2017-08-31 16:29:10 +00:00
|
|
|
- include: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=odcs:odcs-stg"
|
|
|
|
|
|
|
|
|
|
- name: make the box be real
|
|
|
|
|
hosts: odcs:odcs-stg
|
|
|
|
|
user: root
|
|
|
|
|
gather_facts: True
|
|
|
|
|
|
|
|
|
|
vars_files:
|
|
|
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
|
|
|
- "/srv/private/ansible/vars.yml"
|
|
|
|
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
|
|
|
|
|
|
|
|
|
pre_tasks:
|
|
|
|
|
- include: "{{ tasks_path }}/yumrepos.yml"
|
|
|
|
|
|
|
|
|
|
roles:
|
|
|
|
|
- base
|
|
|
|
|
- rkhunter
|
|
|
|
|
- nagios_client
|
|
|
|
|
- hosts
|
|
|
|
|
- fas_client
|
|
|
|
|
- rsyncd
|
|
|
|
|
- sudo
|
|
|
|
|
- collectd/base
|
|
|
|
|
|
|
|
|
|
tasks:
|
|
|
|
|
- include: "{{ tasks_path }}/2fa_client.yml"
|
|
|
|
|
- include: "{{ tasks_path }}/motd.yml"
|
|
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
|
- include: "{{ handlers_path }}/restart_services.yml"
|
|
|
|
|
|
|
|
|
|
- name: openvpn on the prod frontend nodes
|
|
|
|
|
hosts: odcs-frontend
|
|
|
|
|
user: root
|
|
|
|
|
gather_facts: True
|
|
|
|
|
|
|
|
|
|
vars_files:
|
|
|
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
|
|
|
- "/srv/private/ansible/vars.yml"
|
|
|
|
|
- "{{ vars_path }}/{{ ansible_distribution }}.yml"
|
|
|
|
|
|
|
|
|
|
roles:
|
|
|
|
|
- openvpn/client
|
|
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
|
- include: "{{ handlers_path }}/restart_services.yml"
|
|
|
|
|
|
2017-09-18 17:48:37 +00:00
|
|
|
- name: Set up a gluster share on the backend for the frontend
|
2017-09-18 17:54:34 +00:00
|
|
|
hosts: odcs:odcs-stg
|
2017-09-18 17:48:37 +00:00
|
|
|
user: root
|
|
|
|
|
gather_facts: True
|
|
|
|
|
|
|
|
|
|
vars_files:
|
|
|
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
|
|
|
- "/srv/private/ansible/vars.yml"
|
|
|
|
|
- "{{ vars_path }}/{{ ansible_distribution }}.yml"
|
2017-09-27 19:30:37 +00:00
|
|
|
vars:
|
|
|
|
|
gluster_brick_dir: /srv/glusterfs/
|
|
|
|
|
gluster_mount_dir: /srv/odcs
|
|
|
|
|
gluster_brick_name: odcs
|
|
|
|
|
gluster_server_group: odcs-stg
|
2017-09-22 11:20:18 +00:00
|
|
|
tasks:
|
2017-09-27 19:30:37 +00:00
|
|
|
- name: install needed packages for server
|
|
|
|
|
package: name={{ item }} state=present
|
|
|
|
|
with_items:
|
|
|
|
|
- glusterfs-server
|
|
|
|
|
tags:
|
|
|
|
|
- packages
|
|
|
|
|
|
|
|
|
|
- name: start glusterd for the server
|
2017-09-27 19:48:04 +00:00
|
|
|
service: name=glusterd state=started enabled=true
|
2017-09-27 19:30:37 +00:00
|
|
|
|
|
|
|
|
- name: Servers discover each other.
