Joshua Boniface
4b0a4ae73c
Fix bad Ansible variable name
2023-09-01 15:42:26 -04:00
Joshua Boniface
a52d4cbf37
Add Zookeeper logging configs
2023-09-01 15:42:26 -04:00
Joshua Boniface
7bacbd5dd6
Don't fail if IPMI tasks fail
2023-09-01 15:42:26 -04:00
Joshua Boniface
eef0f959dd
Add GRUB, Plymouth themes and issue for PVC
2023-09-01 15:42:26 -04:00
Joshua Boniface
6d3e5ac728
Fix zkcli for good
2023-09-01 15:42:26 -04:00
Joshua Boniface
e760114b8d
Fix bootstrap collection path for Ceph
2023-09-01 15:42:26 -04:00
Joshua Boniface
bace67b8bf
Add GRUB configuration to Ansible role
2023-09-01 15:42:26 -04:00
Joshua Boniface
0802cca980
Support both versions of psycopg2 and kazoo
2023-09-01 15:42:26 -04:00
Joshua Boniface
31a677b444
Fix Patroni ACL to use subnet mask
2023-09-01 15:42:26 -04:00
Joshua Boniface
35089f6dda
Fix zkcli alias to use hostname
2023-09-01 15:42:26 -04:00
Joshua Boniface
9dc9139c35
Use short ansible_hostname in ipmi fragment
2023-09-01 15:42:26 -04:00
Joshua Boniface
329bc9690e
Add ipmitool to packages list
2023-09-01 15:42:26 -04:00
Joshua Boniface
a2ed38b459
Add generic SR-IOV configuration
2023-09-01 15:42:26 -04:00
Joshua Boniface
0fc889df32
Ensure we can connect to Patroni
2023-09-01 15:42:26 -04:00
Joshua Boniface
388db6ad1d
Use IPs for Patroni configuration
2023-09-01 15:42:26 -04:00
Joshua Boniface
d455b31905
Bump max connections in Zookeeper to 200
2023-09-01 15:42:26 -04:00
Joshua Boniface
f105f0497c
Configure Zookeeper only on Cluster address
2023-09-01 15:42:26 -04:00
Joshua Boniface
7e94dddb4c
Ensure libvirtd restarts when unit changes
2023-09-01 15:42:26 -04:00
Joshua Boniface
c9df64bc7d
Ensure deb-src is present for bullseye
2023-09-01 15:42:26 -04:00
Joshua Boniface
0bbb91fc8b
Add override custom libvirtd.service unit
...
This has no functional change on Buster, but on Bullseye this overrides
the stupid socket-based activation shenanigans that the default unit
tries to do, as well as the breaking replacement of the
/etc/default/libvirt variable names.
2023-09-01 15:42:26 -04:00
Joshua Boniface
3a67dc129b
Ensure DEBIAN_FRONTEND is noninteractive
2023-09-01 15:42:26 -04:00
Joshua Boniface
0114ad8ed5
Add python3 version of psycopg2 explicitly
2023-09-01 15:42:26 -04:00
Joshua Boniface
a548bdcc6a
Use inventory_hostname for IPMI dict
2023-09-01 15:42:26 -04:00
Joshua Boniface
6104e0a5a5
Use independent fact to work around codename
2023-09-01 15:42:26 -04:00
Joshua Boniface
5c46bb0db7
Ensure backup_keys isn't empty
2023-09-01 15:42:25 -04:00
Joshua Boniface
d69770b776
Avoid writing hosts if empty
2023-09-01 15:42:25 -04:00
Joshua Boniface
f4e49b9d3e
Ensure apt-update runs if configs update
2023-09-01 15:42:25 -04:00
Joshua Boniface
9438ab46d7
Add bullseye support
2023-09-01 15:42:25 -04:00
Joshua Boniface
dc83f91bd8
Add directory creation to backup script
2023-09-01 15:42:25 -04:00
Joshua Boniface
5466df7065
Add PostgreSQL to daily backup script
2023-09-01 15:42:25 -04:00
Joshua Boniface
c9742fe2e5
Update tags and fix backup keys to var
2023-09-01 15:42:25 -04:00
Joshua Boniface
7c7ca4a229
Allow inter-cluster orphan NTP sync
...
