From 9cec78444844458c4072c384f96250dde603a357 Mon Sep 17 00:00:00 2001
From: Chris Hines <chris.hines@monash.edu>
Date: Thu, 27 Nov 2014 03:56:54 +0000
Subject: [PATCH] the topplay I'm currently using
---
topplay.yml | 153 +++++++++++++++-------------------------------------
1 file changed, 43 insertions(+), 110 deletions(-)
diff --git a/topplay.yml b/topplay.yml
index ce7eb62f..cebc4b6c 100644
--- a/topplay.yml
+++ b/topplay.yml
@@ -1,153 +1,86 @@
---
+# First we need hostname -f to return the correct domain
+
- hosts: '*'
roles:
- - etcHosts
-
-#- hosts: 'x509_ca'
-# vars:
-# roles:
-# - { role: easy-rsa-CA }
-#
-#- hosts: 'OpenVPN-Server'
-# vars:
-# x509_ca_server: "{{ groups['x509_ca'][0] }}"
-# roles:
-# - { role: OpenVPN-Server }
-#
-#- hosts: 'OpenVPN-Client'
-# vars:
-# x509_ca_server: "{{ groups['x509_ca'][0] }}"
-# openvpn_servers: "{{ groups['OpenVPN-Server'] }}"
-# roles:
-# - { role: OpenVPN-Client }
-#
-#
-#- hosts: 'SubmitHost'
-# roles:
-# - { role: slurm-build, slurm_version: 14.11.0, munge_version: 0.5.11 }
+ - {role: etcHosts, domain: 'test.massive.org.au' }
+
+# Create an x509 CA. Certificates are used for the VPN, the ldap server and the web server (karaage)
- hosts: ManagmentNodes[0]
vars:
roles:
- { role: easy-rsa-CA }
-- hosts: 'OpenVPN-Server'
+- hosts: 'ManagmentNodes'
vars:
- x509_ca_server: "{{ groups['x509_ca'][0] }}"
+ x509_ca_server: "{{ groups['ManagmentNodes'][0] }}"
+ ldapDomain: "dc=test,dc=massive,dc=org,dc=au"
roles:
- { role: OpenVPN-Server }
+ - { role: ldapserver }
-- hosts: 'OpenVPN-Client'
+- hosts: 'karaage'
vars:
- x509_ca_server: "{{ groups['x509_ca'][0] }}"
- openvpn_servers: "{{ groups['OpenVPN-Server'] }}"
+ x509_ca_server: "{{ groups['ManagmentNodes'][0] }}"
+ smtp_smarthost: "does_not_exist.massive.org.au"
+ ldapDomain: "dc=test,dc=massive,dc=org,dc=au"
+ ldapURL: "ldaps://{{ hostvars[groups['ManagmentNodes'][0]]['ansible_fqdn'] }}"
roles:
- - { role: OpenVPN-Client }
+ - { role: karaage2.7 }
-- hosts: ComputeNode
- vars:
- openmpi_version: 1.8.3
- build_node: aciab-comp-0
- roles:
+# The next two tasks, apply the VPN and recalcuate /etc/hosts. Comment them if you are on a secure network
-- hosts: 'x509_ca'
+- hosts: ComputeNodes
vars:
- openmpi_version: 1.8.3
- build_node: aciab-comp-0
+ x509_ca_server: "{{ groups['ManagmentNodes'][0] }}"
+ openvpn_servers: "{{ groups['ManagmentNodes'] }}"
roles:
- - { role: easy-rsa-CA }
+ - { role: OpenVPN-Client }
-- hosts: 'OpenVPN-Server'
- vars:
- x509_ca_server: "{{ groups['x509_ca'][0] }}"
+- hosts: '*'
roles:
- - { role: OpenVPN-Server }
+ - {role: etcHosts, domain: 'test.massive.org.au' }
-- hosts: ComputeNodes:ManagmentNodes:LoginNodes
- vars:
- x509_ca_server: "{{ groups['x509_ca'][0] }}"
- openvpn_servers: "{{ groups['OpenVPN-Server'] }}"
- roles:
- - { role: OpenVPN-Client }
+# These tasks build some software (slurm, munge and openmpi) and copy them back to localhost. Skip if you have some other way of getting
