From dbb0815a647d1fd56870e898e96cd8b7fa8f3729 Mon Sep 17 00:00:00 2001
From: CVL-GitHub <jupiter.hu@monash.edu>
Date: Tue, 20 Jan 2015 02:48:13 +0000
Subject: [PATCH] Fixed exceptions
---
playbook/cvl2.yml | 73 +++++++++++++------
roles/OpenVPN-Server/tasks/installOpenVPN.yml | 6 ++
.../easy-rsa-certificate/tasks/buildCert.yml | 19 ++---
roles/nfs-server/defaults/main.yml | 4 -
roles/nfs-server/tasks/main.yml | 1 +
roles/nfs-server/tasks/mkFilesystem.yml | 21 +++---
6 files changed, 79 insertions(+), 45 deletions(-)
delete mode 100644 roles/nfs-server/defaults/main.yml
diff --git a/playbook/cvl2.yml b/playbook/cvl2.yml
index 90654e5a..4dc5df2d 100644
--- a/playbook/cvl2.yml
+++ b/playbook/cvl2.yml
@@ -3,35 +3,34 @@
vars_files:
- massive_var/main.yml
vars:
- x509_ca_server: "{{ groups['OpenvpnServer'][0] }}"
- openvpn_servers: "{{ groups['OpenvpnServer'] }}"
- slurmctrl: "{{ groups['OpenvpnServer'][0] }}"
+ x509_ca_server: "{{ groups['ManagementNodes'][0] }}"
+ openvpn_servers: "{{ groups['ManagementNodes'] }}"
+ slurmctrl: "{{ groups['ManagementNodes'][0] }}"
slurmqueues:
- {name: batch, group: ComputeNodes, default: true}
- - {name: vis, group: ComputeNodes, default: false}
roles:
- { role: etcHosts, domain: "{{ ldapDomain }}" }
-- hosts: 'OpenvpnServer'
+- hosts: 'ManagementNodes'
vars_files:
- massive_var/main.yml
- massive_var/package.yml
- massive_var/passwords.yml
vars:
- x509_ca_server: "{{ groups['OpenvpnServer'][0] }}"
- openvpn_servers: "{{ groups['OpenvpnServer'] }}"
- slurmctrl: "{{ groups['OpenvpnServer'][0] }}"
+ x509_ca_server: "{{ groups['ManagementNodes'][0] }}"
+ openvpn_servers: "{{ groups['ManagementNodes'] }}"
+ slurmctrl: "{{ groups['ManagementNodes'][0] }}"
slurmqueues:
- {name: batch, group: ComputeNodes, default: true}
roles:
- { role: easy-rsa-CA }
- - { role: OpenVPN-Server }
+ - { role: OpenVPN-Server, configDiskDevice: true, mkFileSystems: {fstype : 'ext4', dev: '/dev/vdc', opts: 'defaults,nofail'} }
- { role: ntp }
- { role: openLdapClient }
- { role: slurm-build }
- { role: nfs-server, configDiskDevice: false }
- { role: slurm, slurm_use_vpn: true}
- - { role: installPackage, cliCopy: {'run': 'cp -r /usr/local/Modules/modulefiles/cvl /usr/local/Modules/modulefiles/massive', 'check': '/usr/local/Modules/modulefiles/massive'} }
+ - { role: installPackage, yumGroupPackageList: ['CVL Pre-installation', 'CVL Base Packages'], cliCopy: {'run': 'cp -r /usr/local/Modules/modulefiles/cvl /usr/local/Modules/modulefiles/massive', 'check': '/usr/local/Modules/modulefiles/massive'} }
tasks:
setup:
@@ -47,23 +46,23 @@
- massive_var/passwords.yml
- massive_var/package.yml
vars:
- x509_ca_server: "{{ groups['OpenvpnServer'][0] }}"
- openvpn_servers: "{{ groups['OpenvpnServer'] }}"
- slurmctrl: "{{ groups['OpenvpnServer'][0] }}"
+ x509_ca_server: "{{ groups['ManagementNodes'][0] }}"
+ openvpn_servers: "{{ groups['ManagementNodes'] }}"
+ slurmctrl: "{{ groups['ManagementNodes'][0] }}"
slurmqueues:
- {name: batch, group: ComputeNodes, default: true}
- nfs_server: "{{ groups['OpenvpnServer'][0] }}"
+ nfs_server: "{{ groups['ManagementNodes'][0] }}"
groupList:
- { name : 'ComputeNodes', interface : 'tun0' }
roles:
- - { role: OpenVPN-Client, x509_ca_server: "cvl23server" }
+ - { role: OpenVPN-Client, x509_ca_server: "cvlm2management1" }
- { role: ntp }
- { role: openLdapClient }
