Fixed nfs client mount for different options

roles/OpenVPN-Server/tasks/copyCerts.yml

@@ -2,7 +2,8 @@
 - name: "Copying CA and server certificate"
   shell: "cp -pvf /etc/easy-rsa/2.0/keys/ca.crt /etc/openvpn/; cp -pvf /etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.crt /etc/openvpn/; cp -pvf /etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.key /etc/openvpn/"
   args:
-    creates: /etc/openvpn/ca.crt
+    chdir: /etc/openvpn/
+    creates: ca.crt
 - name: "Create symlink for Diffie Hellman"
   file: "src=/etc/easy-rsa/2.0/keys/dh512.pem dest=/etc/openvpn/dh512.pem state=link"
 - name: "Copying server.conf to the OpenVPN server"

roles/nfs-client/defaults/main.yml

 ---
-nfs_server: "nfsserver.edu" 
-nfs_type: "nfs"
-nfs_options: "vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock"
+nfsClientSrcDir: ['/mnt']
+nfsClientDestDir: ['/mnt/test-nfs']
+nfs_server: 'nfsserver.edu' 
+nfs_type: 'nfs'
+nfs_options: 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock'

roles/nfs-client/tasks/mountFileSystem.yml

 --- 
-- 
-  mount: "name={{ item.0 }} src={{ nfs_server }}:{{ item.1 }} fstype={{ nfs_type }} opts={{ nfs_options }} state=mounted"
-  name: "Mounting NFS mounts"
-  with_together: 
-    - destDir
-    - srcDir
+- name: "Mounting NFS mounts"
+  mount: "name={{ nfsClientDestDir }} src={{ nfs_server }}:{{ nfsClientSrcDir }} fstype={{ nfs_type }} opts={{ nfs_options }} state=mounted"
   notify: "restart authentication"
   notify: "restart idmap"
   sudo: true 

roles/nfs-client/vars/main.yml

----
-srcDir: ['/mnt']
-destDir: ['/mnt/test-nfs']

roles/nfs-server/tasks/startServer.yml

 --- 
-- 
-  name: "Starting rpcbind"
-  service: "name=rpcbind state=started"
-- 
-  name: "Copying /etc/exports template"
+- name: "Copying /etc/exports template"
   template: "src=exports.j2 dest=/etc/exports mode=0644 owner=root"
-- 
-  name: "Start the Server"
-  service: "name=nfs state=started"
+  sudo: true
+- name: "Starting rpcbind"
+  service: "name=rpcbind state=restarted"
+  sudo: true
+- name: "Start the Server"
+  service: "name=nfs state=restarted"
+  sudo: true
+

roles/nfs-server/templates/exports.j2

-{{ srcDir }}	{{ nfs_network }}(rw,sync,root_squash)
+{{ nfsServerSrcDir }} {{ nfs_network }}{{ nfsServerMountOption }}

roles/nfs-server/vars/main.yml

----
-srcDir: '/mnt'

roles/openLdapClient/handlers/main.yml

 ---
-- name: auth config
-  shell: authconfig --updateall
-  sudo: true
-
 - name: restart sssd 
   service: name=sssd state=restarted
   sudo: true

roles/openLdapClient/tasks/configLdapClient.yml

@@ -19,7 +19,7 @@
   lineinfile: dest=/etc/hosts line="{{ ldapServerHost }}" state=present insertafter=EOF
   sudo: true
 
-- name: "Copy ldap.conf file "
+- name: "Copy ldap.conf file"
   template: src=ldap.conf.j2 dest=/etc/openldap/ldap.conf
   sudo: true
 
@@ -30,6 +30,6 @@
 - name: "Copy sssd.conf to ldap client"
   template: src=sssd.j2 dest=/etc/sssd/sssd.conf owner=root group=root mode=600
   sudo: true
-  notify: auth config 
+  notify: restart sssd
 
 

roles/openLdapClient/tasks/main.yml

 ---
 -
- include: installOpenLdap.yml 
+  include: installOpenLdap.yml 
 -
- include: configLdapClient.yml 
+  include: configLdapClient.yml 

roles/openLdapClient/templates/idmapd.conf.j2

@@ -2,7 +2,7 @@
 #Verbosity = 0
 # The following should be set to the local NFSv4 domain name
 # The default is the host's DNS domain name.
-Domain = {{ ldapDomain }} 
+Domain = {{ ldapDomain }}
 
 # The following is a comma-separated list of Kerberos realm
 # names that should be considered to be equivalent to the

roles/openLdapClient/templates/ldap.conf.j2

-TLS_CACERTDIR {{ tlsCaCertDirectory }} 
+TLS_CACERTDIR {{ tlsCaCertDirectory }}
 TLS_CACERT {{ tlsCaCertFile }}
 URI {{ ldapUri }}
-BASE {{ ldapBase }} 
+BASE {{ ldapBase }}
 
 timelimit 120
 bind_timelimit 120

roles/openLdapClient/templates/nsswitch.conf.j2

@@ -30,9 +30,9 @@
 #shadow:    db files nisplus nis
 #group:     db files nisplus nis
 
-passwd:     files ldap 
-shadow:     files ldap
-group:      files ldap
+passwd:     files sss 
+shadow:     files sss 
+group:      files sss 
 
 #hosts:     db files nisplus nis dns
 hosts:      files dns
@@ -52,9 +52,9 @@ netmasks:   files
 networks:   files
 protocols:  files
 rpc:        files
-services:   files
+services:   files sss
 