+# copyies of these software
-- hosts: ComputeNode
+- hosts: ComputeNodes[0]
vars:
- openmpi_version: 1.8.3
- build_node: aciab-comp-0
-
-- hosts: 'SubmitHost'
+ slurm_version: 14.11.0
+ munge_version: 0.5.11
roles:
- - { role: slurm-build, slurm_version: 14.11.0, munge_version: 0.5.11 }
+ - { role: slurm-build }
-- hosts: '*'
- roles:
- - etcHosts
+# Slurm and openmpi tasks assume copies of the software in /tmp under a very specific directory strucutre (created by the build tasks above) Modifiy
+# the roles if you have a different way of installing the software
-- hosts: ComputeNodes|ManagmentNodes|LoginNodes
+- hosts: ComputeNodes:ManagmentNodes:LoginNodes
vars:
slurm_version: 14.11.0
munge_version: 0.5.11
slurmqueues:
- - {name: DEFAULT, group: ComputeNode}
- - {name: batch, group: ComputeNode}
- - {name: gpu, group: ComputeNode}
- slurmctrl: "{{ groups['SubmitHost'][0] }}"
- roles:
- - { role: slurm }
- - { role: test_user }
- - { role: openmpi-build }
- - { role: openmpi-build }
- - { role: openmpi-build }
-
-#- hosts: '*'
-# vars:
-# slurm_version: 14.11.0
-# munge_version: 0.5.11
-# slurmqueues:
-# - {name: DEFAULT, group: ComputeNode}
-# - {name: batch, group: ComputeNode}
-# - {name: gpu, group: ComputeNode}
-# slurmctrl: "{{ groups['SubmitHost'][0] }}"
-# roles:
-# - { role: slurm }
-# - { role: test_user }
-#
-- hosts: 'karaage'
- vars:
- x509_ca_server: "{{ groups['x509_ca'][0] }}"
- smtp_smarthost: "does_not_exist.massive.org.au"
- ldapDomain: "dc=test,dc=massive,dc=org,dc=au"
- ldapURL: "ldaps://{{ hostvars[groups['ldapserver'][0]]['ansible_fqdn'] }}"
+ - {name: batch, group: ComputeNodes}
+ slurmctrl: "{{ groups['ManagmentNodes'][0] }}"
roles:
- - { role: karaage2.7 }
+ - { role: slurm, slurm_use_vpn: true} # change to false if you are on a secure network
-- hosts: 'ldapserver'
- vars:
- x509_ca_server: "{{ groups['x509_ca'][0] }}"
- ldapDomain: "dc=test,dc=massive,dc=org,dc=au"
- roles:
- - { role: ldapserver }
-
-- hosts: '*'
- roles:
- - etcHosts
+# These tasks build some software (slurm, munge and openmpi) and copy them back to localhost. Skip if you have some other way of getting
+# copyies of these software
-- hosts: '*'
+- hosts: ComputeNodes[0]
vars:
- slurm_version: 14.11.0
- munge_version: 0.5.11
- slurmqueues:
- - {name: DEFAULT, group: ComputeNode}
- - {name: batch, group: ComputeNode}
- - {name: gpu, group: ComputeNode}
- slurmctrl: "{{ groups['SubmitHost'][0] }}"
+ openmpi_version: 1.8.3
roles:
- - { role: slurm }
- - { role: test_user }
+ - { role: openmpi-build }
+
+# openmpi tasks assume copies of the software in /tmp under a very specific directory strucutre (created by the build tasks above) Modifiy
+# the roles if you have a different way of installing the software
- hosts: ComputeNodes:ManagmentNodes:LoginNodes
vars:
openmpi_version: 1.8.3
roles:
- { role: openmpi }
+
--
GitLab