Due to the requirement of Ceph to have all peer nodes tightly
synchronized with each other to come online, PVC nodes need a way to
synchronize to each other even in the absence of an external time
reference. This is especially prevalent if a set of nodes are left
offline for an extended period (>1-2 weeks), since their hardware clocks
will drift. If the resulting Internet connectivity is then dependent on
a VM, this will cause a catch-22 and the cluster will not properly
start.
This configuration will accomplish that - if no suitable >6 stratum
peers are found, the hosts will enter orphan mode. Since they are now
all configured as "peers" with each other, they will collectively decide
on one of them to become the source and sync to it. A local stratum 10
fudge is added so that at least one of the nodes can become this source.
While this is not an ideal use of NTP, it is by far the cleanest
solution to this problem, and does not impact normal functionality when
the two configured stratum-2 servers are reachable.
2023-09-01 15:42:25 -04:00
Joshua Boniface
027a819a83
Move some other tasks to bootstrap role
...
Avoids an issue where the pvcnoded service is stopped on non-bootstrap
runs.
2023-09-01 15:42:25 -04:00
Joshua Boniface
e53342474c
Remove GRUB config from base role
...
This is not actually ideal.
2023-09-01 15:42:25 -04:00
Joshua Boniface
4666db17cb
Fix version sorting bugs in kernel-cleanup.sh
2023-09-01 15:42:25 -04:00
Joshua Boniface
6903627150
Add additional items to base role
...
Backups, GRUB configuration, and IPMI configuration.
2023-09-01 15:42:25 -04:00
Joshua Boniface
c96ad603b0
Fix sudoers to use conditional deploy_username
2023-09-01 15:42:25 -04:00
Joshua Boniface
29363ebf80
Allow configurable fail2ban IPs
2023-09-01 15:42:25 -04:00
Joshua Boniface
d9be39a048
Allow customization of deploy username
2023-09-01 15:42:25 -04:00
Joshua Boniface
4dc5ebdba0
Move to more dynamic apt configs
...
Allow specifying repository URLs in the group_vars, and add
release-specific template files to support future version changes.
2023-09-01 15:42:25 -04:00
Joshua Boniface
6a61f8f7bf
Update relative path to bootstrap files
2023-09-01 15:42:25 -04:00
Joshua Boniface
4caab67d03
Remove superfluous symlink
2023-09-01 15:42:25 -04:00
Joshua Boniface
57e5953fd1
Add sensible sorting of kernel removals
2023-09-01 15:42:25 -04:00
Joshua Boniface
2a72a826f5
Remove cruft and add mkpasswd setup
2023-09-01 15:42:25 -04:00
Joshua Boniface
bf02da693f
Correct bad indentation in base role
2023-09-01 15:42:25 -04:00
Joshua Boniface
39b8229c35
Add libguestfs-tools to libvirt role deps
2023-09-01 15:42:25 -04:00
Joshua Boniface
1f6cb077fa
Update tags and add kernel-cleanup script
2023-09-01 15:42:25 -04:00
Joshua Boniface
0bf9c6209c
Fix incorrect systemd enabling in Patroni
2023-09-01 15:42:25 -04:00
Joshua Boniface
c0dc6fad4e
Add some additional compression libraries
2023-09-01 15:42:25 -04:00
Joshua Boniface
a4be011884
Add local domain to resolver config
2023-09-01 15:42:25 -04:00
Joshua Boniface
4f5dbee8ee
Correct bugs during bootstrap
...
1. Ensure Zookeeper restarts and checks out successfully before
proceeding with other steps.
2. Make sure PVC itself doesn't start prematurely.
2023-09-01 15:42:25 -04:00
Joshua Boniface
26dbd082ef
Retry pgsql bootstrap startup 6 times
...
