This is an extension point for Atmosphere. It defines (with Ansible) how Atmosphere's instances deploy within the targeted cloud provider.
To look at how Atmosphere utilizes this module, look at the service.deploy.py and our subspace module.
We use this term to denote that an installation of Atmosphere could customize / modify the actions performed when deploying virtual machine instances to a cloud provider by alter the playbooks defined here.
The number prefixing the name of a playbook (example: 20_atmo_dhcp.yml) is used to determine the order of execution by subspace. So 20_atmo_dhcp.yml happens after 15_atmo_ntp.yml. And, 66_atmo_user_ssh_keys.yml will happen last even though it appears second in a directory listing of playbooks. To prevent this, ensure that playbook names do not exceed a prefix of 100. Here is a list of currently executed playbooks:
ansible/playbooks/
├── 00_check_networking.yml
├── 05_ssh_setup.yml
├── 10_atmo_pre_setup.yml
├── 15_atmo_ntp.yml
├── 20_atmo_dhcp.yml
├── 21_atmo_hostname.yml
├── 22_iplant_ldap.yml
├── 25_atmo_common.yml
├── 30_atmo_mount_home.yml
├── 40_atmo_setup_user.yml
├── 45_atmo_fail2ban.yml
├── 49_atmo_irods.yml
├── 50_atmo_realvnc.yml
├── 55_atmo_idrop.yml
├── 56_atmo_cleanup.yml
├── 60_atmo_postbootscripts.yml
├── 65_gateone-gen-sshkey.yml
└── 66_atmo_user_ssh_keys.yml
Atmosphere-ansible provides optional functionality that is used in some, but not all deployments.
Enable these optional configurations by setting the corresponding variable to true (e.g. in your Ansible group_vars).
| Variable | Purpose |
|---|---|
| SETUP_DHCP_CLIENT | DHCP client |
| SETUP_LDAP | LDAP client for user authentication |
| SETUP_LOCAL_USER_ACCOUNT | Local user account (always runs when SETUP_LDAP not true) |
| SETUP_IRODS_ICOMMANDS | iRODS iCommands and iRODS FUSE client |
| SETUP_REALVNC_SERVER | RealVNC server for Atmosphere Web Desktop feature |
| SETUP_GLOBUS_CONNECT | Globus Connect |
| SETUP_GUACAMOLE | Apache Guacamole |
| SETUP_NOVNC | NoVNC VNC Client |
| SETUP_GUI_BROWSER | Web browser on instances with a GUI |
| SET_DESKTOP_BACKGROUND | Set desktop background for instances with a GUI |
| SETUP_ATMO_BACKUP | Deploy cyverse_backup script |
Guacamole is a VNC and SSH gateway. If using this feature, GUACAMOLE_SERVER_IP must also be defined.
Security Warning: the Guacamole remote desktop requires unencrypted VNC connections from the Guacamole server to your target instances. Ensure that your Guacamole server connects to instances via a trusted network where no unauthorized parties can listen to network traffic. If these connections transit an untrusted network, anyone listening on the wire would get everything from the unencrypted VNC sessions.
These playbooks are called separately via subspace to verify things such as network connectivity and VNC status for Atmosphere deployments.
ansible/util_playbooks/
├── atmo_check_vnc.yml
└── check_networking.yml
See this troubleshooting page: Troubleshooting Atmosphere Ansible
Generally, new roles should be created using ansible-role-template using Ansible Galaxy. Optionally, test roles using Travis CI as detailed here.
See LICENSE file.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent