blob: 87d9df85ebafe43f5e9cbcc85cafef7a238176da (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
---
- name: Set up the host machine for autocluster
connection: local
hosts: localhost
tasks:
- name: install latest vagrant rpm
package:
name: https://releases.hashicorp.com/vagrant/2.2.3/vagrant_2.2.3_x86_64.rpm
state: present
- name: install vagrant plugins
command: vagrant plugin install {{item}}
with_items:
- vagrant-libvirt
- vagrant-proxyconf
- name: dependencies for virt_pool module
package:
name:
- libvirt-python
- python-lxml
state: present
- name: ensure autocluster storage pool exists
virt_pool:
name: autocluster
state: present
autostart: yes
xml: >
<pool type='dir'>
<name>autocluster</name>
<target>
<path>/virtual/autocluster</path>
</target>
</pool>
# It seems that you can't force the pool to be active above when creating it!
- name: ensure autocluster storage pool is active
virt_pool:
name: autocluster
state: active
- name: install NFS server
package:
name: nfs-utils
state: present
- name: enable/start NFS server
service:
name: "{{item}}"
enabled: yes
state: started
with_items:
- nfs
- nfslock
# This was tough to figure out...
- name: allow NFS through firewall
firewalld:
service: "{{item}}"
zone: public
state: enabled
permanent: yes
immediate: yes
with_items:
- mountd
- rpc-bind
- nfs3
# Need to add a restart or "exportfs -r"
- name: export /home via NFS
template:
# This can be parameterised later when there are host onfig variables
src: home_exports.j2
dest: /etc/exports.d/autocluster-home.exports
- name: ensure an NTP server is installed
package:
name: chrony
state: present
- name: allow NTP through firewall
firewalld:
service: ntp
zone: public
state: enabled
permanent: yes
immediate: yes
- name: enable/start NTP server
service:
name: chronyd
enabled: yes
state: started
- name: ensure an HTTP server is installed
package:
name: httpd
state: present
- name: enable/start HTTP server
service:
name: httpd
enabled: yes
state: started
- name: allow HTTP through firewall
firewalld:
service: http
zone: public
state: enabled
permanent: yes
immediate: yes
- name: ensure HTTP link for mediasets directory
file:
src: /home/mediasets
path: /var/www/html/mediasets
state: link
force: yes
- name: ensure semanage command is available
package:
name: policycoreutils-python
state: present
- name: selinux setup for /home/mediasets
command: "{{item}}"
with_items:
- chcon -R -t httpd_user_content_t /home/mediasets
- semanage boolean -m -1 httpd_unified
- semanage boolean -m -1 httpd_enable_homedirs
- name: install Python dependencies for Ansible Jinja templating
package:
name: python-netaddr
state: present
|