-netgroup:   files ldap
+netgroup:   files sss 
 
 publickey:  nisplus
 

roles/openLdapClient/templates/pam_ldap.conf.j2

@@ -17,7 +17,7 @@
 #host 127.0.0.1
 
 # The distinguished name of the search base.
-base {{ ldapBase }} 
+base {{ ldapBase }}
 
 # Another way to specify your LDAP server is to provide an
 # uri with the server name. This allows to use
@@ -27,7 +27,7 @@ base {{ ldapBase }}
 #uri ldapi://%2fvar%2frun%2fldapi_sock/
 # Note: %2f encodes the '/' used as directory separator
 # [aulmc used to be 11/10/2013 # uri ldap://m2-w.massive.org.au/ 
-uri {{ ldapDomain }} 
+uri {{ ldapDomain }}
 
 # The LDAP version to use (defaults to 3
 # if supported by client library)
@@ -39,7 +39,7 @@ binddn {{ ldapDn }}
 
 # The credentials to bind with. 
 # Optional: default is no credential.
-bindpw {{ ldapPassword }} 
+bindpw {{ ldapPassword }}
 
 # The distinguished name to bind to the server with
 # if the effective user ID is root. Password is
@@ -300,7 +300,7 @@ pam_password md5
 ssl no
 #tls_cacertdir /etc/openldap/cacerts
 #pam_password md5
-tls_cacertdir {{ tlsCaCertDirectory }} 
+tls_cacertdir {{ tlsCaCertDirectory }}
 tls_cacertfile {{ tlsCaCertFile }}
 
 {{ ldapRfc2307Pam }}

roles/openLdapClient/templates/sssd.j2

@@ -2,18 +2,13 @@
 config_file_version = 2
 domains = {{ ldapDomain }}
 services = nss, pam, autofs
-# SSSD will not start if you do not configure any domains.
-# Add new domain configurations as [domain/<NAME>] sections, and
-# then add the list of domains (in the order you want them to be
-# queried) to the "domains" attribute below and uncomment it.
-; domains = LDAP
 
 [nss]
 filter_users = root
 
 [pam]
 
-[domain/{{ ldapDomain}}]
+[domain/{{ ldapDomain }}]
 ldap_referrals = false
 cache_credentials = false
 entry_cache_timeout=3600
@@ -28,11 +23,11 @@ access_provider = ldap
 ldap_uri = {{ ldapUri }} 
 ldap_id_use_start_tls = True
 ldap_tls_reqcert = allow 
-ldap_tls_cacertdir = {{ tlsCaCertDirectory }} 
+ldap_tls_cacertdir = {{ tlsCaCertDirectory }}
 ldap_tls_cacert = {{ cacertFile }}
-ldap_default_bind_dn = {{ ldapDn }} 
+ldap_default_bind_dn = {{ ldapDn }}
 ldap_default_authtok_type = password
-ldap_default_authtok = {{ ldapPassword }} 
+ldap_default_authtok = {{ ldapPassword }}
 
 {{ ldapRfc2307 }}
 

roles/slurm-build/tasks/main.yml

@@ -31,10 +31,15 @@
     chdir: /tmp
     creates: /tmp/slurm-{{ slurm_version }}.tar.bz2
 
+- name: check munge installation
+  shell: rpm -qa munge
+  register: munge_installed
+
 - name: install munge deps
   shell: rpm -i /root/rpmbuild/RPMS/x86_64/munge-libs-{{ munge_version }}-1.el6.x86_64.rpm /root/rpmbuild/RPMS/x86_64/munge-{{ munge_version }}-1.el6.x86_64.rpm /root/rpmbuild/RPMS/x86_64/munge-devel-{{ munge_version }}-1.el6.x86_64.rpm
   sudo: true
-  ignore_errors: true
+#  ignore_errors: true
+  when: munge_installed | failed 
 
 - name: make slurm rpms
   shell: rpmbuild -ta --clean slurm-{{ slurm_version }}.tar.bz2
@@ -49,7 +54,15 @@
   args:
     creates: /tmp/rpmbuild/RPMS/x86_64/slurm-{{ slurm_version }}-1.el6.x86_64.rpm
 
+#- name: retrieve rpms
+#  shell: scp -r {{ hostvars[ansible_hostname]['ansible_user_id'] }}@{{ ansible_ssh_host }}:/tmp/rpmbuild/ /tmp
+#  delegate_to: 127.0.0.1
+#  when: ansible_ssh_host | defined
+#  when: ansible_ssh_host | defined
+#  sudo: true
+
 - name: retrieve rpms
-  shell: scp -r {{ hostvars[ansible_hostname]['ansible_user_id'] }}@{{ ansible_ssh_host }}:/tmp/rpmbuild/ /tmp
+  shell: scp -r {{ hostvars[ansible_hostname]['ansible_user_id'] }}@{{ ansible_hostname }}:/tmp/rpmbuild/ /tmp
   delegate_to: 127.0.0.1
+#  when: ansible_ssh_host | not defined
 

scripts/make_passwords.py

@@ -25,13 +25,10 @@ try:
     f=open(pwpath,'r')
     data=yaml.load(f.read())
     f.close()
+    print data
 except Exception as e:
-    pass
-if data==None:
     data={}
 
-print data
-
 for pw in required_passwords.keys():
     if data.has_key(pw):
         pass

topplay.yml

@@ -58,8 +58,6 @@
 
 - hosts: ComputeNodes:ManagmentNodes:LoginNodes
   vars:
-    slurm_version: 14.11.0
-    munge_version: 0.5.11
     slurmqueues: 
       - {name: batch, group: ComputeNodes}
     slurmctrl: "{{ groups['ManagmentNodes'][0] }}"