diff --git a/ansible/config_sonic_basedon_testbed.yml b/ansible/config_sonic_basedon_testbed.yml index 099e5dfc0a6..4ce8b606dbb 100644 --- a/ansible/config_sonic_basedon_testbed.yml +++ b/ansible/config_sonic_basedon_testbed.yml @@ -122,6 +122,137 @@ delegate_to: localhost when: local_minigraph is defined and local_minigraph|bool == true + - block: + - name: Init telemetry keys + set_fact: + server_key: "" + server_csr: "" + server_cer: "" + dsmsroot_key: "" + dsmsroot_csr: "" + dsmsroot_cer: "" + dir_path: "" + + - name: read server key + set_fact: + server_key: "{{ telemetry_certs['server_key'] }}" + when: telemetry_certs['server_key'] is defined + + - name: read server csr + set_fact: + server_csr: "{{ telemetry_certs['server_csr'] }}" + when: telemetry_certs['server_csr'] is defined + + - name: read server cer + set_fact: + server_cer: "{{ telemetry_certs['server_cer'] }}" + when: telemetry_certs['server_cer'] is defined + + - name: read dsmsroot key + set_fact: + dsmsroot_key: "{{ telemetry_certs['dsmsroot_key'] }}" + when: telemetry_certs['dsmsroot_key'] is defined + + - name: read dsmsroot csr + set_fact: + dsmsroot_csr: "{{ telemetry_certs['dsmsroot_csr'] }}" + when: telemetry_certs['dsmsroot_csr'] is defined + + - name: read dsmsroot cer + set_fact: + dsmsroot_cer: "{{ telemetry_certs['dsmsroot_cer'] }}" + when: telemetry_certs['dsmsroot_cer'] is defined + + - name: read directory path + set_fact: + dir_path: "{{ telemetry_certs['dir_path'] }}" + when: telemetry_certs['dir_path'] is defined + + - name: Create telemetry directory + file: + path: "{{ dir_path }}" + state: directory + mode: '0755' + become: true + delegate_to: localhost + + - name: Create telemetry server private key + openssl_privatekey: + path: "{{ server_key }}" + size: 2048 + mode: '0755' + become: true + delegate_to: localhost + + - name: create telemetry server csr + openssl_csr: + path: "{{ telemetry_certs['server_csr'] }}" + privatekey_path: "{{ server_key }}" + become: true + delegate_to: localhost + + - name: Generate a Self Signed OpenSSL telemetry server certificate + openssl_certificate: + path: "{{ server_cer }}" + privatekey_path: "{{ server_key }}" + csr_path: "{{ server_csr }}" + subject: + commonName: ndastreamingservertest + provider: selfsigned + become: true + delegate_to: localhost + + - name: Create telemetry dsmsroot private key + openssl_privatekey: + path: "{{ dsmsroot_key }}" + size: 2048 + mode: '0755' + become: true + delegate_to: localhost + + - name: create telemetry dsmsroot csr + openssl_csr: + path: "{{ dsmsroot_csr }}" + privatekey_path: "{{ dsmsroot_key }}" + become: true + delegate_to: localhost + + - name: Generate a Self Signed OpenSSL telemetry dsmsroot certificate + openssl_certificate: + path: "{{ dsmsroot_cer }}" + privatekey_path: "{{ dsmsroot_key }} " + csr_path: "{{ dsmsroot_csr }} " + subject: + commonName: ndastreamingclienttest + provider: selfsigned + become: true + delegate_to: localhost + + - name: Creates telemetry directory + file: + path: "{{ dir_path }}" + state: directory + mode: '0755' + become: true + + - name: copy server_key from local to remote + copy: + src: "{{ server_key }}" + dest: "{{ server_key }}" + become: yes + + - name: copy server_cer from local to remote + copy: + src: "{{ server_cer }}" + dest: "{{ server_cer }}" + become: yes + + - name: copy dsmsroot_key from local to remote + copy: + src: "{{ dsmsroot_key }}" + dest: "{{ dsmsroot_key }}" + become: yes + - block: - name: saved original minigraph file in SONiC DUT(ignore errors when file doesnot exist) shell: mv /etc/sonic/minigraph.xml /etc/sonic/minigraph.xml.orig @@ -140,7 +271,7 @@ delegate_to: localhost - name: debug print stat_result - debug: + debug: msg: Stat result is {{ stat_result }} - name: Copy corresponding configlet files if exist diff --git a/ansible/group_vars/all/telemetry_certs.yml b/ansible/group_vars/all/telemetry_certs.yml new file mode 100644 index 00000000000..867242b43d6 --- /dev/null +++ b/ansible/group_vars/all/telemetry_certs.yml @@ -0,0 +1,10 @@ +# Configure telemetry server and dsmsroot key,cer + +telemetry_certs: + server_key: "/etc/sonic/telemetry/streamingtelemetryserver.key" + server_csr: "/etc/sonic/telemetry/streamingtelemetryserver.csr" + server_cer: "/etc/sonic/telemetry/streamingtelemetryserver.cer" + dsmsroot_key: "/etc/sonic/telemetry/dsmsroot.key" + dsmsroot_csr: "/etc/sonic/telemetry/dsmsroot.csr" + dsmsroot_cer: "/etc/sonic/telemetry/dsmsroot.cer" + dir_path: "/etc/sonic/telemetry"