Fixed exceptions

playbook/cvl2.yml

@@ -3,35 +3,34 @@
   vars_files:
     - massive_var/main.yml
   vars:
-    x509_ca_server: "{{ groups['OpenvpnServer'][0] }}"
-    openvpn_servers: "{{ groups['OpenvpnServer'] }}"
-    slurmctrl: "{{ groups['OpenvpnServer'][0] }}"
+    x509_ca_server: "{{ groups['ManagementNodes'][0] }}"
+    openvpn_servers: "{{ groups['ManagementNodes'] }}"
+    slurmctrl: "{{ groups['ManagementNodes'][0] }}"
     slurmqueues:
       - {name: batch, group: ComputeNodes, default: true}
-      - {name: vis, group: ComputeNodes, default: false}
   roles:
     - { role: etcHosts,  domain: "{{ ldapDomain }}" }
 
-- hosts: 'OpenvpnServer'
+- hosts: 'ManagementNodes'
   vars_files:
     - massive_var/main.yml
     - massive_var/package.yml
     - massive_var/passwords.yml
   vars:
-    x509_ca_server: "{{ groups['OpenvpnServer'][0] }}"
-    openvpn_servers: "{{ groups['OpenvpnServer'] }}"
-    slurmctrl: "{{ groups['OpenvpnServer'][0] }}"
+    x509_ca_server: "{{ groups['ManagementNodes'][0] }}"
+    openvpn_servers: "{{ groups['ManagementNodes'] }}"
+    slurmctrl: "{{ groups['ManagementNodes'][0] }}"
     slurmqueues:
       - {name: batch, group: ComputeNodes, default: true}
   roles:
     - { role: easy-rsa-CA }
-    - { role: OpenVPN-Server }
+    - { role: OpenVPN-Server, configDiskDevice: true, mkFileSystems: {fstype : 'ext4', dev: '/dev/vdc', opts: 'defaults,nofail'} }
     - { role: ntp }
     - { role: openLdapClient }
     - { role: slurm-build }
     - { role: nfs-server, configDiskDevice: false }
     - { role: slurm, slurm_use_vpn: true}
-    - { role: installPackage, cliCopy: {'run': 'cp -r /usr/local/Modules/modulefiles/cvl /usr/local/Modules/modulefiles/massive', 'check': '/usr/local/Modules/modulefiles/massive'} }
+    - { role: installPackage, yumGroupPackageList: ['CVL Pre-installation', 'CVL Base Packages'], cliCopy: {'run': 'cp -r /usr/local/Modules/modulefiles/cvl /usr/local/Modules/modulefiles/massive', 'check': '/usr/local/Modules/modulefiles/massive'} }
   tasks:
     setup:
 
