diff options
| author | Martin Schwenke <martin@meltin.net> | 2019-02-06 14:53:10 +1100 |
|---|---|---|
| committer | Martin Schwenke <martin@meltin.net> | 2019-03-25 16:52:25 +1100 |
| commit | 51ff83de30db6934e243226ce05c6394b8986a12 (patch) | |
| tree | f8dbbe3ceabc398a4596c968285a7245b3c70e01 /ansible/node/roles/nas/tasks/generic | |
| parent | 7003df8ad2ec9eaa119439f21976e7117b1771e5 (diff) | |
| download | autocluster-51ff83de30db6934e243226ce05c6394b8986a12.tar.gz autocluster-51ff83de30db6934e243226ce05c6394b8986a12.tar.xz autocluster-51ff83de30db6934e243226ce05c6394b8986a12.zip | |
Add Ansible playbook for node configuration
This will replace all of the existing node provisioning/configuration.
CentOS 7 nodes are currently supported.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Diffstat (limited to 'ansible/node/roles/nas/tasks/generic')
| -rw-r--r-- | ansible/node/roles/nas/tasks/generic/ctdb-once.yml | 3 | ||||
| -rw-r--r-- | ansible/node/roles/nas/tasks/generic/ctdb-start.yml | 12 | ||||
| -rw-r--r-- | ansible/node/roles/nas/tasks/generic/ctdb-stop.yml | 5 | ||||
| -rw-r--r-- | ansible/node/roles/nas/tasks/generic/ctdb-with-samba-nfs.yml | 41 | ||||
| -rw-r--r-- | ansible/node/roles/nas/tasks/generic/ctdb.yml | 37 | ||||
| -rw-r--r-- | ansible/node/roles/nas/tasks/generic/nfs.yml | 5 | ||||
| -rw-r--r-- | ansible/node/roles/nas/tasks/generic/samba-gpfs-once.yml | 16 | ||||
| -rw-r--r-- | ansible/node/roles/nas/tasks/generic/samba-once.yml | 12 | ||||
| -rw-r--r-- | ansible/node/roles/nas/tasks/generic/samba.yml | 10 | ||||
| -rw-r--r-- | ansible/node/roles/nas/tasks/generic/shares.yml | 9 |
10 files changed, 150 insertions, 0 deletions
diff --git a/ansible/node/roles/nas/tasks/generic/ctdb-once.yml b/ansible/node/roles/nas/tasks/generic/ctdb-once.yml new file mode 100644 index 0000000..139bd32 --- /dev/null +++ b/ansible/node/roles/nas/tasks/generic/ctdb-once.yml @@ -0,0 +1,3 @@ +--- +- name: set security context for CTDB recovery lock directory + command: chcon -t ctdbd_var_t {{ clusterfs.mountpoint }}/.ctdb diff --git a/ansible/node/roles/nas/tasks/generic/ctdb-start.yml b/ansible/node/roles/nas/tasks/generic/ctdb-start.yml new file mode 100644 index 0000000..8bc9dbb --- /dev/null +++ b/ansible/node/roles/nas/tasks/generic/ctdb-start.yml @@ -0,0 +1,12 @@ +--- +- name: start CTDB + service: + name: ctdb + state: started + +- name: wait until CTDB is healthy + command: ctdb nodestatus all + register: result + until: result.rc == 0 + retries: 24 + delay: 5 diff --git a/ansible/node/roles/nas/tasks/generic/ctdb-stop.yml b/ansible/node/roles/nas/tasks/generic/ctdb-stop.yml new file mode 100644 index 0000000..ca624dc --- /dev/null +++ b/ansible/node/roles/nas/tasks/generic/ctdb-stop.yml @@ -0,0 +1,5 @@ +--- +- name: stop CTDB + service: + name: ctdb + state: stopped diff --git a/ansible/node/roles/nas/tasks/generic/ctdb-with-samba-nfs.yml b/ansible/node/roles/nas/tasks/generic/ctdb-with-samba-nfs.yml new file mode 100644 index 0000000..dea44fa --- /dev/null +++ b/ansible/node/roles/nas/tasks/generic/ctdb-with-samba-nfs.yml @@ -0,0 +1,41 @@ +--- +# Should be running already but this won't hurt +- import_tasks: ctdb-start.yml + +- name: join active directory domain + shell: | + net ads testjoin || \ + timeout 10 net ads join -U "administrator%{{ ad.admin_password }}" + register: result + until: result.rc == 0 + retries: 5 + delay: 1 + run_once: true + when: auth_method == 'winbind' + +# FIXME: This will be useful to allow version checking to enable +# services/event scripts in different ways + +# New in Ansible 2.5 +#- name: get package facts +# package_facts: +# manager: "auto" + +#- name: show them +# debug: var=ansible_facts.packages + +- import_tasks: ctdb-stop.yml + +- name: configure CTDB to manage smbd and NFS + command: ctdb event script enable legacy {{ s }} + with_list: + - 50.samba + - 60.nfs + loop_control: + loop_var: s + +- name: configure CTDB to manage winbindd + command: ctdb event script enable legacy 49.winbind + when: auth_method == 'winbind' + +- import_tasks: ctdb-start.yml diff --git a/ansible/node/roles/nas/tasks/generic/ctdb.yml b/ansible/node/roles/nas/tasks/generic/ctdb.yml new file mode 100644 index 0000000..5041db4 --- /dev/null +++ b/ansible/node/roles/nas/tasks/generic/ctdb.yml @@ -0,0 +1,37 @@ +--- +- name: generate CTDB configuration file + template: + src: ctdb_conf.j2 + dest: /etc/ctdb/ctdb.conf + +- name: generate CTDB public addresses file + template: + src: ctdb_public_addresses.j2 + dest: /etc/ctdb/public_addresses + +- name: create directory for CTDB recovery lock + file: + path: "{{ clusterfs.mountpoint }}/.ctdb" + state: directory + +- import_tasks: ctdb-once.yml + run_once: true + +- name: ensure CTDB is enabled + service: + name: ctdb + enabled: yes + +# This stops things failing if the domain has not been joined or similar +- name: ensure that CTDB is not managing smbd, winbind and NFS + command: ctdb event script disable legacy {{ s }} + with_list: + - 49.winbind + - 50.samba + - 60.nfs + loop_control: + loop_var: s + +# Restart just in case ctdbd was running but unhealthy +- import_tasks: ctdb-stop.yml +- import_tasks: ctdb-start.yml diff --git a/ansible/node/roles/nas/tasks/generic/nfs.yml b/ansible/node/roles/nas/tasks/generic/nfs.yml new file mode 100644 index 0000000..90c00bc --- /dev/null +++ b/ansible/node/roles/nas/tasks/generic/nfs.yml @@ -0,0 +1,5 @@ +--- +- name: generate NFS exports file + template: + src: nfs_exports.j2 + dest: /etc/exports diff --git a/ansible/node/roles/nas/tasks/generic/samba-gpfs-once.yml b/ansible/node/roles/nas/tasks/generic/samba-gpfs-once.yml new file mode 100644 index 0000000..101cd4b --- /dev/null +++ b/ansible/node/roles/nas/tasks/generic/samba-gpfs-once.yml @@ -0,0 +1,16 @@ +--- +- name: Tweak Samba config for GPFS cluster filesystem + command: net conf setparm global "{{ p.param }}" "{{ p.value }}" + with_list: + - param: vfs objects + value: gpfs fileid + - param: fileid:mapping + value: fsname + - param: nfs4:chown + value: "yes" + - param: nfs4:acedup + value: merge + - param: force unknown acl user + value: "yes" + loop_control: + loop_var: p diff --git a/ansible/node/roles/nas/tasks/generic/samba-once.yml b/ansible/node/roles/nas/tasks/generic/samba-once.yml new file mode 100644 index 0000000..8a586e6 --- /dev/null +++ b/ansible/node/roles/nas/tasks/generic/samba-once.yml @@ -0,0 +1,12 @@ +--- +- name: generate initial Samba registry configuration + template: + src: samba_registry.j2 + dest: /root/.autocluster/samba-registry.conf + +# Need to start at least ctdbd... maybe smbd? + +- name: initialise Samba registry configuration + command: net conf import /root/.autocluster/samba-registry.conf + +- import_tasks: samba-{{ clusterfs.type }}-once.yml diff --git a/ansible/node/roles/nas/tasks/generic/samba.yml b/ansible/node/roles/nas/tasks/generic/samba.yml new file mode 100644 index 0000000..c1e58b8 --- /dev/null +++ b/ansible/node/roles/nas/tasks/generic/samba.yml @@ -0,0 +1,10 @@ +--- +- name: add smb.conf + copy: + src: smb.conf + dest: /etc/samba/smb.conf + +# TODO: Enable 50.samba and 60.nfs event scripts + +- import_tasks: samba-once.yml + run_once: true diff --git a/ansible/node/roles/nas/tasks/generic/shares.yml b/ansible/node/roles/nas/tasks/generic/shares.yml new file mode 100644 index 0000000..db5d58e --- /dev/null +++ b/ansible/node/roles/nas/tasks/generic/shares.yml @@ -0,0 +1,9 @@ +--- +- name: create share directories + file: + path: "{{s.directory}}" + mode: "{{s.mode}}" + state: directory + with_list: "{{shares}}" + loop_control: + loop_var: s |