# cat 45CSManagement.yml
- name: CloudStack Installation Playbook(Version 4.5)
hosts: all
#######################################################################################
# Vars
#
vars:
CSVersion:
- 4.5
MySQLPass:
- engine
CloudDBPass:
- engine
NTPServers:
- 0.uk.pool.ntp.org
- 1.uk.pool.ntp.org
- 2.uk.pool.ntp.org
- 3.uk.pool.ntp.org
CSMySQL:
MySQLRoot: root
CloudDBUser: cloud
CloudDBHost: localhost
MaxConnections: 700
BindAddress: 0.0.0.0
CSManagement:
ManagementIP: 10.15.33.153
SecondaryMount: /secondary
NFSHost: 10.15.33.2
NFSSecondaryShare: /home/exports
SysTemplateURLurl45: http://10.15.33.2/repo/systemvm64template-4.5-kvm.qcow2.bz2
SysTemplateURLhv: kvm
#######################################################################################
# Tasks
#
tasks:
#######################################################
# Fail if not ran on CentOS
# Delete or comment out to bypass.
#
- name: Check guest OS version
fail: msg="WARNING - CloudStack playbook written for CentOS (OS detected {{ ansible_distribution }})."
when: ansible_distribution != "CentOS"
tags:
- base
- mysql
- csmanagement
- csmanagementadd
- pip
#######################################################
# Configure Repository For PIP
#
- name: Copy To Destination
copy: src=templates/pipcache2.tar.gz dest=/root/pipcache2.tar.gz owner=root group=root mode=0644
tags:
- pipCopy
- pip
#######################################################
# Tar tar.gz to Destination place
#
- name: Tar Remotely
shell: tar xzvf /root/pipcache2.tar.gz
tags:
- pipUntar
- pip
#######################################################
# Configure CloudStack yum repo
#
- name: Configure CloudStack repo
template: src=templates/45CSC6Manage.repo.j2 dest=/etc/yum.repos.d/cloudstack.repo mode=0644
tags:
- base
- yumrepo
#######################################################
# Remove CentOS Repo
#
- name: Remove CentOS Repo
shell: mv -f /etc/yum.repos.d/CentOS-* /root/ 2>/dev/null
ignore_errors: yes
tags:
- base
- ClearCentOSRepo
#######################################################
# Re-make Repo Cache
#
- name: Re-generate the repository cache
shell: yum clean all && yum makecache
tags:
- base
- ReGenerateCache
#######################################################
# Configure NTP
#
- name: Install NTP
yum: name=ntp state=present
tags:
- ntp
- base
- name: Configure NTP file
template: src=templates/ntp.conf.j2 dest=/etc/ntp.conf
notify: restart ntp
tags:
- ntp
- base
- name: Start the NTP daemon
service: name=ntpd state=started enabled=true
tags:
- ntp
- base
#######################################################
# Configure Hosts
#
- name: Configure Hosts
# shell: ifconfig | awk -v MYHOST=$HOSTNAME '/inet addr/{print substr($2,6),"\t",MYHOST}'>>/etc/hosts
shell: ifconfig | awk -v MYHOST=`hostname --fqdn` '/inet addr/{print substr($2,6),"\t",MYHOST}'>>/etc/hosts
tags:
- ConfigureHosts
- base
#######################################################
# Configure Pre SElinux settings
#
- name: Before Set SELinux to permissive, install libselinux-python
yum: name=libselinux-python state=present
tags:
- beforeselinux
- base
#######################################################
# Configure SElinux settings
#
- name: Set SELinux to permissive
selinux: policy=targeted state=permissive
tags:
- selinux
- base
#######################################################
# Install additional RPMs: EPEL repo, python-pip
# (required for cloudmonkey), vim
#
- name: Install python-pip / vim
yum: name={{ item }} state=present
with_items:
- python-pip
- vim
tags:
- base
#######################################################
# Copy .my.cnf to destination
- name: copy .my.cnf file with root password credentials
template: src=templates/root/.my.cnf dest=/root/.my.cnf owner=root mode=0600
#- name: copy .my.cnf file with root password credentials
# template: src=templates/root/.my.cnf dest=/etc/my.cnf owner=root mode=0600
#######################################################
# Install and configure MySQL
#
- name: Install MySQL server
yum: name=mysql-server state=present
tags:
- mysql
- name: Install MySQL python module
yum: name=MySQL-python state=present
tags:
- mysql
#######################################################
# Append CloudStack specific settings to my.cnf
#
- name: Append CloudStack specific settings to my.cnf
lineinfile: dest=/etc/my.cnf
insertbefore="^\[mysqld_safe\]"
line="# CloudStack MySQL settings\\ninnodb_rollback_on_timeout=1\\ninnodb_lock_wait_timeout=600\\nmax_connections={{ CSMySQL.MaxConnections }}\\nlog-bin=mysql-bin\\nbinlog-format = \\'ROW\\'\\nbind-address={{ CSMySQL.BindAddress }}\\n"
state=present
tags:
- mysql
#######################################################
# Start MySQL
#
- name: Start the MySQL daemon
service: name=mysqld state=started enabled=true
tags:
- mysql
#######################################################
# mysql_secure_installation
#
- name: Remove anonymous MySQL user for {{ ansible_hostname }}
action: mysql_user user="" host="{{ ansible_hostname }}" state="absent"
tags:
- mysql
- securemysql
- name: Remove anonymous MySQL user for {{ ansible_fqdn }}
action: mysql_user user="" host="{{ ansible_fqdn }}" state="absent"
tags:
- mysql
- securemysql
- name: Remove anonymous MySQL user for localhost
action: mysql_user user="" state="absent"
tags:
- mysql
- securemysql
- name: Remove the MySQL test DB
