antpro/infra
1
0
Fork 0
forked from saratov/infra
Code Issues Pull Requests Projects Releases Wiki Activity
infra/roles/common/tasks/main.yml
Sergey Bubnov (omg) d89c7ab77e prevent wrong behaviour when more than one dhcp on interfaces 
firts we check that the VM has already get some IP address
and if so we just deploy as usual. If VM have no IP address
on any interface we throw all interfaces except first (eth0) to
the `empty vlan` that have no DHCP server enabled. VLAD ID defined
in environment variable. After network configuration inside VM we
restore propper VLAN IDs on all interfaces. This approach should help
in situations when DHCP available on more than one interfaces and those
interfaces configured as dhcp-clients, thus more than one default gw
will be configured with some metrics and all traffic will be routed
to the right one or will be not.
2019-06-27 13:21:48 +04:00

183 lines
5.1 KiB
YAML
Raw Blame History

---
- set_fact: ansible_pkg_mgr=apt_rpm
- set_fact: node="{{inventory_hostname_short}}"
- set_fact: node="{{stack.nodes[inventory_hostname_short]}}"
- name: wait nodes for connection
wait_for_connection:
delay: 3
timeout: 60
# Disable 'vagrant' user if exists. This operation is needed for boxes
# designed to be used by Vagrant. We don't need 'vagrant' user because
# there is a user named 'test' for our needs.
- name: Disable vagrant user
user:
name: vagrant
state: absent
remove: yes
- name: disable apt-cache in tmpfs
block:
- lineinfile:
path: /etc/rc.d/rc.local
regexp: '^/etc/rc\.d/scripts/apt-cache-on-tmp.*'
state: absent
backrefs: yes
- file:
path: /etc/apt/apt.conf.d/tmp.cache.conf
state: absent
- name: purge apt.sources
shell: find /etc/apt/sources.list.d/ -name '*.list' -delete
changed_when: false
- name: set apt sources
template:
src: "apt.list.j2"
dest: "/etc/apt/sources.list.d/{{item}}.list"
with_items: "{{env.apt.sources}}"
- name: update packages list
shell: apt-get update
- name: update apt and rpm
shell: apt-get install -y apt rpm
- name: dist-upgrade
shell: apt-get -y dist-upgrade
- name: include additional apt repos from tasks
block:
- name: include additional apt repos from tasks
template:
src: "apt.list.tasks.j2"
dest: "/etc/apt/sources.list.d/tasks.list"
- name: update with tasks repos
shell: |
apt-get update
apt-get dist-upgrade -yq
when: stack.apt_sources_from_tasks is defined and stack.apt_sources_from_tasks | length > 0
- name: allow apt downgrade packages
template:
src: "downgrade.j2"
dest: "/etc/apt/preferences.d/downgrade"
when: node.arch == 'e2k'
- name: install common packages
apt_rpm:
pkg: ntpdate,curl
state: installed
update_cache: yes
- name: install Alterator`s modules
apt_rpm:
pkg: alterator,alterator-net-eth
# pkg: alterator,alterator-alternatives,alterator-audit,alterator-bind,alterator-datetime,alterator-dhcp,alterator-groups,alterator-mirror,alterator-mkimage,alterator-net-bond,alterator-net-bridge,alterator-net-domain,alterator-net-eth,alterator-net-functions,alterator-net-iptables,alterator-net-routing,alterator-net-vlan,alterator-packages,alterator-services,alterator-sshd,alterator-sysconfig,alterator-users,alterator-vsftpd,alterator-xinetd
state: installed
# FIX: don't know how to switch from dhcp to static via alterator
# just remove this line from options file for now
- name: remove options for eth0
lineinfile:
dest: /etc/net/ifaces/eth0/options
regexp: '^BOOTPROTO=dhcp.*'
backrefs: yes
state: absent
- name: disable IPv6
sysctl: name={{ item }} value=1 state=present
with_items:
- net.ipv6.conf.all.disable_ipv6
- net.ipv6.conf.default.disable_ipv6
- net.ipv6.conf.lo.disable_ipv6
- name: blacklisting IPv6 module
template:
src: ipv6-disable.conf.j2
dest: /etc/modprobe.d/options-local.conf
- name: configure NICs
include_tasks: configure_nics.yml
with_dict: "{{node.net}}"
loop_control:
loop_var: nic
# when: node.net is defined
- name: apply NICs config
shell: |
alterator-cmdline /net-eth action write commit "#t"
service network restart
changed_when: false
async: 100
poll: 0
- name: update .tmp/ssh_config after NICs reconfiguration
include_role: name="inventory"
- name: wait for the host`s NIC to come back
wait_for_connection:
delay: 2
timeout: 300
- debug: msg="{{hostvars['localhost']['other_nics_to_vlan']}}"
- name: enable vlans on other interfaces
include_role:
name: pve
tasks_from: enable_vlans.yml
when: hostvars['localhost']['other_nics_to_vlan']
- name: configure PBR
include_tasks: configure_pbr.yml
with_dict: "{{node.net}}"
loop_control:
loop_var: nic
# TODO: need to make it idempotent!
- name: set hostname
shell: '[[ $(hostname) == "{{inventory_hostname_short}}.{{stack.domain}}" ]] || { alterator-cmdline -d /net-eth action write computer_name "{{inventory_hostname_short}}.{{stack.domain}}" commit "#t"; echo changed; }'
register: result
notify: restart network
changed_when: '"changed" in result.stdout'
- name: delete .bash_logout
file:
path: /root/.bash_logout
state: absent
- meta: flush_handlers
- setup:
- name: register users keys
template:
dest: /etc/openssh/authorized_keys/root
src: authorized_keys
owner: root
group: root
mode: 0644
- name: read public ssh host key
slurp:
src: /etc/openssh/ssh_host_ed25519_key.pub
register: host_key
- name: store public ssh host key in local file
lineinfile:
regexp: "^{{ inventory_hostname_short}} "
line: "{{ inventory_hostname_short}},{{ inventory_hostname_short }}.{{ stack.domain | lower }} {{ host_key.content | b64decode | trim }}"
path: ".tmp/{{ stack_name }}.known_hosts"
create: yes
delegate_to: localhost
- name: mount nfs shares
mount:
src: "{{item.from}}"
path: "{{item.to}}"
fstype: "{{item.fstype}}"
state: mounted
with_items: "{{node.mounts}}"
when: node.mounts is defined
Reference in New Issue View Git Blame Copy Permalink