@@ -47,23 +46,23 @@
     - massive_var/passwords.yml
     - massive_var/package.yml
   vars:
-    x509_ca_server: "{{ groups['OpenvpnServer'][0] }}"
-    openvpn_servers: "{{ groups['OpenvpnServer'] }}"
-    slurmctrl: "{{ groups['OpenvpnServer'][0] }}"
+    x509_ca_server: "{{ groups['ManagementNodes'][0] }}"
+    openvpn_servers: "{{ groups['ManagementNodes'] }}"
+    slurmctrl: "{{ groups['ManagementNodes'][0] }}"
     slurmqueues:
       - {name: batch, group: ComputeNodes, default: true}
-    nfs_server: "{{ groups['OpenvpnServer'][0] }}"
+    nfs_server: "{{ groups['ManagementNodes'][0] }}"
     groupList:
       - { name : 'ComputeNodes', interface : 'tun0' }
   roles:
-    - { role: OpenVPN-Client, x509_ca_server: "cvl23server" }
+    - { role: OpenVPN-Client, x509_ca_server: "cvlm2management1" }
     - { role: ntp }
     - { role: openLdapClient }
-    - { role: syncExports, nfs_server: "cvl23server", exportList: [{ name: '/', src: '/usr/local', fstype: 'nfs4', opts: 'defaults,ro,nofail', nfsServerIp: "{{ hostvars['cvl23server']['ansible_tun0']['ipv4']['address'] }}", srvopts: 'ro,fsid=0,sync' }] }
+    - { role: syncExports, nfs_server: "cvlm2management1", exportList: [{ name: '/', src: '/usr/local', fstype: 'nfs4', opts: 'defaults,ro,nofail', nfsServerIp: "{{ hostvars['cvlm2management1']['ansible_tun0']['ipv4']['address'] }}", srvopts: 'ro,fsid=0,sync' }] }
     - { role: nfs-client, exportList: "[{ 'name': '/home', 'src': '/', 'fstype': 'nfs4', 'opts': 'defaults,nofail', 'nfsServerIp': '{{ nfsServerIpAddress }}', 'nfsClientIp': '{{ ansible_tun0.ipv4.address }}', 'srvopts': 'rw,root_squash,fsid=0,sync' }]" }
     - { role: nfs-client, exportList: "[ { 'name': '/usr/local', 'src': '/', 'fstype': 'nfs4', 'opts': 'defaults,ro,nofail', 'nfsServerIp': '{{ hostvars[nfs_server]['ansible_tun0']['ipv4']['address'] }}', 'srvopts': 'ro,fsid=0,sync' }]" }
     - { role: slurm, slurm_use_vpn: true}
-    - { role: installPackage, preInstallation: "umount /usr/local", postInstallation: "mount /usr/local", yumGroupPackageList: ["CVL Pre-installation", "CVL Base Packages", "CVL System", "CVL System Extension"] }
+    - { role: installPackage, preInstallation: "umount /usr/local", postInstallation: "mount /usr/local", yumGroupPackageList: ["CVL Pre-installation", "CVL Base Packages"], cliFileCopy: {'src': '/tmp/gconf_path', 'dest': '/etc/gconf/2/path'} }
 
 - hosts: all 
   vars_files:
@@ -71,16 +70,46 @@
   roles:
     - { role: etcHosts, domain: "{{ ldapDomain }}" }
 