This will sometimes fail, so retry it several times
2023-09-01 15:42:25 -04:00
Joshua Boniface
e9f08ad100
Retry msgr2 enabling 6 times
...
This will sometimes fail, so retry it several times
2023-09-01 15:42:25 -04:00
Joshua Boniface
a77e41bf7c
Remove invalid timezone entries in postgres conf
2023-09-01 15:42:25 -04:00
Joshua Boniface
cba276e248
Add default values
2023-09-01 15:42:24 -04:00
Joshua Boniface
be94bc134f
Add configurable ZK memory limits
2023-09-01 15:42:24 -04:00
Joshua Boniface
6e74ac44a5
Remove libjemalloc package
2023-09-01 15:42:24 -04:00
Joshua Boniface
2bd5cc5a25
Tune Zookeeper memory usage
...
Use Xms and Xmx=128M to reduce overall Zookeeper memory usage.
2023-09-01 15:42:24 -04:00
Joshua Boniface
b4e36d146a
Add tuning for Ceph OSDs
2023-09-01 15:42:24 -04:00
Joshua Boniface
24764fe704
Don't use libjemalloc for Ceph daemons
...
This was an artifact of a much, much older Ceph configuration I ran, and
is not relevant with newer Ceph versions like those used in PVC.
Performance testing with Nautilus and Bluestore reveals a minimal
performance hit, and using `jemalloc` prevents cache autotuning from
being effective, so remove it.
2023-09-01 15:42:24 -04:00
Joshua Boniface
458e7b4872
Use new init command location
...
Command was renamed in the PVC CLI to facilitate other "task" actions
like backup/restore.
2023-09-01 15:42:24 -04:00
Joshua Boniface
bcb5962353
Add jute.maxbuffer to Zookeeper environment ops
...
Adds this option based on the findings of
https://github.com/python-zk/kazoo/issues/630 , whereby restores of >1MB
in size would fail. This is considered an unsafe option, but given our
usecase no actual znode should ever exceed this limit; this is purely
for the large transactions that come from a `pvc task restore` action to
an empty Zookeeper instance.
2023-09-01 15:42:24 -04:00
Joshua Boniface
075ce8ea22
Add PVC status MOTD script
2023-09-01 15:42:24 -04:00
Joshua Boniface
68a475ccf9
Set proper mode on agent plugins
2023-09-01 15:42:24 -04:00
Joshua Boniface
f86ec62416
Add check-mk-agent plugin installs
...
These are used by various Ansible tasks, even if the administrator is
not using Check_MK for monitoring.
2023-09-01 15:42:24 -04:00
Joshua Boniface
62d53b0c9c
Add PCI and USB utils
2023-09-01 15:42:24 -04:00
Joshua Boniface
f79fb605de
Support using existing SSL certs on system
...
Add the additional pvc_api_ssl_cert_path and pvc_api_ssl_key_path
group_vars options, which can be used to set the SSL details to existing
files on the filesystem if desired. If these are empty (or nonexistent),
the original pvc_api_ssl_cert and pvc_api_ssl_key raw format options
will be used as they were.
Allows the administrator to use outside methods (such as Let's Encrypt)
to obtain the certs locally on the system, avoiding changes to the
group_vars and redeployment to manage SSL keys.
2023-09-01 15:42:24 -04:00
Joshua Boniface
a8419be587
Use generic Debian repos and PVC component
2023-09-01 15:42:24 -04:00
Joshua Boniface
2caed2ae12
Rename remaining "pvc_prov" items to pvc_api
2023-09-01 15:42:24 -04:00
Joshua Boniface
2a2d318dbc
Change name of default API database
...
From pvcprov to pvcapi to reflect the changing use of this database.
2023-09-01 15:42:24 -04:00
Joshua Boniface
833d99a360
Add comments to defaults
2023-09-01 15:42:24 -04:00
Joshua Boniface
8109f13386
Add additional configuration to group_vars
...