action: mysql_db db=test state=absent
tags:
- mysql
- securemysql
- name: Secure MySQL installation / change root user password
mysql_user: login_user=root
login_password=''
name=root
password={{ MySQLPass | mandatory }}
priv=*.*:ALL,GRANT
host={{ item }}
with_items:
# - "{{ ansible_hostname }}"
# - "{{ ansible_fqdn }}"
# - 127.0.0.1
# - ::1
- localhost
tags:
- mysql
- securemysql
#######################################################
# Open iptables port 3306, use when MySQL on separate server
#
- name: Open MySQL tcp 3306
shell: iptables -A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
notify:
- save iptables
tags:
- mysql3306
########################################################
# Install CloudStack Management server
#
- name: Confirm CloudStack installation
debug: msg="Installing CloudStack {{ CSVersion | mandatory }}"
tags:
- csmanagement
- csmanagementadd
- name: Install CloudStack management server
yum: name=cloudstack-management state=present
tags:
- csmanagement
- csmanagementadd
#######################################################
# Install cloudmonkey
#
- name: Install CloudMonkey
shell: pip install --no-index --find-links /root/pipcache2 argparse && pip install --no-index --find-links /root/pipcache2 argcomplete && pip install --no-index --find-links /root/pipcache2 requests && pip install --no-index --find-links /root/pipcache2 argcomplete && pip install --no-index --find-links /root/pipcache2 prettytable && pip install --no-index --find-links /root/pipcache2 Pygments && pip install --no-index --find-links /root/pipcache2 cloudmonkey
tags:
- csmanagement
- csmanagementadd
- cloudmonkey
#######################################################
# Configure CloudStack DB
#
- name: Configure CloudStack database connectvity
shell: cloudstack-setup-databases {{ CSMySQL.CloudDBUser }}:{{ CloudDBPass | mandatory }}@{{ CSMySQL.CloudDBHost }} --deploy-as={{ CSMySQL.MySQLRoot }}:{{ MySQLPass | mandatory }} -i `ifconfig | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p'`>> /root/cs_dbinstall.out 2>&1
tags:
- csmanagement
#######################################################
# Configure CloudStack DB on additional management server
#
- name: Configure CloudStack database connectvity on additional management server
#shell: cloudstack-setup-databases {{ CSMySQL.CloudDBUser }}:{{ CloudDBPass | mandatory }}@{{ CSMySQL.CloudDBHost }} -i {{ CSManagement.ManagementIP }}>> /root/cs_dbinstall.out 2>&1
shell: cloudstack-setup-databases {{ CSMySQL.CloudDBUser }}:{{ CloudDBPass | mandatory }}@{{ CSMySQL.CloudDBHost }} -i `ifconfig | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p'`>> /root/cs_dbinstall.out 2>&1
tags:
- csmanagementadd
#######################################################
# Configure Management server
- name: Configure CloudStack management server
shell: cloudstack-setup-management >> /root/cs_mgmtinstall.out 2>&1
tags:
- csmanagement
- csmanagementadd
#######################################################
# Mount secondary NFS share and install system VM
# template. Check size of mounted folder before
# installation to ensure previous data not being
# overwritten.
#
- name: Mount NFS secondary storage
mount: name={{ CSManagement.SecondaryMount }} src={{ CSManagement.NFSHost }}:{{ CSManagement.NFSSecondaryShare}} fstype=nfs state=mounted
tags:
- csmanagement
- secstorage
- name: Check size of mounted secondary storage template folder
shell: du {{ CSManagement.SecondaryMount }}/template/ --max-depth=0 | awk '{print $1}'
register: TemplateFolderSize
tags:
- csmanagement
- secstorage
#######################################################
# Download and install CS45 system VM template
#
- name: Download CloudStack 4.5 system template
shell: /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt -m {{ CSManagement.SecondaryMount }} -u {{ CSManagement.SysTemplateURLurl45 }} -h {{ CSManagement.SysTemplateURLhv }} -F
tags:
- csmanagement
- secstorage
#######################################################
# Unmount NFS share
#
- name: Umount NFS secondary storage
mount: name={{ CSManagement.SecondaryMount }} src={{ CSManagement.NFSHost }}:{{ CSManagement.NFSSecondaryShare}} fstype=nfs state=absent
tags:
- csmanagement
- secstorage
#########################################################################################
# CloudStack handlers
#
handlers:
# NTP restart
- name: restart ntp
service: name=ntpd state=restarted
# Iptables restart
- name: restart iptables
service: name=iptables state=restarted
# Save iptables
- name: save iptables
shell: /sbin/service iptables save
notify: restart iptables
templates/45CSC6Manage.repo.j2:
# cat 45CSC6Manage.repo.j2
[cloudstack]
name=cloudstack
baseurl=http://10.15.33.2/repo/45CSC6Manage
enabled=1
gpgcheck=0
templates/ntp.conf.j2:
# cat ntp.conf.j2
# Ansible configured ntp.conf file.
# {{ ansible_managed }}
#
driftfile /var/lib/ntp/drift
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 ::1
{% for ntp_host in NTPServers %}
server {{ ntp_host }} iburst
{% endfor %}
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
disable monitor
templates/root/.my.cnf:
# cat root/.my.cnf
[client]
user=root
password=
[mysql]
user=root
password=
[mysqldump]
user=root
password=
[mysqldiff]
user=root
password=
Won't talk too much on Ansible playbooks, just continue for next chapter for deploying CS Agent.