Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

noc-cc01: add new rhel9 noc in rdu-cc named better

Browse source 
The old cloud-noc-os01 was for the old openstack we used to have and
wanted to re-setup in rdu, but never did.

So, lets just move this to more our normal convention.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2024-08-01 13:38:19 -07:00
parent 867139da37
commit f0a562a8e9
3 changed files with 110 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

39
inventory/host_vars/noc-cc01.rdu-cc.fedoraproject.org Normal file
View file

@ -0,0 +1,39 @@
---
datacenter: rdu-cc
dns1: 8.8.8.8
dns2: 8.8.4.4
eth0_ipv4: 8.43.85.50
eth0_ipv4_gw: 8.43.85.254
eth0_ipv4_nm: 23
eth1_ipv4: 172.23.1.4
eth1_ipv4_nm: 24
freezes: false
has_ipv4: yes
ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL9-x86_64/
ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel
lvm_size: 20000
mem_size: 8192
network_connections:
- autoconnect: yes
ip:
address:
- "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
dhcp4: no
dns:
- "{{ dns1 }}"
- "{{ dns2 }}"
dns_search:
- rdu-cc.fedoraproject.org
- fedoraproject.org
gateway4: "{{ eth0_ipv4_gw }}"
mac: "{{ ansible_default_ipv4.macaddress }}"
name: eth0
type: ethernet
num_cpus: 4
public_hostname: noc-cc01.rdu-cc.fedoraproject.org
tcp_ports: ['67', '68']
udp_ports: ['67', '68', '69']
virt_install_command: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 ksdevice=eth0 ks={{ ks_url }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }} nameserver={{ dns1 }} ip={{ eth0_ipv4 }}::{{ eth0_ipv4_gw }}:{{ eth0_ipv4_nm }}:{{ inventory_hostname }}:eth0:none ip={{ eth1_ipv4 }}:::{{ eth1_ipv4_nm }}:{{ inventory_hostname_short }}-mgmt:eth1:none' --network bridge=br0,model=virtio,mac={{ mac_address }} --network=bridge=br1,model=virtio,mac={{ mac_address }} --autostart --noautoconsole --watchdog default --rng /dev/random
vmhost: vmhost-x86-cc03.rdu-cc.fedoraproject.org
volgroup: vg_guests
vpn: true

3
inventory/inventory
View file

@ -216,7 +216,7 @@ batcave01.iad2.fedoraproject.org
log01.iad2.fedoraproject.org log01.iad2.fedoraproject.org
noc01.iad2.fedoraproject.org noc01.iad2.fedoraproject.org
noc02.fedoraproject.org noc02.fedoraproject.org
#cloud-noc01.fedorainfracloud.org noc-cc01.rdu-cc.fedoraproject.org
cloud-noc-os01.rdu-cc.fedoraproject.org cloud-noc-os01.rdu-cc.fedoraproject.org
[logging] [logging]
@ -255,6 +255,7 @@ noc01.iad2.fedoraproject.org
[noc_rdu_cc] [noc_rdu_cc]
cloud-noc-os01.rdu-cc.fedoraproject.org cloud-noc-os01.rdu-cc.fedoraproject.org
noc-cc01.rdu-cc.fedoraproject.org
[memcached] [memcached]
memcached01.iad2.fedoraproject.org memcached01.iad2.fedoraproject.org

69
playbooks/hosts/noc-cc01.rdu-cc.fedoraproject.org.yml Normal file
View file

@ -0,0 +1,69 @@
# This is a basic playbook
- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml"
vars:
myhosts: "noc-cc01.rdu-cc.fedoraproject.org"
- name: make cloud noc hardware
hosts: noc-cc01.rdu-cc.fedoraproject.org
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
roles:
- base
- rkhunter
- nagios_client
- hosts
- ipa/client
- collectd/base
- sudo
- dhcp_server
- tftp_server
- openvpn/client
pre_tasks:
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
tasks:
- import_tasks: "{{ tasks_path }}/motd.yml"
- name: install some packages which arent in playbooks
package:
state: present
name:
- nmap
- tcpdump
- name: check if ntpd port is already known by selinux
shell: semanage port -l | grep ntp
register: ntp_selinux_port
check_mode: no
changed_when: false
failed_when: false
tags:
- config
- selinux
- name: allow alternate ntpd port
command: semanage port -a -t ntp_port_t -p tcp 124
when: '"124" not in ntp_selinux_port'
failed_when: false
tags:
- config
- selinux
- name: allow alternate ntpd port
command: semanage port -a -t ntp_port_t -p udp 124
when: '"124" not in ntp_selinux_port'
failed_when: false
tags:
- config
- selinux
handlers:
- import_tasks: "{{ handlers_path }}/restart_services.yml"