diff --git a/roles/ceph-rbd/defaults/main.yml b/roles/ceph-rbd/defaults/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..d40a33d286773c6be1b1af2b23cfff8874272ab2
--- /dev/null
+++ b/roles/ceph-rbd/defaults/main.yml
@@ -0,0 +1,18 @@
+---
+
+ceph_packages:
+ - ceph-common
+
+ceph_mon_hosts: []
+ceph_login:
+ceph_password:
+ceph_pool_name:
+ceph_image_name:
+ceph_image_format: 2
+ceph_image_size: 2T
+ceph_parameters:
+ - "--size {{ ceph_image_size }}"
+ - "--image-format {{ ceph_image_format }}"
+ - "--image-feature layering"
+
+...
diff --git a/roles/ceph-rbd/handlers/main.yml b/roles/ceph-rbd/handlers/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..8d14e8ae2bc5be9e612b68137728fca38cca2733
--- /dev/null
+++ b/roles/ceph-rbd/handlers/main.yml
@@ -0,0 +1,8 @@
+---
+
+- name: enable rbdmap service
+ systemd:
+ name: rbdmap
+ state: restarted
+
+...
diff --git a/roles/ceph-rbd/tasks/main.yml b/roles/ceph-rbd/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..08498e83e13a8e53188d405b8442197d1ef1127a
--- /dev/null
+++ b/roles/ceph-rbd/tasks/main.yml
@@ -0,0 +1,52 @@
+---
+
+- name: install ceph
+ apt:
+ force_apt_get: true
+ install_recommends: false
+ name: "{{ ceph_packages }}"
+
+- name: ceph config
+ template:
+ src: ceph.conf.j2
+ dest: /etc/ceph/ceph.conf
+
+- name: ceph keyring
+ template:
+ src: ceph.client.user.keyring.j2
+ dest: /etc/ceph/ceph.client.{{ ceph_login }}.keyring
+ mode: 0600
+
+- name: check rbd image presence
+ when: inventory_hostname == play_hosts[0]
+ register: ceph_check_image
+ changed_when: ceph_check_image.stdout != ceph_image_name
+ command:
+ cmd: rbd -n client.{{ ceph_login }} list {{ ceph_pool_name }}
+
+- name: create rbd image
+ when:
+ - ceph_check_image.changed
+ - inventory_hostname == play_hosts[0]
+ command:
+ cmd: rbd -n client.{{ ceph_login }} create {{ ceph_pool_name }}/{{ ceph_image_name }} {% for param in ceph_parameters %}{{ param }} {% endfor %}
+
+- name: map rbd image to device
+ command:
+ cmd: rbd -n client.{{ ceph_login }} map {{ ceph_pool_name }}/{{ ceph_image_name }}
+ creates: /dev/rbd0
+
+- name: configure rbd map at boot
+ notify: restart rbdmap
+ lineinfile:
+ path: /etc/ceph/rbdmap
+ backup: true
+ line: "{{ ceph_pool_name }}/{{ ceph_image_name }} id={{ ceph_login }},keyring=/etc/ceph/ceph.client.{{ ceph_login }}.keyring"
+
+- name: enable rbdmap service
+ systemd:
+ name: rbdmap
+ enabled: true
+ state: started
+
+...
