Merge pull request #24 from CVL-GitHub/slumbranch

Fixed nfs client mount for different options

Merge pull request #24 from CVL-GitHub/slumbranch
Fixed nfs client mount for different options
c1397c0e · Chris Hines · 81251ca3 · 99410a35 · 81251ca3 · c1397c0e
Commit c1397c0e authored 10 years ago by Chris Hines
--- a/roles/OpenVPN-Server/tasks/copyCerts.yml
+++ b/roles/OpenVPN-Server/tasks/copyCerts.yml
--- 
- name: "Copying CA and server certificate"
-  shell: "cp -pvf /etc/easy-rsa/2.0/keys/ca.crt /etc/openvpn/; cp -pvf /etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.crt /etc/openvpn/; cp -pvf /etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.key /etc/openvpn/"
-  args:
-    creates: /etc/openvpn/ca.crt
- name: "Create symlink for Diffie Hellman"
-  file: "src=/etc/easy-rsa/2.0/keys/dh512.pem dest=/etc/openvpn/dh512.pem state=link"
- name: "Copying server.conf to the OpenVPN server"
-  template: src={{ item }} dest=/etc/openvpn/server.conf
-  with_first_found:
-    - files:
-        - server.conf.j2
-        - userConfig
-        - defaultConfig
-      paths:
-        - ../templates/
-        - ../files/
-  notify: restart openvpn
- name: "Start OpenVPN"
-  service: name=openvpn state=started
-  sudo: true
--- a/roles/nfs-client/defaults/main.yml
+++ b/roles/nfs-client/defaults/main.yml
 ---
-nfs_server: "nfsserver.edu" 
+nfsClientSrcDir: '/mnt'
-nfs_type: "nfs"
+nfsClientDestDir: '/mnt/test-nfs'
-nfs_options: "vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock"
+nfs_server: 'nfsserver.edu' 
+nfs_type: 'nfs'
+nfs_options: 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock'
--- a/roles/nfs-client/tasks/mountFileSystem.yml
+++ b/roles/nfs-client/tasks/mountFileSystem.yml
 --- 
-
+- name: "Mounting NFS mounts"
- name: "Get the NFS Network"
+  mount: "name={{ nfsClientDestDir }} src={{ nfs_server }}:{{ nfsClientSrcDir }} fstype={{ nfs_type }} opts={{ nfs_options }} state=mounted"
- setup: filter="ansible_tun0"
- register: nfsServer
- run_once: true
- delegate_to: "{{ nfs_server }}"
- 
-  mount: "name={{ item.0 }} src={{ nfsServer['ansible_facts']['ansible_tun0']['ipv4']['address'] }}:{{ item.1 }} fstype={{ nfs_type }} opts={{ nfs_options }} state=mounted"
-  name: "Mounting NFS mounts"
-  with_together: 
-    - destDir
-    - srcDir
  notify: "restart authentication"
  notify: "restart idmap"
  sudo: true 

