diff options
author | Martin Schwenke <martin@meltin.net> | 2019-02-06 14:53:10 +1100 |
---|---|---|
committer | Martin Schwenke <martin@meltin.net> | 2019-03-25 16:52:25 +1100 |
commit | 51ff83de30db6934e243226ce05c6394b8986a12 (patch) | |
tree | f8dbbe3ceabc398a4596c968285a7245b3c70e01 /ansible/node/roles/nas/templates | |
parent | 7003df8ad2ec9eaa119439f21976e7117b1771e5 (diff) | |
download | autocluster-51ff83de30db6934e243226ce05c6394b8986a12.tar.gz autocluster-51ff83de30db6934e243226ce05c6394b8986a12.tar.xz autocluster-51ff83de30db6934e243226ce05c6394b8986a12.zip |
Add Ansible playbook for node configuration
This will replace all of the existing node provisioning/configuration.
CentOS 7 nodes are currently supported.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Diffstat (limited to 'ansible/node/roles/nas/templates')
-rw-r--r-- | ansible/node/roles/nas/templates/ctdb_conf.j2 | 6 | ||||
-rw-r--r-- | ansible/node/roles/nas/templates/ctdb_public_addresses.j2 | 55 | ||||
-rw-r--r-- | ansible/node/roles/nas/templates/ctdb_sysconfig.j2 | 23 | ||||
-rw-r--r-- | ansible/node/roles/nas/templates/nfs_exports.j2 | 6 | ||||
-rw-r--r-- | ansible/node/roles/nas/templates/nfs_sysconfig.j2 | 14 | ||||
-rw-r--r-- | ansible/node/roles/nas/templates/samba_registry.j2 | 33 |
6 files changed, 137 insertions, 0 deletions
diff --git a/ansible/node/roles/nas/templates/ctdb_conf.j2 b/ansible/node/roles/nas/templates/ctdb_conf.j2 new file mode 100644 index 0000000..fbfaead --- /dev/null +++ b/ansible/node/roles/nas/templates/ctdb_conf.j2 @@ -0,0 +1,6 @@ +[logging] + location = syslog + log level = NOTICE + +[cluster] + recovery lock = {{ clusterfs.mountpoint }}/.ctdb/recovery.lock diff --git a/ansible/node/roles/nas/templates/ctdb_public_addresses.j2 b/ansible/node/roles/nas/templates/ctdb_public_addresses.j2 new file mode 100644 index 0000000..77f95b7 --- /dev/null +++ b/ansible/node/roles/nas/templates/ctdb_public_addresses.j2 @@ -0,0 +1,55 @@ +{# #} +{# How many static public addresses/interfaces per node? #} +{# #} +{% set num_static = (nodes[ansible_hostname].ips | length) - 1 %} +{# #} +{# Gather all static addresses, sublist per interface #} +{# #} +{% set static_addrs = [] %} +{% for i in range(1, num_static + 1) -%} +{{ static_addrs.append([]) }} +{%- endfor %} +{% for hostname, n in nodes | dictsort %} +{% if n.is_ctdb_node %} +{% for i in range(1, num_static + 1) -%} +{{ static_addrs[i - 1].append(n.ips[i]) }} +{%- endfor %} +{% endif %} +{% endfor %} +{# #} +{# For each list of static IPs, find interface, print with each IP #} +{# #} +{% set h = ansible_hostname %} +{% for ips in static_addrs %} +{% for iface in ansible_interfaces %} +{% set ai = 'ansible_%s'|format(iface) %} +{% if hostvars[h][ai]['ipv4'] is defined %} +{% set ip4 = hostvars[h][ai]['ipv4'] %} +{% if ip4['address'] is defined %} +{% set aip = ip4['address'] %} +{% set netmask = ip4['netmask'] %} +{% set prefix = (aip + '/' + netmask) | ipv4('prefix') %} +{% if aip in ips %} +{% for ip in ips %} +{% set ip_int = ip | ipaddr('int') %} +{{ (ip_int + 100) | ipaddr('address') }}/{{ prefix }} {{ iface }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} +{% if hostvars[h][ai]['ipv6'] is defined %} +{% for ip6 in hostvars[h][ai]['ipv6'] %} +{% if ip6['address'] is defined %} +{% set aip = ip6['address'] %} +{% set prefix = ip6['prefix'] %} +{% if aip in ips %} +{% for ip in ips %} +{% set ip_int = ip | ipaddr('int') %} +{{ (ip_int + 100) | ipaddr('address') }}/{{ prefix }} {{ iface }} +{% endfor %} +{% endif %} +{% endif %} +{% endfor %} +{% endif %} +{% endfor %} +{% endfor %} diff --git a/ansible/node/roles/nas/templates/ctdb_sysconfig.j2 b/ansible/node/roles/nas/templates/ctdb_sysconfig.j2 new file mode 100644 index 0000000..9992023 --- /dev/null +++ b/ansible/node/roles/nas/templates/ctdb_sysconfig.j2 @@ -0,0 +1,23 @@ +# Core +CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses +CTDB_RECOVERY_LOCK={{ clusterfs.mountpoint }}/.ctdb/recovery.lock + +# Services managed +CTDB_MANAGES_SAMBA=yes +{% if auth_method == 'winbind' %} +CTDB_MANAGES_WINBIND=yes +{% else %} +CTDB_MANAGES_WINBIND=no +{% endif %} + +CTDB_MANAGES_NFS=yes +CTDB_MANAGES_HTTPD=yes +CTDB_MANAGES_VSFTPD=yes + +# System +ulimit -n 1048576 +ulimit -c unlimited + +# Logging +CTDB_LOGGING="syslog" +CTDB_DEBUGLEVEL=NOTICE diff --git a/ansible/node/roles/nas/templates/nfs_exports.j2 b/ansible/node/roles/nas/templates/nfs_exports.j2 new file mode 100644 index 0000000..00bd867 --- /dev/null +++ b/ansible/node/roles/nas/templates/nfs_exports.j2 @@ -0,0 +1,6 @@ +# NFS exports file generated by autocluster +{% set fsid = 834258092 %} +{% for s in shares %} +"{{ s.directory }}" *(rw,no_root_squash,subtree_check,fsid={{ fsid }}) + {% set fsid = fsid + 1 %} +{% endfor %} diff --git a/ansible/node/roles/nas/templates/nfs_sysconfig.j2 b/ansible/node/roles/nas/templates/nfs_sysconfig.j2 new file mode 100644 index 0000000..c103fc7 --- /dev/null +++ b/ansible/node/roles/nas/templates/nfs_sysconfig.j2 @@ -0,0 +1,14 @@ +NFS_HOSTNAME="{{ cluster }}" + +STATD_PORT=32765 +STATD_OUTGOING_PORT=32766 +MOUNTD_PORT=32767 +RQUOTAD_PORT=32768 +LOCKD_UDPPORT=32769 +LOCKD_TCPPORT=32769 + +STATDARG="-n ${NFS_HOSTNAME}" +STATD_HA_CALLOUT="/etc/ctdb/statd-callout" + +RPCNFSDARGS="-N 4" +RPCNFSDCOUNT=8 diff --git a/ansible/node/roles/nas/templates/samba_registry.j2 b/ansible/node/roles/nas/templates/samba_registry.j2 new file mode 100644 index 0000000..f6200af --- /dev/null +++ b/ansible/node/roles/nas/templates/samba_registry.j2 @@ -0,0 +1,33 @@ +[global] +{% if auth_method == 'winbind' %} + security = ADS +{% elif auth_method == 'files' %} + security = USER +{% else %} + security = BROKEN +{% endif %} + + logging = syslog + log level = 1 + + netbios name = {{ cluster }} + workgroup = {{ samba.workgroup }} + realm = {{ resolv_conf.domain }} + + disable netbios = yes + disable spoolss = yes + + idmap config * : backend = autorid + idmap config * : range = 1000000-1999999 + + kernel oplocks = yes + + read only = no + +{% for s in shares %} +[{{ s.name }}] + path = {{ s.directory }} + comment = Example share {{ s.name }} + guest ok = yes + browseable = yes +{% endfor %} |