
    SC_HOST: "https://{{ node }}"
    SC_USERNAME: "{{ scale_admin_user }}"
    SC_PASSWORD: "{{ scale_admin_pass }}"

  tasks:
  - name: Open support tunnel for {{ SC_HOST }} using tunnel {{ external_supporttunnel }}
    scale_computing.hypercore.support_tunnel:
        state: "present"
        code: "{{ external_supporttunnel }}"

So we invoke the playbook like so:

ansible-playbook opensupporttunnelonnode.yaml -e@vars.yaml -i production-inventory.yml  \
-e "external_supporttunnel=30309" 
-e "node=10.4.189.99"

The really easy way to invoke this is with passthrough variables for the tunnel and node in a shell script:

#!/bin/bash

echo "Opening support tunnel on $2 with code $1"

cd /home/youransibleworkingdir/
ansible-playbook opensupporttunnel.yaml -e@rvars.yaml -i production-inventory.yml -e "external_supporttunnel=$1" -e "node=$2"

So you can save that and run it with your open SSH session:

./OpenSupportTunnel.sh "30309" "10.4.189.99"

And if you wanted to go even ONE DEEPER… I present a Powershell monstrosity:

# Assumes StoreInfo.csv has Store number as a column called "Site_ID" as a 4 digit store number 
# and a column called LAN which has the first three octets of your store's lan. Also assumes that your
# 3 nodes are .98, .99, .100. This is quick, dirty and horrible. Don't @ me!

Install-Module POSH-SSH

$playbookyaml  = 'opensupporttunnelonnode.yaml'
$Store         = '219'
$supporttunnel = '32137'
$node          = '3'

# Working directory 
$cd            = 'cd /home/youransibleworkingdir/ &&'
$block2        = ' -e "external_supporttunnel='
$block3        = '" -e "node='

Switch($node) {
    '1' {$nodeswitch = '.98'}
    '2' {$nodeswitch = '.99'}
    '3' {$nodeswitch = '.100'}
    default {$nodeswitch = '.98'}
}
$NodeIP = (($StoreInfo | Where-Object {$_.Site_ID -eq ('0'+$Store)}).LAN+$NodeSwitch)

$StoreAnsible = ('"'+$Store+'"')

$StoreInfo = Import-Csv -Path ".\StoreInfo.csv"

$playbook = ($cd + ' ansible-playbook '+$playbookyaml+'  -e@rf_vars-omv.yaml -i production-inventory.yml -l '+$StoreAnsible+$block2+$supporttunnel+$block3+$nodeIP+'"')

$session = New-SSHSession -ComputerName 172.16.30.17 -Credential (Get-Credential) -AcceptKey

If ($session.Connected -eq $True){
Invoke-SSHCommand -Command $Playbook -SessionId ($session.SessionId) -EnsureConnection -ShowStandardOutputStream -ShowErrorOutputStream
}
else {Write-Output "Not Connected"}

I definitely could make that Powershell script better.

1 Like