From d0d193dbe85b82ca436bf2943da80cb0a1fac567 Mon Sep 17 00:00:00 2001
From: Nicolas KAROLAK <nicolas@karolak.fr>
Date: Wed, 8 Apr 2020 15:22:23 +0000
Subject: [PATCH] add ceph-rbd and ocfs2 roles

---
 roles/ceph-rbd/defaults/main.yml              | 18 +++++++
 roles/ceph-rbd/handlers/main.yml              |  8 +++
 roles/ceph-rbd/tasks/main.yml                 | 52 ++++++++++++++++++
 .../templates/ceph.client.user.keyring.j2     |  2 +
 roles/ceph-rbd/templates/ceph.conf.j2         |  2 +
 roles/ocfs2/defaults/main.yml                 | 21 ++++++++
 roles/ocfs2/handlers/main.yml                 |  8 +++
 roles/ocfs2/tasks/main.yml                    | 53 +++++++++++++++++++
 roles/ocfs2/templates/cluster.conf.j2         | 11 ++++
 9 files changed, 175 insertions(+)
 create mode 100644 roles/ceph-rbd/defaults/main.yml
 create mode 100644 roles/ceph-rbd/handlers/main.yml
 create mode 100644 roles/ceph-rbd/tasks/main.yml
 create mode 100644 roles/ceph-rbd/templates/ceph.client.user.keyring.j2
 create mode 100644 roles/ceph-rbd/templates/ceph.conf.j2
 create mode 100644 roles/ocfs2/defaults/main.yml
 create mode 100644 roles/ocfs2/handlers/main.yml
 create mode 100644 roles/ocfs2/tasks/main.yml
 create mode 100644 roles/ocfs2/templates/cluster.conf.j2

diff --git a/roles/ceph-rbd/defaults/main.yml b/roles/ceph-rbd/defaults/main.yml
new file mode 100644
index 00000000..d40a33d2
--- /dev/null
+++ b/roles/ceph-rbd/defaults/main.yml
@@ -0,0 +1,18 @@
+---
+
+ceph_packages:
+  - ceph-common
+
+ceph_mon_hosts: []
+ceph_login:
+ceph_password:
+ceph_pool_name:
+ceph_image_name:
+ceph_image_format: 2
+ceph_image_size: 2T
+ceph_parameters:
+  - "--size {{ ceph_image_size }}"
+  - "--image-format {{ ceph_image_format }}"
+  - "--image-feature layering"
+
+...
diff --git a/roles/ceph-rbd/handlers/main.yml b/roles/ceph-rbd/handlers/main.yml
new file mode 100644
index 00000000..8d14e8ae
--- /dev/null
+++ b/roles/ceph-rbd/handlers/main.yml
@@ -0,0 +1,8 @@
+---
+
+- name: enable rbdmap service
+  systemd:
+    name: rbdmap
+    state: restarted
+
+...
diff --git a/roles/ceph-rbd/tasks/main.yml b/roles/ceph-rbd/tasks/main.yml
new file mode 100644
index 00000000..08498e83
--- /dev/null
+++ b/roles/ceph-rbd/tasks/main.yml
@@ -0,0 +1,52 @@
+---
+
+- name: install ceph
+  apt:
+    force_apt_get: true
+    install_recommends: false
+    name: "{{ ceph_packages }}"
+
+- name: ceph config
+  template:
+    src: ceph.conf.j2
+    dest: /etc/ceph/ceph.conf
+
+- name: ceph keyring
+  template:
+    src: ceph.client.user.keyring.j2
+    dest: /etc/ceph/ceph.client.{{ ceph_login }}.keyring
+    mode: 0600
+
+- name: check rbd image presence
+  when: inventory_hostname == play_hosts[0]
+  register: ceph_check_image
+  changed_when: ceph_check_image.stdout != ceph_image_name
+  command:
+    cmd: rbd -n client.{{ ceph_login }} list {{ ceph_pool_name }}
+
+- name: create rbd image
+  when:
+    - ceph_check_image.changed
+    - inventory_hostname == play_hosts[0]
+  command:
+    cmd: rbd -n client.{{ ceph_login }} create {{ ceph_pool_name }}/{{ ceph_image_name }} {% for param in ceph_parameters %}{{ param }} {% endfor %}
+
+- name: map rbd image to device
+  command:
+    cmd: rbd -n client.{{ ceph_login }} map {{ ceph_pool_name }}/{{ ceph_image_name }}
+    creates: /dev/rbd0
+
+- name: configure rbd map at boot
+  notify: restart rbdmap
+  lineinfile:
+    path: /etc/ceph/rbdmap
+    backup: true
+    line: "{{ ceph_pool_name }}/{{ ceph_image_name }} id={{ ceph_login }},keyring=/etc/ceph/ceph.client.{{ ceph_login }}.keyring"
+
+- name: enable rbdmap service
+  systemd:
+    name: rbdmap
+    enabled: true
+    state: started
+
+...