- - { role: syncExports, nfs_server: "cvl23server", exportList: [{ name: '/', src: '/usr/local', fstype: 'nfs4', opts: 'defaults,ro,nofail', nfsServerIp: "{{ hostvars['cvl23server']['ansible_tun0']['ipv4']['address'] }}", srvopts: 'ro,fsid=0,sync' }] }
+ - { role: syncExports, nfs_server: "cvlm2management1", exportList: [{ name: '/', src: '/usr/local', fstype: 'nfs4', opts: 'defaults,ro,nofail', nfsServerIp: "{{ hostvars['cvlm2management1']['ansible_tun0']['ipv4']['address'] }}", srvopts: 'ro,fsid=0,sync' }] }
- { role: nfs-client, exportList: "[{ 'name': '/home', 'src': '/', 'fstype': 'nfs4', 'opts': 'defaults,nofail', 'nfsServerIp': '{{ nfsServerIpAddress }}', 'nfsClientIp': '{{ ansible_tun0.ipv4.address }}', 'srvopts': 'rw,root_squash,fsid=0,sync' }]" }
- { role: nfs-client, exportList: "[ { 'name': '/usr/local', 'src': '/', 'fstype': 'nfs4', 'opts': 'defaults,ro,nofail', 'nfsServerIp': '{{ hostvars[nfs_server]['ansible_tun0']['ipv4']['address'] }}', 'srvopts': 'ro,fsid=0,sync' }]" }
- { role: slurm, slurm_use_vpn: true}
- - { role: installPackage, preInstallation: "umount /usr/local", postInstallation: "mount /usr/local", yumGroupPackageList: ["CVL Pre-installation", "CVL Base Packages", "CVL System", "CVL System Extension"] }
+ - { role: installPackage, preInstallation: "umount /usr/local", postInstallation: "mount /usr/local", yumGroupPackageList: ["CVL Pre-installation", "CVL Base Packages"], cliFileCopy: {'src': '/tmp/gconf_path', 'dest': '/etc/gconf/2/path'} }
- hosts: all
vars_files:
@@ -71,16 +70,46 @@
roles:
- { role: etcHosts, domain: "{{ ldapDomain }}" }
-- hosts: 'LoginNode'
+- hosts: 'ComputeNodesLarge'
+ vars_files:
+ - massive_var/main.yml
+ - massive_var/passwords.yml
+ - massive_var/package.yml
+ vars:
+ x509_ca_server: "{{ groups['ManagementNodes'][0] }}"
+ openvpn_servers: "{{ groups['ManagementNodes'] }}"
+ slurmctrl: "{{ groups['ManagementNodes'][0] }}"
+ slurmqueues:
+ - {name: multicore, group: ComputeNodesLarge, default: true}
+ nfs_server: "{{ groups['ManagementNodes'][0] }}"
+ groupList:
+ - { name : 'ComputeNodes', interface : 'tun0' }
+ roles:
+ - { role: OpenVPN-Client, x509_ca_server: "cvlm2management1" }
+ - { role: ntp }
+ - { role: openLdapClient }
+ - { role: syncExports, nfs_server: "cvlm2management1", exportList: [{ name: '/', src: '/usr/local', fstype: 'nfs4', opts: 'defaults,ro,nofail', nfsServerIp: "{{ hostvars['cvlm2management1']['ansible_tun0']['ipv4']['address'] }}", srvopts: 'ro,fsid=0,sync' }] }
+ - { role: nfs-client, exportList: "[{ 'name': '/home', 'src': '/', 'fstype': 'nfs4', 'opts': 'defaults,nofail', 'nfsServerIp': '{{ nfsServerIpAddress }}', 'nfsClientIp': '{{ ansible_tun0.ipv4.address }}', 'srvopts': 'rw,root_squash,fsid=0,sync' }]" }
+ - { role: nfs-client, exportList: "[ { 'name': '/usr/local', 'src': '/', 'fstype': 'nfs4', 'opts': 'defaults,ro,nofail', 'nfsServerIp': '{{ hostvars[nfs_server]['ansible_tun0']['ipv4']['address'] }}', 'srvopts': 'ro,fsid=0,sync' }]" }
+ - { role: slurm, slurm_use_vpn: true}
+ - { role: installPackage, preInstallation: "umount /usr/local", postInstallation: "mount /usr/local", yumGroupPackageList: ["CVL Pre-installation", "CVL Base Packages"], cliFileCopy: {'src': '/tmp/gconf_path', 'dest': '/etc/gconf/2/path'} }
+
+- hosts: all
+ vars_files:
+ - massive_var/main.yml
+ roles:
+ - { role: etcHosts, domain: "{{ ldapDomain }}" }
+
+- hosts: 'LoginNodes'