--- a/roles/nfs-client/vars/main.yml
+++ b/roles/nfs-client/vars/main.yml
---
-srcDir: ['/mnt']
-destDir: ['/mnt/test-nfs']
--- a/roles/nfs-server/tasks/startServer.yml
+++ b/roles/nfs-server/tasks/startServer.yml
 --- 
- 
+- name: "Copying /etc/exports template"
-  name: "Starting rpcbind"
+  template: "src=exports.j2 dest=/etc/exports mode=0644 owner=root"
-  service: "name=rpcbind state=started"
+  sudo: true
- 
+- name: "Starting rpcbind"
-  name: "Start the Server"
+  service: "name=rpcbind state=restarted"
-  service: "name=nfs state=started"
+  sudo: true
+- name: "Start the Server"
+  service: "name=nfs state=restarted"
+  sudo: true
--- a/roles/openLdapClient/handlers/main.yml
+++ b/roles/openLdapClient/handlers/main.yml
 ---
- name: auth config
-  shell: authconfig --updateall
-  sudo: true
 - name: restart sssd 
  service: name=sssd state=restarted
  sudo: true
--- a/roles/openLdapClient/tasks/configLdapClient.yml
+++ b/roles/openLdapClient/tasks/configLdapClient.yml
@@ -19,7 +19,7 @@
  lineinfile: dest=/etc/hosts line="{{ ldapServerHost }}" state=present insertafter=EOF
  sudo: true
- name: "Copy ldap.conf file "
+- name: "Copy ldap.conf file"
  template: src=ldap.conf.j2 dest=/etc/openldap/ldap.conf
  sudo: true
@@ -30,6 +30,6 @@
 - name: "Copy sssd.conf to ldap client"
  template: src=sssd.j2 dest=/etc/sssd/sssd.conf owner=root group=root mode=600
  sudo: true
-  notify: auth config 
+  notify: restart sssd
--- a/roles/openLdapClient/tasks/main.yml
+++ b/roles/openLdapClient/tasks/main.yml
 ---
 -
- include: installOpenLdap.yml 
+  include: installOpenLdap.yml 
 -
- include: configLdapClient.yml 
+  include: configLdapClient.yml 
--- a/roles/openLdapClient/templates/idmapd.conf.j2
+++ b/roles/openLdapClient/templates/idmapd.conf.j2
@@ -2,7 +2,7 @@
 #Verbosity = 0
 # The following should be set to the local NFSv4 domain name
 # The default is the host's DNS domain name.
-Domain = {{ ldapDomain }} 
+Domain = {{ ldapDomain }}
 # The following is a comma-separated list of Kerberos realm
 # names that should be considered to be equivalent to the

--- a/roles/openLdapClient/templates/ldap.conf.j2
+++ b/roles/openLdapClient/templates/ldap.conf.j2
-TLS_CACERTDIR {{ tlsCaCertDirectory }} 
+TLS_CACERTDIR {{ tlsCaCertDirectory }}
 TLS_CACERT {{ tlsCaCertFile }}
 URI {{ ldapUri }}
-BASE {{ ldapBase }} 
+BASE {{ ldapBase }}
 timelimit 120
 bind_timelimit 120

--- a/roles/openLdapClient/templates/nsswitch.conf.j2
+++ b/roles/openLdapClient/templates/nsswitch.conf.j2
@@ -30,9 +30,9 @@
 #shadow:    db files nisplus nis
 #group:     db files nisplus nis
-passwd:     files ldap 
+passwd:     files sss 
-shadow:     files ldap
+shadow:     files sss 
-group:      files ldap
+group:      files sss 
 #hosts:     db files nisplus nis dns
 hosts:      files dns
@@ -52,9 +52,9 @@ netmasks:   files
 networks:   files
 protocols:  files
 rpc:        files
-services:   files
+services:   files sss
-netgroup:   files ldap
+netgroup:   files sss 
 publickey:  nisplus

--- a/roles/openLdapClient/templates/pam_ldap.conf.j2
+++ b/roles/openLdapClient/templates/pam_ldap.conf.j2
@@ -17,7 +17,7 @@
 #host 127.0.0.1
 # The distinguished name of the search base.
-base {{ ldapBase }} 
+base {{ ldapBase }}
 # Another way to specify your LDAP server is to provide an
 # uri with the server name. This allows to use
@@ -27,7 +27,7 @@ base {{ ldapBase }}
 #uri ldapi://%2fvar%2frun%2fldapi_sock/
 # Note: %2f encodes the '/' used as directory separator
 # [aulmc used to be 11/10/2013 # uri ldap://m2-w.massive.org.au/ 
-uri {{ ldapDomain }} 
+uri {{ ldapDomain }}
 # The LDAP version to use (defaults to 3
 # if supported by client library)
@@ -39,7 +39,7 @@ binddn {{ ldapDn }}
 # The credentials to bind with. 
 # Optional: default is no credential.
-bindpw {{ ldapPassword }} 
+bindpw {{ ldapPassword }}
 # The distinguished name to bind to the server with
 # if the effective user ID is root. Password is
@@ -300,7 +300,7 @@ pam_password md5
 ssl no
 #tls_cacertdir /etc/openldap/cacerts
 #pam_password md5
-tls_cacertdir {{ tlsCaCertDirectory }} 
+tls_cacertdir {{ tlsCaCertDirectory }}
 tls_cacertfile {{ tlsCaCertFile }}
 {{ ldapRfc2307Pam }}
--- a/roles/openLdapClient/templates/sssd.j2
+++ b/roles/openLdapClient/templates/sssd.j2
@@ -2,18 +2,13 @@
 config_file_version = 2
 domains = {{ ldapDomain }}
 services = nss, pam, autofs
-# SSSD will not start if you do not configure any domains.
-# Add new domain configurations as [domain/<NAME>] sections, and
-# then add the list of domains (in the order you want them to be
-# queried) to the "domains" attribute below and uncomment it.
-; domains = LDAP
 [nss]
 filter_users = root
 [pam]
-[domain/{{ ldapDomain}}]
+[domain/{{ ldapDomain }}]
 ldap_referrals = false
 cache_credentials = false
 entry_cache_timeout=3600
@@ -28,11 +23,11 @@ access_provider = ldap
 ldap_uri = {{ ldapUri }} 
 ldap_id_use_start_tls = True
 ldap_tls_reqcert = allow 
-ldap_tls_cacertdir = {{ tlsCaCertDirectory }} 
+ldap_tls_cacertdir = {{ tlsCaCertDirectory }}
 ldap_tls_cacert = {{ cacertFile }}
-ldap_default_bind_dn = {{ ldapDn }} 
+ldap_default_bind_dn = {{ ldapDn }}
 ldap_default_authtok_type = password
-ldap_default_authtok = {{ ldapPassword }} 
+ldap_default_authtok = {{ ldapPassword }}
 {{ ldapRfc2307 }}

