Merge branch 'ne-w-salgo-xd' into 'master'

Ne w salgo See merge request !1

Merge branch 'ne-w-salgo-xd' into 'master'
b1a78bdc · ngyimesi · 06d4da2d · ec9b929d · b1a78bdc · 06d4da2d
Commit b1a78bdc authored Sep 14, 2022 by ngyimesi
--- a/ansible.cfg
+++ b/ansible.cfg
 [defaults]
 inventory = inventory.yml
 forks = 300
+#strategy = free
 nocows=1
+cow_selection=stegosaurus
-[ssh_connection]
\ No newline at end of file
-retries=2
\ No newline at end of file
--- a/bootstrap.sh
+++ b/bootstrap.sh
-#!/usr/bin/env bash
-AUTH="bootstrapper:6cDoVsyYzzDE6fLi5MTB"
-git clone \
-  https://${AUTH}@git.sch.bme.hu/kszk/sysadmin/ansible/ansci.git \
-  .template \
-  || (cd .template && git pull)
-exec .template/playbook-template/bootstrap.sh
--- a/files/linstor-client.conf
+++ b/files/linstor-client.conf
+[global]
+controllers=10.0.42.101,10.0.42.102,10.0.42.103
--- a/files/linstor_db.toml
+++ b/files/linstor_db.toml
+[[promoter]]
+id = "linstor_db"
+[promoter.resources.linstor_db]
+start = ["var-lib-linstor.mount", "linstor-controller.service"]
--- a/files/memory-defaults.yaml
+++ b/files/memory-defaults.yaml
+NodeConnections:
+  - Node1: vsalgo-node-1
+    Node2: vsalgo-node-2
+    RequiredConnections: [ cluster, admin, internal ]
+  - Node1: vsalgo-node-2
+    Node2: vsalgo-node-3
+    RequiredConnections: [ cluster, admin, internal ]
+  - Node1: vsalgo-node-1
+    Node2: vsalgo-node-3
+    RequiredConnections: [ cluster, admin, internal ]
\ No newline at end of file
--- a/files/override.conf
+++ b/files/override.conf
+[Service]
+Environment=LS_KEEP_RES=linstor_db
+Type=notify
+TimeoutStartSec=infinity
--- a/files/var-lib-linstor.mount
+++ b/files/var-lib-linstor.mount
+[Unit]
+Description=Filesystem for the LINSTOR controller
+[Mount]
+# you can use the minor like /dev/drbdX or the udev symlink
+What=/dev/drbd/by-res/linstor_db/0
+Where=/var/lib/linstor
\ No newline at end of file
--- a/install.yml
+++ b/install.yml
 ---
 - hosts: all
-  tags: net
+  tags: bootstrap
  tasks:
-    - name: Set up network
+    #- name: Install kszk-host stuff
+     # import_tasks: tasks/kszk-host.yml
+    - name: Upgrade
+      import_tasks: tasks/upgrade.yml
+    - name: Install network utils
      import_tasks: tasks/net.yml
+    - name: User setup
+      import_tasks: tasks/create_users.yml
+    - name: Other useful packages
+      import_tasks: tasks/other-packages.yml
+    - name: Linstor setup
+      import_tasks: tasks/linstor-setup.yml
\ No newline at end of file
--- a/inventory.yml
+++ b/inventory.yml
 all:
  hosts:
-    node1.vsalgo:
+    vsalgo-1:
      cluster_ip: 10.42.0.101/24
      admin_ip: 10.0.42.101/16
      internal_ip: 10.151.42.101/16
-    node2.vsalgo:
+      ansible_user: root
+    vsalgo-2:
      cluster_ip: 10.42.0.102/24
      admin_ip: 10.0.42.102/16
      internal_ip: 10.151.42.102/16
-    node3.vsalgo:
+      ansible_user: root
+    vsalgo-3:
      cluster_ip: 10.42.0.103/24
      admin_ip: 10.0.42.103/16
      internal_ip: 10.151.42.103/16
+      ansible_user: root
--- a/requirements.galaxy.yml
+++ b/requirements.galaxy.yml
 ---
-roles: []
+roles:
+  - src: git@git.sch.bme.hu:kszk/ansible/roles/kszk_host.git
