diff --git a/ansible.cfg b/ansible.cfg index e5e6db389d2cc9bc6afbc16c7afb1a3803494a14..ec0022ee733a833940895ad79b3e5e1a54763e16 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,7 +1,6 @@ [defaults] inventory = inventory.yml forks = 300 +#strategy = free nocows=1 - -[ssh_connection] -retries=2 \ No newline at end of file +cow_selection=stegosaurus \ No newline at end of file diff --git a/bootstrap.sh b/bootstrap.sh deleted file mode 100755 index 09e3594bba61157bc7eec11abc1f9ea096656310..0000000000000000000000000000000000000000 --- a/bootstrap.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env bash - -AUTH="bootstrapper:6cDoVsyYzzDE6fLi5MTB" - -git clone \ - https://${AUTH}@git.sch.bme.hu/kszk/sysadmin/ansible/ansci.git \ - .template \ - || (cd .template && git pull) - -exec .template/playbook-template/bootstrap.sh - diff --git a/install.yml b/install.yml index 8b0cf95b5436bbdc62293617ac44a6b51f4ad3fa..9fb7b9f661dc5331f45dec43ed7b7b3f5b1a0c80 100644 --- a/install.yml +++ b/install.yml @@ -1,7 +1,14 @@ --- - hosts: all - tags: net + tags: bootstrap tasks: - - name: Set up network + #- name: Install kszk-host stuff + # import_tasks: tasks/kszk-host.yml + - name: Upgrade + import_tasks: tasks/upgrade.yml + - name: Install network utils import_tasks: tasks/net.yml - + - name: User setup + import_tasks: tasks/create_users.yml + - name: Other useful packages + import_tasks: tasks/other-packages.yml diff --git a/inventory.yml b/inventory.yml index 88312b661c5a32af278fb5e23b2d0153a5a7a7c0..87f5594562922e6ce91f549abddc4a2119615296 100644 --- a/inventory.yml +++ b/inventory.yml @@ -1,17 +1,17 @@ all: hosts: - node1.vsalgo: + vsalgo-1: cluster_ip: 10.42.0.101/24 admin_ip: 10.0.42.101/16 internal_ip: 10.151.42.101/16 - node2.vsalgo: + ansible_user: root + vsalgo-2: cluster_ip: 10.42.0.102/24 admin_ip: 10.0.42.102/16 internal_ip: 10.151.42.102/16 - node3.vsalgo: + ansible_user: root + vsalgo-3: cluster_ip: 10.42.0.103/24 admin_ip: 10.0.42.103/16 internal_ip: 10.151.42.103/16 - - - + ansible_user: root diff --git a/requirements.galaxy.yml b/requirements.galaxy.yml index 7265dc59122ebfd6f8f2eb50a86b007aaa9ec05b..db6e887515398d89c49e8adf91d4467e47caeeaa 100644 --- a/requirements.galaxy.yml +++ b/requirements.galaxy.yml @@ -1,2 +1,6 @@ --- -roles: [] +roles: + - src: git@git.sch.bme.hu:kszk/ansible/roles/kszk_host.git + scm: git + ref: 0.1.0 + name: kszk.host diff --git a/tasks/create_users.yml b/tasks/create_users.yml new file mode 100644 index 0000000000000000000000000000000000000000..2964cf6822c6bdf9a638545dd9aeb93b64af1536 --- /dev/null +++ b/tasks/create_users.yml @@ -0,0 +1,20 @@ +- name: create user + user: + name: "{{ item }}" + state: present + groups: [ sudo ] + create_home: yes + shell: /bin/bash + with_items: + - norbey + - mike + +- name: add key + authorized_key: + user: "{{ item.name }}" + key: "{{ item.key }}" + with_items: + - name: norbey + key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJJ6Rp2ETGHzEfyQZsR4Ac0iJUrtytLi2C7MZIiiCcug norbey@hellothere + - name: mike + key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBVHRlgZ+UTSBCChrpYTzOhLek9r9CcoNPoE2EcFXvz0 mike@curiosity diff --git a/tasks/kszk-host.yml b/tasks/kszk-host.yml new file