diff --git a/roles/ceph-rbd/templates/ceph.client.user.keyring.j2 b/roles/ceph-rbd/templates/ceph.client.user.keyring.j2
new file mode 100644
index 00000000..b46c78a1
--- /dev/null
+++ b/roles/ceph-rbd/templates/ceph.client.user.keyring.j2
@@ -0,0 +1,2 @@
+[client.{{ ceph_login }}]
+key = {{ ceph_password }}
diff --git a/roles/ceph-rbd/templates/ceph.conf.j2 b/roles/ceph-rbd/templates/ceph.conf.j2
new file mode 100644
index 00000000..998af581
--- /dev/null
+++ b/roles/ceph-rbd/templates/ceph.conf.j2
@@ -0,0 +1,2 @@
+[global]
+mon_host = {{ ceph_mon_hosts | join(',') }}
diff --git a/roles/ocfs2/defaults/main.yml b/roles/ocfs2/defaults/main.yml
new file mode 100644
index 00000000..961ab930
--- /dev/null
+++ b/roles/ocfs2/defaults/main.yml
@@ -0,0 +1,21 @@
+---
+
+ocfs2_packages:
+  - ocfs2-tools
+
+ocfs2_mount_path:
+ocfs2_mount_device:
+
+ocfs2_firewall_enabled: true
+ocfs2_ferm_rules_filename: ocfs2
+ocfs2_ferm_input_rules:
+  - saddr: "{{ play_hosts | map('extract', hostvars, ['ansible_default_ipv4', 'address']) | list }}"
+    proto:
+      - tcp
+      - udp
+    dport:
+      - 7777
+ocfs2_ferm_output_rules: []
+ocfs2_ferm_global_settings:
+
+...
diff --git a/roles/ocfs2/handlers/main.yml b/roles/ocfs2/handlers/main.yml
new file mode 100644
index 00000000..f8a7e915
--- /dev/null
+++ b/roles/ocfs2/handlers/main.yml
@@ -0,0 +1,8 @@
+---
+
+- name: restart o2cb
+  systemd:
+    name: o2cb
+    state: restarted
+
+...
diff --git a/roles/ocfs2/tasks/main.yml b/roles/ocfs2/tasks/main.yml
new file mode 100644
index 00000000..844a1b07
--- /dev/null
+++ b/roles/ocfs2/tasks/main.yml
@@ -0,0 +1,53 @@
+---
+
+- name: install packages
+  apt:
+    force_apt_get: true
+    install_recommends: false
+    name: "{{ ocfs2_packages }}"
+
+- name: configure cluster
+  notify: restart o2cb
+  template:
+    src: cluster.conf.j2
+    dest: /etc/ocfs2/cluster.conf
+
+- name: load at boot
+  notify: restart o2cb
+  replace:
+    path: /etc/default/o2cb
+    regexp: '^O2CB_ENABLED=.*$'
+    replace: 'O2CB_ENABLED=true'
+    backup: true
+
+- meta: flush_handlers
+
+- name: format mapped device
+  when: inventory_hostname == play_hosts[0]
+  filesystem:
+    fstype: ocfs2
+    opts: -T mail
+    dev: /dev/rbd0
+
+- name: mount mapped device
+  mount:
+    path: "{{ ocfs2_mount_path }}"
+    src: "{{ ocfs2_mount_device }}"
+    fstype: ocfs2
+    opts: _netdev,nointr,noatime
+    backup: true
+    state: mounted
+
+# FIREWALL
+
+- name: firewall
+  when: ocfs2_firewall_enabled
+  vars:
+    ferm_rules_filename: "{{ ocfs2_ferm_rules_filename }}"
+    ferm_input_rules: "{{ ocfs2_ferm_input_rules }}"
+    ferm_output_rules: "{{ ocfs2_ferm_output_rules }}"
+    ferm_global_settings: "{{ ocfs2_ferm_global_settings }}"
+  include_role:
+    name: ferm
+
+...
diff --git a/roles/ocfs2/templates/cluster.conf.j2 b/roles/ocfs2/templates/cluster.conf.j2
new file mode 100644
index 00000000..6fdcaab8
--- /dev/null
+++ b/roles/ocfs2/templates/cluster.conf.j2
@@ -0,0 +1,11 @@
+cluster:
+  node_count = {{ play_hosts | length }}
+  name = ocfs2
+{% for host in play_hosts %}
+node:
+  ip_port = 7777
+  ip_address = {{ hostvars[host]['ansible_default_ipv4']['address'] }}
+  number = {{ loop.index }}
+  name = {{ host }}
+  cluster = ocfs2
+{% endfor %}
-- 
GitLab