Add Ansible playbook for node configuration

This will replace all of the existing node provisioning/configuration.
CentOS 7 nodes are currently supported.

Signed-off-by: Martin Schwenke <martin@meltin.net>

6 files changed, 137 insertions, 0 deletions

diff --git a/ansible/node/roles/nas/templates/ctdb_conf.j2 b/ansible/node/roles/nas/templates/ctdb_conf.j2
new file mode 100644
index 0000000..fbfaead
--- /dev/null
+++ b/ansible/node/roles/nas/templates/ctdb_conf.j2
@@ -0,0 +1,6 @@
+[logging]
+	location = syslog
+	log level = NOTICE
+
+[cluster]
+	recovery lock = {{ clusterfs.mountpoint }}/.ctdb/recovery.lock
diff --git a/ansible/node/roles/nas/templates/ctdb_public_addresses.j2 b/ansible/node/roles/nas/templates/ctdb_public_addresses.j2
new file mode 100644
index 0000000..77f95b7
--- /dev/null
+++ b/ansible/node/roles/nas/templates/ctdb_public_addresses.j2
@@ -0,0 +1,55 @@
+{#                                                                 #}
+{# How many static public addresses/interfaces per node?           #}
+{#                                                                 #}
+{% set num_static = (nodes[ansible_hostname].ips | length) - 1     %}
+{#                                                                 #}
+{# Gather all static addresses, sublist per interface              #}
+{#                                                                 #}
+{% set static_addrs = []                                           %}
+{% for i in range(1, num_static + 1)                              -%}
+{{   static_addrs.append([])                                       }}
+{%- endfor                                                         %}
+{% for hostname, n in nodes | dictsort                             %}
+{%   if n.is_ctdb_node                                             %}
+{%     for i in range(1, num_static + 1)                          -%}
+{{       static_addrs[i - 1].append(n.ips[i])                      }}
+{%-    endfor                                                      %}
+{%   endif                                                         %}
+{% endfor                                                          %}
+{#                                                                 #}
+{# For each list of static IPs, find interface, print with each IP #}
+{#                                                                 #}
+{% set h = ansible_hostname                                        %}
+{% for ips in static_addrs                                         %}
+{%   for iface in ansible_interfaces                               %}
+{%     set ai = 'ansible_%s'|format(iface)                         %}
+{%     if hostvars[h][ai]['ipv4'] is defined                       %}
+{%       set ip4 = hostvars[h][ai]['ipv4']                         %}
+{%       if ip4['address'] is defined                              %}
+{%         set aip = ip4['address']                                %}
+{%         set netmask = ip4['netmask']                            %}
+{%         set prefix = (aip + '/' + netmask) | ipv4('prefix')     %}
+{%         if aip in ips                                           %}
+{%           for ip in ips                                         %}
+{%             set ip_int = ip | ipaddr('int')                     %}
+{{ (ip_int + 100) | ipaddr('address') }}/{{ prefix }}	{{ iface }}
+{%           endfor                                                %}
+{%         endif                                                   %}
+{%       endif                                                     %}
+{%     endif                                                       %}
+{%     if hostvars[h][ai]['ipv6'] is defined                       %}
+{%       for ip6 in hostvars[h][ai]['ipv6']                        %}
+{%         if ip6['address'] is defined                            %}
+{%           set aip = ip6['address']                              %}
+{%           set prefix = ip6['prefix']                            %}
+{%           if aip in ips                                         %}
+{%             for ip in ips                                       %}
+{%               set ip_int = ip | ipaddr('int')                   %}
+{{ (ip_int + 100) | ipaddr('address') }}/{{ prefix }}	{{ iface }}
+{%             endfor                                              %}
+{%           endif                                                 %}
+{%         endif                                                   %}
+{%       endfor                                                    %}
+{%     endif                                                       %}
+{%   endfor                                                        %}
+{% endfor                                                          %}
diff --git a/ansible/node/roles/nas/templates/ctdb_sysconfig.j2 b/ansible/node/roles/nas/templates/ctdb_sysconfig.j2
new file mode 100644
index 0000000..9992023
--- /dev/null
+++ b/ansible/node/roles/nas/templates/ctdb_sysconfig.j2
@@ -0,0 +1,23 @@
+# Core
+CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses
+CTDB_RECOVERY_LOCK={{ clusterfs.mountpoint }}/.ctdb/recovery.lock
+
+# Services managed
+CTDB_MANAGES_SAMBA=yes
+{% if auth_method == 'winbind' %}
+CTDB_MANAGES_WINBIND=yes
+{% else %}
+CTDB_MANAGES_WINBIND=no
+{% endif %}
+
+CTDB_MANAGES_NFS=yes
+CTDB_MANAGES_HTTPD=yes
+CTDB_MANAGES_VSFTPD=yes
+
+# System
+ulimit -n 1048576
+ulimit -c unlimited
+
+# Logging
+CTDB_LOGGING="syslog"
+CTDB_DEBUGLEVEL=NOTICE
diff --git a/ansible/node/roles/nas/templates/nfs_exports.j2 b/ansible/node/roles/nas/templates/nfs_exports.j2
new file mode 100644
index 0000000..00bd867
--- /dev/null
+++ b/ansible/node/roles/nas/templates/nfs_exports.j2
@@ -0,0 +1,6 @@
+# NFS exports file generated by autocluster
+{% set fsid = 834258092 %}
+{% for s in shares %}
+"{{ s.directory }}" *(rw,no_root_squash,subtree_check,fsid={{ fsid }})
+  {% set fsid = fsid + 1 %}
+{% endfor %}
diff --git a/ansible/node/roles/nas/templates/nfs_sysconfig.j2 b/ansible/node/roles/nas/templates/nfs_sysconfig.j2
new file mode 100644
index 0000000..c103fc7
--- /dev/null
+++ b/ansible/node/roles/nas/templates/nfs_sysconfig.j2
@@ -0,0 +1,14 @@
+NFS_HOSTNAME="{{ cluster }}"
+
+STATD_PORT=32765
+STATD_OUTGOING_PORT=32766
+MOUNTD_PORT=32767
+RQUOTAD_PORT=32768
+LOCKD_UDPPORT=32769
+LOCKD_TCPPORT=32769
+
+STATDARG="-n ${NFS_HOSTNAME}"
+STATD_HA_CALLOUT="/etc/ctdb/statd-callout"
+
+RPCNFSDARGS="-N 4"
+RPCNFSDCOUNT=8
diff --git a/ansible/node/roles/nas/templates/samba_registry.j2 b/ansible/node/roles/nas/templates/samba_registry.j2
new file mode 100644
index 0000000..f6200af
--- /dev/null
+++ b/ansible/node/roles/nas/templates/samba_registry.j2
@@ -0,0 +1,33 @@
+[global]
+{% if auth_method == 'winbind' %}
+	security = ADS
+{% elif auth_method == 'files' %}
+	security = USER
+{% else %}
+	security = BROKEN
+{% endif %}
+
+	logging = syslog
+	log level = 1
+
+	netbios name = {{ cluster }}
+	workgroup = {{ samba.workgroup }}
+	realm = {{ resolv_conf.domain }}
+
+	disable netbios = yes
+	disable spoolss = yes
+
+	idmap config * : backend = autorid
+	idmap config * : range = 1000000-1999999
+
+	kernel oplocks = yes
+
+	read only = no
+
+{% for s in shares %}
+[{{ s.name }}]
+	path = {{ s.directory }}
+	comment = Example share {{ s.name }}
+	guest ok = yes
+	browseable = yes
+{% endfor %}