--- a/roles/slurm-build/tasks/main.yml
+++ b/roles/slurm-build/tasks/main.yml
@@ -31,10 +31,15 @@
    chdir: /tmp
    creates: /tmp/slurm-{{ slurm_version }}.tar.bz2
+- name: check munge installation
+  shell: rpm -qa munge
+  register: munge_installed
 - name: install munge deps
  shell: rpm -i /root/rpmbuild/RPMS/x86_64/munge-libs-{{ munge_version }}-1.el6.x86_64.rpm /root/rpmbuild/RPMS/x86_64/munge-{{ munge_version }}-1.el6.x86_64.rpm /root/rpmbuild/RPMS/x86_64/munge-devel-{{ munge_version }}-1.el6.x86_64.rpm
  sudo: true
-  ignore_errors: true
+#  ignore_errors: true
+  when: munge_installed | failed 
 - name: make slurm rpms
  shell: rpmbuild -ta --clean slurm-{{ slurm_version }}.tar.bz2
@@ -49,7 +54,15 @@
  args:
    creates: /tmp/rpmbuild/RPMS/x86_64/slurm-{{ slurm_version }}-1.el6.x86_64.rpm
+#- name: retrieve rpms
+#  shell: scp -r {{ hostvars[ansible_hostname]['ansible_user_id'] }}@{{ ansible_ssh_host }}:/tmp/rpmbuild/ /tmp
+#  delegate_to: 127.0.0.1
+#  when: ansible_ssh_host | defined
+#  when: ansible_ssh_host | defined
+#  sudo: true
 - name: retrieve rpms
-  shell: scp -r {{ hostvars[ansible_hostname]['ansible_user_id'] }}@{{ ansible_ssh_host }}:/tmp/rpmbuild/ /tmp
+  shell: scp -r {{ hostvars[ansible_hostname]['ansible_user_id'] }}@{{ ansible_hostname }}:/tmp/rpmbuild/ /tmp
  delegate_to: 127.0.0.1
+#  when: ansible_ssh_host | not defined
--- a/scripts/make_passwords.py
+++ b/scripts/make_passwords.py
@@ -25,13 +25,10 @@ try:
    f=open(pwpath,'r')
    data=yaml.load(f.read())
    f.close()
+    print data
 except Exception as e:
-    pass
-if data==None:
    data={}
-print data
 for pw in required_passwords.keys():
    if data.has_key(pw):
        pass

--- a/topplay.yml
+++ b/topplay.yml
@@ -58,8 +58,6 @@
 - hosts: ComputeNodes:ManagmentNodes:LoginNodes
  vars:
-    slurm_version: 14.11.0
-    munge_version: 0.5.11
    slurmqueues: 
      - {name: batch, group: ComputeNodes}
    slurmctrl: "{{ groups['ManagmentNodes'][0] }}"