+    scm: git
+    ref: 0.1.0
+    name: kszk.host
--- a/tasks/create_users.yml
+++ b/tasks/create_users.yml
+- name: create user
+  user:
+    name: "{{ item }}"
+    state: present
+    groups: [ sudo ]
+    create_home: yes
+    shell: /bin/bash
+  with_items:
+    - norbey
+    - mike
+- name: add key
+  authorized_key:
+    user: "{{ item.name }}"
+    key: "{{ item.key }}"
+  with_items:
+    - name: norbey
+      key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJJ6Rp2ETGHzEfyQZsR4Ac0iJUrtytLi2C7MZIiiCcug norbey@hellothere
+    - name: mike
+      key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBVHRlgZ+UTSBCChrpYTzOhLek9r9CcoNPoE2EcFXvz0 mike@curiosity
--- a/tasks/kszk-host.yml
+++ b/tasks/kszk-host.yml
+---
+- name: Install kszk-host role
+  roles:
+    - { role: kszk.host }
+    #- { role: jmcvetta.passwordless-sudo }
+  vars:
+    motd_playbook_url: "https://git.sch.bme.hu/kszk/sysadmin/vsalgo-ansible"
+    users: []
+    ssh:
+      port: 22
+      passwordAuthentication: "yes"
+      pubkeyAuthentication: "yes"
+      permitRootLogin: "yes"
+    no_iptables: yes
\ No newline at end of file
--- a/tasks/linstor-setup.yml
+++ b/tasks/linstor-setup.yml
+---
+- name: Add linbit key
+  apt_key:
+    url: https://packages.linbit.com/package-signing-pubkey.asc
+- name: Add linstor repo
+  apt_repository:
+    repo: deb https://packages.linbit.com/proxmox proxmox-7 drbd-9
+- name: Install linstor stuff
+  apt:
+    name:
+      - pve-headers
+      - drbd-dkms
+      - drbd-utils
+      - linstor-controller
+      - linstor-satellite
+      - linstor-client
+      - linstor-proxmox
+      - drbd-reactor
+    state: present
+- name: Enable linstor-satellite
+  systemd:
+    service: linstor-satellite
+    state: started
+    enabled: yes
+- name: Disable linstor-controller
+  systemd:
+    service: linstor-controller
+    enabled: no
+- name: copy latest binary of linstor-defaults
+  get_url:
+    url: https://git.sch.bme.hu/kszk/sysadmin/memory-storage-defaults/-/jobs/artifacts/master/raw/memory-defaults?job=build
+    dest: /usr/local/bin/memory-defaults
+    mode: 0755
+- name: copy linstor-defaults config
+  copy:
+    dest: /etc/memory-defaults.yaml
+    src: memory-defaults.yaml
+- name: add systemd unit 1
+  get_url:
+    url: https://git.sch.bme.hu/kszk/sysadmin/memory-storage-defaults/-/raw/master/systemd/memory-defaults.service
+    dest: /etc/systemd/system/memory-defaults.service
+- name: add systemd unit 2 (timer)
+  get_url:
+    url: https://git.sch.bme.hu/kszk/sysadmin/memory-storage-defaults/-/raw/master/systemd/memory-defaults.timer
+    dest: /etc/systemd/system/memory-defaults.timer
+- name: start systemd timer (unit 2)
+  systemd:
+    state: started
+    enabled: yes
+    name: memory-defaults.timer
+- name: create var-lib-linstor.mount
+  copy:
+    src: var-lib-linstor.mount
+    dest: /etc/systemd/system/var-lib-linstor.mount
+- name: copy linstor_db.toml
+  copy:
+    src: linstor_db.toml
+    dest: /etc/drbd-reactor.d/linstor_db.toml
+- name: create directory for override config so that the next task won't complain...
