This repository has been archived by the owner on Sep 13, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
playbook.yml
117 lines (103 loc) · 2.88 KB
/
playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
# This assumes that admin has manually created the pool, but not necessarily
# the filesystem. For ~ RAID10 on 4 disks:
# for d in c d e f ; do parted /dev/sd${d} mklabel gpt ; done
# zpool create pool0 mirror /dev/sdc /dev/sdd
# zpool add pool0 mirror /dev/sde /dev/sdf
- hosts: nfs_servers
vars_files:
- vars.yml
tasks:
- name: install zfsutils-linux
apt:
name: zfsutils-linux
state: installed
become: true
- name: install nfs server packages
apt:
name: nfs-kernel-server
state: installed
become: true
- name: add mount path to /etc/exports
lineinfile:
path: /etc/exports
line: "{{ export_path }} {{ nfs_client_subnet }}(rw,sync,no_subtree_check,all_squash,anonuid={{ anonuid }},anongid={{ anongid }})"
register: exports_written
become: true
- name: create zfs filesystem
zfs:
name: "{{ zfs_dataset }}"
state: present
become: true
- name: gather zfs facts
zfs_facts:
dataset: "{{ zfs_dataset }}"
type: filesystem
become: true
- name: check if zfs dataset is mounted
fail:
msg: "{{ zfs_dataset }} not mounted"
with_items: "{{ ansible_zfs_datasets }}"
when: item.name == zfs_dataset and item.mounted != "yes"
become: true
- name: create mount path directory
file:
path: "{{ export_path }}"
state: directory
recurse: yes
become: true
- name: set permissions on /export
file:
path: /export
state: directory
recurse: yes
owner: "{{ anongid }}"
group: "{{ anongid }}"
mode: 0755
become: true
- name: export filesystem
command: /usr/sbin/exportfs -a
when: exports_written.changed
become: true
- hosts: nfs_clients
vars_files:
- vars.yml
tasks:
- name: install nfs client packages
apt:
name: nfs-common
state: installed
become: true
- name: create mount path
file:
path: "{{ mount_path }}"
state: directory
mode: 0755
become: true
- name: mount nfs filesystem
mount:
path: "{{ mount_path}}"
src: "{{ nfs_server_host }}:{{ export_path }}"
fstype: nfs
opts: "{{ mount_options }}"
state: mounted
become: true
- name: make /data
file:
state: directory
path: "{{ link_dirname }}"
become: true
- name: make symlink to /data/homes
file:
path: "{{ link_dirname }}/{{ link_basename }}"
src: "{{ mount_path }}"
state: link
become: true
# we are not using kerberos; may improve performance
- name: blacklist rpc gss kernel modules
kernel_blacklist:
name: "{{ item }}"
state: present
with_items:
- "rpcsec_gss_krb5"
- "auth_rpcgss"
become: true