blob: fc4da393eb6d3f96ac3f6fe5f207b4b3e1231821 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
---
- name: Install Ceph
hosts: swarm
become: true
tasks:
- name: Install Ceph
ansible.builtin.apt:
name:
- ceph-common
- ceph-fuse
state: present
# - name: Copy Ceph Secret
# ansible.builtin.copy:
# content: "{{ ceph_secret }}"
# dest: /etc/ceph/secret.key
# ceph config generate-minimal-conf
- name: Copy Ceph Configuration
ansible.builtin.copy:
content: "[global]\n fsid = {{ ceph_fsid }}\n mon_host = {{ ceph_mon_host }}\n"
dest: /etc/ceph/ceph.conf
mode: '0644'
# ceph fs authorize cephfs client.swarm / rw
- name: Copy Ceph Keyring
ansible.builtin.copy:
content: "[client.{{ ceph_client_name }}]\n key = {{ ceph_secret }}\n"
dest: "/etc/ceph/ceph.client.{{ ceph_client_name }}.keyring"
mode: '0600'
- name: Adjust ceph mount perms
ansible.builtin.file:
path: /mnt/ceph
owner: root
group: root
state: directory
recurse: true
- name: Mount Ceph on Boot
ansible.builtin.lineinfile:
path: /etc/fstab
regexp: ':/\s+/mnt\s+ceph'
line: "none /mnt/ceph fuse.ceph ceph.id={{ ceph_client_name }},_netdev,defaults 0 0"
create: true
mode: "0644"
- name: Mount ceph now
ansible.builtin.shell:
cmd: "mount -a"
- name: Adjust ceph mount perms for docker
ansible.builtin.file:
path: /mnt/ceph/docker
owner: root
group: docker
state: directory
recurse: true
- name: Initial docker swarm fw rules
hosts: swarm
become: true
tasks:
- name: Enable local swarm comms
loop: "{{ rfc1918_cgnat_networks }}"
community.general.ufw:
rule: allow
port: "2377"
from: "{{ item }}"
state: "enabled"
- name: Initial docker swarm init
hosts: swarm[0]
become: true
tasks:
- name: Check Docker Swarm status
ansible.builtin.shell: docker info --format '{{ "{{.Swarm.LocalNodeState}}" }}'
register: docker_swarm_status
changed_when: false
- name: Initialize Docker Swarm
ansible.builtin.shell:
cmd: docker swarm init --advertise-addr {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}
when: "'inactive' in docker_swarm_status.stdout"
register: swarm_init
changed_when: "'Swarm initialized' in swarm_init.stdout"
- name: Retrieve Docker Swarm manager token
ansible.builtin.shell: docker swarm join-token manager -q
register: manager_token
changed_when: false
- name: Join remaining managers to Docker Swarm
hosts: swarm:!swarm[0]
become: true
tasks:
- name: Check Docker Swarm status before attempting to join
ansible.builtin.shell: docker info --format '{{ "{{.Swarm.LocalNodeState}}" }}'
register: docker_swarm_status
changed_when: false
- name: Join Swarm as manager
ansible.builtin.shell:
cmd: docker swarm join --token {{ hostvars[groups['swarm'][0]]['manager_token'].stdout }} {{ hostvars[groups['swarm'][0]]['ansible_default_ipv4']['address'] }}:2377
when: hostvars[groups['swarm'][0]]['manager_token'].stdout is defined and docker_swarm_status.stdout != "active"
register: swarm_join
changed_when: "'This node joined a swarm as a manager' in swarm_join.stdout"
- name: Label Docker Swarm manager nodes
ansible.builtin.shell:
cmd: docker node update --label-add manager=true {{ ansible_hostname }}
when: swarm_join is changed
changed_when: false
|
