You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

267 lines
6.5 KiB

---
- hosts: localhost
connection: local
gather_facts: False
####################
#
# run with
# ANSIBLE_HOST_KEY_CHECKING=False AWS_PROFILE=myaws ap aws.yml --ssh-common-args="-i /home/m/.ssh/myaws.pem"
#
####################
vars:
region: eu-west-1
VPC: vpc-c732c7a3
tasks:
- name: rules for my aws security group
ec2_group:
name: myaws
description: allow incomming traffic only from hetzner.osuv.de
region: "{{ region }}"
state: present
vpc_id: "{{ VPC }}"
rules:
- proto: all
rule_desc: hetzner.osuv.de
cidr_ip: "{{ lookup('dig', 'hetzner.osuv.de') }}/32"
- proto: all
rule_desc: internal traffic
cidr_ip: "172.0.0.0/8"
tags:
Name: myaws
- name: add workstation
ec2:
region: "{{ region }}"
keypair: myaws
group: myaws
instance_type: t3a.small
image: ami-0035184034468cd86 # fedora 30
wait: yes
vpc_subnet_id: subnet-41d30025 # eu-west-1c
assign_public_ip: yes
count: 1
instance_tags:
Name: ws
register: ws
- name: create 3 spot instances
ec2:
region: "{{ region }}"
spot_price: 0.0036
spot_wait_timeout: 60
keypair: myaws
group: myaws
instance_type: t3a.micro
image: ami-0035184034468cd86 # fedora 30
wait: yes
vpc_subnet_id: subnet-41d30025 # eu-west-1c
assign_public_ip: yes
count: 3
instance_tags:
Name: spot
register: ec2
- name: Wait for ws SSH to come up
wait_for:
host: "{{ item.public_ip }}"
port: 22
state: started
with_items: "{{ ws.instances }}"
- name: Wait for spot SSH to come up
wait_for:
host: "{{ item.public_ip }}"
port: 22
state: started
with_items: "{{ ec2.instances }}"
- name: add all instances to launched host group
add_host:
hostname: "{{ item.public_ip }}"
groupname: launched
with_items: "{{ ec2.instances }}"
- name: add ws instances to launched host group
add_host:
hostname: "{{ item.public_ip }}"
groupname: ws
with_items: "{{ ws.instances }}"
- name: add one spot instance to the seed host group
add_host:
hostname: "{{ ec2.instances[0].public_ip }}"
groupname: seed
- name: copy private ips for 2nd play
set_fact:
private_ips: "{{ private_ips | default([]) + [item.private_ip] }}"
with_items: "{{ ec2.instances }}"
- name: create glustefs ebs volumes
ec2_vol:
region: "{{ region }}"
instance: "{{ item.id }}"
volume_size: 5
device_name: /dev/sdf
with_items: "{{ ec2.instances }}"
############
#
# configure all
# spot instances
#
############
- name: Configure all instances
hosts: launched
become: True
user: fedora
gather_facts: False
tasks:
- name: bootstrap ansible usage by checking availabilty of python
raw: test -e /usr/bin/python || (ln -s /usr/bin/python3 /usr/bin/python)
- name: Create a xfs filesystem on /dev/nvme1n1
filesystem:
fstype: xfs
dev: /dev/nvme1n1
- name: Mount up xfs device
mount:
path: /mnt
src: /dev/nvme1n1
fstype: xfs
opts: noatime
state: present
- name: install glusterfs
dnf:
name: glusterfs-server
state: present
update_cache: yes
- name: start and enable glusterfs
systemd:
name: glusterd
state: started
enabled: yes
- name: Create directory on xfs mount ebs volume
file:
path: /mnt/vol1
state: directory
#############
#
# configure one
# spot instance as seed
#############
- name: setup gluster cluster
hosts: seed
become: True
user: fedora
gather_facts: False
tasks:
- name: Create a trusted storage pool
gluster_peer:
state: present
nodes: "{{ hostvars['localhost']['private_ips'] }}"
- name: create gluster volume
gluster_volume:
state: present
name: test1
bricks: /mnt/vol1
replicas: 3
force: yes
cluster: "{{ hostvars['localhost']['private_ips'] }}"
options:
{
performance.cache-size: 128MB,
write-behind: "off",
quick-read: "on",
}
run_once: true
- name: start gluster volume
gluster_volume:
state: started
name: test1
#############
#
# configure ws
#############
- name: setup ws
hosts: ws
become: True
user: fedora
gather_facts: False
tasks:
- name: bootstrap ansible usage by checking availabilty of python
raw: test -e /usr/bin/python || (ln -s /usr/bin/python3 /usr/bin/python)
- name: install packages
become: True
yum:
name: "{{ packages }}"
state: installed
vars:
packages:
- htop
- nano
- nmap
- screen
- git
- lsof
- docker
- ncdu
- nfs-utils
- glustefs-client
- name: install python packages
become: True
pip:
name: "{{ packages }}"
executable: pip-3.7
vars:
packages:
- ansible
- boto3
- boto
- awslogs
- mycli
- docker-py
- name: create directory for code-server
file:
path: /home/fedora/code-server
state: directory
- name: Download code server
unarchive:
src: https://github.com/cdr/code-server/releases/download/1.939-vsc1.33.1/code-server1.939-vsc1.33.1-linux-x64.tar.gz
dest: /home/fedora/code-server
remote_src: yes
# - name: apply code-server start on reboot
# cron:
# name: "apply code-server start on reboot"
# special_time: reboot
# job: "cd /home/fedora/code-server/code-server1.939-vsc1.33.1-linux-x64; nohup ./code-server /home/fedora/ --password=password </dev/null >/dev/null 2>&1 &"
# mount -t glusterfs 172.31.4.217:/test1 /oi
# Shrink and increase
# remove brick and change decr replica
# sudo gluster volume remove-brick test1 replica 2 172.31.5.97:/mnt/vol1 force
# detach peer
# sudo gluster peer detach 172.31.5.97
# add new peer
# sudo gluster peer probe 172.31.5.97
# add brick to new paar and incr replica
# sudo gluster volume add-brick test1 replica 3 172.31.5.97:/mnt/vol1 force