diff --git a/roles/ceph-rbd/templates/ceph.client.user.keyring.j2 b/roles/ceph-rbd/templates/ceph.client.user.keyring.j2
new file mode 100644
index 0000000000000000000000000000000000000000..b46c78a193f7e8a533b819c4a42a77e4df52eb9b
--- /dev/null
+++ b/roles/ceph-rbd/templates/ceph.client.user.keyring.j2
@@ -0,0 +1,2 @@
+[client.{{ ceph_login }}]
+key = {{ ceph_password }}
diff --git a/roles/ceph-rbd/templates/ceph.conf.j2 b/roles/ceph-rbd/templates/ceph.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..998af5810b542d44aa6e65d84355b86f40ab1be2
--- /dev/null
+++ b/roles/ceph-rbd/templates/ceph.conf.j2
@@ -0,0 +1,2 @@
+[global]
+mon_host = {{ ceph_mon_hosts | join(',') }}
diff --git a/roles/ocfs2/defaults/main.yml b/roles/ocfs2/defaults/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..961ab9302baf563b60de1aeb27a8deb19b90ce3c
--- /dev/null
+++ b/roles/ocfs2/defaults/main.yml
@@ -0,0 +1,21 @@
+---
+
+ocfs2_packages:
+ - ocfs2-tools
+
+ocfs2_mount_path:
+ocfs2_mount_device:
+
+ocfs2_firewall_enabled: true
+ocfs2_ferm_rules_filename: ocfs2
+ocfs2_ferm_input_rules:
+ - saddr: "{{ play_hosts | map('extract', hostvars, ['ansible_default_ipv4', 'address']) | list }}"
+ proto:
+ - tcp
+ - udp
+ dport:
+ - 7777
+ocfs2_ferm_output_rules: []
+ocfs2_ferm_global_settings:
+
+...
diff --git a/roles/ocfs2/handlers/main.yml b/roles/ocfs2/handlers/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..f8a7e91519c9596a864f725ef90151ef1ce8bbd1
--- /dev/null
+++ b/roles/ocfs2/handlers/main.yml
@@ -0,0 +1,8 @@
+---
+
+- name: restart o2cb
+ systemd:
+ name: o2cb
+ state: restarted
+
+...
diff --git a/roles/ocfs2/tasks/main.yml b/roles/ocfs2/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..844a1b07e83a2fb5ef906dd6b853d2e36d3667d7
--- /dev/null
+++ b/roles/ocfs2/tasks/main.yml
@@ -0,0 +1,53 @@
+---
+
+- name: install packages
+ apt:
+ force_apt_get: true
+ install_recommends: false
+ name: "{{ ocfs2_packages }}"
+
+- name: configure cluster
+ notify: restart o2cb
+ template:
+ src: cluster.conf.j2
+ dest: /etc/ocfs2/cluster.conf
+
+- name: load at boot
+ notify: restart o2cb
+ replace:
+ path: /etc/default/o2cb
+ regexp: '^O2CB_ENABLED=.*$'
+ replace: 'O2CB_ENABLED=true'
+ backup: true
+
+- meta: flush_handlers
+
+- name: format mapped device
+ when: inventory_hostname == play_hosts[0]
+ filesystem:
+ fstype: ocfs2
+ opts: -T mail
+ dev: /dev/rbd0
+
+- name: mount mapped device
+ mount:
+ path: "{{ ocfs2_mount_path }}"
+ src: "{{ ocfs2_mount_device }}"
+ fstype: ocfs2
+ opts: _netdev,nointr,noatime
+ backup: true
+ state: mounted
+
+# FIREWALL
+
+- name: firewall
+ when: ocfs2_firewall_enabled
+ vars:
+ ferm_rules_filename: "{{ ocfs2_ferm_rules_filename }}"
+ ferm_input_rules: "{{ ocfs2_ferm_input_rules }}"
+ ferm_output_rules: "{{ ocfs2_ferm_output_rules }}"
+ ferm_global_settings: "{{ ocfs2_ferm_global_settings }}"
+ include_role:
+ name: ferm
+
+...
diff --git a/roles/ocfs2/templates/cluster.conf.j2 b/roles/ocfs2/templates/cluster.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..6fdcaab80a38c458e1c7ac0690df349410eab382
--- /dev/null
+++ b/roles/ocfs2/templates/cluster.conf.j2
@@ -0,0 +1,11 @@
+cluster:
+ node_count = {{ play_hosts | length }}
+ name = ocfs2
+{% for host in play_hosts %}
+node:
+ ip_port = 7777
+ ip_address = {{ hostvars[host]['ansible_default_ipv4']['address'] }}
+ number = {{ loop.index }}
+ name = {{ host }}
+ cluster = ocfs2
+{% endfor %}