Also include defaults and the new pvc_vm_shutdown_timeout option.
2023-09-01 15:42:24 -04:00
Joshua Boniface
72df058684
Ensure ZK prioritizes IPv4
2023-09-01 15:42:24 -04:00
Joshua Boniface
457e18a850
Use FQDN for Zookeeper server entries
2023-09-01 15:42:24 -04:00
Joshua Boniface
777a4693a1
Improve SSH configuration for nodes
...
Ensure hostbased auth works with configs, remove erroneous old
conditional for authtypes, remove obsolete config option.
2023-09-01 15:42:24 -04:00
Joshua Boniface
88209a2b70
Use Google DNS instead of Cloudflare
...
For some reason Cloudflare works in fewer places than Google, so just
use it instead.
2023-09-01 15:42:24 -04:00
Joshua Boniface
fbbf5ffe09
Use cluster_group variable for paths
...
Instead of trying to automagic this group out of the Ansible hostvars,
just make it explicitly defined in the group_vars to avoid any
confusion.
2023-09-01 15:42:23 -04:00
Joshua Boniface
a925e4bd40
Ignore errors in bringing up bootstrap interfaces
2023-09-01 15:42:23 -04:00
Joshua Boniface
e3ad750412
Add storage components to default pvcnoded.yaml
2023-09-01 15:42:23 -04:00
Joshua Boniface
715fa103cd
Ensure uuid-runtime is installed
2023-09-01 15:42:23 -04:00
Joshua Boniface
12d50cfca6
Use correct syntax for init command
2023-09-01 15:42:23 -04:00
Joshua Boniface
92ccc0a737
Use consistent naming in patroni.yml
2023-09-01 15:42:23 -04:00
Joshua Boniface
0566aadfb0
Remove obsolete issue-gen script on install
2023-09-01 15:42:23 -04:00
Joshua Boniface
c35c58389d
Use short names in PVC configs
2023-09-01 15:42:23 -04:00
Joshua Boniface
157c56fd46
Use shortname for Zookeeper
2023-09-01 15:42:23 -04:00
Joshua Boniface
7e653d52c3
Include upstream and short names in hosts
2023-09-01 15:42:23 -04:00
Joshua Boniface
6a3c32f306
Use local CLI command instead of API to init
2023-09-01 15:42:23 -04:00
Joshua Boniface
c71415317a
Use only short names in Ceph MON config
2023-09-01 15:42:23 -04:00
Joshua Boniface
52862f9daf
Fix conditional checks with inventory_hostname
2023-09-01 15:42:23 -04:00
Joshua Boniface
91313e848e
Handle bridge creation more sensibly
2023-09-01 15:42:23 -04:00
Joshua Boniface
6d3999eaab
Don't restart pvcd.service on bootstrap
2023-09-01 15:42:23 -04:00
Joshua Boniface
0d9e209b45
Allow deb migrations to be installed
2023-09-01 15:42:23 -04:00
Joshua Boniface
4b89aff1d8
Add symlink for pvc files dir
2023-09-01 15:42:23 -04:00
Joshua Boniface
8c15edd75c
Handle creation and collection on bootstrap better
2023-09-01 15:42:23 -04:00
Joshua Boniface
b4079cae88
Use new in-built database migrations in API
2023-09-01 15:42:23 -04:00
Joshua Boniface
0e5cb688dc
Use new package and file names
...
References parallelvirtualclient/pvc#79
2023-09-01 15:42:23 -04:00
Joshua Boniface
999e50a68f
Don't mess with upstream at all during bootstrap
...
This caused some major breakage and is not required.
2023-09-01 15:42:23 -04:00
Joshua Boniface
e7e7f2cc96
Don't remove nano
2023-09-01 15:42:22 -04:00
Joshua Boniface
42d76618e3
Modify add_cluster_ips to support new bridges
2023-09-01 15:42:22 -04:00
Joshua Boniface
32b719cb4a
Enable and start vhostmd service
2023-09-01 15:42:22 -04:00