Merge pull request #50 from pneerincx/develop

Minor improvements.
rug-cit-hpc · Feb 6, 2019 · 5c1b0db · 5c1b0db
2 parents ddf69ab + fc60737
commit 5c1b0db
Show file tree

Hide file tree

Showing 6 changed files with 52 additions and 33 deletions.
diff --git a/cluster.yml b/cluster.yml
@@ -1,6 +1,11 @@
 ---
 - name: Sign host keys of all cluster hosts.
   hosts: all
+  pre_tasks:
+    - name: Verify Ansible version meets requirements.
+      assert:
+        that: "ansible_version.full | version_compare('2.4', '>=')"
+        msg: 'You must update Ansible to at least 2.4.x to use this playbook.'
   roles:
     - ssh_host_signer
     - ssh_known_hosts
@@ -82,3 +87,4 @@
      - nfs_home_client
 
 - import_playbook: users.yml
+...
diff --git a/roles/cluster/tasks/main.yml b/roles/cluster/tasks/main.yml
@@ -24,21 +24,22 @@
     state: latest
     update_cache: yes
     name:
+      - bzip2
       - curl
+      - figlet
       - git
       - git-core
+      - lsof
       - nano
       - ncdu
+      - ncurses-static
+      - readline-static
       - screen
+      - tcl-devel
       - telnet
       - tmux
       - tree
       - vim
-      - bzip2
-      - ncurses-static
-      - readline-static
-      - tcl-devel
-      - figlet
   tags:
     - software
 ...
diff --git a/roles/compute-vm/tasks/main.yml b/roles/compute-vm/tasks/main.yml
@@ -1,33 +1,36 @@
 ---
-- name: Make local mountpoint
+- name: Make /local mount point.
   file:
     path: "/local"
-    mode: 0777
+    mode: 0755
     state: directory
+    owner: root
+    group: root
 
-- name: "check mount point /local"
+- name: Check /local mount point.
   command: mountpoint /local
   register: mount_local
   failed_when: false
 
-- name: Create an ext4 filesystem on /dev/vdb
+- name: Create an ext4 filesystem on /dev/vdb.
   filesystem:
     fstype: ext4
     dev: /dev/vdb
   when:
     mount_local.rc == 1
 
-- name: Mount /dev/vdb on /local
+- name: Mount /dev/vdb on /local.
   mount:
     path: /local
     src: /dev/vdb
     fstype: ext4
     opts: rw,relatime
     state: present
 
-- name: mount all mountpoints in fstab
+- name: Mount all mountpoints from fstab.
   command: mount -a
   args:
     warn: false
   when:
     mount_local.rc == 1
+...
diff --git a/roles/spacewalk_client/handlers/main.yml b/roles/spacewalk_client/handlers/main.yml
@@ -0,0 +1,13 @@
+---
+#
+# Important: maintain correct handler order.
+# Handlers are executed in the order in which they are defined 
+# and not in the order in whch they are listed in a "notify: handler_name" statement!
+#
+- name: Restart spacewalk service.
+  service:
+    name: rhnsd
+    state: restarted
+  become: yes
+  listen: restart_rhnsd
+...
diff --git a/roles/spacewalk_client/tasks/main.yml b/roles/spacewalk_client/tasks/main.yml
@@ -13,11 +13,19 @@
      - rhnsd
      - m2crypto
      - yum-rhn-plugin
+  notify:
+    - restart_rhnsd
 
-- name: Restart spacewalk daemon.
+- name: Enable spacewalk service.
   systemd:
-   name: rhnsd.service
-   state: restarted
+    name: "{{ item }}"
+    enabled: yes
+  with_items:
+    - rhnsd.service
+  notify:
+    - restart_rhnsd
+
+- meta: flush_handlers
 
 - name: Register client at the spacewalk server.
   rhn_register:
@@ -32,12 +40,13 @@
   ignore_errors: yes
   no_log: True
 
-- name: Disable gpgcheck.
-  command: sed -i 's/gpgcheck = 1/gpgcheck = 0/g' /etc/yum/pluginconf.d/rhnplugin.conf
-  args:
-    warn: false
+- name: Disable gpgcheck for spacewalk repo.
+  lineinfile:
+    path: '/etc/yum/pluginconf.d/rhnplugin.conf'
+    regexp: '^gpgcheck = [0-9].*'
+    line: 'gpgcheck = 0'
 
-- name: Remove all current repo config files.
+- name: Remove all (non-spacewalk) repo config files from /etc/yum.repos.d/.
   shell: "rm -rf /etc/yum.repos.d/*"
   args:
     warn: false
@@ -52,3 +61,4 @@
   yum:
    name: '*'
    state: latest
+...
diff --git a/users.yml b/users.yml
@@ -8,26 +8,14 @@
 - name: Create local sysadmin accounts on all hosts.
   hosts: all
   become: True
-
   tasks:
-#
-# getent group is not usefull as it may fail with:
-#   The conditional check 'item in ansible_facts.getent_group' failed. 
-#   The error was: error while evaluating conditional (item in ansible_facts.getent_group): 'ansible_facts' is undefined
-# and the required groups are not created if they are missing...
-#
-#    - name: Determine available groups.
-#      getent:
-#        database: group
-
     - name: Check if required groups are present.
       group:
         name: "{{ item.name }}"
         state: present
       with_items:
         - name: admin
         - name: docker
-
     - name: Create local sys admin users and append them to relevant groups.
       user:
         name: "{{ item.name }}"
@@ -38,7 +26,6 @@
       with_items:
         - name: 'remco'
           comment: 'Remco Rohde'
-
     - name: Deploy authorized keys for admins.
       authorized_key:
         user: "{{ item.user }}"
@@ -70,7 +57,6 @@
           comment: 'Marieke Bijlsma'
         - name: 'pieter'
           comment: 'Pieter Neerincx'
-
     - name: Deploy authorized keys for admins.
       authorized_key:
         user: "{{ item.user }}"