-- hosts: 'LoginNode'
+- hosts: 'ComputeNodesLarge'
+  vars_files:
+    - massive_var/main.yml
+    - massive_var/passwords.yml
+    - massive_var/package.yml
+  vars:
+    x509_ca_server: "{{ groups['ManagementNodes'][0] }}"
+    openvpn_servers: "{{ groups['ManagementNodes'] }}"
+    slurmctrl: "{{ groups['ManagementNodes'][0] }}"
+    slurmqueues:
+      - {name: multicore, group: ComputeNodesLarge, default: true}
+    nfs_server: "{{ groups['ManagementNodes'][0] }}"
+    groupList:
+      - { name : 'ComputeNodes', interface : 'tun0' }
+  roles:
+    - { role: OpenVPN-Client, x509_ca_server: "cvlm2management1" }
+    - { role: ntp }
+    - { role: openLdapClient }
+    - { role: syncExports, nfs_server: "cvlm2management1", exportList: [{ name: '/', src: '/usr/local', fstype: 'nfs4', opts: 'defaults,ro,nofail', nfsServerIp: "{{ hostvars['cvlm2management1']['ansible_tun0']['ipv4']['address'] }}", srvopts: 'ro,fsid=0,sync' }] }
+    - { role: nfs-client, exportList: "[{ 'name': '/home', 'src': '/', 'fstype': 'nfs4', 'opts': 'defaults,nofail', 'nfsServerIp': '{{ nfsServerIpAddress }}', 'nfsClientIp': '{{ ansible_tun0.ipv4.address }}', 'srvopts': 'rw,root_squash,fsid=0,sync' }]" }
+    - { role: nfs-client, exportList: "[ { 'name': '/usr/local', 'src': '/', 'fstype': 'nfs4', 'opts': 'defaults,ro,nofail', 'nfsServerIp': '{{ hostvars[nfs_server]['ansible_tun0']['ipv4']['address'] }}', 'srvopts': 'ro,fsid=0,sync' }]" }
+    - { role: slurm, slurm_use_vpn: true}
+    - { role: installPackage, preInstallation: "umount /usr/local", postInstallation: "mount /usr/local", yumGroupPackageList: ["CVL Pre-installation", "CVL Base Packages"], cliFileCopy: {'src': '/tmp/gconf_path', 'dest': '/etc/gconf/2/path'} }
+
+- hosts: all 
+  vars_files:
+    - massive_var/main.yml
+  roles:
+    - { role: etcHosts, domain: "{{ ldapDomain }}" }
+
+- hosts: 'LoginNodes'
   vars_files:
     - massive_var/main.yml
     - massive_var/passwords.yml
   vars:
     groupList:
       - { name : 'ComputeNodes', interface : 'tun0' }
-    x509_ca_server: "{{ groups['OpenvpnServer'][0] }}"
-    openvpn_servers: "{{ groups['OpenvpnServer'] }}"
-    slurmctrl: "{{ groups['OpenvpnServer'][0] }}"
+    x509_ca_server: "{{ groups['ManagementNodes'][0] }}"
+    openvpn_servers: "{{ groups['ManagementNodes'] }}"
+    slurmctrl: "{{ groups['ManagementNodes'][0] }}"
     slurmqueues:
       - {name: batch, group: ComputeNodes, default: true}
 #      - {name: vis, group: ComputeNodes, default: false}
@@ -90,5 +119,5 @@
     - { role: openLdapClient }
     - { role: nfs-client, exportList: "[{ 'name': '/home', 'src': '/', 'fstype': 'nfs4', 'opts': 'defaults,nofail', 'nfsServerIp': '{{ nfsServerIpAddress }}', 'nfsClientIp': '{{ ansible_tun0.ipv4.address }}', 'srvopts': 'rw,root_squash,fsid=0,sync' }]" }
     - { role: slurm, slurm_use_vpn: true}
-    - { role: installPackage, importRepo: { command: "wget http://cvlrepo.massive.org.au/repo/cvl.repo -O", destination: "/etc/yum.repos.d/cvl.repo" }, yumGroupPackageList: ['CVL Pre-installation', 'CVL Base Packages', 'CVL System', 'CVL System Extension'], cliCopy: {'run': 'cp -r /usr/local/Modules/modulefiles/cvl /usr/local/Modules/modulefiles/massive', 'check': '/usr/local/Modules/modulefiles/massive'} }
+    - { role: installPackage, importRepo: { command: "wget http://cvlrepo.massive.org.au/repo/cvl.repo -O", destination: "/etc/yum.repos.d/cvl.repo" }, yumGroupPackageList: ['CVL Pre-installation', 'CVL Base Packages'], cliCopy: {'run': 'cp -r /usr/local/Modules/modulefiles/cvl /usr/local/Modules/modulefiles/massive', 'check': '/usr/local/Modules/modulefiles/massive'} }
 

roles/OpenVPN-Server/tasks/installOpenVPN.yml

@@ -4,6 +4,12 @@
   notify: "restart openvpn"
   sudo: true
 
+- name: Create path
+  shell: mkdir -p {{ dhparms_file | dirname }}
+  args:
+    creates: "{{ dhparms_file | dirname }}"
+  sudo: true
+
 - name: "Generate DH parameters"
   shell: openssl dhparam -out {{ dhparms_file }} 512
   args:

roles/easy-rsa-certificate/tasks/buildCert.yml

@@ -53,17 +53,18 @@
 - name: "Create node tmp directory"
   delegate_to: 127.0.0.1
   shell: "mkdir -p /tmp/{{ inventory_hostname }} ; chmod 755 /tmp/{{ inventory_hostname }}"
+  when: x509_ca_server != inventory_hostname
 
 - name: "Copy CSR to ansible host"
   fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr dest=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr fail_on_missing=yes validate_md5=yes flat=yes"
   sudo: true
-  when: needcert
+  when: needcert and x509_ca_server != inventory_hostname
 