vars_files:
- massive_var/main.yml
- massive_var/passwords.yml
vars:
groupList:
- { name : 'ComputeNodes', interface : 'tun0' }
- x509_ca_server: "{{ groups['OpenvpnServer'][0] }}"
- openvpn_servers: "{{ groups['OpenvpnServer'] }}"
- slurmctrl: "{{ groups['OpenvpnServer'][0] }}"
+ x509_ca_server: "{{ groups['ManagementNodes'][0] }}"
+ openvpn_servers: "{{ groups['ManagementNodes'] }}"
+ slurmctrl: "{{ groups['ManagementNodes'][0] }}"
slurmqueues:
- {name: batch, group: ComputeNodes, default: true}
# - {name: vis, group: ComputeNodes, default: false}
@@ -90,5 +119,5 @@
- { role: openLdapClient }
- { role: nfs-client, exportList: "[{ 'name': '/home', 'src': '/', 'fstype': 'nfs4', 'opts': 'defaults,nofail', 'nfsServerIp': '{{ nfsServerIpAddress }}', 'nfsClientIp': '{{ ansible_tun0.ipv4.address }}', 'srvopts': 'rw,root_squash,fsid=0,sync' }]" }
- { role: slurm, slurm_use_vpn: true}
- - { role: installPackage, importRepo: { command: "wget http://cvlrepo.massive.org.au/repo/cvl.repo -O", destination: "/etc/yum.repos.d/cvl.repo" }, yumGroupPackageList: ['CVL Pre-installation', 'CVL Base Packages', 'CVL System', 'CVL System Extension'], cliCopy: {'run': 'cp -r /usr/local/Modules/modulefiles/cvl /usr/local/Modules/modulefiles/massive', 'check': '/usr/local/Modules/modulefiles/massive'} }
+ - { role: installPackage, importRepo: { command: "wget http://cvlrepo.massive.org.au/repo/cvl.repo -O", destination: "/etc/yum.repos.d/cvl.repo" }, yumGroupPackageList: ['CVL Pre-installation', 'CVL Base Packages'], cliCopy: {'run': 'cp -r /usr/local/Modules/modulefiles/cvl /usr/local/Modules/modulefiles/massive', 'check': '/usr/local/Modules/modulefiles/massive'} }
diff --git a/roles/OpenVPN-Server/tasks/installOpenVPN.yml b/roles/OpenVPN-Server/tasks/installOpenVPN.yml
index fe7c052f..05c43b60 100644
--- a/roles/OpenVPN-Server/tasks/installOpenVPN.yml
+++ b/roles/OpenVPN-Server/tasks/installOpenVPN.yml
@@ -4,6 +4,12 @@
notify: "restart openvpn"
sudo: true
+- name: Create path
+ shell: mkdir -p {{ dhparms_file | dirname }}
+ args:
+ creates: "{{ dhparms_file | dirname }}"
+ sudo: true
+
- name: "Generate DH parameters"
shell: openssl dhparam -out {{ dhparms_file }} 512
args:
diff --git a/roles/easy-rsa-certificate/tasks/buildCert.yml b/roles/easy-rsa-certificate/tasks/buildCert.yml
index c9b2f9cd..d71c98a3 100644
--- a/roles/easy-rsa-certificate/tasks/buildCert.yml
+++ b/roles/easy-rsa-certificate/tasks/buildCert.yml
@@ -53,17 +53,18 @@
- name: "Create node tmp directory"
delegate_to: 127.0.0.1
shell: "mkdir -p /tmp/{{ inventory_hostname }} ; chmod 755 /tmp/{{ inventory_hostname }}"
+ when: x509_ca_server != inventory_hostname
- name: "Copy CSR to ansible host"
fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr dest=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr fail_on_missing=yes validate_md5=yes flat=yes"
sudo: true
- when: needcert
+ when: needcert and x509_ca_server != inventory_hostname
- name: "Copy CSR to CA"
remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
delegate_to: "{{ x509_ca_server }}"
copy: "src=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr dest=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr force=yes"
- when: needcert
+ when: needcert and x509_ca_server != inventory_hostname
sudo: true
- name: "Sign Certificate"
@@ -78,35 +79,35 @@
delegate_to: "{{ x509_ca_server }}"
fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt dest=/tmp/{{ inventory_hostname }}/{{ x509_common_name }}.crt fail_on_missing=yes validate_md5=yes flat=yes"
sudo: true
- when: needcert
+ when: needcert and x509_ca_server != inventory_hostname
- name: "Copy the CA Certificate to the ansible host"
remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
delegate_to: "{{ x509_ca_server }}"
fetch: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=/tmp/{{ inventory_hostname }}/ca.crt fail_on_missing=yes validate_md5=yes flat=yes"
sudo: true
- when: "ca_cert.stat.exists == false"
+ when: ca_cert.stat.exists == false and x509_ca_server != inventory_hostname
- name: "Make sure the path to the certificate exists"
shell: "mkdir -p `dirname {{ x509_cert_file }}` ; chmod 755 `dirname {{ x509_cert_file }}`"
- sudo: true
+ sudo: true
- name: "Copy the certificate to the node"
copy: "src=/tmp/{{ inventory_hostname }}/{{ x509_common_name }}.crt dest=/tmp/{{ x509_common_name }}.crt force=yes"
sudo: true
- when: needcert
+ when: needcert and x509_ca_server != inventory_hostname
- name: "Copy the certificate to the right location"
shell: "cp -f /tmp/{{ x509_common_name }}.crt {{ x509_cert_file }}"
sudo: true
- when: needcert
+ when: needcert and x509_ca_server != inventory_hostname
- name: "Copy the CA certificate to the node"
copy: "src=/tmp/{{ inventory_hostname }}/ca.crt dest={{ x509_cacert_file }}"
sudo: true
- when: "ca_cert.stat.exists == false"
+ when: ca_cert.stat.exists == false and x509_ca_server != inventory_hostname
- name: "Copy the key to the correct location"
shell: "mkdir -p `dirname {{ x509_key_file }}` ; chmod 700 `dirname {{ x509_key_file }}` ; cp /etc/easy-rsa/2.0/keys/{{ x509_common_name }}.key {{ x509_key_file }}"
sudo: true
- when: needcert
+ when: needcert and x509_ca_server != inventory_hostname
diff --git a/roles/nfs-server/defaults/main.yml b/roles/nfs-server/defaults/main.yml
deleted file mode 100644
index 9561db2c..00000000
--- a/roles/nfs-server/defaults/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-mkFileSystems:
- - { fstype : 'ext4', dev : '/dev/vdc', opts: '' }
-configDiskDevice: true
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index 29b98a51..3e60a572 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -1,3 +1,4 @@
---
- include: mkFilesystem.yml
+- include: fileSymbolicLink.yml
- include: startServer.yml
diff --git a/roles/nfs-server/tasks/mkFilesystem.yml b/roles/nfs-server/tasks/mkFilesystem.yml
index 7dfb2c7f..ae917f23 100644
--- a/roles/nfs-server/tasks/mkFilesystem.yml
+++ b/roles/nfs-server/tasks/mkFilesystem.yml
@@ -1,12 +1,13 @@
---
--
- name: Format File Systems
- filesystem: fstype={{ item.fstype }} dev={{ item.dev }} opts={{ item.opts }}
- with_items: mkFileSystems
- when: configDiskDevice
--
- name: Mount file systems
- mount: name=/mnt/{{ item.dev | basename }} src={{ item.dev }} fstype={{ item.fstype }} opts=loop state=mounted
- with_items: mkFileSystems
- when: configDiskDevice
+- name: Format File Systems
+ filesystem: fstype={{ item.fstype }} dev={{ item.dev }} opts={{ item.opts }}
+ with_items: mkFileSystems
+ sudo: true
+ when: configDiskDevice
+
+- name: Mount device
+ mount: name={{ item.name }} src={{ item.dev }} fstype={{ item.fstype }} opts={{ item.mntopts }} state=mounted
+ with_items: mkFileSystems
+ sudo: true
+ when: configDiskDevice
--
GitLab