diff options
| author | Martin Schwenke <martin@meltin.net> | 2019-02-14 15:04:58 +1100 |
|---|---|---|
| committer | Martin Schwenke <martin@meltin.net> | 2019-03-09 21:13:34 +1100 |
| commit | fc6fd0765f3c22b21478113378d00434e6315610 (patch) | |
| tree | c651bfa05de826df5c4bc68eb90651e706e91d7e | |
| parent | 89cd76bad1ab362f7293fdbbff8ea2d76b255f93 (diff) | |
| download | autocluster-fc6fd0765f3c22b21478113378d00434e6315610.tar.gz autocluster-fc6fd0765f3c22b21478113378d00434e6315610.tar.xz autocluster-fc6fd0765f3c22b21478113378d00434e6315610.zip | |
Add Ansible playbooks for host machine setup
This is currently host setup on CentOS 7 and setting up an
autocluster-specific SSH key on the host.
Signed-off-by: Martin Schwenke <martin@meltin.net>
| -rw-r--r-- | ansible/host/autocluster_setup_centos7.yml | 138 | ||||
| -rw-r--r-- | ansible/host/autocluster_setup_ssh.yml | 25 | ||||
| -rw-r--r-- | ansible/host/home_exports.j2 | 1 |
3 files changed, 164 insertions, 0 deletions
diff --git a/ansible/host/autocluster_setup_centos7.yml b/ansible/host/autocluster_setup_centos7.yml new file mode 100644 index 0000000..87d9df8 --- /dev/null +++ b/ansible/host/autocluster_setup_centos7.yml @@ -0,0 +1,138 @@ +--- +- name: Set up the host machine for autocluster + connection: local + hosts: localhost + + tasks: + - name: install latest vagrant rpm + package: + name: https://releases.hashicorp.com/vagrant/2.2.3/vagrant_2.2.3_x86_64.rpm + state: present + + - name: install vagrant plugins + command: vagrant plugin install {{item}} + with_items: + - vagrant-libvirt + - vagrant-proxyconf + + - name: dependencies for virt_pool module + package: + name: + - libvirt-python + - python-lxml + state: present + + - name: ensure autocluster storage pool exists + virt_pool: + name: autocluster + state: present + autostart: yes + xml: > + <pool type='dir'> + <name>autocluster</name> + <target> + <path>/virtual/autocluster</path> + </target> + </pool> + + # It seems that you can't force the pool to be active above when creating it! + - name: ensure autocluster storage pool is active + virt_pool: + name: autocluster + state: active + + - name: install NFS server + package: + name: nfs-utils + state: present + + - name: enable/start NFS server + service: + name: "{{item}}" + enabled: yes + state: started + with_items: + - nfs + - nfslock + + # This was tough to figure out... + - name: allow NFS through firewall + firewalld: + service: "{{item}}" + zone: public + state: enabled + permanent: yes + immediate: yes + with_items: + - mountd + - rpc-bind + - nfs3 + + # Need to add a restart or "exportfs -r" + - name: export /home via NFS + template: + # This can be parameterised later when there are host onfig variables + src: home_exports.j2 + dest: /etc/exports.d/autocluster-home.exports + + - name: ensure an NTP server is installed + package: + name: chrony + state: present + + - name: allow NTP through firewall + firewalld: + service: ntp + zone: public + state: enabled + permanent: yes + immediate: yes + + - name: enable/start NTP server + service: + name: chronyd + enabled: yes + state: started + + - name: ensure an HTTP server is installed + package: + name: httpd + state: present + + - name: enable/start HTTP server + service: + name: httpd + enabled: yes + state: started + + - name: allow HTTP through firewall + firewalld: + service: http + zone: public + state: enabled + permanent: yes + immediate: yes + + - name: ensure HTTP link for mediasets directory + file: + src: /home/mediasets + path: /var/www/html/mediasets + state: link + force: yes + + - name: ensure semanage command is available + package: + name: policycoreutils-python + state: present + + - name: selinux setup for /home/mediasets + command: "{{item}}" + with_items: + - chcon -R -t httpd_user_content_t /home/mediasets + - semanage boolean -m -1 httpd_unified + - semanage boolean -m -1 httpd_enable_homedirs + + - name: install Python dependencies for Ansible Jinja templating + package: + name: python-netaddr + state: present diff --git a/ansible/host/autocluster_setup_ssh.yml b/ansible/host/autocluster_setup_ssh.yml new file mode 100644 index 0000000..1f6cbc5 --- /dev/null +++ b/ansible/host/autocluster_setup_ssh.yml @@ -0,0 +1,25 @@ +--- +- name: Set up an autocluster SSH key for the current user + connection: local + hosts: localhost + + tasks: + - name: create SSH autocluster ID + # Not the most modern but compatibile with old distros such as + # Centos 6 + command: > + ssh-keygen -b 2028 -t rsa -N "" -C "autocluster" + -f "{{ ansible_env.HOME }}/.ssh/id_autocluster" + args: + creates: "{{ ansible_env.HOME }}/.ssh/id_autocluster" + + - name: create SSH autocluster.d/ configuration directory + file: + path: "{{ ansible_env.HOME }}/.ssh/autocluster.d" + state: directory + + - name: update SSH config to include config autocluster clusters + lineinfile: + path: "{{ ansible_env.HOME }}/.ssh/config" + regexp: "^Include autocluster\.d/\*\.config$" + line: "Include autocluster.d/*.config" diff --git a/ansible/host/home_exports.j2 b/ansible/host/home_exports.j2 new file mode 100644 index 0000000..458f96a --- /dev/null +++ b/ansible/host/home_exports.j2 @@ -0,0 +1 @@ +/home 10.0.0.0/24(rw,async,insecure,no_root_squash,no_subtree_check) |