 - name: "Copy CSR to CA"
   remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
   delegate_to: "{{ x509_ca_server }}"
   copy: "src=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr dest=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr force=yes"
-  when: needcert
+  when: needcert and x509_ca_server != inventory_hostname
   sudo: true
 
 - name: "Sign Certificate"
@@ -78,35 +79,35 @@
   delegate_to: "{{ x509_ca_server }}"
   fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt dest=/tmp/{{ inventory_hostname }}/{{ x509_common_name }}.crt fail_on_missing=yes validate_md5=yes flat=yes"
   sudo: true
-  when: needcert
+  when: needcert and x509_ca_server != inventory_hostname
 
 - name: "Copy the CA Certificate to the ansible host"
   remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
   delegate_to: "{{ x509_ca_server }}"
   fetch: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=/tmp/{{ inventory_hostname }}/ca.crt fail_on_missing=yes validate_md5=yes flat=yes"
   sudo: true
-  when: "ca_cert.stat.exists == false"
+  when: ca_cert.stat.exists == false and x509_ca_server != inventory_hostname
 
 - name: "Make sure the path to the certificate exists"
   shell: "mkdir -p `dirname {{ x509_cert_file }}` ; chmod 755  `dirname {{ x509_cert_file }}`"
-  sudo: true
+  sudo: true 
 
 - name: "Copy the certificate to the node"
   copy: "src=/tmp/{{ inventory_hostname }}/{{ x509_common_name }}.crt dest=/tmp/{{ x509_common_name }}.crt force=yes"
   sudo: true
-  when: needcert
+  when: needcert and x509_ca_server != inventory_hostname
 
 - name: "Copy the certificate to the right location"
   shell: "cp -f /tmp/{{ x509_common_name }}.crt {{ x509_cert_file }}"
   sudo: true
-  when: needcert
+  when: needcert and x509_ca_server != inventory_hostname
 
 - name: "Copy the CA certificate to the node"
   copy: "src=/tmp/{{ inventory_hostname }}/ca.crt dest={{ x509_cacert_file }}"
   sudo: true
-  when: "ca_cert.stat.exists == false"
+  when: ca_cert.stat.exists == false and x509_ca_server != inventory_hostname
 
 - name: "Copy the key to the correct location"
   shell: "mkdir -p `dirname {{ x509_key_file }}` ; chmod 700 `dirname {{ x509_key_file }}` ; cp /etc/easy-rsa/2.0/keys/{{ x509_common_name }}.key {{ x509_key_file }}"
   sudo: true
-  when: needcert
+  when: needcert and x509_ca_server != inventory_hostname

roles/nfs-server/defaults/main.yml

----
-mkFileSystems:
- - { fstype : 'ext4', dev : '/dev/vdc', opts: '' } 
-configDiskDevice: true 

roles/nfs-server/tasks/main.yml

 ---
 - include: mkFilesystem.yml 
+- include: fileSymbolicLink.yml
 - include: startServer.yml

roles/nfs-server/tasks/mkFilesystem.yml

 ---
--
- name: Format File Systems
- filesystem: fstype={{ item.fstype }} dev={{ item.dev }} opts={{ item.opts }}
- with_items: mkFileSystems
- when: configDiskDevice
--
- name: Mount file systems
- mount: name=/mnt/{{ item.dev | basename }} src={{ item.dev }} fstype={{ item.fstype }} opts=loop state=mounted
- with_items: mkFileSystems
- when: configDiskDevice
+- name: Format File Systems
+  filesystem: fstype={{ item.fstype }} dev={{ item.dev }} opts={{ item.opts }}
+  with_items: mkFileSystems
+  sudo: true
+  when: configDiskDevice
+
+- name: Mount device 
+  mount: name={{ item.name }} src={{ item.dev }} fstype={{ item.fstype }} opts={{ item.mntopts }} state=mounted
+  with_items: mkFileSystems
+  sudo: true
+  when: configDiskDevice