|
|
|
|
|
command: gluster peer probe {{ item }}
|
|
|
|
|
with_items: '{{groups[gluster_server_group]}}'
|
|
|
|
|
run_once: true
|
|
|
|
|
|
|
|
|
|
- name: install needed packages for client
|
|
|
|
|
package: name={{ item }} state=present
|
|
|
|
|
with_items:
|
|
|
|
|
- glusterfs-fuse
|
2017-09-28 12:26:12 +00:00
|
|
|
- libselinux-python
|
2017-09-27 19:30:37 +00:00
|
|
|
tags:
|
|
|
|
|
- packages
|
2017-09-28 12:26:12 +00:00
|
|
|
- gluster
|
|
|
|
|
|
|
|
|
|
- name: set sebooleans so httpd can talk to the gluster mount.
|
|
|
|
|
seboolean: name={{ item }}
|
|
|
|
|
state=true
|
|
|
|
|
persistent=true
|
|
|
|
|
with_items:
|
|
|
|
|
- nis_enabled
|
|
|
|
|
- httpd_use_fusefs
|
|
|
|
|
tags:
|
|
|
|
|
- gluster
|
2017-09-27 19:30:37 +00:00
|
|
|
|
|
|
|
|
- name: Ensure Gluster brick and mount directories exist.
|
|
|
|
|
file: "path={{ item }} state=directory mode=0775"
|
|
|
|
|
with_items:
|
|
|
|
|
- "{{ gluster_brick_dir }}"
|
|
|
|
|
- "{{ gluster_mount_dir }}"
|
|
|
|
|
|
|
|
|
|
- name: Configure Gluster volume.
|
|
|
|
|
gluster_volume:
|
|
|
|
|
state: present
|
|
|
|
|
name: "{{ gluster_brick_name }}"
|
|
|
|
|
brick: "{{ gluster_brick_dir }}"
|
|
|
|
|
replicas: 2
|
|
|
|
|
cluster: "{{ groups[gluster_server_group] | join(',') }}"
|
|
|
|
|
host: "{{ inventory_hostname }}"
|
|
|
|
|
force: yes
|
|
|
|
|
run_once: true
|
|
|
|
|
ignore_errors: true
|
|
|
|
|
|
|
|
|
|
- name: Ensure Gluster volume is mounted.
|
|
|
|
|
mount:
|
|
|
|
|
name: "{{ gluster_mount_dir }}"
|
|
|
|
|
src: "{{ inventory_hostname }}:/{{ gluster_brick_name }}"
|
|
|
|
|
fstype: glusterfs
|
|
|
|
|
opts: "defaults,_netdev"
|
|
|
|
|
state: mounted
|
2017-09-22 11:20:18 +00:00
|
|
|
|
2017-09-20 10:11:05 +08:00
|
|
|
- name: Set up odcs frontend service
|
|
|
|
|
hosts: odcs-frontend:odcs-frontend-stg
|
|
|
|
|
user: root
|
|
|
|
|
gather_facts: True
|
|
|
|
|
|
|
|
|
|
vars_files:
|
|
|
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
|
|
|
- "/srv/private/ansible/vars.yml"
|
|
|
|
|
- "{{ vars_path }}/{{ ansible_distribution }}.yml"
|
|
|
|
|
|
|
|
|
|
roles:
|
|
|
|
|
- mod_wsgi
|
2017-09-27 19:30:17 +00:00
|
|
|
- fedmsg/base
|
2017-09-20 10:11:05 +08:00
|
|
|
- odcs/frontend
|
|
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
|
- include: "{{ handlers_path }}/restart_services.yml"
|
|
|
|
|
|
2017-09-22 11:20:18 +00:00
|
|
|
- name: Set up odcs backend service
|
2017-09-20 10:11:05 +08:00
|
|
|
hosts: odcs-backend:odcs-backend-stg
|
|
|
|
|
user: root
|
|
|
|
|
gather_facts: True
|
|
|
|
|
|
|
|
|
|
vars_files:
|
|
|
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
|
|
|
- "/srv/private/ansible/vars.yml"
|
|
|
|
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
|
|
|
|
|
|
|
|
|
roles:
|
2017-09-27 19:30:17 +00:00
|
|
|
- fedmsg/base
|
2017-09-20 10:11:05 +08:00
|
|
|
- odcs/backend
|
|
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
|
- include: "{{ handlers_path }}/restart_services.yml"
|