+  file:
+    path: /etc/systemd/system/linstor-satellite.service.d/
+    state: directory
+- name: copy systemd override for linstor-satellite
+  copy:
+    src: override.conf
+    dest: /etc/systemd/system/linstor-satellite.service.d/override.conf
+- name: Reload systemd daemon
+  systemd:
+    daemon_reload: yes
+- name: Enable and restart drbd-reactor
+  systemd:
+    name: drbd-reactor
+    state: restarted
+    enabled: yes
+- name: create linstor client config
+  copy:
+    src: linstor-client.conf
+    dest: /etc/linstor/linstor-client.conf
--- a/tasks/net.yml
+++ b/tasks/net.yml
@@ -5,13 +5,4 @@
      - ifupdown2
      - libpve-network-perl
      - openvswitch-switch
+    state: present
- name: Template network config
-  template:
-    src: interfaces
-    dest: /etc/network/interfaces
-  register: interfaces
- name: Reload ifupdown2
-  command: ifreload -a
-  when: interfaces.changed
\ No newline at end of file
--- a/tasks/other-packages.yml
+++ b/tasks/other-packages.yml
+---
+- name: Install some useful stuff
+  apt:
+    name:
+      - systemd-timesyncd
+      - mc #norbey
+      - neovim #mike
+    state: present
+- name: Config timesyncd
+  lineinfile:
+    path: /etc/systemd/timesyncd.conf
+    line: NTP=152.66.208.241
+- name: Enable and restart timesyncd
+  systemd:
+    name: systemd-timesyncd
+    state: restarted
+    enabled: yes
--- a/tasks/upgrade.yml
+++ b/tasks/upgrade.yml
+---
+- name: Upgrade nodes
+  apt:
+    update_cache: yes
+    upgrade: yes
--- a/templates/interfaces
+++ b/templates/interfaces
-# network interface settings; autogenerated
-# Please do NOT modify this file directly, unless you know what
-# you're doing.
-#
-# If you want to manage parts of the network configuration manually,
-# please utilize the 'source' or 'source-directory' directives to do
-# so.
-# PVE will preserve these directives, but will NOT read its network
-# configuration from sourced files, so do not attempt to move any of
-# the PVE managed interfaces into external files!
-auto lo
-iface lo inet loopback
-auto enp3s0f0
-iface enp3s0f0 inet manual
-	mtu 9000
-	dns-nameservers 152.66.208.1
-	dns-search internal
-#Bal lent
-auto enp3s0f1
-iface enp3s0f1 inet manual
-	mtu 9000
-#Bal fent
-auto enp4s0f0
-iface enp4s0f0 inet manual
-	mtu 9000
-#Jobb oldali
-auto enp4s0f1
-iface enp4s0f1 inet manual
-	mtu 9000
-#Középső
-auto bond0
-iface bond0 inet manual
-	ovs_bonds enp3s0f0 enp3s0f1 enp4s0f0 enp4s0f1
-	ovs_type OVSBond
-	ovs_bridge vmbr0
-	ovs_mtu 9000
-	ovs_options bond_mode=balance-slb
-#Main bond
-auto vmbr0
-iface vmbr0 inet manual
-	ovs_type OVSBridge
-	ovs_ports bond0 vlan10 vlan151 vlan420
-	ovs_mtu 9000
-#Main vSwitch
-auto vlan10
-iface vlan10 inet static
-	address {{ admin_ip }}
-	ovs_type OVSIntPort
-	ovs_bridge vmbr0
-	ovs_mtu 9000
-#AdminLAN
-auto vlan151
-iface vlan151 inet static
-	address {{ internal_ip }}
-	gateway 10.151.255.254
-	ovs_type OVSIntPort
-	ovs_bridge vmbr0
-	ovs_mtu 9000
-	ovs_options tag=151
-#Internal with :80 and :443 NAT
-auto vlan420
-iface vlan420 inet static
-	address {{ cluster_ip }}
-	ovs_type OVSIntPort
-	ovs_bridge vmbr0
-	ovs_mtu 9000
-	ovs_options tag=420
-#Cluster network
-source /etc/network/interfaces.d/*