mode 100644 index 0000000000000000000000000000000000000000..a8efa8b2e97b083bd86e81d3193bf9e69c22acbf --- /dev/null +++ b/tasks/kszk-host.yml @@ -0,0 +1,14 @@ +--- +- name: Install kszk-host role + roles: + - { role: kszk.host } + #- { role: jmcvetta.passwordless-sudo } + vars: + motd_playbook_url: "https://git.sch.bme.hu/kszk/sysadmin/vsalgo-ansible" + users: [] + ssh: + port: 22 + passwordAuthentication: "yes" + pubkeyAuthentication: "yes" + permitRootLogin: "yes" + no_iptables: yes \ No newline at end of file diff --git a/tasks/net.yml b/tasks/net.yml index cab52b61f27f8854fe088798a22508254f7ba6d8..ea22fc2bd8cd159ba07128c4e0b1a7158edd97cb 100644 --- a/tasks/net.yml +++ b/tasks/net.yml @@ -5,13 +5,4 @@ - ifupdown2 - libpve-network-perl - openvswitch-switch - -- name: Template network config - template: - src: interfaces - dest: /etc/network/interfaces - register: interfaces - -- name: Reload ifupdown2 - command: ifreload -a - when: interfaces.changed \ No newline at end of file + state: present diff --git a/tasks/upgrade.yml b/tasks/upgrade.yml new file mode 100644 index 0000000000000000000000000000000000000000..5220beed20fe6cf53fc6631312b2ce41e1e4761f --- /dev/null +++ b/tasks/upgrade.yml @@ -0,0 +1,5 @@ +--- +- name: Upgrade nodes + apt: + update_cache: yes + upgrade: yes diff --git a/templates/interfaces b/templates/interfaces deleted file mode 100644 index eb5ad887a745dc42684cfd4f0a8b4ae0afc50c17..0000000000000000000000000000000000000000 --- a/templates/interfaces +++ /dev/null @@ -1,81 +0,0 @@ -# network interface settings; autogenerated -# Please do NOT modify this file directly, unless you know what -# you're doing. -# -# If you want to manage parts of the network configuration manually, -# please utilize the 'source' or 'source-directory' directives to do -# so. -# PVE will preserve these directives, but will NOT read its network -# configuration from sourced files, so do not attempt to move any of -# the PVE managed interfaces into external files! - -auto lo -iface lo inet loopback - -auto enp3s0f0 -iface enp3s0f0 inet manual - mtu 9000 - dns-nameservers 152.66.208.1 - dns-search internal -#Bal lent - -auto enp3s0f1 -iface enp3s0f1 inet manual - mtu 9000 -#Bal fent - -auto enp4s0f0 -iface enp4s0f0 inet manual - mtu 9000 -#Jobb oldali - -auto enp4s0f1 -iface enp4s0f1 inet manual - mtu 9000 -#Középső - -auto bond0 -iface bond0 inet manual - ovs_bonds enp3s0f0 enp3s0f1 enp4s0f0 enp4s0f1 - ovs_type OVSBond - ovs_bridge vmbr0 - ovs_mtu 9000 - ovs_options bond_mode=balance-slb -#Main bond - -auto vmbr0 -iface vmbr0 inet manual - ovs_type OVSBridge - ovs_ports bond0 vlan10 vlan151 vlan420 - ovs_mtu 9000 -#Main vSwitch - - -auto vlan10 -iface vlan10 inet static - address {{ admin_ip }} - ovs_type OVSIntPort - ovs_bridge vmbr0 - ovs_mtu 9000 -#AdminLAN - -auto vlan151 -iface vlan151 inet static - address {{ internal_ip }} - gateway 10.151.255.254 - ovs_type OVSIntPort - ovs_bridge vmbr0 - ovs_mtu 9000 - ovs_options tag=151 -#Internal with :80 and :443 NAT - -auto vlan420 -iface vlan420 inet static - address {{ cluster_ip }} - ovs_type OVSIntPort - ovs_bridge vmbr0 - ovs_mtu 9000 - ovs_options tag=420 -#Cluster network - -source /etc/network/interfaces.d/*